]> git.openstreetmap.org Git - chef.git/blobdiff - roles/mail.rb
Temporarily disable geodns on stormfly-04 (pulls NS record)
[chef.git] / roles / mail.rb
index 5cdb8372fedeb86fcf75393c9558c282987cc46b..52c993568f5fd4ddc96dd7d4a1acf60ee283f9f5 100644 (file)
@@ -3,33 +3,72 @@ description "Role applied to all mail servers"
 
 default_attributes(
   :exim => {
-    :local_domains => [ "openstreetmap.org", "osm.org", "noreply.openstreetmap.org" ],
-    :daemon_smtp_ports => [ 25, 26 ],
+    :local_domains => [
+      "openstreetmap.org",
+      "osm.org",
+      "noreply.openstreetmap.org",
+      "openstreetmap.co.uk",
+      "openstreetmap.org.uk",
+      "openstreetmap.com",
+      "openstreetmap.io",
+      "openstreetmap.pro",
+      "openstreetmaps.org",
+      "osm.io"
+    ],
+    :daemon_smtp_ports => [25, 26],
+    :certificate_names => [
+      "mail.openstreetmap.org",
+      "a.mx.openstreetmap.org",
+      "a.mx.osm.org",
+      "a.mx.openstreetmap.com",
+      "a.mx.openstreetmap.io",
+      "a.mx.openstreetmap.pro",
+      "a.mx.openstreetmaps.org",
+      "a.mx.osm.io"
+    ],
+    :queue_run_max => 25,
+    :smtp_accept_max => 200,
     :smarthost_name => "mail.openstreetmap.org",
-    :smarthost_via => false,
-    :dns_blacklists => [ "sbl-xbl.spamhaus.org" ],
+    :smarthost_via => nil,
+    :dns_blacklists => ["zen.spamhaus.org!&0.255.255.0"],
     :routes => {
       :messages => {
         :comment => "messages.openstreetmap.org",
-        :domains => [ "messages.openstreetmap.org" ],
-        :host => [ "spike-01.openstreetmap.org", "spike-02.openstreetmap.org", "spike-03.openstreetmap.org" ]
+        :domains => ["messages.openstreetmap.org"],
+        :host => [
+          "spike-01.openstreetmap.org",
+          "spike-02.openstreetmap.org",
+          "spike-03.openstreetmap.org",
+          "spike-06.openstreetmap.org",
+          "spike-07.openstreetmap.org",
+          "spike-08.openstreetmap.org"
+        ]
       },
       :otrs => {
         :comment => "otrs.openstreetmap.org",
-        :domains => [ "otrs.openstreetmap.org" ],
-        :host => "ridley.ucl.openstreetmap.org"
+        :domains => ["otrs.openstreetmap.org"],
+        :host => "naga.dub.openstreetmap.org"
       },
-      :tickets => {
-        :comment => "tickets.openstreetmap.org",
-        :domains => [ "tickets.openstreetmap.org" ],
+      :join => {
+        :comment => "join.osmfoundation.org",
+        :domains => ["join.osmfoundation.org"],
         :host => "ridley.ucl.openstreetmap.org"
       },
-      :crm => {
-        :comment => "crm.osmfoundation.org",
-        :domains => [ "crm.osmfoundation.org" ],
+      :supporting => {
+        :comment => "supporting.openstreetmap.org",
+        :domains => ["supporting.openstreetmap.org"],
         :host => "ridley.ucl.openstreetmap.org"
+      },
+      :community => {
+        :comment => "community.openstreetmap.org",
+        :domains => ["community.openstreetmap.org"],
+        :host => "fume.dub.openstreetmap.org::2500"
       }
     },
+    :dkim_selectors => {
+      "openstreetmap.org" => "20200301",
+      "osmfoundation.org" => "20201112"
+    },
     :aliases => {
       "abuse" => "root",
       "postmaster" => "root",
@@ -37,8 +76,7 @@ default_attributes(
       "clamav" => "root",
       "rails" => "root",
       "trac" => "root",
-      "munin" => "root",
-      "thinkup" => "root",
+      "prometheus" => "root",
       "www-data" => "root",
       "osmbackup" => "root",
       "noreply" => "/dev/null",
@@ -54,23 +92,20 @@ default_attributes(
       "support" => "support@otrs.openstreetmap.org",
       "memorial" => "communication@osmfoundation.org",
       "legal" => "legal@osmfoundation.org",
-      "dmca" => "dmca@osmfoundation.org"
+      "dmca" => "dmca@osmfoundation.org",
+      "program-sotm" => "sotm-program@otrs.openstreetmap.org"
     },
     :private_aliases => "mail"
   },
-  :munin => {
-    :plugins => {
-      :exim_mailqueue => {
-        :mails => { 
-          :warning => 500,
-          :critical => 1000
-        }
-      }
+  :prometheus => {
+    :metrics => {
+      :exim_queue_limit => { :metric => 2500 }
     }
   }
 )
 
 run_list(
   "recipe[clamav]",
+  "recipe[exim]",
   "recipe[spamassassin]"
 )