From 40a8b550ba0eac5d29ffefe22a485aa3d17fb7b4 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Wed, 8 Aug 2018 14:56:54 +0200 Subject: [PATCH] Moving test-mail02.pixelpark.net to customer pixelpark-mail-test --- customer/pixelpark-mail-test/common.yaml | 213 ++++++++++++++++++ .../test-mail02.pixelpark.net.yaml | 0 2 files changed, 213 insertions(+) create mode 100644 customer/pixelpark-mail-test/common.yaml rename customer/{pixelpark-mail => pixelpark-mail-test}/test-mail02.pixelpark.net.yaml (100%) diff --git a/customer/pixelpark-mail-test/common.yaml b/customer/pixelpark-mail-test/common.yaml new file mode 100644 index 00000000..dcf383eb --- /dev/null +++ b/customer/pixelpark-mail-test/common.yaml @@ -0,0 +1,213 @@ +--- +infra::additional_classes: + - infra::profile::sasl + - infra::profile::postfix + +# Necessary, because the host has a local caching only DNS resolver +#puppetconf::server: puppetmaster01.pixelpark.com + +##################################################### +# Logrotation + +infra::profile::logrotate::rules: + named: + path: '/var/log/named/*.log' + rotate_every: 'day' + rotate: 10 + missingok: true + minsize: '4M' + su_owner: 'named' + su_group: 'named' + create: true + create_mode: '0644' + create_owner: 'named' + create_group: 'named' + dateext: true + dateformat: '-%Y-%m-%d' + compress: true + delaycompress: true + missingok: true + sharedscripts: true + postrotate: '/usr/sbin/rndc reload >/dev/null' + named_run: + path: '/var/named/data/named.run' + missingok: true + su_owner: 'named' + su_group: 'named' + create: true + create_mode: '0644' + create_owner: 'named' + create_group: 'named' + postrotate: | + /usr/bin/systemctl reload named.service > /dev/null 2>&1 || true + /usr/bin/systemctl reload named-chroot.service > /dev/null 2>&1 || true + /usr/bin/systemctl reload named-sdb.service > /dev/null 2>&1 || true + /usr/bin/systemctl reload named-sdb-chroot.service > /dev/null 2>&1 || true + /usr/bin/systemctl reload named-pkcs11.service > /dev/null 2>&1 || true + +##################################################### +# Options for /etc/resolv.conf +resolv_conf::nameservers: + - '127.0.0.1' + - '217.66.52.10' + - '212.91.225.75' + +##################################################### +# BIND configuration +bind::version2show: 'none' +bind::querylog: false +bind::forwarders: + - '217.66.52.10' + - '212.91.225.75' +bind::deploy::has_deploy: false + +##################################################### +# SASL configuration +sasl::authd::mechanism: 'ldap' +sasl::authd::bind: 'ldap' +sasl::authd::ldap_auth_method: 'bind' +sasl::authd::ldap_search_base: 'o=isp' +sasl::authd::ldap_servers: + - 'ldap://ldap.pixelpark.com' +#sasl::authd::ldap_start_tls: false +sasl::authd::bind_dn: 'cn=admin' +sasl::authd::ldap_bind_dn: 'cn=admin' +sasl::authd::ldap_password: > + ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAkGouEnyjTBA40/lpw1BEHsDx2b2I3L2HHnm9 + U9gHYhz1BrPTsyCklW8CC3BiE0W9NRS0Rod+cm6M+7OMzciXbgQMFO6Ko98V + tzoTyL8yeWr4ZXNpov/gVD+WTfcKo2A0w+egenTdErN4dclnwzAoSR9QOHNT + LUxHa6sTT191+79mjw0CnG1BwDKBnZRyO+fzgACFn0dUIasz7danBbZMPn/n + wOuOrXXq/PVNPW9GSeKkbimYCAn7KDwTvJNTJCR7dh29+aq0xoSSsGrN+L+f + OZrj3dG58D8lspbxNb4iFMswtOcihByp6n5fRmvnEFXw/Dn507UCTxURoLpp + EPXIdDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD/aCWYpB6KwUIcLp1T + EKskgBArkfXhMZNEUfrTvFILs4Ig] +sasl::authd::ldap_bind_pw: > + ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAkGouEnyjTBA40/lpw1BEHsDx2b2I3L2HHnm9 + U9gHYhz1BrPTsyCklW8CC3BiE0W9NRS0Rod+cm6M+7OMzciXbgQMFO6Ko98V + tzoTyL8yeWr4ZXNpov/gVD+WTfcKo2A0w+egenTdErN4dclnwzAoSR9QOHNT + LUxHa6sTT191+79mjw0CnG1BwDKBnZRyO+fzgACFn0dUIasz7danBbZMPn/n + wOuOrXXq/PVNPW9GSeKkbimYCAn7KDwTvJNTJCR7dh29+aq0xoSSsGrN+L+f + OZrj3dG58D8lspbxNb4iFMswtOcihByp6n5fRmvnEFXw/Dn507UCTxURoLpp + EPXIdDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD/aCWYpB6KwUIcLp1T + EKskgBArkfXhMZNEUfrTvFILs4Ig] +sasl::authd::threads: 5 +sasl::authd::ldap_version: 3 +sasl::authd::caching: true +sasl::authd::combine_realm: true +sasl::authd::ldap_filter: '(&(objectclass=inetlocalmailrecipient)(|(uid=%u)(mail=%u)))' + +infra::profile::sasl::enable_authd: true +infra::profile::sasl::application: + smtpd: + mech_list: + - plain + - login + pwcheck_method: 'saslauthd' + + +##################################################### +# Postfix configuration: + +# Global configurations +postfix::alias_maps: "hash:/etc/postfix/maps/aliases ldap:/etc/postfix/ldap/alias.cf" +postfix::inet_interfaces: 'all' +postfix::manage_mailx: false +postfix::mastercf_source: 'puppet:///postfix_dir/master.cf' +postfix::myorigin: 'pixelpark.com' + +#infra::profile::postfix::config_directory: '/etc/postfix' +infra::profile::postfix::aliases_file: '/etc/postfix/maps/aliases' +infra::profile::postfix::aliases_source: 'puppet:///postfix_dir/maps/aliases' +#infra::profile::postfix::myorigin: "%{hiera('postfix::myorigin')}" +#infra::profile::postfix::relayhost: ~ +#infra::profile::postfix::tls: true +#infra::profile::postfix::tls_cert: ~ +#infra::profile::postfix::tls_key: ~ +#infra::profile::postfix::tls_chain: ~ +#infra::profile::postfix::tls_loglevel: 1 +#infra::profile::postfix::tls_received_header: true +#infra::profile::postfix::tls_security_level: 'may' +#infra::profile::postfix::tls_auth_only: false +#infra::profile::postfix::cert_servername: 'wildcard.pixelpark.com' +#infra::profile::postfix::cert_customer: 'pixelpark' +infra::profile::postfix::has_map_smtp_tls_peers: true +#infra::profile::postfix::map_smtp_tls_peers: '/etc/postfix/maps/smtp-tls-peers' +infra::profile::postfix::is_relay: true +#infra::profile::postfix::unverified_recipient_reject_code: '550' +#infra::profile::postfix::transport_maps_source: ~ +infra::profile::postfix::virtual_aliases_source: ~ +infra::profile::postfix::has_default_generic: false +#infra::profile::postfix::virtual_regex: ~ + +#infra::profile::postfix::ldap_server: 'ldap.pixelpark.com' +#infra::profile::postfix::ldap_port: '389' +#infra::profile::postfix::ldap_timeout: '5' +#infra::profile::postfix::ldap_search_base: 'o=isp' +#infra::profile::postfix::ldap_bind_dn: 'cn=admin' +infra::profile::postfix::ldap_bind_pw: > + ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEw + DQYJKoZIhvcNAQEBBQAEggEAkGouEnyjTBA40/lpw1BEHsDx2b2I3L2HHnm9 + U9gHYhz1BrPTsyCklW8CC3BiE0W9NRS0Rod+cm6M+7OMzciXbgQMFO6Ko98V + tzoTyL8yeWr4ZXNpov/gVD+WTfcKo2A0w+egenTdErN4dclnwzAoSR9QOHNT + LUxHa6sTT191+79mjw0CnG1BwDKBnZRyO+fzgACFn0dUIasz7danBbZMPn/n + wOuOrXXq/PVNPW9GSeKkbimYCAn7KDwTvJNTJCR7dh29+aq0xoSSsGrN+L+f + OZrj3dG58D8lspbxNb4iFMswtOcihByp6n5fRmvnEFXw/Dn507UCTxURoLpp + EPXIdDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD/aCWYpB6KwUIcLp1T + EKskgBArkfXhMZNEUfrTvFILs4Ig] + +##################################################### +# Rsyslog configuration +rsyslog::client::log_local_custom: + - 'auth.* /var/log/auth.log' + - 'local6.* /var/log/freshclam.log' + +##################################################### +# Logrotation + +infra::profile::logrotate::config: + dateformat: '-%Y-%m-%d' + +infra::profile::logrotate::rules: + wtmp: + dateformat: '-%Y-%m-%d' + btmp: + dateformat: '-%Y-%m-%d' + named: + path: '/var/log/named/*.log' + rotate_every: 'day' + rotate: 10 + missingok: true + minsize: '4M' + su_owner: 'named' + su_group: 'named' + create: true + create_mode: '0644' + create_owner: 'named' + create_group: 'named' + dateext: true + dateformat: '-%Y-%m-%d' + compress: true + delaycompress: true + missingok: true + sharedscripts: true + postrotate: | + /usr/sbin/rndc reload >/dev/null + named_run: + path: '/var/named/data/named.run' + missingok: true + su_owner: 'named' + su_group: 'named' + create: true + create_mode: '0644' + create_owner: 'named' + create_group: 'named' + postrotate: | + /usr/bin/systemctl reload named.service > /dev/null 2>&1 || true + /usr/bin/systemctl reload named-chroot.service > /dev/null 2>&1 || true + /usr/bin/systemctl reload named-sdb.service > /dev/null 2>&1 || true + /usr/bin/systemctl reload named-sdb-chroot.service > /dev/null 2>&1 || true + /usr/bin/systemctl reload named-pkcs11.service > /dev/null 2>&1 || true + +# vim: et list diff --git a/customer/pixelpark-mail/test-mail02.pixelpark.net.yaml b/customer/pixelpark-mail-test/test-mail02.pixelpark.net.yaml similarity index 100% rename from customer/pixelpark-mail/test-mail02.pixelpark.net.yaml rename to customer/pixelpark-mail-test/test-mail02.pixelpark.net.yaml -- 2.39.5