diff options
Diffstat (limited to 'manifests/classes')
-rw-r--r-- | manifests/classes/postfix-anonsasl.pp | 18 | ||||
-rw-r--r-- | manifests/classes/postfix-header_checks.pp | 57 | ||||
-rw-r--r-- | manifests/classes/postfix-tlspolicy.pp | 5 | ||||
-rw-r--r-- | manifests/classes/postfix.pp | 12 |
4 files changed, 91 insertions, 1 deletions
diff --git a/manifests/classes/postfix-anonsasl.pp b/manifests/classes/postfix-anonsasl.pp new file mode 100644 index 0000000..ca97f19 --- /dev/null +++ b/manifests/classes/postfix-anonsasl.pp @@ -0,0 +1,18 @@ +class postfix::anonsasl { + + include postfix::header_checks + + postfix::config { + 'smtpd_sasl_authenticated_header': + value => 'yes'; + } + + postfix::header_checks_snippet { + 'anonsasl': + content => template("postfix/anonsasl_header_checks.erb"), + require => [ + Postfix::Config['smtpd_sasl_authenticated_header'], + ]; + } + +} diff --git a/manifests/classes/postfix-header_checks.pp b/manifests/classes/postfix-header_checks.pp new file mode 100644 index 0000000..071f6b0 --- /dev/null +++ b/manifests/classes/postfix-header_checks.pp @@ -0,0 +1,57 @@ +# +# == Class: postfix::header_checks +# +# Manages Postfix header_checks by merging snippets shipped: +# - in the module's files/header_checks.d/ or puppet:///files/etc/postfix/header_checks.d +# (the latter takes precedence if present); site-postfix module is supported +# as well, see the source argument of file {"$postfix_header_checks_snippets_dir" +# bellow for details. +# - via postfix::header_checks_snippet defines +# +# Example usage: +# +# node "toto.example.com" { +# $postfix_manage_header_checks = yes +# include postfix +# } +# +class postfix::header_checks { + + include common::moduledir + module_dir{'postfix/header_checks': } + + $postfix_header_checks_dir = "${common::moduledir::module_dir_path}/postfix/header_checks" + $postfix_header_checks_snippets_dir = "${postfix_header_checks_dir}/header_checks.d" + $postfix_merged_header_checks = "${postfix_header_checks_dir}/merged_header_checks" + + file {"$postfix_header_checks_snippets_dir": + ensure => 'directory', + owner => 'root', + group => '0', + mode => '700', + source => [ + "puppet:///modules/site-postfix/${fqdn}/header_checks.d", + "puppet:///modules/site-postfix/header_checks.d", + "puppet:///files/etc/postfix/header_checks.d", + "puppet:///modules/postfix/header_checks.d", + ], + recurse => true, + purge => false, + } + + concatenated_file { "$postfix_merged_header_checks": + dir => "${postfix_header_checks_snippets_dir}", + require => File["$postfix_header_checks_snippets_dir"], + } + + config_file { '/etc/postfix/header_checks': + source => "$postfix_merged_header_checks", + subscribe => File["$postfix_merged_header_checks"], + } + + postfix::config { "header_checks": + value => 'regexp:/etc/postfix/header_checks', + require => File['/etc/postfix/header_checks'], + } + +} diff --git a/manifests/classes/postfix-tlspolicy.pp b/manifests/classes/postfix-tlspolicy.pp index ec9e068..633c380 100644 --- a/manifests/classes/postfix-tlspolicy.pp +++ b/manifests/classes/postfix-tlspolicy.pp @@ -2,7 +2,10 @@ # == Class: postfix::tlspolicy # # Manages Postfix TLS policy by merging policy snippets shipped: -# - in the module's files/tls_policy.d/ +# - in the module's files/tls_policy.d/ or puppet:///files/etc/postfix/tls_policy.d +# (the latter takes precedence if present); site-postfix module is supported +# as well, see the source argument of file {"$postfix_tlspolicy_snippets_dir" +# bellow for details. # - via postfix::tlspolicy_snippet defines # # Parameters: diff --git a/manifests/classes/postfix.pp b/manifests/classes/postfix.pp index 588bfc8..4e9cd6f 100644 --- a/manifests/classes/postfix.pp +++ b/manifests/classes/postfix.pp @@ -40,6 +40,12 @@ class postfix { case $root_mail_recipient { "": { $root_mail_recipient = "nobody" } } + case $postfix_anon_sasl { + "": { $postfix_anon_sasl = "no" } + } + case $postfix_manage_header_checks { + "": { $postfix_manage_header_checks = "no" } + } case $postfix_manage_tls_policy { "": { $postfix_manage_tls_policy = "no" } } @@ -64,6 +70,12 @@ class postfix { module_dir{'postfix': } # Include optional classes + if $postfix_anon_sasl == 'yes' { + include postfix::anonsasl + } + if $postfix_manage_header_checks == 'yes' { + include postfix::header_checks + } if $postfix_manage_tls_policy == 'yes' { include postfix::tlspolicy } |