Puppet Class: postfix

Inherits:
postfix::params
Defined in:
manifests/init.pp

Summary

The top-level class, to install and configure Postfix

Overview

This class provides a basic setup of Postfix with local and remote delivery and an SMTP server listening on the loopback interface.

Examples:

Default Postfix with listen address

class { 'postfix':
  smtp_listen => '192.168.1.10',
}

Minimal MTA setup

# This class configures a minimal MTA, delivering mail to
# $mydestination. Either a valid relay host or the special
# word 'direct' is required ($relayhost) for outbound email.
#
# transport & virtual maps get configured and can be populated with
# postfix::transport and postfix::virtual
#
class { 'postfix':
  relayhost     => 'mail.example.com',
  smtp_listen   => '0.0.0.0',
  mydestination => '$myorigin, myapp.example.com',
  mta           => true,
}

Configure Postfix as satellite

# This configures all local email (cron, mdadm, etc) to be forwarded
# to $root_mail_recipient, using $relayhost as a relay.
#
# This will call postfix::mta and override its parameters.
# You shouldn't call postfix::mta yourself or use mta=true in the postfix class.
class { 'postfix':
  relayhost           => 'mail.example.com',
  myorigin            => 'toto.example.com',
  root_mail_recipient => 'the.sysadmin@example.com',
  satellite           => true,
}

Parameters:

  • alias_maps (String) (defaults to: 'hash:/etc/aliases')

    A string defining the location of the alias map file. Example: ‘hash:/etc/other_aliases`

  • amavis_procs (Integer) (defaults to: 2)

    Number of amavis scanner processes to spawn

  • chroot (Optional[Boolean]) (defaults to: undef)

    A boolean to define if Postfix should be run in a chroot jail or not. If not defined, ‘-’ is used (OS dependant) Example: ‘true`

  • confdir (Stdlib::Absolutepath) (defaults to: '/etc/postfix')

    The base path which should be used as confdir

  • conffiles (Hash) (defaults to: {})

    A hash of postfix::conffile resources

  • configs (Hash) (defaults to: {})

    A hash of postfix::config resources. The hash containing optional configuration values for main.cf. The values are configured using postfix::config. Example: ‘{‘value’: ‘51200000’}‘

  • hashes (Hash) (defaults to: {})

    A hash of postfix::hash resources

  • inet_interfaces (String) (defaults to: 'all')

    A string defining the network interfaces that Postfix will listen on. Example: ‘127.0.0.1, [::1]`

  • inet_protocols (String) (defaults to: 'all')

    A string defining the internet protocols that Postfix will use. Example: ‘ipv4`

  • ldap (Boolean) (defaults to: false)

    A Boolean defining whether to configure Postfix for LDAP use.

  • ldap_base (Optional[String]) (defaults to: undef)

    A string defining the LDAP search base to use. This parameter maps to the search_base parameter (ldap_table(5)). Example: ‘cn=Users,dc=example,dc=com`

  • ldap_host (Optional[String]) (defaults to: undef)

    A string defining the LDAP host. This parameter maps to the server_host parameter (ldap_table(5)). Example: ‘ldaps://ldap.example.com:636 ldap://ldap2.example.com`.

  • ldap_options (Optional[String]) (defaults to: undef)

    A free form string that can define any LDAP options to be passed through (ldap_table(5)). Example: ‘start_tls = yes`.

  • ldap_packages (Array[String[1]]) (defaults to: [])

    An array of package names to install for LDAP support if $ldap is true.

  • lookup_table_type (String) (defaults to: 'hash')

    Table format type as described in www.postfix.org/DATABASE_README.html#types. Type has to be supported by system, see “postconf -m” for supported types.

  • mailaliases (Hash) (defaults to: {})

    A hash of postfix::mailalias resources. The hash containing optional configuration values for main.cf. The values are configured using postfix::mailalias. Example: ‘{‘ensure’: ‘present’, ‘recipient’: ‘root’}‘

  • mail_user (String) (defaults to: 'vmail')

    A string defining the mail user, and optionally group, to execute external commands as. This parameter maps to the user parameter (pipe(8)). Example: ‘vmail:vmail`.

