diff --git a/attributes/default.rb b/attributes/default.rb index bef50ae..3755c36 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -22,6 +22,7 @@ default['postfix']['multi_environment_relay'] = false default['postfix']['use_procmail'] = false default['postfix']['aliases'] = {} default['postfix']['transports'] = {} +default['postfix']['access'] = {} default['postfix']['main_template_source'] = 'postfix' default['postfix']['master_template_source'] = 'postfix' default['postfix']['sender_canonical_map_entries'] = {} @@ -36,11 +37,17 @@ when 'omnios' default['postfix']['conf_dir'] = '/opt/omni/etc/postfix' default['postfix']['aliases_db'] = 'opt/omni/etc/postfix/aliases' default['postfix']['transport_db'] = '/opt/omni/etc/postfix/transport' + default['postfix']['access_db'] = '/opt/local/etc/postfix/aliases' +when 'omnios' + default['postfix']['conf_dir'] = '/opt/omni/etc/postfix' + default['postfix']['aliases_db'] = 'opt/omni/etc/postfix/aliases' + default['postfix']['access_db'] = 'opt/omni/etc/postfix/aliases' default['postfix']['uid'] = 11 else default['postfix']['conf_dir'] = '/etc/postfix' default['postfix']['aliases_db'] = '/etc/aliases' default['postfix']['transport_db'] = '/etc/postfix/transport' + default['postfix']['access_db'] = '/etc/postfix/access' end # Non-default main.cf attributes @@ -54,6 +61,7 @@ default['postfix']['main']['smtpd_use_tls'] = 'yes' default['postfix']['main']['smtp_use_tls'] = 'yes' default['postfix']['main']['alias_maps'] = ["hash:#{node['postfix']['aliases_db']}"] default['postfix']['main']['transport_maps'] = [ "hash:#{node['postfix']['transport_db']}" ] +default['postfix']['main']['access_maps'] = ["hash:#{node['postfix']['access_db']}"] default['postfix']['main']['mailbox_size_limit'] = 0 default['postfix']['main']['smtp_sasl_auth_enable'] = 'no' default['postfix']['main']['mynetworks'] = '127.0.0.0/8' diff --git a/metadata.rb b/metadata.rb index 30f493e..70d7a7b 100644 --- a/metadata.rb +++ b/metadata.rb @@ -9,6 +9,7 @@ recipe 'postfix', 'Installs and configures postfix' recipe 'postfix::sasl_auth', 'Set up postfix to auth to a server with sasl' recipe 'postfix::aliases', 'Manages /etc/aliases' recipe 'postfix::transports', 'Manages /etc/postfix/transport' +recipe 'postfix::access', 'Manages /etc/postfix/access' recipe 'postfix::client', 'Searches for the relayhost based on an attribute' recipe 'postfix::server', 'Sets the mail_type attribute to master' @@ -31,6 +32,11 @@ attribute 'postfix/transports', description: "Hash of Postfix transports mapping a destination to a smtp server. Example 'my.domain' => 'smtp:outbound-relay.my.domain'. See transport man page for details.", type: 'hash' +attribute 'postfix/access', + display_name: 'Postfix Access Table', + description: "Hash of Postfix accesses mapping a pattern to a action. Example 'domain.tld' => 'OK'. See access man page for details.", + type: 'hash' + attribute 'postfix/mail_type', display_name: 'Postfix Mail Type', description: 'Is this node a client or server?', diff --git a/recipes/access.rb b/recipes/access.rb new file mode 100644 index 0000000..e95a46e --- /dev/null +++ b/recipes/access.rb @@ -0,0 +1,28 @@ +# encoding: utf-8 +# Copyright:: Copyright (c) 2012, Opscode, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +include_recipe "postfix" + +execute "update-postfix-access" do + command "postmap #{node['postfix']['access_db']}" + environment PATH: "#{ENV['PATH']}:/opt/omni/bin:/opt/omni/sbin" if platform_family?('omnios') + action :nothing +end + +template "/etc/postfix/access" do + source "access.erb" + notifies :run, "execute[update-postfix-access]" +end diff --git a/templates/default/access.erb b/templates/default/access.erb new file mode 100644 index 0000000..022f7c5 --- /dev/null +++ b/templates/default/access.erb @@ -0,0 +1,10 @@ +# +# This file is generated by Chef for <%= node['fqdn'] %> +# +# Local changes will be overwritten +# +# See man 5 access for format + +<% node['postfix']['access'].each do |name, value| %> +<%= name %> <%= value %> +<% end unless node['postfix']['access'].nil? %>