postfix: Allow disabling smtpd TLS via an attribute

2011-05-11 16:52:12 +01:00 · 2011-05-11 16:52:12 +01:00 · 1fabcdf0a8
commit 1fabcdf0a8
parent 1d74a686c8
2 changed files with 5 additions and 1 deletions
--- a/attributes/default.rb
+++ b/attributes/default.rb
@ -5,6 +5,8 @@ default[:postfix][:myorigin]   = "$myhostname"
 default[:postfix][:relayhost]  = ""
 default[:postfix][:mail_relay_networks] = "127.0.0.0/8"

+default[:postfix][:smtpd_use_tls] = "yes"
+
 default[:postfix][:smtp_sasl_auth_enable] = "no"
 default[:postfix][:smtp_sasl_password_maps]    = "hash:/etc/postfix/sasl_passwd"
 default[:postfix][:smtp_sasl_security_options] = "noanonymous"
--- a/templates/default/main.cf.erb
+++ b/templates/default/main.cf.erb
@ -5,10 +5,12 @@

 biff = no
 append_dot_mydomain = no
+smtpd_use_tls = <%= node[:postfix][:smtpd_use_tls] %>
+<% if node[:postfix][:smtpd_use_tls] == "yes" -%>
 smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
 smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
-smtpd_use_tls=yes
 smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
+<% end -%>
 smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
 smtp_sasl_auth_enable = <%= node[:postfix][:smtp_sasl_auth_enable] %>
 <% if node[:postfix][:smtp_sasl_auth_enable] == "yes" -%>