diff options
Diffstat (limited to 'puppet/modules/opendkim/manifests')
-rw-r--r-- | puppet/modules/opendkim/manifests/init.pp | 50 |
1 files changed, 39 insertions, 11 deletions
diff --git a/puppet/modules/opendkim/manifests/init.pp b/puppet/modules/opendkim/manifests/init.pp index e2e766e7..4d4c5312 100644 --- a/puppet/modules/opendkim/manifests/init.pp +++ b/puppet/modules/opendkim/manifests/init.pp @@ -7,17 +7,20 @@ class opendkim { $domain_hash = hiera('domain') $domain = $domain_hash['full_suffix'] - $dkim = hiera('dkim') + $mx = hiera('mx') + $dkim = $mx['dkim'] $selector = $dkim['selector'] + $dkim_cert = $dkim['public_key'] $dkim_key = $dkim['private_key'] - ensure_packages(['opendkim', 'libopendkim7', 'libvbr2']) + ensure_packages(['opendkim', 'libvbr2']) # postfix user needs to be in the opendkim group # in order to access the opendkim socket located at: # local:/var/run/opendkim/opendkim.sock user { 'postfix': - groups => 'opendkim'; + groups => 'opendkim', + require => Package['opendkim']; } service { 'opendkim': @@ -28,12 +31,37 @@ class opendkim { subscribe => File[$dkim_key]; } - file { '/etc/opendkim.conf': - ensure => present, - content => template('opendkim/opendkim.conf'), - mode => '0644', - owner => root, - group => root, - notify => Service['opendkim'], - require => Package['opendkim']; + file { + '/etc/opendkim.conf': + ensure => file, + content => template('opendkim/opendkim.conf'), + mode => '0644', + owner => root, + group => root, + notify => Service['opendkim'], + require => Package['opendkim']; + + '/etc/default/opendkim.conf': + ensure => file, + content => 'SOCKET="inet:8891@localhost" # listen on loopback on port 8891', + mode => '0644', + owner => root, + group => root, + notify => Service['opendkim'], + require => Package['opendkim']; + + $dkim_key: + ensure => file, + mode => '0600', + owner => 'opendkim', + group => 'opendkim', + require => Package['opendkim']; + + $dkim_cert: + ensure => file, + mode => '0600', + owner => 'opendkim', + group => 'opendkim', + require => Package['opendkim']; + } } |