summaryrefslogtreecommitdiff
path: root/puppet/modules/opendkim/manifests
diff options
context:
space:
mode:
authorMicah <micah@leap.se>2015-10-20 17:14:21 -0400
committerMicah <micah@leap.se>2015-11-02 10:10:26 -0500
commite97a9d3800b173375a630e18e4b1aa0894eb96e1 (patch)
tree88c343c379462bb28b1380804f815d08b578b219 /puppet/modules/opendkim/manifests
parent87ddb4d6505229f36b096188c3e43a19281b540c (diff)
Add basic DKIM support, this requires changes in leap_cli detailed in
issue #5924 Change-Id: I6aa1e7751633407d441cbc6436d8426d37dbbfa7
Diffstat (limited to 'puppet/modules/opendkim/manifests')
-rw-r--r--puppet/modules/opendkim/manifests/init.pp38
1 files changed, 38 insertions, 0 deletions
diff --git a/puppet/modules/opendkim/manifests/init.pp b/puppet/modules/opendkim/manifests/init.pp
new file mode 100644
index 00000000..9e67569e
--- /dev/null
+++ b/puppet/modules/opendkim/manifests/init.pp
@@ -0,0 +1,38 @@
+# configure opendkim service (#5924)
+class opendkim {
+
+ $domain_hash = hiera('domain')
+ $domain = $domain_hash['full_suffix']
+ $dkim = hiera('dkim')
+ $selector = $dkim['dkim_selector']
+
+ include site_config::x509::dkim::key
+ $dkim_key = "${x509::variables::keys}/dkim.key"
+
+ ensure_packages(['opendkim', 'libopendkim7', 'libvbr2'])
+
+ # postfix user needs to be in the opendkim group
+ # in order to access the opendkim socket located at:
+ # local:/var/run/opendkim/opendkim.sock
+ user { 'postfix':
+ groups => 'opendkim';
+ }
+
+ service { 'opendkim':
+ ensure => running,
+ enable => true,
+ hasstatus => true,
+ hasrestart => true,
+ require => Class['Site_config::X509::Dkim::Key'],
+ subscribe => File[$dkim_key];
+ }
+
+ file { '/etc/opendkim.conf':
+ ensure => present,
+ content => template('opendkim/opendkim.conf'),
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => Service['opendkim'],
+ require => Package['opendkim'];
+}