move exim vs. postfix, heavy vs. not, into hiera

[mirror/dsa-puppet.git] / modules / roles / manifests / mailrelay.pp

diff --git a/modules/roles/manifests/mailrelay.pp b/modules/roles/manifests/mailrelay.pp
index 57e2f44..a888531 100644 (file)
--- a/modules/roles/manifests/mailrelay.pp
+++ b/modules/roles/manifests/mailrelay.pp
@@ -1,2 +1,34 @@
+# = Class: roles::mailrelay
+#
+# Setup for mailrelay hosts
+#
+# == Sample Usage:
+#
+#   include roles::mailrelay
+#
 class roles::mailrelay {
+  include exim::mx
+
+  include roles::pubsub::parameters
+
+  $rabbit_password = $roles::pubsub::parameters::rabbit_password
+
+  roles::pubsub::config { 'emailvdomains':
+    key      => 'dsa-emailvdomains-receive',
+    exchange => dsa,
+    queue    => "email-${::fqdn}",
+    topic    => 'dsa.email.update',
+    vhost    => dsa,
+    username => $::fqdn,
+    password => $rabbit_password
+  }
+
+  # smtp firewalling setup
+  ###
+  @@ferm::rule::simple { "dsa-smtp-from-mailrelay-${::fqdn}":
+    tag         => 'smtp::server::from::mailrelay',
+    description => 'Allow smtp access from a mailrelay',
+    port        => '25',
+    saddr       => $base::public_addresses,
+  }
 }