From f9f6fc3be8b2e3e840dbf85d497160f14ba82ce8 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Mon, 22 Aug 2011 16:46:36 -0400 Subject: add preliminary support for debian --- manifests/base.pp | 4 +++- manifests/debian.pp | 6 ++++++ manifests/init.pp | 1 + 3 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 manifests/debian.pp diff --git a/manifests/base.pp b/manifests/base.pp index 85024ce..b94ed5e 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -1,5 +1,7 @@ class dovecot::base { - package{'dovecot': + + package { 'dovecot': + alias => 'dovecot', ensure => installed, } diff --git a/manifests/debian.pp b/manifests/debian.pp new file mode 100644 index 0000000..8946208 --- /dev/null +++ b/manifests/debian.pp @@ -0,0 +1,6 @@ +class dovecot::debian inherits dovecot::base { + + Package['dovecot'] { name => [ 'dovecot-imapd', 'dovecot-pop3d' ] } + +} + diff --git a/manifests/init.pp b/manifests/init.pp index a6f5fcc..b7d84e6 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -13,6 +13,7 @@ class dovecot( ){ case $operatingsystem { centos: { include dovecot::centos } + debian: { include dovecot::debian } default: { include dovecot::base } } -- cgit v1.2.3 From 8ff409bee3432068cd99330084cdfa43c84b8b21 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Mon, 22 Aug 2011 16:47:06 -0400 Subject: remove unneeded comment --- manifests/init.pp | 1 - 1 file changed, 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index b7d84e6..09af028 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,4 +1,3 @@ -# we take rpms from fedora class dovecot( $type = 'some_unkown_type', $sqlite = false, -- cgit v1.2.3 From 8a39fe6efb7533cf5b31ca7af74a057610c2f4f1 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 25 Aug 2011 15:49:07 -0400 Subject: formatting standardization --- manifests/base.pp | 8 +++---- manifests/centos.pp | 3 ++- manifests/deliver.pp | 4 +++- manifests/expire.pp | 5 ++-- manifests/expire/sqlite.pp | 27 +++++++++++---------- manifests/logrotate.pp | 2 ++ manifests/managesieve.pp | 4 ++-- manifests/munin.pp | 6 ++--- manifests/quota.pp | 3 ++- manifests/sieve.pp | 60 ++++++++++++++++++++++++---------------------- manifests/sql.pp | 3 ++- manifests/sql/mysql.pp | 3 ++- manifests/sql/pgsql.pp | 3 ++- manifests/sql/sqlite.pp | 3 ++- 14 files changed, 76 insertions(+), 58 deletions(-) diff --git a/manifests/base.pp b/manifests/base.pp index b94ed5e..2043359 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -5,7 +5,7 @@ class dovecot::base { ensure => installed, } - file{'/etc/dovecot.conf': + file { '/etc/dovecot.conf': source => [ "puppet:///modules/site-dovecot/config/${fqdn}/dovecot.conf", "puppet:///modules/site-dovecot/config/${dovecot::type}/dovecot.conf", "puppet:///modules/site-dovecot/config/dovecot.conf", @@ -16,13 +16,13 @@ class dovecot::base { owner => root, group => mail, mode => 0640; } - file{'/var/log/dovecot': + file { '/var/log/dovecot': ensure => directory, require => Package['dovecot'], before => Service['dovecot'], owner => dovecot, group => 12, mode => 0660, } - file{ [ '/var/log/dovecot/error.log', + file { [ '/var/log/dovecot/error.log', '/var/log/dovecot/infos.log' ]: require => Package['dovecot'], before => Service['dovecot'], @@ -31,7 +31,7 @@ class dovecot::base { include dovecot::logrotate - service{'dovecot': + service { 'dovecot': ensure => running, enable => true, } diff --git a/manifests/centos.pp b/manifests/centos.pp index 8d6e067..22caab3 100644 --- a/manifests/centos.pp +++ b/manifests/centos.pp @@ -1,5 +1,6 @@ class dovecot::centos inherits dovecot::base { - file{'/etc/sysconfig/dovecot': + + file { '/etc/sysconfig/dovecot': source => [ "puppet:///modules/site-dovecot/sysconfig/${fqdn}/dovecot", "puppet:///modules/site-dovecot/sysconfig/${dovecot::type}/dovecot", "puppet:///modules/site-dovecot/sysconfig/dovecot", diff --git a/manifests/deliver.pp b/manifests/deliver.pp index c501ebe..da190f1 100644 --- a/manifests/deliver.pp +++ b/manifests/deliver.pp @@ -1,6 +1,8 @@ class dovecot::deliver { + include ::dovecot - file{ [ '/var/log/dovecot/deliver.log', + + file { [ '/var/log/dovecot/deliver.log', '/var/log/dovecot/deliver-error.log' ]: require => Package['dovecot'], before => Service['dovecot'], diff --git a/manifests/expire.pp b/manifests/expire.pp index 2c9bc17..9d53bb4 100644 --- a/manifests/expire.pp +++ b/manifests/expire.pp @@ -1,7 +1,8 @@ class dovecot::expire { + include ::dovecot - file{'/etc/cron.daily/dovecot-expire': + file { '/etc/cron.daily/dovecot-expire': owner => root, group => 0, mode => 0755; } if $dovecot_expire_type == 'legacy' or $dovecot_expire_type == 'mixed' { @@ -34,7 +35,7 @@ class dovecot::expire { owner => root, group => 0, mode => 0600; } - file{'/usr/libexec/dovecot/expire-tool.sh': + file { '/usr/libexec/dovecot/expire-tool.sh': source => "puppet:///modules/dovecot/expire/expire-tool.sh", owner => root, group => 0, mode => 0700; } diff --git a/manifests/expire/sqlite.pp b/manifests/expire/sqlite.pp index a9fed4b..a3c4a7d 100644 --- a/manifests/expire/sqlite.pp +++ b/manifests/expire/sqlite.pp @@ -1,19 +1,22 @@ class dovecot::expire::sqlite { + include ::sqlite - file{'/var/lib/dovecot/expire.db': - ensure => file, - replace => false, - require => Package['sqlite'], - owner => root, group => 0, mode => 0600; - } - file{'/var/lib/dovecot/expire.sql': - source => "puppet:///modules/dovecot/expire/expire.sqlite.sql", - require => File['/var/lib/dovecot/expire.db'], - notify => Exec['create_expire_db'], - owner => root, group => 0, mode => 0600; + + file { + '/var/lib/dovecot/expire.db': + ensure => file, + replace => false, + require => Package['sqlite'], + owner => root, group => 0, mode => 0600; + + '/var/lib/dovecot/expire.sql': + source => "puppet:///modules/dovecot/expire/expire.sqlite.sql", + require => File['/var/lib/dovecot/expire.db'], + notify => Exec['create_expire_db'], + owner => root, group => 0, mode => 0600; } - exec{'create_expire_db': + exec { 'create_expire_db': command => 'cat /var/lib/dovecot/expire.sql | sqlite3 /var/lib/dovecot/expire.db', refreshonly => true, } diff --git a/manifests/logrotate.pp b/manifests/logrotate.pp index a26e1c2..1457eb1 100644 --- a/manifests/logrotate.pp +++ b/manifests/logrotate.pp @@ -1,5 +1,7 @@ class dovecot::logrotate { + include logrotate + augeas { "logrotate_dovecot": context => "/files/etc/logrotate.d/dovecot/rule", diff --git a/manifests/managesieve.pp b/manifests/managesieve.pp index 0343ed7..2cbe86d 100644 --- a/manifests/managesieve.pp +++ b/manifests/managesieve.pp @@ -5,7 +5,7 @@ class dovecot::managesieve( 'sieve-hostname' => $fqdn, } ) { - package{'dovecot-managesieve': + package { 'dovecot-managesieve': ensure => installed, before => Service['dovecot'], } @@ -18,7 +18,7 @@ class dovecot::managesieve( } if $dovecot::managesieve::nagios_checks { - nagios::service{"managesieve": + nagios::service { "managesieve": check_command => "check_managesieve!${dovecot::managesieve::nagios_checks['sieve-hostname']}"; } } diff --git a/manifests/munin.pp b/manifests/munin.pp index 9d05de8..77e6c5c 100644 --- a/manifests/munin.pp +++ b/manifests/munin.pp @@ -1,7 +1,7 @@ class dovecot::munin { - munin::plugin::deploy{'dovecot': + + munin::plugin::deploy { 'dovecot': source => "dovecot/munin/dovecot", - config => "env.logfile /var/log/dovecot/infos.log -group mail" + config => "env.logfile /var/log/dovecot/infos.log\ngroup mail" } } diff --git a/manifests/quota.pp b/manifests/quota.pp index 78fb407..a36fac0 100644 --- a/manifests/quota.pp +++ b/manifests/quota.pp @@ -1,5 +1,6 @@ class dovecot::quota { - file{'/usr/libexec/dovecot/quota-warning.sh': + + file { '/usr/libexec/dovecot/quota-warning.sh': source => [ "puppet:///modules/site-dovecot/quota/quota-warning.sh", "puppet:///modules/dovecot/quota/quota-warning.sh" ], require => Package['dovecot'], diff --git a/manifests/sieve.pp b/manifests/sieve.pp index 60a6cd9..81f2a1a 100644 --- a/manifests/sieve.pp +++ b/manifests/sieve.pp @@ -1,38 +1,42 @@ class dovecot::sieve { + include ::dovecot - package{'dovecot-sieve': + + package { 'dovecot-sieve': ensure => installed, before => Service['dovecot'], } - file{'/var/lib/dovecot-sieve': - ensure => directory, - owner => root, group => 0, mode => 0644; - } - file{'/var/lib/dovecot-sieve/global': - ensure => directory, - recurse => true, - purge => true, - force => true, - notify => Exec['compile_global_sieve'], - owner => root, group => root, mode => 0644; - } - file{'/var/lib/dovecot-sieve/default.sieve': - source => [ "puppet:///modules/site-dovecot/sieve/${fqdn}/default.sieve", - "puppet:///modules/site-dovecot/sieve/default.sieve", - "puppet:///modules/dovecot/sieve/${operatingsystem}/default.sieve", - "puppet:///modules/dovecot/sieve/default.sieve" ], - notify => Exec['compile_default_sieve'], - owner => root, group => root, mode => 0644; - } + file { + '/var/lib/dovecot-sieve': + ensure => directory, + owner => root, group => 