GithubHelp home page GithubHelp logo

bi4o4ek / puppet-opendkim Goto Github PK

View Code? Open in Web Editor NEW
0.0 2.0 9.0 42 KB

This module provides a simplified way of creating configurations to manage your OpenDKIM

License: Apache License 2.0

Ruby 20.42% Puppet 79.58%

puppet-opendkim's Introduction

Build Status

opendkim

Table of Contents

  1. Overview
  2. Module Description
  3. Setup - The basics of getting started with opendkim
  4. Usage - Configuration options and additional functionality
  5. Reference - An under-the-hood peek at what the module is doing and how
  6. Limitations - OS compatibility, etc.
  7. Development - Guide for contributing to the module

Overview

The opendkim module allows you to set up mail signing and manage DKIM services with minimal effort.

Module Description

OpenDKIM is a widely-used DKIM service, and this module provides a simplified way of creating configurations to manage your infrastructure. This includes the ability to configure and manage a range of different domain, as well as a streamlined way to install and configure OpenDKIM service.

Setup

What opendkim affects

  • configuration files and directories (created and written to)
  • package/service/configuration files for OpenDKIM
  • signing domains list
  • trusted hosts list
  • replace headers list
  • replace rules list

Beginning with opendkim

To install OpenDKIM with the default parameters

include opendkim

Add domains for signing

opendkim::domain{['example.com', 'example.org']:}

Add allowed hosts

opendkim::trusted{['10.0.0.0/8', '203.0.113.0/24']:}

Add replace rules

# replace_rules_domain should NOT be defined as the title of a resource body
# if it's an array (i.e. if you have multiple domains to rewrite)
opendkim::replace { 'rewrite-multiple-domains':
  replace_rules_domain => ['example.com', 'example.org'],
  replace_rules_array => ['example.net', 'example.biz'],
}

Usage

For example. There is internal ip 10.3.3.80 and external ip 203.0.113.100 on our mail-relay host with OpenDKIM. This host signs all mails for domains example.com and example.org.

# Postfix-relay
class{ 'postfix::server':
    inet_interfaces              => '10.3.3.80, localhost',
    mynetworks                   => '10.0.0.0/8, 203.0.113.0/24',
    smtpd_recipient_restrictions => 'permit_mynetworks, reject_unauth_destination',
    smtpd_client_restrictions    => 'permit_mynetworks, reject',
    mydestination                => '$myhostname',
    myhostname                   => 'relay-site.example.com',
    smtpd_banner                 => 'Hello',
    extra_main_parameters        => {
        smtp_bind_address     => '203.0.113.100',
        smtpd_milters         => 'inet:127.0.0.1:8891',
        non_smtpd_milters     => '$smtpd_milters',
        milter_default_action => 'accept',
        milter_protocol       => '2',
    },
}

# OpenDKIM
include opendkim
opendkim::domain{['example.com', 'example.org']:}
opendkim::trusted{['10.0.0.0/8', '203.0.113.0/24']:}
opendkim::replace {'example.com': replace_rules_array => ['example.net', 'example.biz'],}

After puppet-run you need to copy contents of /etc/opendkim/keys/example.com/relay-site.txt and paste into corresponding DNS-zone as TXT. Then repeat this action for example.org

Puppet module for postfix in this example is thias/postfix v0.3.3

Reference

Puppetlabs are working on automating this section.

Limitations

This module is tested on:

  • CentOS 6
  • Ubuntu 12.04
  • Ubuntu 14.04

Development

Fork me on github and make pull request.

puppet-opendkim's People

Contributors

bi4o4ek avatar niteman avatar stintel avatar

Watchers

avatar avatar

Forkers

kostyrev trovitsys jaredcurtis megamih arnaudmorin meschansky unyonsys strangelittlemonkey miamioh

puppet-opendkim's Issues

Syntax Error

Hello, I am trying to set some parameters in Opendkim but am finding syntax error, my code:

{ class 'opendkim':
     Mode => 's',
}

And I get this error:
"Error: Could not retrieve catalog from remote server: Error 400 on Server: Could not parse for environment production: Syntax error at 'Mode'; expected '}' at /etc/puppet/nodes/server.pp:4 on node server.local
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run"

Thank you in advance your attention

Hiera

Would you be willing to adjust this module to allow for passing private and public keys as parameters using hiera?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.