Adding state for /etc/postfix/postfix-cert.cnf

author Frank Brehm <frank.brehm@profitbricks.com>

Mon, 29 Feb 2016 10:57:48 +0000 (11:57 +0100)

committer Frank Brehm <frank.brehm@profitbricks.com>

Mon, 29 Feb 2016 10:57:48 +0000 (11:57 +0100)
author Frank Brehm <frank.brehm@profitbricks.com>
Mon, 29 Feb 2016 10:57:48 +0000 (11:57 +0100)
committer Frank Brehm <frank.brehm@profitbricks.com>
Mon, 29 Feb 2016 10:57:48 +0000 (11:57 +0100)
diff --git a/postfix/common.sls b/postfix/common.sls

index 2e86e75018bde5a3ae4417ffe6390ec0fbe09bd6..91dbe24c279ad8085cc53949980ae4566f0e753a 100644 (file)
--- a/postfix/common.sls
+++ b/postfix/common.sls
@@ -47,3 +47,14 @@ postfix:
      - template: jinja
      - backup: minion
  
+/etc/postfix/postfix-cert.cnf:
+  file.managed:
+    - source: postfix/files/postfix-cert.cnf
+    - user: root
+    - group: root
+    - mode: 644
+    - require:
+      - file: /etc/postfix
+    - template: jinja
+    - backup: minion
+
diff --git a/postfix/files/postfix-cert.cnf b/postfix/files/postfix-cert.cnf

new file mode 100644 (file)

index 0000000..2d5100e
--- /dev/null
+++ b/postfix/files/postfix-cert.cnf
@@ -0,0 +1,23 @@
+RANDFILE = /usr/share/postfix.rand
+
+[ req ]
+default_bits = 1024
+encrypt_key = yes
+distinguished_name = req_dn
+x509_extensions = cert_type
+prompt = no
+
+[ req_dn ]
+C=DE
+ST=Berlin
+L=Berlin
+O=Frank Brehm
+OU=Mail Server Postfix SSL key
+CN={{ grains['fqdn'] }}
+emailAddress={{ salt['pillar.get']('postfix:postmaster_address', 'postmaster@brehm-online.com') }}
+
+
+[ cert_type ]
+nsCertType = server
+
+# vim: filetype=dosini
author	Frank Brehm <frank.brehm@profitbricks.com>
	Mon, 29 Feb 2016 10:57:48 +0000 (11:57 +0100)
committer	Frank Brehm <frank.brehm@profitbricks.com>
	Mon, 29 Feb 2016 10:57:48 +0000 (11:57 +0100)
postfix/common.sls		patch \| blob \| history
postfix/files/postfix-cert.cnf	[new file with mode: 0644]	patch \| blob