0, mode => 0644; + + '/var/lib/dovecot-sieve/global': + ensure => directory, + recurse => true, + purge => true, + force => true, + notify => Exec['compile_global_sieve'], + owner => root, group => root, mode => 0644; - exec{'compile_default_sieve': - command => 'sievec /var/lib/dovecot-sieve/default.sieve', - creates => '/var/lib/dovecot-sieve/default.svbin', - require => File['/var/lib/dovecot-sieve/default.sieve'], + '/var/lib/dovecot-sieve/default.sieve': + source => [ "puppet:///modules/site-dovecot/sieve/${fqdn}/default.sieve", + "puppet:///modules/site-dovecot/sieve/default.sieve", + "puppet:///modules/dovecot/sieve/${operatingsystem}/default.sieve", + "puppet:///modules/dovecot/sieve/default.sieve" ], + notify => Exec['compile_default_sieve'], + owner => root, group => root, mode => 0644; } - exec{'compile_global_sieve': - command => 'sievec /var/lib/dovecot-sieve/global/', - refreshonly => true, + + exec { + 'compile_default_sieve': + command => 'sievec /var/lib/dovecot-sieve/default.sieve', + creates => '/var/lib/dovecot-sieve/default.svbin', + require => File['/var/lib/dovecot-sieve/default.sieve']; + + 'compile_global_sieve': + command => 'sievec /var/lib/dovecot-sieve/global/', + refreshonly => true; } } diff --git a/manifests/sql.pp b/manifests/sql.pp index b9c9248..a231239 100644 --- a/manifests/sql.pp +++ b/manifests/sql.pp @@ -1,5 +1,6 @@ class dovecot::sql { - file{'/etc/dovecot-sql.conf': + + file { '/etc/dovecot-sql.conf': source => [ "puppet:///modules/site-dovecot/sql/${fqdn}/dovecot-sql.conf", "puppet:///modules/site-dovecot/sql/${dovecot::type}/dovecot-sql.conf", "puppet:///modules/site-dovecot/sql/dovecot-sql.conf", diff --git a/manifests/sql/mysql.pp b/manifests/sql/mysql.pp index 378ed41..95149d7 100644 --- a/manifests/sql/mysql.pp +++ b/manifests/sql/mysql.pp @@ -1,5 +1,6 @@ class dovecot::sql::mysql { - package{'dovecot-mysql': + + package { 'dovecot-mysql': ensure => installed, before => File['/etc/dovecot-sql.conf'], } diff --git a/manifests/sql/pgsql.pp b/manifests/sql/pgsql.pp index 530e878..8fa2ae1 100644 --- a/manifests/sql/pgsql.pp +++ b/manifests/sql/pgsql.pp @@ -1,5 +1,6 @@ class dovecot::sql::pgsql { - package{'dovecot-pgsql': + + package { 'dovecot-pgsql': ensure => installed, before => File['/etc/dovecot-sql.conf'], } diff --git a/manifests/sql/sqlite.pp b/manifests/sql/sqlite.pp index bc07fb7..5a2bb06 100644 --- a/manifests/sql/sqlite.pp +++ b/manifests/sql/sqlite.pp @@ -1,5 +1,6 @@ class dovecot::sql::sqlite { - package{'dovecot-sqlite': + + package { 'dovecot-sqlite': ensure => installed, before => File['/etc/dovecot-sql.conf'], } -- cgit v1.2.3 From e7ef4818e866dd4c871b317efae9fe513a43d4ce Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 25 Aug 2011 16:01:04 -0400 Subject: debian doesn't have different packages for the different database drivers to dovecot so we case out based on the $operatingsystem to determine if we include those packages, or not. Additionally, the dovecot config on Debian is in /etc/dovecot, so we override the dovecot-sql.conf resource to specify that location --- manifests/sql.pp | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/manifests/sql.pp b/manifests/sql.pp index a231239..fc9a864 100644 --- a/manifests/sql.pp +++ b/manifests/sql.pp @@ -11,13 +11,21 @@ class dovecot::sql { owner => root, group => 0, mode => 0600; } - if $dovecot::mysql { - include ::dovecot::sql::mysql - } - if $dovecot::pgsql { - include ::dovecot::sql::pgsql - } - if $dovecot::sqlite { - include ::dovecot::sql::sqlite + case $operatingsystem { + centos: { + if $dovecot::mysql { + include ::dovecot::sql::mysql + } + if $dovecot::pgsql { + include ::dovecot::sql::pgsql + } + if $dovecot::sqlite { + include ::dovecot::sql::sqlite + } + } + debian: { + File['/etc/dovecot-sql.conf'] { path => '/etc/dovecot/dovecot-sql.conf' } + } + default: {} } } -- cgit v1.2.3 From 603ed93dc24b3433e09ee564b06c02e19f5b9d23 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 25 Aug 2011 16:03:29 -0400 Subject: override the location of the dovecot configuration file for Debian's location --- manifests/debian.pp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/manifests/debian.pp b/manifests/debian.pp index 8946208..03fa7b1 100644 --- a/manifests/debian.pp +++ b/manifests/debian.pp @@ -2,5 +2,7 @@ class dovecot::debian inherits dovecot::base { Package['dovecot'] { name => [ 'dovecot-imapd', 'dovecot-pop3d' ] } + File['/etc/dovecot.conf'] { path => '/etc/dovecot/dovecot.conf' } + } -- cgit v1.2.3 From 8ebe49c6d20bd2fd7d59303d193fe941742bb1e7 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 30 Aug 2011 15:12:40 -0400 Subject: add mysql expire capability, provides a mysql-dict-expire.conf --- files/expire/mysql-dict-expire.conf | 12 ++++++++++++ manifests/expire.pp | 1 + manifests/expire/mysql.pp | 20 ++++++++++++++++++++ 3 files changed, 33 insertions(+) create mode 100644 files/expire/mysql-dict-expire.conf create mode 100644 manifests/expire/mysql.pp diff --git a/files/expire/mysql-dict-expire.conf b/files/expire/mysql-dict-expire.conf new file mode 100644 index 0000000..ecf3cc8 --- /dev/null +++ b/files/expire/mysql-dict-expire.conf @@ -0,0 +1,12 @@ +connect = host=localhost dbname=mails user=sqluser password=sqlpass + +map { + pattern = shared/expire/$user/$mailbox + table = expires + value_field = expire_stamp + + fields { + username = $user + mailbox = $mailbox + } +} \ No newline at end of file diff --git a/manifests/expire.pp b/manifests/expire.pp index 9d53bb4..9bc120a 100644 --- a/manifests/expire.pp +++ b/manifests/expire.pp @@ -44,6 +44,7 @@ class dovecot::expire { case $dovecot_expire_type { 'legacy': { info("no need to include anything for legacy mode") } 'mixed': { include ::dovecot::expire::sqlite } + 'mysql': { include ::dovecot::expire::mysql } default: { include ::dovecot::expire::sqlite } } } diff --git a/manifests/expire/mysql.pp b/manifests/expire/mysql.pp new file mode 100644 index 0000000..f356d8e --- /dev/null +++ b/manifests/expire/mysql.pp @@ -0,0 +1,20 @@ +class dovecot::expire::mysql { + + file { 'dovecot-dict-expire.conf': + source => [ "puppet:///modules/site-dovecot/expire/${fqdn}/mysql-dict-expire.conf", + "puppet:///modules/site-dovecot/expire/mysql-dict-expire.conf", + "puppet:///modules/dovecot/expire/${operatingsystem}/mysql-dict-expire.conf", + "puppet:///modules/dovecot/expire/mysql-dict-expire.conf", + path => $operatingsystem ? { + 'debian' => '/etc/dovecot/dovecot-dict-expire.conf', + default => '/etc/dovecot-dict-expire.conf' + }, + require => $operatingsystem ? { + 'debian' => Package['dovecot-common'], + default => Package['dovecot-mysql'], + }, + notify => Service['dovecot'], + owner => root, group => 0, mode => 0600; + } + +} -- cgit v1.2.3 From 9ebb2fe7183953c97e90983e41fe3fb875d41e0d Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 30 Aug 2011 15:13:08 -0400 Subject: add debian-specific cron expire snippet --- manifests/expire.pp | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/manifests/expire.pp b/manifests/expire.pp index 9bc120a..f87318f 100644 --- a/manifests/expire.pp +++ b/manifests/expire.pp @@ -19,8 +19,18 @@ class dovecot::expire { content => "find ${dovecot_mail_location} -regex '.*/\\.\\(${dovecot_expire_dirs}\\)\\(/.*\\)?\\/\\(cur\\|new\\)/.*' -type f -ctime +${dovecot_expire_days} -delete\n" } } else { - File['/etc/cron.daily/dovecot-expire']{ - content => "dovecot --exec-mail ext /usr/libexec/dovecot/expire-tool.sh\n" + case $operatingsystem { + debian: { + augeas { "expire_cron": + context => "/files/etc/default/dovecot/rule", + changes => [ 'set /files/etc/default/dovecot/EXPIRE_CRON \'"daily"\'' ], + } + } + default: { + File['/etc/cron.daily/dovecot-expire']{ + content => "dovecot --exec-mail ext /usr/libexec/dovecot/expire-tool.sh\n" + } + } } } -- cgit v1.2.3 From d28e4e238a5f738f265f585f69ff3221de3118ab Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 30 Aug 2011 15:31:50 -0400 Subject: switch class expire to a parameterized class NOTE: if you are using this class, you will need to change some variables old: $dovecot_expire_type new: $type old: $dovecot_mail_location new: $mail_location old: $dovecot_expire_dirs new: $dirs old: $dovecot_expire_days new: $days much simplier :) --- manifests/expire.pp | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/manifests/expire.pp b/manifests/expire.pp index f87318f..53e69e6 100644 --- a/manifests/expire.pp +++ b/manifests/expire.pp @@ -1,22 +1,22 @@ -class dovecot::expire { +class dovecot::expire ( $type = 'sqlite', $mail_location = '' $dirs = '', $days = '' ) { include ::dovecot file { '/etc/cron.daily/dovecot-expire': owner => root, group => 0, mode => 0755; } - if $dovecot_expire_type == 'legacy' or $dovecot_expire_type == 'mixed' { - case $dovecot_mail_location { + if $type == 'legacy' or $type == 'mixed' { + case $mail_location { '': { fail("Need to set \$dovecot_mail_location on $fqdn!") } } - case $dovecot_expire_dirs { - '': { $dovecot_expire_dirs = 'Trash\|Junk' } + case $dirs { + '': { $dirs = 'Trash\|Junk' } } - case $dovecot_expire_days { - '': { $dovecot_expire_days = '14' } + case $days { + '': { $days = '14' } } File['/etc/cron.daily/dovecot-expire']{ - content => "find ${dovecot_mail_location} -regex '.