Otherwise our staging environment is always sending mad failed login attempts to Google's SMTP servers, which is not a big deal but not really cool either.
2015 Oct 29 08:51:53 mon-staging->/var/log/syslog
Rule: 3332 (level 5) -> 'Postfix SASL authentication failure.'
Oct 29 08:51:52 mon-staging postfix/smtp[9162]: 673B861261: to=<[email protected]>, relay=smtp.gmail.com[173.194.79.109]:587, delay=4689, delays=4688/0.02/1.1/0, dsn=4.7.8, status=deferred (SASL authentication failed; server smtp.gmail.com[173.194.79.109] said: 535-5.7.8 Username and Password not accepted. Learn more at?535 5.7.8 https://support.google.com/mail/answer/14257 b6sm906450pbu.90 - gsmtp)
I'm inclined to agree here. For testing OSSEC notifications, the prod VMs are more appropriate, and there's no sense hammering away at an external machine with credentials we know don't work.
Will require changes to the spec tests, as well, so let's block on this until we have the playbooks reorganized to use groups, in which case the "staging" hosts will be much clearer and easier to configure specially.
The cleanest solution here would be a group_var disable_postfix: false that can be overridden only on the staging hosts. Serverspec tests will need to be yanked around a bit as well.
As with #1704, I'm making this change manually quite frequently while testing in local VMs, so assigning to myself for resolution. (Specifically I'm testing #2152 right now.)
Most helpful comment
As with #1704, I'm making this change manually quite frequently while testing in local VMs, so assigning to myself for resolution. (Specifically I'm testing #2152 right now.)