Last active
December 18, 2018 17:11
-
-
Save mechamogera/dc82737a8a94ee00fd0e to your computer and use it in GitHub Desktop.
メール受信環境を構築するCloudFormationテンプレート
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "AWSTemplateFormatVersion" : "2010-09-09", | |
| "Description" : "Mail server for receiving", | |
| "Parameters" : { | |
| "MailServerDomain" : { | |
| "Type" : "String", | |
| "Default" : "mail.example.com", | |
| "Description" : "mail server domain" | |
| }, | |
| "MailDomain" : { | |
| "Type" : "String", | |
| "Default" : "example.com", | |
| "Description": "mail domain" | |
| }, | |
| "HostedZone" : { | |
| "Type" : "String", | |
| "Default" : "example.com", | |
| "Description" : "hosted zone" | |
| }, | |
| "KeyName" : { | |
| "Type" : "String", | |
| "Description" : "key name of mail server instance" | |
| }, | |
| "ToEmail" : { | |
| "Type" : "String", | |
| "Description" : "e-mail for forwarding(empty possible)" | |
| } | |
| }, | |
| "Mappings" : { | |
| "RegionMap" : { | |
| "ap-northeast-1" : { "PV" : "ami-21072820" }, | |
| "ap-southeast-1" : { "PV" : "ami-20e1c572" } | |
| } | |
| }, | |
| "Resources" : { | |
| "MailServerSG" : { | |
| "Type" : "AWS::EC2::SecurityGroup", | |
| "Properties" : { | |
| "GroupDescription" : "for mail server", | |
| "SecurityGroupIngress" : [{ | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "22", | |
| "ToPort" : "22", | |
| "CidrIp" : "0.0.0.0/0" | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "25", | |
| "ToPort" : "25", | |
| "CidrIp" : "0.0.0.0/0" | |
| }] | |
| } | |
| }, | |
| "MailServerInstance" : { | |
| "Type" : "AWS::EC2::Instance", | |
| "Properties" : { | |
| "ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "PV" ] }, | |
| "InstanceType" : "t1.micro", | |
| "KeyName" : { "Ref" : "KeyName" }, | |
| "SecurityGroupIds" : [ { "Fn::GetAtt" : [ "MailServerSG", "GroupId"] } ], | |
| "Tags" : [ { "Key" : "Name", "Value" : "MailServer" } ], | |
| "UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [ | |
| "#!/bin/bash -ex", "\n", | |
| "yum update -y", "\n", | |
| "yum install postfix -y", "\n", | |
| "cp /etc/postfix/main.cf{,.org}", "\n", | |
| "\n", | |
| "cat << CONFIG >> /etc/postfix/main.cf", "\n", | |
| "myhostname = ", { "Ref" : "MailServerDomain" }, "\n", | |
| "mydomain = ", { "Ref" : "MailDomain" }, "\n", | |
| "myorigin = \\$mydomain", "\n", | |
| "home_mailbox = Maildir/", "\n", | |
| "smtpd_banner = \\$myhostname ESMTP unknown", "\n", | |
| "smtpd_sasl_auth_enable = yes", "\n", | |
| "smtpd_sasl_local_domain = \\$myhostname", "\n", | |
| "smtpd_recipient_restrictions =", "\n", | |
| " permit_mynetworks", "\n", | |
| " permit_sasl_authenticated", "\n", | |
| " reject_unauth_destination", "\n", | |
| "\n", | |
| "message_size_limit = 10485760", "\n", | |
| "CONFIG", "\n", | |
| "\n", | |
| "sed -i -e 's/inet_interfaces = localhost/inet_interfaces = all/g' /etc/postfix/main.cf", "\n", | |
| "sed -i -e 's/inet_protocols = all/inet_protocols = ipv4/g' /etc/postfix/main.cf", "\n", | |
| "sed -i -e 's/mydestination = $myhostname, localhost.$mydomain, localhost$/mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain/g' /etc/postfix/main.cf", "\n", | |
| "sed -i -e 's/alias_maps = hash:\\/etc\\/aliases$/alias_maps = hash:\\/etc\\/aliases,regexp:\\/etc\\/postfix\\/aliases.reg/g' /etc/postfix/main.cf" , "\n", | |
| "\n", | |
| "echo '/^[^@]+(@.*)?$/ test' > /etc/postfix/aliases.reg", "\n", | |
| "\n", | |
| "/etc/rc.d/init.d/saslauthd start", "\n", | |
| "chkconfig saslauthd on", "\n", | |
| "/etc/rc.d/init.d/sendmail stop", "\n", | |
| "chkconfig sendmail off", "\n", | |
| "/usr/sbin/alternatives --set mta /usr/sbin/sendmail.postfix", "\n", | |
| "/etc/rc.d/init.d/postfix start", "\n", | |
| "chkconfig postfix on", "\n", | |
| "mkdir -p /etc/skel/Maildir/{new,cur,tmp}", "\n", | |
| "chmod -R 700 /etc/skel/Maildir/", "\n", | |
| "useradd test", "\n", | |
| "email=", { "Ref" : "ToEmail" }, "\n", | |
| "if [ -n \"$email\" ] ; then", "\n", | |
| " echo \"test: $email\" >> /etc/aliases", "\n", | |
| " newaliases", "\n", | |
| "fi", "\n", | |
| "" ]]}} | |
| } | |
| }, | |
| "MailServerRoute53Record" : { | |
| "Type" : "AWS::Route53::RecordSet", | |
| "Properties" : { | |
| "HostedZoneName" : { "Fn::Join" : ["", [{ "Ref" : "HostedZone" }, "."]] }, | |
| "Name" : { "Fn::Join" : ["", [{ "Ref" : "MailServerDomain" }, "."]] }, | |
| "Type" : "A", | |
| "Comment" : "for mail", | |
| "TTL" : "300", | |
| "ResourceRecords" : [ | |
| { "Fn::GetAtt" : [ "MailServerInstance", "PublicIp" ] } | |
| ] | |
| } | |
| }, | |
| "MailDomainRoute53Record" : { | |
| "Type" : "AWS::Route53::RecordSet", | |
| "Properties" : { | |
| "HostedZoneName" : { "Fn::Join" : ["", [{ "Ref" : "HostedZone" }, "."]] }, | |
| "Name" : { "Fn::Join" : ["", [{ "Ref" : "MailDomain" }, "."]] }, | |
| "Type" : "MX", | |
| "Comment" : "for mail", | |
| "TTL" : "300", | |
| "ResourceRecords" : [ | |
| { "Fn::Join" : ["", [ "10 ", { "Ref" : "MailServerDomain" }, "."]] } | |
| ] | |
| } | |
| } | |
| }, | |
| "Outputs" : { | |
| "MailServer" : { | |
| "Value" : { "Fn::GetAtt" : [ "MailServerInstance" , "PublicDnsName" ]}, | |
| "Description" : "Mail Server DNS" | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment