# Configure smtpd for local delivery. # # === Global variables # # $mail_domain: # Domain to masquerade as (envelope only). # # $mail_server: # Hostname of mail relay server. # class smtpd { if $mail_server { $relay = "smtp+tls://${mail_server}" } case $::operatingsystem { "centos","redhat": { if versioncmp($::operatingsystemrelease, "6") < 0 { fail("smtpd requires atleast ${::operatingsystem} 6") } $package = "opensmtpd" $service = "opensmtpd" $confdir = "/etc/opensmtpd" $aliases = "/etc/aliases" package { $package: ensure => installed, before => File["${confdir}/smtpd.conf"], } exec { "/usr/sbin/alternatives --set mta /usr/sbin/sendmail.opensmtpd": refreshonly => true, subscribe => Package[$package], before => Service[$service], } service { [ "postfix", "sendmail" ]: ensure => stopped, enable => false, before => Service[$service], } } "openbsd": { $package = undef $service = "smtpd" $confdir = "/etc/mail" $aliases = "/etc/mail/aliases" file { "/etc/mailer.conf": ensure => present, mode => "0644", owner => "root", group => "wheel", source => "puppet:///modules/smtpd/mailer.conf", before => Service[$service], } service { "sendmail": ensure => stopped, enable => false, before => Service[$service], } } default: { fail("smtpd not supported on ${::operatingsystem}") } } file { "${confdir}/smtpd.conf": ensure => present, mode => "0644", owner => "root", group => $::operatingsystem ? { "openbsd" => "wheel", default => "root", }, content => template("smtpd/client.conf.erb"), notify => Service[$service], } service { $service: ensure => running, enable => true, start => $::operatingsystem ? { "openbsd" => "/usr/sbin/smtpd", default => undef, }, } } # Configure smtpd as mail server # # === Parameters # # $maildir: # Directory in user home for INBOX. Defaults to "Mail". # # $local: # Boolean for whether we accept mail for local recipients. # Defaults to true. # # $gecos: # Boolean for whether to enable gecos aliases. # Defaults to true. # # $domains: # Array of primary domains to accept mail for. # # $virtual: # Array of virtual domains to accept mail for. # # $ssl_key: # Source path of private key. # # $ssl_cert: # Source path of certificate. # class smtpd::server( $maildir="Mail", $local=true, $gecos=true, $domains=undef, $virtual=undef, $ssl_key="${::puppet_ssldir}/private_keys/${::homename}.pem", $ssl_cert="${::puppet_ssldir}/certs/${::homename}.pem" ) inherits smtpd { if $::operatingsystem != "OpenBSD" { fail("smtpd::server only supported on OpenBSD") } include procmail procmail::rc { "00-default.rc": content => "MAILDIR=\$HOME/${maildir}\nDEFAULT=\$MAILDIR/INBOX\n", } $mda = "/usr/local/bin/procmail -Y -t -f %{sender}" File["${confdir}/smtpd.conf"] { content => template("smtpd/server.conf.erb"), } file { [ "/root/${maildir}", "/etc/skel/${maildir}" ]: ensure => directory, mode => "0700", owner => "root", group => "wheel", before => Service["smtpd"], } include ssl file { "${ssl::private}/smtpd.key": ensure => present, mode => "0600", owner => "root", group => "wheel", source => $ssl_key, notify => Service["smtpd"], } file { "${ssl::certs}/smtpd.crt": ensure => present, mode => "0644", owner => "root", group => "wheel", source => $ssl_cert, notify => Service["smtpd"], } if $gecos == true { file { "/usr/local/sbin/generate-smtpd-gecos.sh": ensure => present, mode => "0700", owner => "root", group => "wheel", source => "puppet:///modules/smtpd/generate-smtpd-gecos.sh", } exec { "/usr/local/sbin/generate-smtpd-gecos.sh": unless => "/bin/test /etc/mail/gecos -nt /etc/passwd", require => File["/usr/local/sbin/generate-smtpd-gecos.sh"], notify => Exec["makemap aliases"], } } file { "/etc/mail/aliases": ensure => present, mode => "0644", owner => "root", group => "wheel", source => [ "puppet:///files/mail/aliases.${::homename}", "puppet:///files/mail/aliases", ], } exec { "makemap aliases": command => $gecos ? { false => "makemap aliases", true => "cat aliases gecos > aliases.gecos && makemap -o aliases.db aliases.gecos", }, refreshonly => true, cwd => "/etc/mail", path => "/bin:/usr/bin:/sbin:/usr/sbin", subscribe => File["/etc/mail/aliases"], before => Service["smtpd"], } file { "/etc/mail/clients": ensure => present, mode => "0644", owner => "root", group => "wheel", source => [ "puppet:///files/mail/clients.${::homename}", "puppet:///files/mail/clients", "puppet:///modules/smtpd/empty", ], } exec { "makemap -t set clients": refreshonly => true, cwd => "/etc/mail", path => "/bin:/usr/bin:/sbin:/usr/sbin", subscribe => File["/etc/mail/clients"], before => Service["smtpd"], } if $domains { smtpd::aliases { $domains: gecos => $gecos, subscribe => $gecos ? { false => undef, true => Exec["/usr/local/sbin/generate-smtpd-gecos.sh"], }, } } if $virtual { smtpd::virtual { $virtual: } } } # Install alias mapping for domain. # define smtpd::aliases($gecos) { file { "/etc/mail/aliases.${name}": ensure => present, mode => "0644", owner => "root", group => "wheel", source => [ "puppet:///files/mail/aliases.${name}", "puppet:///files/mail/aliases.${::homename}", "puppet:///files/mail/aliases", ], } exec { "makemap aliases.${name}": command => $gecos ? { false => "makemap aliases.${name}", true => "cat aliases.${name} gecos > aliases.${name}.gecos && makemap -o aliases.${name}.db aliases.${name}.gecos", }, refreshonly => true, cwd => "/etc/mail", path => "/bin:/usr/bin:/sbin:/usr/sbin", subscribe => File["/etc/mail/aliases.${name}"], before => Service["smtpd"], } } # Install virtual user mapping for domain. # define smtpd::virtual() { file { "/etc/mail/virtual.${name}": ensure => present, mode => "0644", owner => "root", group => "wheel", source => [ "puppet:///files/mail/virtual.${name}", "puppet:///files/mail/virtual.${::homename}", "puppet:///files/mail/virtual", ], } exec { "makemap virtual.${name}": refreshonly => true, cwd => "/etc/mail", path => "/bin:/usr/bin:/sbin:/usr/sbin", subscribe => File["/etc/mail/virtual.${name}"], before => Service["smtpd"], } }