sendmail: Added support for installing sendmail without SSL support.

2013-06-17 10:26:23 +03:00 · 2013-06-17 10:26:23 +03:00 · a90016c5f2
commit a90016c5f2
parent fae8257a89
2 changed files with 44 additions and 27 deletions
--- a/sendmail/manifests/init.pp
+++ b/sendmail/manifests/init.pp
@ -165,8 +165,15 @@ class sendmail::client::msa inherits sendmail::client {
 #       List of authentication mechanisms to use. Defaults to PLAIN and LOGIN.
 #
 #   $sendmail_ssl_key:
+#       Path to SSL key file. If not set sendmail will be configured
+#       without SSL support.
 #
 #   $sendmail_ssl_cert:
+#       Path to SSL certificate file. If not set sendmail will be
+#       configured without SSL support.
+#
+#   $sendmail_ssl_chain:
+#       Path to SSL certificate chain file.
 #
 class sendmail::server inherits sendmail::common {

@ -180,12 +187,6 @@ class sendmail::server inherits sendmail::common {
        $masquerade_exception = []
    }

-    $ssl_key = basename($sendmail_ssl_key)
-    $ssl_cert = basename($sendmail_ssl_cert)
-    if $sendmail_ssl_chain {
-        $ssl_chain = basename($sendmail_ssl_chain)
-    }
-
    selinux::manage_fcontext { "/etc/smrsh(/.*)?":
        type => "sendmail_exec_t",
    }
@ -201,31 +202,39 @@ class sendmail::server inherits sendmail::common {
        }
    }

-    file { "/etc/pki/tls/private/${ssl_key}":
-        ensure => present,
-        source => $sendmail_ssl_key,
-        mode   => "0600",
-        owner  => "root",
-        group  => "root",
-        notify => Service["sendmail"],
-    }
-    file { "/etc/pki/tls/certs/${ssl_cert}":
-        ensure => present,
-        source => $sendmail_ssl_cert,
-        mode   => "0644",
-        owner  => "root",
-        group  => "root",
-        notify => Service["sendmail"],
-    }
-    if $ssl_chain {
-        file { "/etc/pki/tls/certs/${ssl_chain}":
+    if $sendmail_ssl_key and $sendmail_ssl_cert {
+        $ssl_key = basename($sendmail_ssl_key)
+        $ssl_cert = basename($sendmail_ssl_cert)
+        if $sendmail_ssl_chain {
+            $ssl_chain = basename($sendmail_ssl_chain)
+        }
+
+        file { "/etc/pki/tls/private/${ssl_key}":
            ensure => present,
-            source => $sendmail_ssl_chain,
+            source => $sendmail_ssl_key,
+            mode   => "0600",
+            owner  => "root",
+            group  => "root",
+            notify => Service["sendmail"],
+        }
+        file { "/etc/pki/tls/certs/${ssl_cert}":
+            ensure => present,
+            source => $sendmail_ssl_cert,
            mode   => "0644",
            owner  => "root",
            group  => "root",
            notify => Service["sendmail"],
        }
+        if $ssl_chain {
+            file { "/etc/pki/tls/certs/${ssl_chain}":
+                ensure => present,
+                source => $sendmail_ssl_chain,
+                mode   => "0644",
+                owner  => "root",
+                group  => "root",
+                notify => Service["sendmail"],
+            }
+        }
    }

    file { "sendmail.mc":