From: Peter Palfrader <peter@palfrader.org>
Date: Sat, 21 Sep 2019 22:27:05 +0000 (+0200)
Subject: most of the mta firewalling is not exim specific
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;ds=sidebyside;h=cf243fe6b4a5725761b136392b5ce38a448c1a0d;p=mirror%2Fdsa-puppet.git

most of the mta firewalling is not exim specific
---

diff --git a/modules/roles/manifests/mta.pp b/modules/roles/manifests/mta.pp
index c184f968d..c70224dae 100644
--- a/modules/roles/manifests/mta.pp
+++ b/modules/roles/manifests/mta.pp
@@ -11,34 +11,10 @@ class roles::mta(
   if $type == 'exim4' {
     if $mailrelay {
       include roles::mailrelay
+    } elsif $heavy {
+      include exim::mx
     } else {
-      if $heavy {
-        include exim::mx
-      } else {
-        include exim
-      }
-
-      $mxdata = dig($deprecated::nodeinfo, 'ldap', 'mXRecord')
-      if $mxdata and $mxdata.any |$item| { $item =~ /INCOMING-MX/ } {
-        $mailport = lookup( { 'name' => 'exim::mail_port', 'default_value' => undef } )
-
-
-        @@concat::fragment { "manualroute-to-${::fqdn}":
-          tag     => 'exim::manualroute::to::mailrelay',
-          target  => '/etc/exim4/manualroute-new',
-          content => $mailport == undef ? {
-            true    => "${::fqdn}:   ${::fqdn}",
-            default => "${::fqdn}:   ${::fqdn}::${mailport}",
-          }
-        }
-
-        Ferm::Rule::Simple <<| tag == 'smtp::server::from::mailrelay' |>> {
-          port => $mailport == undef ? {
-            true    => 25,
-            default => $mailport,
-          }
-        }
-      }
+      include exim
     }
   } elsif $type == 'postfix' {
     if $mailrelay {
@@ -48,4 +24,26 @@ class roles::mta(
   } else {
     fail("Unexpected mta type ${type}")
   }
+
+
+  $mxdata = dig($deprecated::nodeinfo, 'ldap', 'mXRecord')
+  if $mxdata and $mxdata.any |$item| { $item =~ /INCOMING-MX/ } {
+    $mailport = lookup( { 'name' => 'exim::mail_port', 'default_value' => undef } )
+
+    @@concat::fragment { "manualroute-to-${::fqdn}":
+      tag     => 'exim::manualroute::to::mailrelay',
+      target  => '/etc/exim4/manualroute-new',
+      content => $mailport == undef ? {
+        true    => "${::fqdn}:   ${::fqdn}",
+        default => "${::fqdn}:   ${::fqdn}::${mailport}",
+      }
+    }
+
+    Ferm::Rule::Simple <<| tag == 'smtp::server::from::mailrelay' |>> {
+      port => $mailport == undef ? {
+        true    => 25,
+        default => $mailport,
+      }
+    }
+  }
 }