Move tlsa setup from mail_incoming_port to mta role

author Peter Palfrader <peter@palfrader.org>

Sun, 22 Sep 2019 09:39:51 +0000 (11:39 +0200)

committer Peter Palfrader <peter@palfrader.org>

Sun, 22 Sep 2019 09:39:51 +0000 (11:39 +0200)
author Peter Palfrader <peter@palfrader.org>
Sun, 22 Sep 2019 09:39:51 +0000 (11:39 +0200)
committer Peter Palfrader <peter@palfrader.org>
Sun, 22 Sep 2019 09:39:51 +0000 (11:39 +0200)
diff --git a/modules/debian_org/manifests/mail_incoming_port.pp b/modules/debian_org/manifests/mail_incoming_port.pp

index e8db01d..720e14f 100644 (file)
--- a/modules/debian_org/manifests/mail_incoming_port.pp
+++ b/modules/debian_org/manifests/mail_incoming_port.pp
@@ -15,11 +15,4 @@ class debian_org::mail_incoming_port {
                 domain      => 'ip6',
                 rule        => "&SERVICE_RANGE(tcp, $mail_port, \$SMTP_V6_SOURCES)"
         }
-       $autocertdir = hiera('paths.auto_certs_dir')
-       dnsextras::tlsa_record{ 'tlsa-mailport':
-               zone     => 'debian.org',
-               certfile => "${autocertdir}/${::fqdn}.crt",
-               port     => $mail_port,
-               hostname => $::fqdn,
-       }
  }
diff --git a/modules/roles/manifests/mta.pp b/modules/roles/manifests/mta.pp

index a8a64c6..511a00b 100644 (file)
--- a/modules/roles/manifests/mta.pp
+++ b/modules/roles/manifests/mta.pp
@@ -60,4 +60,12 @@ class roles::mta(
        port        => '25',
      }
    }
+
+  $autocertdir = hiera('paths.auto_certs_dir')
+  dnsextras::tlsa_record{ 'tlsa-mailport':
+    zone     => 'debian.org',
+    certfile => "${autocertdir}/${::fqdn}.crt",
+    port     => $mailport,
+    hostname => $::fqdn,
+  }
  }
author	Peter Palfrader <peter@palfrader.org>
	Sun, 22 Sep 2019 09:39:51 +0000 (11:39 +0200)
committer	Peter Palfrader <peter@palfrader.org>
	Sun, 22 Sep 2019 09:39:51 +0000 (11:39 +0200)
modules/debian_org/manifests/mail_incoming_port.pp		patch \| blob \| history
modules/roles/manifests/mta.pp		patch \| blob \| history