1 # = Class: roles::mailrelay
3 # Setup for mailrelay hosts
7 # include roles::mailrelay
9 class roles::mailrelay {
10 include exim::mailrelay
12 include roles::pubsub::parameters
14 $rabbit_password = $roles::pubsub::parameters::rabbit_password
16 roles::pubsub::config { 'emailvdomains':
17 key => 'dsa-emailvdomains-receive',
19 queue => "email-${::fqdn}",
20 topic => 'dsa.email.update',
23 password => $rabbit_password
26 # smtp firewalling setup
28 @@ferm::rule::simple { "dsa-smtp-from-mailrelay-${::fqdn}":
29 tag => 'smtp::server::to::mail-satellite',
30 description => 'Allow smtp access from a mailrelay',
31 port => '7', # will be overwritten on collection
32 saddr => $base::public_addresses,
35 ferm::rule::simple { 'submission-from-satellites':
36 target => 'submission',
39 Ferm::Rule::Simple <<| tag == 'smtp::server::submission::to::mail-relay' |>>
41 $autocertdir = hiera('paths.auto_certs_dir')
42 dnsextras::tlsa_record{ 'tlsa-submission':
44 certfile => "${autocertdir}/${::fqdn}.crt",