summaryrefslogtreecommitdiff
path: root/puppet/modules/opendkim
diff options
context:
space:
mode:
authorMicah <micah@leap.se>2016-02-23 14:15:17 -0500
committerMicah <micah@leap.se>2016-02-23 21:12:51 -0500
commitcff07b7b3642c0d53e02cb0885f24250037b8d15 (patch)
tree3479acf5b9991111cea69ad303641fc66c0711ca /puppet/modules/opendkim
parentfd599945751a489a638fadace51c871f59346a46 (diff)
Update opendkim platform pieces to match leap-cli.
Change-Id: I9c8f9c9c3ee7cd89f013cbb08397377522ed5a4a
Diffstat (limited to 'puppet/modules/opendkim')
-rw-r--r--puppet/modules/opendkim/manifests/init.pp50
1 files changed, 39 insertions, 11 deletions
diff --git a/puppet/modules/opendkim/manifests/init.pp b/puppet/modules/opendkim/manifests/init.pp
index e2e766e7..4d4c5312 100644
--- a/puppet/modules/opendkim/manifests/init.pp
+++ b/puppet/modules/opendkim/manifests/init.pp
@@ -7,17 +7,20 @@ class opendkim {
$domain_hash = hiera('domain')
$domain = $domain_hash['full_suffix']
- $dkim = hiera('dkim')
+ $mx = hiera('mx')
+ $dkim = $mx['dkim']
$selector = $dkim['selector']
+ $dkim_cert = $dkim['public_key']
$dkim_key = $dkim['private_key']
- ensure_packages(['opendkim', 'libopendkim7', 'libvbr2'])
+ ensure_packages(['opendkim', 'libvbr2'])
# postfix user needs to be in the opendkim group
# in order to access the opendkim socket located at:
# local:/var/run/opendkim/opendkim.sock
user { 'postfix':
- groups => 'opendkim';
+ groups => 'opendkim',
+ require => Package['opendkim'];
}
service { 'opendkim':
@@ -28,12 +31,37 @@ class opendkim {
subscribe => File[$dkim_key];
}
- file { '/etc/opendkim.conf':
- ensure => present,
- content => template('opendkim/opendkim.conf'),
- mode => '0644',
- owner => root,
- group => root,
- notify => Service['opendkim'],
- require => Package['opendkim'];
+ file {
+ '/etc/opendkim.conf':
+ ensure => file,
+ content => template('opendkim/opendkim.conf'),
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => Service['opendkim'],
+ require => Package['opendkim'];
+
+ '/etc/default/opendkim.conf':
+ ensure => file,
+ content => 'SOCKET="inet:8891@localhost" # listen on loopback on port 8891',
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => Service['opendkim'],
+ require => Package['opendkim'];
+
+ $dkim_key:
+ ensure => file,
+ mode => '0600',
+ owner => 'opendkim',
+ group => 'opendkim',
+ require => Package['opendkim'];
+
+ $dkim_cert:
+ ensure => file,
+ mode => '0600',
+ owner => 'opendkim',
+ group => 'opendkim',
+ require => Package['opendkim'];
+ }
}