Merge branch 'master' of git://gaffer.ptitcanardnoir.org/puppet-module-postfix into reviewreview

4 files changed, 113 insertions, 6 deletions

diff --git a/manifests/classes/postfix-amavis.pp b/manifests/classes/postfix-amavis.pp
new file mode 100644
index 0000000..7e17836
--- /dev/null
+++ b/manifests/classes/postfix-amavis.pp
@@ -0,0 +1,6 @@
+class postfix::amavis {
+  include amavisd-new
+  postfix::config {
+    "content_filter": value => "amavis:[127.0.0.1]:10024";
+  }
+}
diff --git a/manifests/classes/postfix-mta.pp b/manifests/classes/postfix-mta.pp
index 16b1981..c36c0bc 100644
--- a/manifests/classes/postfix-mta.pp
+++ b/manifests/classes/postfix-mta.pp
@@ -32,9 +32,9 @@
 #
 class postfix::mta {
 
-  case $postfix_relayhost {
-    "":   { fail("Required \$postfix_relayhost variable is not defined.") }
-  }
+  #case $postfix_relayhost {
+  #  "":   { fail("Required \$postfix_relayhost variable is not defined.") }
+  #}
 
   case $postfix_mydestination {
     "": { $postfix_mydestination = "\$myorigin" }
diff --git a/manifests/classes/postfix-tlspolicy.pp b/manifests/classes/postfix-tlspolicy.pp
new file mode 100644
index 0000000..30b1f58
--- /dev/null
+++ b/manifests/classes/postfix-tlspolicy.pp
@@ -0,0 +1,68 @@
+#
+# == Class: postfix::tlspolicy
+#
+# Manages Postfix TLS policy by merging policy snippets shipped:
+# - in the module's files/tls_policy.d/
+# - via postfix::tlspolicy_snippet defines
+#
+# Parameters:
+# - $postfix_tls_fingerprint_digest (defaults to sha1)
+#
+# Example usage:
+# 
+#   node "toto.example.com" {
+#     $postfix_manage_tls_policy = yes
+#     include postfix
+#   }
+#
+class postfix::tlspolicy {
+
+  # Default value for parameters
+  case $postfix_tls_fingerprint_digest {
+    "": { $postfix_tls_fingerprint_digest = 'sha1' }
+  }
+
+  include common::moduledir
+  module_dir{'postfix/tls_policy': }
+
+  $postfix_tlspolicy_dir          = "${common::moduledir::module_dir_path}/postfix/tls_policy"
+  $postfix_tlspolicy_snippets_dir = "${postfix_tlspolicy_dir}/tls_policy.d"
+  $postfix_merged_tlspolicy       = "${postfix_tlspolicy_dir}/merged_tls_policy"
+
+  file {"$postfix_tlspolicy_snippets_dir":
+    ensure  => 'directory',
+    owner   => 'root',
+    group   => '0',
+    mode    => '700',
+    source  => [
+                "puppet:///modules/site-postfix/${fqdn}/tls_policy.d",
+                "puppet:///modules/site-postfix/tls_policy.d",
+                "puppet:///modules/postfix/tls_policy.d"
+               ],
+    recurse => true,
+    purge   => false,
+  }
+
+  concatenated_file { "$postfix_merged_tlspolicy":
+    dir     => "${postfix_tlspolicy_snippets_dir}",
+    require => File["$postfix_tlspolicy_snippets_dir"],
+  }
+
+  postfix::hash { '/etc/postfix/tls_policy':
+    source    => "$postfix_merged_tlspolicy",
+    subscribe => File["$postfix_merged_tlspolicy"],
+  }
+
+  postfix::config {
+    'smtp_tls_fingerprint_digest': value => "$postfix_tls_fingerprint_digest";
+  }
+
+  postfix::config { 'smtp_tls_policy_maps':
+    value   => 'hash:/etc/postfix/tls_policy',
+    require => [
+                Postfix::Hash['/etc/postfix/tls_policy'],
+                Postfix::Config['smtp_tls_fingerprint_digest'],
+               ],
+  }
+
+}
diff --git a/manifests/classes/postfix.pp b/manifests/classes/postfix.pp
index 1d60a57..588bfc8 100644
--- a/manifests/classes/postfix.pp
+++ b/manifests/classes/postfix.pp
@@ -5,13 +5,13 @@
 # delivery and an SMTP server listening on the loopback interface.
 #
 # Parameters:
-# - *$postfix_ng_smtp_listen*: address on which the smtp service will listen to. defaults to 127.0.0.1
+# - *$postfix_smtp_listen*: address on which the smtp service will listen to. defaults to 127.0.0.1
 # - *$root_mail_recipient*: who will recieve root's emails. defaults to "nobody"
 #
 # Example usage:
 #
 #   node "toto.example.com" {
-#     $postfix_ng_smtp_listen = "192.168.1.10"
+#     $postfix_smtp_listen = "192.168.1.10"
 #     include postfix
 #   }
 #
@@ -40,12 +40,45 @@ class postfix {
   case $root_mail_recipient {
     "":   { $root_mail_recipient = "nobody" }
   }
+  case $postfix_manage_tls_policy {
+    "":   { $postfix_manage_tls_policy = "no" }
+  }
+  case $postfix_use_amavisd {
+    "":   { $postfix_use_amavisd = "no" }
+  }
+  case $postfix_use_dovecot_lda {
+    "":   { $postfix_use_dovecot_lda = "no" }
+  }
+  case $postfix_use_schleuder {
+    "":   { $postfix_use_schleuder = "no" }
+  }
+  case $postfix_use_sympa {
+    "":   { $postfix_use_sympa = "no" }
+  }
+  case $postfix_mastercf_tail {
+    "":   { $postfix_mastercf_tail = "" }
+  }
 
+  # Bootstrap moduledir
+  include common::moduledir
+  module_dir{'postfix': }
+
+  # Include optional classes
+  if $postfix_manage_tls_policy == 'yes' {
+    include postfix::tlspolicy
+  }
+  if $postfix_use_amavisd == 'yes' {
+    include postfix::amavis
+  }
 
   package { ["postfix", "mailx"]:
     ensure => installed
   }
 
+  if $operatingsystem == 'debian' {
+    Package[mailx] { name => 'bsd-mailx' }
+  }
+
   service { "postfix":
     ensure  => running,
     require => Package["postfix"],
@@ -83,7 +116,7 @@ class postfix {
     content => $operatingsystem ? {
       Redhat => template("postfix/master.cf.redhat5.erb"),
       CentOS => template("postfix/master.cf.redhat5.erb"),
-      Debian => template("postfix/master.cf.debian-etch.erb"),
+      Debian => template("postfix/master.cf.debian-$lsbdistcodename.erb"),
       Ubuntu => template("postfix/master.cf.debian-etch.erb"),
     },
     seltype => $postfix_seltype,