diff options
author | Micah <micah@leap.se> | 2016-07-12 16:46:25 -0400 |
---|---|---|
committer | Micah <micah@leap.se> | 2016-07-12 16:46:25 -0400 |
commit | 5247b7ccf5b5889ee16262dd976b03047e34e32c (patch) | |
tree | c2a8483ac22f75d842ebc3ad6f3c6f24954b9cef /puppet/modules/postfix/manifests/tlspolicy_snippet.pp | |
parent | d8a8d30b04d34387f309d9f5b7afdbcad01f7cbc (diff) |
git subrepo clone https://leap.se/git/puppet_postfix puppet/modules/postfix
subrepo:
subdir: "puppet/modules/postfix"
merged: "cce918f"
upstream:
origin: "https://leap.se/git/puppet_postfix"
branch: "master"
commit: "cce918f"
git-subrepo:
version: "0.3.0"
origin: "https://github.com/ingydotnet/git-subrepo"
commit: "1e79595"
Change-Id: I325a79fe1780ee6a5d61959310cf8e52c9a6896f
Diffstat (limited to 'puppet/modules/postfix/manifests/tlspolicy_snippet.pp')
-rw-r--r-- | puppet/modules/postfix/manifests/tlspolicy_snippet.pp | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/puppet/modules/postfix/manifests/tlspolicy_snippet.pp b/puppet/modules/postfix/manifests/tlspolicy_snippet.pp new file mode 100644 index 00000000..b63f812c --- /dev/null +++ b/puppet/modules/postfix/manifests/tlspolicy_snippet.pp @@ -0,0 +1,45 @@ +/* +== Definition: postfix::tlspolicy_snippet + +Adds a TLS policy snippets to /etc/postfix/tls_policy. +See the postfix::tlspolicy class for details. + +Parameters: +- *name*: name of destination domain Postfix will lookup. See TLS_README. +- *value*: right-hand part of the tls_policy map +- *ensure*: present/absent, defaults to present. + +Requires: +- Class["postfix"] +- Class["postfix::tlspolicy"] + +Example usage: + + node "toto.example.com" { + class { 'postfix': + manage_tls_policy => 'yes', + } + postfix::tlspolicy_snippet { + 'example.com': value => 'encrypt'; + '.example.com': value => 'encrypt'; + 'nothing.com': value => 'fingerprint match=2A:FF:F0:EC:52:04:99:45:73:1B:C2:22:7F:FD:31:6B:8F:07:43:29'; + } + } + +*/ + +define postfix::tlspolicy_snippet ($ensure="present", $value = false) { + + if ($value == false) and ($ensure == "present") { + fail("The value parameter must be set when using the postfix::tlspolicy_snippet define with ensure=present.") + } + + include postfix::tlspolicy + + concat::fragment { "postfix_tlspolicy_${name}": + ensure => "$ensure", + content => "${name} ${value}\n", + target => "$postfix::tlspolicy::postfix_merged_tlspolicy", + } + +} |