From 77578b93bd98bf0bf9cf69e4fa8da75dcf9c236d Mon Sep 17 00:00:00 2001 From: mh Date: Thu, 16 Feb 2012 16:51:56 +0100 Subject: put classes and defines in the proper place To take advantage of puppet's autoloading feature, which will be mandatory sooner or later. We move all the files in their appropriate place. --- manifests/amavis.pp | 5 + manifests/anonsasl.pp | 18 +++ manifests/classes/postfix-amavis.pp | 5 - manifests/classes/postfix-anonsasl.pp | 18 --- manifests/classes/postfix-header_checks.pp | 57 -------- manifests/classes/postfix-mailman.pp | 36 ----- manifests/classes/postfix-mta.pp | 61 --------- manifests/classes/postfix-satellite.pp | 38 ------ manifests/classes/postfix-tlspolicy.pp | 71 ---------- manifests/classes/postfix.pp | 178 ------------------------ manifests/config.pp | 49 +++++++ manifests/definitions/config.pp | 49 ------- manifests/definitions/hash.pp | 87 ------------ manifests/definitions/header_checks_snippet.pp | 67 --------- manifests/definitions/mailalias.pp | 32 ----- manifests/definitions/tlspolicy_snippet.pp | 47 ------- manifests/definitions/transport.pp | 44 ------ manifests/definitions/virtual.pp | 44 ------ manifests/hash.pp | 87 ++++++++++++ manifests/header_checks.pp | 57 ++++++++ manifests/header_checks_snippet.pp | 67 +++++++++ manifests/init.pp | 180 ++++++++++++++++++++++++- manifests/mailalias.pp | 32 +++++ manifests/mailman.pp | 36 +++++ manifests/mta.pp | 61 +++++++++ manifests/satellite.pp | 38 ++++++ manifests/tlspolicy.pp | 71 ++++++++++ manifests/tlspolicy_snippet.pp | 47 +++++++ manifests/transport.pp | 44 ++++++ manifests/virtual.pp | 44 ++++++ 30 files changed, 834 insertions(+), 836 deletions(-) create mode 100644 manifests/amavis.pp create mode 100644 manifests/anonsasl.pp delete mode 100644 manifests/classes/postfix-amavis.pp delete mode 100644 manifests/classes/postfix-anonsasl.pp delete mode 100644 manifests/classes/postfix-header_checks.pp delete mode 100644 manifests/classes/postfix-mailman.pp delete mode 100644 manifests/classes/postfix-mta.pp delete mode 100644 manifests/classes/postfix-satellite.pp delete mode 100644 manifests/classes/postfix-tlspolicy.pp delete mode 100644 manifests/classes/postfix.pp create mode 100644 manifests/config.pp delete mode 100644 manifests/definitions/config.pp delete mode 100644 manifests/definitions/hash.pp delete mode 100644 manifests/definitions/header_checks_snippet.pp delete mode 100644 manifests/definitions/mailalias.pp delete mode 100644 manifests/definitions/tlspolicy_snippet.pp delete mode 100644 manifests/definitions/transport.pp delete mode 100644 manifests/definitions/virtual.pp create mode 100644 manifests/hash.pp create mode 100644 manifests/header_checks.pp create mode 100644 manifests/header_checks_snippet.pp create mode 100644 manifests/mailalias.pp create mode 100644 manifests/mailman.pp create mode 100644 manifests/mta.pp create mode 100644 manifests/satellite.pp create mode 100644 manifests/tlspolicy.pp create mode 100644 manifests/tlspolicy_snippet.pp create mode 100644 manifests/transport.pp create mode 100644 manifests/virtual.pp diff --git a/manifests/amavis.pp b/manifests/amavis.pp new file mode 100644 index 0000000..b663923 --- /dev/null +++ b/manifests/amavis.pp @@ -0,0 +1,5 @@ +class postfix::amavis { + postfix::config { + "content_filter": value => "amavis:[127.0.0.1]:10024"; + } +} diff --git a/manifests/anonsasl.pp b/manifests/anonsasl.pp new file mode 100644 index 0000000..ca97f19 --- /dev/null +++ b/manifests/anonsasl.pp @@ -0,0 +1,18 @@ +class postfix::anonsasl { + + include postfix::header_checks + + postfix::config { + 'smtpd_sasl_authenticated_header': + value => 'yes'; + } + + postfix::header_checks_snippet { + 'anonsasl': + content => template("postfix/anonsasl_header_checks.erb"), + require => [ + Postfix::Config['smtpd_sasl_authenticated_header'], + ]; + } + +} diff --git a/manifests/classes/postfix-amavis.pp b/manifests/classes/postfix-amavis.pp deleted file mode 100644 index b663923..0000000 --- a/manifests/classes/postfix-amavis.pp +++ /dev/null @@ -1,5 +0,0 @@ -class postfix::amavis { - postfix::config { - "content_filter": value => "amavis:[127.0.0.1]:10024"; - } -} diff --git a/manifests/classes/postfix-anonsasl.pp b/manifests/classes/postfix-anonsasl.pp deleted file mode 100644 index ca97f19..0000000 --- a/manifests/classes/postfix-anonsasl.pp +++ /dev/null @@ -1,18 +0,0 @@ -class postfix::anonsasl { - - include postfix::header_checks - - postfix::config { - 'smtpd_sasl_authenticated_header': - value => 'yes'; - } - - postfix::header_checks_snippet { - 'anonsasl': - content => template("postfix/anonsasl_header_checks.erb"), - require => [ - Postfix::Config['smtpd_sasl_authenticated_header'], - ]; - } - -} diff --git a/manifests/classes/postfix-header_checks.pp b/manifests/classes/postfix-header_checks.pp deleted file mode 100644 index 071f6b0..0000000 --- a/manifests/classes/postfix-header_checks.pp +++ /dev/null @@ -1,57 +0,0 @@ -# -# == Class: postfix::header_checks -# -# Manages Postfix header_checks by merging snippets shipped: -# - in the module's files/header_checks.d/ or puppet:///files/etc/postfix/header_checks.d -# (the latter takes precedence if present); site-postfix module is supported -# as well, see the source argument of file {"$postfix_header_checks_snippets_dir" -# bellow for details. -# - via postfix::header_checks_snippet defines -# -# Example usage: -# -# node "toto.example.com" { -# $postfix_manage_header_checks = yes -# include postfix -# } -# -class postfix::header_checks { - - include common::moduledir - module_dir{'postfix/header_checks': } - - $postfix_header_checks_dir = "${common::moduledir::module_dir_path}/postfix/header_checks" - $postfix_header_checks_snippets_dir = "${postfix_header_checks_dir}/header_checks.d" - $postfix_merged_header_checks = "${postfix_header_checks_dir}/merged_header_checks" - - file {"$postfix_header_checks_snippets_dir": - ensure => 'directory', - owner => 'root', - group => '0', - mode => '700', - source => [ - "puppet:///modules/site-postfix/${fqdn}/header_checks.d", - "puppet:///modules/site-postfix/header_checks.d", - "puppet:///files/etc/postfix/header_checks.d", - "puppet:///modules/postfix/header_checks.d", - ], - recurse => true, - purge => false, - } - - concatenated_file { "$postfix_merged_header_checks": - dir => "${postfix_header_checks_snippets_dir}", - require => File["$postfix_header_checks_snippets_dir"], - } - - config_file { '/etc/postfix/header_checks': - source => "$postfix_merged_header_checks", - subscribe => File["$postfix_merged_header_checks"], - } - - postfix::config { "header_checks": - value => 'regexp:/etc/postfix/header_checks', - require => File['/etc/postfix/header_checks'], - } - -} diff --git a/manifests/classes/postfix-mailman.pp b/manifests/classes/postfix-mailman.pp deleted file mode 100644 index cba0848..0000000 --- a/manifests/classes/postfix-mailman.pp +++ /dev/null @@ -1,36 +0,0 @@ -# -# == Class: postfix::mailman -# -# Configures a basic smtp server, able to work for the mailman mailing-list -# manager. -# -# Parameters: -# - every global variable which works for class "postfix" will work here. -# -# Example usage: -# -# node "toto.example.com" { -# include mailman -# include postfix::mailman -# } -# -class postfix::mailman { - $postfix_smtp_listen = "0.0.0.0" - include postfix - - postfix::config { - "mydestination": value => ""; - "virtual_alias_maps": value => "hash:/etc/postfix/virtual"; - "transport_maps": value => "hash:/etc/postfix/transport"; - "mailman_destination_recipient_limit": value => "1", nonstandard => true; - } - - postfix::hash { "/etc/postfix/virtual": - ensure => present, - } - - postfix::hash { "/etc/postfix/transport": - ensure => present, - } - -} diff --git a/manifests/classes/postfix-mta.pp b/manifests/classes/postfix-mta.pp deleted file mode 100644 index c36c0bc..0000000 --- a/manifests/classes/postfix-mta.pp +++ /dev/null @@ -1,61 +0,0 @@ -# -# == Class: postfix::mta -# -# This class configures a minimal MTA, listening on -# $postfix_smtp_listen (default to localhost) and delivering mail to -# $postfix_mydestination (default to $fqdn). -# -# A valid relay host is required ($postfix_relayhost) for outbound email. -# -# transport & virtual maps get configured and can be populated with -# postfix::transport and postfix::virtual -# -# Parameters: -# - *$postfix_relayhost* -# - *$postfix_mydestination* -# - every global variable which works for class "postfix" will work here. -# -# Example usage: -# -# node "toto.example.com" { -# $postfix_relayhost = "mail.example.com" -# $postfix_smtp_listen = "0.0.0.0" -# $postfix_mydestination = "\$myorigin, myapp.example.com" -# -# include postfix::mta -# -# postfix::transport { "myapp.example.com": -# ensure => present, -# destination => "local:", -# } -# } -# -class postfix::mta { - - #case $postfix_relayhost { - # "": { fail("Required \$postfix_relayhost variable is not defined.") } - #} - - case $postfix_mydestination { - "": { $postfix_mydestination = "\$myorigin" } - } - - include postfix - - postfix::config { - "mydestination": value => $postfix_mydestination; - "mynetworks": value => "127.0.0.0/8"; - "relayhost": value => $postfix_relayhost; - "virtual_alias_maps": value => "hash:/etc/postfix/virtual"; - "transport_maps": value => "hash:/etc/postfix/transport"; - } - - postfix::hash { "/etc/postfix/virtual": - ensure => present, - } - - postfix::hash { "/etc/postfix/transport": - ensure => present, - } - -} diff --git a/manifests/classes/postfix-satellite.pp b/manifests/classes/postfix-satellite.pp deleted file mode 100644 index cb92a9f..0000000 --- a/manifests/classes/postfix-satellite.pp +++ /dev/null @@ -1,38 +0,0 @@ -# -# == Class: postfix::satellite -# -# This class configures all local email (cron, mdadm, etc) to be forwarded -# to $root_mail_recipient, using $postfix_relayhost as a relay. -# -# $valid_fqdn can be set to override $fqdn in the case where the FQDN is -# not recognized as valid by the destination server. -# -# Parameters: -# - *valid_fqdn* -# - every global variable which works for class "postfix" will work here. -# -# Example usage: -# -# node "toto.local.lan" { -# $postfix_relayhost = "mail.example.com" -# $valid_fqdn = "toto.example.com" -# $root_mail_recipient = "the.sysadmin@example.com" -# -# include postfix::satellite -# } -# -class postfix::satellite { - - # If $valid_fqdn exists, use it to override $fqdn - case $valid_fqdn { - "": { $valid_fqdn = $fqdn } - default: { $fqdn = "${valid_fqdn}" } - } - - include postfix::mta - - postfix::virtual {"@${valid_fqdn}": - ensure => present, - destination => "root", - } -} diff --git a/manifests/classes/postfix-tlspolicy.pp b/manifests/classes/postfix-tlspolicy.pp deleted file mode 100644 index 633c380..0000000 --- a/manifests/classes/postfix-tlspolicy.pp +++ /dev/null @@ -1,71 +0,0 @@ -# -# == Class: postfix::tlspolicy -# -# Manages Postfix TLS policy by merging policy snippets shipped: -# - in the module's files/tls_policy.d/ or puppet:///files/etc/postfix/tls_policy.d -# (the latter takes precedence if present); site-postfix module is supported -# as well, see the source argument of file {"$postfix_tlspolicy_snippets_dir" -# bellow for details. -# - via postfix::tlspolicy_snippet defines -# -# Parameters: -# - $postfix_tls_fingerprint_digest (defaults to sha1) -# -# Example usage: -# -# node "toto.example.com" { -# $postfix_manage_tls_policy = yes -# include postfix -# } -# -class postfix::tlspolicy { - - # Default value for parameters - case $postfix_tls_fingerprint_digest { - "": { $postfix_tls_fingerprint_digest = 'sha1' } - } - - include common::moduledir - module_dir{'postfix/tls_policy': } - - $postfix_tlspolicy_dir = "${common::moduledir::module_dir_path}/postfix/tls_policy" - $postfix_tlspolicy_snippets_dir = "${postfix_tlspolicy_dir}/tls_policy.d" - $postfix_merged_tlspolicy = "${postfix_tlspolicy_dir}/merged_tls_policy" - - file {"$postfix_tlspolicy_snippets_dir": - ensure => 'directory', - owner => 'root', - group => '0', - mode => '700', - source => [ - "puppet:///modules/site-postfix/${fqdn}/tls_policy.d", - "puppet:///modules/site-postfix/tls_policy.d", - "puppet:///modules/postfix/tls_policy.d", - ], - recurse => true, - purge => false, - } - - concatenated_file { "$postfix_merged_tlspolicy": - dir => "${postfix_tlspolicy_snippets_dir}", - require => File["$postfix_tlspolicy_snippets_dir"], - } - - postfix::hash { '/etc/postfix/tls_policy': - source => "$postfix_merged_tlspolicy", - subscribe => File["$postfix_merged_tlspolicy"], - } - - postfix::config { - 'smtp_tls_fingerprint_digest': value => "$postfix_tls_fingerprint_digest"; - } - - postfix::config { 'smtp_tls_policy_maps': - value => 'hash:/etc/postfix/tls_policy', - require => [ - Postfix::Hash['/etc/postfix/tls_policy'], - Postfix::Config['smtp_tls_fingerprint_digest'], - ], - } - -} diff --git a/manifests/classes/postfix.pp b/manifests/classes/postfix.pp deleted file mode 100644 index 63a50b9..0000000 --- a/manifests/classes/postfix.pp +++ /dev/null @@ -1,178 +0,0 @@ -# -# == Class: postfix -# -# This class provides a basic setup of postfix with local and remote -# delivery and an SMTP server listening on the loopback interface. -# -# Parameters: -# - *$postfix_smtp_listen*: address on which the smtp service will listen to. defaults to 127.0.0.1 -# - *$root_mail_recipient*: who will recieve root's emails. defaults to "nobody" -# -# Example usage: -# -# node "toto.example.com" { -# $postfix_smtp_listen = "192.168.1.10" -# include postfix -# } -# -class postfix { - - # selinux labels differ from one distribution to another - case $operatingsystem { - - RedHat, CentOS: { - case $lsbmajdistrelease { - "4": { $postfix_seltype = "etc_t" } - "5": { $postfix_seltype = "postfix_etc_t" } - default: { $postfix_seltype = undef } - } - } - - default: { - $postfix_seltype = undef - } - } - - # Default value for various options - case $postfix_smtp_listen { - "": { $postfix_smtp_listen = "127.0.0.1" } - } - case $root_mail_recipient { - "": { $root_mail_recipient = "nobody" } - } - case $postfix_anon_sasl { - "": { $postfix_anon_sasl = "no" } - } - case $postfix_manage_header_checks { - "": { $postfix_manage_header_checks = "no" } - } - case $postfix_manage_tls_policy { - "": { $postfix_manage_tls_policy = "no" } - } - case $postfix_use_amavisd { - "": { $postfix_use_amavisd = "no" } - } - case $postfix_use_dovecot_lda { - "": { $postfix_use_dovecot_lda = "no" } - } - case $postfix_use_schleuder { - "": { $postfix_use_schleuder = "no" } - } - case $postfix_use_sympa { - "": { $postfix_use_sympa = "no" } - } - case $postfix_mastercf_tail { - "": { $postfix_mastercf_tail = "" } - } - case $postfix_inet_interfaces { - "": { $postfix_inet_interfaces = 'all' } - } - case $postfix_myorigin { - "": { $postfix_myorigin = $fqdn } - } - - # Bootstrap moduledir - include common::moduledir - module_dir{'postfix': } - - # Include optional classes - if $postfix_anon_sasl == 'yes' { - include postfix::anonsasl - } - if $postfix_manage_header_checks == 'yes' { - include postfix::header_checks - } - if $postfix_manage_tls_policy == 'yes' { - include postfix::tlspolicy - } - if $postfix_use_amavisd == 'yes' { - include postfix::amavis - } - - package { ["postfix", "mailx"]: - ensure => installed - } - - if $operatingsystem == 'debian' { - Package[mailx] { name => 'bsd-mailx' } - } - - service { "postfix": - ensure => running, - require => Package["postfix"], - } - - file { "/etc/mailname": - ensure => present, - content => "${fqdn}\n", - seltype => $postfix_seltype, - } - - # Aliases - file { "/etc/aliases": - ensure => present, - content => "# file managed by puppet\n", - replace => false, - seltype => $postfix_seltype, - notify => Exec["newaliases"], - } - - # Aliases - exec { "newaliases": - command => "/usr/bin/newaliases", - refreshonly => true, - require => Package["postfix"], - subscribe => File["/etc/aliases"], - } - - # Config files - file { "/etc/postfix/master.cf": - ensure => present, - owner => "root", - group => "root", - mode => "0644", - content => $operatingsystem ? { - Redhat => template("postfix/master.cf.redhat5.erb"), - CentOS => template("postfix/master.cf.redhat5.erb"), - Debian => template("postfix/master.cf.debian-$lsbdistcodename.erb"), - Ubuntu => template("postfix/master.cf.debian-etch.erb"), - }, - seltype => $postfix_seltype, - notify => Service["postfix"], - require => Package["postfix"], - } - - # Config files - file { "/etc/postfix/main.cf": - ensure => present, - owner => "root", - group => "root", - mode => "0644", - source => "puppet:///modules/postfix/main.cf", - replace => false, - seltype => $postfix_seltype, - notify => Service["postfix"], - require => Package["postfix"], - } - - # Default configuration parameters - postfix::config { - "myorigin": value => "${postfix_myorigin}"; - "alias_maps": value => "hash:/etc/aliases"; - "inet_interfaces": value => "${postfix_inet_interfaces}"; - } - - case $operatingsystem { - RedHat, CentOS: { - postfix::config { - "sendmail_path": value => "/usr/sbin/sendmail.postfix"; - "newaliases_path": value => "/usr/bin/newaliases.postfix"; - "mailq_path": value => "/usr/bin/mailq.postfix"; - } - } - } - - postfix::mailalias {"root": - recipient => $root_mail_recipient, - } -} diff --git a/manifests/config.pp b/manifests/config.pp new file mode 100644 index 0000000..8e203a6 --- /dev/null +++ b/manifests/config.pp @@ -0,0 +1,49 @@ +/* +== Definition: postfix::config + +Uses the "postconf" command to add/alter/remove options in postfix main +configuation file (/etc/postfix/main.cf). + +Parameters: +- *name*: name of the parameter. +- *ensure*: present/absent. defaults to present. +- *value*: value of the parameter. +- *nonstandard*: inform postfix::config that this parameter is not recognized + by the "postconf" command. defaults to false. + +Requires: +- Class["postfix"] + +Example usage: + + node "toto.example.com" { + + include postfix + + postfix::config { + "smtp_use_tls" => "yes"; + "smtp_sasl_auth_enable" => "yes"; + "smtp_sasl_password_maps" => "hash:/etc/postfix/my_sasl_passwords"; + "relayhost" => "[mail.example.com]:587"; + } + } + +*/ +define postfix::config ($ensure = present, $value, $nonstandard = false) { + case $ensure { + present: { + exec {"postconf -e ${name}='${value}'": + unless => $nonstandard ? { + false => "test \"x$(postconf -h ${name})\" = 'x${value}'", + true => "test \"x$(egrep '^${name} ' /etc/postfix/main.cf | cut -d= -f2 | cut -d' ' -f2)\" = 'x${value}'", + }, + notify => Service["postfix"], + require => File["/etc/postfix/main.cf"], + } + } + + absent: { + fail "postfix::config ensure => absent: Not implemented" + } + } +} diff --git a/manifests/definitions/config.pp b/manifests/definitions/config.pp deleted file mode 100644 index 8e203a6..0000000 --- a/manifests/definitions/config.pp +++ /dev/null @@ -1,49 +0,0 @@ -/* -== Definition: postfix::config - -Uses the "postconf" command to add/alter/remove options in postfix main -configuation file (/etc/postfix/main.cf). - -Parameters: -- *name*: name of the parameter. -- *ensure*: present/absent. defaults to present. -- *value*: value of the parameter. -- *nonstandard*: inform postfix::config that this parameter is not recognized - by the "postconf" command. defaults to false. - -Requires: -- Class["postfix"] - -Example usage: - - node "toto.example.com" { - - include postfix - - postfix::config { - "smtp_use_tls" => "yes"; - "smtp_sasl_auth_enable" => "yes"; - "smtp_sasl_password_maps" => "hash:/etc/postfix/my_sasl_passwords"; - "relayhost" => "[mail.example.com]:587"; - } - } - -*/ -define postfix::config ($ensure = present, $value, $nonstandard = false) { - case $ensure { - present: { - exec {"postconf -e ${name}='${value}'": - unless => $nonstandard ? { - false => "test \"x$(postconf -h ${name})\" = 'x${value}'", - true => "test \"x$(egrep '^${name} ' /etc/postfix/main.cf | cut -d= -f2 | cut -d' ' -f2)\" = 'x${value}'", - }, - notify => Service["postfix"], - require => File["/etc/postfix/main.cf"], - } - } - - absent: { - fail "postfix::config ensure => absent: Not implemented" - } - } -} diff --git a/manifests/definitions/hash.pp b/manifests/definitions/hash.pp deleted file mode 100644 index c8bb7c7..0000000 --- a/manifests/definitions/hash.pp +++ /dev/null @@ -1,87 +0,0 @@ -/* -== Definition: postfix::hash - -Creates postfix hashed "map" files. It will create "${name}", and then build -"${name}.db" using the "postmap" command. The map file can then be referred to -using postfix::config. - -Parameters: -- *name*: the name of the map file. -- *ensure*: present/absent, defaults to present. -- *source*: file source. - -Requires: -- Class["postfix"] - -Example usage: - - node "toto.example.com" { - - include postfix - - postfix::hash { "/etc/postfix/virtual": - ensure => present, - } - postfix::config { "virtual_alias_maps": - value => "hash:/etc/postfix/virtual" - } - } - -*/ -define postfix::hash ($ensure="present", $source = false) { - - # selinux labels differ from one distribution to another - case $operatingsystem { - - RedHat, CentOS: { - case $lsbmajdistrelease { - "4": { $postfix_seltype = "etc_t" } - "5": { $postfix_seltype = "postfix_etc_t" } - default: { $postfix_seltype = undef } - } - } - - default: { - $postfix_seltype = undef - } - } - - case $source { - false: { - file {"${name}": - ensure => $ensure, - mode => 600, - owner => root, - group => root, - seltype => $postfix_seltype, - require => Package["postfix"], - } - } - default: { - file {"${name}": - ensure => $ensure, - mode => 600, - owner => root, - group => root, - source => $source, - seltype => $postfix_seltype, - require => Package["postfix"], - } - } - } - - file {"${name}.db": - ensure => $ensure, - mode => 600, - require => [File["${name}"], Exec["generate ${name}.db"]], - seltype => $postfix_seltype, - } - - exec {"generate ${name}.db": - command => "postmap ${name}", - #creates => "${name}.db", # this prevents postmap from being run ! - subscribe => File["${name}"], - refreshonly => true, - require => Package["postfix"], - } -} diff --git a/manifests/definitions/header_checks_snippet.pp b/manifests/definitions/header_checks_snippet.pp deleted file mode 100644 index 454d219..0000000 --- a/manifests/definitions/header_checks_snippet.pp +++ /dev/null @@ -1,67 +0,0 @@ -/* -== Definition: postfix::header_checks_snippet - -Adds a header_checks snippets to /etc/postfix/header_checks. -See the postfix::header_checks class for details. - -Parameters: -- *source* or *content*: source or content of the header_checks snippet -- *ensure*: present (default) or absent - -Requires: -- Class["postfix"] - -Example usage: - - node "toto.example.com" { - include postfix - postfix::header_checks { - 'wrong_date': content => 'FIXME'; - 'bla': source => 'puppet:///files/etc/postfix/header_checks.d/bla'; - } - } - -*/ - -define postfix::header_checks_snippet ( - $ensure = "present", - $source = '', - $content = undef -) { - - if $source == '' and $content == undef { - fail("One of \$source or \$content must be specified for postfix::header_checks_snippet ${name}") - } - - if $source != '' and $content != undef { - fail("Only one of \$source or \$content must specified for postfix::header_checks_snippet ${name}") - } - - if ($value == false) and ($ensure == "present") { - fail("The value parameter must be set when using the postfix::header_checks_snippet define with ensure=present.") - } - - include postfix::header_checks - - $snippetfile = "${postfix::header_checks::postfix_header_checks_snippets_dir}/${name}" - - file { "$snippetfile": - ensure => "$ensure", - mode => 600, - owner => root, - group => 0, - notify => Exec["concat_${postfix::header_checks::postfix_merged_header_checks}"], - } - - if $source { - File["$snippetfile"] { - source => $source, - } - } - else { - File["$snippetfile"] { - content => $content, - } - } - -} diff --git a/manifests/definitions/mailalias.pp b/manifests/definitions/mailalias.pp deleted file mode 100644 index cd1af50..0000000 --- a/manifests/definitions/mailalias.pp +++ /dev/null @@ -1,32 +0,0 @@ -/* -== Definition: postfix::mailalias - -Wrapper around Puppet mailalias resource, provides newaliases executable. - -Parameters: -- *name*: the name of the alias. -- *ensure*: present/absent, defaults to present. -- *recipient*: recipient of the alias. - -Requires: -- Class["postfix"] - -Example usage: - - node "toto.example.com" { - - include postfix - - postfix::mailalias { "postmaster": - ensure => present, - recipient => 'foo' - } - -*/ -define postfix::mailalias ($ensure = 'present', $recipient) { - mailalias { "${name}": - ensure => $ensure, - recipient => $recipient, - notify => Exec['newaliases'] - } -} diff --git a/manifests/definitions/tlspolicy_snippet.pp b/manifests/definitions/tlspolicy_snippet.pp deleted file mode 100644 index 2596dbc..0000000 --- a/manifests/definitions/tlspolicy_snippet.pp +++ /dev/null @@ -1,47 +0,0 @@ -/* -== Definition: postfix::tlspolicy_snippet - -Adds a TLS policy snippets to /etc/postfix/tls_policy.d/. -See the postfix::tlspolicy class for details. - -Parameters: -- *name*: name of destination domain Postfix will lookup. See TLS_README. -- *value*: right-hand part of the tls_policy map -- *ensure*: present/absent, defaults to present. - -Requires: -- Class["postfix"] -- Class["postfix::tlspolicy"] - -Example usage: - - node "toto.example.com" { - $postfix_manage_tls_policy = yes - include postfix - postfix::tlspolicy_snippet { - 'example.com': value => 'encrypt'; - '.example.com': value => 'encrypt'; - 'nothing.com': value => 'fingerprint match=2A:FF:F0:EC:52:04:99:45:73:1B:C2:22:7F:FD:31:6B:8F:07:43:29'; - } - } - -*/ - -define postfix::tlspolicy_snippet ($ensure="present", $value = false) { - - include postfix::tlspolicy - - if ($value == false) and ($ensure == "present") { - fail("The value parameter must be set when using the postfix::tlspolicy_snippet define with ensure=present.") - } - - file { "${postfix::tlspolicy::postfix_tlspolicy_snippets_dir}/${name}": - ensure => "$ensure", - content => "${name} ${value}\n", - mode => 600, - owner => root, - group => 0, - notify => Exec["concat_${postfix::tlspolicy::postfix_merged_tlspolicy}"], - } - -} diff --git a/manifests/definitions/transport.pp b/manifests/definitions/transport.pp deleted file mode 100644 index 5ca5554..0000000 --- a/manifests/definitions/transport.pp +++ /dev/null @@ -1,44 +0,0 @@ -/* -== Definition: postfix::transport - -Manages content of the /etc/postfix/transport map. - -Parameters: -- *name*: name of address postfix will lookup. See transport(5). -- *destination*: where the emails will be delivered to. See transport(5). -- *ensure*: present/absent, defaults to present. - -Requires: -- Class["postfix"] -- Postfix::Hash["/etc/postfix/transport"] -- Postfix::Config["transport_maps"] -- common::line (from module common) - -Example usage: - - node "toto.example.com" { - - include postfix - - postfix::hash { "/etc/postfix/transport": - ensure => present, - } - postfix::config { "transport_maps": - value => "hash:/etc/postfix/transport" - } - postfix::transport { "mailman.example.com": - ensure => present, - destination => "mailman", - } - } - -*/ -define postfix::transport ($ensure="present", $destination) { - line {"${name} ${destination}": - ensure => $ensure, - file => "/etc/postfix/transport", - line => "${name} ${destination}", - notify => Exec["generate /etc/postfix/transport.db"], - require => Package["postfix"], - } -} diff --git a/manifests/definitions/virtual.pp b/manifests/definitions/virtual.pp deleted file mode 100644 index 8fcd53a..0000000 --- a/manifests/definitions/virtual.pp +++ /dev/null @@ -1,44 +0,0 @@ -/* -== Definition: postfix::virtual - -Manages content of the /etc/postfix/virtual map. - -Parameters: -- *name*: name of address postfix will lookup. See virtual(8). -- *destination*: where the emails will be delivered to. See virtual(8). -- *ensure*: present/absent, defaults to present. - -Requires: -- Class["postfix"] -- Postfix::Hash["/etc/postfix/virtual"] -- Postfix::Config["virtual_alias_maps"] -- common::line (from module common) - -Example usage: - - node "toto.example.com" { - - include postfix - - postfix::hash { "/etc/postfix/virtual": - ensure => present, - } - postfix::config { "virtual_alias_maps": - value => "hash:/etc/postfix/virtual" - } - postfix::virtual { "user@example.com": - ensure => present, - destination => "root", - } - } - -*/ -define postfix::virtual ($ensure="present", $destination) { - line {"${name} ${destination}": - ensure => $ensure, - file => "/etc/postfix/virtual", - line => "${name} ${destination}", - notify => Exec["generate /etc/postfix/virtual.db"], - require => Package["postfix"], - } -} diff --git a/manifests/hash.pp b/manifests/hash.pp new file mode 100644 index 0000000..c8bb7c7 --- /dev/null +++ b/manifests/hash.pp @@ -0,0 +1,87 @@ +/* +== Definition: postfix::hash + +Creates postfix hashed "map" files. It will create "${name}", and then build +"${name}.db" using the "postmap" command. The map file can then be referred to +using postfix::config. + +Parameters: +- *name*: the name of the map file. +- *ensure*: present/absent, defaults to present. +- *source*: file source. + +Requires: +- Class["postfix"] + +Example usage: + + node "toto.example.com" { + + include postfix + + postfix::hash { "/etc/postfix/virtual": + ensure => present, + } + postfix::config { "virtual_alias_maps": + value => "hash:/etc/postfix/virtual" + } + } + +*/ +define postfix::hash ($ensure="present", $source = false) { + + # selinux labels differ from one distribution to another + case $operatingsystem { + + RedHat, CentOS: { + case $lsbmajdistrelease { + "4": { $postfix_seltype = "etc_t" } + "5": { $postfix_seltype = "postfix_etc_t" } + default: { $postfix_seltype = undef } + } + } + + default: { + $postfix_seltype = undef + } + } + + case $source { + false: { + file {"${name}": + ensure => $ensure, + mode => 600, + owner => root, + group => root, + seltype => $postfix_seltype, + require => Package["postfix"], + } + } + default: { + file {"${name}": + ensure => $ensure, + mode => 600, + owner => root, + group => root, + source => $source, + seltype => $postfix_seltype, + require => Package["postfix"], + } + } + } + + file {"${name}.db": + ensure => $ensure, + mode => 600, + require => [File["${name}"], Exec["generate ${name}.db"]], + seltype => $postfix_seltype, + } + + exec {"generate ${name}.db": + command => "postmap ${name}", + #creates => "${name}.db", # this prevents postmap from being run ! + subscribe => File["${name}"], + refreshonly => true, + require => Package["postfix"], + } +} diff --git a/manifests/header_checks.pp b/manifests/header_checks.pp new file mode 100644 index 0000000..071f6b0 --- /dev/null +++ b/manifests/header_checks.pp @@ -0,0 +1,57 @@ +# +# == Class: postfix::header_checks +# +# Manages