Have postfix include debian_org::mail_incoming_port also

diff --git a/modules/postfix/manifests/init.pp b/modules/postfix/manifests/init.pp
index 3367cbb..49c84af 100644 (file)
--- a/modules/postfix/manifests/init.pp
+++ b/modules/postfix/manifests/init.pp
@@ -7,6 +7,8 @@ class postfix {
                ensure => running
        }
 
+       include debian_org::mail_incoming_port
+
        munin::check { 'ps_exim4':       ensure => absent }
        munin::check { 'exim_mailqueue': ensure => absent }
        munin::check { 'exim_mailstats': ensure => absent }
@@ -16,12 +18,4 @@ class postfix {
        munin::check { 'postfix_mailvolume': }
        munin::check { 'ps_smtp': script => 'ps_' }
        munin::check { 'ps_smtpd': script => 'ps_' }
-
-       if has_role('lists') {
-               @ferm::rule { 'smtp':
-                       domain      => '(ip ip6)',
-                       description => 'Allow smtp access',
-                       rule        => '&SERVICE(tcp, 25)'
-               }
-       }
 }

diff --git a/modules/roles/manifests/lists.pp b/modules/roles/manifests/lists.pp
index d4c3607..b4f6c2f 100644 (file)
--- a/modules/roles/manifests/lists.pp
+++ b/modules/roles/manifests/lists.pp
@@ -3,11 +3,4 @@ class roles::lists {
                notify  => Exec['service apache2 reload'],
                key => true,
        }
-
-       dnsextras::tlsa_record{ 'tlsa-mailport':
-               zone     => 'debian.org',
-               certfile => "/etc/puppet/modules/exim/files/certs/${::fqdn}.crt",
-               port     => 25,
-               hostname => $::fqdn,
-       }
 }