diff options
author | Micah Anderson <micah@leap.se> | 2013-12-17 12:57:20 -0500 |
---|---|---|
committer | Micah Anderson <micah@leap.se> | 2013-12-17 12:57:20 -0500 |
commit | 51f17512d031e937ebbb8f6568c7cffc287b65d3 (patch) | |
tree | 89b6a74196e89153aa688ff32a03c67eab2f007d | |
parent | 006a2fec91304f1814deb3c3887b72aa0872a600 (diff) |
rename the tls.pp to be smtpd_tls.pp, this allows us to have a separate
class for smtp vs. smtpd tls configurations
Change-Id: Ic1cc560c76924fcbbc15e245bec7b78ac2de83d3
-rw-r--r-- | puppet/modules/site_postfix/manifests/mx/smtpd_tls.pp (renamed from puppet/modules/site_postfix/manifests/mx/tls.pp) | 27 |
1 files changed, 1 insertions, 26 deletions
diff --git a/puppet/modules/site_postfix/manifests/mx/tls.pp b/puppet/modules/site_postfix/manifests/mx/smtpd_tls.pp index 08978efd..5714218c 100644 --- a/puppet/modules/site_postfix/manifests/mx/tls.pp +++ b/puppet/modules/site_postfix/manifests/mx/smtpd_tls.pp @@ -1,4 +1,4 @@ -class site_postfix::mx::tls { +class site_postfix::mx::smtpd_tls { include x509::variables $ca_path = "${x509::variables::local_CAs}/${site_config::params::client_ca_name}.crt" @@ -50,29 +50,4 @@ class site_postfix::mx::tls { value => '/etc/postfix/smtpd_tls_dh_param.pem', require => File['/etc/postfix/smtpd_tls_dh_param.pem'] } - } - # smtp TLS - postfix::config { - 'smtp_use_tls': value => 'yes'; - 'smtp_tls_CApath': value => '/etc/ssl/certs/'; - 'smtp_tls_CAfile': value => $ca_path; - 'smtp_tls_cert_file': value => $cert_path; - 'smtp_tls_key_file': value => $key_path; - 'smtp_tls_ask_ccert': value => 'yes'; - 'smtp_tls_loglevel': value => '1'; - 'smtp_tls_exclude_ciphers': - value => 'aNULL, MD5, DES'; - # upstream default is md5 (since 2.5 and older used it), we force sha1 - 'smtp_tls_fingerprint_digest': - value => 'sha1'; - 'smtp_tls_session_cache_database': - value => 'btree:${queue_directory}/smtp_cache'; - 'smtp_tls_security_level': - value => 'may'; - # see issue #4011 - 'smtp_tls_protocols': - value => '!SSLv2, !SSLv3'; - } - - |