*/\\.\\(${dovecot_expire_dirs}\\)\\(/.*\\)?\\/\\(cur\\|new\\)/.*' -type f -ctime +${dovecot_expire_days} -delete\n" + content => "find ${mail_location} -regex '.*/\\.\\(${dirs}\\)\\(/.*\\)?\\/\\(cur\\|new\\)/.*' -type f -ctime +${days} -delete\n" } } else { case $operatingsystem { @@ -34,7 +34,7 @@ class dovecot::expire { } } - if $dovecot_expire_type != 'legacy' { + if $type != 'legacy' { file{'/etc/dovecot-expire.conf': source => [ "puppet:///modules/site-dovecot/expire/${fqdn}/dovecot-expire.conf", "puppet:///modules/site-dovecot/expire/dovecot-expire.conf", @@ -51,7 +51,7 @@ class dovecot::expire { } } - case $dovecot_expire_type { + case $type { 'legacy': { info("no need to include anything for legacy mode") } 'mixed': { include ::dovecot::expire::sqlite } 'mysql': { include ::dovecot::expire::mysql } -- cgit v1.2.3 From 82fd77f4431d1066dd3a281724b3466091a170f8 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 30 Aug 2011 15:35:00 -0400 Subject: fix missing comma --- manifests/expire.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/expire.pp b/manifests/expire.pp index 53e69e6..4a3bff5 100644 --- a/manifests/expire.pp +++ b/manifests/expire.pp @@ -1,4 +1,4 @@ -class dovecot::expire ( $type = 'sqlite', $mail_location = '' $dirs = '', $days = '' ) { +class dovecot::expire ( $type = 'sqlite', $mail_location = '', $dirs = '', $days = '' ) { include ::dovecot -- cgit v1.2.3 From 4a9cbc686d94e8ad92e4fc40641e71b695b2d928 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 30 Aug 2011 15:36:44 -0400 Subject: fix another syntax error --- manifests/expire/mysql.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/expire/mysql.pp b/manifests/expire/mysql.pp index f356d8e..131636d 100644 --- a/manifests/expire/mysql.pp +++ b/manifests/expire/mysql.pp @@ -4,7 +4,7 @@ class dovecot::expire::mysql { source => [ "puppet:///modules/site-dovecot/expire/${fqdn}/mysql-dict-expire.conf", "puppet:///modules/site-dovecot/expire/mysql-dict-expire.conf", "puppet:///modules/dovecot/expire/${operatingsystem}/mysql-dict-expire.conf", - "puppet:///modules/dovecot/expire/mysql-dict-expire.conf", + "puppet:///modules/dovecot/expire/mysql-dict-expire.conf" ], path => $operatingsystem ? { 'debian' => '/etc/dovecot/dovecot-dict-expire.conf', default => '/etc/dovecot-dict-expire.conf' -- cgit v1.2.3 From d574f0f84b3fa8d938147da3b6423ebfac775a2f Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 30 Aug 2011 15:40:36 -0400 Subject: fix debian dovecot package dependency for dovecot-common --- manifests/debian.pp | 2 +- manifests/expire/mysql.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/debian.pp b/manifests/debian.pp index 03fa7b1..82ff579 100644 --- a/manifests/debian.pp +++ b/manifests/debian.pp @@ -1,6 +1,6 @@ class dovecot::debian inherits dovecot::base { - Package['dovecot'] { name => [ 'dovecot-imapd', 'dovecot-pop3d' ] } + Package['dovecot'] { name => [ 'dovecot-common', 'dovecot-imapd', 'dovecot-pop3d' ] } File['/etc/dovecot.conf'] { path => '/etc/dovecot/dovecot.conf' } diff --git a/manifests/expire/mysql.pp b/manifests/expire/mysql.pp index 131636d..01b72f6 100644 --- a/manifests/expire/mysql.pp +++ b/manifests/expire/mysql.pp @@ -10,7 +10,7 @@ class dovecot::expire::mysql { default => '/etc/dovecot-dict-expire.conf' }, require => $operatingsystem ? { - 'debian' => Package['dovecot-common'], + 'debian' => Package['dovecot'], default => Package['dovecot-mysql'], }, notify => Service['dovecot'], -- cgit v1.2.3 From f5c569c50b4251e0340a51cf59250bb36ef0a2d9 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 30 Aug 2011 15:56:56 -0400 Subject: the dovecot-expire.conf isn't used for the mysql type I do not understand what the dovecot-expire.conf is used for, the dovecot documentation on the expire plugin (http://wiki1.dovecot.org/Plugins/Expire) doesn't talk about that file, and I cannot locate it via searches (except to find this module!). There is also no example file in the files/expire hierarchy. If its supposed to be for the sqlite method, then it should just be moved into expire/sqlite.pp - but I am not sure how to proceed with this, because I do not understand what the 'mixed' type is supposed to be. --- manifests/expire.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/expire.pp b/manifests/expire.pp index 4a3bff5..72e1ad6 100644 --- a/manifests/expire.pp +++ b/manifests/expire.pp @@ -34,7 +34,7 @@ class dovecot::expire ( $type = 'sqlite', $mail_location = '', $dirs = '', $days } } - if $type != 'legacy' { + if $type != 'legacy' and $type != 'mysql' { file{'/etc/dovecot-expire.conf': source => [ "puppet:///modules/site-dovecot/expire/${fqdn}/dovecot-expire.conf", "puppet:///modules/site-dovecot/expire/dovecot-expire.conf", -- cgit v1.2.3 From 60d8665378156633404b7bd3c1cfa81c5c6368d0 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 31 Aug 2011 16:15:25 -0400 Subject: formatting standardization --- manifests/base.pp | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/manifests/base.pp b/manifests/base.pp index 2043359..c610128 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -16,17 +16,18 @@ class dovecot::base { owner => root, group => mail, mode => 0640; } - file { '/var/log/dovecot': - ensure => directory, - require => Package['dovecot'], - before => Service['dovecot'], - owner => dovecot, group => 12, mode => 0660, - } - file { [ '/var/log/dovecot/error.log', - '/var/log/dovecot/infos.log' ]: + file { + '/var/log/dovecot': + ensure => directory, require => Package['dovecot'], before => Service['dovecot'], - owner => root, group => 12, mode => 0660; + owner => dovecot, group => 12, mode => 0660; + + [ '/var/log/dovecot/error.log', + '/var/log/dovecot/infos.log' ]: + require => Package['dovecot'], + before => Service['dovecot'], + owner => root, group => 12, mode => 0660; } include dovecot::logrotate -- cgit v1.2.3 From 4c8f3d458efafaadf1c97564ce5e83f8026afbb1 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 31 Aug 2011 16:15:58 -0400 Subject: switch group ownership of the logfiles from gid=12, to 'dovecot', gid=12 is not universal --- manifests/base.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/base.pp b/manifests/base.pp index c610128..522b99e 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -21,13 +21,13 @@ class dovecot::base { ensure => directory, require => Package['dovecot'], before => Service['dovecot'], - owner => dovecot, group => 12, mode => 0660; + owner => dovecot, group => dovecot, mode => 0660; [ '/var/log/dovecot/error.log', '/var/log/dovecot/infos.log' ]: require => Package['dovecot'], before => Service['dovecot'], - owner => root, group => 12, mode => 0660; + owner => root, group => dovecot, mode => 0660; } include dovecot::logrotate -- cgit v1.2.3 From 15eb3c72a9ace055a9679a880ec2f1957459f204 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 31 Aug 2011 16:17:46 -0400 Subject: change the dovecot logfile to the more standard 'dovecot.log' instead of 'infos.log' also fix the group for the munin plugin --- manifests/base.pp | 2 +- manifests/munin.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/base.pp b/manifests/base.pp index 522b99e..e275a99 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -24,7 +24,7 @@ class dovecot::base { owner => dovecot, group => dovecot, mode => 0660; [ '/var/log/dovecot/error.log', - '/var/log/dovecot/infos.log' ]: + '/var/log/dovecot/dovecot.log' ]: require => Package['dovecot'], before => Service['dovecot'], owner => root, group => dovecot, mode => 0660; diff --git a/manifests/munin.pp b/manifests/munin.pp index 77e6c5c..006a10a 100644 --- a/manifests/munin.pp +++ b/manifests/munin.pp @@ -2,6 +2,6 @@ class dovecot::munin { munin::plugin::deploy { 'dovecot': source => "dovecot/munin/dovecot", - config => "env.logfile /var/log/dovecot/infos.log\ngroup mail" + config => "env.logfile /var/log/dovecot/dovecot.log\ngroup dovecot" } } -- cgit v1.2.3 From 4ddd09c2a38bd6f491f6e3a10035bf2f514ab76b Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 1 Sep 2011 13:01:07 -0400 Subject: change the munin plugin to use /bin/echo, posix dash doesn't support the '-e' flag, so it would output things like this: -en login_tls.value 0 --- files/munin/dovecot | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/files/munin/dovecot b/files/munin/dovecot index f335c76..64ac93f 100644 --- a/files/munin/dovecot +++ b/files/munin/dovecot @@ -67,7 +67,7 @@ fi ###################### # Total Logins ###################### -echo -en "login_total.value " +/bin/echo -en "login_total.value " NEW_TOTAL=$(egrep 'dovecot.