group => '_vmail',
}
+ $pw_salt = hkdf('/etc/puppet/secret', "mail-imap-dovecot-${::hostname}-${salsa::servicename}-${salsa::mail_username}-salt-generator")
+ $hashed_pw = pw_hash($salsa::mail_password, 'SHA-512', $pw_salt)
file { '/etc/dovecot/users':
- # XXX fix uid/git/password
mode => '440',
group => 'dovecot',
- content => @(EOF),
- gitlab:$6$PoaX25m/P52bFbEU$tguOOYZZvOD49cmtlrqgRL4nKluakaVudPYOKkEcDZu/fZXXxyqjga9HypFwmBrj3uSP/wt2rqq7BNy22MlU90:::
+ content => @("EOF"),
+ ${salsa::mail_username}:${hashed_pw}:::
| EOF
}
-
file { '/etc/dovecot/conf.d/10-auth.conf':
content => @(EOF),
auth_mechanisms = plain
+ disable_plaintext_auth = no
passdb {
driver = passwd-file
| EOF
notify => Service['dovecot'],
}
+ file { '/etc/dovecot/local.conf':
+ content => @(EOF),
+ mail_location = maildir:~/Maildir
+
+ service imap-login {
+ inet_listener imap {
+ address = 127.0.0.1
+ }
+ }
+
+ service lmtp {
+ unix_listener /var/spool/postfix/private/dovecot-lmtp {
+ group = postfix
+ user = postfix
+ mode = 0660
+ }
+ client_limit = 1
+ }
+
+ | EOF
+ notify => Service['dovecot'],
+ }
+
+ concat::fragment { 'puppet-postfix-main.cf--salsa':
+ target => '/etc/postfix/main.cf',
+ order => '020',
+ content => @("EOF"),
+ recipient_delimiter = +
+
+ mydestination =
+ virtual_transport = lmtp:unix:private/dovecot-lmtp
+ virtual_mailbox_domains = ${salsa::servicename}
+ virtual_alias_maps = hash:/etc/postfix/virtual
+
+ | EOF
+ }
+ exec { '/usr/sbin/postmap /etc/postfix/virtual':
+ refreshonly => true,
+ require => Package['postfix'],
+ }
+ file { '/etc/postfix/virtual':
+ content => @("EOF"),
+ postmaster@${salsa::servicename} postmaster@debian.org
+ admin@${salsa::servicename} salsa-admin@debian.org
+ | EOF
+ notify => Exec['/usr/sbin/postmap /etc/postfix/virtual'],
+ }
+
}
projects / mirror / dsa-puppet.git / blobdiff