Skip to content
Snippets Groups Projects
Select Git revision
  • puppet5 protected
  • puppet5_acs
  • puppet5_bookworm
  • puppet5_bnbarnes
  • erp_rhl
  • puppet5_spinto
  • puppet5-aptrefactor
  • master default protected
  • release/005.012
  • release/latest
  • release/005.010
  • release/005.009
  • release/005.008
  • release/005.007
  • release/005.006
  • release/005.005
  • release/005.004
  • release/005.003
  • release/005.002
  • release/005.001
  • release/005.000
  • release/004.063
  • release/004.062
  • release/004.060
  • release/004.059
  • release/004.058
  • release/004.057
  • release/004.056
28 results
Blame Permalink
postfix.pp 2.83 KiB 
# Standard Postfix class for most systems.
#   class base::postfix: outgoing email server only
#   class base::postfix::server: incoming and outgoing email server

# Standard Postfix class for outgoing servers.  There is no daemon listening
# on SMTP port.  The outgoing mail will be masqueraded except root mail.
class base::postfix {
  package { 'postfix': ensure => present }

  # The core service.  The init script appears to support status on all the
  # operating systems we care about.  Define a custom reload action so that
  # we can just signal the service when we change configuration files
  # without stopping and restarting the daemons, since Postfix can re-read
  # all its configuration files with a reload.
  service { 'postfix':
    ensure    => running,
    enable    => true,
    hasstatus => true,
    restart   => '/usr/sbin/postfix reload',
    require   => [ File['/etc/postfix/main.cf'],
                   File['/etc/postfix/master.cf'],
                   Package['postfix'] ],
  }

  # Basic configuration files.
  file {
    '/etc/filter-syslog/postfix':
      source  => 'puppet:///modules/base/postfix/etc/filter-syslog/postfix';
    '/etc/postfix/main.cf':
      source  => $::lsbdistcodename ? {
        # rhel5 only fix for prng_exch
        'Tikanga' => 'puppet:///modules/base/postfix/etc/postfix/main.cf.tikanga',
        default   => 'puppet:///modules/base/postfix/etc/postfix/main.cf',
      },
      notify  => Service['postfix'],
      require => Package['postfix'];
    '/etc/postfix/master.cf':
      source  => "puppet:///modules/base/postfix/etc/postfix/master.cf.$::operatingsystem",
      notify  => Service['postfix'],
      require => Package['postfix'];
  }
  base::postfix::map {
    '/etc/postfix/recipients':
      ensure  => present;
    '/etc/postfix/senders':
      content => "root@stanford.edu root@${::hostname}\n";
    '/etc/postfix/transport':
      source  => 'puppet:///modules/base/postfix/etc/postfix/transport';
  }

  # We used to disable and stop sendmail here on Red Hat, but this doesn't
  # work if sendmail is not installed.  Since we'd rather not have sendmail
  # installed, just assume that people are doing this manually.
}

# Standard Postfix server configuration that allows both incoming and
# outgoing mail.  Override things selectively so that we accept mail from
# the network and deliver mail locally.
class base::postfix::server inherits base::postfix {
  File['/etc/postfix/master.cf'] {
    source => "puppet:///modules/base/postfix/etc/postfix/master-server.cf.${::operatingsystem}",
  }
  File['/etc/postfix/main.cf'] {
    source => 'puppet:///modules/base/postfix/etc/postfix/main-server.cf',
  }

  # Allow incoming mail from anywhere.
  base::iptables::rule { 'smtp':
    description => 'Allow incoming SMTP traffic from anywhere',
    protocol    => 'tcp',
    port        => [ 25, 465, 587 ],
  }
}