  • mailman (Boolean) (defaults to: false)

    A Boolean defining whether to configure a basic smtp server that is able to work for the mailman mailing list manager.

  • mailx_ensure (String) (defaults to: 'present')

    Installs mailx package

  • maincf_source (String) (defaults to: "puppet:///modules/${module_name}/main.cf")

    A string defining the location of a skeleton main.cf file to be used. The default file supplied is blank. However, if the main.cf file already exists on the system the contents will NOT be replaced by the contents from maincf_source. Example: ‘puppet:///modules/some/other/location/main.cf`.

  • manage_aliases (Boolean) (defaults to: true)

    Manage /etc/aliases file

  • manage_conffiles (Boolean) (defaults to: true)

    A Boolean defining whether the puppet module should replace the configuration files for postfix. This setting currently effects only the following files:

    • /etc/mailname

    • /etc/postfix/master.cf

    This setting does NOT effect the following files:

    • /etc/aliases

    • /etc/postfix/main.cf

  • manage_mailname (Boolean) (defaults to: true)

    A Boolean defining whether the puppet module should manage ‘/etc/mailname’. See also $manage_conffiles

  • manage_mailx (Boolean) (defaults to: true)

    A Boolean defining whether the puppet module should manage the mailx package. See also $mailx_ensure.

  • manage_root_alias (Boolean) (defaults to: true)

    Wheter to manage the mailalias for root user

  • maps (Hash) (defaults to: {})

    A hash of postfix::map resources

  • master_bounce_command (String) (defaults to: 'bounce')

    The bounce command which should be used in master.cf

  • master_defer_command (String) (defaults to: 'bounce')

    The defer command which should be used in master.cf

  • master_entries (Array[String]) (defaults to: [])

    Array of strings containing additional entries for the /etc/postfix/master.cf file. Example: ‘[’submission inet n - n - - smtpd’]‘.

  • master_smtp (Optional[String]) (defaults to: undef)

    A string to define the smtp line in the /etc/postfix/master.cf file. If this is defined the smtp_listen parameter will be ignored. Example: ‘smtp inet n - n - - smtpd`.

  • master_smtps (Optional[String]) (defaults to: undef)

    A string to define the smtps line in the /etc/postfix/master.cf file. Example: ‘smtps inet n - n - - smtpd`.

  • master_submission (Optional[String]) (defaults to: undef)

    A string to define the submission line in the /etc/postfix/master.cf file. Example: ‘submission inet n - n - - smtpd`.

  • mastercf_content (Optional[String]) (defaults to: undef)

    Set the content parameter for the master.cf file resource.

  • mastercf_source (Optional[String]) (defaults to: undef)

    A string defining the location of a skeleton master.cf file to be used. Example: ‘puppet:///modules/some/other/location/master.cf`.

  • mastercf_template (Optional[String]) (defaults to: undef)

    Set the epp template path which will be used for master.cf file resource.

  • masquerade_classes (Optional[Array[String[1]]]) (defaults to: undef)

    Postfix config parameter masquerade_classes as an array. What addresses are subject to address masquerading. Example: ‘[’envelope_sender’, ‘envelope_recipient’, ‘header_sender’, ‘header_recipient’]‘

  • masquerade_domains (Optional[Array[String[1]]]) (defaults to: undef)

    An array defining the masquerade_domains to use. The order of elements matters here, so be aware of how you define the elements. Example: ‘[’foo.example.com’, ‘example.com’]‘

  • masquerade_exceptions (Optional[Array[String[1]]]) (defaults to: undef)

    An array defining the masquerade_exceptions to use. This optional list of user names that are not subjected to address masquerading, even when their addresses match $masquerade_domains. Example: ‘[’root’]‘

  • mta (Boolean) (defaults to: false)

    A Boolean to define whether to configure Postfix as a mail transfer agent. This option is mutually exclusive with the satellite Boolean.

