tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Sendmail server support and dovecot improvements.

Browse source
This commit is contained in:
Lari Huttunen 2011-04-21 12:32:59 +03:00 committed by Timo Mkinen
parent 4438b4f782
commit 42cec9dbf4
4 changed files with 157 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
dovecot/manifests/init.pp
View file

@ -16,16 +16,14 @@ class dovecot::common {
#
# $dovecot_mail_domain:
# Mail domain name.
# $dovecot_mx_mailname:
# MX mail name.
# $dovecot_ssl_csr:
# Puppet source for the CSR file.
# $dovecot_ssl_cert:
# Puppet source for the X.509 certificate.
# $dovecot_ssl_key:
# Puppet source for the X.509 key.
# $dovecot_ssl_chain:
# Puppet source for the optional X.509 chain certificate.
# $dovecot_ssl_ca:
# Puppet source for the optional X.509 ca certificate.
class dovecot::server inherits dovecot::common {
@ -45,7 +43,7 @@ class dovecot::server inherits dovecot::common {
}
if $dovecot_ssl_csr {
file { "$dovecot_ssl_dir/private/${dovecot_mx_mailname}.csr":
file { "$dovecot_ssl_dir/private/dovecot.csr":
ensure => present,
source => $dovecot_ssl_csr,
mode => 0640,
@ -55,10 +53,10 @@ class dovecot::server inherits dovecot::common {
}
}
if $dovecot_ssl_chain {
file { "$dovecot_ssl_dir/certs/${dovecot_mx_mailname}.chain.crt":
if $dovecot_ssl_ca {
file { "$dovecot_ssl_dir/certs/dovecot.ca.crt":
ensure => present,
source => $dovecot_ssl_chain,
source => $dovecot_ssl_ca,
mode => 0644,
owner => root,
group => root,
@ -67,7 +65,7 @@ class dovecot::server inherits dovecot::common {
}
if $dovecot_ssl_cert {
file { "$dovecot_ssl_dir/certs/${dovecot_mx_mailname}.crt":
file { "$dovecot_ssl_dir/certs/dovecot.crt":
ensure => present,
source => $dovecot_ssl_cert,
mode => 0644,
@ -80,7 +78,7 @@ class dovecot::server inherits dovecot::common {
}
if $dovecot_ssl_key {
file { "$dovecot_ssl_dir/private/${dovecot_mx_mailname}.key":
file { "$dovecot_ssl_dir/private/dovecot.key":
ensure => present,
source => $dovecot_ssl_key,
mode => 0600,

8
dovecot/templates/dovecot.conf.erb
View file

@ -1,8 +1,10 @@
protocols = imaps
disable_plaintext_auth = yes
ssl_cert_file = <%= dovecot_ssl_dir %>/certs/<%= dovecot_mx_mailname %>.crt
ssl_key_file = <%= dovecot_ssl_dir %>/private/<%= dovecot_mx_mailname %>.key
ssl_ca_file = <%= dovecot_ssl_dir %>/certs/<%= dovecot_mx_mailname %>.chain.crt
ssl_cert_file = <%= dovecot_ssl_dir %>/certs/dovecot.crt
ssl_key_file = <%= dovecot_ssl_dir %>/private/dovecot.key
<% if has_variable?('dovecot_ssl_ca') -%>
ssl_ca_file = <%= dovecot_ssl_dir %>/certs/dovecot.ca.crt
<% end -%>
login_chroot = yes
login_user = dovecot
login_max_processes_count = 256

