diff --git a/dovecot/manifests/dovecot1.pp b/dovecot/manifests/dovecot1.pp new file mode 100644 index 0000000..0c060c8 --- /dev/null +++ b/dovecot/manifests/dovecot1.pp @@ -0,0 +1,73 @@ +class dovecot::server::v1 { + case $operatingsystem { + centos,fedora: { + $dovecot_ssl_dir = "/etc/pki/tls" + } + default: { + fail("Dovecot module not supported in ${operatingsystem}.") + } + } + + service { "dovecot": + ensure => running, + enable => true, + require => File["/etc/dovecot.conf"], + } + + if $dovecot_ssl_csr { + file { "$dovecot_ssl_dir/private/dovecot.csr": + ensure => present, + source => $dovecot_ssl_csr, + mode => "0640", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } + + if $dovecot_ssl_ca { + file { "$dovecot_ssl_dir/certs/dovecot.ca.crt": + ensure => present, + source => $dovecot_ssl_ca, + mode => "0644", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } + + if $dovecot_ssl_cert { + file { "$dovecot_ssl_dir/certs/dovecot.crt": + ensure => present, + source => $dovecot_ssl_cert, + mode => "0644", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } else { + fail("You need to define an ssl_cert in your node manifest.") + } + + if $dovecot_ssl_key { + file { "$dovecot_ssl_dir/private/dovecot.key": + ensure => present, + source => $dovecot_ssl_key, + mode => "0600", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } else { + fail("You need to define an ssl_key in your node manifest.") + } + + file { "/etc/dovecot.conf": + ensure => present, + content => template("dovecot/dovecot.conf.erb"), + mode => "0644", + owner => "root", + group => "root", + notify => Service["dovecot"], + } +} diff --git a/dovecot/manifests/dovecot2.pp b/dovecot/manifests/dovecot2.pp new file mode 100644 index 0000000..726bc54 --- /dev/null +++ b/dovecot/manifests/dovecot2.pp @@ -0,0 +1,75 @@ + +class dovecot::server::v2 { + case $operatingsystem { + centos,fedora: { + $dovecot_ssl_dir = "/etc/pki/tls" + } + default: { + fail("Dovecot module not supported in ${operatingsystem}.") + } + } + + service { "dovecot": + ensure => running, + enable => true, + require => File["/etc/dovecot/conf.d/99-local.conf"], + } + + file { "/etc/dovecot/conf.d/99-local.conf": + ensure => present, + content => template("dovecot/local.conf.erb"), + mode => "0644", + owner => "root", + group => "root", + notify => Service["dovecot"], + require => Package["dovecot"], + } + + if $dovecot_ssl_csr { + file { "$dovecot_ssl_dir/private/dovecot.csr": + ensure => present, + source => $dovecot_ssl_csr, + mode => "0640", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } + + if $dovecot_ssl_ca { + file { "$dovecot_ssl_dir/certs/dovecot.ca.crt": + ensure => present, + source => $dovecot_ssl_ca, + mode => "0644", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } + + if $dovecot_ssl_cert { + file { "$dovecot_ssl_dir/certs/dovecot.crt": + ensure => present, + source => $dovecot_ssl_cert, + mode => "0644", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } else { + fail("You need to define an ssl_cert in your node manifest.") + } + + if $dovecot_ssl_key { + file { "$dovecot_ssl_dir/private/dovecot.key": + ensure => present, + source => $dovecot_ssl_key, + mode => "0600", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } else { + fail("You need to define an ssl_key in your node manifest.") + } +} diff --git a/dovecot/manifests/init.pp b/dovecot/manifests/init.pp index ddfe4b1..fa1f369 100644 --- a/dovecot/manifests/init.pp +++ b/dovecot/manifests/init.pp @@ -1,3 +1,6 @@ +import "dovecot1.pp" # Dovecot v1.x +import "dovecot2.pp" # Dovecot v2.x + class dovecot::common { case $operatingsystem { @@ -24,79 +27,33 @@ class dovecot::common { # Puppet source for the X.509 key. # $dovecot_ssl_ca: # Puppet source for the optional X.509 ca certificate. - +# $dovecot_mailbox_format: +# Mailbox format to use in user's homedir ["mbox" | "mdbox"] +# $dovecot_zlib: +# Compress mailboxes with zlib ["yes" | "no"] class dovecot::server inherits dovecot::common { + if ! $dovecot_mailbox_format { + $dovecot_mailbox_format = "mbox" + } + case $operatingsystem { centos,fedora: { $dovecot_ssl_dir = "/etc/pki/tls" + + case $operatingsystemrelease { + /^6\./: { + include dovecot::server::v2 + } + default: { + include dovecot::server::v1 + } + } } default: { fail("Dovecot module not supported in ${operatingsystem}.") } } - service { "dovecot": - ensure => running, - enable => true, - require => File["/etc/dovecot.conf"], - } - - if $dovecot_ssl_csr { - file { "$dovecot_ssl_dir/private/dovecot.csr": - ensure => present, - source => $dovecot_ssl_csr, - mode => "0640", - owner => "root", - group => "root", - notify => Service["dovecot"], - } - } - - if $dovecot_ssl_ca { - file { "$dovecot_ssl_dir/certs/dovecot.ca.crt": - ensure => present, - source => $dovecot_ssl_ca, - mode => "0644", - owner => "root", - group => "root", - notify => Service["dovecot"], - } - } - - if $dovecot_ssl_cert { - file { "$dovecot_ssl_dir/certs/dovecot.crt": - ensure => present, - source => $dovecot_ssl_cert, - mode => "0644", - owner => "root", - group => "root", - notify => Service["dovecot"], - } - } else { - fail("You need to define an ssl_cert in your node manifest.") - } - - if $dovecot_ssl_key { - file { "$dovecot_ssl_dir/private/dovecot.key": - ensure => present, - source => $dovecot_ssl_key, - mode => "0600", - owner => "root", - group => "root", - notify => Service["dovecot"], - } - } else { - fail("You need to define an ssl_key in your node manifest.") - } - - file { "/etc/dovecot.conf": - ensure => present, - content => template("dovecot/dovecot.conf.erb"), - mode => "0644", - owner => "root", - group => "root", - notify => Service["dovecot"], - } } diff --git a/dovecot/templates/local.conf.erb b/dovecot/templates/local.conf.erb new file mode 100644 index 0000000..d1def49 --- /dev/null +++ b/dovecot/templates/local.conf.erb @@ -0,0 +1,38 @@ + +ssl=required +ssl_cert = <<%= dovecot_ssl_dir %>/certs/dovecot.crt +ssl_key = <<%= dovecot_ssl_dir %>/private/dovecot.key +<% if has_variable?('dovecot_ssl_ca') -%> +ssl_ca = <<%= dovecot_ssl_dir %>/certs/dovecot.ca.crt +<% end -%> + +<% if has_variable=('dovecot_mailbox_format') && dovecot_mailbox_format == "mdbox" -%> +# mdbox settings +mdbox_rotate_size = 10M +mdbox_rotate_interval = 10d +<% end -%> + +# zlib +<% if has_variable?('dovecot_zlib') && dovecot_zlib == "yes" -%> +mail_plugins = $mail_plugins zlib +plugin { + zlib_save_level = 1 # 1..9 + zlib_save = gz # or bz2 +} +<% end -%> + +mail_location = <%= dovecot_mailbox_format %>:~/imapmail/ + +namespace { + separator = / + list = yes +} + +namespace { + separator = / + prefix = "#mbox/" + location = mbox:~/imapinbox/:INBOX=/var/mail/%u + inbox = yes + hidden = yes + list = no +}