diff options
author | Micah <micah@leap.se> | 2016-02-23 14:15:17 -0500 |
---|---|---|
committer | Micah <micah@leap.se> | 2016-02-23 21:12:51 -0500 |
commit | cff07b7b3642c0d53e02cb0885f24250037b8d15 (patch) | |
tree | 3479acf5b9991111cea69ad303641fc66c0711ca /puppet/modules/opendkim | |
parent | fd599945751a489a638fadace51c871f59346a46 (diff) |
Update opendkim platform pieces to match leap-cli.
Change-Id: I9c8f9c9c3ee7cd89f013cbb08397377522ed5a4a
Diffstat (limited to 'puppet/modules/opendkim')
-rw-r--r-- | puppet/modules/opendkim/manifests/init.pp | 50 |
1 files changed, 39 insertions, 11 deletions
diff --git a/puppet/modules/opendkim/manifests/init.pp b/puppet/modules/opendkim/manifests/init.pp index e2e766e7..4d4c5312 100644 --- a/puppet/modules/opendkim/manifests/init.pp +++ b/puppet/modules/opendkim/manifests/init.pp @@ -7,17 +7,20 @@ class opendkim { $domain_hash = hiera('domain') $domain = $domain_hash['full_suffix'] - $dkim = hiera('dkim') + $mx = hiera('mx') + $dkim = $mx['dkim'] $selector = $dkim['selector'] + $dkim_cert = $dkim['public_key'] $dkim_key = $dkim['private_key'] - ensure_packages(['opendkim', 'libopendkim7', 'libvbr2']) + ensure_packages(['opendkim', 'libvbr2']) # postfix user needs to be in the opendkim group # in order to access the opendkim socket located at: # local:/var/run/opendkim/opendkim.sock user { 'postfix': - groups => 'opendkim'; + groups => 'opendkim', + require => Package['opendkim']; } service { 'opendkim': @@ -28,12 +31,37 @@ class opendkim { subscribe => File[$dkim_key]; } - file { '/etc/opendkim.conf': - ensure => present, - content => template('opendkim/opendkim.conf'), - mode => '0644', - owner => root, - group => root, - notify => Service['opendkim'], - require => Package['opendkim']; + file { + '/etc/opendkim.conf': + ensure => file, + content => template('opendkim/opendkim.conf'), + mode => '0644', + owner => root, + group => root, + notify => Service['opendkim'], + require => Package['opendkim']; + + '/etc/default/opendkim.conf': + ensure => file, + content => 'SOCKET="inet:8891@localhost" # listen on loopback on port 8891', + mode => '0644', + owner => root, + group => root, + notify => Service['opendkim'], + require => Package['opendkim']; + + $dkim_key: + ensure => file, + mode => '0600', + owner => 'opendkim', + group => 'opendkim', + require => Package['opendkim']; + + $dkim_cert: + ensure => file, + mode => '0600', + owner => 'opendkim', + group => 'opendkim', + require => Package['opendkim']; + } } |