Postfix header_checks by merging snippets shipped: +# - in the module's files/header_checks.d/ or puppet:///files/etc/postfix/header_checks.d +# (the latter takes precedence if present); site-postfix module is supported +# as well, see the source argument of file {"$postfix_header_checks_snippets_dir" +# bellow for details. +# - via postfix::header_checks_snippet defines +# +# Example usage: +# +# node "toto.example.com" { +# $postfix_manage_header_checks = yes +# include postfix +# } +# +class postfix::header_checks { + + include common::moduledir + module_dir{'postfix/header_checks': } + + $postfix_header_checks_dir = "${common::moduledir::module_dir_path}/postfix/header_checks" + $postfix_header_checks_snippets_dir = "${postfix_header_checks_dir}/header_checks.d" + $postfix_merged_header_checks = "${postfix_header_checks_dir}/merged_header_checks" + + file {"$postfix_header_checks_snippets_dir": + ensure => 'directory', + owner => 'root', + group => '0', + mode => '700', + source => [ + "puppet:///modules/site-postfix/${fqdn}/header_checks.d", + "puppet:///modules/site-postfix/header_checks.d", + "puppet:///files/etc/postfix/header_checks.d", + "puppet:///modules/postfix/header_checks.d", + ], + recurse => true, + purge => false, + } + + concatenated_file { "$postfix_merged_header_checks": + dir => "${postfix_header_checks_snippets_dir}", + require => File["$postfix_header_checks_snippets_dir"], + } + + config_file { '/etc/postfix/header_checks': + source => "$postfix_merged_header_checks", + subscribe => File["$postfix_merged_header_checks"], + } + + postfix::config { "header_checks": + value => 'regexp:/etc/postfix/header_checks', + require => File['/etc/postfix/header_checks'], + } + +} diff --git a/manifests/header_checks_snippet.pp b/manifests/header_checks_snippet.pp new file mode 100644 index 0000000..454d219 --- /dev/null +++ b/manifests/header_checks_snippet.pp @@ -0,0 +1,67 @@ +/* +== Definition: postfix::header_checks_snippet + +Adds a header_checks snippets to /etc/postfix/header_checks. +See the postfix::header_checks class for details. + +Parameters: +- *source* or *content*: source or content of the header_checks snippet +- *ensure*: present (default) or absent + +Requires: +- Class["postfix"] + +Example usage: + + node "toto.example.com" { + include postfix + postfix::header_checks { + 'wrong_date': content => 'FIXME'; + 'bla': source => 'puppet:///files/etc/postfix/header_checks.d/bla'; + } + } + +*/ + +define postfix::header_checks_snippet ( + $ensure = "present", + $source = '', + $content = undef +) { + + if $source == '' and $content == undef { + fail("One of \$source or \$content must be specified for postfix::header_checks_snippet ${name}") + } + + if $source != '' and $content != undef { + fail("Only one of \$source or \$content must specified for postfix::header_checks_snippet ${name}") + } + + if ($value == false) and ($ensure == "present") { + fail("The value parameter must be set when using the postfix::header_checks_snippet define with ensure=present.") + } + + include postfix::header_checks + + $snippetfile = "${postfix::header_checks::postfix_header_checks_snippets_dir}/${name}" + + file { "$snippetfile": + ensure => "$ensure", + mode => 600, + owner => root, + group => 0, + notify => Exec["concat_${postfix::header_checks::postfix_merged_header_checks}"], + } + + if $source { + File["$snippetfile"] { + source => $source, + } + } + else { + File["$snippetfile"] { + content => $content, + } + } + +} diff --git a/manifests/init.pp b/manifests/init.pp index 6cc1969..63a50b9 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,2 +1,178 @@ -import "classes/*.pp" -import "definitions/*.pp" +# +# == Class: postfix +# +# This class provides a basic setup of postfix with local and remote +# delivery and an SMTP server listening on the loopback interface. +# +# Parameters: +# - *$postfix_smtp_listen*: address on which the smtp service will listen to. defaults to 127.0.0.1 +# - *$root_mail_recipient*: who will recieve root's emails. defaults to "nobody" +# +# Example usage: +# +# node "toto.example.com" { +# $postfix_smtp_listen = "192.168.1.10" +# include postfix +# } +# +class postfix { + + # selinux labels differ from one distribution to another + case $operatingsystem { + + RedHat, CentOS: { + case $lsbmajdistrelease { + "4": { $postfix_seltype = "etc_t" } + "5": { $postfix_seltype = "postfix_etc_t" } + default: { $postfix_seltype = undef } + } + } + + default: { + $postfix_seltype = undef + } + } + + # Default value for various options + case $postfix_smtp_listen { + "": { $postfix_smtp_listen = "127.0.0.1" } + } + case $root_mail_recipient { + "": { $root_mail_recipient = "nobody" } + } + case $postfix_anon_sasl { + "": { $postfix_anon_sasl = "no" } + } + case $postfix_manage_header_checks { + "": { $postfix_manage_header_checks = "no" } + } + case $postfix_manage_tls_policy { + "": { $postfix_manage_tls_policy = "no" } + } + case $postfix_use_amavisd { + "": { $postfix_use_amavisd = "no" } + } + case $postfix_use_dovecot_lda { + "": { $postfix_use_dovecot_lda = "no" } + } + case $postfix_use_schleuder { + "": { $postfix_use_schleuder = "no" } + } + case $postfix_use_sympa { + "": { $postfix_use_sympa = "no" } + } + case $postfix_mastercf_tail { + "": { $postfix_mastercf_tail = "" } + } + case $postfix_inet_interfaces { + "": { $postfix_inet_interfaces = 'all' } + } + case $postfix_myorigin { + "": { $postfix_myorigin = $fqdn } + } + + # Bootstrap moduledir + include common::moduledir + module_dir{'postfix': } + + # Include optional classes + if $postfix_anon_sasl == 'yes' { + include postfix::anonsasl + } + if $postfix_manage_header_checks == 'yes' { + include postfix::header_checks + } + if $postfix_manage_tls_policy == 'yes' { + include postfix::tlspolicy + } + if $postfix_use_amavisd == 'yes' { + include postfix::amavis + } + + package { ["postfix", "mailx"]: + ensure => installed + } + + if $operatingsystem == 'debian' { + Package[mailx] { name => 'bsd-mailx' } + } + + service { "postfix": + ensure => running, + require => Package["postfix"], + } + + file { "/etc/mailname": + ensure => present, + content => "${fqdn}\n", + seltype => $postfix_seltype, + } + + # Aliases + file { "/etc/aliases": + ensure => present, + content => "# file managed by puppet\n", + replace => false, + seltype => $postfix_seltype, + notify => Exec["newaliases"], + } + + # Aliases + exec { "newaliases": + command => "/usr/bin/newaliases", + refreshonly => true, + require => Package["postfix"], + subscribe => File["/etc/aliases"], + } + + # Config files + file { "/etc/postfix/master.cf": + ensure => present, + owner => "root", + group => "root", + mode => "0644", + content => $operatingsystem ? { + Redhat => template("postfix/master.cf.redhat5.erb"), + CentOS => template("postfix/master.cf.redhat5.erb"), + Debian => template("postfix/master.cf.debian-$lsbdistcodename.erb"), + Ubuntu => template("postfix/master.cf.debian-etch.erb"), + }, + seltype => $postfix_seltype, + notify => Service["postfix"], + require => Package["postfix"], + } + + # Config files + file { "/etc/postfix/main.cf": + ensure => present, + owner => "root", + group => "root", + mode => "0644", + source => "puppet:///modules/postfix/main.cf", + replace => false, + seltype => $postfix_seltype, + notify => Service["postfix"], + require => Package["postfix"], + } + + # Default configuration parameters + postfix::config { + "myorigin": value => "${postfix_myorigin}"; + "alias_maps": value => "hash:/etc/aliases"; + "inet_interfaces": value => "${postfix_inet_interfaces}"; + } + + case $operatingsystem { + RedHat, CentOS: { + postfix::config { + "sendmail_path": value => "/usr/sbin/sendmail.postfix"; + "newaliases_path": value => "/usr/bin/newaliases.postfix"; + "mailq_path": value => "/usr/bin/mailq.postfix"; + } + } + } + + postfix::mailalias {"root": + recipient => $root_mail_recipient, + } +} diff --git a/manifests/mailalias.pp b/manifests/mailalias.pp new file mode 100644 index 0000000..cd1af50 --- /dev/null +++ b/manifests/mailalias.pp @@ -0,0 +1,32 @@ +/* +== Definition: postfix::mailalias + +Wrapper around Puppet mailalias resource, provides newaliases executable. + +Parameters: +- *name*: the name of the alias. +- *ensure*: present/absent, defaults to present. +- *recipient*: recipient of the alias. + +Requires: +- Class["postfix"] + +Example usage: + + node "toto.example.com" { + + include postfix + + postfix::mailalias { "postmaster": + ensure => present, + recipient => 'foo' + } + +*/ +define postfix::mailalias ($ensure = 'present', $recipient) { + mailalias { "${name}": + ensure => $ensure, + recipient => $recipient, + notify => Exec['newaliases'] + } +} diff --git a/manifests/mailman.pp b/manifests/mailman.pp new file mode 100644 index 0000000..cba0848 --- /dev/null +++ b/manifests/mailman.pp @@ -0,0 +1,36 @@ +# +# == Class: postfix::mailman +# +# Configures a basic smtp server, able to work for the mailman mailing-list +# manager. +# +# Parameters: +# - every global variable which works for class "postfix" will work here. +# +# Example usage: +# +# node "toto.example.com" { +# include mailman +# include postfix::mailman +# } +# +class postfix::mailman { + $postfix_smtp_listen = "0.0.0.0" + include postfix + + postfix::config { + "mydestination": value => ""; + "virtual_alias_maps": value => "hash:/etc/postfix/virtual"; + "transport_maps": value => "hash:/etc/postfix/transport"; + "mailman_destination_recipient_limit": value => "1", nonstandard => true; + } + + postfix::hash { "/etc/postfix/virtual": + ensure => present, + } + + postfix::hash { "/etc/postfix/transport": + ensure => present, + } + +} diff --git a/manifests/mta.pp b/manifests/mta.pp new file mode 100644 index 0000000..c36c0bc --- /dev/null +++ b/manifests/mta.pp @@ -0,0 +1,61 @@ +# +# == Class: postfix::mta +# +# This class configures a minimal MTA, listening on +# $postfix_smtp_listen (default to localhost) and delivering mail to +# $postfix_mydestination (default to $fqdn). +# +# A valid relay host is required ($postfix_relayhost) for outbound email. +# +# transport & virtual maps get configured and can be populated with +# postfix::transport and postfix::virtual +# +# Parameters: +# - *$postfix_relayhost* +# - *$postfix_mydestination* +# - every global variable which works for class "postfix" will work here. +# +# Example usage: +# +# node "toto.example.com" { +# $postfix_relayhost = "mail.example.com" +# $postfix_smtp_listen = "0.0.0.0" +# $postfix_mydestination = "\$myorigin, myapp.example.com" +# +# include postfix::mta +# +# postfix::transport { "myapp.example.com": +# ensure => present, +# destination => "local:", +# } +# } +# +class postfix::mta { + + #case $postfix_relayhost { + # "": { fail("Required \$postfix_relayhost variable is not defined.") } + #} + + case $postfix_mydestination { + "": { $postfix_mydestination = "\$myorigin" } + } + + include postfix + + postfix::config { + "mydestination": value => $postfix_mydestination; + "mynetworks": value => "127.0.0.0/8"; + "relayhost": value => $postfix_relayhost; + "virtual_alias_maps": value => "hash:/etc/postfix/virtual"; + "transport_maps": value => "hash:/etc/postfix/transport"; + } + + postfix::hash { "/etc/postfix/virtual": + ensure => present, + } + + postfix::hash { "/etc/postfix/transport": + ensure => present, + } + +} diff --git a/manifests/satellite.pp b/manifests/satellite.pp new file mode 100644 index 0000000..cb92a9f --- /dev/null +++ b/manifests/satellite.pp @@ -0,0 +1,38 @@ +# +# == Class: postfix::satellite +# +# This class configures all local email (cron, mdadm, etc) to be forwarded +# to $root_mail_recipient, using $postfix_relayhost as a relay. +# +# $valid_fqdn can be set to override $fqdn in the case where the FQDN is +# not recognized as valid by the destination server. +# +# Parameters: +# - *valid_fqdn* +# - every global variable which works for class "postfix" will work here. +# +# Example usage: +# +# node "toto.local.lan" { +# $postfix_relayhost = "mail.example.com" +# $valid_fqdn = "toto.example.com" +# $root_mail_recipient = "the.sysadmin@example.com" +# +# include postfix::satellite +# } +# +class postfix::satellite { + + # If $valid_fqdn exists, use it to override $fqdn + case $valid_fqdn { + "": { $valid_fqdn = $fqdn } + default: { $fqdn = "${valid_fqdn}" } + } + + include postfix::mta + + postfix::virtual {"@${valid_fqdn}": + ensure => present, + destination => "root", + } +} diff --git a/manifests/tlspolicy.pp b/manifests/tlspolicy.pp new file mode 100644 index 0000000..633c380 --- /dev/null +++ b/manifests/tlspolicy.pp @@ -0,0 +1,71 @@ +# +# == Class: postfix::tlspolicy +# +# Manages Postfix TLS policy by merging policy snippets shipped: +# - in the module's files/tls_policy.d/ or puppet:///files/etc/postfix/tls_policy.d +# (the latter takes precedence if present); site-postfix module is supported +# as well, see the source argument of file {"$postfix_tlspolicy_snippets_dir" +# bellow for details. +# - via postfix::tlspolicy_snippet defines +# +# Parameters: +# - $postfix_tls_fingerprint_digest (defaults to sha1) +# +# Example usage: +# +# node "toto.example.com" { +# $postfix_manage_tls_policy = yes +# include postfix +# } +# +class postfix::tlspolicy { + + # Default value for parameters + case $postfix_tls_fingerprint_digest { + "": { $postfix_tls_fingerprint_digest = 'sha1' } + } + + include common::moduledir + module_dir{'postfix/tls_policy': } + + $postfix_tlspolicy_dir = "${common::moduledir::module_dir_path}/postfix/tls_policy" + $postfix_tlspolicy_snippets_dir = "${postfix_tlspolicy_dir}/tls_policy.d" + $postfix_merged_tlspolicy = "${postfix_tlspolicy_dir}/merged_tls_policy" + + file {"$postfix_tlspolicy_snippets_dir": + ensure => 'directory', + owner => 'root', + group => '0', + mode => '700', + source => [ + "puppet:///modules/site-postfix/${fqdn}/tls_policy.d", + "puppet:///modules/site-postfix/tls_policy.d", + "puppet:///modules/postfix/tls_policy.d", + ], + recurse => true, + purge => false, + } + + concatenated_file { "$postfix_merged_tlspolicy": + dir => "${postfix_tlspolicy_snippets_dir}", + require => File["$postfix_tlspolicy_snippets_dir"], + } + + postfix::hash { '/etc/postfix/tls_policy': + source => "$postfix_merged_tlspolicy", + subscribe => File["$postfix_merged_tlspolicy"], + } + + postfix::config { + 'smtp_tls_fingerprint_digest': value => "$postfix_tls_fingerprint_digest"; + } + + postfix::config { 'smtp_tls_policy_maps': + value => 'hash:/etc/postfix/tls_policy', + require => [ + Postfix::Hash['/etc/postfix/tls_policy'], + Postfix::Config['smtp_tls_fingerprint_digest'], + ], + } + +} diff --git a/manifests/tlspolicy_snippet.pp b/manifests/tlspolicy_snippet.pp new file mode 100644 index 0000000..2596dbc --- /dev/null +++ b/manifests/tlspolicy_snippet.pp @@ -0,0 +1,47 @@ +/* +== Definition: postfix::tlspolicy_snippet + +Adds a TLS policy snippets to /etc/postfix/tls_policy.d/. +See the postfix::tlspolicy class for details. + +Parameters: +- *name*: name of destination domain Postfix will lookup. See TLS_README. +- *value*: right-hand part of the tls_policy map +- *ensure*: present/absent, defaults to present. + +Requires: +- Class["postfix"] +- Class["postfix::tlspolicy"] + +Example usage: + + node "toto.example.com" { + $postfix_manage_tls_policy = yes + include postfix + postfix::tlspolicy_snippet { + 'example.com': value => 'encrypt'; + '.example.com': value => 'encrypt'; + 'nothing.com': value => 'fingerprint match=2A:FF:F0:EC:52:04:99:45:73:1B:C2:22:7F:FD:31:6B:8F:07:43:29'; + } + } + +*/ + +define postfix::tlspolicy_snippet ($ensure="present", $value = false) { + + include postfix::tlspolicy + + if ($value == false) and ($ensure == "present") { + fail("The value parameter must be set when using the postfix::tlspolicy_snippet define with ensure=present.") + } + + file { "${postfix::tlspolicy::postfix_tlspolicy_snippets_dir}/${name}": + ensure => "$ensure", + content => "${name} ${value}\n", + mode => 600, + owner => root, + group => 0, + notify => Exec["concat_${postfix::tlspolicy::postfix_merged_tlspolicy}"], + } + +} diff --git a/manifests/transport.pp b/manifests/transport.pp new file mode 100644 index 0000000..5ca5554 --- /dev/null +++ b/manifests/transport.pp @@ -0,0 +1,44 @@ +/* +== Definition: postfix::transport + +Manages content of the /etc/postfix/transport map. + +Parameters: +- *name*: name of address postfix will lookup. See transport(5). +- *destination*: where the emails will be delivered to. See transport(5). +- *ensure*: present/absent, defaults to present. + +Requires: +- Class["postfix"] +- Postfix::Hash["/etc/postfix/transport"] +- Postfix::Config["transport_maps"] +- common::line (from module common) + +Example usage: + + node "toto.example.com" { + + include postfix + + postfix::hash { "/etc/postfix/transport": + ensure => present, + } + postfix::config { "transport_maps": + value => "hash:/etc/postfix/transport" + } + postfix::transport { "mailman.example.com": + ensure => present, + destination => "mailman", + } + } + +*/ +define postfix::transport ($ensure="present", $destination) { + line {"${name} ${destination}": + ensure => $ensure, + file => "/etc/postfix/transport", + line => "${name} ${destination}", + notify => Exec["generate /etc/postfix/transport.db"], + require => Package["postfix"], + } +} diff --git a/manifests/virtual.pp b/manifests/virtual.pp new file mode 100644 index 0000000..8fcd53a --- /dev/null +++ b/manifests/virtual.pp @@ -0,0 +1,44 @@ +/* +== Definition: postfix::virtual + +Manages content of the /etc/postfix/virtual map. + +Parameters: +- *name*: name of address postfix will lookup. See virtual(8). +- *destination*: where the emails will be delivered to. See virtual(8). +- *ensure*: present/absent, defaults to present. + +Requires: +- Class["postfix"] +- Postfix::Hash["/etc/postfix/virtual"] +- Postfix::Config["virtual_alias_maps"] +- common::line (from module common) + +Example usage: + + node "toto.example.com" { + + include postfix + + postfix::hash { "/etc/postfix/virtual": + ensure => present, + } + postfix::config { "virtual_alias_maps": + value => "hash:/etc/postfix/virtual" + } + postfix::virtual { "user@example.com": + ensure => present, + destination => "root", + } + } + +*/ +define postfix::virtual ($ensure="present", $destination) { + line {"${name} ${destination}": + ensure => $ensure, + file => "/etc/postfix/virtual", + line => "${name} ${destination}", + notify => Exec["generate /etc/postfix/virtual.db"], + require => Package["postfix"], + } +} -- cgit v1.2.3