Initial import from bzr into github.

2008-12-03 17:53:28 +01:00 · 2008-12-03 17:53:28 +01:00 · 28df18c79f
commit 28df18c79f
13 changed files with 418 additions and 0 deletions
--- a/4
+++ b/4
@ -0,0 +1,4 @@
+include postfix-ng
+
+postfix-ng::config { "relay_domains": value  => "localhost host.foo.com" }
+
--- a/files/main.cf
+++ b/files/main.cf
@ -0,0 +1 @@
+# file managed by puppet
--- a/manifests/classes/postfix-mailman.pp
+++ b/manifests/classes/postfix-mailman.pp
@ -0,0 +1,20 @@
+class postfix-ng::mailman {
+  $postfix_ng_smtp_listen = "0.0.0.0"
+  include postfix-ng
+
+  postfix-ng::config {
+    "mydestination":                        value => "";
+    "virtual_alias_maps":                   value => "hash:/etc/postfix/virtual";
+    "transport_maps":                       value => "hash:/etc/postfix/transport";
+    "mailman_destination_recipient_limit":  value => "1", nonstandard => true;
+  }
+
+  postfix-ng::hash { "/etc/postfix/virtual":
+    ensure => present,
+  }
+
+  postfix-ng::hash { "/etc/postfix/transport":
+    ensure => present,
+  }
+
+}
--- a/manifests/classes/postfix-mta.pp
+++ b/manifests/classes/postfix-mta.pp
@ -0,0 +1,56 @@
+#########################################################################
+#
+# This class configures a minimal MTA, listening on
+# $postfix_ng_smtp_listen (default to localhost) and delivering mail to
+# $postfix_mydestination (default to $fqdn).
+#
+# A valid relay host is required ($postfix_relayhost) for outbound email.
+#
+# transport & virtual maps get configured and can be populated with
+# postfix-ng::transport and postfix-ng::virtual
+#
+# Example:
+#
+# node "toto.example.com" {
+#   $postfix_relayhost = "mail.example.com"
+#   $postfix_ng_smtp_listen = "0.0.0.0"
+#   $postfix_mydestination = "\$myorigin, myapp.example.com"
+#
+#   include postfix-ng::mta
+#
+#   postfix-ng::transport { "myapp.example.com":
+#     ensure => present,
+#     destination => "local:",
+#   }
+# }
+#
+
+class postfix-ng::mta {
+
+  case $postfix_relayhost {
+    "":   { fail("Required \$postfix_relayhost variable is not defined.") }
+  }
+
+  case $postfix_mydestination {
+    "": { $postfix_mydestination = "\$myorigin" }
+  }
+
+  include postfix-ng
+
+  postfix-ng::config {
+    "mydestination":                        value => $postfix_mydestination;
+    "mynetworks":                           value => "127.0.0.0/8";
+    "relayhost":                            value => $postfix_relayhost;
+    "virtual_alias_maps":                   value => "hash:/etc/postfix/virtual";
+    "transport_maps":                       value => "hash:/etc/postfix/transport";
+  }
+
+  postfix-ng::hash { "/etc/postfix/virtual":
+    ensure => present,
+  }
+
+  postfix-ng::hash { "/etc/postfix/transport":
+    ensure => present,
+  }
+
+}
--- a/manifests/classes/postfix-satellite.pp
+++ b/manifests/classes/postfix-satellite.pp
@ -0,0 +1,35 @@
+#########################################################################
+#
+# This class configures all local email (cron, mdadm, etc) to be forwarded
+# to $root_mail_recipient, using $postfix_relayhost as a relay.
+# 
+# $valid_fqdn can be set to override $fqdn in the case where the FQDN is
+# not recognized as valid by the destination server.
+#
+# All other parameters for postfix-ng::mta are valid.
+#
+# Example:
+#
+# node "toto.local.lan" {
+#   $postfix_relayhost = "mail.example.com"
+#   $valid_fqdn = "toto.example.com"
+#   $root_mail_recipient = "the.sysadmin@example.com"
+#
+#   include postfix-ng::satellite
+# }
+ 
+class postfix-ng::satellite {
+
+  # If $fake_fqdn exists, use it to override $fqdn
+  case $valid_fqdn {
+    "":      { $valid_fqdn = $fqdn }
+    default: { $fqdn = "${valid_fqdn}" }
+  }
+
+  include postfix-ng::mta
+
+  postfix-ng::virtual {"@${valid_fqdn}":
+    ensure      => present,
+    destination => "root",
+  }
+}
--- a/manifests/classes/postfix.pp
+++ b/manifests/classes/postfix.pp
@ -0,0 +1,91 @@
+#########################################################################
+#
+# This class provides a basic setup of postfix with local and remote
+# delivery and an SMTP server listening on the loopback interface.
+#
+
+class postfix-ng {
+
+  # Default value for various options
+  case $postfix_ng_smtp_listen {
+    "": { $postfix_ng_smtp_listen = "127.0.0.1" }
+  }
+  case $root_mail_recipient {
+    "":   { $root_mail_recipient = "nobody" }
+  }
+
+
+  package { ["postfix", "mailx"]:
+    ensure => installed
+  }
+
+  service { "postfix":
+    ensure  => running,
+    require => Package["postfix"],
+  }
+
+  file { "/etc/mailname":
+    ensure  => present,
+    content => "${fqdn}\n",
+  }
+
+  # Aliases
+
+  file { "/etc/aliases":
+    ensure => present,
+    content => "# file managed by puppet\n",
+    replace => false,
+    notify => Exec["newaliases"],
+  }
+
+  exec { "newaliases":
+    command     => "/usr/bin/newaliases",
+    refreshonly => true,
+    require     => Package["postfix"],
+    subscribe   => File["/etc/aliases"],
+  }
+
+  # Config files
+
+  file { "/etc/postfix/master.cf":
+    ensure  => present,
+    content => $lsbdistcodename ? {
+      Tikanga => template("postfix-ng/master.cf.redhat5.erb"),
+      etch => template("postfix-ng/master.cf.debian-etch.erb"),
+      default => "No puppet template defined for $lsbdistcodename\n",
+    },
+    notify  => Service["postfix"],
+    require => Package["postfix"],
+  }
+
+  file { "/etc/postfix/main.cf":
+    ensure  => present,
+    source  => "puppet:///postfix-ng/main.cf",
+    replace => false,
+    notify  => Service["postfix"],
+    require => Package["postfix"],
+  }
+
+  # Default configuration parameters
+
+  postfix-ng::config {
+    "myorigin":   value => "${fqdn}";
+    "alias_maps": value => "hash:/etc/aliases";
+    "inet_interfaces": value => "all";
+  }
+
+  case $operatingsystem {
+    RedHat: {
+      postfix-ng::config {
+        "sendmail_path": value => "/usr/sbin/sendmail.postfix";
+        "newaliases_path": value => "/usr/bin/newaliases.postfix";
+        "mailq_path": value => "/usr/bin/mailq.postfix";
+      }
+    }
+  }
+
+  mailalias {"root":
+    recipient => $root_mail_recipient,
+    notify    => Exec["newaliases"],
+  }
+}
--- a/manifests/definitions/config.pp
+++ b/manifests/definitions/config.pp
@ -0,0 +1,18 @@
+define postfix-ng::config ($ensure = present, $value, $nonstandard = false) {
+  case $ensure {
+    present: {
+      exec {"postconf -e ${name}='${value}'":
+        unless  => $nonstandard ? {
+          false => "test \"x$(postconf -h ${name})\" == 'x${value}'",
+          true  => "test \"x$(egrep '^${name} ' /etc/postfix/main.cf | cut -d= -f2 | cut -d' ' -f2)\" == 'x${value}'",
+        },
+        notify  => Service["postfix"],
+        require => File["/etc/postfix/main.cf"],
+      }
+    }
+
+    absent: {
+      fail "postfix-ng::config ensure => absent: Not implemented"
+    }
+  }
+}
--- a/manifests/definitions/hash.pp
+++ b/manifests/definitions/hash.pp
@ -0,0 +1,19 @@
+define postfix-ng::hash ($ensure) {
+  file {"${name}":
+    ensure => $ensure,
+    mode   => 600,
+  }
+
+  file {"${name}.db":
+    ensure  => $ensure,
+    mode    => 600,
+    require => [File["${name}"], Exec["generate ${name}.db"]],
+  }
+
+  exec {"generate ${name}.db":
+    command => "postmap ${name}",
+    #creates => "${name}.db", # this prevents postmap from being run !
