69 lines
1.9 KiB
Puppet
69 lines
1.9 KiB
Puppet
#
|
|
# == Class: postfix::tlspolicy
|
|
#
|
|
# Manages Postfix TLS policy by merging policy snippets shipped:
|
|
# - in the module's files/tls_policy.d/
|
|
# - via postfix::tlspolicy_snippet defines
|
|
#
|
|
# Parameters:
|
|
# - $postfix_tls_fingerprint_digest (defaults to sha1)
|
|
#
|
|
# Example usage:
|
|
#
|
|
# node "toto.example.com" {
|
|
# $postfix_manage_tls_policy = yes
|
|
# include postfix
|
|
# }
|
|
#
|
|
class postfix::tlspolicy {
|
|
|
|
# Default value for parameters
|
|
case $postfix_tls_fingerprint_digest {
|
|
"": { $postfix_tls_fingerprint_digest = 'sha1' }
|
|
}
|
|
|
|
include common::moduledir
|
|
module_dir{'postfix/tls_policy': }
|
|
|
|
$postfix_tlspolicy_dir = "${common::moduledir::module_dir_path}/postfix/tls_policy"
|
|
$postfix_tlspolicy_snippets_dir = "${postfix_tlspolicy_dir}/tls_policy.d"
|
|
$postfix_merged_tlspolicy = "${postfix_tlspolicy_dir}/merged_tls_policy"
|
|
|
|
file {"$postfix_tlspolicy_snippets_dir":
|
|
ensure => 'directory',
|
|
owner => 'root',
|
|
group => '0',
|
|
mode => '700',
|
|
source => [
|
|
"puppet:///modules/site-postfix/${fqdn}/tls_policy.d",
|
|
"puppet:///modules/site-postfix/tls_policy.d",
|
|
"puppet:///files/etc/postfix/tls_policy.d",
|
|
"puppet:///modules/postfix/tls_policy.d",
|
|
],
|
|
recurse => true,
|
|
purge => false,
|
|
}
|
|
|
|
concatenated_file { "$postfix_merged_tlspolicy":
|
|
dir => "${postfix_tlspolicy_snippets_dir}",
|
|
require => File["$postfix_tlspolicy_snippets_dir"],
|
|
}
|
|
|
|
postfix::hash { '/etc/postfix/tls_policy':
|
|
source => "$postfix_merged_tlspolicy",
|
|
subscribe => File["$postfix_merged_tlspolicy"],
|
|
}
|
|
|
|
postfix::config {
|
|
'smtp_tls_fingerprint_digest': value => "$postfix_tls_fingerprint_digest";
|
|
}
|
|
|
|
postfix::config { 'smtp_tls_policy_maps':
|
|
value => 'hash:/etc/postfix/tls_policy',
|
|
require => [
|
|
Postfix::Hash['/etc/postfix/tls_policy'],
|
|
Postfix::Config['smtp_tls_fingerprint_digest'],
|
|
],
|
|
}
|
|
|
|
}
|