merge with git://labs.riseup.net/shared-postfix

2010-11-02 18:26:55 +01:00 · 2010-11-02 18:26:55 +01:00 · 070c247e96
commit 070c247e96
parent 60544a57c9 6193e0e0e9
7 changed files with 107 additions and 52 deletions
--- a/manifests/classes/postfix-mailman.pp
+++ b/manifests/classes/postfix-mailman.pp
@ -15,7 +15,7 @@
 #   }
 #
 class postfix::mailman {
-  $postfix_ng_smtp_listen = "0.0.0.0"
+  $postfix_smtp_listen = "0.0.0.0"
  include postfix
  postfix::config {
--- a/manifests/classes/postfix-mta.pp
+++ b/manifests/classes/postfix-mta.pp
@ -2,7 +2,7 @@
 # == Class: postfix::mta
 #
 # This class configures a minimal MTA, listening on
-# $postfix_ng_smtp_listen (default to localhost) and delivering mail to
+# $postfix_smtp_listen (default to localhost) and delivering mail to
 # $postfix_mydestination (default to $fqdn).
 #
 # A valid relay host is required ($postfix_relayhost) for outbound email.
@ -19,7 +19,7 @@
 #
 #   node "toto.example.com" {
 #     $postfix_relayhost = "mail.example.com"
-#     $postfix_ng_smtp_listen = "0.0.0.0"
+#     $postfix_smtp_listen = "0.0.0.0"
 #     $postfix_mydestination = "\$myorigin, myapp.example.com"
 #
 #     include postfix::mta
--- a/manifests/classes/postfix.pp
+++ b/manifests/classes/postfix.pp
@ -20,7 +20,7 @@ class postfix {
  # selinux labels differ from one distribution to another
  case $operatingsystem {
-    RedHat: {
+    RedHat, CentOS: {
      case $lsbmajdistrelease {
        "4":     { $postfix_seltype = "etc_t" }
        "5":     { $postfix_seltype = "postfix_etc_t" }
@ -34,8 +34,8 @@ class postfix {
  }
  # Default value for various options
-  case $postfix_ng_smtp_listen {
+  case $postfix_smtp_listen {
-    "": { $postfix_ng_smtp_listen = "127.0.0.1" }
+    "": { $postfix_smtp_listen = "127.0.0.1" }
  }
  case $root_mail_recipient {
    "":   { $root_mail_recipient = "nobody" }
@ -85,10 +85,13 @@ class postfix {
  file { "/etc/postfix/master.cf":
    ensure  => present,
    owner => "root",
    group => "root",
    mode => "0644",
    content => $operatingsystem ? {
      Redhat => template("postfix/master.cf.redhat5.erb"),
-      Debian,Ubuntu => template("postfix/master.cf.debian-etch.erb"),
+      CentOS => template("postfix/master.cf.redhat5.erb"),
      Debian => template("postfix/master.cf.debian-etch.erb"),
      Ubuntu => template("postfix/master.cf.debian-etch.erb"),
    },
    seltype => $postfix_seltype,
    notify  => Service["postfix"],
@ -99,8 +102,9 @@ class postfix {
  file { "/etc/postfix/main.cf":
    ensure  => present,
    owner => "root",
    group => "root",
    mode => "0644",
-    source  => "puppet:///postfix/main.cf",
+    source  => "puppet:///modules/postfix/main.cf",
    replace => false,
    seltype => $postfix_seltype,
    notify  => Service["postfix"],
@ -115,7 +119,7 @@ class postfix {
  }
  case $operatingsystem {
-    RedHat: {
+    RedHat, CentOS: {
      postfix::config {
        "sendmail_path": value => "/usr/sbin/sendmail.postfix";
        "newaliases_path": value => "/usr/bin/newaliases.postfix";
@ -124,8 +128,7 @@ class postfix {
    }
  }
-  mailalias {"root":
+  postfix::mailalias {"root":
    recipient => $root_mail_recipient,
    notify    => Exec["newaliases"],
  }
 }
--- a/manifests/definitions/hash.pp
+++ b/manifests/definitions/hash.pp
@ -5,11 +5,10 @@ Creates postfix hashed "map" files. It will create "${name}", and then build
 "${name}.db" using the "postmap" command. The map file can then be referred to
 using postfix::config.
 Note: the content of the file is not managed by this definition.
 Parameters:
 - *name*: the name of the map file.
- *ensure*: present/absent, defaults to present
+- *ensure*: present/absent, defaults to present.
 - *source*: file source.
 Requires:
 - Class["postfix"]
@ -29,12 +28,12 @@ Example usage:
  }
 */
-define postfix::hash ($ensure="present") {
+define postfix::hash ($ensure="present", $source = false) {
  # selinux labels differ from one distribution to another
  case $operatingsystem {
-    RedHat: {
+    RedHat, CentOS: {
      case $lsbmajdistrelease {
        "4":     { $postfix_seltype = "etc_t" }
        "5":     { $postfix_seltype = "postfix_etc_t" }
@ -47,11 +46,28 @@ define postfix::hash ($ensure="present") {
    }
  }
-  file {"${name}":
+  case $source {
-    ensure => $ensure,
+    false: {
-    mode   => 600,
+      file {"${name}":
-    seltype => $postfix_seltype,
+        ensure  => $ensure,
-    require => Package["postfix"],
+        mode    => 600,
        owner   => root,
        group   => root,
        seltype => $postfix_seltype,
        require => Package["postfix"],
      }
    }
    default: {
      file {"${name}":
        ensure  => $ensure,
        mode    => 600,
        owner   => root,
        group   => root,
        source  => $source,
        seltype => $postfix_seltype,
        require => Package["postfix"],
      }
    }
  }
  file {"${name}.db":
--- a/manifests/definitions/mailalias.pp
+++ b/manifests/definitions/mailalias.pp
@ -0,0 +1,32 @@
 /*
 == Definition: postfix::mailalias
 Wrapper around Puppet mailalias resource, provides newaliases executable.
