X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;ds=sidebyside;f=modules%2Froles%2Fmanifests%2Fmta.pp;h=2c0ca4eebb03afaac05b6da032a44f12411ae7f0;hb=3a403df3e4f5c89ec1b1893396dfdd3c37e3bb7a;hp=4e672d71fbf7006e9f17965564f3fda6dc7833f6;hpb=860adcc65aa0cf65c9a98a1529a8af15e8ee45b7;p=mirror%2Fdsa-puppet.git diff --git a/modules/roles/manifests/mta.pp b/modules/roles/manifests/mta.pp index 4e672d71f..2c0ca4eeb 100644 --- a/modules/roles/manifests/mta.pp +++ b/modules/roles/manifests/mta.pp @@ -15,20 +15,6 @@ class roles::mta( include exim::mx } else { include exim - - $mxdata = dig($deprecated::nodeinfo, 'ldap', 'mxRecord') - if $mxdata and $mxdata =~ /INCOMING-MX/ { - $mailport = lookup('exim::mail_port') - - @@concat::fragment { "manualroute-to-${::fqdn}": - tag => 'exim::manualroute::to::mailrelay', - target => '/etc/exim4/manualroute-new', - content => $mailport == undef ? { - true => "${::fqdn}: ${::fqdn}", - default => "${::fqdn}: ${::fqdn}::${mailport}", - } - } - } } } elsif $type == 'postfix' { if $mailrelay { @@ -38,4 +24,34 @@ class roles::mta( } else { fail("Unexpected mta type ${type}") } + + + $mxdata = dig($deprecated::nodeinfo, 'ldap', 'mXRecord') + if $mxdata and $mxdata.any |$item| { $item =~ /INCOMING-MX/ } { + $mailport = lookup( { 'name' => 'exim::mail_port', 'default_value' => undef } ) + + @@concat::fragment { "manualroute-to-${::fqdn}": + tag => 'exim::manualroute::to::mailrelay', + target => '/etc/exim4/manualroute', + content => $mailport == undef ? { + true => "${::fqdn}: ${::fqdn}", + default => "${::fqdn}: ${::fqdn}::${mailport}", + } + } + + Ferm::Rule::Simple <<| tag == 'smtp::server::from::mailrelay' |>> { + port => $mailport == undef ? { + true => 25, + default => $mailport, + } + } + } else { + if ! defined(Class['exim::mx']) and ! defined(Class['postfix']) { + fail('We are not an exim::mx (or a postfix) yet do not have set our MXs to INCOMING-MX.') + } + ferm::rule::simple { 'dsa-smtp': + description => 'Allow smtp access from the world', + port => '25', + } + } }