*Login' $LOGFILE | grep "`date '+%b %e'`" | sort | wc -l) OLD_TOTAL=$(grep TOTAL $STAT_FILE | cut -f2 -d '=') TOTAL=$($EXPR_BIN $NEW_TOTAL - $OLD_TOTAL) @@ -86,13 +86,13 @@ DISCON=$($EXPR_BIN $CONNECTS - $DISCONNECTS) if [ $DISCON -lt 0 ]; then DISCON=0 fi -echo -en "connected.value " +/bin/echo -en "connected.value " echo $DISCON echo -n ###################### # TLS Logins ###################### -echo -en "login_tls.value " +/bin/echo -en "login_tls.value " NEW_TLS=$(egrep 'dovecot.*Login.*TLS' $LOGFILE | grep "`date '+%b %e'`" | sort | wc -l) OLD_TLS=$(grep TLS $STAT_FILE | cut -f2 -d '=') TLS=$($EXPR_BIN $NEW_TLS - $OLD_TLS) @@ -105,7 +105,7 @@ echo -n ###################### # SSL Logins ###################### -echo -en "login_ssl.value " +/bin/echo -en "login_ssl.value " NEW_SSL=$(egrep 'dovecot.*Login.*SSL' $LOGFILE | grep "`date '+%b %e'`" | sort | wc -l) OLD_SSL=$(grep SSL $STAT_FILE | cut -f2 -d '=') SSL=$($EXPR_BIN $NEW_SSL - $OLD_SSL) @@ -118,7 +118,7 @@ echo -n ###################### # IMAP Logins ###################### -echo -en "login_imap.value " +/bin/echo -en "login_imap.value " NEW_IMAP=$(egrep 'dovecot.*imap.*Login' $LOGFILE | grep "`date '+%b %e'`" | sort | wc -l) OLD_IMAP=$(grep IMAP $STAT_FILE | cut -f2 -d '=') IMAP=$($EXPR_BIN $NEW_IMAP - $OLD_IMAP) @@ -131,7 +131,7 @@ echo -n ###################### # POP3 Logins ###################### -echo -en "login_pop3.value " +/bin/echo -en "login_pop3.value " NEW_POP3=$(egrep 'dovecot.*pop3.*Login' $LOGFILE | grep "`date '+%b %e'`" | sort | wc -l) OLD_POP3=$(grep POP3 $STAT_FILE | cut -f2 -d '=') POP3=$($EXPR_BIN $NEW_POP3 - $OLD_POP3) -- cgit v1.2.3 From efd742c81f629d653b9d9a29a400f37d0a44dee9 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Fri, 2 Sep 2011 16:31:32 -0400 Subject: the new version of dovecot (version 2) has a number of differences from version 1, so I added a $version class parameter (defaulting to 2) so we can have different configurations for the different versions. for version 2, debian does have different sql packages, so we test the above variable before attempting to install the packages, rather than test for the $operatingsystem in sql.pp --- manifests/init.pp | 1 + manifests/sql.pp | 28 ++++++++++++---------------- manifests/sql/mysql.pp | 8 +++++--- manifests/sql/pgsql.pp | 8 +++++--- manifests/sql/sqlite.pp | 8 +++++--- 5 files changed, 28 insertions(+), 25 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 09af028..de8259c 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -9,6 +9,7 @@ class dovecot( }, $munin_checks = true, $manage_shorewall = true + $version = 2 ){ case $operatingsystem { centos: { include dovecot::centos } diff --git a/manifests/sql.pp b/manifests/sql.pp index fc9a864..528fd94 100644 --- a/manifests/sql.pp +++ b/manifests/sql.pp @@ -11,21 +11,17 @@ class dovecot::sql { owner => root, group => 0, mode => 0600; } - case $operatingsystem { - centos: { - if $dovecot::mysql { - include ::dovecot::sql::mysql - } - if $dovecot::pgsql { - include ::dovecot::sql::pgsql - } - if $dovecot::sqlite { - include ::dovecot::sql::sqlite - } - } - debian: { - File['/etc/dovecot-sql.conf'] { path => '/etc/dovecot/dovecot-sql.conf' } - } - default: {} + if $dovecot::mysql { + include ::dovecot::sql::mysql + } + if $dovecot::pgsql { + include ::dovecot::sql::pgsql + } + if $dovecot::sqlite { + include ::dovecot::sql::sqlite + } + + if $operatingsystem == 'Debian' { + File['/etc/dovecot-sql.conf'] { path => '/etc/dovecot/dovecot-sql.conf' } } } diff --git a/manifests/sql/mysql.pp b/manifests/sql/mysql.pp index 95149d7..f4c1a4a 100644 --- a/manifests/sql/mysql.pp +++ b/manifests/sql/mysql.pp @@ -1,7 +1,9 @@ class dovecot::sql::mysql { - package { 'dovecot-mysql': - ensure => installed, - before => File['/etc/dovecot-sql.conf'], + if $version == 2 { + package { 'dovecot-mysql': + ensure => installed, + before => File['/etc/dovecot-sql.conf'], + } } } diff --git a/manifests/sql/pgsql.pp b/manifests/sql/pgsql.pp index 8fa2ae1..39f1b64 100644 --- a/manifests/sql/pgsql.pp +++ b/manifests/sql/pgsql.pp @@ -1,7 +1,9 @@ class dovecot::sql::pgsql { - package { 'dovecot-pgsql': - ensure => installed, - before => File['/etc/dovecot-sql.conf'], + if $version == 2 { + package { 'dovecot-pgsql': + ensure => installed, + before => File['/etc/dovecot-sql.conf'], + } } } diff --git a/manifests/sql/sqlite.pp b/manifests/sql/sqlite.pp index 5a2bb06..c2a848e 100644 --- a/manifests/sql/sqlite.pp +++ b/manifests/sql/sqlite.pp @@ -1,7 +1,9 @@ class dovecot::sql::sqlite { - package { 'dovecot-sqlite': - ensure => installed, - before => File['/etc/dovecot-sql.conf'], + if $version == 2 { + package { 'dovecot-sqlite': + ensure => installed, + before => File['/etc/dovecot-sql.conf'], + } } } -- cgit v1.2.3 From 6ed512ba710312d05936261fe0873e255c27364f Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Fri, 2 Sep 2011 16:35:24 -0400 Subject: add version dependency to the expire package requirement --- manifests/expire/mysql.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/expire/mysql.pp b/manifests/expire/mysql.pp index 01b72f6..aa9d1bd 100644 --- a/manifests/expire/mysql.pp +++ b/manifests/expire/mysql.pp @@ -9,9 +9,9 @@ class dovecot::expire::mysql { 'debian' => '/etc/dovecot/dovecot-dict-expire.conf', default => '/etc/dovecot-dict-expire.conf' }, - require => $operatingsystem ? { - 'debian' => Package['dovecot'], - default => Package['dovecot-mysql'], + require => $version ? { + 2 => Package['dovecot-mysql'], + default => Package['dovecot'], }, notify => Service['dovecot'], owner => root, group => 0, mode => 0600; -- cgit v1.2.3 From 576cc1d3c30ceef2928c3bf581fdbb5530027553 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Fri, 2 Sep 2011 17:38:31 -0400 Subject: setup dovecot version differences for expire class --- manifests/expire.pp | 38 +++++++++++++++++++++++++++----------- 1 file changed, 27 insertions(+), 11 deletions(-) diff --git a/manifests/expire.pp b/manifests/expire.pp index 72e1ad6..e5679f4 100644 --- a/manifests/expire.pp +++ b/manifests/expire.pp @@ -5,6 +5,7 @@ class dovecot::expire ( $type = 'sqlite', $mail_location = '', $dirs = '', $days file { '/etc/cron.daily/dovecot-expire': owner => root, group => 0, mode => 0755; } + if $type == 'legacy' or $type == 'mixed' { case $mail_location { '': { fail("Need to set \$dovecot_mail_location on $fqdn!") } @@ -19,22 +20,37 @@ class dovecot::expire ( $type = 'sqlite', $mail_location = '', $dirs = '', $days content => "find ${mail_location} -regex '.*/\\.\\(${dirs}\\)\\(/.*\\)?\\/\\(cur\\|new\\)/.*' -type f -ctime +${days} -delete\n" } } else { - case $operatingsystem { - debian: { - augeas { "expire_cron": - context => "/files/etc/default/dovecot/rule", - changes => [ 'set /files/etc/default/dovecot/EXPIRE_CRON \'"daily"\'' ], + # dovecot version 1 way + if $version != 2 { + case $operatingsystem { + debian: { + augeas { "expire_cron": + context => "/files/etc/default/dovecot/rule", + changes => [ 'set /files/etc/default/dovecot/EXPIRE_CRON \'"daily"\'' ], + } } - } - default: { - File['/etc/cron.daily/dovecot-expire']{ - content => "dovecot --exec-mail ext /usr/libexec/dovecot/expire-tool.sh\n" + default: { + File['/etc/cron.daily/dovecot-expire']{ + content => "dovecot --exec-mail ext /usr/libexec/dovecot/expire-tool.sh\n" + } } } + } else { + # dovecot version 2 way (no mail_location, dirs need to be space separated variables and expire script runs doveadm expunge) + # problem with this method is that it doesn't allow for different times for different mailboxes + case $dirs { + '': { $dirs = 'Trash Junk' } + } + case $days { + '': { $days = '14' } + } + File['/etc/cron.daily/dovecot-expire']{ + content => "#!