# # == Class: postfix # # This class provides a basic setup of postfix with local and remote # delivery and an SMTP server listening on the loopback interface. # # Parameters: # - *$smtp_listen*: address on which the smtp service will listen to. defaults to 127.0.0.1 # - *$root_mail_recipient*: who will recieve root's emails. defaults to "nobody" # - *$anon_sasl*: set $anon_sasl="yes" to hide the originating IP in email # - *$manage_header_checks*: manage header checks # - *$manage_tls_policy*: manage tls policy # - *$manage_transport_regexp*: manage transport regexps # - *$manage_virtual_regexp*: manage virtual regexps # - *$tls_fingerprint_digest*: fingerprint digest for tls policy class # - *$use_amavisd*: set to "yes" to configure amavis # - *$use_dovecot_lda*: include dovecot declaration at master.cf # - *$use_schleuder*: whether to include schleuder portion at master.cf # - *$use_sympa*: whether to include sympa portion at master.cf # - *$use_firma*: whether to include firma portion at master.cf # - *$use_mlmmj*: whether to include mlmmj portion at master.cf # - *$use_submission*: set to "yes" to enable submission section at master.cf # - *$use_smtps*: set to "yes" to enable smtps section at master.cf # - *$mastercf_tail*: set this for additional content to be added at the end of master.cf # - *$inet_interfaces*: which inet interface postfix should listen on # - *$myorigin*: sets postfix $myorigin configuration # # Example usage: # # node "toto.example.com" { # class { 'postfix': # smtp_listen => "192.168.1.10" # } # } # class postfix( $smtp_listen = '127.0.0.1', $root_mail_recipient = 'nobody', $anon_sasl = 'no', $manage_header_checks = 'no', $manage_tls_policy = 'no', $manage_transport_regexp = 'no', $manage_virtual_regexp = 'no', $tls_fingerprint_digest = 'sha1', $use_amavisd = 'no', $use_dovecot_lda = 'no', $use_schleuder = 'no', $use_sympa = 'no', $use_firma = 'no', $use_mlmmj = 'no', $use_submission = 'no', $use_smtps = 'no', $use_spf = 'no', $mastercf_tail = '', $inet_interfaces = 'all', $myorigin = $::fqdn, $default_alias_maps = true, $dovecot_extension = '-m ${extension}', ) { case $::operatingsystem { 'RedHat', 'CentOS': { $master_cf_template = 'postfix/master.cf.redhat5.erb' # selinux labels differ from one distribution to another case $::operatingsystemmajrelease { '4': { $postfix_seltype = 'etc_t' } '5': { $postfix_seltype = 'postfix_etc_t' } default: { $postfix_seltype = undef } } postfix::config { 'sendmail_path': value => '/usr/sbin/sendmail.postfix'; 'newaliases_path': value => '/usr/bin/newaliases.postfix'; 'mailq_path': value => '/usr/bin/mailq.postfix'; } } 'Debian': { $master_cf_template = "postfix/master.cf.debian-${::operatingsystemmajrelease}.erb" $postfix_seltype = undef } 'Ubuntu': { $master_cf_template = 'postfix/master.cf.debian-sid.erb' $postfix_seltype = undef } default: { $postfix_seltype = undef $master_cf_template = undef } } # Bootstrap moduledir include common::moduledir common::module_dir{'postfix': } # Include optional classes if $anon_sasl == 'yes' { include postfix::anonsasl } # this global variable needs to get parameterized as well if $manage_header_checks == 'yes' { include postfix::header_checks } if $manage_tls_policy == 'yes' { class { 'postfix::tlspolicy': fingerprint_digest => $tls_fingerprint_digest, } } if $use_amavisd == 'yes' { include postfix::amavis } if $manage_transport_regexp == 'yes' { include postfix::transport_regexp } if $manage_virtual_regexp == 'yes' { include postfix::virtual_regexp } group { 'postfix': ensure => present, } user { 'postfix': ensure => present, gid => 'postfix', require => Group['postfix'], } package { 'postfix': ensure => installed, require => [ Group['postfix'], User['postfix'], ], } if !defined(Package['mailx']) { package { 'mailx': ensure => installed, name => $::operatingsystem ? { debian => 'bsd-mailx', default => 'mailx', }, } } service { 'postfix': ensure => running, require => Package['postfix'], } file { '/etc/mailname': ensure => present, content => "${::fqdn}\n", seltype => $postfix_seltype, } # Aliases file { '/etc/aliases': ensure => present, content => "# file managed by puppet\n", replace => false, seltype => $postfix_seltype, notify => Exec['newaliases'], } # Aliases exec { 'newaliases': command => '/usr/bin/newaliases', refreshonly => true, require => Package['postfix'], subscribe => File['/etc/aliases'], } # Config files file { '/etc/postfix/master.cf': ensure => present, owner => 'root', group => 'root', mode => '0644', content => template($master_cf_template), seltype => $postfix_seltype, notify => Service['postfix'], require => Package['postfix'], } # Config files file { '/etc/postfix/main.cf': ensure => present, owner => 'root', group => 'root', mode => '0644', source => 'puppet:///modules/postfix/main.cf', replace => false, seltype => $postfix_seltype, notify => Service['postfix'], require => Package['postfix'], } # Default configuration parameters if $default_alias_maps { postfix::config { 'alias_maps': value => 'hash:/etc/aliases'; } } postfix::config { 'myorigin': value => $myorigin; 'inet_interfaces': value => $inet_interfaces; } postfix::mailalias {'root': recipient => $root_mail_recipient, } }