generate TLSA record for our mailserver ports

[dsa-puppet.git] / modules / exim / manifests / mx.pp

diff --git a/modules/exim/manifests/mx.pp b/modules/exim/manifests/mx.pp
index 3c40623d64826184ac0dfc7c0b6bc577464e137a..f719e628c2c996c95b89ef2f9c1f0c8970fc904a 100644 (file)
--- a/modules/exim/manifests/mx.pp
+++ b/modules/exim/manifests/mx.pp
@@ -23,12 +23,12 @@ class exim::mx inherits exim {
                domain      => 'ip6',
                rule        => '&SERVICE_RANGE(tcp, submission, $SMTP_V6_SOURCES)',
        }
-       dnsextras::entry{ "tlsa-submission":
+       dnsextras::tlsa_record{ "tlsa-submission":
                zone => 'debian.org',
-               label => "_587._tcp.${::fqdn}",
-               rrtype => 'TXT',
-               rrdata => 'testing' }
-
+               certfile => "/etc/puppet/modules/exim/files/certs/${::fqdn}.crt",
+               port => 587,
+               hostname => "$::fqdn",
+       }
        package { 'nagios-plugins-standard':
                ensure => installed,
        }