From 95fe49abe72f69c2a29fe1479e36ec0d2150a65a Mon Sep 17 00:00:00 2001 From: Ossi Herrala Date: Thu, 20 Sep 2012 08:29:41 +0000 Subject: [PATCH 1/3] Initial support for Dovecot 2.x versions. --- dovecot/manifests/dovecot1.pp | 73 ++++++++++++++++++++++++++++ dovecot/manifests/dovecot2.pp | 75 +++++++++++++++++++++++++++++ dovecot/manifests/init.pp | 83 ++++++++------------------------ dovecot/templates/local.conf.erb | 38 +++++++++++++++ 4 files changed, 206 insertions(+), 63 deletions(-) create mode 100644 dovecot/manifests/dovecot1.pp create mode 100644 dovecot/manifests/dovecot2.pp create mode 100644 dovecot/templates/local.conf.erb diff --git a/dovecot/manifests/dovecot1.pp b/dovecot/manifests/dovecot1.pp new file mode 100644 index 0000000..0c060c8 --- /dev/null +++ b/dovecot/manifests/dovecot1.pp @@ -0,0 +1,73 @@ +class dovecot::server::v1 { + case $operatingsystem { + centos,fedora: { + $dovecot_ssl_dir = "/etc/pki/tls" + } + default: { + fail("Dovecot module not supported in ${operatingsystem}.") + } + } + + service { "dovecot": + ensure => running, + enable => true, + require => File["/etc/dovecot.conf"], + } + + if $dovecot_ssl_csr { + file { "$dovecot_ssl_dir/private/dovecot.csr": + ensure => present, + source => $dovecot_ssl_csr, + mode => "0640", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } + + if $dovecot_ssl_ca { + file { "$dovecot_ssl_dir/certs/dovecot.ca.crt": + ensure => present, + source => $dovecot_ssl_ca, + mode => "0644", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } + + if $dovecot_ssl_cert { + file { "$dovecot_ssl_dir/certs/dovecot.crt": + ensure => present, + source => $dovecot_ssl_cert, + mode => "0644", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } else { + fail("You need to define an ssl_cert in your node manifest.") + } + + if $dovecot_ssl_key { + file { "$dovecot_ssl_dir/private/dovecot.key": + ensure => present, + source => $dovecot_ssl_key, + mode => "0600", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } else { + fail("You need to define an ssl_key in your node manifest.") + } + + file { "/etc/dovecot.conf": + ensure => present, + content => template("dovecot/dovecot.conf.erb"), + mode => "0644", + owner => "root", + group => "root", + notify => Service["dovecot"], + } +} diff --git a/dovecot/manifests/dovecot2.pp b/dovecot/manifests/dovecot2.pp new file mode 100644 index 0000000..726bc54 --- /dev/null +++ b/dovecot/manifests/dovecot2.pp @@ -0,0 +1,75 @@ + +class dovecot::server::v2 { + case $operatingsystem { + centos,fedora: { + $dovecot_ssl_dir = "/etc/pki/tls" + } + default: { + fail("Dovecot module not supported in ${operatingsystem}.") + } + } + + service { "dovecot": + ensure => running, + enable => true, + require => File["/etc/dovecot/conf.d/99-local.conf"], + } + + file { "/etc/dovecot/conf.d/99-local.conf": + ensure => present, + content => template("dovecot/local.conf.erb"), + mode => "0644", + owner => "root", + group => "root", + notify => Service["dovecot"], + require => Package["dovecot"], + } + + if $dovecot_ssl_csr { + file { "$dovecot_ssl_dir/private/dovecot.csr": + ensure => present, + source => $dovecot_ssl_csr, + mode => "0640", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } + + if $dovecot_ssl_ca { + file { "$dovecot_ssl_dir/certs/dovecot.ca.crt": + ensure => present, + source => $dovecot_ssl_ca, + mode => "0644", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } + + if $dovecot_ssl_cert { + file { "$dovecot_ssl_dir/certs/dovecot.crt": + ensure => present, + source => $dovecot_ssl_cert, + mode => "0644", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } else { + fail("You need to define an ssl_cert in your node manifest.") + } + + if $dovecot_ssl_key { + file { "$dovecot_ssl_dir/private/dovecot.key": + ensure => present, + source => $dovecot_ssl_key, + mode => "0600", + owner => "root", + group => "root", + notify => Service["dovecot"], + } + } else { + fail("You need to define an ssl_key in your node manifest.") + } +} diff --git a/dovecot/manifests/init.pp b/dovecot/manifests/init.pp index ddfe4b1..fa1f369 100644 --- a/dovecot/manifests/init.pp +++ b/dovecot/manifests/init.pp @@ -1,3 +1,6 @@ +import "dovecot1.pp" # Dovecot v1.x +import "dovecot2.pp" # Dovecot v2.x + class dovecot::common { case $operatingsystem { @@ -24,79 +27,33 @@ class dovecot::common { # Puppet source for the X.509 key. # $dovecot_ssl_ca: # Puppet source for the optional X.509 ca certificate. - +# $dovecot_mailbox_format: +# Mailbox format to use in user's homedir ["mbox" | "mdbox"] +# $dovecot_zlib: +# Compress mailboxes with zlib ["yes" | "no"] class dovecot::server inherits dovecot::common { + if ! $dovecot_mailbox_format { + $dovecot_mailbox_format = "mbox" + } + case $operatingsystem { centos,fedora: { $dovecot_ssl_dir = "/etc/pki/tls" + + case $operatingsystemrelease { + /^6\./: { + include dovecot::server::v2 + } + default: { + include dovecot::server::v1 + } + } } default: { fail("Dovecot module not supported in ${operatingsystem}.") } } - service { "dovecot": - ensure => running, - enable => true, - require => File["/etc/dovecot.conf"], - } - - if $dovecot_ssl_csr { - file { "$dovecot_ssl_dir/private/dovecot.csr": - ensure => present, - source => $dovecot_ssl_csr, - mode => "0640", - owner => "root", - group => "root", - notify => Service["dovecot"], - } - } - - if $dovecot_ssl_ca { - file { "$dovecot_ssl_dir/certs/dovecot.ca.crt": - ensure => present, - source => $dovecot_ssl_ca, - mode => "0644", - owner => "root", - group => "root", - notify => Service["dovecot"], - } - } - - if $dovecot_ssl_cert { - file { "$dovecot_ssl_dir/certs/dovecot.crt": - ensure => present, - source => $dovecot_ssl_cert, - mode => "0644", - owner => "root", - group => "root", - notify => Service["dovecot"], - } - } else { - fail("You need to define an ssl_cert in your node manifest.") - } - - if $dovecot_ssl_key { - file { "$dovecot_ssl_dir/private/dovecot.key": - ensure => present, - source => $dovecot_ssl_key, - mode => "0600", - owner => "root", - group => "root", - notify => Service["dovecot"], - } - } else { - fail("You need to define an ssl_key in your node manifest.") - } - - file { "/etc/dovecot.conf": - ensure => present, - content => template("dovecot/dovecot.conf.erb"), - mode => "0644", - owner => "root", - group => "root", - notify => Service["dovecot"], - } } diff --git a/dovecot/templates/local.conf.erb b/dovecot/templates/local.conf.erb new file mode 100644 index 0000000..d1def49 --- /dev/null +++ b/dovecot/templates/local.conf.erb @@ -0,0 +1,38 @@ + +ssl=required +ssl_cert = <<%= dovecot_ssl_dir %>/certs/dovecot.crt +ssl_key = <<%= dovecot_ssl_dir %>/private/dovecot.key +<% if has_variable?