summaryrefslogtreecommitdiff
path: root/puppet/modules
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/modules')
-rw-r--r--puppet/modules/site_postfix/manifests/mx/smtpd_tls.pp (renamed from puppet/modules/site_postfix/manifests/mx/tls.pp)27
1 files changed, 1 insertions, 26 deletions
diff --git a/puppet/modules/site_postfix/manifests/mx/tls.pp b/puppet/modules/site_postfix/manifests/mx/smtpd_tls.pp
index 08978efd..5714218c 100644
--- a/puppet/modules/site_postfix/manifests/mx/tls.pp
+++ b/puppet/modules/site_postfix/manifests/mx/smtpd_tls.pp
@@ -1,4 +1,4 @@
-class site_postfix::mx::tls {
+class site_postfix::mx::smtpd_tls {
include x509::variables
$ca_path = "${x509::variables::local_CAs}/${site_config::params::client_ca_name}.crt"
@@ -50,29 +50,4 @@ class site_postfix::mx::tls {
value => '/etc/postfix/smtpd_tls_dh_param.pem',
require => File['/etc/postfix/smtpd_tls_dh_param.pem']
}
-
}
- # smtp TLS
- postfix::config {
- 'smtp_use_tls': value => 'yes';
- 'smtp_tls_CApath': value => '/etc/ssl/certs/';
- 'smtp_tls_CAfile': value => $ca_path;
- 'smtp_tls_cert_file': value => $cert_path;
- 'smtp_tls_key_file': value => $key_path;
- 'smtp_tls_ask_ccert': value => 'yes';
- 'smtp_tls_loglevel': value => '1';
- 'smtp_tls_exclude_ciphers':
- value => 'aNULL, MD5, DES';
- # upstream default is md5 (since 2.5 and older used it), we force sha1
- 'smtp_tls_fingerprint_digest':
- value => 'sha1';
- 'smtp_tls_session_cache_database':
- value => 'btree:${queue_directory}/smtp_cache';
- 'smtp_tls_security_level':
- value => 'may';
- # see issue #4011
- 'smtp_tls_protocols':
- value => '!SSLv2, !SSLv3';
- }
-
-