/bin/sh\n\n dirs='${dirs}'\nfor mailbox in \$dirs; do doveadm expunge -A mailbox \$mailbox savedbefore ${days}d; done\n" + } } } - - if $type != 'legacy' and $type != 'mysql' { + + if $type != 'legacy' and $type != 'mysql' and $version != 2 { file{'/etc/dovecot-expire.conf': source => [ "puppet:///modules/site-dovecot/expire/${fqdn}/dovecot-expire.conf", "puppet:///modules/site-dovecot/expire/dovecot-expire.conf", -- cgit v1.2.3 From 122d707683b686b6370c2a9f1cf0d86edd613c34 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 22 Sep 2011 14:31:47 -0400 Subject: debian has a different name for the managesieve process --- manifests/managesieve.pp | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/manifests/managesieve.pp b/manifests/managesieve.pp index 2cbe86d..95167d0 100644 --- a/manifests/managesieve.pp +++ b/manifests/managesieve.pp @@ -5,7 +5,13 @@ class dovecot::managesieve( 'sieve-hostname' => $fqdn, } ) { - package { 'dovecot-managesieve': + + $managesieve_package = $operatingsystem ? { + debian => managesieved, + default => managesieve + } + + package { $managesieve_package: ensure => installed, before => Service['dovecot'], } -- cgit v1.2.3 From 9b10a1e8e73863e428601e21c94b3ef664d1eaa7 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 22 Sep 2011 14:51:53 -0400 Subject: setup debian location for sieve scripts --- manifests/sieve.pp | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/manifests/sieve.pp b/manifests/sieve.pp index 81f2a1a..aa7fc3a 100644 --- a/manifests/sieve.pp +++ b/manifests/sieve.pp @@ -7,12 +7,17 @@ class dovecot::sieve { before => Service['dovecot'], } + $sieve_location = $operatingsystem ? { + debian => '/var/lib/dovecot/sieve', + default => '/var/lib/dovecot-sieve' + } + file { - '/var/lib/dovecot-sieve': + $sieve_location: ensure => directory, owner => root, group => 0, mode => 0644; - '/var/lib/dovecot-sieve/global': + "${sieve_location}/global": ensure => directory, recurse => true, purge => true, @@ -20,7 +25,7 @@ class dovecot::sieve { notify => Exec['compile_global_sieve'], owner => root, group => root, mode => 0644; - '/var/lib/dovecot-sieve/default.sieve': + "${sieve_location}/default.sieve": source => [ "puppet:///modules/site-dovecot/sieve/${fqdn}/default.sieve", "puppet:///modules/site-dovecot/sieve/default.sieve", "puppet:///modules/dovecot/sieve/${operatingsystem}/default.sieve", @@ -31,12 +36,12 @@ class dovecot::sieve { exec { 'compile_default_sieve': - command => 'sievec /var/lib/dovecot-sieve/default.sieve', - creates => '/var/lib/dovecot-sieve/default.svbin', - require => File['/var/lib/dovecot-sieve/default.sieve']; + command => "sievec ${sieve_location}/default.sieve", + creates => "${sieve_location}/default.svbin", + require => File["${sieve_location}/default.sieve"]; 'compile_global_sieve': - command => 'sievec /var/lib/dovecot-sieve/global/', + command => "sievec ${sieve_location}/global/", refreshonly => true; } } -- cgit v1.2.3 From 995024443bf3cefce51aeb23996a97e8809f8873 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 12 Oct 2011 15:47:17 -0400 Subject: change munin graph to be reasonable for dovecot2 the previous way of doing graphs did some calculations that were way off when logrotation happened --- files/munin/dovecot | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/files/munin/dovecot b/files/munin/dovecot index 64ac93f..86feb4b 100644 --- a/files/munin/dovecot +++ b/files/munin/dovecot @@ -80,14 +80,9 @@ echo -n ###################### # Connected Users ###################### -DISCONNECTS=$(egrep 'dovecot.*Disconnected' $LOGFILE | sort | wc -l) -CONNECTS=$(egrep 'dovecot.*Login' $LOGFILE | sort | wc -l) -DISCON=$($EXPR_BIN $CONNECTS - $DISCONNECTS) -if [ $DISCON -lt 0 ]; then - DISCON=0 -fi +CONNECTS=$(doveadm -f flow who -1 |wc -l) /bin/echo -en "connected.value " -echo $DISCON +echo $CONNECTS echo -n ###################### # TLS Logins -- cgit v1.2.3 From cce86c92d658896e622c9b142e6e4eab3e4cbd99 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 13 Oct 2011 14:33:16 -0400 Subject: dovecot logs should be owned by group dovecot --- manifests/logrotate.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/logrotate.pp b/manifests/logrotate.pp index 1457eb1..6900d79 100644 --- a/manifests/logrotate.pp +++ b/manifests/logrotate.pp @@ -7,7 +7,7 @@ class dovecot::logrotate { context => "/files/etc/logrotate.d/dovecot/rule", changes => [ 'set file /var/log/dovecot/*.log', 'set rotate 3', 'set schedule weekly', 'set compress compress', 'set sharedscripts sharedscripts', - 'set create/mode 0660', 'set create/owner root', 'set create/group mail', + 'set create/mode 0660', 'set create/owner root', 'set create/group dovecot', 'set postrotate "/bin/kill -USR1 `cat /var/run/dovecot/master.pid 2>/dev/null` 2> /dev/null || true"' ], } } -- cgit v1.2.3 From 2e489146cecbe9fdb5f84fb433c0e8b85c9a706c Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 20 Oct 2011 11:07:38 -0400 Subject: the weekly rotation for the dovecot logs results in log files that are too large for munin to parse fast enough to produce results before timeouts, so switching the rotation to be daily --- manifests/logrotate.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/logrotate.pp b/manifests/logrotate.pp index 6900d79..4862824 100644 --- a/manifests/logrotate.pp +++ b/manifests/logrotate.pp @@ -5,7 +5,7 @@ class dovecot::logrotate { augeas { "logrotate_dovecot": context => "/files/etc/logrotate.d/dovecot/rule", - changes => [ 'set file /var/log/dovecot/*.log', 'set rotate 3', 'set schedule weekly', + changes => [ 'set file /var/log/dovecot/*.log', 'set rotate 3', 'set schedule daily', 'set compress compress', 'set sharedscripts sharedscripts', 'set create/mode 0660', 'set create/owner root', 'set create/group dovecot', 'set postrotate "/bin/kill -USR1 `cat /var/run/dovecot/master.pid 2>/dev/null` 2> /dev/null || true"' ], -- cgit v1.2.3 From 9a7d3591d4e39e5be5d8612ab519252583f35314 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 10 Nov 2011 13:51:01 -0500 Subject: add the dovecot-dict-sql.conf to the dovecot::sql class --- manifests/sql.pp | 12 ++++++++++++ manifests/sql/mysql.pp | 2 +- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/manifests/sql.pp b/manifests/sql.pp index 528fd94..67b906e 100644 --- a/manifests/sql.pp +++ b/manifests/sql.pp @@ -11,6 +11,17 @@ class dovecot::sql { owner => root, group => 0, mode => 0600; } + file { '/etc/dovecot-dict-sql.conf': + source => [ "puppet:///modules/site-dovecot/sql/${fqdn}/dovecot-dict-sql.conf", + "puppet:///modules/site-dovecot/sql/${dovecot::type}/dovecot-dict-sql.conf", + "puppet:///modules/site-dovecot/sql/dovecot-dict-sql.conf", + "puppet:///modules/site/sql/${operatingsystem}/dovecot-dict-sql.conf", + "puppet:///modules/site/sql/dovecot-dict-sql.conf" ], + require => Package['dovecot'], + notify => Service['dovecot'], + owner => root, group => 0, mode => 0600; + } + if $dovecot::mysql { include ::dovecot::sql::mysql } @@ -23,5 +34,6 @@ class dovecot::sql { if $operatingsystem == 'Debian' { File['/etc/dovecot-sql.conf'] { path => '/etc/dovecot/dovecot-sql.conf' } + File['/etc/dovecot-dict-sql.conf'] { path => '/etc/dovecot/dovecot-dict-sql.conf' } } } diff --git a/manifests/sql/mysql.pp b/manifests/sql/mysql.pp index f4c1a4a..56cbb13 100644 --- a/manifests/sql/mysql.pp +++ b/manifests/sql/mysql.pp @@ -3,7 +3,7 @@ class dovecot::sql::mysql { if $version == 2 { package { 'dovecot-mysql': ensure => installed, - before => File['/etc/dovecot-sql.conf'], + before => [ File['/etc/dovecot-sql.conf'], File['/etc/dovecot-dict-sql.conf'] ]; } } } -- cgit v1.2.3 From cab934f909690ce57e222a2ed5d6a53c74679191 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 10 Nov 2011 13:51:55 -0500 Subject: add dovecot::config::file to be able to handle the different /etc/dovecot/conf.d files (similar to nginx/apache module) --- manifests/base.pp | 19 ++++++++++----- manifests/config/file.pp | 60 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 73 insertions(+), 6 deletions(-) create mode 100644 manifests/config/file.pp diff --git a/manifests/base.pp b/manifests/base.pp index e275a99..949935e 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -1,10 +1,5 @@ class dovecot::base { - - package { 'dovecot': - alias => 'dovecot', - ensure => installed, - } - + file { '/etc/dovecot.conf': source => [ "puppet:///modules/site-dovecot/config/${fqdn}/dovecot.conf", "puppet:///modules/site-dovecot/config/${dovecot::type}/dovecot.conf", @@ -15,6 +10,13 @@ class dovecot::base { notify => Service['dovecot'], owner => root, group => mail, mode => 0640; } + + file { 'config_dir': + path => '/etc/dovecot/conf.d', + ensure => directory, + require => Package['dovecot'], + owner => dovecot, group => 0, mode => 0755; + } file { '/var/log/dovecot': @@ -29,6 +31,11 @@ class dovecot::base { before => Service['dovecot'], owner => root, group => dovecot, mode => 0660; } + + package { 'dovecot': + alias => 'dovecot', + ensure => installed, + } include dovecot::logrotate diff --git a/manifests/config/file.pp b/manifests/config/file.pp new file mode 100644 index 0000000..78e6a28 --- /dev/null +++ b/manifests/config/file.pp @@ -0,0 +1,60 @@ +define dovecot::config::file ( + $ensure = present, + $source = 'absent', + $content = 'absent', + $destination = 'absent' +) + { + + # the default destination is 'absent', so if the user doesn't specify a + # destination, then we use the following defaults. If different systems + # implement different locations, we can trigger here off of operatingsystem + # and change the 'config_dir' path in base.pp to just be /etc/dovecot + $real_destination = $destination ? { + 'absent' => "${config_dir}/${name}", + default => $destination + } + + # the $name variable is set to dovecot_${name}, but the actual filename will + # be set to $name + file { "dovecot_${name}": + ensure => $ensure, + path => $real_destination, + notify => Service[dovecot], + owner => root, group => 0, mode => 0640; + } + + # the $content variable is 'absent' by default, so if the user doesn't + # specify anything for $content, then the following will be used, searching + # from the first source line until a file is found