From e7b6b352165009c385c52fcfe5a1055690dbfa4b Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Thu, 31 Aug 2017 20:02:58 +0000
Subject: [PATCH] salsa: more mail setup

---
 modules/salsa/manifests/mail.pp   | 52 +++++++++++++++++++++++++++++--
 modules/salsa/manifests/params.pp | 10 +++---
 2 files changed, 56 insertions(+), 6 deletions(-)

diff --git a/modules/salsa/manifests/mail.pp b/modules/salsa/manifests/mail.pp
index d399ab469..af3e4cba0 100644
--- a/modules/salsa/manifests/mail.pp
+++ b/modules/salsa/manifests/mail.pp
@@ -29,7 +29,7 @@ class salsa::mail inherits salsa {
 		group => '_vmail',
 	}
 
-	$pw_salt = hkdf('/etc/puppet/secret', "mail-imap-dovecot-${::hostname}-salsa-${mail_username}-salt-generator")
+	$pw_salt = hkdf('/etc/puppet/secret', "mail-imap-dovecot-${::hostname}-${salsa::servicename}-${salsa::mail_username}-salt-generator")
 	$hashed_pw = pw_hash($salsa::mail_password, 'SHA-512', $pw_salt)
 	file { '/etc/dovecot/users':
 		mode => '440',
@@ -39,10 +39,10 @@ class salsa::mail inherits salsa {
 				| EOF
 	}
 
-
 	file { '/etc/dovecot/conf.d/10-auth.conf':
 		content  => @(EOF),
 				auth_mechanisms = plain
+				disable_plaintext_auth = no
 
 				passdb {
 				  driver = passwd-file
@@ -57,4 +57,52 @@ class salsa::mail inherits salsa {
 				| EOF
 		notify => Service['dovecot'],
 	}
+	file { '/etc/dovecot/local.conf':
+		content  => @(EOF),
+				mail_location = maildir:~/Maildir
+
+				service imap-login {
+				  inet_listener imap {
+					address = 127.0.0.1
+				  }
+				}
+
+				service lmtp {
+				  unix_listener /var/spool/postfix/private/dovecot-lmtp {
+				    group = postfix
+				    user = postfix
+				    mode = 0660
+				  }
+				  client_limit = 1
+				}
+
+				| EOF
+		notify => Service['dovecot'],
+	}
+
+	concat::fragment { 'puppet-postfix-main.cf--salsa':
+		target => '/etc/postfix/main.cf',
+		order  => '020',
+		content => @("EOF"),
+				recipient_delimiter = +
+
+				mydestination =
+				virtual_transport = lmtp:unix:private/dovecot-lmtp
+				virtual_mailbox_domains = ${salsa::servicename}
+				virtual_alias_maps = hash:/etc/postfix/virtual
+
+				| EOF
+	}
+	exec { '/usr/sbin/postmap /etc/postfix/virtual':
+		refreshonly => true,
+		require =>  Package['postfix'],
+	}
+	file { '/etc/postfix/virtual':
+		content  => @("EOF"),
+				postmaster@${salsa::servicename} postmaster@debian.org
+				admin@${salsa::servicename}      salsa-admin@debian.org
+				| EOF
+		notify => Exec['/usr/sbin/postmap /etc/postfix/virtual'],
+	}
+
 }
diff --git a/modules/salsa/manifests/params.pp b/modules/salsa/manifests/params.pp
index 958e5d698..2bd2a30f0 100644
--- a/modules/salsa/manifests/params.pp
+++ b/modules/salsa/manifests/params.pp
@@ -1,13 +1,15 @@
 #
 class salsa::params {
+	$servicename = "salsa.debian.org"
+
 	$user = "git"
 	$group = "git"
-	$home = "/srv/salsa.debian.org"
+	$home = "/srv/${servicename}}"
 
 	$db_name = "salsa"
 	$db_role = "salsa"
-	$db_password = hkdf('/etc/puppet/secret', "postgresql-${::hostname}-salsa-${db_role}")
+	$db_password = hkdf('/etc/puppet/secret', "postgresql-${::hostname}-${servicename}-${db_role}")
 
-	$mail_username = "gitlab"
-	$mail_password = hkdf('/etc/puppet/secret', "mail-imap-dovecot-${::hostname}-salsa-${mail_username}")
+	$mail_username = "gitlab@${servicename}"
+	$mail_password = hkdf('/etc/puppet/secret', "mail-imap-dovecot-${::hostname}-${servicename}-${mail_username}")
 }
-- 
2.20.1