sleep 1
systemctl --quiet is-active NetworkManager.service
NM_RC=$?
-WAITED=0
+CYCLES_WAITED=0
while [ $NM_RC -ne 0 ]
do
+ if [ $CYCLES_WAITED -ge 10 ]
+ then
+ exit 1
+ fi
+ if [ $CYCLES_WAITED -eq 0 ]
+ then
+ echo -n "Waiting for NetworkManager"
+ fi
echo -n .
sleep 1
- WAITED=1
+ CYCLES_WAITED=$(( $CYCLES_WAITED + 1 ))
systemctl --quiet is-active NetworkManager.service
NM_RC=$?
done
-[ $WAITED -eq 1 ] && echo
+[ $CYCLES_WAITED -gt 0 ] && echo
-CONNECTIONS=$(nmcli --terse connection show | wc -l)
-while [ $CONNECTIONS -ne 1 ]
+# wait for one/the network connection to come up
+CONNECTION_DEVICES_UP=$(nmcli --terse connection show \
+ | grep --invert-match ':$' | wc -l)
+CYCLES_WAITED=0
+while [ $CONNECTION_DEVICES_UP -lt 1 ]
do
- echo "Number of connections: $CONNECTIONS" >&2
+ if [ $CYCLES_WAITED -ge 10 ]
+ then
+ nmcli connection show
+ exit 1
+ fi
+ if [ $CYCLES_WAITED -eq 0 ]
+ then
+ echo -n "Waiting for the network connection"
+ fi
+ echo -n .
sleep 1
- CONNECTIONS=$(nmcli --terse connection show | wc -l)
+ CYCLES_WAITED=$(( $CYCLES_WAITED + 1 ))
+ CONNECTION_DEVICES_UP=$(nmcli --terse connection show \
+ | grep --invert-match ':$' | wc -l)
done
+[ $CYCLES_WAITED -gt 0 ] && echo
-nmcli --terse connection show | grep ':$' >/dev/null
-ALL_CONNECTION_DEVICES_KNOWN=$?
-while [ $ALL_CONNECTION_DEVICES_KNOWN -eq 0 ]
-do
- echo "Not all connection devices are known yet" >&2
- sleep 1
- nmcli --terse connection show | grep ':$' >/dev/null
- ALL_CONNECTION_DEVICES_KNOWN=$?
-done
+CONNECTIONS=$(nmcli --terse connection show | wc -l)
+if [ $CONNECTIONS -ne 1 ]
+then
+ echo "Number of connections: $CONNECTIONS" >&2
+ exit 1
+fi
CONNECTION_LINE=$(nmcli --terse connection show)
CONNECTION_UUID=$(echo $CONNECTION_LINE | cut -f 2 -d ':')
CONNECTION_DEVICE=$(echo $CONNECTION_LINE | cut -f 4 -d ':')
+nmcli connection delete uuid "$CONNECTION_UUID"
+
nmcli connection add \
connection.autoconnect yes \
connection.id internal \
ipv6.method "manual" \
save yes
-nmcli connection delete uuid "$CONNECTION_UUID"
-
nmcli connection show
#
# The level below is what should be used with new (not upgrade) installs.
#
-compatibility_level = 2
+compatibility_level = 3.6
# SOFT BOUNCE
#
#
#myhostname = host.domain.tld
#myhostname = virtual.domain.tld
-myhostname = mx.in.useribm.hu
# The mydomain parameter specifies the local internet domain name.
# The default is to use $myhostname minus the first component.
#
# By default (mynetworks_style = subnet), Postfix "trusts" SMTP
# clients in the same IP subnetworks as the local machine.
-# On Linux, this does works correctly only with interfaces specified
+# On Linux, this works correctly only with interfaces specified
# with the "ifconfig" command.
#
# Specify "mynetworks_style = class" when Postfix should "trust" SMTP
# of listing the patterns here. Specify type:table for table-based lookups
# (the value on the table right-hand side is not used).
#
-#mynetworks = 168.100.189.0/28, 127.0.0.0/8
+#mynetworks = 168.100.3.0/28, 127.0.0.0/8
#mynetworks = $config_directory/mynetworks
#mynetworks = hash:/etc/postfix/network_table
mynetworks = 10.228.0.0/16, 192.168.42.0/24, 192.168.43.0/24
# >$config_directory/$process_name.$process_id.log & sleep 5
#
# Another possibility is to run gdb under a detached screen session.
-# To attach to the screen sesssion, su root and run "screen -r
+# To attach to the screen session, su root and run "screen -r
# <id_string>" where <id_string> uniquely matches one of the detached
# sessions (from "screen -list").
#
# readme_directory: The location of the Postfix README files.
#
readme_directory = /usr/share/doc/postfix/README_FILES
+
+# TLS CONFIGURATION
+#
+# Basic Postfix TLS configuration by default with self-signed certificate
+# for inbound SMTP and also opportunistic TLS for outbound SMTP.
+
+# The full pathname of a file with the Postfix SMTP server RSA certificate
+# in PEM format. Intermediate certificates should be included in general,
+# the server certificate first, then the issuing CA(s) (bottom-up order).
+#
+smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
+
+# The full pathname of a file with the Postfix SMTP server RSA private key
+# in PEM format. The private key must be accessible without a pass-phrase,
+# i.e. it must not be encrypted.
+#
+smtpd_tls_key_file = /etc/pki/tls/private/postfix.key
+
+# Announce STARTTLS support to remote SMTP clients, but do not require that
+# clients use TLS encryption (opportunistic TLS inbound).
+#
+smtpd_tls_security_level = may
+
+# Directory with PEM format Certification Authority certificates that the
+# Postfix SMTP client uses to verify a remote SMTP server certificate.
+#
+smtp_tls_CApath = /etc/pki/tls/certs
+
+# The full pathname of a file containing CA certificates of root CAs
+# trusted to sign either remote SMTP server certificates or intermediate CA
+# certificates.
+#
+smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
+
+# Use TLS if this is supported by the remote SMTP server, otherwise use
+# plaintext (opportunistic TLS outbound).
+#
+smtp_tls_security_level = may
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix
https://git.useribm.hu / user-lxc.git / commitdiff