diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2015-03-08 10:40:37 -0300 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2015-03-08 10:40:37 -0300 |
commit | 8af0ec91d981014055de4a1b872418ac1bc460f6 (patch) | |
tree | f4fe00836e990761ae53f481ff0c691a0dc67193 /manifests | |
parent | 3c207f9a435963a1aa590d219527a62082749b39 (diff) | |
download | puppet-mail-8af0ec91d981014055de4a1b872418ac1bc460f6.tar.gz puppet-mail-8af0ec91d981014055de4a1b872418ac1bc460f6.tar.bz2 |
OpenDKIM support
Diffstat (limited to 'manifests')
-rw-r--r-- | manifests/opendkim.pp | 82 | ||||
-rw-r--r-- | manifests/opendkim/key.pp | 18 | ||||
-rw-r--r-- | manifests/opendkim/packages.pp | 5 | ||||
-rw-r--r-- | manifests/system.pp | 4 |
4 files changed, 109 insertions, 0 deletions
diff --git a/manifests/opendkim.pp b/manifests/opendkim.pp new file mode 100644 index 0000000..2a60838 --- /dev/null +++ b/manifests/opendkim.pp @@ -0,0 +1,82 @@ +# Recipe from https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy +class mail::opendkim { + include mail::opendkim::packages + + file { '/etc/default/opendkim': + ensure => present, + owner => root, + group => root, + mode => 0644, + source => "puppet:///modules/mail/opendkim/default", + require => Package['opendkim'], + } + + file { '/etc/opendkim.conf': + ensure => present, + owner => root, + group => root, + mode => 0644, + source => [ "puppet:///modules/mail/opendkim/opendkim.conf", + "puppet:///modules/site_mail/opendkim/opendkim.conf" ], + require => Package['opendkim'], + } + + file { '/etc/opendkim': + ensure => directory, + owner => root, + group => root, + mode => 0644, + require => Package['opendkim'], + } + + file { '/etc/opendkim/keys': + ensure => directory, + owner => opendkim, + group => opendkim, + mode => 0750, + require => File['/etc/opendkim'], + } + + file { '/etc/opendkim/TrustedHosts': + ensure => present, + owner => root, + group => root, + mode => 0644, + source => [ "puppet:///modules/mail/opendkim/TrustedHosts", + "puppet:///modules/site_mail/opendkim/TrustedHosts" ], + require => File['/etc/opendkim'], + } + + file { '/etc/opendkim/KeyTable': + ensure => present, + owner => root, + group => root, + mode => 0644, + source => [ "puppet:///modules/mail/opendkim/KeyTable", + "puppet:///modules/site_mail/opendkim/KeyTable" ], + require => File['/etc/opendkim'], + } + + file { '/etc/opendkim/SigningTable': + ensure => present, + owner => root, + group => root, + mode => 0644, + source => [ "puppet:///modules/mail/opendkim/SigningTable", + "puppet:///modules/site_mail/opendkim/SigningTable" ], + require => File['/etc/opendkim'], + } + + service { 'opendkim' : + ensure => running, + enable => true, + require => [ Package['opendkim'], + File['/etc/default/opendkim', '/etc/opendkim.conf', + '/etc/opendkim/TrustedHosts', '/etc/opendkim/KeyTable', '/etc/opendkim/SigningTable' ], + } + + postfix::config { "milter_protocol": value => '2' } + postfix::config { "milter_default_action": value => 'accept' } + postfix::config { "osmtpd_milters": value => 'inet:localhost:12301' } + postfix::config { "non_smtpd_milters": value => 'inet:localhost:12301' } +} diff --git a/manifests/opendkim/key.pp b/manifests/opendkim/key.pp new file mode 100644 index 0000000..bd9dadb --- /dev/null +++ b/manifests/opendkim/key.pp @@ -0,0 +1,18 @@ +define mail::opendkim::key() { + file { "/etc/opendkim/keys/${name}" : + ensure => directory, + owner => 'opendkim', + group => 'opendkim', + mode => '0750', + require => File['/etc/opendkim/keys'], + } + + exec { "opendkim-genkey-${name}" + command => "opendkim-genkey -s mail -d ${name}", + cwd => "/etc/opendkim/keys/${name}", + user => root, + group => root, + creates => File["/etc/opendkim/keys/${name}/mail.private", "/etc/opendkim/keys/${name}/mail.txt" ], + require => [ File["/etc/opendkim/keys/${name}"], Package['opendkim-tools'] ], + } +} diff --git a/manifests/opendkim/packages.pp b/manifests/opendkim/packages.pp new file mode 100644 index 0000000..bcb577a --- /dev/null +++ b/manifests/opendkim/packages.pp @@ -0,0 +1,5 @@ +class mail::opendkim::packages { + package { [ 'opendkim', 'opendkim-tools' ]: + ensure => installed, + } +} diff --git a/manifests/system.pp b/manifests/system.pp index 89f50c6..ec17ac7 100644 --- a/manifests/system.pp +++ b/manifests/system.pp @@ -50,6 +50,10 @@ class mail::system( include mail::header_checks include mail::clamav include mail::spamassassin + include mail::opendkim + + # DKIM + mail::opendkim::key { "$domain": } # Default parameters include mail::firma::params |