opuppet/module-postfix
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Add support for managing header_checks.

Browse source 
This support is modeled after the existing TLS policy management:  the
header_cheks file is produced by merging snippets shipped by the Puppet
fileserver, a site-module and/or postfix::header_checks_snippet defines.
This commit is contained in:
intrigeri 2011-03-05 04:45:37 +01:00
parent cc8c37d5da
commit 0583cf4988
5 changed files with 132 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README
View file

@ -7,6 +7,8 @@ A couple of classes will preconfigure postfix for common needs.
Config Config
------ ------
- set $postfix_use_amavisd="yes" to include postfix::amavis - set $postfix_use_amavisd="yes" to include postfix::amavis
- set $postfix_manage_header_checks="yes" to manage header checks (see
postfix::header_checks for details)
- set $postfix_manage_tls_policy="yes" to manage TLS policy (see - set $postfix_manage_tls_policy="yes" to manage TLS policy (see
postfix::tlspolicy for details) postfix::tlspolicy for details)

0
files/header_checks.d/.ignore Normal file
View file

57
manifests/classes/postfix-header_checks.pp Normal file
View file

@ -0,0 +1,57 @@
#
# == Class: postfix::header_checks
#
# Manages Postfix header_checks by merging snippets shipped:
# - in the module's files/header_checks.d/ or puppet:///files/etc/postfix/header_checks.d
# (the latter takes precedence if present); site-postfix module is supported
# as well, see the source argument of file {"$postfix_header_checks_snippets_dir"
# bellow for details.
# - via postfix::header_checks_snippet defines
#
# Example usage:
#
# node "toto.example.com" {
# $postfix_manage_header_checks = yes
# include postfix
# }
#
class postfix::header_checks {
include common::moduledir
module_dir{'postfix/header_checks': }
$postfix_header_checks_dir = "${common::moduledir::module_dir_path}/postfix/header_checks"
$postfix_header_checks_snippets_dir = "${postfix_header_checks_dir}/header_checks.d"
$postfix_merged_header_checks = "${postfix_header_checks_dir}/merged_header_checks"
file {"$postfix_header_checks_snippets_dir":
ensure => 'directory',
owner => 'root',
group => '0',
mode => '700',
source => [
"puppet:///modules/site-postfix/${fqdn}/header_checks.d",
"puppet:///modules/site-postfix/header_checks.d",
"puppet:///files/etc/postfix/header_checks.d",
"puppet:///modules/postfix/header_checks.d",
],
recurse => true,
purge => false,
}
concatenated_file { "$postfix_merged_header_checks":
dir => "${postfix_header_checks_snippets_dir}",
require => File["$postfix_header_checks_snippets_dir"],
}
config_file { '/etc/postfix/header_checks':
source => "$postfix_merged_header_checks",
subscribe => File["$postfix_merged_header_checks"],
}
postfix::config { "header_checks":
value => 'regexp:/etc/postfix/header_checks',
require => File['/etc/postfix/header_checks'],
}
}

6
manifests/classes/postfix.pp
View file

@ -40,6 +40,9 @@ class postfix {
case $root_mail_recipient { case $root_mail_recipient {
"": { $root_mail_recipient = "nobody" } "": { $root_mail_recipient = "nobody" }
} }
case $postfix_manage_header_checks {
"": { $postfix_manage_header_checks = "no" }
}
case $postfix_manage_tls_policy { case $postfix_manage_tls_policy {
"": { $postfix_manage_tls_policy = "no" } "": { $postfix_manage_tls_policy = "no" }
} }
@ -64,6 +67,9 @@ class postfix {
module_dir{'postfix': } module_dir{'postfix': }
# Include optional classes # Include optional classes
if $postfix_manage_header_checks == 'yes' {
include postfix::header_checks
}
if $postfix_manage_tls_policy == 'yes' { if $postfix_manage_tls_policy == 'yes' {
include postfix::tlspolicy include postfix::tlspolicy
} }

67
manifests/definitions/header_checks_snippet.pp Normal file
View file

@ -0,0 +1,67 @@
/*
== Definition: postfix::header_checks_snippet
Adds a header_checks snippets to /etc/postfix/header_checks.
See the postfix::header_checks class for details.
Parameters:
- *source* or *content*: source or content of the header_checks snippet
- *ensure*: present (default) or absent
Requires:
- Class["postfix"]
Example usage:
node "toto.example.com" {
include postfix
postfix::header_checks {
'wrong_date': content => 'FIXME';
'bla': source => 'puppet:///files/etc/postfix/header_checks.d/bla';
}
}
*/
define postfix::header_checks_snippet (
$ensure = "present",
$source = '',
$content = undef
) {
if $source == '' and $content == undef {
fail("One of \$source or \$content must be specified for postfix::header_checks_snippet ${name}")
}
if $source != '' and $content != undef {
fail("Only one of \$source or \$content must specified for postfix::header_checks_snippet ${name}")
}
if ($value == false) and ($ensure == "present") {
fail("The value parameter must be set when using the postfix::header_checks_snippet define with ensure=present.")
}
include postfix::header_checks
$snippetfile = "${postfix::header_checks::postfix_header_checks_snippets_dir}/${name}"
file { "$snippetfile":
ensure => "$ensure",
mode => 600,
owner => root,
group => 0,
notify => Exec["concat_${postfix::header_checks::postfix_merged_header_checks}"],
}
if $source {
File["$snippetfile"] {
source => $source,
}
}
else {
File["$snippetfile"] {
content => $content,
}
}
}