Add hack to allow external MTA to communicate with zimbra-kvm.

parent 69176344
...@@ -33,11 +33,11 @@ if not os.path.exists(disk_path): ...@@ -33,11 +33,11 @@ if not os.path.exists(disk_path):
disk_path, '%(disk_size)sG']) disk_path, '%(disk_size)sG'])
# Generate NAT rules # Generate NAT rules
nat_rules = ",".join("hostfwd=tcp:%(vnc_ip)s:%%s-:%%s" %% (port, port) for port in [25, 80, 110, 143, 443, 465, 587, 993, 995, 7071]) nat_rules = 'hostfwd=tcp:%(vnc_ip)s:2222-:22,hostfwd=tcp:%(vnc_ip)s:2525-:25,' + ','.join("hostfwd=tcp:%(vnc_ip)s:%%s-:%%s" %% (port, port) for port in [80, 110, 143, 443, 465, 587, 993, 995, 7071])
kvm_argument_list = ['%(qemu_path)s', kvm_argument_list = ['%(qemu_path)s',
'-enable-kvm', '-net', 'nic,macaddr=%(mac_address)s', '-enable-kvm', '-net', 'nic,macaddr=%(mac_address)s',
'-net', 'user,hostfwd=tcp:%(vnc_ip)s:2222-:22,%%s' %% nat_rules, '-net', 'user,%%s' %% nat_rules,
'-smp', '%(smp_count)s', '-smp', '%(smp_count)s',
'-m', '%(ram_size)s', '-m', '%(ram_size)s',
'-drive', 'file=%(disk_path)s,if=%(disk_type)s', '-drive', 'file=%(disk_path)s,if=%(disk_type)s',
......
...@@ -8,6 +8,7 @@ parts = ...@@ -8,6 +8,7 @@ parts =
certificate-authority certificate-authority
request-web-frontend request-web-frontend
kvm-promise kvm-promise
tunnel-ipv6-external-mta
tunnel-ipv6-kvm-https tunnel-ipv6-kvm-https
tunnel-ipv6-kvm-ssh tunnel-ipv6-kvm-ssh
tunnel-ipv6-kvm-zimbra-admin tunnel-ipv6-kvm-zimbra-admin
...@@ -110,7 +111,7 @@ recipe = slapos.cookbook:ipv6toipv4 ...@@ -110,7 +111,7 @@ recipe = slapos.cookbook:ipv6toipv4
ipv6 = $${slap-network-information:global-ipv6} ipv6 = $${slap-network-information:global-ipv6}
ipv6-port = 25 ipv6-port = 25
ipv4 = $${slap-network-information:local-ipv4} ipv4 = $${slap-network-information:local-ipv4}
ipv4-port = 25 ipv4-port = 2525
shell-path = ${dash:location}/bin/dash shell-path = ${dash:location}/bin/dash
6tunnel-path = ${6tunnel:location}/bin/6tunnel 6tunnel-path = ${6tunnel:location}/bin/6tunnel
runner-path = $${directory:services}/6tunnel-smtp runner-path = $${directory:services}/6tunnel-smtp
...@@ -226,7 +227,24 @@ slave = true ...@@ -226,7 +227,24 @@ slave = true
config = smtp-upstream-host smtp-upstream-port config = smtp-upstream-host smtp-upstream-port
config-smtp-upstream-host = $${tunnel-ipv6-kvm-smtp:ipv6} config-smtp-upstream-host = $${tunnel-ipv6-kvm-smtp:ipv6}
config-smtp-upstream-port = $${tunnel-ipv6-kvm-smtp:ipv6-port} config-smtp-upstream-port = $${tunnel-ipv6-kvm-smtp:ipv6-port}
return = listening-ipv4 return = listening-ipv4 listening-ipv6
# Qemu doesn't support IPv6 in user-mode network.
# It means: everything inside of the KVM can't connect to internet
# (ipv4 nor ipv6). all it can do is connect to local ipv4 of the host.
# Solution: tunnel ipv6 of an external MTA to local ipv4 so that guest
# inside of KVM can connect to it and use this address as external MTA relay.
[tunnel-ipv6-external-mta]
recipe = slapos.cookbook:ipv4toipv6
# XXX-TODO: do an automated request using slapos, don't enter it manually.
ipv6 = $${slap-parameter:relay-mta-ipv6}
ipv6-port = 25
ipv4 = $${slap-network-information:local-ipv4}
ipv4-port = 25
shell-path = ${dash:location}/bin/dash
6tunnel-path = ${6tunnel:location}/bin/6tunnel
runner-path = $${directory:services}/6tunnel-ipv6-external-mta
[publish-kvm-connection-information] [publish-kvm-connection-information]
recipe = slapos.cookbook:publish recipe = slapos.cookbook:publish
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment