module-postfix/README
2013-01-25 14:03:24 -02:00

65 lines
2.3 KiB
Text

= Postfix Puppet module
This module will help install and configure postfix.
A couple of classes will preconfigure postfix for common needs.
This module needs:
- the concat module: git://labs.riseup.net/shared-concat
!! Upgrade Notice (01/2013) !!
This module now uses parameterized classes, where it used global variables
before. So please whatch out before pulling, you need to change the
class declarations in your manifest !
Config
------
- set $use_amavisd="yes" to include postfix::amavis
- set $anon_sasl="yes" to hide the originating IP in email
relayed for an authenticated SASL client; this needs Postfix
2.3 or later to work; beware! Postfix logs the header replacement
has been done, which means that you are storing this information,
unless you are anonymizing your logs.
- set $manage_header_checks="yes" to manage header checks (see
postfix::header_checks for details)
- set $manage_transport_regexp="yes" to manage header checks (see
postfix::transport_regexp for details)
- set $manage_virtual_regexp="yes" to manage header checks (see
postfix::virtual_regexp for details)
- set $manage_tls_policy="yes" to manage TLS policy (see
postfix::tlspolicy for details)
- by default, postfix will bind to all interfaces, but sometimes you don't want
that. To bind to specific interfaces, use the $inet_interfaces
variable and set it to exactly what would be in the main.cf file.
- some hosts have weird-looking host names (dedicated servers and VPSes). To
set the server's domain of origin, set the $myorigin value
== Example:
class { 'postfix': }
postfix::config { "relay_domains": value => "localhost host.foo.com" }
Deprecation notice
------------------
It used to be that one could drop header checks snippets into the
following source directories:
"puppet:///modules/site-postfix/${fqdn}/header_checks.d"
"puppet:///modules/site-postfix/header_checks.d"
"puppet:///files/etc/postfix/header_checks.d"
"puppet:///modules/postfix/header_checks.d"
... and TLS policy snippets into those:
"puppet:///modules/site-postfix/${fqdn}/tls_policy.d"
"puppet:///modules/site-postfix/tls_policy.d"
"puppet:///modules/postfix/tls_policy.d"
This is not supported anymore.
Every such snippet much now be configured using the (respectively)
postfix::header_checks_snippet and postfix::tlspolicy_snippet defines.