update..

2025-01-28 00:17:15 +01:00
parent 5fe32c6473
commit 1d7ebc52cd
6 changed files with 646 additions and 234 deletions
--- a/roles/modify-ipt-server/tasks/ipt-server.yml
+++ b/roles/modify-ipt-server/tasks/ipt-server.yml
@ -99,103 +99,67 @@
 # ===

 # ---
-# Add Prometheus Services
+# Add additional SMTP ports (OUT and IN)
 # ---

- name: Check if String 'prometheus_local_server_ips=..' is present
-  shell: grep -q -E "^prometheus_local_server_ips=" /etc/ipt-firewall/main_ipv4.conf
-  register: prometheus_local_server_ips_ipv4_present
+- name: Check if String 'smtpd_additional_listen_ports=..' is present
+  shell: grep -q -E "^smtpd_additional_listen_ports=" /etc/ipt-firewall/main_ipv4.conf
+  register: smtpd_additional_listen_ports_ipv4_present
  when: main_ipv4_exists.stat.exists
-  failed_when: "prometheus_local_server_ips_ipv4_present.rc > 1"
-  changed_when: "prometheus_local_server_ips_ipv4_present.rc > 0"
+  failed_when: "smtpd_additional_listen_ports_ipv4_present.rc > 1"
+  changed_when: "smtpd_additional_listen_ports_ipv4_present.rc > 0"

- name: Adjust file '/etc/ipt-firewall/main_ipv4.conf' (prometheus_local_server_ips)
+- name: Adjust file '/etc/ipt-firewall/main_ipv4.conf' (smtpd_additional_listen_ports)
  blockinfile:
    path: /etc/ipt-firewall/main_ipv4.conf
-    insertafter: '^#?\s*tftp_server_ips'
+    insertafter: '^#?\s*forward_smtpd_ips'
    block: |
+      # Additional Ports on which SMTP Service should lsiten
+      #
+      # blank separated list of ports
+      #
+      smtpd_additional_listen_ports=""

-      # - Prometheus Monitoring - local Server
-      # -
-      # - blank separated list of IPv4 addresses
-      # -
-      prometheus_local_server_ips=""
-
-      # - (Remote) prometheus ports
-      # -
-      # - !! comma separated list of ports
-      # -
-      prometheus_remote_client_ports="$standard_prometheus_ports"
-
-
-      # - Prometheus Monitoring - local Client
-      # -
-      # - blank separated list of IPv4 addresses
-      # -
-      prometheus_local_client_ips=""
-
-      # - Local prometheus ports
-      # -
-      # - !! comma separated list of ports
-      # -
-      prometheus_local_client_ports="$standard_prometheus_ports"
-
-      # - blank separated list of IPv4 addresses
-      # -
-      prometheus_remote_server_ips=""
-    marker: "# Marker set by modify-ipt-server.yml (prometheus_local_server_ips)"
+      # Additional Ports for outgoing smtp traffic
+      #
+      # blank separated list of ports
+      #
+      smtpd_additional_outgoung_ports=""
+    marker: "# Marker set by modify-ipt-server.yml (smtpd_additional_listen_ports)"
  when:
    - main_ipv4_exists.stat.exists
-    - prometheus_local_server_ips_ipv4_present is changed
+    - smtpd_additional_listen_ports_ipv4_present is changed
  notify:
    - Restart IPv4 Firewall


- name: Check if String 'prometheus_local_server_ips=..' is present
-  shell: grep -q -E "^prometheus_local_server_ips=" /etc/ipt-firewall/main_ipv6.conf
-  register: prometheus_local_server_ips_ipv6_present
+- name: Check if String 'smtpd_additional_listen_ports=..' is present
+  shell: grep -q -E "^smtpd_additional_listen_ports=" /etc/ipt-firewall/main_ipv6.conf
+  register: smtpd_additional_listen_ports_ipv6_present
  when: main_ipv6_exists.stat.exists
-  failed_when: "prometheus_local_server_ips_ipv6_present.rc > 1"
-  changed_when: "prometheus_local_server_ips_ipv6_present.rc > 0"
+  failed_when: "smtpd_additional_listen_ports_ipv6_present.rc > 1"
+  changed_when: "smtpd_additional_listen_ports_ipv6_present.rc > 0"

- name: Adjust file '/etc/ipt-firewall/main_ipv6.conf' (prometheus_local_server_ips)
+- name: Adjust file '/etc/ipt-firewall/main_ipv6.conf' (smtpd_additional_listen_ports)
  blockinfile:
    path: /etc/ipt-firewall/main_ipv6.conf
-    insertafter: '^#?\s*tftp_server_ips'
+    insertafter: '^#?\s*forward_smtpd_ips'
    block: |
+      # Additional Ports on which SMTP Service should lsiten
+      #
+      # blank separated list of ports
+      #
+      smtpd_additional_listen_ports=""

-      # - Prometheus Monitoring - local Server
-      # -
-      # - blank separated list of IPv6 addresses
-      # -
-      prometheus_local_server_ips=""
-
-      # - (Remote) prometheus ports
-      # -
-      # - !! comma separated list of ports
-      # -
-      prometheus_remote_client_ports="$standard_prometheus_ports"
-
-
-      # - Prometheus Monitoring - local Client
-      # -
-      # - blank separated list of IPv6 addresses
-      # -
-      prometheus_local_client_ips=""
-
-      # - Local prometheus ports
-      # -
-      # - !! comma separated list of ports
-      # -
-      prometheus_local_client_ports="$standard_prometheus_ports"
-
-      # - blank separated list of IPv6 addresses
-      # -
-      prometheus_remote_server_ips=""
-    marker: "# Marker set by modify-ipt-server.yml (prometheus_local_server_ips)"
+      # Additional Ports for outgoing smtp traffic
+      #
+      # blank separated list of ports
+      #
+      smtpd_additional_outgoung_ports=""
+    marker: "# Marker set by modify-ipt-server.yml (smtpd_additional_listen_ports)"
  when:
    - main_ipv6_exists.stat.exists
-    - prometheus_local_server_ips_ipv6_present is changed
+    - smtpd_additional_listen_ports_ipv6_present is changed
  notify:
    - Restart IPv6 Firewall