+    subscribe => File["${name}"],
+    refreshonly => true
+  }
+}
--- a/manifests/definitions/transport.pp
+++ b/manifests/definitions/transport.pp
@ -0,0 +1,8 @@
+define postfix-ng::transport ($ensure, $destination) {
+  line {"${name} ${destination}":
+    ensure => present,
+    file   => "/etc/postfix/transport",
+    line   => "${name} ${destination}",
+    notify => Exec["generate /etc/postfix/transport.db"],
+  }
+}
--- a/manifests/definitions/virtual.pp
+++ b/manifests/definitions/virtual.pp
@ -0,0 +1,8 @@
+define postfix-ng::virtual ($ensure, $destination) {
+  line {"${name} ${destination}":
+    ensure => present,
+    file   => "/etc/postfix/virtual",
+    line   => "${name} ${destination}",
+    notify => Exec["generate /etc/postfix/virtual.db"],
+  }
+}
--- a/manifests/init.pp
+++ b/manifests/init.pp
@ -0,0 +1,2 @@
+import "classes/*.pp"
+import "definitions/*.pp"
--- a/templates/master.cf.debian-etch.erb
+++ b/templates/master.cf.debian-etch.erb
@ -0,0 +1,76 @@
+#
+# Postfix master process configuration file.  For details on the format
+# of the file, see the master(5) manual page (command: "man 5 master").
+#
+# ==========================================================================
+# service type  private unpriv  chroot  wakeup  maxproc command + args
+#               (yes)   (yes)   (yes)   (never) (100)
+# ==========================================================================
+<%= postfix_ng_smtp_listen %>:smtp      inet  n       -       -       -       -       smtpd
+#submission inet n       -       -       -       -       smtpd
+#  -o smtpd_enforce_tls=yes
+#  -o smtpd_sasl_auth_enable=yes
+#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+#smtps     inet  n       -       -       -       -       smtpd
+#  -o smtpd_tls_wrappermode=yes
+#  -o smtpd_sasl_auth_enable=yes
+#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+#628      inet  n       -       -       -       -       qmqpd
+pickup    fifo  n       -       -       60      1       pickup
+cleanup   unix  n       -       -       -       0       cleanup
+qmgr      fifo  n       -       n       300     1       qmgr
+#qmgr     fifo  n       -       -       300     1       oqmgr
+tlsmgr    unix  -       -       -       1000?   1       tlsmgr
+rewrite   unix  -       -       -       -       -       trivial-rewrite
+bounce    unix  -       -       -       -       0       bounce
+defer     unix  -       -       -       -       0       bounce
+trace     unix  -       -       -       -       0       bounce
+verify    unix  -       -       -       -       1       verify
+flush     unix  n       -       -       1000?   0       flush
+proxymap  unix  -       -       n       -       -       proxymap
+smtp      unix  -       -       -       -       -       smtp
+# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
+relay     unix  -       -       -       -       -       smtp
+	-o fallback_relay=
+#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
+showq     unix  n       -       -       -       -       showq
+error     unix  -       -       -       -       -       error
+discard   unix  -       -       -       -       -       discard
+local     unix  -       n       n       -       -       local
+virtual   unix  -       n       n       -       -       virtual
+lmtp      unix  -       -       -       -       -       lmtp
+anvil     unix  -       -       -       -       1       anvil
+scache	  unix	-	-	-	-	1	scache
+#
+# ====================================================================
+# Interfaces to non-Postfix software. Be sure to examine the manual
+# pages of the non-Postfix software to find out what options it wants.
+#
+# Many of the following services use the Postfix pipe(8) delivery
+# agent.  See the pipe(8) man page for information about ${recipient}
+# and other message envelope options.
+# ====================================================================
+#
+# maildrop. See the Postfix MAILDROP_README file for details.
