X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fpostfix%2Fmanifests%2Finit.pp;h=8c1d2b22677db37a8772bc944696d49878c44ca2;hb=177f04e6d6ebd273402d7be24bcf4c26e67dd8a7;hp=abb3acedfa78a737dc88c499b3677be840899194;hpb=b973153b5820f7b8732e5b8c861e6524f670c872;p=mirror%2Fdsa-puppet.git

diff --git a/modules/postfix/manifests/init.pp b/modules/postfix/manifests/init.pp
index abb3acedf..8c1d2b226 100644
--- a/modules/postfix/manifests/init.pp
+++ b/modules/postfix/manifests/init.pp
@@ -1,5 +1,4 @@
 class postfix {
-
 	package { 'postfix':
 		ensure => installed
 	}
@@ -8,7 +7,7 @@ class postfix {
 		ensure => running
 	}
 
-	include clamav
+	include debian_org::mail_incoming_port
 
 	munin::check { 'ps_exim4':       ensure => absent }
 	munin::check { 'exim_mailqueue': ensure => absent }
@@ -20,9 +19,23 @@ class postfix {
 	munin::check { 'ps_smtp': script => 'ps_' }
 	munin::check { 'ps_smtpd': script => 'ps_' }
 
-	@ferm::rule { 'smtp':
-		domain      => '(ip ip6)',
-		description => 'Allow smtp access',
-		rule        => '&SERVICE(tcp, 25)'
+	if ! has_role('lists') {
+		concat { '/etc/postfix/main.cf':
+			notify  => Exec['service postfix reload'],
+		}
+		concat::fragment { 'puppet-postfix-main.cf--header':
+			target => '/etc/postfix/main.cf',
+			order  => '000',
+			content => template('postfix/main.cf-header.erb')
+		}
+	} else {
+		include fail2ban::postfix
+	}
+
+	exec { 'service postfix reload':
+		path        => '/usr/bin:/usr/sbin:/bin:/sbin',
+		command     => 'service postfix reload',
+		refreshonly => true,
+		require =>  Package['postfix'],
 	}
 }