summaryrefslogtreecommitdiff
path: root/puppet/modules/opendkim/manifests
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/modules/opendkim/manifests')
-rw-r--r--puppet/modules/opendkim/manifests/init.pp50
1 files changed, 39 insertions, 11 deletions
diff --git a/puppet/modules/opendkim/manifests/init.pp b/puppet/modules/opendkim/manifests/init.pp
index e2e766e7..4d4c5312 100644
--- a/puppet/modules/opendkim/manifests/init.pp
+++ b/puppet/modules/opendkim/manifests/init.pp
@@ -7,17 +7,20 @@ class opendkim {
$domain_hash = hiera('domain')
$domain = $domain_hash['full_suffix']
- $dkim = hiera('dkim')
+ $mx = hiera('mx')
+ $dkim = $mx['dkim']
$selector = $dkim['selector']
+ $dkim_cert = $dkim['public_key']
$dkim_key = $dkim['private_key']
- ensure_packages(['opendkim', 'libopendkim7', 'libvbr2'])
+ ensure_packages(['opendkim', 'libvbr2'])
# postfix user needs to be in the opendkim group
# in order to access the opendkim socket located at:
# local:/var/run/opendkim/opendkim.sock
user { 'postfix':
- groups => 'opendkim';
+ groups => 'opendkim',
+ require => Package['opendkim'];
}
service { 'opendkim':
@@ -28,12 +31,37 @@ class opendkim {
subscribe => File[$dkim_key];
}
- file { '/etc/opendkim.conf':
- ensure => present,
- content => template('opendkim/opendkim.conf'),
- mode => '0644',
- owner => root,
- group => root,
- notify => Service['opendkim'],
- require => Package['opendkim'];
+ file {
+ '/etc/opendkim.conf':
+ ensure => file,
+ content => template('opendkim/opendkim.conf'),
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => Service['opendkim'],
+ require => Package['opendkim'];
+
+ '/etc/default/opendkim.conf':
+ ensure => file,
+ content => 'SOCKET="inet:8891@localhost" # listen on loopback on port 8891',
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => Service['opendkim'],
+ require => Package['opendkim'];
+
+ $dkim_key:
+ ensure => file,
+ mode => '0600',
+ owner => 'opendkim',
+ group => 'opendkim',
+ require => Package['opendkim'];
+
+ $dkim_cert:
+ ensure => file,
+ mode => '0600',
+ owner => 'opendkim',
+ group => 'opendkim',
+ require => Package['opendkim'];
+ }
}