Mercurial > repos > other > Puppet
diff modules/postfix/manifests/init.pp @ 0:956e484adc12
Initial public release of Puppet configs
author | IBBoard <dev@ibboard.co.uk> |
---|---|
date | Sat, 16 Aug 2014 19:47:38 +0000 |
parents | |
children | 6bbc86f6cee5 |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/postfix/manifests/init.pp Sat Aug 16 19:47:38 2014 +0000 @@ -0,0 +1,111 @@ +class postfix ( + $mailserver, + ){ + package { 'sendmail': + ensure => 'absent', + notify => Package['postfix'] + } + service { 'sendmail': + ensure => stopped, + notify => Package['sendmail'] + } + package { 'postfix': + ensure => latest; + } + service { 'postfix': + ensure => running, + subscribe => Package['postfix'], + } + exec { 'postmap-files': + command => 'for file in helo_whitelist recipient_bcc sender_access valias valias-blacklist virtual vmailbox; do postmap $file; done', + cwd => '/etc/postfix/', + provider => 'shell', + refreshonly => true, + notify => Service['postfix'], + } + File { + ensure => present, + notify => Exec['postmap-files'], + require => Package['postfix'], + } + file { '/etc/postfix/main.cf': + content => template('postfix/main.cf.erb'), + require => [ Package['postfix'], Class['dovecot'] ], + } + file { '/etc/postfix/master.cf': + source => 'puppet:///common/postfix/master.cf' + } + #Hosted domains + file { '/etc/postfix/vdomains': + source => 'puppet:///private/postfix/vdomains', + } + #Hosted mailboxes + file { '/etc/postfix/vmailbox': + source => 'puppet:///private/postfix/vmailbox', + } + #Catch-alls + file { '/etc/postfix/virtual': + source => 'puppet:///private/postfix/virtual', + } + #Forwarders/aliases + file { '/etc/postfix/valias': + source => 'puppet:///private/postfix/valias', + } + #BCCing of inbound email + file { '/etc/postfix/recipient_bcc': + source => 'puppet:///private/postfix/recipient_bcc', + } + #Spammed/removed addresses + file { '/etc/postfix/valias-blacklist': + source => 'puppet:///private/postfix/valias-blacklist', + } + #Spammed/removed address patterns + file { '/etc/postfix/valias-blacklist-regex': + source => 'puppet:///private/postfix/valias-blacklist-regex', + } + #Bad headers (use sparingly) + file { '/etc/postfix/header_checks': + source => 'puppet:///private/postfix/header_checks', + } + #Whitelisted HELO names + file { '/etc/postfix/helo_whitelist': + source => 'puppet:///private/postfix/helo_whitelist', + } + #Blacklist some domains (e.g. banks who don't do SPF that we don't bank with) + file { '/etc/postfix/sender_access': + source => 'puppet:///private/postfix/sender_access', + } + # Certificates + file { "/etc/pki/custom/$mailserver.crt": + ensure => present, + source => "puppet:///private/pki/custom/$mailserver.crt", + owner => 'postfix', + mode => 600, + } + file { "/etc/pki/custom/$mailserver.key": + ensure => present, + source => "puppet:///private/pki/custom/$mailserver.key", + owner => 'postfix', + mode => 600, + } + + # Mail base dir + file { '/var/mail/vhosts/': + ensure => directory, + owner => 505, + group => 505, + mode => 700, + } + + #SPF checking + file { '/usr/local/lib/postfix-policyd-spf-perl/': + ensure => directory + } + file { '/usr/local/lib/postfix-policyd-spf-perl/postfix-policyd-spf-perl': + source => 'puppet:///common/postfix/postfix-policyd-spf-perl', + } + $perl_pkgs = [ 'perl', 'perl-NetAddr-IP', 'perl-Mail-SPF', 'perl-version', 'perl-Sys-Hostname-Long'] + package { $perl_pkgs: + ensure => latest, + } +}