From 6da164bdd235f81d226714e37d52735f5c4cf1e6 Mon Sep 17 00:00:00 2001 From: Micah Date: Thu, 19 Nov 2015 09:13:08 -0500 Subject: Switch to syslog for leap_mx (#6942) In order to switch to syslog for leap_mx, leap_mx needs to change to log to syslog (#6307 and #6937), and we need to clean up the platform pieces that set the non-syslog options, and rotated log files (#6942). Hopefully, this will solve the leap_mx logrotation issue at the same time (#7058) Change-Id: If68f808a65c24c91231b88d15759809c9e379294 --- puppet/modules/leap_mx/manifests/init.pp | 24 +----------------------- 1 file changed, 1 insertion(+), 23 deletions(-) (limited to 'puppet/modules/leap_mx') diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index 284662d2..5561e326 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -41,13 +41,7 @@ class leap_mx { notify => Service['leap-mx']; } - file { '/etc/default/leap_mx': - content => 'LOGFILE=/var/log/leap/mx.log', - owner => 'root', - group => 'root', - mode => '0644', - notify => Service['leap-mx']; - } + leap::logfile { 'mx': } # # LEAP-MX CODE AND DEPENDENCIES @@ -75,20 +69,4 @@ class leap_mx { hasrestart => true, require => [ Package['leap-mx'] ]; } - - augeas { - 'logrotate_mx': - context => '/files/etc/logrotate.d/leap-mx/rule', - changes => [ - 'set file /var/log/leap/mx.log', - 'set rotate 5', - 'set schedule daily', - 'clear nocreate', - 'rm create', - 'rm ifempty', - 'set compress compress', - 'set missingok missingok', - 'set copytruncate copytruncate' - ] - } } -- cgit v1.2.3 From 375527b1629597e35a6aeeef6c248a8b085abd87 Mon Sep 17 00:00:00 2001 From: Micah Date: Tue, 24 Nov 2015 16:03:13 -0500 Subject: Switch from 'vmail' to leap-mx's user/group (#6936, #7639) This change will make sure that the user/group for leap-mx exist, and it changes the mail location from /var/mail/vmail to the more helpful name /var/mail/leap-mx. This change requires: https://github.com/leapcode/leap_mx/pull/78 and it would replace merge request: https://github.com/leapcode/leap_mx/pull/65 and fix https://leap.se/code/issues/6936 and https://leap.se/code/issues/7635 Change-Id: Idbe678dc999e394232c2eeef2b2018d39ab7cc3b --- puppet/modules/leap_mx/manifests/init.pp | 24 ++++++++++++++++++------ puppet/modules/leap_mx/templates/mx.conf.erb | 2 +- 2 files changed, 19 insertions(+), 7 deletions(-) (limited to 'puppet/modules/leap_mx') diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index 5561e326..9c1b9143 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -15,18 +15,29 @@ class leap_mx { # # USER AND GROUP # + # Make the user for leap-mx. This user is where all legitimate, non-system + # mail is delivered so leap-mx can process it. Previously, we let the system + # pick a uid/gid, but we need to know what they are set to in order to set the + # virtual_uid_maps and virtual_gid_maps. Its a bit overkill write a fact just + # for this, so instead we pick arbitrary numbers that seem unlikely to be used + # and then use them in the postfix configuration group { 'leap-mx': ensure => present, + gid => 42424, allowdupe => false; } user { 'leap-mx': - ensure => present, - allowdupe => false, - gid => 'leap-mx', - home => '/etc/leap', - require => Group['leap-mx']; + ensure => present, + comment => 'Leap Mail', + allowdupe => false, + uid => 42424, + gid => 'leap-mx', + home => '/var/mail/leap-mx', + shell => '/bin/false', + managehome => true, + require => Group['leap-mx']; } # @@ -52,7 +63,8 @@ class leap_mx { ensure => $sources['leap-mx']['revision'], require => [ Class['site_apt::preferences::twisted'], - Class['site_apt::leap_repo'] ]; + Class['site_apt::leap_repo'] + User['leap-mx'] ]; 'leap-keymanager': ensure => latest; diff --git