2023-07-07 10:42:18 +02:00
|
|
|
class eid::relay() {
|
2023-07-07 10:31:15 +02:00
|
|
|
package {'sasl2-bin': ensure => latest}
|
|
|
|
|
package {'libsasl2-modules': ensure => latest}
|
|
|
|
|
package {'opendkim': ensure => latest}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$submission_ip = hiera_array('submission_ip',[]);
|
2024-11-21 16:39:52 +01:00
|
|
|
|
2023-07-07 10:31:15 +02:00
|
|
|
sunet::misc::ufw_allow { "allow-submission-clients":
|
|
|
|
|
from => $submission_ip,
|
|
|
|
|
port => '587',
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sunet::misc::ufw_allow { "allow-dhcp6-546":
|
|
|
|
|
from => 'any',
|
2023-07-07 10:42:18 +02:00
|
|
|
to => 'fe80::/64',
|
2023-07-07 10:31:15 +02:00
|
|
|
port => '546',
|
|
|
|
|
proto => 'udp',
|
|
|
|
|
}
|
2024-01-25 13:51:43 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
$relay_ip = hiera_array('relay_ip',[]);
|
2024-11-21 16:39:52 +01:00
|
|
|
|
2024-01-25 13:51:43 +01:00
|
|
|
if $relay_ip != '' {
|
|
|
|
|
sunet::misc::ufw_allow { "allow-relay-rrsync":
|
|
|
|
|
from => $relay_ip,
|
|
|
|
|
port => '22',
|
|
|
|
|
}
|
|
|
|
|
sunet::ssh_keys { 'relay-keys':
|
|
|
|
|
config => safe_hiera('relay_ssh_keys_mapping', {}),
|
|
|
|
|
key_database_name => 'relay_ssh_keys_db'
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-07-07 10:31:15 +02:00
|
|
|
}
|
