puppet/dovecot/manifests/init.pp

class dovecot::common {

    case $operatingsystem {
        centos,fedora: {
            package { ["dovecot"]:
                ensure => installed,
            }
        }
        default: {
            fail("Dovecot module not supported in ${operatingsystem}.")
        }
    }
}

# === Global variables
#
#   $dovecot_mail_domain:
#       Mail domain name.
#   $dovecot_mx_mailname:
#       MX mail name.
#   $dovecot_ssl_csr:
#       Puppet source for the CSR file.
#   $dovecot_ssl_cert:
#       Puppet source for the X.509 certificate.
#   $dovecot_ssl_key:
#       Puppet source for the X.509 key.
#   $dovecot_ssl_chain:
#       Puppet source for the optional X.509 chain certificate.

class dovecot::server inherits dovecot::common {

    case $operatingsystem {
        centos,fedora: {
            $dovecot_ssl_dir = "/etc/pki/tls"
        }
        default: {
            fail("Dovecot module not supported in ${operatingsystem}.")
        }
    }

    service { "dovecot":
        ensure  => running,
        enable  => true,
        require => File["/etc/dovecot.conf"],
    }

    if $dovecot_ssl_csr {
        file { "$dovecot_ssl_dir/private/${dovecot_mx_mailname}.csr":
            ensure => present,
            source => $dovecot_ssl_csr,
            mode   => 0640,
            owner  => root,
            group  => root,
            notify => Service["dovecot"],
        }
    }

    if $dovecot_ssl_chain {
        file { "$dovecot_ssl_dir/certs/${dovecot_mx_mailname}.chain.crt":
            ensure => present,
            source => $dovecot_ssl_chain,
            mode   => 0644,
            owner  => root,
            group  => root,
            notify => Service["dovecot"],
        }
    }

    if $dovecot_ssl_cert {
        file { "$dovecot_ssl_dir/certs/${dovecot_mx_mailname}.crt":
            ensure => present,
            source => $dovecot_ssl_cert,
            mode   => 0644,
            owner  => root,
            group  => root,
            notify => Service["dovecot"],
        }
    } else {
        fail("You need to define an ssl_cert in your node manifest.")
    }

    if $dovecot_ssl_key {
        file { "$dovecot_ssl_dir/private/${dovecot_mx_mailname}.key":
            ensure => present,
            source => $dovecot_ssl_key,
            mode   => 0600,
            owner  => root,
            group  => root,
            notify => Service["dovecot"],
        }
    } else {
        fail("You need to define an ssl_key in your node manifest.")
    }

    file { "/etc/dovecot.conf":
        ensure  => present,
        content => template("dovecot/dovecot.conf.erb"),
        mode    => 0644,
        owner   => root,
        group   => root,
        notify => Service["dovecot"],
    }

}