a/puppet/modules/leap_mx/templates/mx.conf.erb b/puppet/modules/leap_mx/templates/mx.conf.erb index e05bc150..a2c293c6 100644 --- a/puppet/modules/leap_mx/templates/mx.conf.erb +++ b/puppet/modules/leap_mx/templates/mx.conf.erb @@ -1,5 +1,5 @@ [mail1] -path=/var/mail/vmail/Maildir +path=/var/mail/leap-mx/Maildir recursive=True [couchdb] -- cgit v1.2.3 From ef4bb8a2d94352750eae218a37450c5baeadc5a9 Mon Sep 17 00:00:00 2001 From: Micah Date: Tue, 1 Dec 2015 11:15:23 -0500 Subject: fix missing comma Change-Id: I6ab266ea4f74277f8262653c43f2b3a5a4254a79 --- puppet/modules/leap_mx/manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/leap_mx') diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index 9c1b9143..70d2c2d4 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -63,7 +63,7 @@ class leap_mx { ensure => $sources['leap-mx']['revision'], require => [ Class['site_apt::preferences::twisted'], - Class['site_apt::leap_repo'] + Class['site_apt::leap_repo'], User['leap-mx'] ]; 'leap-keymanager': -- cgit v1.2.3 From 40968b97e8a01957667d12fe627a1a194d57be77 Mon Sep 17 00:00:00 2001 From: Micah Date: Tue, 8 Dec 2015 14:54:33 -0500 Subject: Manage the /var/mail/leap-mx directory to ensure it exists properly and has the right permissions (see #6936) Change-Id: Ib7b86d73197fecfd74b72fe5ff06d1a78d9d4432 --- puppet/modules/leap_mx/manifests/init.pp | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'puppet/modules/leap_mx') diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index 70d2c2d4..055a57ef 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -40,6 +40,14 @@ class leap_mx { require => Group['leap-mx']; } + file { '/var/mail/leap-mx': + ensure => directory, + owner => 'leap-mx', + group => 'leap-mx', + mode => '0755', + require => User['leap-mx'], + } + # # LEAP-MX CONFIG # -- cgit v1.2.3 From 73624f1e87974ab71b5d8e44073347725e492e5c Mon Sep 17 00:00:00 2001 From: Micah Date: Thu, 10 Dec 2015 15:55:57 -0500 Subject: Have leap-mx log with the process name 'leap-mx', but log to /var/log/leap/mx.log, and clean up the files associated with the previous configuration (#7691) Change-Id: Id08c97980292968e8e89f128afb5fa78bda30069 --- puppet/modules/leap_mx/manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/leap_mx') diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index 055a57ef..5c356315 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -60,7 +60,7 @@ class leap_mx { notify => Service['leap-mx']; } - leap::logfile { 'mx': } + leap::logfile { 'mx': process => 'leap-mx' } # # LEAP-MX CODE AND DEPENDENCIES -- cgit v1.2.3 From 583ce5e8f3b548f17fb3f9a48156edeba381e260 Mon Sep 17 00:00:00 2001 From: Micah Date: Thu, 10 Dec 2015 15:38:25 -0500 Subject: Make sure /var/mail/leap-mx/Maildir and its associated common maildir directories are managed by the platform (#6936) Change-Id: I1836eb728c0379b6175ae6d54231a6f6a7ae1033 --- puppet/modules/leap_mx/manifests/init.pp | 37 ++++++++++++++++++++++++++------ 1 file changed, 31 insertions(+), 6 deletions(-) (limited to 'puppet/modules/leap_mx') diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index 5c356315..50bc8a18 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -40,12 +40,37 @@ class leap_mx { require => Group['leap-mx']; } - file { '/var/mail/leap-mx': - ensure => directory, - owner => 'leap-mx', - group => 'leap-mx', - mode => '0755', - require => User['leap-mx'], + file { + '/var/mail/leap-mx': + ensure => directory, + owner => 'leap-mx', + group => 'leap-mx', + mode => '0755', + require => User['leap-mx']; + + '/var/mail/leap-mx/Maildir': + ensure => directory, + owner => 'leap-mx', + group => 'leap-mx', + mode => '0700'; + + '/var/mail/leap-mx/Maildir/new': + ensure => directory, + owner => 