Skip to content

noris-network/puppet-exim

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

252 Commits
.devcontainer
.devcontainer
 
 
.githooks
.githooks
 
 
.vscode
.vscode
 
 
data
data
 
 
manifests
manifests
 
 
spec
spec
 
 
templates
templates
 
 
.fixtures.yml
.fixtures.yml
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
.gitlab-ci.yml
.gitlab-ci.yml
 
 
.pdkignore
.pdkignore
 
 
.puppet-lint.rc
.puppet-lint.rc
 
 
.rspec
.rspec
 
 
.rubocop.yml
.rubocop.yml
 
 
.sync.yml
.sync.yml
 
 
.travis.yml
.travis.yml
 
 
.yardopts
.yardopts
 
 
CHANGELOG.md
CHANGELOG.md
 
 
Gemfile
Gemfile
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
REFERENCE.md
REFERENCE.md
 
 
Rakefile
Rakefile
 
 
appveyor.yml
appveyor.yml
 
 
hiera.yaml
hiera.yaml
 
 
metadata.json
metadata.json
 
 
pdk.yaml
pdk.yaml
 
 
provision.yaml
provision.yaml
 
 

Repository files navigation

puppet-exim

The exim puppet module installes and configures exim. The goal is to support the most complex configurations and compile them into a nice, easy to read, single configuration file.

Usage with hiera

In the simpliest form, you can just include the exim class:

  classes:
  - exim

This configures exim so that it will accept mails generated on the local system, and forwards it to mail..

This will probably not work for you, so I suggest building your own custom configuration. Here is an example replicating the default config:

Load the main class. Disable the default config. Set the acl used for rcpt checking to "acl_check_rcpt" (default, shown for demonstation)

  exim::defaults: false
  exim::acl_smtp_rcpt: 'acl_check_rcpt'

Create a new, acl list named "acl_check_rcpt" :

  exim::acls:
    'acl_check_rcpt':
      statements:
        'Accept local':
          acl_id: 1
          order:  1
          action: 'accept'
          conditions:
            hosts:
            - ':'
        'Accept hostlist':
          acl_id: 1
          order:  2
          action: 'accept'
          conditions:
            hosts:
            - '127.0.0.1'
            - '@'
        'deny all':
          acl_id: 1
          order:  3
          action: 'deny'
          conditions:
            message:
            - 'relay not permitted'

Create 2 routers, one to do aliasing, and one to send mails to a remote smarthost:

  exim::routers:
    'system_aliases':
      order: 1
      driver: 'redirect'
      domains:
        - '@'
      allow_fail: true
      allow_defer: true
      data: '${lookup{$local_part}lsearch{/etc/aliases}}'
    'smarthost':
      order: 2
      driver: 'manualroute'
      transport: 'remote_smtp'
      route_list: '* mail.%{facts.networking.domain} byname'
      host_find_failed: 'defer'
      same_domain_copy_routing: true
      no_more: true

Create an smtp-transport:

  exim::transports:
    'remote_smtp':
      driver: 'smtp'

Create an address-pipe-transport:

  exim::transports:
    'address_pipe':
      driver: 'pipe'
      log_output: true
      return_fail_output: true
      exim_environment:
        - 'USER1': 'user1'
        - 'USER2': 'user2'
      path: '/usr/bin:/bin'
      timeout: '2h'
      timeout_defer: true

Create a default retry rule for all (*) mails:

  exim::retries:
    '*': {}

Usage with "classical" puppet code

In the simpliest form, you can just include the exim class:

  include exim

This configures exim so that it will accept mails generated on the local system, and forwards it to mail..

This will probably not work for you, so I suggest building your own custom configuration. Here is an example replicating the default config:

Load the main class. Disable the default config. Set the acl used for rcpt checking to "acl_check_rcpt" (default, shown for demonstation)

  class {'exim':
    defaults      => false,
    acl_smtp_rcpt => 'acl_check_rcpt',
  }

Create a new, acl list named "acl_check_rcpt" :

  exim::acl {'acl_check_rcpt':
    statements => {
      'Accept local' => {
        action     => 'accept',
        conditions => [ ['hosts',[':']] ],
      },
      'Accept hostlist' => {
        action     => 'accept',
        conditions => [ ['hosts'   , ['@','127.0.0.1']], ]
      },
      'deny all' => {
        action     => 'deny',
        conditions => [ ['message' , ['relay not permitted']], ]
      }
    }
  }

Create 2 routers, one to do aliasing, and one to send mails to a remote smarthost:

  exim::router {'system_aliases':
    order       => 1,
    driver      => 'redirect',
    domains     => ['@'],
    allow_fail  => true,
    allow_defer => true,
    data        => '${lookup{$local_part}lsearch{/etc/aliases}}',
  }
  exim::router {'smarthost':
    order                    => 2,
    driver                   => 'manualroute',
    transport                => 'remote_smtp',
    route_list               => "* mail.${facts['networking']['domain']} byname",
    host_find_failed         => 'defer',
    same_domain_copy_routing => true,
    no_more                  => true,
  }

Create an smtp-transport:

  exim::transport {'remote_smtp':
    driver          => 'smtp',
  }

Create an address-pipe-transport:

  exim::transport {'address_pipe':
    driver             => 'pipe',
    log_output         => true,
    return_fail_output => true,
    exim_environment   => [ 
      { 'USER1'          => 'user1' },
      { 'USER2'          => 'user2' } ],
    path               => '/usr/bin:/bin',
    timeout            => '2h',
    timeout_defer      => true,
  }

Create a default retry rule for all (*) mails:

  exim::retry {'*':}

About

No description, website, or topics provided.

Resources

Readme

License

LGPL-3.0 license
Activity
Custom properties

Stars

5 stars

Watchers

15 watching

Forks

13 forks
Report repository

Releases

25 tags

Packages

No packages published

Contributors 13

Languages