Mark Bergsma has uploaded a new change for review.
https://gerrit.wikimedia.org/r/164940
Change subject: Remove all IMAP configuration and Puppet manifests
......................................................................
Remove all IMAP configuration and Puppet manifests
Change-Id: I7cd3461b12c12ceab739c9ea2ea0d851b29e252a
---
M manifests/mail.pp
M manifests/role/mail.pp
M manifests/site.pp
M templates/exim/exim4.conf.SMTP_IMAP_MM.erb
4 files changed, 1 insertion(+), 158 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/40/164940/1
diff --git a/manifests/mail.pp b/manifests/mail.pp
index 33184b4..5e7683a 100644
--- a/manifests/mail.pp
+++ b/manifests/mail.pp
@@ -21,8 +21,6 @@
# other mail servers
# - $enable_mailman:
# Whether Mailman delivery functionality is enabled (true/false)
- # - $enable_imap_delivery:
- # Whether IMAP local delivery functional is enabled (true/false)
# - $enable_mail_submission:
# Enable/disable mail submission by users/client MUAs
# - $mediawiki_relay:
@@ -44,7 +42,6 @@
class roled(
$enable_clamav=false,
$enable_external_mail=true,
- $enable_imap_delivery=false,
$enable_mail_relay=false,
$enable_mail_submission=false,
$enable_mailman=false,
@@ -100,15 +97,6 @@
}
class mail_relay {
- file { '/etc/exim4/imap_accounts':
- ensure => present,
- owner => 'root',
- group => 'root',
- mode => '0444',
- source => 'puppet:///files/exim/imap_accounts',
- require => Class['exim4'],
- }
-
exim4::dkim { 'wikimedia.org':
domain => 'wikimedia.org',
selector => 'wikimedia',
diff --git a/manifests/role/mail.pp b/manifests/role/mail.pp
index d24af3f..dc111e8 100644
--- a/manifests/role/mail.pp
+++ b/manifests/role/mail.pp
@@ -195,11 +195,3 @@
}
}
-
-class role::mail::imap {
- # confusingly enough, the former is amanda, the latter is bacula
- include backup::host
- backup::set { 'var-vmail': }
-
- # FIXME: the rest is unpuppetized so far
-}
diff --git a/manifests/site.pp b/manifests/site.pp
index 4de1f30..7971946 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -2464,7 +2464,6 @@
include role::ntp
include ldap::role::server::corp
include ldap::role::client::corp
- include role::mail::imap
class { 'admin': groups => ['oit'] }
}
diff --git a/templates/exim/exim4.conf.SMTP_IMAP_MM.erb
b/templates/exim/exim4.conf.SMTP_IMAP_MM.erb
index 514c2f0..f3ffea7 100644
--- a/templates/exim/exim4.conf.SMTP_IMAP_MM.erb
+++ b/templates/exim/exim4.conf.SMTP_IMAP_MM.erb
@@ -7,13 +7,6 @@
CONFDIR=/etc/exim4
WIKI_INTERFACE=<; 208.80.154.91 ; 2620:0:861:3:208:80:154:91
-<% if enable_imap_delivery == true then -%>
-USERDB=/var/vmaildb/user.db
-VMAIL=/var/vmail
-DELIVER=/usr/lib/dovecot/deliver
-NOT_LOCALLY_SUBMITTED=${if !match{$received_protocol}{\Nsmtpsa$\N}}
-
-<% end -%>
<% if enable_mailman == true then -%>
# Mailman
MAILMAN_HOME = /usr/lib/mailman
@@ -70,11 +63,7 @@
hostlist wikimedia_nets = <; <%=
scope.lookupvar('network::constants::all_networks').join(" ; ") %>
hostlist relay_from_hosts = <; @[] ; 127.0.0.1 ; ::1 ; <% if enable_mail_relay
!= false -%><%= scope.lookupvar('network::constants::external_networks').join("
; ") %>; 10.0.0.0/8<% end %>
-<% if enable_imap_delivery == true then -%>
-
-# Interfaces
-daemon_smtp_ports = smtp : ssmtp
-<% elsif enable_otrs_server == true then -%>
+<% if enable_otrs_server == true then -%>
# Interfaces
daemon_smtp_ports = smtp
@@ -130,14 +119,6 @@
# Malware scanning
av_scanner = clamd:/var/run/clamav/clamd.ctl
-<% end %>
-
-<% if enable_imap_delivery == true then -%>
-# TLS
-tls_certificate = /etc/ssl/certs/wikimedia.org.pem
-tls_privatekey = /etc/ssl/private/wikimedia.org.key
-tls_advertise_hosts = *
-tls_on_connect_ports = 465
<% end %>
# Other
@@ -544,70 +525,6 @@
route_list = * iodine.wikimedia.org byname
transport = remote_smtp
<% end %>
-<% if enable_imap_delivery == true then -%>
-# Run a custom user filter, e.g. to sort mail into subfolders
-# By default Exim filter CONFDIR/default_user_filter is run,
-# which sorts mail classified spam into the Junk folder
-user_filter:
