salsa: more mail setup

diff --git a/modules/salsa/manifests/mail.pp b/modules/salsa/manifests/mail.pp
index d399ab4..af3e4cb 100644 (file)
--- a/modules/salsa/manifests/mail.pp
+++ b/modules/salsa/manifests/mail.pp
@@ -29,7 +29,7 @@ class salsa::mail inherits salsa {
                group => '_vmail',
        }
 
-       $pw_salt = hkdf('/etc/puppet/secret', "mail-imap-dovecot-${::hostname}-salsa-${mail_username}-salt-generator")
+       $pw_salt = hkdf('/etc/puppet/secret', "mail-imap-dovecot-${::hostname}-${salsa::servicename}-${salsa::mail_username}-salt-generator")
        $hashed_pw = pw_hash($salsa::mail_password, 'SHA-512', $pw_salt)
        file { '/etc/dovecot/users':
                mode => '440',
@@ -39,10 +39,10 @@ class salsa::mail inherits salsa {
                                | EOF
        }
 
-
        file { '/etc/dovecot/conf.d/10-auth.conf':
                content  => @(EOF),
                                auth_mechanisms = plain
+                               disable_plaintext_auth = no
 
                                passdb {
                                  driver = passwd-file
@@ -57,4 +57,52 @@ class salsa::mail inherits salsa {
                                | EOF
                notify => Service['dovecot'],
        }
+       file { '/etc/dovecot/local.conf':
+               content  => @(EOF),
+                               mail_location = maildir:~/Maildir
+
+                               service imap-login {
+                                 inet_listener imap {
+                                       address = 127.0.0.1
+                                 }
+                               }
+
+                               service lmtp {
+                                 unix_listener /var/spool/postfix/private/dovecot-lmtp {
+                                   group = postfix
+                                   user = postfix
+                                   mode = 0660
+                                 }
+                                 client_limit = 1
+                               }
+
+                               | EOF
+               notify => Service['dovecot'],
+       }
+
+       concat::fragment { 'puppet-postfix-main.cf--salsa':
+               target => '/etc/postfix/main.cf',
+               order  => '020',
+               content => @("EOF"),
+                               recipient_delimiter = +
+
+                               mydestination =
+                               virtual_transport = lmtp:unix:private/dovecot-lmtp
+                               virtual_mailbox_domains = ${salsa::servicename}
+                               virtual_alias_maps = hash:/etc/postfix/virtual
+
+                               | EOF
+       }
+       exec { '/usr/sbin/postmap /etc/postfix/virtual':
+               refreshonly => true,
+               require =>  Package['postfix'],
+       }
+       file { '/etc/postfix/virtual':
+               content  => @("EOF"),
+                               postmaster@${salsa::servicename} postmaster@debian.org
+                               admin@${salsa::servicename}      salsa-admin@debian.org
+                               | EOF
+               notify => Exec['/usr/sbin/postmap /etc/postfix/virtual'],
+       }
+
 }

diff --git a/modules/salsa/manifests/params.pp b/modules/salsa/manifests/params.pp
index 958e5d6..2bd2a30 100644 (file)
--- a/modules/salsa/manifests/params.pp
+++ b/modules/salsa/manifests/params.pp
@@ -1,13 +1,15 @@
 #
 class salsa::params {
+       $servicename = "salsa.debian.org"
+
        $user = "git"
        $group = "git"
-       $home = "/srv/salsa.debian.org"
+       $home = "/srv/${servicename}}"
 
        $db_name = "salsa"
        $db_role = "salsa"
-       $db_password = hkdf('/etc/puppet/secret', "postgresql-${::hostname}-salsa-${db_role}")
+       $db_password = hkdf('/etc/puppet/secret', "postgresql-${::hostname}-${servicename}-${db_role}")
 
-       $mail_username = "gitlab"
-       $mail_password = hkdf('/etc/puppet/secret', "mail-imap-dovecot-${::hostname}-salsa-${mail_username}")
+       $mail_username = "gitlab@${servicename}"
+       $mail_password = hkdf('/etc/puppet/secret', "mail-imap-dovecot-${::hostname}-${servicename}-${mail_username}")
 }