From 1416e38e265dada0599ba762ef9dfd522b359427 Mon Sep 17 00:00:00 2001
From: Adam Henry Lewenberg <adamhl@stanford.edu>
Date: Fri, 20 Apr 2018 08:55:40 -0700
Subject: [PATCH] postfix backwards compatibility change
---
NEWS | 5 +++
manifests/postfix.pp | 39 ++++++++++++++-----
.../postfix/etc/postfix/main.cf.erb | 6 +++
3 files changed, 41 insertions(+), 9 deletions(-)
rename files/postfix/etc/postfix/main.cf => templates/postfix/etc/postfix/main.cf.erb (73%)
diff --git a/NEWS b/NEWS
index 82ea39e..8f947c8 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,10 @@
unreleased (207x-xx-xx)
+ [postfix] Add the parameter "enable_postfix_compat2" to the
+ base::postfix class to add the backwards compatibility option to
+ main.cf. Defaults to true so the class acts the same as it ever
+ did. [adamhl]
+
[ssh] Remove the two options "RSAAuthentication" and
"RhostsRSAAuthentication" that have been deprecated and are only used
with SSH's protocol 1 (which we don't use anyway). See
diff --git a/manifests/postfix.pp b/manifests/postfix.pp
index 9944860..7e8cbb4 100644
--- a/manifests/postfix.pp
+++ b/manifests/postfix.pp
@@ -4,7 +4,17 @@
# Standard Postfix class for outgoing servers. There is no daemon listening
# on SMTP port. The outgoing mail will be masqueraded except root mail.
-class base::postfix {
+#
+# $enable_postfix_compat2: if true, will add the line
+#
+# compatibility_level = 2
+#
+# to /etc/postfix/main.cf. For more information, see
+# http://www.postfix.org/COMPATIBILITY_README.html#turnoff
+
+class base::postfix (
+ $enable_postfix_compat2 = true,
+) {
package { 'postfix': ensure => present }
# The core service. The init script appears to support status on all the
@@ -37,19 +47,30 @@ class base::postfix {
file {
'/etc/filter-syslog/postfix':
source => 'puppet:///modules/base/postfix/etc/filter-syslog/postfix';
- '/etc/postfix/main.cf':
- source => $::lsbdistcodename ? {
- # rhel5 only fix for prng_exch
- 'Tikanga' => 'puppet:///modules/base/postfix/etc/postfix/main.cf.tikanga',
- default => 'puppet:///modules/base/postfix/etc/postfix/main.cf',
- },
- notify => Service['postfix'],
- require => Package['postfix'];
'/etc/postfix/master.cf':
source => "puppet:///modules/base/postfix/etc/postfix/master.cf.$mastercfsuffix",
notify => Service['postfix'],
require => Package['postfix'];
}
+
+ # main.cf
+ case $::lsbdistcodename {
+ 'Tikanga': {
+ file { '/etc/postfix/main.cf':
+ source => 'puppet:///modules/base/postfix/etc/postfix/main.cf.tikanga',
+ notify => Service['postfix'],
+ require => Package['postfix'],
+ }
+ }
+ default: {
+ file { '/etc/postfix/main.cf':
+ content => template('base/postfix/etc/postfix/main.cf.erb'),
+ notify => Service['postfix'],
+ require => Package['postfix'],
+ }
+ }
+ }
+
base::postfix::map {
'/etc/postfix/recipients':
ensure => present;
diff --git a/files/postfix/etc/postfix/main.cf b/templates/postfix/etc/postfix/main.cf.erb
similarity index 73%
rename from files/postfix/etc/postfix/main.cf
rename to templates/postfix/etc/postfix/main.cf.erb
index a7a1228..cef0366 100644
--- a/files/postfix/etc/postfix/main.cf
+++ b/templates/postfix/etc/postfix/main.cf.erb
@@ -19,3 +19,9 @@ transport_maps = hash:/etc/postfix/transport
smtp_tls_loglevel = 1
smtp_use_tls = yes
smtp_tls_security_level = may
+
+<%- if (@enable_postfix_compat2) then -%>
+# Make postfix defaults act in the version 2 manner. Should add
+# appropriate defaults at some point so we can remove this directive.
+compatibility_level = 2
+<%- end -%>
--
GitLab