From 6deadc43697e6a82834d9be902957fc66bda6237 Mon Sep 17 00:00:00 2001 From: Ossi Herrala Date: Tue, 11 Dec 2012 14:35:43 +0000 Subject: [PATCH 1/7] Make it possible to inject custom config files to be included in custom order for Dovecot v2.x. Maybe this can replace the 99-local.conf in near future? --- dovecot/files/passdb-pam.conf | 10 ++++++++++ dovecot/manifests/dovecot2.pp | 35 +++++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+) create mode 100644 dovecot/files/passdb-pam.conf diff --git a/dovecot/files/passdb-pam.conf b/dovecot/files/passdb-pam.conf new file mode 100644 index 0000000..353e1de --- /dev/null +++ b/dovecot/files/passdb-pam.conf @@ -0,0 +1,10 @@ +# PAM authentication. Preferred nowadays by most systems. +# PAM is typically used with either userdb passwd or userdb static. +# REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM +# authentication to actually work. +passdb { + driver = pam + # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=] + # [cache_key=] [] + args = session=yes # To trigger pam_mkhomedir +} diff --git a/dovecot/manifests/dovecot2.pp b/dovecot/manifests/dovecot2.pp index 3231398..5eb4307 100644 --- a/dovecot/manifests/dovecot2.pp +++ b/dovecot/manifests/dovecot2.pp @@ -1,4 +1,39 @@ +# Install custom config to Dovecot +# +# === Parameters +# +# $name: +# Config name. +# +# $idx: +# Config load order. Defaults to 99. +# +# === Sample usage +# +# ldap::server::schema { "passdb-pam": idx => 09 } +# +define dovecot::server::config($idx = 90) { + + include dovecot::server::v2 + + file { "${name}.conf": + ensure => present, + path => "/etc/dovecot/conf.d/${idx}-${name}.conf", + source => [ "puppet:///files/dovecot/${name}.conf", + "puppet:///modules/dovecot/${name}.conf", ], + mode => "0644", + owner => "root", + group => $::operatingsystem ? { + "openbsd" => "wheel", + default => "root", + }, + notify => Service["dovecot"], + require => Package["dovecot"], + } +} + + class dovecot::server::v2 { case $operatingsystem { centos,fedora: { From bebab0aba6fc21f49a6f973675d0f23582ad7a15 Mon Sep 17 00:00:00 2001 From: Ossi Herrala Date: Thu, 13 Dec 2012 11:32:33 +0000 Subject: [PATCH 2/7] Various fixes and features * Feature: Add $masquerade_exception variable to exclude list of hosts from masquerade. * Fix: Add OSTYPE macro to sendmail.mc and submit.mc. It's mandatory according to documentation. * Fix: require sendmail package before building certs. --- sendmail/manifests/init.pp | 17 +++++++++++++---- sendmail/templates/sendmail.mc.erb | 6 +++++- sendmail/templates/submit.mc.erb | 1 + 3 files changed, 19 insertions(+), 5 deletions(-) diff --git a/sendmail/manifests/init.pp b/sendmail/manifests/init.pp index f40d867..83479b0 100644 --- a/sendmail/manifests/init.pp +++ b/sendmail/manifests/init.pp @@ -127,6 +127,9 @@ class sendmail::client::msa inherits sendmail::client { # $mail_domain: # SMTP domain name. # +# $masquerade_exception: +# Everything is masqueraded to $mail_domain except these hosts. +# # $sendmail_auth_mech: # List of authentication mechanisms to use. Defaults to PLAIN and LOGIN. # @@ -142,6 +145,10 @@ class sendmail::server inherits sendmail::common { $sendmail_auth_mech = [ "PLAIN", "LOGIN", ] } + if !$masquerade_exception { + $masquerade_exception = [] + } + $ssl_key = basename($sendmail_ssl_key) $ssl_cert = basename($sendmail_ssl_cert) if $sendmail_ssl_chain { @@ -157,6 +164,7 @@ class sendmail::server inherits sendmail::common { File["/etc/sysconfig/sendmail"] { content => "DAEMON=yes\nQUEUE=1h\n", } + $ostype = "linux" # For Sendmail's OSTYPE macro } default: { fail("sendmail::server not supported in '${::operatingsystem}'") @@ -227,10 +235,11 @@ class sendmail::server inherits sendmail::common { } file { "/etc/mail/certs": - ensure => directory, - mode => "0755", - owner => "root", - group => "root", + ensure => directory, + mode => "0755", + owner => "root", + group => "root", + require => Package["sendmail"], } exec { "populate-etc-mail-certs": path => "/bin:/usr/bin:/sbin:/usr/sbin", diff --git a/sendmail/templates/sendmail.mc.erb b/sendmail/templates/sendmail.mc.erb index 953485a..74fd948 100644 --- a/sendmail/templates/sendmail.mc.erb +++ b/sendmail/templates/sendmail.mc.erb @@ -8,6 +8,7 @@ include(`/usr/share/sendmail-cf/m4/cf.m4')dnl include(`/usr/share/sendmail/cf/m4/cf.m4')dnl <% end -%> VERSIONID(`puppet sendmail::server')dnl +OSTYPE(`<%= ostype -%>')dnl dnl # define(`confDEF_USER_ID', ``8:12'')dnl define(`confTO_CONNECT', `1m')dnl @@ -53,8 +54,11 @@ dnl # DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl dnl # -LOCAL_DOMAIN`localhost.localdomain')dnl +LOCAL_DOMAIN(`localhost.localdomain')dnl MASQUERADE_AS(`<%= mail_domain %>')dnl +<% masquerade_exception.each do |exception| -%> +MASQUERADE_EXCEPTION(`<%= exception %>')dnl +<% end -%> FEATURE(masquerade_envelope)dnl FEATURE(allmasquerade)dnl FEATURE(masquerade_entire_domain)dnl diff --git a/sendmail/templates/submit.mc.erb b/sendmail/templates/submit.mc.erb index 4036ff0..ba2bdcf 100644 --- a/sendmail/templates/submit.mc.erb +++ b/sendmail/templates/submit.mc.erb @@ -22,6 +22,7 @@ include(`/usr/share/sendmail/cf/m4/cf.m4')dnl DOMAIN(`debian-msp')dnl <% end -%> VERSIONID(`puppet setup')dnl +OSTYPE(`<%= ostype -%>')dnl define(`confCF_VERSION', `Submit')dnl define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet From e31df0cded5b5f598088ac1b53287887464f8561 Mon Sep 17 00:00:00 2001 From: Ossi Herrala Date: Thu, 13 Dec 2012 12:00:12 +0000 Subject: [PATCH 3/7] Put $ostype variable to sendmail::common so it's inherited to other classes. --- sendmail/manifests/init.pp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/sendmail/manifests/init.pp b/sendmail/manifests/init.pp index 83479b0..1bf514d 100644 --- a/sendmail/manifests/init.pp +++ b/sendmail/manifests/init.pp @@ -28,6 +28,10 @@ class sendmail::common { mode => "0644", notify => Service["sendmail"], } + $ostype = "linux" + } + "openbsd": { + $ostype = "openbsd" } } @@ -164,7 +168,6 @@ class sendmail::server inherits sendmail::common { File["/etc/sysconfig/sendmail"] { content => "DAEMON=yes\nQUEUE=1h\n", } - $ostype = "linux" # For Sendmail's OSTYPE macro } default: { fail("sendmail::server not supported in '${::operatingsystem}'") From b549145c2e530ce8afde7e26af0f448ddcc5e2cd Mon Sep 17 00:00:00 2001 From: Ossi Herrala Date: Thu, 13 Dec 2012 12:08:44 +0000 Subject: [PATCH 4/7] Remove file. It was not needed for us. --- dovecot/files/passdb-pam.conf | 10 ---------- 1 file changed, 10 deletions(-) delete mode 100644 dovecot/files/passdb-pam.conf diff --git a/dovecot/files/passdb-pam.conf b/dovecot/files/passdb-pam.conf deleted file mode 100644 index 353e1de..0000000 --- a/dovecot/files/passdb-pam.conf +++ /dev/null @@ -1,10 +0,0 @@ -# PAM authentication. Preferred nowadays by most systems. -# PAM is typically used with either userdb passwd or userdb static. -# REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM -# authentication to actually work. -passdb { - driver = pam - # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=] - # [cache_key=] [] - args = session=yes # To trigger pam_mkhomedir -} From 0077f5c74e2d3153fa704bdb6e3dc4a8cb0a4e8f Mon Sep 17 00:00:00 2001 From: Ossi Herrala Date: Thu, 13 Dec 2012 14:19:00 +0000 Subject: [PATCH 5/7] Set ostype for Ubuntu and Devian. --- sendmail/manifests/init.pp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sendmail/manifests/init.pp b/sendmail/manifests/init.pp index 1bf514d..134981d 100644 --- a/sendmail/manifests/init.pp +++ b/sendmail/manifests/init.pp @@ -30,6 +30,9 @@ class sendmail::common { } $ostype = "linux" } + "ubuntu","debian": { + $ostype = "linux" + } "openbsd": { $ostype = "openbsd" } From 7ea176cc11714ab23e549d98a96a7b41697bdd9c Mon Sep 17 00:00:00 2001 From: Ossi Herrala Date: Fri, 14 Dec 2012 07:33:18 +0000 Subject: [PATCH 6/7] Clean up Dovecot2 config. Mail location should be defined per site in local.conf. --- dovecot/templates/puppet.conf.erb | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/dovecot/templates/puppet.conf.erb b/dovecot/templates/puppet.conf.erb index d1def49..baea4c8 100644 --- a/dovecot/templates/puppet.conf.erb +++ b/dovecot/templates/puppet.conf.erb @@ -20,19 +20,3 @@ plugin { zlib_save = gz # or bz2 } <% end -%> - -mail_location = <%= dovecot_mailbox_format %>:~/imapmail/ - -namespace { - separator = / - list = yes -} - -namespace { - separator = / - prefix = "#mbox/" - location = mbox:~/imapinbox/:INBOX=/var/mail/%u - inbox = yes - hidden = yes - list = no -} From 9c8fa066e6127f3b5d4494157d31614e845b0053 Mon Sep 17 00:00:00 2001 From: Ossi Herrala Date: Fri, 14 Dec 2012 07:53:49 +0000 Subject: [PATCH 7/7] Fix copy & paste error. --- dovecot/manifests/dovecot2.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dovecot/manifests/dovecot2.pp b/dovecot/manifests/dovecot2.pp index 5eb4307..8df6696 100644 --- a/dovecot/manifests/dovecot2.pp +++ b/dovecot/manifests/dovecot2.pp @@ -11,7 +11,7 @@ # # === Sample usage # -# ldap::server::schema { "passdb-pam": idx => 09 } +# dovecot::server::config { "passdb-pam": idx => 09 } # define dovecot::server::config($idx = 90) {