tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merged in osalmi/puppet (pull request #34)

Browse source 
Dovecot module cleanup
This commit is contained in:
Timo Mäkinen 2013-07-30 09:14:18 +03:00
commit 7293c429a7
5 changed files with 121 additions and 259 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

73
dovecot/manifests/dovecot1.pp
View file

@ -1,73 +0,0 @@
class dovecot::server::v1 {
case $operatingsystem {
centos,fedora: {
$dovecot_ssl_dir = "/etc/pki/tls"
}
default: {
fail("Dovecot module not supported in ${operatingsystem}.")
}
}
service { "dovecot":
ensure => running,
enable => true,
require => File["/etc/dovecot.conf"],
}
if $dovecot_ssl_csr {
file { "$dovecot_ssl_dir/private/dovecot.csr":
ensure => present,
source => $dovecot_ssl_csr,
mode => "0640",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
}
if $dovecot_ssl_ca {
file { "$dovecot_ssl_dir/certs/dovecot.ca.crt":
ensure => present,
source => $dovecot_ssl_ca,
mode => "0644",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
}
if $dovecot_ssl_cert {
file { "$dovecot_ssl_dir/certs/dovecot.crt":
ensure => present,
source => $dovecot_ssl_cert,
mode => "0644",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
} else {
fail("You need to define an ssl_cert in your node manifest.")
}
if $dovecot_ssl_key {
file { "$dovecot_ssl_dir/private/dovecot.key":
ensure => present,
source => $dovecot_ssl_key,
mode => "0600",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
} else {
fail("You need to define an ssl_key in your node manifest.")
}
file { "/etc/dovecot.conf":
ensure => present,
content => template("dovecot/dovecot.conf.erb"),
mode => "0644",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
}

124
dovecot/manifests/dovecot2.pp
View file

@ -1,124 +0,0 @@
# Install custom config to Dovecot
#
# === Parameters
#
# $name:
# Config name.
#
# $idx:
# Config load order. Defaults to 99.
#
# === Sample usage
#
# dovecot::server::config { "passdb-pam": idx => 09 }
#
define dovecot::server::config($idx = 90) {
include dovecot::server::v2
file { "${name}.conf":
ensure => present,
path => "/etc/dovecot/conf.d/${idx}-${name}.conf",
source => [ "puppet:///files/dovecot/${name}.conf",
"puppet:///modules/dovecot/${name}.conf", ],
mode => "0644",
owner => "root",
group => $::operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
notify => Service["dovecot"],
require => Package["dovecot"],
}
}
class dovecot::server::v2 {
case $operatingsystem {
centos,fedora: {
$dovecot_ssl_dir = "/etc/pki/tls"
}
default: {
fail("Dovecot module not supported in ${operatingsystem}.")
}
}
service { "dovecot":
ensure => running,
enable => true,
require => File["/etc/dovecot/conf.d/98-puppet.conf",
"/etc/dovecot/conf.d/99-local.conf"],
}
file { "/etc/dovecot/conf.d/98-puppet.conf":
ensure => present,
content => template("dovecot/puppet.conf.erb"),
mode => "0644",
owner => "root",
group => "root",
notify => Service["dovecot"],
require => Package["dovecot"],
}
file { "/etc/dovecot/conf.d/99-local.conf":
ensure => present,
source => [
"puppet:///files/dovecot/local.conf",
"puppet:///modules/dovecot/empty",
],
mode => "0644",
owner => "root",
group => "root",
notify => Service["dovecot"],
require => Package["dovecot"],
}
if $dovecot_ssl_csr {
file { "$dovecot_ssl_dir/private/dovecot.csr":
ensure => present,
source => $dovecot_ssl_csr,
mode => "0640",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
}
if $dovecot_ssl_ca {
file { "$dovecot_ssl_dir/certs/dovecot.ca.crt":
ensure => present,
source => $dovecot_ssl_ca,
mode => "0644",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
}
if $dovecot_ssl_cert {
file { "$dovecot_ssl_dir/certs/dovecot.crt":
ensure => present,
source => $dovecot_ssl_cert,
mode => "0644",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
} else {
fail("You need to define an ssl_cert in your node manifest.")
}
if $dovecot_ssl_key {
file { "$dovecot_ssl_dir/private/dovecot.key":
ensure => present,
source => $dovecot_ssl_key,
mode => "0600",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
} else {
fail("You need to define an ssl_key in your node manifest.")
}
}

