tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Modified the module to accord with best practices.

Browse source
This commit is contained in:
Lari Huttunen 2011-04-20 11:42:48 +03:00 committed by Timo Mkinen
parent 3c2f8981f8
commit 2654e6ef77
2 changed files with 32 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
dovecot/manifests/init.pp
View file

@ -12,11 +12,19 @@ class dovecot::common {
} }
} }
define dovecot::server($mx_mailname="", $ssl_csr="", $ssl_cert="", $ssl_key="", $ssl_chain="") { # Variables
# dovecot_mail_domain = foo.invalid
# dovecot_mx_mailname = mail.foo.invalid
# dovecot_ssl_csr = puppet:///private/foo.invalid.csr
# dovecot_ssl_cert = puppet:///private/foo.invalid.crt
# dovecot_ssl_key = puppet:///private/foo.invalid.key
# dovecot_ssl_chain = puppet:///private/foo.invalid.chain.crt
class dovecot::server inherits dovecot::common {
case $operatingsystem { case $operatingsystem {
centos,fedora: { centos,fedora: {
$ssl_dir = "/etc/pki/tls" $dovecot_ssl_dir = "/etc/pki/tls"
} }
default: { default: {
fail("Dovecot module not supported in ${operatingsystem}.") fail("Dovecot module not supported in ${operatingsystem}.")
@ -29,15 +37,21 @@ define dovecot::server($mx_mailname="", $ssl_csr="", $ssl_cert="", $ssl_key="",
require => File["/etc/dovecot.conf"], require => File["/etc/dovecot.conf"],
} }
$mail_domain = $name ? { if $dovecot_ssl_csr {
"default" => "${homename}", file { "$dovecot_ssl_dir/private/${dovecot_mx_mailname}.csr":
default => "${name}", ensure => present,
source => $dovecot_ssl_csr,
mode => 0640,
owner => root,
group => root,
notify => Service["dovecot"],
}
} }
if $ssl_chain { if $dovecot_ssl_chain {
file { "$ssl_dir/certs/${mx_mailname}.chain.crt": file { "$dovecot_ssl_dir/certs/${dovecot_mx_mailname}.chain.crt":
ensure => present, ensure => present,
source => $ssl_chain, source => $dovecot_ssl_chain,
mode => 0644, mode => 0644,
owner => root, owner => root,
group => root, group => root,
@ -45,10 +59,10 @@ define dovecot::server($mx_mailname="", $ssl_csr="", $ssl_cert="", $ssl_key="",
} }
} }
if $ssl_cert { if $dovecot_ssl_cert {
file { "$ssl_dir/certs/${mx_mailname}.crt": file { "$dovecot_ssl_dir/certs/${dovecot_mx_mailname}.crt":
ensure => present, ensure => present,
source => $ssl_cert, source => $dovecot_ssl_cert,
mode => 0644, mode => 0644,
owner => root, owner => root,
group => root, group => root,
@ -58,10 +72,10 @@ define dovecot::server($mx_mailname="", $ssl_csr="", $ssl_cert="", $ssl_key="",
fail("You need to define an ssl_cert in your node manifest.") fail("You need to define an ssl_cert in your node manifest.")
} }
if $ssl_key { if $dovecot_ssl_key {
file { "$ssl_dir/private/${mx_mailname}.key": file { "$dovecot_ssl_dir/private/${dovecot_mx_mailname}.key":
ensure => present, ensure => present,
source => $ssl_key, source => $dovecot_ssl_key,
mode => 0600, mode => 0600,
owner => root, owner => root,
group => root, group => root,

8
dovecot/templates/dovecot.conf.erb
View file

@ -1,8 +1,8 @@
protocols = imaps protocols = imaps
disable_plaintext_auth = yes disable_plaintext_auth = yes
ssl_cert_file = <%= ssl_dir %>/certs/<%= mx_mailname %>.crt ssl_cert_file = <%= dovecot_ssl_dir %>/certs/<%= dovecot_mx_mailname %>.crt
ssl_key_file = <%= ssl_dir %>/private/<%= mx_mailname %>.key ssl_key_file = <%= dovecot_ssl_dir %>/private/<%= dovecot_mx_mailname %>.key
ssl_ca_file = <%= ssl_dir %>/certs/<%= mx_mailname %>.chain.crt ssl_ca_file = <%= dovecot_ssl_dir %>/certs/<%= dovecot_mx_mailname %>.chain.crt
login_chroot = yes login_chroot = yes
login_user = dovecot login_user = dovecot
login_max_processes_count = 256 login_max_processes_count = 256
@ -18,7 +18,7 @@ protocol imap {
protocol pop3 { protocol pop3 {
} }
protocol lda { protocol lda {
postmaster_address = postmaster@<%= mail_domain %> postmaster_address = postmaster@<%= dovecot_mail_domain %>
} }
auth default { auth default {
mechanisms = plain mechanisms = plain