From: Peter Palfrader <peter@palfrader.org>
Date: Mon, 16 Nov 2009 17:56:44 +0000 (+0100)
Subject: Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=6492ddd94a7ca8f8e63d63a046af694d6f4bd0e8;hp=d9ba7a12a865d81fe43e7c06219aae7e7d27e26b;p=mirror%2Fdsa-puppet.git

Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet

* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
  Instead of accepting mail from all over the internet and queueing it
  and now the empty file can go too
  nothing uses rcpthosts any more
  master also gets userdirs
---

diff --git a/modules/apache2/templates/default-debian.org.erb b/modules/apache2/templates/default-debian.org.erb
index 0d2159cc7..b07bed535 100644
--- a/modules/apache2/templates/default-debian.org.erb
+++ b/modules/apache2/templates/default-debian.org.erb
@@ -30,6 +30,7 @@ out = case fqdn
                 Allow from all
         </Directory>
 "
+  when "master.debian.org" then ""
 else
 "
 	<IfModule mod_userdir.c>
diff --git a/modules/exim/files/common/rcpthosts b/modules/exim/files/common/rcpthosts
deleted file mode 100644
index 3e0ece1a9..000000000
--- a/modules/exim/files/common/rcpthosts
+++ /dev/null
@@ -1,5 +0,0 @@
-##
-## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
-## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
-##
-
diff --git a/modules/exim/manifests/init.pp b/modules/exim/manifests/init.pp
index 1857b6129..2e361b5f2 100644
--- a/modules/exim/manifests/init.pp
+++ b/modules/exim/manifests/init.pp
@@ -78,11 +78,6 @@ class exim {
           source  => [ "puppet:///exim/per-host/$fqdn/rbllist",
                        "puppet:///exim/common/rbllist" ]
           ;
-        "/etc/exim4/rcpthosts":
-          require => Package["exim4-daemon-heavy"],
-          source  => [ "puppet:///exim/per-host/$fqdn/rcpthosts",
-                       "puppet:///exim/common/rcpthosts" ]
-          ;
         "/etc/exim4/rhsbllist":
           require => Package["exim4-daemon-heavy"],
           source  => [ "puppet:///exim/per-host/$fqdn/rhsbllist",
diff --git a/modules/exim/templates/eximconf.erb b/modules/exim/templates/eximconf.erb
index fb7b0838b..462daa849 100644
--- a/modules/exim/templates/eximconf.erb
+++ b/modules/exim/templates/eximconf.erb
@@ -27,10 +27,6 @@
 #           is much like a local domain, execpt that the delivery location
 #           and allowed set of users is controlled by a virtual domain
 #           alias file and not /etc/passwd. Wildcards are permitted
-#  rcpthosts - recipient hosts or relay domains. This is a list of
-#           all hosts that we mail exchange for. All domains that list
-#           this host in their MX records should be listed here. Wildcards
-#           are permitted.
 #  relayhosts - Hostnames that can send any arbitarily addressed mail to
 #           us. This is primarily only usefull for emergancy 'queue
 #           flushing' operations, but should be populated with a list
@@ -140,7 +136,6 @@ localpartlist postmasterish = postmaster : abuse : hostmaster : root
 