('dovecot_ssl_ca') -%> +ssl_ca = <<%= dovecot_ssl_dir %>/certs/dovecot.ca.crt +<% end -%> + +<% if has_variable=('dovecot_mailbox_format') && dovecot_mailbox_format == "mdbox" -%> +# mdbox settings +mdbox_rotate_size = 10M +mdbox_rotate_interval = 10d +<% end -%> + +# zlib +<% if has_variable?('dovecot_zlib') && dovecot_zlib == "yes" -%> +mail_plugins = $mail_plugins zlib +plugin { + zlib_save_level = 1 # 1..9 + zlib_save = gz # or bz2 +} +<% end -%> + +mail_location = <%= dovecot_mailbox_format %>:~/imapmail/ + +namespace { + separator = / + list = yes +} + +namespace { + separator = / + prefix = "#mbox/" + location = mbox:~/imapinbox/:INBOX=/var/mail/%u + inbox = yes + hidden = yes + list = no +} From 17570b8e36195697df6dfd70e74c902a1b07dc88 Mon Sep 17 00:00:00 2001 From: Ossi Herrala Date: Thu, 20 Sep 2012 08:47:51 +0000 Subject: [PATCH 2/3] Rename puppet's Dovecot 2 config from 99-local.conf to 98-puppet.conf to make room for local fileserver file 99-local.conf --- dovecot/manifests/dovecot2.pp | 6 +++--- dovecot/templates/{local.conf.erb => puppet.conf.erb} | 0 2 files changed, 3 insertions(+), 3 deletions(-) rename dovecot/templates/{local.conf.erb => puppet.conf.erb} (100%) diff --git a/dovecot/manifests/dovecot2.pp b/dovecot/manifests/dovecot2.pp index 726bc54..3b1bf73 100644 --- a/dovecot/manifests/dovecot2.pp +++ b/dovecot/manifests/dovecot2.pp @@ -12,12 +12,12 @@ class dovecot::server::v2 { service { "dovecot": ensure => running, enable => true, - require => File["/etc/dovecot/conf.d/99-local.conf"], + require => File["/etc/dovecot/conf.d/98-puppet.conf"], } - file { "/etc/dovecot/conf.d/99-local.conf": + file { "/etc/dovecot/conf.d/98-puppet.conf": ensure => present, - content => template("dovecot/local.conf.erb"), + content => template("dovecot/puppet.conf.erb"), mode => "0644", owner => "root", group => "root", diff --git a/dovecot/templates/local.conf.erb b/dovecot/templates/puppet.conf.erb similarity index 100% rename from dovecot/templates/local.conf.erb rename to dovecot/templates/puppet.conf.erb From 94f64537621f4b559243d3a6ef93d37d7be8843d Mon Sep 17 00:00:00 2001 From: Ossi Herrala Date: Thu, 20 Sep 2012 10:08:29 +0000 Subject: [PATCH 3/3] Fetch local config file from fileserver to Dovecot 2. --- dovecot/files/empty | 0 dovecot/manifests/dovecot2.pp | 16 +++++++++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 dovecot/files/empty diff --git a/dovecot/files/empty b/dovecot/files/empty new file mode 100644 index 0000000..e69de29 diff --git a/dovecot/manifests/dovecot2.pp b/dovecot/manifests/dovecot2.pp index 3b1bf73..3231398 100644 --- a/dovecot/manifests/dovecot2.pp +++ b/dovecot/manifests/dovecot2.pp @@ -12,7 +12,8 @@ class dovecot::server::v2 { service { "dovecot": ensure => running, enable => true, - require => File["/etc/dovecot/conf.d/98-puppet.conf"], + require => File["/etc/dovecot/conf.d/98-puppet.conf", + "/etc/dovecot/conf.d/99-local.conf"], } file { "/etc/dovecot/conf.d/98-puppet.conf": @@ -25,6 +26,19 @@ class dovecot::server::v2 { require => Package["dovecot"], } + file { "/etc/dovecot/conf.d/99-local.conf": + ensure => present, + source => [ + "puppet:///files/dovecot/local.conf", + "puppet:///modules/dovecot/empty", + ], + mode => "0644", + owner => "root", + group => "root", + notify => Service["dovecot"], + require => Package["dovecot"], + } + if $dovecot_ssl_csr { file { "$dovecot_ssl_dir/private/dovecot.csr": ensure => present,