diff options
| -rw-r--r-- | manifests/classes/postfix-mailman.pp | 2 | ||||
| -rw-r--r-- | manifests/classes/postfix-mta.pp | 4 | ||||
| -rw-r--r-- | manifests/classes/postfix.pp | 19 | ||||
| -rw-r--r-- | manifests/definitions/hash.pp | 36 | ||||
| -rw-r--r-- | manifests/definitions/mailalias.pp | 32 | ||||
| -rw-r--r-- | templates/master.cf.debian-etch.erb | 64 | ||||
| -rw-r--r-- | templates/master.cf.redhat5.erb | 2 |
7 files changed, 107 insertions, 52 deletions
diff --git a/manifests/classes/postfix-mailman.pp b/manifests/classes/postfix-mailman.pp index c6c7981..cba0848 100644 --- a/manifests/classes/postfix-mailman.pp +++ b/manifests/classes/postfix-mailman.pp @@ -15,7 +15,7 @@ # } # class postfix::mailman { - $postfix_ng_smtp_listen = "0.0.0.0" + $postfix_smtp_listen = "0.0.0.0" include postfix postfix::config { diff --git a/manifests/classes/postfix-mta.pp b/manifests/classes/postfix-mta.pp index ff94c91..c36c0bc 100644 --- a/manifests/classes/postfix-mta.pp +++ b/manifests/classes/postfix-mta.pp @@ -2,7 +2,7 @@ # == Class: postfix::mta # # This class configures a minimal MTA, listening on -# $postfix_ng_smtp_listen (default to localhost) and delivering mail to +# $postfix_smtp_listen (default to localhost) and delivering mail to # $postfix_mydestination (default to $fqdn). # # A valid relay host is required ($postfix_relayhost) for outbound email. @@ -19,7 +19,7 @@ # # node "toto.example.com" { # $postfix_relayhost = "mail.example.com" -# $postfix_ng_smtp_listen = "0.0.0.0" +# $postfix_smtp_listen = "0.0.0.0" # $postfix_mydestination = "\$myorigin, myapp.example.com" # # include postfix::mta diff --git a/manifests/classes/postfix.pp b/manifests/classes/postfix.pp index a413664..36089a6 100644 --- a/manifests/classes/postfix.pp +++ b/manifests/classes/postfix.pp @@ -20,7 +20,7 @@ class postfix { # selinux labels differ from one distribution to another case $operatingsystem { - RedHat: { + RedHat, CentOS: { case $lsbmajdistrelease { "4": { $postfix_seltype = "etc_t" } "5": { $postfix_seltype = "postfix_etc_t" } @@ -34,8 +34,8 @@ class postfix { } # Default value for various options - case $postfix_ng_smtp_listen { - "": { $postfix_ng_smtp_listen = "127.0.0.1" } + case $postfix_smtp_listen { + "": { $postfix_smtp_listen = "127.0.0.1" } } case $root_mail_recipient { "": { $root_mail_recipient = "nobody" } @@ -85,10 +85,13 @@ class postfix { file { "/etc/postfix/master.cf": ensure => present, owner => "root", + group => "root", mode => "0644", content => $operatingsystem ? { Redhat => template("postfix/master.cf.redhat5.erb"), - Debian,Ubuntu => template("postfix/master.cf.debian-etch.erb"), + CentOS => template("postfix/master.cf.redhat5.erb"), + Debian => template("postfix/master.cf.debian-etch.erb"), + Ubuntu => template("postfix/master.cf.debian-etch.erb"), }, seltype => $postfix_seltype, notify => Service["postfix"], @@ -99,8 +102,9 @@ class postfix { file { "/etc/postfix/main.cf": ensure => present, owner => "root", + group => "root", mode => "0644", - source => "puppet:///postfix/main.cf", + source => "puppet:///modules/postfix/main.cf", replace => false, seltype => $postfix_seltype, notify => Service["postfix"], @@ -115,7 +119,7 @@ class postfix { } case $operatingsystem { - RedHat: { + RedHat, CentOS: { postfix::config { "sendmail_path": value => "/usr/sbin/sendmail.postfix"; "newaliases_path": value => "/usr/bin/newaliases.postfix"; @@ -124,8 +128,7 @@ class postfix { } } - mailalias {"root": + postfix::mailalias {"root": recipient => $root_mail_recipient, - notify => Exec["newaliases"], } } diff --git a/manifests/definitions/hash.pp b/manifests/definitions/hash.pp index a0514ee..c8bb7c7 100644 --- a/manifests/definitions/hash.pp +++ b/manifests/definitions/hash.pp @@ -5,11 +5,10 @@ Creates postfix hashed "map" files. It will create "${name}", and then build "${name}.db" using the "postmap" command. The map file can then be referred to using postfix::config. -Note: the content of the file is not managed by this definition. - Parameters: - *name*: the name of the map file. -- *ensure*: present/absent, defaults to present +- *ensure*: present/absent, defaults to present. +- *source*: file source. Requires: - Class["postfix"] @@ -29,12 +28,12 @@ Example usage: } */ -define postfix::hash ($ensure="present") { +define postfix::hash ($ensure="present", $source = false) { # selinux labels differ from one distribution to another case $operatingsystem { - RedHat: { + RedHat, CentOS: { case $lsbmajdistrelease { "4": { $postfix_seltype = "etc_t" } "5": { $postfix_seltype = "postfix_etc_t" } @@ -47,11 +46,28 @@ define postfix::hash ($ensure="present") { } } - file {"${name}": - ensure => $ensure, - mode => 600, - seltype => $postfix_seltype, - require => Package["postfix"], + case $source { + false: { + file {"${name}": + ensure => $ensure, + mode => 600, + owner => root, + group => root, + seltype => $postfix_seltype, + require => Package["postfix"], + } + } + default: { + file {"${name}": + ensure => $ensure, + mode => 600, + owner => root, + group => root, + source => $source, + seltype => $postfix_seltype, + require => Package["postfix"], + } + } } file {"${name}.db": diff --git a/manifests/definitions/mailalias.pp b/manifests/definitions/mailalias.pp new file mode 100644 index 0000000..0d457e7 --- /dev/null +++ b/manifests/definitions/mailalias.pp @@ -0,0 +1,32 @@ +/* +== Definition: postfix::mailalias + +Wrapper around Puppet mailalias resource, provides newaliases executable. + +Parameters: +- *name*: the name of the alias. +- *ensure*: present/absent, defaults to present. +- *recipient*: recipient of the alias. + +Requires: +- Class["postfix"] + +Example usage: + + node "toto.example.com" { + + include postfix + + postfix::mailalias { "postmaster": + ensure => present, + recipient => 'foo' + } + +*/ +define mailalias ($ensure = 'present', $recipient) { + mailalias { "${name}": + ensure => $ensure, + recipient => $recipient, + notify => Exec['newaliases'] + } +} diff --git a/templates/master.cf.debian-etch.erb b/templates/master.cf.debian-etch.erb index aa5f34f..e6bc4ec 100644 --- a/templates/master.cf.debian-etch.erb +++ b/templates/master.cf.debian-etch.erb @@ -7,7 +7,8 @@ # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== -<%= postfix_ng_smtp_listen %>:smtp inet n - - - - smtpd +<% if postfix_smtp_listen == 'all' %>smtp inet n - - - - smtpd +<% else %><%= postfix_smtp_listen %>:smtp inet n - - - - smtpd<% end %> #submission inet n - - - - smtpd # -o smtpd_enforce_tls=yes # -o smtpd_sasl_auth_enable=yes @@ -74,33 +75,36 @@ scalemail-backend unix - n n - 2 pipe mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} +<% if postfix_use_amavisd == 'yes' %> +amavis unix - - - - 2 smtp + -o smtp_data_done_timeout=1200 + -o smtp_send_xforward_command=yes - -# Amavis -<% if (postfix_amavis == "true" ) -%> - -## http://www.freespamfilter.org/FC4.html#_Toc110999176 - -smtp-amavis unix - - y - 2 smtp - -o smtp_data_done_timeout=1200 - -o smtp_send_xforward_command=yes - -o disable_dns_lookups=yes - -127.0.0.1:10025 inet n - y - - smtpd - -o content_filter= - -o local_recipient_maps= - -o relay_recipient_maps= - -o smtpd_restriction_classes= - -o smtpd_helo_restrictions= - -o smtpd_sender_restrictions= - -o smtpd_recipient_restrictions=permit_mynetworks,reject - -o mynetworks=127.0.0.0/8 - -o strict_rfc821_envelopes=yes - -o smtpd_error_sleep_time=0 - -o smtpd_soft_error_limit=1001 - -o smtpd_hard_error_limit=1000 - -o receive_override_options=no_header_body_checks -<% else -%> -# Amavis not configured -<% end -%> - +127.0.0.1:10025 inet n - - - - smtpd + -o content_filter= + -o local_recipient_maps= + -o relay_recipient_maps= + -o smtpd_restriction_classes= + -o smtpd_client_restrictions= + -o smtpd_helo_restrictions= + -o smtpd_sender_restrictions= + -o smtpd_recipient_restrictions=permit_mynetworks,reject + -o mynetworks=127.0.0.0/8 + -o strict_rfc821_envelopes=yes + -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks + -o smtpd_bind_address=127.0.0.1 +<% end %> +<% if postfix_use_dovecot_lda == 'yes' %> +dovecot unix - n n - - pipe + flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient} +<% end %> +<% if postfix_use_schleuder == 'yes' %> +schleuder unix - n n - - pipe + flags=DRhu user=schleuder argv=/usr/bin/schleuder ${user} +<% end %> +<% if postfix_use_sympa == 'yes' %> +sympa unix - n n - - pipe + flags=R user=sympa argv=/usr/lib/sympa/bin/queue ${recipient} +sympabounce unix - n n - - pipe + flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user} +<% end %> diff --git a/templates/master.cf.redhat5.erb b/templates/master.cf.redhat5.erb index 08564b2..8c3ee53 100644 --- a/templates/master.cf.redhat5.erb +++ b/templates/master.cf.redhat5.erb @@ -7,7 +7,7 @@ # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== -<%= postfix_ng_smtp_listen %>:smtp inet n - n - - smtpd +<%= postfix_smtp_listen %>:smtp inet n - n - - smtpd #smtp inet n - n - - smtpd #submission inet n - n - - smtpd # -o smtpd_enforce_tls=yes |