 # Domains we relay for; that is domains that aren't considered local but we 
 # accept mail for them.
-domainlist rcpthosts = partial-lsearch;/etc/exim4/rcpthosts
 hostlist debianhosts = 127.0.0.1 : net-lsearch;/var/lib/misc/thishost/debianhosts
 <%=
 out = ""
@@ -219,7 +214,8 @@ delay_warning =
 <% if nodeinfo.has_key?('heavy_exim') and not nodeinfo['heavy_exim'].empty? %>
 queue_run_max = 50
 deliver_queue_load_max = 50
-queue_only_load = 15
+queue_only_load = 35
+smtp_load_reserve = 20
 <% else %>
 queue_run_max = 5
 deliver_queue_load_max = 10
@@ -789,7 +785,7 @@ if has_variable?("greylistd") && greylistd == "true"
                                  {/var/lib/greylistd/whitelist-hosts}{}} 
     condition      = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
     !authenticated = *
-    domains        = +handled_domains : +rcpthosts
+    domains        = +handled_domains
     condition      = ${readsocket{/var/run/greylistd/socket}\
                                  {--grey \
                                   $sender_host_address \
@@ -814,7 +810,7 @@ elsif has_variable?("postgrey") && postgrey == "true"
     !hosts         = : +debianhosts : WHITELIST
     condition      = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
     !authenticated = *
-    domains        = +handled_domains : +rcpthosts
+    domains        = +handled_domains
     local_parts    = GREYLIST_LOCAL_PARTS
     set acl_m_pgr  = request=smtpd_access_policy\n\
                      protocol_state=RCPT\n\
@@ -839,7 +835,7 @@ elsif has_variable?("postgrey") && postgrey == "true"
     !hosts         = : +debianhosts : WHITELIST
     condition      = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
     !authenticated = *
-    domains        = +handled_domains : +rcpthosts
+    domains        = +handled_domains
     local_parts    = GREYLIST_LOCAL_PARTS
     condition      = ${if eq{${uc:${substr_0_7:$acl_m_pgr}}}{PREPEND}}
     message        = ${sg{$acl_m_pgr}{^\\\\w+\\\\s*}{}}
@@ -849,7 +845,7 @@ out
 %>
 
   accept  local_parts   = +postmasterish
-          domains       = +handled_domains : +rcpthosts
+          domains       = +handled_domains
 
   deny    hosts        = ${if exists{/etc/exim4/host_blacklist}{/etc/exim4/host_blacklist}{}}
           message      = I'm terribly sorry, but it seems you have been blacklisted
@@ -869,7 +865,7 @@ if nodeinfo['smarthost'].empty?
 		     {${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/rbllist}}}{$value}{}}}{}}}\
 		     {${lookup{$local_part}lsearch{/etc/exim4/rbllist}{$value}{}} : \
 		     ${lookup{$local_part}lsearch{/var/lib/misc/$primary_hostname/mail-rbl}{$value}{}}}}
-	  domains       = +handled_domains : +rcpthosts
+	  domains       = +handled_domains
 	  !hosts        = +debianhosts : WHITELIST
 '
 end
@@ -882,14 +878,14 @@ out
 		     {${expand:${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/rhsbllist}}}{$value}{}}}}{}}}\
 		     {${expand:${lookup{$local_part}lsearch{/etc/exim4/rhsbllist}{$value}{}}} : \
 		     ${expand:${lookup{$local_part}lsearch{/var/lib/misc/$primary_hostname/mail-rhsbl}{$value}{}}}}}
-	  domains       = +handled_domains : +rcpthosts
+	  domains       = +handled_domains
 	  !hosts        = +debianhosts : WHITELIST
 
 <%= 
 out = ""
 if nodeinfo['smarthost'].empty?
   out = '
-  deny    domains  = +handled_domains : +rcpthosts
+  deny    domains  = +handled_domains
           local_parts   = ${if match_domain{$domain}{+virtual_domains}\
 	           	   {${if exists {${extract{directory}{VDOMAINDATA}{${value}/callout_users}}}\
 		           {${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/callout_users}}}{$local_part}{}}}{}}}\
@@ -919,11 +915,6 @@ out
 	  message  = unknown user
 	  verify   = recipient/defer_ok
 
-  accept  domains  = +rcpthosts
-          endpass
-	  message  = unrouteable address
-	  verify   = recipient
-
   accept  hosts         = +debianhosts
 
   accept  authenticated = *
diff --git a/modules/samhain/templates/samhainrc.erb b/modules/samhain/templates/samhainrc.erb
index b1bf2ac65..c9b0fc652 100644
--- a/modules/samhain/templates/samhainrc.erb
+++ b/modules/samhain/templates/samhainrc.erb
@@ -237,7 +237,6 @@ file=/etc/exim4/locals
 file=/etc/exim4/localusers
 file=/etc/exim4/manualroute
 file=/etc/exim4/rbllist
-file=/etc/exim4/rcpthosts
 file=/etc/exim4/rhsbllist
 file=/etc/exim4/virtualdomains
 file=/etc/exim4/whitelist