+# Also specify in main.cf: maildrop_destination_recipient_limit=1
+#
+maildrop  unix  -       n       n       -       -       pipe
+  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
+#
+# See the Postfix UUCP_README file for configuration details.
+#
+uucp      unix  -       n       n       -       -       pipe
+  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
+#
+# Other external delivery methods.
+#
+ifmail    unix  -       n       n       -       -       pipe
+  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
+bsmtp     unix  -       n       n       -       -       pipe
+  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
+scalemail-backend unix	-	n	n	-	2	pipe
+  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
+mailman   unix  -       n       n       -       -       pipe
+  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
+  ${nexthop} ${user}
+
--- a/templates/master.cf.redhat5.erb
+++ b/templates/master.cf.redhat5.erb
@ -0,0 +1,80 @@
+#
+# Postfix master process configuration file.  For details on the format
+# of the file, see the master(5) manual page (command: "man 5 master").
+#
+# ==========================================================================
+# service type  private unpriv  chroot  wakeup  maxproc command + args
+#               (yes)   (yes)   (yes)   (never) (100)
+# ==========================================================================
+<%= postfix_ng_smtp_listen %>:smtp      inet  n       -       n       -       -       smtpd
+#smtp      inet  n       -       n       -       -       smtpd
+#submission inet n       -       n       -       -       smtpd
+#  -o smtpd_enforce_tls=yes
+#  -o smtpd_sasl_auth_enable=yes
+#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+#smtps     inet  n       -       n       -       -       smtpd
+#  -o smtpd_tls_wrappermode=yes
+#  -o smtpd_sasl_auth_enable=yes
+#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+#628      inet  n       -       n       -       -       qmqpd
+pickup    fifo  n       -       n       60      1       pickup
+cleanup   unix  n       -       n       -       0       cleanup
+qmgr      fifo  n       -       n       300     1       qmgr
+#qmgr     fifo  n       -       n       300     1       oqmgr
+tlsmgr    unix  -       -       n       1000?   1       tlsmgr
+rewrite   unix  -       -       n       -       -       trivial-rewrite
+bounce    unix  -       -       n       -       0       bounce
+defer     unix  -       -       n       -       0       bounce
+trace     unix  -       -       n       -       0       bounce
+verify    unix  -       -       n       -       1       verify
+flush     unix  n       -       n       1000?   0       flush
+proxymap  unix  -       -       n       -       -       proxymap
+smtp      unix  -       -       n       -       -       smtp
+# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
+relay     unix  -       -       n       -       -       smtp
+	-o fallback_relay=
+#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
+showq     unix  n       -       n       -       -       showq
+error     unix  -       -       n       -       -       error
+discard   unix  -       -       n       -       -       discard
+local     unix  -       n       n       -       -       local
+virtual   unix  -       n       n       -       -       virtual
+lmtp      unix  -       -       n       -       -       lmtp
+anvil     unix  -       -       n       -       1       anvil
+scache	  unix	-	-	n	-	1	scache
+#
+# ====================================================================
+# Interfaces to non-Postfix software. Be sure to examine the manual
+# pages of the non-Postfix software to find out what options it wants.
+#
+# Many of the following services use the Postfix pipe(8) delivery
+# agent.  See the pipe(8) man page for information about ${recipient}
+# and other message envelope options.
+# ====================================================================
+#
+# maildrop. See the Postfix MAILDROP_README file for details.
+# Also specify in main.cf: maildrop_destination_recipient_limit=1
+#
+maildrop  unix  -       n       n       -       -       pipe
+  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
+#
+# The Cyrus deliver program has changed incompatibly, multiple times.
+#
+old-cyrus unix  -       n       n       -       -       pipe
+  flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
+# Cyrus 2.1.5 (Amos Gouaux)
+# Also specify in main.cf: cyrus_destination_recipient_limit=1
+cyrus     unix  -       n       n       -       -       pipe
+  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
+#
+# See the Postfix UUCP_README file for configuration details.
+#
+uucp      unix  -       n       n       -       -       pipe
+  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
+#
+# Other external delivery methods.
+#
+ifmail    unix  -       n       n       -       -       pipe
+  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
+bsmtp     unix  -       n       n       -       -       pipe
+  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient