X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fexim%2Fmanifests%2Fmx.pp;h=8916c096a20efe3c0cf9dbdb0944fd9783e0ab34;hb=64c1545f242396ff122e1af0ce35cf952a01c58c;hp=3eedf11a1b05f4c2074c3c3665a1f8be88327203;hpb=0e69508689c850082a10b08f375abd3f97f016bc;p=mirror%2Fdsa-puppet.git

diff --git a/modules/exim/manifests/mx.pp b/modules/exim/manifests/mx.pp
index 3eedf11a1..8916c096a 100644
--- a/modules/exim/manifests/mx.pp
+++ b/modules/exim/manifests/mx.pp
@@ -1,17 +1,34 @@
-class exim::mx inherits exim {
-    file {
-        "/etc/exim4/ccTLD.txt":
-          require => Package["exim4-daemon-heavy"],
-          source  => [ "puppet:///exim/common/ccTLD.txt" ]
-          ;
-        "/etc/exim4/surbl_whitelist.txt":
-          require => Package["exim4-daemon-heavy"],
-          source  => [ "puppet:///exim/common/surbl_whitelist.txt" ]
-          ;
-        "/etc/exim4/exim_surbl.pl":
-          require => Package["exim4-daemon-heavy"],
-          source  => [ "puppet:///exim/common/exim_surbl.pl" ]
-          ;
-    }
-}
+# our heavy exim class
+# @param is_mailrelay this system is a mailrelay, both in and out, for debian hosts
+class exim::mx(
+  Boolean $is_mailrelay = false,
+){
+  class { 'exim':
+    use_smarthost => false,
+    is_mailrelay  => $is_mailrelay,
+  }
+
+  include clamav
+  include postgrey
+  include fail2ban::exim
+
+  file { '/etc/exim4/ccTLD.txt':
+    source => 'puppet:///modules/exim/common/ccTLD.txt',
+  }
+  file { '/etc/exim4/surbl_whitelist.txt':
+    source => 'puppet:///modules/exim/common/surbl_whitelist.txt',
+  }
+  file { '/etc/exim4/exim_surbl.pl':
+    source => 'puppet:///modules/exim/common/exim_surbl.pl',
+    notify => Service['exim4'],
+  }
 
+  package { 'monitoring-plugins-standard':
+    ensure => installed,
+  }
+
+  ferm::rule::simple { 'dsa-smtp':
+    description => 'Allow smtp access from the world',
+    port        => '25',
+  }
+}