projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Make TLS usage in exim conditional on having the infrastructure to do
[mirror/dsa-puppet.git] / modules / exim / manifests / init.pp
diff --git a/modules/exim/manifests/init.pp b/modules/exim/manifests/init.pp
index 2233da9..0b1af4b 100644 (file)
--- a/modules/exim/manifests/init.pp
+++ b/modules/exim/manifests/init.pp
@@ -94,17 +94,31 @@ class exim {
           ;
         "/etc/exim4/ssl/thishost.crt":
           require => Package["exim4-daemon-heavy"],
-          source  => "puppet:///exim/certs/$fqdn.crt"
+          source  => "puppet:///exim/certs/$fqdn.crt",
           owner   => root,
           group   => Debian-exim,
-          mode    => 640,
+          mode    => 640
           ;
         "/etc/exim4/ssl/thishost.key":
           require => Package["exim4-daemon-heavy"],
-          source  => "puppet:///exim/certs/$fqdn.key"
+          source  => "puppet:///exim/certs/$fqdn.key",
           owner   => root,
           group   => Debian-exim,
-          mode    => 640,
+          mode    => 640
+          ;
+        "/etc/exim4/ssl/ca.crt":
+          require => Package["exim4-daemon-heavy"],
+          source  => "puppet:///exim/certs/ca.crt",
+          owner   => root,
+          group   => Debian-exim,
+          mode    => 640
+          ;
+        "/etc/exim4/ssl/ca.crl":
+          require => Package["exim4-daemon-heavy"],
+          source  => "puppet:///exim/certs/ca.crl",
+          owner   => root,
+          group   => Debian-exim,
+          mode    => 640
           ;
     }
 
Unnamed repository; edit this file 'description' to name the repository.