aboutsummaryrefslogtreecommitdiff
path: root/manifests/classes
diff options
context:
space:
mode:
Diffstat (limited to 'manifests/classes')
-rw-r--r--manifests/classes/postfix-anonsasl.pp18
-rw-r--r--manifests/classes/postfix-header_checks.pp57
-rw-r--r--manifests/classes/postfix-tlspolicy.pp5
-rw-r--r--manifests/classes/postfix.pp12
4 files changed, 91 insertions, 1 deletions
diff --git a/manifests/classes/postfix-anonsasl.pp b/manifests/classes/postfix-anonsasl.pp
new file mode 100644
index 0000000..ca97f19
--- /dev/null
+++ b/manifests/classes/postfix-anonsasl.pp
@@ -0,0 +1,18 @@
+class postfix::anonsasl {
+
+ include postfix::header_checks
+
+ postfix::config {
+ 'smtpd_sasl_authenticated_header':
+ value => 'yes';
+ }
+
+ postfix::header_checks_snippet {
+ 'anonsasl':
+ content => template("postfix/anonsasl_header_checks.erb"),
+ require => [
+ Postfix::Config['smtpd_sasl_authenticated_header'],
+ ];
+ }
+
+}
diff --git a/manifests/classes/postfix-header_checks.pp b/manifests/classes/postfix-header_checks.pp
new file mode 100644
index 0000000..071f6b0
--- /dev/null
+++ b/manifests/classes/postfix-header_checks.pp
@@ -0,0 +1,57 @@
+#
+# == Class: postfix::header_checks
+#
+# Manages Postfix header_checks by merging snippets shipped:
+# - in the module's files/header_checks.d/ or puppet:///files/etc/postfix/header_checks.d
+# (the latter takes precedence if present); site-postfix module is supported
+# as well, see the source argument of file {"$postfix_header_checks_snippets_dir"
+# bellow for details.
+# - via postfix::header_checks_snippet defines
+#
+# Example usage:
+#
+# node "toto.example.com" {
+# $postfix_manage_header_checks = yes
+# include postfix
+# }
+#
+class postfix::header_checks {
+
+ include common::moduledir
+ module_dir{'postfix/header_checks': }
+
+ $postfix_header_checks_dir = "${common::moduledir::module_dir_path}/postfix/header_checks"
+ $postfix_header_checks_snippets_dir = "${postfix_header_checks_dir}/header_checks.d"
+ $postfix_merged_header_checks = "${postfix_header_checks_dir}/merged_header_checks"
+
+ file {"$postfix_header_checks_snippets_dir":
+ ensure => 'directory',
+ owner => 'root',
+ group => '0',
+ mode => '700',
+ source => [
+ "puppet:///modules/site-postfix/${fqdn}/header_checks.d",
+ "puppet:///modules/site-postfix/header_checks.d",
+ "puppet:///files/etc/postfix/header_checks.d",
+ "puppet:///modules/postfix/header_checks.d",
+ ],
+ recurse => true,
+ purge => false,
+ }
+
+ concatenated_file { "$postfix_merged_header_checks":
+ dir => "${postfix_header_checks_snippets_dir}",
+ require => File["$postfix_header_checks_snippets_dir"],
+ }
+
+ config_file { '/etc/postfix/header_checks':
+ source => "$postfix_merged_header_checks",
+ subscribe => File["$postfix_merged_header_checks"],
+ }
+
+ postfix::config { "header_checks":
+ value => 'regexp:/etc/postfix/header_checks',
+ require => File['/etc/postfix/header_checks'],
+ }
+
+}
diff --git a/manifests/classes/postfix-tlspolicy.pp b/manifests/classes/postfix-tlspolicy.pp
index ec9e068..633c380 100644
--- a/manifests/classes/postfix-tlspolicy.pp
+++ b/manifests/classes/postfix-tlspolicy.pp
@@ -2,7 +2,10 @@
# == Class: postfix::tlspolicy
#
# Manages Postfix TLS policy by merging policy snippets shipped:
-# - in the module's files/tls_policy.d/
+# - in the module's files/tls_policy.d/ or puppet:///files/etc/postfix/tls_policy.d
+# (the latter takes precedence if present); site-postfix module is supported
+# as well, see the source argument of file {"$postfix_tlspolicy_snippets_dir"
+# bellow for details.
# - via postfix::tlspolicy_snippet defines
#
# Parameters:
diff --git a/manifests/classes/postfix.pp b/manifests/classes/postfix.pp
index 588bfc8..4e9cd6f 100644
--- a/manifests/classes/postfix.pp
+++ b/manifests/classes/postfix.pp
@@ -40,6 +40,12 @@ class postfix {
case $root_mail_recipient {
"": { $root_mail_recipient = "nobody" }
}
+ case $postfix_anon_sasl {
+ "": { $postfix_anon_sasl = "no" }
+ }
+ case $postfix_manage_header_checks {
+ "": { $postfix_manage_header_checks = "no" }
+ }
case $postfix_manage_tls_policy {
"": { $postfix_manage_tls_policy = "no" }
}
@@ -64,6 +70,12 @@ class postfix {
module_dir{'postfix': }
# Include optional classes
+ if $postfix_anon_sasl == 'yes' {
+ include postfix::anonsasl
+ }
+ if $postfix_manage_header_checks == 'yes' {
+ include postfix::header_checks
+ }
if $postfix_manage_tls_policy == 'yes' {
include postfix::tlspolicy
}