3 $is_mailrelay = has_role('mailrelay')
4 $is_bugsmaster = has_role('bugsmaster')
5 $is_bugsmx = has_role('bugsmx')
6 $is_rtmaster = has_role('rtmaster')
7 $is_packagesmaster = has_role('packagesmaster')
8 $is_packagesqamaster = has_role('packagesqamaster')
10 include exim::vdomain::setup
11 include debian_org::mail_incoming_port
13 munin::check { 'ps_exim4': script => 'ps_' }
14 munin::check { 'exim_mailqueue': }
15 munin::check { 'exim_mailstats': }
17 munin::check { 'postfix_mailqueue': ensure => absent }
18 munin::check { 'postfix_mailstats': ensure => absent }
19 munin::check { 'postfix_mailvolume': ensure => absent }
21 package { 'exim4-daemon-heavy': ensure => installed }
23 Package['exim4-daemon-heavy']->Mailalias<| |>
25 concat::fragment { 'virtual_domain_template':
26 target => '/etc/exim4/virtualdomains',
27 content => template('exim/virtualdomains.erb'),
34 File['/etc/exim4/exim4.conf'],
35 Package['exim4-daemon-heavy'],
42 require => Package['exim4-daemon-heavy'],
45 file { '/etc/exim4/Git':
49 file { '/etc/exim4/conf.d':
54 source => 'puppet:///files/empty/',
56 file { '/etc/exim4/ssl':
58 group => 'Debian-exim',
62 file { '/etc/exim4/exim4.conf':
63 content => template('exim/eximconf.erb'),
64 require => File['/etc/exim4/ssl/thishost.crt'],
65 notify => Service['exim4'],
67 file { '/etc/mailname':
68 content => template('exim/mailname.erb'),
70 file { '/etc/exim4/manualroute':
71 content => template('exim/manualroute.erb')
73 file { '/etc/exim4/locals':
74 content => template('exim/locals.erb')
76 file { '/etc/exim4/submission-domains':
77 content => template('exim/submission-domains.erb'),
79 file { '/etc/exim4/host_blacklist':
80 source => 'puppet:///modules/exim/common/host_blacklist',
82 file { '/etc/exim4/blacklist':
83 source => 'puppet:///modules/exim/common/blacklist',
85 file { '/etc/exim4/callout_users':
86 source => 'puppet:///modules/exim/common/callout_users',
88 file { '/etc/exim4/grey_users':
89 source => 'puppet:///modules/exim/common/grey_users',
91 file { '/etc/exim4/helo-check':
92 source => 'puppet:///modules/exim/common/helo-check',
94 file { '/etc/exim4/localusers':
95 source => 'puppet:///modules/exim/common/localusers',
97 file { '/etc/exim4/rbllist':
98 source => 'puppet:///modules/exim/common/rbllist',
100 file { '/etc/exim4/rhsbllist':
101 source => 'puppet:///modules/exim/common/rhsbllist',
103 file { '/etc/exim4/whitelist':
104 source => 'puppet:///modules/exim/common/whitelist',
106 file { '/etc/logrotate.d/exim4-base':
107 source => 'puppet:///modules/exim/common/logrotate-exim4-base',
109 file { '/etc/logrotate.d/exim4-paniclog':
110 source => 'puppet:///modules/exim/common/logrotate-exim4-paniclog'
112 file { '/etc/exim4/ssl/thishost.crt':
113 source => "puppet:///modules/exim/certs/${::fqdn}.crt",
114 group => 'Debian-exim',
117 file { '/etc/exim4/ssl/thishost.key':
118 source => "puppet:///modules/exim/certs/${::fqdn}.key",
119 group => 'Debian-exim',
122 file { '/etc/exim4/ssl/ca.crt':
123 source => 'puppet:///modules/exim/certs/ca.crt',
124 group => 'Debian-exim',
127 file { '/etc/exim4/ssl/ca.crl':
128 source => 'puppet:///modules/exim/certs/ca.crl',
129 group => 'Debian-exim',
132 file { '/var/log/exim4':
135 owner => 'Debian-exim',
139 # Do we actually want this? I'm only doing it because it's harmless
140 # and makes the logs quiet. There are better ways of making logs quiet,
142 @ferm::rule { 'dsa-ident':
143 domain => '(ip ip6)',
144 description => 'Allow ident access',
145 rule => '&SERVICE(tcp, 113)'
148 # These only affect the alias @$fqdn, not say, @debian.org