Merge branch 'master' of bitbucket.org:tmakinen/puppet

dhcp/manifests/init.pp

@@ -35,29 +35,6 @@ class dhcp::server::common {
         ensure => installed,
     }
 
-    file { "dhcpd.leases":
-        name    => $::operatingsystem ? {
-            "debian"  => "/var/lib/dhcp3/dhcpd.leases",
-            "ubuntu"  => "/var/lib/dhcp3/dhcpd.leases",
-            "openbsd" => "/var/db/dhcpd.leases",
-            default   => "/var/lib/dhcpd/dhcpd.leases",
-        },
-        ensure  => present,
-        owner   => $::operatingsystem ? {
-            "debian" => "dhcpd",
-            "ubuntu" => "dhcpd",
-            default  => "root",
-        },
-        group   => $::operatingsystem ? {
-            "debian"  => "dhcpd",
-            "ubuntu"  => "dhcpd",
-            "openbsd" => "wheel",
-            default   => "root",
-        },
-        require => Package["dhcp"],
-        before  => Service["dhcpd"],
-    }
-
     if $::operatingsystem == "OpenBSD" {
         file { "/etc/rc.d/isc_dhcpd":
             ensure => present,

sendmail/manifests/init.pp

@@ -165,8 +165,15 @@ class sendmail::client::msa inherits sendmail::client {
 #       List of authentication mechanisms to use. Defaults to PLAIN and LOGIN.
 #
 #   $sendmail_ssl_key:
+#       Path to SSL key file. If not set sendmail will be configured
+#       without SSL support.
 #
 #   $sendmail_ssl_cert:
+#       Path to SSL certificate file. If not set sendmail will be
+#       configured without SSL support.
+#
+#   $sendmail_ssl_chain:
+#       Path to SSL certificate chain file.
 #
 class sendmail::server inherits sendmail::common {
 
@@ -180,12 +187,6 @@ class sendmail::server inherits sendmail::common {
         $masquerade_exception = []
     }
 
-    $ssl_key = basename($sendmail_ssl_key)
-    $ssl_cert = basename($sendmail_ssl_cert)
-    if $sendmail_ssl_chain {
-        $ssl_chain = basename($sendmail_ssl_chain)
-    }
-
     selinux::manage_fcontext { "/etc/smrsh(/.*)?":
         type => "sendmail_exec_t",
     }
@@ -201,6 +202,13 @@ class sendmail::server inherits sendmail::common {
         }
     }
 
+    if $sendmail_ssl_key and $sendmail_ssl_cert {
+        $ssl_key = basename($sendmail_ssl_key)
+        $ssl_cert = basename($sendmail_ssl_cert)
+        if $sendmail_ssl_chain {
+            $ssl_chain = basename($sendmail_ssl_chain)
+        }
+
         file { "/etc/pki/tls/private/${ssl_key}":
             ensure => present,
             source => $sendmail_ssl_key,
@@ -227,6 +235,7 @@ class sendmail::server inherits sendmail::common {
                 notify => Service["sendmail"],
             }
         }
+    }
 
     file { "sendmail.mc":
         name    => $::operatingsystem ? {

sendmail/templates/sendmail.mc.erb

@@ -22,11 +22,16 @@ define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
 define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
 define(`confTO_IDENT', `0')dnl
 dnl #
+<% if @ssl_key and @ssl_cert -%>
 define(`confAUTH_OPTIONS', `A p y')dnl
 TRUST_AUTH_MECH(`<%= @sendmail_auth_mech.join(' ') %>')dnl
 define(`confAUTH_MECHANISMS', `<%= @sendmail_auth_mech.join(' ') %>')dnl
+<% else -%>
+define(`confAUTH_OPTIONS', `A')dnl
+<% end -%>
 dnl #
 define(`confCACERT_PATH', `/etc/mail/certs')
+<% if @ssl_key and @ssl_cert -%>
 <%   if @ssl_chain -%>
 define(`confCACERT', `/etc/pki/tls/certs/<%= @ssl_chain %>')
 <%   end -%>
@@ -34,6 +39,7 @@ define(`confSERVER_CERT', `/etc/pki/tls/certs/<%= @ssl_cert %>')
 define(`confSERVER_KEY', `/etc/pki/tls/private/<%= @ssl_key %>')
 define(`confCLIENT_CERT', `/etc/pki/tls/certs/<%= @ssl_cert %>')
 define(`confCLIENT_KEY', `/etc/pki/tls/private/<%= @ssl_key %>')
+<% end -%>
 dnl #
 FEATURE(`no_default_msa', `dnl')dnl
 FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
@@ -52,7 +58,9 @@ FEATURE(`blacklist_recipients')dnl
 EXPOSED_USER(`root')dnl
 dnl #
 DAEMON_OPTIONS(`Port=smtp, Name=MTA, M=A')dnl
+<% if @ssl_key and @ssl_cert -%>
 DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
+<% end -%>
 dnl #
 LOCAL_DOMAIN(`localhost.localdomain')dnl
 MASQUERADE_AS(`<%= @mail_domain %>')dnl