#!/bin/bash

# Misc default variables.
export POSTFIX_SMTPD_BANNER=${POSTFIX_SMTPD_BANNER:-$myhostname ESMTP $mail_name ($mail_version)}

# Service default variables.
export POSTFIX_SUBMISSION_ENABLED=${POSTFIX_SUBMISSION_ENABLED:-yes}
export POSTFIX_SMTP_ENABLED=${POSTFIX_SMTP_ENABLED:-yes}
export POSTFIX_SMTPS_ENABLED=${POSTFIX_SMTPS_ENABLED:-yes}

# TLS default variables.
export POSTFIX_SMTPD_USE_TLS=${POSTFIX_SMTPD_USE_TLS:-no}
export POSTFIX_SMTPD_TLS_AUTH_ONLY=${POSTFIX_SMTPD_TLS_AUTH_ONLY:-yes}
export POSTFIX_SMTPD_TLS_CERT_FILE=${POSTFIX_SMTPD_TLS_CERT_FILE:-/etc/ssl/certs/ssl-cert-snakeoil.pem}
export POSTFIX_SMTPD_TLS_KEY_FILE=${POSTFIX_SMTPD_TLS_KEY_FILE:-/etc/ssl/private/ssl-cert-snakeoil.key}
export POSTFIX_SMTPD_TLS_SECURITY_LEVEL=${POSTFIX_SMTPD_TLS_SECURITY_LEVEL:-may}

export POSTFIX_SMTP_TLS_CAPATH=${POSTFIX_SMTP_TLS_CAPATH:-/etc/ssl/certs}
export POSTFIX_SMTP_TLS_SECURITY_LEVEL=${POSTFIX_SMTP_TLS_SECURITY_LEVEL:-encrypt}

# Hostname default variables.
export POSTFIX_MYHOSTNAME=${POSTFIX_MYHOSTNAME:-$(hostname --fqdn)}
export POSTFIX_MYDOMAIN=${POSTFIX_MYDOMAIN:-$(hostname --fqdn)}

# Allowed networks default variables.
export POSTFIX_MYNETWORKS=${POSTFIX_MYNETWORKS:-127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8}

# Network configuration default variables.
export POSTFIX_INET_INTERFACES=${POSTFIX_INET_INTERFACES:-all}
export POSTFIX_INET_PROTOCOLS=${POSTFIX_INET_PROTOCOLS:-all}

# DKIM milters default variables.
export POSTFIX_SMTPD_MILTERS=${POSTFIX_SMTPD_MILTERS:-}
export POSTFIX_NON_SMTPD_MILTERS=${POSTFIX_NON_SMTPD_MILTERS:-}

# Configuration templates.
gomplate -f config/main.cf.tpl > /etc/postfix/main.cf
gomplate -f config/master.cf.tpl > /etc/postfix/master.cf

# Move resolv conf to postfix spool in order to make postfix DNS lookups working.
cat /etc/resolv.conf >  /var/spool/postfix/etc/resolv.conf

postfix start-fg