From 531d802bad6894a9b81393053b3e6ac7fdde2cba Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sat, 7 Apr 2012 15:40:42 -0300 Subject: [PATCH] Adding transport_regexp and virtual_regexp management --- README | 4 ++ manifests/init.pp | 6 +++ manifests/transport_regexp.pp | 55 ++++++++++++++++++++++ manifests/transport_regexp_snippet.pp | 67 +++++++++++++++++++++++++++ manifests/virtual_regexp.pp | 55 ++++++++++++++++++++++ manifests/virtual_regexp_snippet.pp | 67 +++++++++++++++++++++++++++ 6 files changed, 254 insertions(+) create mode 100644 manifests/transport_regexp.pp create mode 100644 manifests/transport_regexp_snippet.pp create mode 100644 manifests/virtual_regexp.pp create mode 100644 manifests/virtual_regexp_snippet.pp diff --git a/README b/README index 1e32a45..19771af 100644 --- a/README +++ b/README @@ -14,6 +14,10 @@ Config unless you are anonymizing your logs. - set $postfix_manage_header_checks="yes" to manage header checks (see postfix::header_checks for details) +- set $postfix_manage_transport_regexp="yes" to manage header checks (see + postfix::transport_regexp for details) +- set $postfix_manage_virtual_regexp="yes" to manage header checks (see + postfix::virtual_regexp for details) - set $postfix_manage_tls_policy="yes" to manage TLS policy (see postfix::tlspolicy for details) - by default, postfix will bind to all interfaces, but sometimes you don't want diff --git a/manifests/init.pp b/manifests/init.pp index 63a50b9..587f30b 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -88,6 +88,12 @@ class postfix { if $postfix_use_amavisd == 'yes' { include postfix::amavis } + if $postfix_manage_transport_regexp == 'yes' { + include postfix::transport_regexp + } + if $postfix_manage_virtual_regexp == 'yes' { + include postfix::virtual_regexp + } package { ["postfix", "mailx"]: ensure => installed diff --git a/manifests/transport_regexp.pp b/manifests/transport_regexp.pp new file mode 100644 index 0000000..924ae8a --- /dev/null +++ b/manifests/transport_regexp.pp @@ -0,0 +1,55 @@ +# +# == Class: postfix::transport_regexp +# +# Manages Postfix transport_regexp by merging snippets shipped: +# - in the module's files/transport_regexp.d/ or puppet:///files/etc/postfix/transport_regexp.d +# (the latter takes precedence if present); site-postfix module is supported +# as well, see the source argument of file {"$postfix_transport_regexp_snippets_dir" +# bellow for details. +# - via postfix::transport_regexp_snippet defines +# +# Example usage: +# +# node "toto.example.com" { +# $postfix_manage_transport_regexp = yes +# include postfix +# postfix::config { "transport_maps": +# value => "hash:/etc/postfix/transport, regexp:/etc/postfix/transport_regexp", +# } +# } +# +class postfix::transport_regexp { + + include common::moduledir + module_dir{'postfix/transport_regexp': } + + $postfix_transport_regexp_dir = "${common::moduledir::module_dir_path}/postfix/transport_regexp" + $postfix_transport_regexp_snippets_dir = "${postfix_transport_regexp_dir}/transport_regexp.d" + $postfix_merged_transport_regexp = "${postfix_transport_regexp_dir}/merged_transport_regexp" + + file {"$postfix_transport_regexp_snippets_dir": + ensure => 'directory', + owner => 'root', + group => '0', + mode => '700', + source => [ + "puppet:///modules/site-postfix/${fqdn}/transport_regexp.d", + "puppet:///modules/site-postfix/transport_regexp.d", + "puppet:///files/etc/postfix/transport_regexp.d", + "puppet:///modules/postfix/transport_regexp.d", + ], + recurse => true, + purge => false, + } + + concatenated_file { "$postfix_merged_transport_regexp": + dir => "${postfix_transport_regexp_snippets_dir}", + require => File["$postfix_transport_regexp_snippets_dir"], + } + + config_file { '/etc/postfix/transport_regexp': + source => "$postfix_merged_transport_regexp", + subscribe => File["$postfix_merged_transport_regexp"], + } + +} diff --git a/manifests/transport_regexp_snippet.pp b/manifests/transport_regexp_snippet.pp new file mode 100644 index 0000000..eb43c37 --- /dev/null +++ b/manifests/transport_regexp_snippet.pp @@ -0,0 +1,67 @@ +/* +== Definition: postfix::transport_regexp_snippet + +Adds a transport_regexp snippets to /etc/postfix/transport_regexp. +See the postfix::transport_regexp class for details. + +Parameters: +- *source* or *content*: source or content of the transport_regexp snippet +- *ensure*: present (default) or absent + +Requires: +- Class["postfix"] + +Example usage: + + node "toto.example.com" { + include postfix + postfix::transport_regexp { + 'wrong_date': content => 'FIXME'; + 'bla': source => 'puppet:///files/etc/postfix/transport_regexp.d/bla'; + } + } + +*/ + +define postfix::transport_regexp_snippet ( + $ensure = "present", + $source = '', + $content = undef +) { + + if $source == '' and $content == undef { + fail("One of \$source or \$content must be specified for postfix::transport_regexp_snippet ${name}") + } + + if $source != '' and $content != undef { + fail("Only one of \$source or \$content must specified for postfix::transport_regexp_snippet ${name}") + } + + if ($value == false) and ($ensure == "present") { + fail("The value parameter must be set when using the postfix::transport_regexp_snippet define with ensure=present.") + } + + include postfix::transport_regexp + + $snippetfile = "${postfix::transport_regexp::postfix_transport_regexp_snippets_dir}/${name}" + + file { "$snippetfile": + ensure => "$ensure", + mode => 600, + owner => root, + group => 0, + notify => Exec["concat_${postfix::transport_regexp::postfix_merged_transport_regexp}"], + } + + if $source { + File["$snippetfile"] { + source => $source, + } + } + else { + File["$snippetfile"] { + content => $content, + } + } + +} diff --git a/manifests/virtual_regexp.pp b/manifests/virtual_regexp.pp new file mode 100644 index 0000000..db41354 --- /dev/null +++ b/manifests/virtual_regexp.pp @@ -0,0 +1,55 @@ +# +# == Class: postfix::virtual_regexp +# +# Manages Postfix virtual_regexp by merging snippets shipped: +# - in the module's files/virtual_regexp.d/ or puppet:///files/etc/postfix/virtual_regexp.d +# (the latter takes precedence if present); site-postfix module is supported +# as well, see the source argument of file {"$postfix_virtual_regexp_snippets_dir" +# bellow for details. +# - via postfix::virtual_regexp_snippet defines +# +# Example usage: +# +# node "toto.example.com" { +# $postfix_manage_virtual_regexp = yes +# include postfix +# postfix::config { "virtual_alias_maps": +# value => 'hash://postfix/virtual, regexp:/etc/postfix/virtual_regexp', +# } +# } +# +class postfix::virtual_regexp { + + include common::moduledir + module_dir{'postfix/virtual_regexp': } + + $postfix_virtual_regexp_dir = "${common::moduledir::module_dir_path}/postfix/virtual_regexp" + $postfix_virtual_regexp_snippets_dir = "${postfix_virtual_regexp_dir}/virtual_regexp.d" + $postfix_merged_virtual_regexp = "${postfix_virtual_regexp_dir}/merged_virtual_regexp" + + file {"$postfix_virtual_regexp_snippets_dir": + ensure => 'directory', + owner => 'root', + group => '0', + mode => '700', + source => [ + "puppet:///modules/site-postfix/${fqdn}/virtual_regexp.d", + "puppet:///modules/site-postfix/virtual_regexp.d", + "puppet:///files/etc/postfix/virtual_regexp.d", + "puppet:///modules/postfix/virtual_regexp.d", + ], + recurse => true, + purge => false, + } + + concatenated_file { "$postfix_merged_virtual_regexp": + dir => "${postfix_virtual_regexp_snippets_dir}", + require => File["$postfix_virtual_regexp_snippets_dir"], + } + + config_file { '/etc/postfix/virtual_regexp': + source => "$postfix_merged_virtual_regexp", + subscribe => File["$postfix_merged_virtual_regexp"], + } + +} diff --git a/manifests/virtual_regexp_snippet.pp b/manifests/virtual_regexp_snippet.pp new file mode 100644 index 0000000..b4515b4 --- /dev/null +++ b/manifests/virtual_regexp_snippet.pp @@ -0,0 +1,67 @@ +/* +== Definition: postfix::virtual_regexp_snippet + +Adds a virtual_regexp snippets to /etc/postfix/virtual_regexp. +See the postfix::virtual_regexp class for details. + +Parameters: +- *source* or *content*: source or content of the virtual_regexp snippet +- *ensure*: present (default) or absent + +Requires: +- Class["postfix"] + +Example usage: + + node "toto.example.com" { + include postfix + postfix::virtual_regexp { + 'wrong_date': content => 'FIXME'; + 'bla': source => 'puppet:///files/etc/postfix/virtual_regexp.d/bla'; + } + } + +*/ + +define postfix::virtual_regexp_snippet ( + $ensure = "present", + $source = '', + $content = undef +) { + + if $source == '' and $content == undef { + fail("One of \$source or \$content must be specified for postfix::virtual_regexp_snippet ${name}") + } + + if $source != '' and $content != undef { + fail("Only one of \$source or \$content must specified for postfix::virtual_regexp_snippet ${name}") + } + + if ($value == false) and ($ensure == "present") { + fail("The value parameter must be set when using the postfix::virtual_regexp_snippet define with ensure=present.") + } + + include postfix::virtual_regexp + + $snippetfile = "${postfix::virtual_regexp::postfix_virtual_regexp_snippets_dir}/${name}" + + file { "$snippetfile": + ensure => "$ensure", + mode => 600, + owner => root, + group => 0, + notify => Exec["concat_${postfix::virtual_regexp::postfix_merged_virtual_regexp}"], + } + + if $source { + File["$snippetfile"] { + source => $source, + } + } + else { + File["$snippetfile"] { + content => $content, + } + } + +}