From 77578b93bd98bf0bf9cf69e4fa8da75dcf9c236d Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Thu, 16 Feb 2012 16:51:56 +0100
Subject: put classes and defines in the proper place

To take advantage of puppet's autoloading feature, which will be
mandatory sooner or later. We move all the files in their appropriate
place.
---
 manifests/tlspolicy.pp | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 71 insertions(+)
 create mode 100644 manifests/tlspolicy.pp

(limited to 'manifests/tlspolicy.pp')

diff --git a/manifests/tlspolicy.pp b/manifests/tlspolicy.pp
new file mode 100644
index 0000000..633c380
--- /dev/null
+++ b/manifests/tlspolicy.pp
@@ -0,0 +1,71 @@
+#
+# == Class: postfix::tlspolicy
+#
+# Manages Postfix TLS policy by merging policy snippets shipped:
+# - in the module's files/tls_policy.d/ or puppet:///files/etc/postfix/tls_policy.d
+#   (the latter takes precedence if present); site-postfix module is supported
+#   as well, see the source argument of file {"$postfix_tlspolicy_snippets_dir"
+#   bellow for details.
+# - via postfix::tlspolicy_snippet defines
+#
+# Parameters:
+# - $postfix_tls_fingerprint_digest (defaults to sha1)
+#
+# Example usage:
+# 
+#   node "toto.example.com" {
+#     $postfix_manage_tls_policy = yes
+#     include postfix
+#   }
+#
+class postfix::tlspolicy {
+
+  # Default value for parameters
+  case $postfix_tls_fingerprint_digest {
+    "": { $postfix_tls_fingerprint_digest = 'sha1' }
+  }
+
+  include common::moduledir
+  module_dir{'postfix/tls_policy': }
+
+  $postfix_tlspolicy_dir          = "${common::moduledir::module_dir_path}/postfix/tls_policy"
+  $postfix_tlspolicy_snippets_dir = "${postfix_tlspolicy_dir}/tls_policy.d"
+  $postfix_merged_tlspolicy       = "${postfix_tlspolicy_dir}/merged_tls_policy"
+
+  file {"$postfix_tlspolicy_snippets_dir":
+    ensure  => 'directory',
+    owner   => 'root',
+    group   => '0',
+    mode    => '700',
+    source  => [
+                "puppet:///modules/site-postfix/${fqdn}/tls_policy.d",
+                "puppet:///modules/site-postfix/tls_policy.d",
+                "puppet:///modules/postfix/tls_policy.d",
+               ],
+    recurse => true,
+    purge   => false,
+  }
+
+  concatenated_file { "$postfix_merged_tlspolicy":
+    dir     => "${postfix_tlspolicy_snippets_dir}",
+    require => File["$postfix_tlspolicy_snippets_dir"],
+  }
+
+  postfix::hash { '/etc/postfix/tls_policy':
+    source    => "$postfix_merged_tlspolicy",
+    subscribe => File["$postfix_merged_tlspolicy"],
+  }
+
+  postfix::config {
+    'smtp_tls_fingerprint_digest': value => "$postfix_tls_fingerprint_digest";
+  }
+
+  postfix::config { 'smtp_tls_policy_maps':
+    value   => 'hash:/etc/postfix/tls_policy',
+    require => [
+                Postfix::Hash['/etc/postfix/tls_policy'],
+                Postfix::Config['smtp_tls_fingerprint_digest'],
+               ],
+  }
+
+}
-- 
cgit v1.2.3