1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
class site_postfix::mx {
$domain_hash = hiera ('domain')
$domain = $domain_hash['full_suffix']
$mx_hash = hiera('mx')
$cert_name = hiera('name')
$root_mail_recipient = $mx_hash['contact']
$postfix_smtp_listen = 'all'
include site_config::x509::cert_key
include site_config::x509::client_ca
postfix::config {
'mydestination':
value => "\$myorigin, localhost, localhost.\$mydomain, ${domain}";
'mailbox_size_limit': value => '0';
'home_mailbox': value => 'Maildir/';
'virtual_alias_maps': value => 'tcp:localhost:4242';
'luser_relay': value => 'vmail';
}
include site_postfix::mx::smtpd_checks
include site_postfix::checks
include site_postfix::mx::tls
# greater verbosity for debugging, take out for production
#include site_postfix::debug
user { 'vmail':
ensure => present,
comment => 'Leap Mailspool',
home => '/var/mail/vmail',
shell => '/bin/false',
managehome => true,
}
class { 'postfix':
preseed => true,
root_mail_recipient => $root_mail_recipient,
smtp_listen => 'all',
mastercf_tail =>
"smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_tls_security_level=encrypt
submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_recipient_restrictions=\$submission_recipient_restrictions
-o smtpd_helo_restrictions=\$submission_helo_restrictions",
require => [
Class['Site_config::X509::Cert_key'],
Class['Site_config::X509::Client_ca'],
User['vmail'] ]
}
}
|