110
sendmail/manifests/init.pp
View file

@ -35,8 +35,8 @@ class sendmail::client inherits sendmail::common {
file { "/usr/share/sendmail/cf/submit.mc":
ensure => present,
content => template("sendmail/submit.mc.erb"),
owner => root,
group => bin,
owner => "root",
group => "bin",
mode => 0444,
notify => Exec["make submit.cf"],
}
@ -45,8 +45,8 @@ class sendmail::client inherits sendmail::common {
file { "/etc/mail/submit.mc":
ensure => present,
content => template("sendmail/submit.mc.erb"),
owner => root,
group => root,
owner => "root",
group => "root",
mode => 0644,
notify => Exec["make submit.cf"],
}
@ -68,10 +68,10 @@ class sendmail::client inherits sendmail::common {
file { "/etc/mail/submit.cf":
ensure => present,
owner => root,
owner => "root",
group => $operatingsystem ? {
openbsd => wheel,
default => root,
openbsd => "wheel",
default => "root",
},
mode => 0644,
source => $operatingsystem ? {
@ -82,3 +82,99 @@ class sendmail::client inherits sendmail::common {
}
}
# Configure Sendmail server.
#
# $sendmail_domain:
# SMTP domain name.
class sendmail::server inherits sendmail::common {
case $operatingsystem {
centos,redhat,ubuntu: {
$sendmail_ostype = "linux"
package { ["procmail"]:
ensure => installed,
}
file { "/etc/mail/sendmail.mc":
ensure => present,
content => template("sendmail/sendmail.mc.erb"),
owner => "root",
group => "root",
mode => 0644,
notify => Exec["make sendmail.cf"],
}
file { "/etc/aliases":
ensure => present,
notify => Exec["newaliases"],
owner => "root",
group => "root",
mode => 0644,
}
file { "/etc/sysconfig/sendmail":
ensure => present,
content => "DAEMON=yes\nQUEUE=1h\n",
owner => "root",
group => "root",
mode => 0644,
notify => Service["sendmail"],
}
} openbsd: {
$sendmail_os_type = "openbsd"
file { "/usr/share/sendmail/cf/sendmail.mc":
ensure => present,
content => template("sendmail/sendmail.mc.erb"),
owner => "root",
group => "bin",
mode => 0444,
notify => Exec["make sendmail.cf"],
}
file { "/etc/aliases":
ensure => present,
notify => Exec["newaliases"],
owner => "root",
group => "wheel",
mode => 0644,
}
}
}
exec { "make sendmail.cf":
path => "/bin:/usr/bin:/sbin:/usr/sbin",
cwd => $operatingsystem ? {
openbsd => "/usr/share/sendmail/cf",
default => "/etc/mail",
},
require => $operatingsystem ? {
openbsd => undef,
default => Package["sendmail-cf"],
},
refreshonly => true,
}
file { "/etc/mail/sendmail.cf":
ensure => present,
owner => "root",
group => $operatingsystem ? {
openbsd => "wheel",
default => "root",
},
mode => 0644,
source => $operatingsystem ? {
openbsd => "/usr/share/sendmail/cf/sendmail.cf",
default => undef,
},
require => Exec["make sendmail.cf"],
notify => Service["sendmail"],
}
service { "sendmail":
ensure => running,
enable => true,
require => File["/etc/mail/sendmail.cf"],
}
exec { "newaliases":
path => "/bin:/usr/bin:/sbin:/usr/sbin",
refreshonly => true,
}
}

41
sendmail/templates/sendmail.mc.erb Normal file
View file

@ -0,0 +1,41 @@
divert(-1)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for <%= sendmail_ostype %>')dnl
OSTYPE(`<%= sendmail_ostype %>')dnl
define(`confDEF_USER_ID', ``8:12'')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST', `True')dnl
define(`confDONT_PROBE_INTERFACES', `True')dnl
define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/var/log/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confTO_IDENT', `0')dnl
FEATURE(`no_default_msa', `dnl')dnl
FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`genericstable', `hash -o /etc/mail/genericstable.db')dnl
GENERICS_DOMAIN_FILE(`/etc/mail/local-host-names')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
FEATURE(`accept_unresolvable_domains')dnl
LOCAL_DOMAIN(`localhost.localdomain')dnl
MASQUERADE_AS(`<%= sendmail_domain %>')dnl
FEATURE(masquerade_envelope)dnl
FEATURE(allmasquerade)dnl
define(`confMATCH_GECOS')dnl
define(`confDOMAIN_NAME', `<%= sendmail_domain %>')dnl
define(`confDONT_BLAME_SENDMAIL', `GroupWritableDirpathSafe,GroupWritableIncludeFileSafe,GroupWritableForwardFile,ForwardFileInGroupWritableDirPath')dnl
FEATURE(masquerade_entire_domain)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl