Move incoming mail port handling from exim to the debian_org module

diff --git a/modules/debian_org/manifests/mail_incoming_port.pp b/modules/debian_org/manifests/mail_incoming_port.pp
new file mode 100644 (file)
index 0000000..cbe9cb6
--- /dev/null
+++ b/modules/debian_org/manifests/mail_incoming_port.pp
@@ -0,0 +1,24 @@
+class debian_org::mail_incoming_port {
+       case getfromhash($site::nodeinfo, 'mail_port') {
+               Numeric: { $mail_port = sprintf("%d", getfromhash($site::nodeinfo, 'mail_port')) }
+               /^(\d+)$/: { $mail_port = $1 }
+               default: { $mail_port = '25' }
+       }
+
+       @ferm::rule { 'dsa-mail':
+               description => 'Allow SMTP',
+               rule        => "&SERVICE_RANGE(tcp, $mail_port, \$SMTP_SOURCES)"
+       }
+
+       @ferm::rule { 'dsa-mail-v6':
+               description => 'Allow SMTP',
+               domain      => 'ip6',
+               rule        => "&SERVICE_RANGE(tcp, $mail_port, \$SMTP_V6_SOURCES)"
+       }
+       dnsextras::tlsa_record{ 'tlsa-mailport':
+               zone     => 'debian.org',
+               certfile => "/etc/puppet/modules/exim/files/certs/${::fqdn}.crt",
+               port     => $mail_port,
+               hostname => $::fqdn,
+       }
+}

diff --git a/modules/exim/manifests/init.pp b/modules/exim/manifests/init.pp
index 95a24c1..49504e0 100644 (file)
--- a/modules/exim/manifests/init.pp
+++ b/modules/exim/manifests/init.pp
@@ -8,6 +8,7 @@ class exim {
        $is_packagesqamaster = has_role('packagesqamaster')
 
        include exim::vdomain::setup
+       include debian_org::mail_incoming_port
 
        munin::check { 'ps_exim4': script => 'ps_' }
        munin::check { 'exim_mailqueue': }
@@ -135,29 +136,6 @@ class exim {
                group   => maillog,
        }
 
-       case getfromhash($site::nodeinfo, 'mail_port') {
-                Numeric: { $mail_port = sprintf("%d", getfromhash($site::nodeinfo, 'mail_port')) }
-               /^(\d+)$/: { $mail_port = $1 }
-               default: { $mail_port = '25' }
-       }
-
-       @ferm::rule { 'dsa-exim':
-               description => 'Allow SMTP',
-               rule        => "&SERVICE_RANGE(tcp, $mail_port, \$SMTP_SOURCES)"
-       }
-
-       @ferm::rule { 'dsa-exim-v6':
-               description => 'Allow SMTP',
-               domain      => 'ip6',
-               rule        => "&SERVICE_RANGE(tcp, $mail_port, \$SMTP_V6_SOURCES)"
-       }
-       dnsextras::tlsa_record{ 'tlsa-mailport':
-               zone     => 'debian.org',
-               certfile => "/etc/puppet/modules/exim/files/certs/${::fqdn}.crt",
-               port     => $mail_port,
-               hostname => $::fqdn,
-       }
-
        # Do we actually want this?  I'm only doing it because it's harmless
        # and makes the logs quiet.  There are better ways of making logs quiet,
        # though.