From cff07b7b3642c0d53e02cb0885f24250037b8d15 Mon Sep 17 00:00:00 2001
From: Micah <micah@leap.se>
Date: Tue, 23 Feb 2016 14:15:17 -0500
Subject: Update opendkim platform pieces to match leap-cli.

Change-Id: I9c8f9c9c3ee7cd89f013cbb08397377522ed5a4a
---
 puppet/modules/opendkim/manifests/init.pp | 50 ++++++++++++++++++++++++-------
 1 file changed, 39 insertions(+), 11 deletions(-)

(limited to 'puppet/modules/opendkim/manifests/init.pp')

diff --git a/puppet/modules/opendkim/manifests/init.pp b/puppet/modules/opendkim/manifests/init.pp
index e2e766e7..4d4c5312 100644
--- a/puppet/modules/opendkim/manifests/init.pp
+++ b/puppet/modules/opendkim/manifests/init.pp
@@ -7,17 +7,20 @@ class opendkim {
 
   $domain_hash = hiera('domain')
   $domain      = $domain_hash['full_suffix']
-  $dkim        = hiera('dkim')
+  $mx          = hiera('mx')
+  $dkim        = $mx['dkim']
   $selector    = $dkim['selector']
+  $dkim_cert   = $dkim['public_key']
   $dkim_key    = $dkim['private_key']
 
-  ensure_packages(['opendkim', 'libopendkim7', 'libvbr2'])
+  ensure_packages(['opendkim', 'libvbr2'])
 
   # postfix user needs to be in the opendkim group
   # in order to access the opendkim socket located at:
   # local:/var/run/opendkim/opendkim.sock
   user { 'postfix':
-    groups => 'opendkim';
+    groups  => 'opendkim',
+    require => Package['opendkim'];
   }
 
   service { 'opendkim':
@@ -28,12 +31,37 @@ class opendkim {
     subscribe  => File[$dkim_key];
   }
 
-  file { '/etc/opendkim.conf':
-    ensure  => present,
-    content => template('opendkim/opendkim.conf'),
-    mode    => '0644',
-    owner   => root,
-    group   => root,
-    notify  => Service['opendkim'],
-    require => Package['opendkim'];
+  file {
+    '/etc/opendkim.conf':
+      ensure  => file,
+      content => template('opendkim/opendkim.conf'),
+      mode    => '0644',
+      owner   => root,
+      group   => root,
+      notify  => Service['opendkim'],
+      require => Package['opendkim'];
+
+    '/etc/default/opendkim.conf':
+      ensure  => file,
+      content => 'SOCKET="inet:8891@localhost" # listen on loopback on port 8891',
+      mode    => '0644',
+      owner   => root,
+      group   => root,
+      notify  => Service['opendkim'],
+      require => Package['opendkim'];
+
+    $dkim_key:
+      ensure  => file,
+      mode    => '0600',
+      owner   => 'opendkim',
+      group   => 'opendkim',
+      require => Package['opendkim'];
+
+    $dkim_cert:
+      ensure  => file,
+      mode    => '0600',
+      owner   => 'opendkim',
+      group   => 'opendkim',
+      require => Package['opendkim'];
+  }
 }
-- 
cgit v1.2.3