2 Boolean $is_bugsmx = false,
3 Boolean $is_mailrelay = false,
4 Boolean $is_rtmaster = false,
5 Boolean $is_packagesmaster = false,
6 Boolean $is_packagesqamaster = false,
8 include exim::vdomain::setup
9 include debian_org::mail_incoming_port
11 munin::check { 'ps_exim4': script => 'ps_' }
12 munin::check { 'exim_mailqueue': }
13 munin::check { 'exim_mailstats': }
15 munin::check { 'postfix_mailqueue': ensure => absent }
16 munin::check { 'postfix_mailstats': ensure => absent }
17 munin::check { 'postfix_mailvolume': ensure => absent }
19 package { 'exim4-daemon-heavy': ensure => installed }
21 Package['exim4-daemon-heavy']->Mailalias<| |>
23 concat::fragment { 'virtual_domain_template':
24 target => '/etc/exim4/virtualdomains',
25 content => template('exim/virtualdomains.erb'),
32 File['/etc/exim4/exim4.conf'],
33 Package['exim4-daemon-heavy'],
40 require => Package['exim4-daemon-heavy'],
43 file { '/etc/exim4/conf.d':
48 source => 'puppet:///files/empty/',
50 file { '/etc/exim4/ssl':
52 group => 'Debian-exim',
56 file { '/etc/exim4/exim4.conf':
57 content => template('exim/eximconf.erb'),
58 require => File['/etc/exim4/ssl/thishost.crt'],
59 notify => Service['exim4'],
61 file { '/etc/mailname':
62 content => template('exim/mailname.erb'),
64 file { '/etc/exim4/manualroute':
65 content => template('exim/manualroute.erb')
67 file { '/etc/exim4/locals':
68 content => template('exim/locals.erb')
70 file { '/etc/exim4/submission-domains':
71 content => template('exim/submission-domains.erb'),
73 file { '/etc/exim4/host_blacklist':
74 source => 'puppet:///modules/exim/common/host_blacklist',
76 file { '/etc/exim4/blacklist':
77 source => 'puppet:///modules/exim/common/blacklist',
79 file { '/etc/exim4/callout_users':
80 source => 'puppet:///modules/exim/common/callout_users',
82 file { '/etc/exim4/grey_users':
83 source => 'puppet:///modules/exim/common/grey_users',
85 file { '/etc/exim4/helo-check':
86 source => 'puppet:///modules/exim/common/helo-check',
88 file { '/etc/exim4/localusers':
89 source => 'puppet:///modules/exim/common/localusers',
91 file { '/etc/exim4/rbllist':
92 source => 'puppet:///modules/exim/common/rbllist',
94 file { '/etc/exim4/rhsbllist':
95 source => 'puppet:///modules/exim/common/rhsbllist',
97 file { '/etc/exim4/whitelist':
98 source => 'puppet:///modules/exim/common/whitelist',
100 file { '/etc/logrotate.d/exim4-base':
101 source => 'puppet:///modules/exim/common/logrotate-exim4-base',
103 file { '/etc/logrotate.d/exim4-paniclog':
104 source => 'puppet:///modules/exim/common/logrotate-exim4-paniclog'
106 file { '/etc/exim4/ssl/thishost.crt':
107 content => inline_template('<%= File.read(scope().call_function("hiera", ["paths.auto_certs_dir"]) + "/" + @fqdn + ".crt") %>'),
108 group => 'Debian-exim',
111 file { '/etc/exim4/ssl/thishost.key':
112 content => inline_template('<%= File.read(scope().call_function("hiera", ["paths.auto_certs_dir"]) + "/" + @fqdn + ".key") %>'),
113 group => 'Debian-exim',
116 file { '/etc/exim4/ssl/ca.crt':
117 content => inline_template('<%= File.read(scope().call_function("hiera", ["paths.auto_certs_dir"]) + "/ca.crt") %>'),
118 group => 'Debian-exim',
121 file { '/etc/exim4/ssl/ca.crl':
122 content => inline_template('<%= File.read(scope().call_function("hiera", ["paths.auto_certs_dir"]) + "/ca.crl") %>'),
123 group => 'Debian-exim',
126 file { '/var/log/exim4':
129 owner => 'Debian-exim',
133 # Do we actually want this? I'm only doing it because it's harmless
134 # and makes the logs quiet. There are better ways of making logs quiet,
136 ferm::rule { 'dsa-ident':
137 domain => '(ip ip6)',
138 description => 'Allow ident access',
139 rule => '&SERVICE(tcp, 113)'
142 # These only affect the alias @$fqdn, not say, @debian.org
projects / mirror / dsa-puppet.git / blob