Fix CSAIL IPv6 subnet

[mirror/dsa-puppet.git] / modules / postfix / manifests / init.pp

diff --git a/modules/postfix/manifests/init.pp b/modules/postfix/manifests/init.pp
index abb3ace..8c1d2b2 100644 (file)
--- a/modules/postfix/manifests/init.pp
+++ b/modules/postfix/manifests/init.pp
@@ -1,5 +1,4 @@
 class postfix {
-
        package { 'postfix':
                ensure => installed
        }
@@ -8,7 +7,7 @@ class postfix {
                ensure => running
        }
 
-       include clamav
+       include debian_org::mail_incoming_port
 
        munin::check { 'ps_exim4':       ensure => absent }
        munin::check { 'exim_mailqueue': ensure => absent }
@@ -20,9 +19,23 @@ class postfix {
        munin::check { 'ps_smtp': script => 'ps_' }
        munin::check { 'ps_smtpd': script => 'ps_' }
 
-       @ferm::rule { 'smtp':
-               domain      => '(ip ip6)',
-               description => 'Allow smtp access',
-               rule        => '&SERVICE(tcp, 25)'
+       if ! has_role('lists') {
+               concat { '/etc/postfix/main.cf':
+                       notify  => Exec['service postfix reload'],
+               }
+               concat::fragment { 'puppet-postfix-main.cf--header':
+                       target => '/etc/postfix/main.cf',
+                       order  => '000',
+                       content => template('postfix/main.cf-header.erb')
+               }
+       } else {
+               include fail2ban::postfix
+       }
+
+       exec { 'service postfix reload':
+               path        => '/usr/bin:/usr/sbin:/bin:/sbin',
+               command     => 'service postfix reload',
+               refreshonly => true,
+               require =>  Package['postfix'],
        }
 }