Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet

[dsa-puppet.git] / modules / exim / manifests / mx.pp

diff --git a/modules/exim/manifests/mx.pp b/modules/exim/manifests/mx.pp
index 3eedf11a1b05f4c2074c3c3665a1f8be88327203..8a81592eca96f0f1f449de4c8e384a5bb3d6e39e 100644 (file)
--- a/modules/exim/manifests/mx.pp
+++ b/modules/exim/manifests/mx.pp
@@ -1,17 +1,37 @@
 class exim::mx inherits exim {
+    include clamav
+    include postgrey
+
     file {
         "/etc/exim4/ccTLD.txt":
           require => Package["exim4-daemon-heavy"],
-          source  => [ "puppet:///exim/common/ccTLD.txt" ]
+          source  => [ "puppet:///modules/exim/common/ccTLD.txt" ]
           ;
         "/etc/exim4/surbl_whitelist.txt":
           require => Package["exim4-daemon-heavy"],
-          source  => [ "puppet:///exim/common/surbl_whitelist.txt" ]
+          source  => [ "puppet:///modules/exim/common/surbl_whitelist.txt" ]
           ;
         "/etc/exim4/exim_surbl.pl":
           require => Package["exim4-daemon-heavy"],
-          source  => [ "puppet:///exim/common/exim_surbl.pl" ]
+          source  => [ "puppet:///modules/exim/common/exim_surbl.pl" ],
+          notify  => Exec["exim4 restart"]
           ;
     }
+    exec { "exim4 restart":
+        path        => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
+        refreshonly => true,
+    }
+    @ferm::rule { "dsa-exim-submission":
+            description     => "Allow SMTP",
+            rule            => "&SERVICE_RANGE(tcp, submission, \$SMTP_SOURCES)"
+    }
+    @ferm::rule { "dsa-exim-v6-submission":
+            description     => "Allow SMTP",
+            domain          => "ip6",
+            rule            => "&SERVICE_RANGE(tcp, submission, \$SMTP_V6_SOURCES)"
+    }
 }
 
+# vim:set et:
+# vim:set sts=4 ts=4:
+# vim:set shiftwidth=4: