X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fexim%2Ftemplates%2Feximconf.erb;h=82f4147830c75d9d18e2ca1e6b759cb6de396c25;hb=a9150d93f722801e272f20bd4cbdfb5e8190574a;hp=9877917bce60bfc8e7718fc99d0c7834c95bf785;hpb=3eb533e5499e66423bafdedaf6c7d08ead1772de;p=mirror%2Fdsa-puppet.git

diff --git a/modules/exim/templates/eximconf.erb b/modules/exim/templates/eximconf.erb
index 9877917bc..82f414783 100644
--- a/modules/exim/templates/eximconf.erb
+++ b/modules/exim/templates/eximconf.erb
@@ -129,14 +129,12 @@ hostlist reservedaddrs = <%= scope.lookupvar('site::nodeinfo')['reservedaddrs']
 domainlist mailhubdomains = lsearch;/etc/exim4/manualroute
 
 <%- end -%>
-<%- if has_variable?("exim_ssl_certs") && exim_ssl_certs == "true" -%>
 tls_certificate = /etc/exim4/ssl/thishost.crt
 tls_privatekey = /etc/exim4/ssl/thishost.key
 tls_try_verify_hosts = *
 tls_verify_certificates = /etc/exim4/ssl/ca.crt
 tls_crl = /etc/exim4/ssl/ca.crl
 
-<%- end -%>
 # The setting below causes Exim to do a reverse DNS lookup on all incoming
 # IP calls, in order to get the true host name. If you feel this is too
 # expensive, you can specify the networks for which a lookup is done, or
@@ -196,8 +194,8 @@ queue_only_load = 35
 smtp_load_reserve = 20
 <%- else -%>
 queue_run_max = 5
-deliver_queue_load_max = 10
-queue_only_load = 5
+deliver_queue_load_max = <%= [scope.lookupvar('::processorcount').to_i,2].max * 5 %>
+queue_only_load = <%= [scope.lookupvar('::processorcount').to_i,2].max * 4 %>
 <%- end -%>
 queue_list_requires_admin = false
 
@@ -230,9 +228,7 @@ admin_groups = adm
 remote_sort_domains = *.debian.org:*.debian.net
 
 pipelining_advertise_hosts = !*
-<%- if has_variable?("exim_ssl_certs") && exim_ssl_certs == "true" -%>
 tls_advertise_hosts = *
-<%- end -%>
 smtp_enforce_sync = true
 
 log_selector = +tls_cipher +tls_peerdn +queue_time +deliver_time +smtp_connection +smtp_incomplete_transaction +smtp_confirmation
@@ -305,7 +301,7 @@ acl_getprofile:
   accept  condition      = ${if eq {$acl_m_rprf}{}{no}{yes}}
 
 <%- end -%>
-<%- if scope.lookupvar('site::nodeinfo')['bugsmx'] -%>
+<%- if scope.lookupvar('site::nodeinfo')['bugsmaster'] or scope.lookupvar('site::nodeinfo')['bugsmx'] -%>
   warn    domains        = bugs.debian.org
           set acl_m_rprf = BugsMail
 
@@ -1566,10 +1562,8 @@ remote_smtp:
   driver = smtp
   connect_timeout = 1m
   delay_after_cutoff = false
-<%- if has_variable?("exim_ssl_certs") && exim_ssl_certs == "true" -%>
   tls_certificate = /etc/exim4/ssl/thishost.crt
   tls_privatekey = /etc/exim4/ssl/thishost.key
-<%- end -%>
 
 <%=
 out = ""
@@ -1581,13 +1575,11 @@ remote_smtp_smarthost:
   delay_after_cutoff = false
   port = '
   out += scope.lookupvar('site::nodeinfo')['smarthost_port'].to_s + "\n"
-  if has_variable?("exim_ssl_certs") && exim_ssl_certs == "true"
-    out += '  tls_tempfail_tryclear = false
+  out += '  tls_tempfail_tryclear = false
   hosts_require_tls = ' + scope.lookupvar('site::nodeinfo')['smarthost'] + '
   tls_certificate = /etc/exim4/ssl/thishost.crt
   tls_privatekey = /etc/exim4/ssl/thishost.key
 '
-  end
 end
 out
 %>