tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

dovecot: use ssl module for certificate paths

Browse source
This commit is contained in:
Ossi Salmi 2013-07-29 17:04:16 +03:00
parent ede7c42a11
commit 22c06c3ee3
2 changed files with 32 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

64
dovecot/manifests/init.pp
View file

@ -39,15 +39,6 @@ class dovecot::server inherits dovecot::common {
$dovecot_mailbox_format = "mbox" $dovecot_mailbox_format = "mbox"
} }
case $operatingsystem {
centos,fedora: {
$dovecot_ssl_dir = "/etc/pki/tls"
}
default: {
fail("Dovecot module not supported in ${operatingsystem}.")
}
}
service { "dovecot": service { "dovecot":
ensure => running, ensure => running,
enable => true, enable => true,
@ -76,8 +67,33 @@ class dovecot::server inherits dovecot::common {
require => Package["dovecot"], require => Package["dovecot"],
} }
if ! ($dovecot_ssl_key and $dovecot_ssl_cert) {
fail("Must define \$dovecot_ssl_key and \$dovecot_ssl_cert")
}
include ssl
file { "${ssl::private}/dovecot.key":
ensure => present,
source => $dovecot_ssl_key,
mode => "0600",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
file { "${ssl::certs}/dovecot.crt":
ensure => present,
source => $dovecot_ssl_cert,
mode => "0644",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
if $dovecot_ssl_csr { if $dovecot_ssl_csr {
file { "$dovecot_ssl_dir/private/dovecot.csr": file { "${ssl::private}/dovecot.csr":
ensure => present, ensure => present,
source => $dovecot_ssl_csr, source => $dovecot_ssl_csr,
mode => "0640", mode => "0640",
@ -88,7 +104,7 @@ class dovecot::server inherits dovecot::common {
} }
if $dovecot_ssl_ca { if $dovecot_ssl_ca {
file { "$dovecot_ssl_dir/certs/dovecot.ca.crt": file { "${ssl::certs}/dovecot.ca.crt":
ensure => present, ensure => present,
source => $dovecot_ssl_ca, source => $dovecot_ssl_ca,
mode => "0644", mode => "0644",
@ -98,32 +114,6 @@ class dovecot::server inherits dovecot::common {
} }
} }
if $dovecot_ssl_cert {
file { "$dovecot_ssl_dir/certs/dovecot.crt":
ensure => present,
source => $dovecot_ssl_cert,
mode => "0644",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
} else {
fail("You need to define an ssl_cert in your node manifest.")
}
if $dovecot_ssl_key {
file { "$dovecot_ssl_dir/private/dovecot.key":
ensure => present,
source => $dovecot_ssl_key,
mode => "0600",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
} else {
fail("You need to define an ssl_key in your node manifest.")
}
} }

9
dovecot/templates/puppet.conf.erb
View file

@ -1,12 +1,11 @@
ssl = required ssl = required
ssl_cert = <<%= @dovecot_ssl_dir %>/certs/dovecot.crt ssl_cert = <<%= scope.lookupvar('ssl::certs') %>/dovecot.crt
ssl_key = <<%= @dovecot_ssl_dir %>/private/dovecot.key ssl_key = <<%= scope.lookupvar('ssl::private') %>/dovecot.key
<% if @dovecot_ssl_ca -%> <% if @dovecot_ssl_ca -%>
ssl_ca = <<%= @dovecot_ssl_dir %>/certs/dovecot.ca.crt ssl_ca = <<%= scope.lookupvar('ssl::certs') %>/dovecot.ca.crt
<% end -%> <% end -%>
<% if @dovecot_mailbox_format && @dovecot_mailbox_format == "mdbox" -%> <% if @dovecot_mailbox_format && @dovecot_mailbox_format == "mdbox" -%>
# mdbox settings # mdbox settings
mdbox_rotate_size = 10M mdbox_rotate_size = 10M
mdbox_rotate_interval = 10d mdbox_rotate_interval = 10d