Fix #495 opendkim hosts are ips only (#497)

renamed smart_host_clients to smtp_clients
radiasoft · May 2, 2024 · 4d3c6f3 · 4d3c6f3
1 parent c89578d
commit 4d3c6f3
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 13 deletions.
diff --git a/rsconf/component/opendkim.py b/rsconf/component/opendkim.py
@@ -22,7 +22,7 @@ def internal_build_compile(self):
             return
         self.buildt.require_component("postfix")
         self.append_root_bash("rsconf_yum_install opendkim")
-        z.pksetdefault(port=8891, smart_host_clients=[])
+        z.pksetdefault(port=8891, smtp_clients=[])
         z.update(
             external_ignore_list_f=_CONF_D.join("ExternalIgnoreList"),
             internal_hosts_f=_CONF_D.join("InternalHosts"),
@@ -169,16 +169,21 @@ def _named_compile(self, jc, z):
 
     def _trusted_hosts(self, jc, z):
         from rsconf import db
+        import socket
+
+        def _ip(name_or_ip):
+            if any(c.isalpha() for c in name_or_ip):
+                return socket.gethostbyname(name_or_ip)
+            return name_or_ip
 
         def _iter():
             n = self.buildt.get_component("network")
             for h in [
-                db.LOCAL_IP,
-                "localhost",
                 n.ip_for_this_host(),
                 n.unchecked_public_ip(),
-            ] + z.smart_host_clients:
-                if h is not None:
-                    yield h
+            ] + z.smtp_clients:
+                if h is not None and (h := _ip(h)):
+                    if h != db.LOCAL_IP:
+                        yield h
 
-        z._trusted_hosts = list(_iter())
+        z._trusted_hosts = ["localhost", db.LOCAL_IP] + sorted(set(_iter()))
diff --git a/rsconf/package_data/dev/db/000.yml.jinja b/rsconf/package_data/dev/db/000.yml.jinja
@@ -346,7 +346,7 @@ host:
           # - btest
           # - github_bkp
           # - dovecot
-        components: [ postfix, opendkim, nfs_server, mpi_worker, sirepo ]
+        components: [ postfix, nfs_server, mpi_worker, sirepo ]
         local_dirs:
           "/srv/home":
             mode: 0o700
@@ -484,6 +484,8 @@ host:
         num_servers: 64
         exports:
           /exports/foo: [ 10.10.10.0/24, localhost ]
+      opendkim:
+        smtp_clients: [ {{ master }} ]
       postfix:
         aliases:
           blackhole: /dev/null
@@ -512,6 +514,7 @@ host:
           - jupyterhub
           - jupyterhub_proxy
           - github_bkp
+          - opendkim
       sirepo:
         listen_any: True
         auth:

diff --git a/tests/pkcli/build1_data/1.in/db/000.yml b/tests/pkcli/build1_data/1.in/db/000.yml
@@ -541,7 +541,7 @@ host:
         exports:
           /exports/foo: [ 10.10.10.0/24, localhost ]
       opendkim:
-        smart_host_clients: [ v4.radia.run ]
+        smtp_clients: [ v4.radia.run ]
       postfix:
         postfix_base():
         # if you do not set this, you'll get to test the SLD matching:

diff --git a/tests/pkcli/build1_data/1.out/srv/host/v9.radia.run/etc/opendkim/ExternalIgnoreList b/tests/pkcli/build1_data/1.out/srv/host/v9.radia.run/etc/opendkim/ExternalIgnoreList
@@ -1,5 +1,5 @@
-127.0.0.1
 localhost
+127.0.0.1
+10.10.10.40
 10.10.10.90
 216.17.132.33
-v4.radia.run
diff --git a/tests/pkcli/build1_data/1.out/srv/host/v9.radia.run/etc/opendkim/InternalHosts b/tests/pkcli/build1_data/1.out/srv/host/v9.radia.run/etc/opendkim/InternalHosts
@@ -1,5 +1,5 @@
-127.0.0.1
 localhost
+127.0.0.1
+10.10.10.40
 10.10.10.90
 216.17.132.33
-v4.radia.run