that matches. We use the + # standard search prioritizing the site-dovecot module first + case $content { + 'absent': { + $real_source = $source ? { + 'absent' => [ + "puppet:///modules/site-dovecot/config/${fqdn}/${name}", + "puppet:///modules/site-dovecot/config/${operatingsystem}/${lsbdistcodename}/${name}", + "puppet:///modules/site-dovecot/config/${operatingsystem}/${name}", + "puppet:///modules/site-dovecot/config/${name}", + "puppet:///modules/dovecot/config/${operatingsystem}/${lsbdistcodename}/${name}", + "puppet:///modules/dovecot/config/${operatingsystem}/${name}", + "puppet:///modules/dovecot/config/${name}" + ], + default => "puppet:///${source}", + } + File["dovecot_${name}"]{ + source => $real_source, + } + } + default: { + File["dovecot_${name}"]{ + content => $content, + } + } + } + File["dovecot_${name}"]{ + require => Package[dovecot], + } + } + + -- cgit v1.2.3 From 409a842102e662aa2d80903c6643fd6ba7581c7e Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Fri, 11 Nov 2011 11:25:25 -0500 Subject: fix syntax error --- manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index de8259c..2ed1765 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -8,7 +8,7 @@ class dovecot( 'pop3-hostname' => $fqdn, }, $munin_checks = true, - $manage_shorewall = true + $manage_shorewall = true, $version = 2 ){ case $operatingsystem { -- cgit v1.2.3 From 069fcab0555667c87e5b9b055dd17116c0703ce2 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Fri, 11 Nov 2011 11:28:12 -0500 Subject: fix invalid include (puppet complains that it is an invalid tag) --- manifests/expire/sqlite.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/expire/sqlite.pp b/manifests/expire/sqlite.pp index a3c4a7d..b1724e1 100644 --- a/manifests/expire/sqlite.pp +++ b/manifests/expire/sqlite.pp @@ -1,6 +1,6 @@ class dovecot::expire::sqlite { - include ::sqlite + include dovecot::sql::sqlite file { '/var/lib/dovecot/expire.db': -- cgit v1.2.3 From 1b90c659513b4bee5bcdfd43114c1ee774c5677b Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Fri, 11 Nov 2011 12:03:04 -0500 Subject: remove the include ::dovecot from expire.pp, this keeps parameterized classes from working --- manifests/expire.pp | 2 -- 1 file changed, 2 deletions(-) diff --git a/manifests/expire.pp b/manifests/expire.pp index e5679f4..c0cf8b9 100644 --- a/manifests/expire.pp +++ b/manifests/expire.pp @@ -1,7 +1,5 @@ class dovecot::expire ( $type = 'sqlite', $mail_location = '', $dirs = '', $days = '' ) { - include ::dovecot - file { '/etc/cron.daily/dovecot-expire': owner => root, group => 0, mode => 0755; } -- cgit v1.2.3 From 4694e77991dadf1bcc54fd9ff5b7651fcc6fc87d Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Sun, 13 Nov 2011 12:23:45 -0500 Subject: set a default destination --- manifests/config/file.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/config/file.pp b/manifests/config/file.pp index 78e6a28..fe93500 100644 --- a/manifests/config/file.pp +++ b/manifests/config/file.pp @@ -11,7 +11,7 @@ define dovecot::config::file ( # implement different locations, we can trigger here off of operatingsystem # and change the 'config_dir' path in base.pp to just be /etc/dovecot $real_destination = $destination ? { - 'absent' => "${config_dir}/${name}", + 'absent' => "/etc/dovecot/conf.d/${name}", default => $destination } -- cgit v1.2.3 From 5226583c8c6ecd74d0621b2b61e56ab9f98bcb6c Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Mon, 14 Nov 2011 11:42:58 -0500 Subject: allow for overriding the owner/group/mode of dovecot config files In some cases, the default permissions will not work. For example, if you are using postfix's pipe to send things through dovecot's LDA with sieve for filtering, you will get this: dovecot-lda: Permission denied doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 17: Couldn't open include file /etc/dovecot/conf.d/90-sieve.conf: Permission denied that is because, by default, the process runs as user 'mail' --- manifests/config/file.pp | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/manifests/config/file.pp b/manifests/config/file.pp index fe93500..39c6cc3 100644 --- a/manifests/config/file.pp +++ b/manifests/config/file.pp @@ -2,7 +2,10 @@ define dovecot::config::file ( $ensure = present, $source = 'absent', $content = 'absent', - $destination = 'absent' + $destination = 'absent', + $mode = 'absent', + $owner = 'absent', + $group = 'absent' ) { @@ -15,13 +18,28 @@ define dovecot::config::file ( default => $destination } + $real_mode = $mode ? { + 'absent' => 0640, + default => $mode + } + + $real_owner = $owner ? { + 'absent' => root, + default => $owner + } + + $real_group = $group ? { + 'absent' => 0, + default => $group + } + # the $name variable is set to dovecot_${name}, but the actual filename will # be set to $name file { "dovecot_${name}": ensure => $ensure, path => $real_destination, notify => Service[dovecot], - owner => root, group => 0, mode => 0640; + owner => $real_owner, group => $real_group, mode => $real_mode; } # the $content variable is 'absent' by default, so if the user doesn't -- cgit v1.2.3 From 292f4973548cfee1786b29c5376b9abd1f3cc213 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Sat, 14 Jan 2012 12:38:50 -0500 Subject: add capability to sieve for sequential before/after scripts and ship some default ones --- files/sieve/after.sieve | 5 +++++ files/sieve/before.sieve | 1 + manifests/sieve.pp | 30 ++++++++++++++++++++++++++++++ 3 files changed, 36 insertions(+) create mode 100644 files/sieve/after.sieve create mode 100644 files/sieve/before.sieve diff --git a/files/sieve/after.sieve b/files/sieve/after.sieve new file mode 100644 index 0000000..610d0d1 --- /dev/null +++ b/files/sieve/after.sieve @@ -0,0 +1,5 @@ +# for sequential sieve scripts, this one is the after_sieve +# keep is implicit, but it seems that only explicit fileinto actions +# are logged and not the implicit keep action, so we specify it explicitly +fileinto "INBOX"; +stop; diff --git a/files/sieve/before.sieve b/files/sieve/before.sieve new file mode 100644 index 0000000..4884529 --- /dev/null +++ b/files/sieve/before.sieve @@ -0,0 +1 @@ +# for sequential sieve scripts, this one is the before_sieve diff --git a/manifests/sieve.pp b/manifests/sieve.pp index aa7fc3a..f052020 100644 --- a/manifests/sieve.pp +++ b/manifests/sieve.pp @@ -32,6 +32,26 @@ class dovecot::sieve { "puppet:///modules/dovecot/sieve/default.sieve" ], notify => Exec['compile_default_sieve'], owner => root, group => root, mode => 0644; + + # this is for sequential sieve scripts, configured in 90-sieve.conf as: + # sieve_before = /var/lib/dovecot/sieve/default.sieve + "${sieve_location}/before.sieve": + source => [ "puppet:///modules/site-dovecot/sieve/${fqdn}/before.sieve", + "puppet:///modules/site-dovecot/sieve/before.sieve", + "puppet:///modules/dovecot/sieve/${operatingsystem}/before.sieve", + "puppet:///modules/dovecot/sieve/before.sieve" ], + notify => Exec['compile_before_sieve'], + owner => root, group => root, mode => 0644; + + # this is for sequential sieve scripts, configured in 90-sieve.conf as: + # sieve_after = /var/lib/dovecot/sieve/after.sieve + "${sieve_location}/after.sieve": + source => [ "puppet:///modules/site-dovecot/sieve/${fqdn}/after.sieve", + "puppet:///modules/site-dovecot/sieve/after.sieve", + "puppet:///modules/dovecot/sieve/${operatingsystem}/after.sieve", + "puppet:///modules/dovecot/sieve/after.sieve" ], + notify => Exec['compile_after_sieve'], + owner => root, group => root, mode => 0644; } exec { @@ -40,6 +60,16 @@ class dovecot::sieve { creates => "${sieve_location}/default.svbin", require => File["${sieve_location}/default.sieve"]; + 'compile_before_sieve': + command => "sievec ${sieve_location}/before.sieve", + creates => "${sieve_location}/before.svbin", + require => File["${sieve_location}/before.sieve"]; + + 'compile_after_sieve': + command => "sievec ${sieve_location}/after.sieve", + creates => "${sieve_location}/after.svbin", + require => File["${sieve_location}/after.sieve"]; + 'compile_global_sieve': command => "sievec ${sieve_location}/global/", refreshonly => true; -- cgit v1.2.3 From cd7d5712f043e9fcb135e34a77d8d8bec4838b38 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Sat, 14 Jan 2012 18:09:53 -0500 Subject: set the sieve directory permissions to allow for the mail user to perform actions --- manifests/sieve.