From: Peter Palfrader <peter@palfrader.org>
Date: Sat, 21 Sep 2019 15:34:24 +0000 (+0200)
Subject: Have the mailrelays store a firewall rule to allow incoming smtp on the other hosts
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=28f397a5c62193d2a7ba3f48a2d5a118a7d9a90a;p=mirror%2Fdsa-puppet.git

Have the mailrelays store a firewall rule to allow incoming smtp on the other hosts
---

diff --git a/modules/roles/manifests/mailrelay.pp b/modules/roles/manifests/mailrelay.pp
index f7c1a047a..b84b13fbf 100644
--- a/modules/roles/manifests/mailrelay.pp
+++ b/modules/roles/manifests/mailrelay.pp
@@ -20,4 +20,13 @@ class roles::mailrelay {
     username => $::fqdn,
     password => $rabbit_password
   }
+
+  # smtp firewalling setup
+  ###
+  @@ferm::rule::simple { "dsa-smtp-from-mailrelay-${::fqdn}":
+    tag         => 'smtp::server::from::mailrelay',
+    description => 'Allow smtp access from a mailrelay',
+    port        => '25',
+    saddr       => $base::public_addresses,
+  }
 }