  • mydestination (String) (defaults to: '$myhostname, localhost.$mydomain, localhost')

    A string to define the mydestination parameter in main.cf (postconf(5)). Example: ‘example.com, foo.example.com`.

  • mynetworks (String) (defaults to: '127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128')

    A string to define the mynetworks parameter that holds trusted remote smtp clients (postconf(5)). Example: ‘127.0.0.0/8, [::1]/128`.

  • myorigin (String) (defaults to: $facts['networking']['fqdn'])

    A string to define the myorigin parameter that holds the domain name that mail appears to come from (postconf(5)). Example: ‘example.com`

  • postfix_ensure (String) (defaults to: 'present')

    The ensure value of the postfix package

  • relayhost (Optional[String]) (defaults to: undef)

    A string to define the relayhost parameter (postconf(5)). Example: ‘smtp.example.com`.

  • root_group (String) (defaults to: 'root')

    The group permission name for the main.cf and master.cf files.

  • root_mail_recipient (Variant[Array[String], String]) (defaults to: 'nobody')

    A string to define the e-mail address to which all mail directed to root should go (aliases(5)). Example: ‘root_catch@example.com`.

  • satellite (Boolean) (defaults to: false)

    A Boolean to define whether to configure Postfix as a satellite relay host. This setting is mutually exclusive with the mta Boolean.

  • service_enabled (Boolean) (defaults to: true)

    Defines if the service ‘postfix’ is enabled on the system

  • service_ensure (String) (defaults to: 'running')

    Defines the service state of ‘postfix’ service

  • smtp_listen (Variant[Array[String[1]], String[1]]) (defaults to: '127.0.0.1')

    A string or an array of strings to define the IPs on which to listen in master.cf. This can also be set to ‘all’ to listen on all interfaces. If master_smtp is defined smtp_listen will not be used. Example: ‘::1`.

  • transports (Hash) (defaults to: {})

    A hash of postfix::transport resources

  • use_amavisd (Boolean) (defaults to: false)

    A Boolean to define whether to configure master.cf to allow the use of the amavisd scanner.

  • use_dovecot_lda (Boolean) (defaults to: false)

    A Boolean to define whether to configure master.cf to use dovecot as the local delivery agent.

  • use_schleuder (Variant[Integer[2, 3], Boolean]) (defaults to: false)

    A Boolean to define whether to configure master.cf to use the Schleuder GPG-enabled mailing list. Can be also set to an integer ‘2` to use Schleuder v2 instead of v3.

  • use_sympa (Boolean) (defaults to: false)

    A Boolean to define whether to configure master.cf to use the Sympa mailing list management software.

  • virtuals (Hash) (defaults to: {})