 Parameters:
 - *name*: the name of the alias.
 - *ensure*: present/absent, defaults to present.
 - *recipient*: recipient of the alias.
 Requires:
 - Class["postfix"]
 Example usage:
  node "toto.example.com" {
    include postfix
    postfix::mailalias { "postmaster":
      ensure => present,
      recipient => 'foo'
  }
 */
 define mailalias ($ensure = 'present', $recipient) {
    mailalias { "${name}":
        ensure => $ensure,
        recipient => $recipient,
        notify => Exec['newaliases']
    }
 }
--- a/templates/master.cf.debian-etch.erb
+++ b/templates/master.cf.debian-etch.erb
@ -7,7 +7,8 @@
 # service type  private unpriv  chroot  wakeup  maxproc command + args
 #               (yes)   (yes)   (yes)   (never) (100)
 # ==========================================================================
-<%= postfix_ng_smtp_listen %>:smtp      inet  n       -       -       -       -       smtpd
+<% if postfix_smtp_listen == 'all' %>smtp      inet  n       -       -       -       -       smtpd
 <% else %><%= postfix_smtp_listen %>:smtp      inet  n       -       -       -       -       smtpd<% end %>
 #submission inet n       -       -       -       -       smtpd
 #  -o smtpd_enforce_tls=yes
 #  -o smtpd_sasl_auth_enable=yes
@ -74,33 +75,36 @@ scalemail-backend unix	-	n	n	-	2	pipe
 mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}
 <% if postfix_use_amavisd == 'yes' %>
 amavis unix - - - - 2 smtp
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes
-
+127.0.0.1:10025 inet n - - - - smtpd
-# Amavis 
+        -o content_filter=
-<% if (postfix_amavis == "true" ) -%>
+        -o local_recipient_maps=
-
+        -o relay_recipient_maps=
-## http://www.freespamfilter.org/FC4.html#_Toc110999176
+        -o smtpd_restriction_classes=
-
+        -o smtpd_client_restrictions=
-smtp-amavis  unix    -    -    y    -    2    smtp
+        -o smtpd_helo_restrictions=
- -o smtp_data_done_timeout=1200
+        -o smtpd_sender_restrictions=
- -o smtp_send_xforward_command=yes
+        -o smtpd_recipient_restrictions=permit_mynetworks,reject
- -o disable_dns_lookups=yes
+        -o mynetworks=127.0.0.0/8
- 
+        -o strict_rfc821_envelopes=yes
-127.0.0.1:10025 inet    n    -    y    -    -    smtpd
+        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
- -o content_filter=
+        -o smtpd_bind_address=127.0.0.1
- -o local_recipient_maps=
+<% end %>
- -o relay_recipient_maps=
+<% if postfix_use_dovecot_lda == 'yes' %>
- -o smtpd_restriction_classes=
+dovecot   unix  -       n       n       -       -       pipe
- -o smtpd_helo_restrictions=
+  flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
- -o smtpd_sender_restrictions=
+<% end %>
- -o smtpd_recipient_restrictions=permit_mynetworks,reject
+<% if postfix_use_schleuder == 'yes' %>
- -o mynetworks=127.0.0.0/8
+schleuder  unix  -       n       n       -       -       pipe
- -o strict_rfc821_envelopes=yes
+  flags=DRhu user=schleuder argv=/usr/bin/schleuder ${user}
- -o smtpd_error_sleep_time=0
+<% end %>
- -o smtpd_soft_error_limit=1001
+<% if postfix_use_sympa == 'yes' %>
- -o smtpd_hard_error_limit=1000
+sympa        unix  -       n       n       -       -       pipe
- -o receive_override_options=no_header_body_checks
+  flags=R user=sympa argv=/usr/lib/sympa/bin/queue ${recipient}
-<% else -%>
+sympabounce  unix  -       n       n       -       -       pipe
-# Amavis not configured
+  flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user}
-<% end -%>
+<% end %>
--- a/templates/master.cf.redhat5.erb
+++ b/templates/master.cf.redhat5.erb
@ -7,7 +7,7 @@
 # service type  private unpriv  chroot  wakeup  maxproc command + args
 #               (yes)   (yes)   (yes)   (never) (100)
 # ==========================================================================
-<%= postfix_ng_smtp_listen %>:smtp      inet  n       -       n       -       -       smtpd
+<%= postfix_smtp_listen %>:smtp      inet  n       -       n       -       -       smtpd
 #smtp      inet  n       -       n       -       -       smtpd
 #submission inet n       -       n       -       -       smtpd
 #  -o smtpd_enforce_tls=yes