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/sieve.pp b/manifests/sieve.pp index f052020..a90a50c 100644 --- a/manifests/sieve.pp +++ b/manifests/sieve.pp @@ -15,7 +15,7 @@ class dovecot::sieve { file { $sieve_location: ensure => directory, - owner => root, group => 0, mode => 0644; + owner => root, group => mail, mode => 0775; "${sieve_location}/global": ensure => directory, -- cgit v1.2.3 From dca386b40c22892245e0a8b9b6ab4853fca1412a Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 27 Jun 2012 12:18:10 -0400 Subject: switch to 2.7 requirement of underscores instead of hyphens --- manifests/base.pp | 6 +++--- manifests/centos.pp | 6 +++--- manifests/config/file.pp | 10 +++++----- manifests/expire.pp | 4 ++-- manifests/expire/mysql.pp | 4 ++-- manifests/quota.pp | 2 +- manifests/sieve.pp | 12 ++++++------ manifests/sql.pp | 12 ++++++------ 8 files changed, 28 insertions(+), 28 deletions(-) diff --git a/manifests/base.pp b/manifests/base.pp index 949935e..455e286 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -1,9 +1,9 @@ class dovecot::base { file { '/etc/dovecot.conf': - source => [ "puppet:///modules/site-dovecot/config/${fqdn}/dovecot.conf", - "puppet:///modules/site-dovecot/config/${dovecot::type}/dovecot.conf", - "puppet:///modules/site-dovecot/config/dovecot.conf", + source => [ "puppet:///modules/site_dovecot/config/${fqdn}/dovecot.conf", + "puppet:///modules/site_dovecot/config/${dovecot::type}/dovecot.conf", + "puppet:///modules/site_dovecot/config/dovecot.conf", "puppet:///modules/dovecot/config/${operatingsystem}/dovecot.conf", "puppet:///modules/dovecot/config/dovecot.conf" ], require => Package['dovecot'], diff --git a/manifests/centos.pp b/manifests/centos.pp index 22caab3..43c4f00 100644 --- a/manifests/centos.pp +++ b/manifests/centos.pp @@ -1,9 +1,9 @@ class dovecot::centos inherits dovecot::base { file { '/etc/sysconfig/dovecot': - source => [ "puppet:///modules/site-dovecot/sysconfig/${fqdn}/dovecot", - "puppet:///modules/site-dovecot/sysconfig/${dovecot::type}/dovecot", - "puppet:///modules/site-dovecot/sysconfig/dovecot", + source => [ "puppet:///modules/site_dovecot/sysconfig/${fqdn}/dovecot", + "puppet:///modules/site_dovecot/sysconfig/${dovecot::type}/dovecot", + "puppet:///modules/site_dovecot/sysconfig/dovecot", "puppet:///modules/dovecot/sysconfig/dovecot" ], require => Package['dovecot'], notify => Service['dovecot'], diff --git a/manifests/config/file.pp b/manifests/config/file.pp index 39c6cc3..0fe777f 100644 --- a/manifests/config/file.pp +++ b/manifests/config/file.pp @@ -45,15 +45,15 @@ define dovecot::config::file ( # the $content variable is 'absent' by default, so if the user doesn't # specify anything for $content, then the following will be used, searching # from the first source line until a file is found that matches. We use the - # standard search prioritizing the site-dovecot module first + # standard search prioritizing the site_dovecot module first case $content { 'absent': { $real_source = $source ? { 'absent' => [ - "puppet:///modules/site-dovecot/config/${fqdn}/${name}", - "puppet:///modules/site-dovecot/config/${operatingsystem}/${lsbdistcodename}/${name}", - "puppet:///modules/site-dovecot/config/${operatingsystem}/${name}", - "puppet:///modules/site-dovecot/config/${name}", + "puppet:///modules/site_dovecot/config/${fqdn}/${name}", + "puppet:///modules/site_dovecot/config/${operatingsystem}/${lsbdistcodename}/${name}", + "puppet:///modules/site_dovecot/config/${operatingsystem}/${name}", + "puppet:///modules/site_dovecot/config/${name}", "puppet:///modules/dovecot/config/${operatingsystem}/${lsbdistcodename}/${name}", "puppet:///modules/dovecot/config/${operatingsystem}/${name}", "puppet:///modules/dovecot/config/${name}" diff --git a/manifests/expire.pp b/manifests/expire.pp index c0cf8b9..bd1a043 100644 --- a/manifests/expire.pp +++ b/manifests/expire.pp @@ -50,8 +50,8 @@ class dovecot::expire ( $type = 'sqlite', $mail_location = '', $dirs = '', $days if $type != 'legacy' and $type != 'mysql' and $version != 2 { file{'/etc/dovecot-expire.conf': - source => [ "puppet:///modules/site-dovecot/expire/${fqdn}/dovecot-expire.conf", - "puppet:///modules/site-dovecot/expire/dovecot-expire.conf", + source => [ "puppet:///modules/site_dovecot/expire/${fqdn}/dovecot-expire.conf", + "puppet:///modules/site_dovecot/expire/dovecot-expire.conf", "puppet:///modules/dovecot/expire/${operatingsystem}/dovecot-expire.conf", "puppet:///modules/dovecot/expire/dovecot-expire.conf" ], require => Package['dovecot'], diff --git a/manifests/expire/mysql.pp b/manifests/expire/mysql.pp index aa9d1bd..5256d60 100644 --- a/manifests/expire/mysql.pp +++ b/manifests/expire/mysql.pp @@ -1,8 +1,8 @@ class dovecot::expire::mysql { file { 'dovecot-dict-expire.conf': - source => [ "puppet:///modules/site-dovecot/expire/${fqdn}/mysql-dict-expire.conf", - "puppet:///modules/site-dovecot/expire/mysql-dict-expire.conf", + source => [ "puppet:///modules/site_dovecot/expire/${fqdn}/mysql-dict-expire.conf", + "puppet:///modules/site_dovecot/expire/mysql-dict-expire.conf", "puppet:///modules/dovecot/expire/${operatingsystem}/mysql-dict-expire.conf", "puppet:///modules/dovecot/expire/mysql-dict-expire.conf" ], path => $operatingsystem ? { diff --git a/manifests/quota.pp b/manifests/quota.pp index a36fac0..6bd1ea0 100644 --- a/manifests/quota.pp +++ b/manifests/quota.pp @@ -1,7 +1,7 @@ class dovecot::quota { file { '/usr/libexec/dovecot/quota-warning.sh': - source => [ "puppet:///modules/site-dovecot/quota/quota-warning.sh", + source => [ "puppet:///modules/site_dovecot/quota/quota-warning.sh", "puppet:///modules/dovecot/quota/quota-warning.sh" ], require => Package['dovecot'], before => Service['dovecot'], diff --git a/manifests/sieve.pp b/manifests/sieve.pp index a90a50c..740328a 100644 --- a/manifests/sieve.pp +++ b/manifests/sieve.pp @@ -26,8 +26,8 @@ class dovecot::sieve { owner => root, group => root, mode => 0644; "${sieve_location}/default.sieve": - source => [ "puppet:///modules/site-dovecot/sieve/${fqdn}/default.sieve", - "puppet:///modules/site-dovecot/sieve/default.sieve", + source => [ "puppet:///modules/site_dovecot/sieve/${fqdn}/default.sieve", + "puppet:///modules/site_dovecot/sieve/default.sieve", "puppet:///modules/dovecot/sieve/${operatingsystem}/default.sieve", "puppet:///modules/dovecot/sieve/default.sieve" ], notify => Exec['compile_default_sieve'], @@ -36,8 +36,8 @@ class dovecot::sieve { # this is for sequential sieve scripts, configured in 90-sieve.conf as: # sieve_before = /var/lib/dovecot/sieve/default.sieve "${sieve_location}/before.sieve": - source => [ "puppet:///modules/site-dovecot/sieve/${fqdn}/before.sieve", - "puppet:///modules/site-dovecot/sieve/before.sieve", + source => [ "puppet:///modules/site_dovecot/sieve/${fqdn}/before.sieve", + "puppet:///modules/site_dovecot/sieve/before.sieve", "puppet:///modules/dovecot/sieve/${operatingsystem}/before.sieve", "puppet:///modules/dovecot/sieve/before.sieve" ], notify => Exec['compile_before_sieve'], @@ -46,8 +46,8 @@ class dovecot::sieve { # this is for sequential sieve scripts, configured in 90-sieve.conf as: # sieve_after = /var/lib/dovecot/sieve/after.sieve "${sieve_location}/after.sieve": - source => [ "puppet:///modules/site-dovecot/sieve/${fqdn}/after.sieve", - "puppet:///modules/site-dovecot/sieve/after.sieve", + source => [ "puppet:///modules/site_dovecot/sieve/${fqdn}/after.sieve", + "puppet:///modules/site_dovecot/sieve/after.sieve", "puppet:///modules/dovecot/sieve/${operatingsystem}/after.sieve", "puppet:///modules/dovecot/sieve/after.sieve" ], notify => Exec['compile_after_sieve'], diff --git a/manifests/sql.pp b/manifests/sql.pp index 67b906e..3b2799c 100644 --- a/manifests/sql.pp +++ b/manifests/sql.pp @@ -1,9 +1,9 @@ class dovecot::sql { file { '/etc/dovecot-sql.conf': - source => [ "puppet:///modules/site-dovecot/sql/${fqdn}/dovecot-sql.conf", - "puppet:///modules/site-dovecot/sql/${dovecot::type}/dovecot-sql.conf", - "puppet:///modules/site-dovecot/sql/dovecot-sql.conf", + source => [ "puppet:///modules/site_dovecot/sql/${fqdn}/dovecot-sql.conf", + "puppet:///modules/site_dovecot/sql/${dovecot::type}/dovecot-sql.conf", + "puppet:///modules/site_dovecot/sql/dovecot-sql.conf", "puppet:///modules/site/sql/${operatingsystem}/dovecot-sql.conf", "puppet:///modules/site/sql/dovecot-sql.conf" ], require => Package['dovecot'], @@ -12,9 +12,9 @@ class dovecot::sql { } file { '/etc/dovecot-dict-sql.conf': - source => [ "puppet:///modules/site-dovecot/sql/${fqdn}/dovecot-dict-sql.conf", - "puppet:///modules/site-dovecot/sql/${dovecot::type}/dovecot-dict-sql.conf", - "puppet:///modules/site-dovecot/sql/dovecot-dict-sql.conf", + source => [ "puppet:///modules/site_dovecot/sql/${fqdn}/dovecot-dict-sql.conf", + "puppet:///modules/site_dovecot/sql/${dovecot::type}/dovecot-dict-sql.conf", + "puppet:///modules/site_dovecot/sql/dovecot-dict-sql.conf", "puppet:///modules/site/sql/${operatingsystem}/dovecot-dict-sql.conf", "puppet:///modules/site/sql/dovecot-dict-sql.conf" ], require => Package['dovecot'], -- cgit v1.2.3 From 9e3327c05f4cba6ea6d95b627599cbb61154dfd3 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Mon, 7 Oct 2013 12:39:16 -0400 Subject: fix logrotation for newer logrotate: With the old permissions, it wouldn't rotate because of: error: skipping "/var/log/dovecot/dovecot.