X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fsalsa%2Fmanifests%2Fmail.pp;h=af3e4cba07490d477871b1de29e92f7a50767b47;hb=HEAD;hp=5eb78633bd94c83f4b4bbb0527d992e77d62f034;hpb=b37efa5c3fe30796344d4c15f6495345b00d4abe;p=mirror%2Fdsa-puppet.git

diff --git a/modules/salsa/manifests/mail.pp b/modules/salsa/manifests/mail.pp
index 5eb78633b..af3e4cba0 100644
--- a/modules/salsa/manifests/mail.pp
+++ b/modules/salsa/manifests/mail.pp
@@ -29,19 +29,20 @@ class salsa::mail inherits salsa {
 		group => '_vmail',
 	}
 
+	$pw_salt = hkdf('/etc/puppet/secret', "mail-imap-dovecot-${::hostname}-${salsa::servicename}-${salsa::mail_username}-salt-generator")
+	$hashed_pw = pw_hash($salsa::mail_password, 'SHA-512', $pw_salt)
 	file { '/etc/dovecot/users':
-		# XXX fix uid/git/password
 		mode => '440',
 		group => 'dovecot',
-		content  => @(EOF),
-				gitlab:$6$PoaX25m/P52bFbEU$tguOOYZZvOD49cmtlrqgRL4nKluakaVudPYOKkEcDZu/fZXXxyqjga9HypFwmBrj3uSP/wt2rqq7BNy22MlU90:::
+		content  => @("EOF"),
+				${salsa::mail_username}:${hashed_pw}:::
 				| EOF
 	}
 
-
 	file { '/etc/dovecot/conf.d/10-auth.conf':
 		content  => @(EOF),
 				auth_mechanisms = plain
+				disable_plaintext_auth = no
 
 				passdb {
 				  driver = passwd-file
@@ -56,4 +57,52 @@ class salsa::mail inherits salsa {
 				| EOF
 		notify => Service['dovecot'],
 	}
+	file { '/etc/dovecot/local.conf':
+		content  => @(EOF),
+				mail_location = maildir:~/Maildir
+
+				service imap-login {
+				  inet_listener imap {
+					address = 127.0.0.1
+				  }
+				}
+
+				service lmtp {
+				  unix_listener /var/spool/postfix/private/dovecot-lmtp {
+				    group = postfix
+				    user = postfix
+				    mode = 0660
+				  }
+				  client_limit = 1
+				}
+
+				| EOF
+		notify => Service['dovecot'],
+	}
+
+	concat::fragment { 'puppet-postfix-main.cf--salsa':
+		target => '/etc/postfix/main.cf',
+		order  => '020',
+		content => @("EOF"),
+				recipient_delimiter = +
+
+				mydestination =
+				virtual_transport = lmtp:unix:private/dovecot-lmtp
+				virtual_mailbox_domains = ${salsa::servicename}
+				virtual_alias_maps = hash:/etc/postfix/virtual
+
+				| EOF
+	}
+	exec { '/usr/sbin/postmap /etc/postfix/virtual':
+		refreshonly => true,
+		require =>  Package['postfix'],
+	}
+	file { '/etc/postfix/virtual':
+		content  => @("EOF"),
+				postmaster@${salsa::servicename} postmaster@debian.org
+				admin@${salsa::servicename}      salsa-admin@debian.org
+				| EOF
+		notify => Exec['/usr/sbin/postmap /etc/postfix/virtual'],
+	}
+
 }