    A hash of postfix::virtual resources



259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
 
# File 'manifests/init.pp', line 259

class postfix (
  String                               $alias_maps            = 'hash:/etc/aliases',
  Integer                              $amavis_procs          = 2,
  Optional[Boolean]                    $chroot                = undef,
  Stdlib::Absolutepath                 $confdir               = '/etc/postfix',
  Hash                                 $conffiles             = {},
  Hash                                 $configs               = {},
  Hash                                 $hashes                = {},
  String                               $inet_interfaces       = 'all',
  String                               $inet_protocols        = 'all',
  Boolean                              $ldap                  = false,
  Optional[String]                     $ldap_base             = undef,
  Optional[String]                     $ldap_host             = undef,
  Optional[String]                     $ldap_options          = undef,
  Array[String[1]]                     $ldap_packages         = [],
  String                               $lookup_table_type     = 'hash',
  Hash                                 $mailaliases           = {},
  String                               $mail_user             = 'vmail',       # postfix_mail_user
  Boolean                              $mailman               = false,
  String                               $mailx_ensure          = 'present',
  String                               $maincf_source         = "puppet:///modules/${module_name}/main.cf",
  Boolean                              $manage_aliases        = true,          # /etc/aliases
  Boolean                              $manage_conffiles      = true,
  Boolean                              $manage_mailname       = true,
  Boolean                              $manage_mailx          = true,
  Boolean                              $manage_root_alias     = true,
  Hash                                 $maps                  = {},
  String                               $master_bounce_command = 'bounce',
  String                               $master_defer_command  = 'bounce',
  Array[String]                        $master_entries        = [],            # postfix_master_entries
  Optional[String]                     $master_smtp           = undef,         # postfix_master_smtp
  Optional[String]                     $master_smtps          = undef,         # postfix_master_smtps
  Optional[String]                     $master_submission     = undef,         # postfix_master_submission
  Optional[String]                     $mastercf_content      = undef,
  Optional[String]                     $mastercf_source       = undef,
  Optional[String]                     $mastercf_template     = undef,
  Optional[Array[String[1]]]           $masquerade_classes    = undef,
  Optional[Array[String[1]]]           $masquerade_domains    = undef,
  Optional[Array[String[1]]]           $masquerade_exceptions = undef,
  Boolean                              $mta                   = false,
  String                               $mydestination         = '$myhostname, localhost.$mydomain, localhost',  # postfix_mydestination
  String                               $mynetworks            = '127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128', # postfix_mynetworks
  String                               $myorigin              = $facts['networking']['fqdn'],
  String                               $postfix_ensure        = 'present',
  Optional[String]                     $relayhost             = undef,         # postfix_relayhost
  String                               $root_group            = 'root',
  Variant[Array[String], String]       $root_mail_recipient   = 'nobody',      # root_mail_recipient
  Boolean                              $satellite             = false,
  Boolean                              $service_enabled       =  true,
  String                               $service_ensure        = 'running',
  Variant[Array[String[1]], String[1]] $smtp_listen           = '127.0.0.1',   # postfix_smtp_listen
  Hash                                 $transports            = {},
  Boolean                              $use_amavisd           = false,         # postfix_use_amavisd
  Boolean                              $use_dovecot_lda       = false,         # postfix_use_dovecot_lda
  Variant[Integer[2, 3], Boolean]      $use_schleuder         = false,         # postfix_use_schleuder
  Boolean                              $use_sympa             = false,         # postfix_use_sympa
  Hash                                 $virtuals              = {},
) inherits postfix::params {
  if (
    ($mastercf_source and $mastercf_content) or
    ($mastercf_source and $mastercf_template) or
    ($mastercf_content and $mastercf_template) or
    ($mastercf_source and $mastercf_content and $mastercf_template)
  ) {
    fail('mastercf_source, mastercf_content and mastercf_template are mutually exclusive')
  }

  $_smtp_listen = $mailman ? {
    true    => '0.0.0.0',
    default => $smtp_listen,
  }

  $all_alias_maps = $ldap ? {
    false => $alias_maps,
    true  => "${alias_maps}, ldap:${confdir}/ldap-aliases.cf",
  }

  $configs.each |$key, $value| {
    postfix::config { $key:
      * => $value,
    }
  }

  $mailaliases.each |$key, $value| {
    postfix::mailalias { $key:
      * => $value,
    }
  }

  $transports.each |$key, $value| {
    postfix::transport { $key:
      * => $value,
    }
  }

  $virtuals.each |$key, $value| {
    postfix::virtual { $key:
      * => $value,
    }
  }

  $hashes.each |$key, $value| {
    postfix::hash { $key:
      * => $value,
    }
  }

  $conffiles.each |$key, $value| {
    postfix::conffile { $key:
      * => $value,
    }
  }

  $maps.each |$key, $value| {
    postfix::map { $key:
      * => $value,
    }
  }

  contain 'postfix::packages'
  contain 'postfix::files'
  contain 'postfix::service'

  Class['postfix::packages']
  -> Class['postfix::files']
  ~> Class['postfix::service']

  if $ldap {
    include postfix::ldap
  }

  if $mta {
    if $satellite {
      fail('enabling both the $mta and $satellite parameters is not supported. Please disable one.')
    }
    include postfix::mta
  }

  if $satellite {
    if $mta {
      fail('enabling both the $mta and $satellite parameters is not supported. Please disable one.')
    }
    include postfix::satellite
  }

  if $mailman {
    include postfix::mailman
  }
}