From 2df9a9bac3e0c1ca36aa0d427056196c0cbe1d92 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Wed, 30 Aug 2017 07:21:07 +0000
Subject: [PATCH] Move incoming mail port handling from exim to the debian_org
 module

---
 .../manifests/mail_incoming_port.pp           | 24 +++++++++++++++++++
 modules/exim/manifests/init.pp                | 24 +------------------
 2 files changed, 25 insertions(+), 23 deletions(-)
 create mode 100644 modules/debian_org/manifests/mail_incoming_port.pp

diff --git a/modules/debian_org/manifests/mail_incoming_port.pp b/modules/debian_org/manifests/mail_incoming_port.pp
new file mode 100644
index 000000000..cbe9cb613
--- /dev/null
+++ b/modules/debian_org/manifests/mail_incoming_port.pp
@@ -0,0 +1,24 @@
+class debian_org::mail_incoming_port {
+	case getfromhash($site::nodeinfo, 'mail_port') {
+		Numeric: { $mail_port = sprintf("%d", getfromhash($site::nodeinfo, 'mail_port')) }
+		/^(\d+)$/: { $mail_port = $1 }
+		default: { $mail_port = '25' }
+	}
+
+	@ferm::rule { 'dsa-mail':
+		description => 'Allow SMTP',
+		rule        => "&SERVICE_RANGE(tcp, $mail_port, \$SMTP_SOURCES)"
+	}
+
+	@ferm::rule { 'dsa-mail-v6':
+		description => 'Allow SMTP',
+		domain      => 'ip6',
+		rule        => "&SERVICE_RANGE(tcp, $mail_port, \$SMTP_V6_SOURCES)"
+	}
+	dnsextras::tlsa_record{ 'tlsa-mailport':
+		zone     => 'debian.org',
+		certfile => "/etc/puppet/modules/exim/files/certs/${::fqdn}.crt",
+		port     => $mail_port,
+		hostname => $::fqdn,
+	}
+}
diff --git a/modules/exim/manifests/init.pp b/modules/exim/manifests/init.pp
index 95a24c123..49504e05e 100644
--- a/modules/exim/manifests/init.pp
+++ b/modules/exim/manifests/init.pp
@@ -8,6 +8,7 @@ class exim {
 	$is_packagesqamaster = has_role('packagesqamaster')
 
 	include exim::vdomain::setup
+	include debian_org::mail_incoming_port
 
 	munin::check { 'ps_exim4': script => 'ps_' }
 	munin::check { 'exim_mailqueue': }
@@ -135,29 +136,6 @@ class exim {
 		group   => maillog,
 	}
 
-	case getfromhash($site::nodeinfo, 'mail_port') {
-                Numeric: { $mail_port = sprintf("%d", getfromhash($site::nodeinfo, 'mail_port')) }
-		/^(\d+)$/: { $mail_port = $1 }
-		default: { $mail_port = '25' }
-	}
-
-	@ferm::rule { 'dsa-exim':
-		description => 'Allow SMTP',
-		rule        => "&SERVICE_RANGE(tcp, $mail_port, \$SMTP_SOURCES)"
-	}
-
-	@ferm::rule { 'dsa-exim-v6':
-		description => 'Allow SMTP',
-		domain      => 'ip6',
-		rule        => "&SERVICE_RANGE(tcp, $mail_port, \$SMTP_V6_SOURCES)"
-	}
-	dnsextras::tlsa_record{ 'tlsa-mailport':
-		zone     => 'debian.org',
-		certfile => "/etc/puppet/modules/exim/files/certs/${::fqdn}.crt",
-		port     => $mail_port,
-		hostname => $::fqdn,
-	}
-
 	# Do we actually want this?  I'm only doing it because it's harmless
 	# and makes the logs quiet.  There are better ways of making logs quiet,
 	# though.
-- 
2.20.1