Skip to content

Instantly share code, notes, and snippets.

@runswithd6s

runswithd6s/gd-mta::sendmail.pp

Last active August 29, 2015 14:04
Show Gist options
  • Save runswithd6s/ac60c0ef372c5c6849e7 to your computer and use it in GitHub Desktop.
Save runswithd6s/ac60c0ef372c5c6849e7 to your computer and use it in GitHub Desktop.
Download ZIP
Sendmail config files by location, environment, and hostgroup
Raw
gd-mta::sendmail.pp
# 3.2.4 (Puppet Enterprise 3.0.1)
create_resources('gd-mta::sendmail::copy_to_mail', {
access => {},
aliases => {},
authinfo => { mode => '0440' },
domaintable => {},
local-host-names => {},
mailertable => {},
relay-domains => {}
})
# Copy to mail based on environment, hostgroup, or default
define copy_to_mail ( $mode = '0444' ) {
file {"/etc/mail/${name}":
ensure => file,
owner => 'root',
group => 'mail',
mode => $mode,
source => ["puppet:///modules/gd-mta/etc/mail/${name}/${::certname}",
"puppet:///modules/gd-mta/etc/mail/${name}/${::location}.${::environment}.${::hostgroup}",
"puppet:///modules/gd-mta/etc/mail/${name}/${::environment}-${::hostgroup}.${::location}",
"puppet:///modules/gd-mta/etc/mail/${name}/${::hostgroup}.${::location}",
"puppet:///modules/gd-mta/etc/mail/${name}/${::environment}-${::hostgroup}",
"puppet:///modules/gd-mta/etc/mail/${name}/${::hostgroup}",
"puppet:///modules/gd-mta/etc/mail/${name}/default",],
notify => Exec['sendmail-make'],
}
}
# This is creating a directory structure like so -- instead of files
/sudo:root@vagrant:/etc/mail $ ls -la
total 266
drwxr-xr-x 10 root root 4096 2014-07-23 14:48 .
drwxr-xr-x 75 root root 4096 2014-07-23 14:48 ..
-rw-r--r-- 1 root root 92 2009-05-20 2009 Makefile
dr-xr-xr-x 2 root mail 4096 2014-07-23 14:47 access
-rw-r----- 1 root root 12288 2014-07-23 14:48 access.db
dr-xr-xr-x 2 root mail 4096 2014-07-23 14:47 aliases
-rw-r--r-- 1 root root 0 2013-11-27 2013 aliasesdb-stamp
dr-xr-x--- 2 root mail 4096 2014-07-23 14:47 authinfo
-rw-r--r-- 1 root vagrant 324 2014-07-23 14:47 clamav-milter.conf
dr-xr-xr-x 2 root mail 4096 2014-07-23 14:48 domaintable
-rw-r----- 1 root root 12288 2014-07-23 14:48 domaintable.db
-rw-r--r-- 1 root vagrant 5683 2014-07-23 14:47 greylist.conf
-rw-r--r-- 1 root root 5584 2010-11-11 2010 helpfile
dr-xr-xr-x 2 root mail 4096 2014-07-23 14:47 local-host-names
dr-xr-xr-x 2 root mail 4096 2014-07-23 14:47 mailertable
-rw-r----- 1 root root 12288 2014-07-23 14:48 mailertable.db
-rwxr-xr-x 1 root root 2700 2009-05-20 2009 make
dr-xr-xr-x 2 root mail 4096 2014-07-23 14:47 relay-domains
-rw-r--r-- 1 root root 63440 2014-07-23 14:48 sendmail.cf
-rw-r--r-- 1 root root 58452 2013-11-27 2013 sendmail.cf.bak
-rw-r--r-- 1 root root 3252 2014-07-23 14:47 sendmail.mc
drwxr-xr-x 5 root root 4096 2014-07-23 14:47 spamassassin
-rw-r--r-- 1 root root 41521 2010-11-11 2010 submit.cf
-rw-r--r-- 1 root root 941 2010-11-11 2010 submit.mc
-rw-r--r-- 1 root root 127 2007-04-12 2007 trusted-users
-rw-r----- 1 root root 12288 2014-07-23 14:48 virtusertable.db
@runswithd6s
Copy link
Author

We have an old cache issue here... We've run into this before but never understood how to fix it. When running the following...

puppet master --debug --compile CERTNAME

We get the following object using the old source paths:

      {
    "type": "File",
    "title": "/etc/mail/relay-domains",
    "tags": [
      "file",
      "gd-mta::sendmail::copy_to_mail",
      "gd-mta",
      "sendmail",
      "copy_to_mail",
      "relay-domains",
      "class",
      "gd-mta::sendmail",
      "role::mta",
      "role",
      "mta"
    ],
    "file": "/opt/puppet-deploy/production/current/modules/gd-mta/manifests/sendmail.pp",
    "line": 106,
    "exported": false,
    "parameters": {
      "ensure": "file",
      "owner": "root",
      "group": "mail",
      "mode": "0444",
      "source": [
        "puppet:///modules/gd-mta/etc/mail/qc/mta/relay-domains",
        "puppet:///modules/gd-mta/etc/mail/mta/relay-domains",
        "puppet:///modules/gd-mta/etc/mail/relay-domains"
      ],
      "backup": "main"
    }
  },

I think we'll restart the master and see what happens.

@runswithd6s
Copy link
Author

Although caching was a problem, the issue lies with the resulting expansion of variables, or lack there-of. If Puppet sees a directory as a path resolution for a source, as it does in the first line, it will install a directory, even if ensure => file is used. I would expect this to give error or skip the path, but that is not the case. We have chosen to re-name our source files with the pattern puppet://modules/gd-mta/mail/${name}_${::fqdn}, such that a directory will never be returned as a path.

@runswithd6s
Copy link
Author

Here's the updated defined type:

# Copy to mail based on environment, hostgroup, or default
define copy_to_mail ( $mode = '0444' ) {
  file {"/etc/mail/${name}":
    ensure => 'file',
    owner  => 'root',
    group  => 'mail',
    mode   => "$mode",
    source => ["puppet:///modules/gd-mta/etc/mail/${name}_${::fqdn}",
                      "puppet:///modules/gd-mta/etc/mail/${name}_${::environment}-${::hostgroup}.${::location}",
                      "puppet:///modules/gd-mta/etc/mail/${name}_${::hostgroup}.${::location}",
                      "puppet:///modules/gd-mta/etc/mail/${name}_${::environment}-${::hostgroup}",
                      "puppet:///modules/gd-mta/etc/mail/${name}_${::hostgroup}",
                      "puppet:///modules/gd-mta/etc/mail/${name}_default",],
    notify => Exec['sendmail-make'],
  }    
}

In every case, the resulting path in the source spec will resolve to a file name, not a directory.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment