# Recipe from https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy
class mail::opendkim {
  include mail::opendkim::packages

  file { '/etc/default/opendkim':
    ensure => present,
    owner  => root,
    group  => root,
    mode   => '0644',
    source => "puppet:///modules/mail/opendkim/default",
    require => Package['opendkim'],
    notify  => Service['opendkim'],
  }

  file { '/etc/opendkim.conf':
    ensure => present,
    owner  => root,
    group  => root,
    mode   => '0644',
    source => [ "puppet:///modules/site_mail/opendkim/opendkim.conf",
                "puppet:///modules/mail/opendkim/opendkim.conf" ],
    require => Package['opendkim'],
    notify  => Service['opendkim'],
  }

  file { '/etc/opendkim':
    ensure => directory,
    owner  => root,
    group  => root,
    mode   => '0644',
    require => Package['opendkim'],
  }

  file { '/etc/opendkim/keys':
    ensure => directory,
    owner  => opendkim,
    group  => opendkim,
    mode   => '0750',
    require => File['/etc/opendkim'],
  }

  file { '/etc/opendkim/TrustedHosts':
    ensure => present,
    owner  => root,
    group  => root,
    mode   => '0644',
    source => [ "puppet:///modules/site_mail/opendkim/TrustedHosts",
                "puppet:///modules/mail/opendkim/TrustedHosts" ],
    require => File['/etc/opendkim'],
    notify  => Service['opendkim'],
  }

  file { '/etc/opendkim/KeyTable':
    ensure => present,
    owner  => root,
    group  => root,
    mode   => '0644',
    source => [ "puppet:///modules/site_mail/opendkim/KeyTable",
                "puppet:///modules/mail/opendkim/KeyTable" ],
    require => File['/etc/opendkim'],
    notify  => Service['opendkim'],
  }

  file { '/etc/opendkim/SigningTable':
    ensure => present,
    owner  => root,
    group  => root,
    mode   => '0644',
    source => [ "puppet:///modules/site_mail/opendkim/SigningTable",
                "puppet:///modules/mail/opendkim/SigningTable" ],
    require => File['/etc/opendkim'],
    notify  => Service['opendkim'],
  }

  service { 'opendkim' :
    ensure    => running,
    enable    => true,
    require   => [ Package['opendkim'],
                   File['/etc/default/opendkim', '/etc/opendkim.conf',
                        '/etc/opendkim/TrustedHosts', '/etc/opendkim/KeyTable', '/etc/opendkim/SigningTable' ] ],
  }

  postfix::config { "milter_protocol":       value => '2' }
  postfix::config { "milter_default_action": value => 'accept' }
  postfix::config { "smtpd_milters":         value => 'inet:localhost:12301' }
  postfix::config { "non_smtpd_milters":     value => 'inet:localhost:12301' }
}