124
dovecot/manifests/init.pp
View file

@ -1,11 +1,11 @@
import "dovecot1.pp" # Dovecot v1.x
import "dovecot2.pp" # Dovecot v2.x
class dovecot::common {
case $::operatingsystem {
"centos","redhat","fedora": {
package { ["dovecot"]:
if versioncmp($::operatingsystemrelease, "6") < 0 {
fail("Dovecot module requires ${::operatingsystem} 6")
}
package { "dovecot":
ensure => installed,
}
}
@ -15,6 +15,7 @@ class dovecot::common {
}
}
# === Global variables
#
# $dovecot_mail_domain:
@ -31,29 +32,124 @@ class dovecot::common {
# Mailbox format to use in user's homedir ["mbox" | "mdbox"]
# $dovecot_zlib:
# Compress mailboxes with zlib ["yes" | "no"]
#
class dovecot::server inherits dovecot::common {
if ! $dovecot_mailbox_format {
$dovecot_mailbox_format = "mbox"
}
case $::operatingsystem {
"centos","redhat","fedora": {
$dovecot_ssl_dir = "/etc/pki/tls"
service { "dovecot":
ensure => running,
enable => true,
}
case $operatingsystemrelease {
/^6\./: {
include dovecot::server::v2
file { "/etc/dovecot/conf.d/98-puppet.conf":
ensure => present,
mode => "0644",
owner => "root",
group => "root",
content => template("dovecot/puppet.conf.erb"),
notify => Service["dovecot"],
require => Package["dovecot"],
}
default: {
include dovecot::server::v1
file { "/etc/dovecot/conf.d/99-local.conf":
ensure => present,
mode => "0644",
owner => "root",
group => "root",
source => [
"puppet:///files/dovecot/local.conf",
"puppet:///modules/dovecot/empty",
],
notify => Service["dovecot"],
require => Package["dovecot"],
}
if ! ($dovecot_ssl_key and $dovecot_ssl_cert) {
fail("Must define \$dovecot_ssl_key and \$dovecot_ssl_cert")
}
include ssl
file { "${ssl::private}/dovecot.key":
ensure => present,
source => $dovecot_ssl_key,
mode => "0600",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
default: {
fail("Dovecot module not supported in ${::operatingsystem}.")
file { "${ssl::certs}/dovecot.crt":
ensure => present,
source => $dovecot_ssl_cert,
mode => "0644",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
if $dovecot_ssl_csr {
file { "${ssl::private}/dovecot.csr":
ensure => present,
source => $dovecot_ssl_csr,
mode => "0640",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
}
if $dovecot_ssl_ca {
file { "${ssl::certs}/dovecot.ca.crt":
ensure => present,
source => $dovecot_ssl_ca,
mode => "0644",
owner => "root",
group => "root",
notify => Service["dovecot"],
}
}
}
# Install custom config to Dovecot
#
# === Parameters
#
# $name:
# Config name.
#
# $idx:
# Config load order. Defaults to 99.
#
# === Sample usage
#
# dovecot::server::config { "passdb-pam": idx => 09 }
#
define dovecot::server::config($idx = 90) {
include dovecot::server
file { "${name}.conf":
ensure => present,
path => "/etc/dovecot/conf.d/${idx}-${name}.conf",
mode => "0644",
owner => "root",
group => $::operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
source => [
"puppet:///files/dovecot/${name}.conf",
"puppet:///modules/dovecot/${name}.conf",
],
notify => Service["dovecot"],
require => Package["dovecot"],
}
}

36
dovecot/templates/dovecot.conf.erb
View file

@ -1,36 +0,0 @@
protocols = imaps
disable_plaintext_auth = yes
ssl_cert_file = <%= @dovecot_ssl_dir %>/certs/dovecot.crt
ssl_key_file = <%= @dovecot_ssl_dir %>/private/dovecot.key
<% if @dovecot_ssl_ca -%>
ssl_ca_file = <%= @dovecot_ssl_dir %>/certs/dovecot.ca.crt
<% end -%>
login_chroot = yes
login_user = dovecot
login_max_processes_count = 256
namespace private {
prefix =
location = mbox:~/imapmail/:INBOX=/var/mail/%u
inbox = yes
}
protocol imap {
mail_plugins = zlib
}
protocol pop3 {
}
protocol lda {
postmaster_address = postmaster@<%= @dovecot_mail_domain %>
}
auth default {
mechanisms = plain
passdb pam {
}
userdb passwd {
}
user = root
}
dict {
}
plugin {
}

13
dovecot/templates/puppet.conf.erb
View file

@ -1,19 +1,18 @@
ssl=required
ssl_cert = <<%= @dovecot_ssl_dir %>/certs/dovecot.crt
ssl_key = <<%= @dovecot_ssl_dir %>/private/dovecot.key
ssl = required
ssl_cert = <<%= scope.lookupvar('ssl::certs') %>/dovecot.crt
ssl_key = <<%= scope.lookupvar('ssl::private') %>/dovecot.key
<% if @dovecot_ssl_ca -%>
ssl_ca = <<%= @dovecot_ssl_dir %>/certs/dovecot.ca.crt
ssl_ca = <<%= scope.lookupvar('ssl::certs') %>/dovecot.ca.crt
<% end -%>
<% if @dovecot_mailbox_format && @dovecot_mailbox_format == "mdbox" -%>
# mdbox settings
mdbox_rotate_size = 10M
mdbox_rotate_interval = 10d
<% end -%>
<% if @dovecot_zlib && @dovecot_zlib == "yes" -%>
# zlib
<% if @dovecot_zlib && @dovecot_zlib == "yes" -%>
mail_plugins = $mail_plugins zlib
plugin {
zlib_save_level = 1 # 1..9