'leap-mx', + group => 'leap-mx', + mode => '0700'; + + '/var/mail/leap-mx/Maildir/cur': + ensure => directory, + owner => 'leap-mx', + group => 'leap-mx', + mode => '0700'; + + '/var/mail/leap-mx/Maildir/tmp': + ensure => directory, + owner => 'leap-mx', + group => 'leap-mx', + mode => '0700'; } # -- cgit v1.2.3 From 22d6397fb2e71345652a80392cd72d359ece68a4 Mon Sep 17 00:00:00 2001 From: Micah Date: Tue, 15 Dec 2015 19:23:47 -0500 Subject: add fingerprint map configuration section (#7725) Change-Id: I895c25daca65c19916c47267e61a4f04a6489a84 --- puppet/modules/leap_mx/templates/mx.conf.erb | 3 +++ 1 file changed, 3 insertions(+) (limited to 'puppet/modules/leap_mx') diff --git a/puppet/modules/leap_mx/templates/mx.conf.erb b/puppet/modules/leap_mx/templates/mx.conf.erb index a2c293c6..b54b3a86 100644 --- a/puppet/modules/leap_mx/templates/mx.conf.erb +++ b/puppet/modules/leap_mx/templates/mx.conf.erb @@ -13,3 +13,6 @@ port=4242 [check recipient] port=2244 + +[fingerprint map] +port=2424 -- cgit v1.2.3 From 45e81ca4abc81600998f11a5e74a565f545e6c84 Mon Sep 17 00:00:00 2001 From: elijah Date: Tue, 2 Feb 2016 10:21:49 -0800 Subject: finally fix leap-mx logging, for the last time, hopefully. --- puppet/modules/leap_mx/manifests/init.pp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'puppet/modules/leap_mx') diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index 50bc8a18..6bdcec42 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -85,7 +85,10 @@ class leap_mx { notify => Service['leap-mx']; } - leap::logfile { 'mx': process => 'leap-mx' } + leap::logfile { 'leap-mx': + log => '/var/log/leap/mx.log', + process => 'leap-mx' + } # # LEAP-MX CODE AND DEPENDENCIES -- cgit v1.2.3 From 65335becbf8602b65ed385090400088f56293d9b Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 10 Mar 2016 21:12:11 +0100 Subject: [jessie] Remove obsolete backports pinning --- puppet/modules/leap_mx/manifests/init.pp | 2 -- 1 file changed, 2 deletions(-) (limited to 'puppet/modules/leap_mx') diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index 6bdcec42..6dfee44d 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -10,7 +10,6 @@ class leap_mx { $sources = hiera('sources') include soledad::common - include site_apt::preferences::twisted # # USER AND GROUP @@ -98,7 +97,6 @@ class leap_mx { $sources['leap-mx']['package']: ensure => $sources['leap-mx']['revision'], require => [ - Class['site_apt::preferences::twisted'], Class['site_apt::leap_repo'], User['leap-mx'] ]; -- cgit v1.2.3 From 22b788920defdd42b4abda144afd8ca69d0a9d37 Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 18 Apr 2016 18:19:44 +0200 Subject: [style] lint some custom manifests I used `puppet-lint -f FILE` to fix most issues, while finishing with manual intervention. --- puppet/modules/leap_mx/manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/leap_mx') diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index 6dfee44d..e5d85b91 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -85,7 +85,7 @@ class leap_mx { } leap::logfile { 'leap-mx': - log => '/var/log/leap/mx.log', + log => '/var/log/leap/mx.log', process => 'leap-mx' } -- cgit v1.2.3 From 8370875d608ebddae09fcd05741bb77e0e31c122 Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 18 Apr 2016 18:28:29 +0200 Subject: [style] more manual linting for custom manifests --- puppet/modules/leap_mx/manifests/init.pp | 1 + 1 file changed, 1 insertion(+) (limited to 'puppet/modules/leap_mx') diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index e5d85b91..d758e3ab 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -1,3 +1,4 @@ +# deploy leap mx service class leap_mx { $leap_mx = hiera('couchdb_leap_mx_user') -- cgit v1.2.3