diff --git a/dovecot/manifests/dovecot1.pp b/dovecot/manifests/dovecot1.pp deleted file mode 100644 index 0c060c8..0000000 --- a/dovecot/manifests/dovecot1.pp +++ /dev/null @@ -1,73 +0,0 @@ -class dovecot::server::v1 { - case $operatingsystem { - centos,fedora: { - $dovecot_ssl_dir = "/etc/pki/tls" - } - default: { - fail("Dovecot module not supported in ${operatingsystem}.") - } - } - - service { "dovecot": - ensure => running, - enable => true, - require => File["/etc/dovecot.conf"], - } - - if $dovecot_ssl_csr { - file { "$dovecot_ssl_dir/private/dovecot.csr": - ensure => present, - source => $dovecot_ssl_csr, - mode => "0640", - owner => "root", - group => "root", - notify => Service["dovecot"], - } - } - - if $dovecot_ssl_ca { - file { "$dovecot_ssl_dir/certs/dovecot.ca.crt": - ensure => present, - source => $dovecot_ssl_ca, - mode => "0644", - owner => "root", - group => "root", - notify => Service["dovecot"], - } - } - - if $dovecot_ssl_cert { - file { "$dovecot_ssl_dir/certs/dovecot.crt": - ensure => present, - source => $dovecot_ssl_cert, - mode => "0644", - owner => "root", - group => "root", - notify => Service["dovecot"], - } - } else { - fail("You need to define an ssl_cert in your node manifest.") - } - - if $dovecot_ssl_key { - file { "$dovecot_ssl_dir/private/dovecot.key": - ensure => present, - source => $dovecot_ssl_key, - mode => "0600", - owner => "root", - group => "root", - notify => Service["dovecot"], - } - } else { - fail("You need to define an ssl_key in your node manifest.") - } - - file { "/etc/dovecot.conf": - ensure => present, - content => template("dovecot/dovecot.conf.erb"), - mode => "0644", - owner => "root", - group => "root", - notify => Service["dovecot"], - } -} diff --git a/dovecot/manifests/dovecot2.pp b/dovecot/manifests/dovecot2.pp deleted file mode 100644 index 8df6696..0000000 --- a/dovecot/manifests/dovecot2.pp +++ /dev/null @@ -1,124 +0,0 @@ - -# Install custom config to Dovecot -# -# === Parameters -# -# $name: -# Config name. -# -# $idx: -# Config load order. Defaults to 99. -# -# === Sample usage -# -# dovecot::server::config { "passdb-pam": idx => 09 } -# -define dovecot::server::config($idx = 90) { - - include dovecot::server::v2 - - file { "${name}.conf": - ensure => present, - path => "/etc/dovecot/conf.d/${idx}-${name}.conf", - source => [ "puppet:///files/dovecot/${name}.conf", - "puppet:///modules/dovecot/${name}.conf", ], - mode => "0644", - owner => "root", - group => $::operatingsystem ? { - "openbsd" => "wheel", - default => "root", - }, - notify => Service["dovecot"], - require => Package["dovecot"], - } -} - - -class dovecot::server::v2 { - case $operatingsystem { - centos,fedora: { - $dovecot_ssl_dir = "/etc/pki/tls" - } - default: { - fail("Dovecot module not supported in ${operatingsystem}.") - } - } - - service { "dovecot": - ensure => running, - enable => true, - require => File["/etc/dovecot/conf.d/98-puppet.conf", - "/etc/dovecot/conf.d/99-local.conf"], - } - - file { "/etc/dovecot/conf.d/98-puppet.conf": - ensure => present, - content => template("dovecot/puppet.conf.erb"), - mode => "0644", - owner => "root", - group => "root", - notify => Service["dovecot"], - require => Package["dovecot"], - } - - file { "/etc/dovecot/conf.d/99-local.conf": - ensure => present, - source => [ - "puppet:///files/dovecot/local.conf", - "puppet:///modules/dovecot/empty", - ], - mode => "0644", - owner => "root", - group => "root", - notify => Service["dovecot"], - require => Package["dovecot"], - } - - if $dovecot_ssl_csr { - file { "$dovecot_ssl_dir/private/dovecot.csr": - ensure => present, - source => $dovecot_ssl_csr, - mode => "0640", - owner => "root", - group => "root", - notify => Service["dovecot"], - } - } - - if $dovecot_ssl_ca { - file { "$dovecot_ssl_dir/certs/dovecot.ca.crt": - ensure => present, - source => $dovecot_ssl_ca, - mode => "0644", - owner => "root", - group => "root", - notify => Service["dovecot"], - } - } - - if $dovecot_ssl_cert { - file { "$dovecot_ssl_dir/certs/dovecot.crt": - ensure => present, - source => $dovecot_ssl_cert, - mode => "0644", - owner => "root", - group => "root", - notify => Service["dovecot"], - } - } else { - fail("You need to define an ssl_cert in your node manifest.") - } - - if $dovecot_ssl_key { - file { "$dovecot_ssl_dir/private/dovecot.key": - ensure => present, - source => $dovecot_ssl_key, - mode => "0600", - owner => "root", - group => "root", - notify => Service["dovecot"], - } - } else { - fail("You need to define an ssl_key in your node manifest.") - } -} diff --git a/dovecot/manifests/init.pp b/dovecot/manifests/init.pp index ac45904..dfab206 100644 --- a/dovecot/manifests/init.pp +++ b/dovecot/manifests/init.pp @@ -1,11 +1,11 @@ -import "dovecot1.pp" # Dovecot v1.x -import "dovecot2.pp" # Dovecot v2.x - class dovecot::common { case $::operatingsystem { "centos","redhat","fedora": { - package { ["dovecot"]: + if versioncmp($::operatingsystemrelease, "6") < 0 { + fail("Dovecot module requires ${::operatingsystem} 6") + } + package { "dovecot": ensure => installed, } } @@ -15,6 +15,7 @@ class dovecot::common { } } + # === Global variables # # $dovecot_mail_domain: @@ -31,29 +32,124 @@ class dovecot::common { # Mailbox format to use in user's homedir ["mbox" | "mdbox"] # $dovecot_zlib: # Compress mailboxes with zlib ["yes" | "no"] +# class dovecot::server inherits dovecot::common { if ! $dovecot_mailbox_format { $dovecot_mailbox_format = "mbox" } - case $::operatingsystem { - "centos","redhat","fedora": { - $dovecot_ssl_dir = "/etc/pki/tls" + service { "dovecot": + ensure => running, + enable => true, + } - case $operatingsystemrelease { - /^6\./: { - include dovecot::server::v2 - } - default: { - include dovecot::server::v1 - } - } - } - default: { - fail("Dovecot module not supported in ${::operatingsystem}.") - } + file { "/etc/dovecot/conf.d/98-puppet.conf": + ensure => present, + mode => "0644", + owner => "root", + group => "root", + content => template("dovecot/puppet.conf.erb"), + notify => Service["dovecot"], + require => Package["dovecot"], + } + + file { "/etc/dovecot/conf.d/99-local.conf": + ensure => present, + mode => "0644", + owner => "root", + group => "root", + source => [ + "puppet:///files/dovecot/local.conf", + "puppet:///modules/dovecot/empty", + ], + notify => Service["dovecot"], + require => Package["dovecot"], } + if ! ($dovecot_ssl_key and $dovecot_ssl_cert) { + fail("Must define \$dovecot_ssl_key and \$dovecot_ssl_cert") + } + + include ssl + + file { "${ssl::private}/dovecot.key": + ensure => present, + source => $dovecot_ssl_key, + mode => "0600", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + + file { "${ssl::certs}/dovecot.crt": + ensure => present, + source => $dovecot_ssl_cert, + mode => "0644", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + + if $dovecot_ssl_csr { + file { "${ssl::private}/dovecot.csr": + ensure => present, + source => $dovecot_ssl_csr, + mode => "0640", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } + + if $dovecot_ssl_ca { + file { "${ssl::certs}/dovecot.ca.crt": + ensure => present, + source => $dovecot_ssl_ca, + mode => "0644", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } + +} + + +# Install custom config to Dovecot +# +# === Parameters +# +# $name: +# Config name. +# +# $idx: +# Config load order. Defaults to 99. +# +# === Sample usage +# +# dovecot::server::config { "passdb-pam": idx => 09 } +# +define dovecot::server::config($idx = 90) { + + include dovecot::server + + file { "${name}.conf": + ensure => present, + path => "/etc/dovecot/conf.d/${idx}-${name}.conf", + mode => "0644", + owner => "root", + group => $::operatingsystem ? { + "openbsd" => "wheel", + default => "root", + }, + source => [ + "puppet:///files/dovecot/${name}.conf", + "puppet:///modules/dovecot/${name}.conf", + ], + notify => Service["dovecot"], + require => Package["dovecot"], + } + } diff --git a/dovecot/templates/dovecot.conf.erb b/dovecot/templates/dovecot.conf.erb deleted file mode 100644 index 3ae04b7..0000000 --- a/dovecot/templates/dovecot.conf.erb +++ /dev/null @@ -1,36 +0,0 @@ -protocols = imaps -disable_plaintext_auth = yes -ssl_cert_file = <%= @dovecot_ssl_dir %>/certs/dovecot.crt -ssl_key_file = <%= @dovecot_ssl_dir %>/private/dovecot.key -<% if @dovecot_ssl_ca -%> -ssl_ca_file = <%= @dovecot_ssl_dir %>/certs/dovecot.ca.crt -<% end -%> -login_chroot = yes -login_user = dovecot -login_max_processes_count = 256 -namespace private { - prefix = - location = mbox:~/imapmail/:INBOX=/var/mail/%u - inbox = yes -} -protocol imap { - mail_plugins = zlib -} - -protocol pop3 { -} -protocol lda { - postmaster_address = postmaster@<%= @dovecot_mail_domain %> -} -auth default { - mechanisms = plain - passdb pam { - } - userdb passwd { - } - user = root -} -dict { -} -plugin { -} diff --git a/dovecot/templates/puppet.conf.erb b/dovecot/templates/puppet.conf.erb index 4440b6e..4f332a8 100644 --- a/dovecot/templates/puppet.conf.erb +++ b/dovecot/templates/puppet.conf.erb @@ -1,19 +1,18 @@ - -ssl=required -ssl_cert = <<%= @dovecot_ssl_dir %>/certs/dovecot.crt -ssl_key = <<%= @dovecot_ssl_dir %>/private/dovecot.key +ssl = required +ssl_cert = <<%= scope.lookupvar('ssl::certs') %>/dovecot.crt +ssl_key = <<%= scope.lookupvar('ssl::private') %>/dovecot.key <% if @dovecot_ssl_ca -%> -ssl_ca = <<%= @dovecot_ssl_dir %>/certs/dovecot.ca.crt +ssl_ca = <<%= scope.lookupvar('ssl::certs') %>/dovecot.ca.crt <% end -%> - <% if @dovecot_mailbox_format && @dovecot_mailbox_format == "mdbox" -%> + # mdbox settings mdbox_rotate_size = 10M mdbox_rotate_interval = 10d <% end -%> +<% if @dovecot_zlib && @dovecot_zlib == "yes" -%> # zlib -<% if @dovecot_zlib && @dovecot_zlib == "yes" -%> mail_plugins = $mail_plugins zlib plugin { zlib_save_level = 1 # 1..9