# include roles::mailrelay
#
class roles::mailrelay {
- include roles::pubsub::parameters
+ include exim::mailrelay
- $rabbit_password = $roles::pubsub::parameters::rabbit_password
+ include roles::pubsub::parameters
- roles::pubsub::config { 'emailvdomains':
- key => 'dsa-emailvdomains-receive',
- exchange => dsa,
- queue => "email-${::fqdn}",
- topic => 'dsa.email.update',
- vhost => dsa,
- username => $::fqdn,
- password => $rabbit_password
- }
+ $rabbit_password = $roles::pubsub::parameters::rabbit_password
+
+ roles::pubsub::config { 'emailvdomains':
+ key => 'dsa-emailvdomains-receive',
+ exchange => dsa,
+ queue => "email-${::fqdn}",
+ topic => 'dsa.email.update',
+ vhost => dsa,
+ username => $::fqdn,
+ password => $rabbit_password
+ }
+
+ # smtp firewalling setup
+ ###
+ @@ferm::rule::simple { "dsa-smtp-from-mailrelay-${::fqdn}":
+ tag => 'smtp::server::from::mailrelay',
+ description => 'Allow smtp access from a mailrelay',
+ port => '7', # will be overwritten on collection
+ saddr => $base::public_addresses,
+ }
}