Modified the module to accord with best practices.

2011-04-20 11:42:48 +03:00 · 2011-04-20 11:42:48 +03:00 · 2654e6ef77
commit 2654e6ef77
parent 3c2f8981f8
2 changed files with 32 additions and 18 deletions
--- a/dovecot/manifests/init.pp
+++ b/dovecot/manifests/init.pp
@ -12,11 +12,19 @@ class dovecot::common {
    }
 }

-define dovecot::server($mx_mailname="", $ssl_csr="", $ssl_cert="", $ssl_key="", $ssl_chain="") {
+# Variables
+# dovecot_mail_domain = foo.invalid
+# dovecot_mx_mailname = mail.foo.invalid
+# dovecot_ssl_csr = puppet:///private/foo.invalid.csr
+# dovecot_ssl_cert = puppet:///private/foo.invalid.crt
+# dovecot_ssl_key = puppet:///private/foo.invalid.key
+# dovecot_ssl_chain = puppet:///private/foo.invalid.chain.crt
+
+class dovecot::server inherits dovecot::common {

    case $operatingsystem {
        centos,fedora: {
-            $ssl_dir = "/etc/pki/tls"
+            $dovecot_ssl_dir = "/etc/pki/tls"
        }
        default: {
            fail("Dovecot module not supported in ${operatingsystem}.")
@ -29,15 +37,21 @@ define dovecot::server($mx_mailname="", $ssl_csr="", $ssl_cert="", $ssl_key="",
        require => File["/etc/dovecot.conf"],
    }

-    $mail_domain = $name ? {
-        "default" => "${homename}",
-        default   => "${name}",
+    if $dovecot_ssl_csr {
+        file { "$dovecot_ssl_dir/private/${dovecot_mx_mailname}.csr":
+            ensure => present,
+            source => $dovecot_ssl_csr,
+            mode   => 0640,
+            owner  => root,
+            group  => root,
+            notify => Service["dovecot"],
+        }
    }

-    if $ssl_chain {
-        file { "$ssl_dir/certs/${mx_mailname}.chain.crt":
+    if $dovecot_ssl_chain {
+        file { "$dovecot_ssl_dir/certs/${dovecot_mx_mailname}.chain.crt":
            ensure => present,
-            source => $ssl_chain,
+            source => $dovecot_ssl_chain,
            mode   => 0644,
            owner  => root,
            group  => root,
@ -45,10 +59,10 @@ define dovecot::server($mx_mailname="", $ssl_csr="", $ssl_cert="", $ssl_key="",
        }
    }

-    if $ssl_cert {
-        file { "$ssl_dir/certs/${mx_mailname}.crt":
+    if $dovecot_ssl_cert {
+        file { "$dovecot_ssl_dir/certs/${dovecot_mx_mailname}.crt":
            ensure => present,
-            source => $ssl_cert,
+            source => $dovecot_ssl_cert,
            mode   => 0644,
            owner  => root,
            group  => root,
@ -58,10 +72,10 @@ define dovecot::server($mx_mailname="", $ssl_csr="", $ssl_cert="", $ssl_key="",
        fail("You need to define an ssl_cert in your node manifest.")
    }

-    if $ssl_key {
-        file { "$ssl_dir/private/${mx_mailname}.key":
+    if $dovecot_ssl_key {
+        file { "$dovecot_ssl_dir/private/${dovecot_mx_mailname}.key":
            ensure => present,
-            source => $ssl_key,
+            source => $dovecot_ssl_key,
            mode   => 0600,
            owner  => root,
            group  => root,
--- a/dovecot/templates/dovecot.conf.erb
+++ b/dovecot/templates/dovecot.conf.erb
@ -1,8 +1,8 @@
 protocols = imaps
 disable_plaintext_auth = yes
-ssl_cert_file = <%= ssl_dir %>/certs/<%= mx_mailname %>.crt
-ssl_key_file = <%= ssl_dir %>/private/<%= mx_mailname %>.key
-ssl_ca_file = <%= ssl_dir %>/certs/<%= mx_mailname %>.chain.crt
+ssl_cert_file = <%= dovecot_ssl_dir %>/certs/<%= dovecot_mx_mailname %>.crt
+ssl_key_file = <%= dovecot_ssl_dir %>/private/<%= dovecot_mx_mailname %>.key
+ssl_ca_file = <%= dovecot_ssl_dir %>/certs/<%= dovecot_mx_mailname %>.chain.crt
 login_chroot = yes
 login_user = dovecot
 login_max_processes_count = 256
@ -18,7 +18,7 @@ protocol imap {
 protocol pop3 {
 }
 protocol lda {
-  postmaster_address = postmaster@<%= mail_domain %>
+  postmaster_address = postmaster@<%= dovecot_mail_domain %>
 }
 auth default {
  mechanisms = plain