- driver = redirect
- domains = +local_domains
- condition = NOT_LOCALLY_SUBMITTED
- router_home_directory = VMAIL/$domain/$local_part
- address_data = ${lookup sqlite{USERDB \
- SELECT id, filter NOTNULL AS hasfilter \
- FROM account \
- WHERE localpart='${quote_sqlite:$local_part}' \
- AND domain='${quote_sqlite:$domain}' \
- AND active='1'}{$value}fail}
- data = ${if eq{${extract{hasfilter}{$address_data}}}{1}{ \
- ${lookup sqlite{USERDB \
- SELECT filter \
- FROM account \
- WHERE id='${quote_sqlite:${extract{id}{$address_data}}}'}}} \
- {${readfile{CONFDIR/default_user_filter}}}}
- allow_filter
- forbid_filter_dlfunc
- forbid_filter_existstest
- forbid_filter_logwrite
- forbid_filter_lookup
- forbid_filter_perl
- forbid_filter_readfile
- forbid_filter_readsocket
- forbid_filter_run
- forbid_include
- forbid_pipe
- user = vmail
- group = vmail
- directory_transport = maildir_delivery
- reply_transport = reply_transport
- no_verify
-
-# Delivery to a Maildir mail box.
-local_user:
- driver = accept
- domains = +local_domains
- condition = NOT_LOCALLY_SUBMITTED
- local_part_suffix = +*
- local_part_suffix_optional
- address_data = ${lookup sqlite{USERDB \
- SELECT id, quota \
- FROM account \
- WHERE localpart='${quote_sqlite:$local_part}' \
- AND domain='${quote_sqlite:$domain}' \
- AND active='1'}{$value}fail}
- transport = maildir_delivery
- transport_home_directory = VMAIL/$domain/$local_part
- transport_current_directory = VMAIL
-
-# Bounce/auto-reply messages for users that have left
-user_left:
- driver = accept
- domains = +local_domains
- condition = NOT_LOCALLY_SUBMITTED
- require_files = CONFDIR/userleft/$domain/$local_part
- transport = left_message
-
-<% end %>
<% if enable_mail_relay != false then -%>
# Redirect postmaster@$domain if it hasn't been accepted before
@@ -753,59 +670,6 @@
group = MAILMAN_GID
#headers_rewrite = \N^.*@(mail\.)?wiki[mp]edia\.org$\N "${if
exists{MAILMAN_LISTS_HOME/lists/$local_part/config.pck}{$local_p...@lists.wikimedia.org}fail}"
ct
-<% end %>
-<% if enable_imap_delivery == true then -%>
-# Delivery via Dovecot's "deliver" LDA. The advantage over using Exim's
-# internal Maildir appendfile transport is that it can immediately update
-# Dovecot's internal indexes for better performance.
-dovecot_delivery:
- driver = pipe
- command = DELIVER -m ${extract{mailbox}{$address_data}{$value}{INBOX}}
- log_output
- return_fail_output
- message_prefix =
- message_suffix =
- delivery_date_add
- envelope_to_add
- return_path_add
- user = vmail
- group = vmail
-
-# appendfile transport for Maildir delivery
-maildir_delivery:
- driver = appendfile
- maildir_format
- directory = ${if def:address_file{$address_file}{$home}}
- create_directory
- create_file = belowhome
- delivery_date_add
- envelope_to_add
- return_path_add
- user = vmail
- group = vmail
-
- # Quota support
- quota = ${if
!eq{$received_protocol}{local}{${extract{quota}{$address_data}{${value}K}{0}}}}
- quota_is_inclusive = false
- quota_warn_threshold = 100%
- quota_warn_message = ${expand:${readfile{CONFDIR/quota_warn_message}}}
- maildir_use_size_file
- maildir_quota_directory_regex = ^(?:cur|new|\.(?!Trash).*)
- maildir_tag = ,S=$message_size
-
-# Autoreply bounce transport for users that have left the organization
-left_message:
- driver = autoreply
- file = CONFDIR/userleft/$domain/$local_part
- file_expand
- return_message
- from = Wikimedia Foundation <postmas...@wikimedia.org>
- to = $sender_address
- reply_to = off...@wikimedia.org
- subject = User ${quote_local_part:$local_part}@$domain has left the
organization: returning message to sender
-
-reply_transport:
- driver = autoreply
<% end %>
# POST VERP bounce emails to a MediaWiki 'bouncehandler' API
--
To view, visit https://gerrit.wikimedia.org/r/164940
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I7cd3461b12c12ceab739c9ea2ea0d851b29e252a
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Mark Bergsma <m...@wikimedia.org>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