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. So we fix the /var/log/dovecot permissions, and change the owner of the log files to dovecot --- manifests/base.pp | 2 +- manifests/logrotate.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/base.pp b/manifests/base.pp index 455e286..6960c8a 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -23,7 +23,7 @@ class dovecot::base { ensure => directory, require => Package['dovecot'], before => Service['dovecot'], - owner => dovecot, group => dovecot, mode => 0660; + owner => dovecot, group => dovecot, mode => 0750; [ '/var/log/dovecot/error.log', '/var/log/dovecot/dovecot.log' ]: diff --git a/manifests/logrotate.pp b/manifests/logrotate.pp index 4862824..c86f0f0 100644 --- a/manifests/logrotate.pp +++ b/manifests/logrotate.pp @@ -7,7 +7,7 @@ class dovecot::logrotate { context => "/files/etc/logrotate.d/dovecot/rule", changes => [ 'set file /var/log/dovecot/*.log', 'set rotate 3', 'set schedule daily', 'set compress compress', 'set sharedscripts sharedscripts', - 'set create/mode 0660', 'set create/owner root', 'set create/group dovecot', + 'set create/mode 0660', 'set create/owner dovecot', 'set create/group dovecot', 'set postrotate "/bin/kill -USR1 `cat /var/run/dovecot/master.pid 2>/dev/null` 2> /dev/null || true"' ], } } -- cgit v1.2.3 From 0c57b954d1b33da8d6b44bb45db0dd71dd929ee5 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Mon, 9 Dec 2013 19:52:46 -0500 Subject: some linting, and make the 'config_dir' name be more specifically 'dovecot_config_dir' to not be greedy in the namespace --- manifests/base.pp | 48 ++++++++++-------- manifests/config/file.pp | 126 +++++++++++++++++++++++------------------------ 2 files changed, 90 insertions(+), 84 deletions(-) diff --git a/manifests/base.pp b/manifests/base.pp index 6960c8a..7eff064 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -1,40 +1,48 @@ class dovecot::base { - + file { '/etc/dovecot.conf': - source => [ "puppet:///modules/site_dovecot/config/${fqdn}/dovecot.conf", - "puppet:///modules/site_dovecot/config/${dovecot::type}/dovecot.conf", - "puppet:///modules/site_dovecot/config/dovecot.conf", - "puppet:///modules/dovecot/config/${operatingsystem}/dovecot.conf", - "puppet:///modules/dovecot/config/dovecot.conf" ], + source => [ "puppet:///modules/site_dovecot/config/${::fqdn}/dovecot.conf", + "puppet:///modules/site_dovecot/config/${::dovecot::type}/dovecot.conf", + 'puppet:///modules/site_dovecot/config/dovecot.conf', + "puppet:///modules/dovecot/config/${::operatingsystem}/dovecot.conf", + 'puppet:///modules/dovecot/config/dovecot.conf' ], require => Package['dovecot'], - notify => Service['dovecot'], - owner => root, group => mail, mode => 0640; + notify => Service['dovecot'], + owner => root, + group => mail, + mode => '0640'; } - - file { 'config_dir': - path => '/etc/dovecot/conf.d', - ensure => directory, + + file { 'dovecot_config_dir': + ensure => directory, + path => '/etc/dovecot/conf.d', require => Package['dovecot'], - owner => dovecot, group => 0, mode => 0755; + owner => dovecot, + group => 0, + mode => '0755'; } file { '/var/log/dovecot': - ensure => directory, + ensure => directory, require => Package['dovecot'], - before => Service['dovecot'], - owner => dovecot, group => dovecot, mode => 0750; + before => Service['dovecot'], + owner => dovecot, + group => dovecot, + mode => '0750'; [ '/var/log/dovecot/error.log', '/var/log/dovecot/dovecot.log' ]: require => Package['dovecot'], - before => Service['dovecot'], - owner => root, group => dovecot, mode => 0660; + before => Service['dovecot'], + owner => root, + group => dovecot, + mode => '0660'; } - + package { 'dovecot': - alias => 'dovecot', ensure => installed, + alias => 'dovecot' } include dovecot::logrotate diff --git a/manifests/config/file.pp b/manifests/config/file.pp index 0fe777f..e6e93c3 100644 --- a/manifests/config/file.pp +++ b/manifests/config/file.pp @@ -7,72 +7,70 @@ define dovecot::config::file ( $owner = 'absent', $group = 'absent' ) - { +{ - # the default destination is 'absent', so if the user doesn't specify a - # destination, then we use the following defaults. If different systems - # implement different locations, we can trigger here off of operatingsystem - # and change the 'config_dir' path in base.pp to just be /etc/dovecot - $real_destination = $destination ? { - 'absent' => "/etc/dovecot/conf.d/${name}", - default => $destination - } + # the default destination is 'absent', so if the user doesn't specify a + # destination, then we use the following defaults. If different systems + # implement different locations, we can trigger here off of operatingsystem + # and change the 'dovecot_config_dir' path in base.pp to just be /etc/dovecot + $real_destination = $destination ? { + 'absent' => "/etc/dovecot/conf.d/${name}", + default => $destination + } - $real_mode = $mode ? { - 'absent' => 0640, - default => $mode - } + $real_mode = $mode ? { + 'absent' => 0640, + default => $mode + } - $real_owner = $owner ? { - 'absent' => root, - default => $owner - } + $real_owner = $owner ? { + 'absent' => root, + default => $owner + } - $real_group = $group ? { - 'absent' => 0, - default => $group - } - - # the $name variable is set to dovecot_${name}, but the actual filename will - # be set to $name - file { "dovecot_${name}": - ensure => $ensure, - path => $real_destination, - notify => Service[dovecot], - owner => $real_owner, group => $real_group, mode => $real_mode; - } + $real_group = $group ? { + 'absent' => 0, + default => $group + } - # the $content variable is 'absent' by default, so if the user doesn't - # specify anything for $content, then the following will be used, searching - # from the first source line until a file is found that matches. We use the - # standard search prioritizing the site_dovecot module first - case $content { - 'absent': { - $real_source = $source ? { - 'absent' => [ - "puppet:///modules/site_dovecot/config/${fqdn}/${name}", - "puppet:///modules/site_dovecot/config/${operatingsystem}/${lsbdistcodename}/${name}", - "puppet:///modules/site_dovecot/config/${operatingsystem}/${name}", - "puppet:///modules/site_dovecot/config/${name}", - "puppet:///modules/dovecot/config/${operatingsystem}/${lsbdistcodename}/${name}", - "puppet:///modules/dovecot/config/${operatingsystem}/${name}", - "puppet:///modules/dovecot/config/${name}" - ], - default => "puppet:///${source}", - } - File["dovecot_${name}"]{ - source => $real_source, - } - } - default: { - File["dovecot_${name}"]{ - content => $content, - } - } - } - File["dovecot_${name}"]{ - require => Package[dovecot], - } - } - - + # the $name variable is set to dovecot_${name}, but the actual filename will + # be set to $name + file { "dovecot_${name}": + ensure => $ensure, + path => $real_destination, + notify => Service[dovecot], + owner => $real_owner, group => $real_group, mode => $real_mode; + } + + # the $content variable is 'absent' by default, so if the user doesn't + # specify anything for $content, then the following will be used, searching + # from the first source line until a file is found that matches. We use the + # standard search prioritizing the site_dovecot module first + case $content { + 'absent': { + $real_source = $source ? { + 'absent' => [ + "puppet:///modules/site_dovecot/config/${fqdn}/${name}", + "puppet:///modules/site_dovecot/config/${operatingsystem}/${lsbdistcodename}/${name}", + "puppet:///modules/site_dovecot/config/${operatingsystem}/${name}", + "puppet:///modules/site_dovecot/config/${name}", + "puppet:///modules/dovecot/config/${operatingsystem}/${lsbdistcodename}/${name}", + "puppet:///modules/dovecot/config/${operatingsystem}/${name}", + "puppet:///modules/dovecot/config/${name}" + ], + default => "puppet:///${source}", + } + File["dovecot_${name}"]{ + source => $real_source, + } + } + default: { + File["dovecot_${name}"]{ + content => $content, + } + } + } + File["dovecot_${name}"]{ + require => Package[dovecot], + } +} -- cgit v1.2.3 From 34333c48ba5662228c37a70eb099ec9a5f96b5ac Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 23 Jan 2014 15:30:53 +0100 Subject: change mode for /etc/dovecot.conf from 0640 to 0644 we couldn't find another way to get around this error when postfix tries to deliver a mail via the dovecot relay: postfix/pipe[22438]: 5951215E04: to=<...>, orig_to=<...>, relay=dovecot, delay=0.02, delays=0.01/0/0/0.01, dsn=4.3.0, status=deferred (temporary failure. Command output: doveconf: Fatal: open(/etc/dovecot/dovecot.conf) failed: Permission denied ) the debian package ships this file also with mode 0644 so we think there's no security flaw with this change. --- manifests/base.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/base.pp b/manifests/base.pp index 7eff064..34728f3 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -10,7 +10,7 @@ class dovecot::base { notify => Service['dovecot'], owner => root, group => mail, - mode => '0640'; + mode => '0644'; } file { 'dovecot_config_dir': -- cgit v1.2.3