class mail::tls {
  # TLS
  postfix::config { "smtpd_tls_cert_file":      value => '/etc/ssl/certs/cert.crt' }
  postfix::config { "smtpd_tls_key_file":       value => '/etc/ssl/private/cert.pem' }
  postfix::config { "smtpd_tls_CApath":         value => '/etc/ssl/certs' }
  postfix::config { "smtp_tls_CApath":          value => '/etc/ssl/certs' }
  postfix::config { "smtpd_tls_security_level": value => 'may' }
  postfix::config { "smtp_tls_security_level":  value => 'may' }

  $mail_virtual = lookup('mail::virtual', undef, undef, false)

  # SSL certificate
  #ssl::cert { "${::domain}":
  #  group    => 'postfix',
  #  privmode => '0640',
  #  main     => true,
  #  notify   => $mail_virtual ? {
  #    false   => Service['postfix'],
  #    default => Service['postfix', 'dovecot'],
  #  }
  #}
}