From 0419e52aab23ded081fc5f8e4e567ad9be84bd15 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Sun, 22 Sep 2019 11:39:51 +0200 Subject: [PATCH] Move tlsa setup from mail_incoming_port to mta role --- modules/debian_org/manifests/mail_incoming_port.pp | 7 ------- modules/roles/manifests/mta.pp | 8 ++++++++ 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/modules/debian_org/manifests/mail_incoming_port.pp b/modules/debian_org/manifests/mail_incoming_port.pp index e8db01d41..720e14fbe 100644 --- a/modules/debian_org/manifests/mail_incoming_port.pp +++ b/modules/debian_org/manifests/mail_incoming_port.pp @@ -15,11 +15,4 @@ class debian_org::mail_incoming_port { domain => 'ip6', rule => "&SERVICE_RANGE(tcp, $mail_port, \$SMTP_V6_SOURCES)" } - $autocertdir = hiera('paths.auto_certs_dir') - dnsextras::tlsa_record{ 'tlsa-mailport': - zone => 'debian.org', - certfile => "${autocertdir}/${::fqdn}.crt", - port => $mail_port, - hostname => $::fqdn, - } } diff --git a/modules/roles/manifests/mta.pp b/modules/roles/manifests/mta.pp index a8a64c6e2..511a00b71 100644 --- a/modules/roles/manifests/mta.pp +++ b/modules/roles/manifests/mta.pp @@ -60,4 +60,12 @@ class roles::mta( port => '25', } } + + $autocertdir = hiera('paths.auto_certs_dir') + dnsextras::tlsa_record{ 'tlsa-mailport': + zone => 'debian.org', + certfile => "${autocertdir}/${::fqdn}.crt", + port => $mailport, + hostname => $::fqdn, + } } -- 2.20.1