Skip to content
Snippets Groups Projects
Normal view Permalink
postfix.pp 2.83 KiB
Newer Older
Adam Lewenberg's avatar
master branch commit
Adam Lewenberg committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 
# Standard Postfix class for most systems.
#   class base::postfix: outgoing email server only
#   class base::postfix::server: incoming and outgoing email server

# Standard Postfix class for outgoing servers.  There is no daemon listening
# on SMTP port.  The outgoing mail will be masqueraded except root mail.
class base::postfix {
  package { 'postfix': ensure => present }

  # The core service.  The init script appears to support status on all the
  # operating systems we care about.  Define a custom reload action so that
  # we can just signal the service when we change configuration files
  # without stopping and restarting the daemons, since Postfix can re-read
  # all its configuration files with a reload.
  service { 'postfix':
    ensure    => running,
    enable    => true,
    hasstatus => true,
    restart   => '/usr/sbin/postfix reload',
    require   => [ File['/etc/postfix/main.cf'],
                   File['/etc/postfix/master.cf'],
                   Package['postfix'] ],
  }

  # Basic configuration files.
  file {
    '/etc/filter-syslog/postfix':
      source  => 'puppet:///modules/base/postfix/etc/filter-syslog/postfix';
    '/etc/postfix/main.cf':
      source  => $::lsbdistcodename ? {
        # rhel5 only fix for prng_exch
        'Tikanga' => 'puppet:///modules/base/postfix/etc/postfix/main.cf.tikanga',
        default   => 'puppet:///modules/base/postfix/etc/postfix/main.cf',
      },
      notify  => Service['postfix'],
      require => Package['postfix'];
    '/etc/postfix/master.cf':
      source  => "puppet:///modules/base/postfix/etc/postfix/master.cf.$::operatingsystem",
      notify  => Service['postfix'],
      require => Package['postfix'];
  }
  base::postfix::map {
    '/etc/postfix/recipients':
      ensure  => present;
    '/etc/postfix/senders':
      content => "root@stanford.edu root@${::hostname}\n";
    '/etc/postfix/transport':
      source  => 'puppet:///modules/base/postfix/etc/postfix/transport';
  }

  # We used to disable and stop sendmail here on Red Hat, but this doesn't
  # work if sendmail is not installed.  Since we'd rather not have sendmail
  # installed, just assume that people are doing this manually.
}

# Standard Postfix server configuration that allows both incoming and
# outgoing mail.  Override things selectively so that we accept mail from
# the network and deliver mail locally.
class base::postfix::server inherits base::postfix {
  File['/etc/postfix/master.cf'] {
    source => "puppet:///modules/base/postfix/etc/postfix/master-server.cf.${::operatingsystem}",
  }
  File['/etc/postfix/main.cf'] {
    source => 'puppet:///modules/base/postfix/etc/postfix/main-server.cf',
  }

  # Allow incoming mail from anywhere.
  base::iptables::rule { 'smtp':
    description => 'Allow incoming SMTP traffic from anywhere',
    protocol    => 'tcp',
    port        => [ 25, 465, 587 ],
  }
}