Mark Bergsma has uploaded a new change for review. https://gerrit.wikimedia.org/r/164940
Change subject: Remove all IMAP configuration and Puppet manifests ...................................................................... Remove all IMAP configuration and Puppet manifests Change-Id: I7cd3461b12c12ceab739c9ea2ea0d851b29e252a --- M manifests/mail.pp M manifests/role/mail.pp M manifests/site.pp M templates/exim/exim4.conf.SMTP_IMAP_MM.erb 4 files changed, 1 insertion(+), 158 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/40/164940/1 diff --git a/manifests/mail.pp b/manifests/mail.pp index 33184b4..5e7683a 100644 --- a/manifests/mail.pp +++ b/manifests/mail.pp @@ -21,8 +21,6 @@ # other mail servers # - $enable_mailman: # Whether Mailman delivery functionality is enabled (true/false) - # - $enable_imap_delivery: - # Whether IMAP local delivery functional is enabled (true/false) # - $enable_mail_submission: # Enable/disable mail submission by users/client MUAs # - $mediawiki_relay: @@ -44,7 +42,6 @@ class roled( $enable_clamav=false, $enable_external_mail=true, - $enable_imap_delivery=false, $enable_mail_relay=false, $enable_mail_submission=false, $enable_mailman=false, @@ -100,15 +97,6 @@ } class mail_relay { - file { '/etc/exim4/imap_accounts': - ensure => present, - owner => 'root', - group => 'root', - mode => '0444', - source => 'puppet:///files/exim/imap_accounts', - require => Class['exim4'], - } - exim4::dkim { 'wikimedia.org': domain => 'wikimedia.org', selector => 'wikimedia', diff --git a/manifests/role/mail.pp b/manifests/role/mail.pp index d24af3f..dc111e8 100644 --- a/manifests/role/mail.pp +++ b/manifests/role/mail.pp @@ -195,11 +195,3 @@ } } - -class role::mail::imap { - # confusingly enough, the former is amanda, the latter is bacula - include backup::host - backup::set { 'var-vmail': } - - # FIXME: the rest is unpuppetized so far -} diff --git a/manifests/site.pp b/manifests/site.pp index 4de1f30..7971946 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -2464,7 +2464,6 @@ include role::ntp include ldap::role::server::corp include ldap::role::client::corp - include role::mail::imap class { 'admin': groups => ['oit'] } } diff --git a/templates/exim/exim4.conf.SMTP_IMAP_MM.erb b/templates/exim/exim4.conf.SMTP_IMAP_MM.erb index 514c2f0..f3ffea7 100644 --- a/templates/exim/exim4.conf.SMTP_IMAP_MM.erb +++ b/templates/exim/exim4.conf.SMTP_IMAP_MM.erb @@ -7,13 +7,6 @@ CONFDIR=/etc/exim4 WIKI_INTERFACE=<; 208.80.154.91 ; 2620:0:861:3:208:80:154:91 -<% if enable_imap_delivery == true then -%> -USERDB=/var/vmaildb/user.db -VMAIL=/var/vmail -DELIVER=/usr/lib/dovecot/deliver -NOT_LOCALLY_SUBMITTED=${if !match{$received_protocol}{\Nsmtpsa$\N}} - -<% end -%> <% if enable_mailman == true then -%> # Mailman MAILMAN_HOME = /usr/lib/mailman @@ -70,11 +63,7 @@ hostlist wikimedia_nets = <; <%= scope.lookupvar('network::constants::all_networks').join(" ; ") %> hostlist relay_from_hosts = <; @[] ; 127.0.0.1 ; ::1 ; <% if enable_mail_relay != false -%><%= scope.lookupvar('network::constants::external_networks').join(" ; ") %>; 10.0.0.0/8<% end %> -<% if enable_imap_delivery == true then -%> - -# Interfaces -daemon_smtp_ports = smtp : ssmtp -<% elsif enable_otrs_server == true then -%> +<% if enable_otrs_server == true then -%> # Interfaces daemon_smtp_ports = smtp @@ -130,14 +119,6 @@ # Malware scanning av_scanner = clamd:/var/run/clamav/clamd.ctl -<% end %> - -<% if enable_imap_delivery == true then -%> -# TLS -tls_certificate = /etc/ssl/certs/wikimedia.org.pem -tls_privatekey = /etc/ssl/private/wikimedia.org.key -tls_advertise_hosts = * -tls_on_connect_ports = 465 <% end %> # Other @@ -544,70 +525,6 @@ route_list = * iodine.wikimedia.org byname transport = remote_smtp <% end %> -<% if enable_imap_delivery == true then -%> -# Run a custom user filter, e.g. to sort mail into subfolders -# By default Exim filter CONFDIR/default_user_filter is run, -# which sorts mail classified spam into the Junk folder -user_filter: - driver = redirect - domains = +local_domains - condition = NOT_LOCALLY_SUBMITTED - router_home_directory = VMAIL/$domain/$local_part - address_data = ${lookup sqlite{USERDB \ - SELECT id, filter NOTNULL AS hasfilter \ - FROM account \ - WHERE localpart='${quote_sqlite:$local_part}' \ - AND domain='${quote_sqlite:$domain}' \ - AND active='1'}{$value}fail} - data = ${if eq{${extract{hasfilter}{$address_data}}}{1}{ \ - ${lookup sqlite{USERDB \ - SELECT filter \ - FROM account \ - WHERE id='${quote_sqlite:${extract{id}{$address_data}}}'}}} \ - {${readfile{CONFDIR/default_user_filter}}}} - allow_filter - forbid_filter_dlfunc - forbid_filter_existstest - forbid_filter_logwrite - forbid_filter_lookup - forbid_filter_perl - forbid_filter_readfile - forbid_filter_readsocket - forbid_filter_run - forbid_include - forbid_pipe - user = vmail - group = vmail - directory_transport = maildir_delivery - reply_transport = reply_transport - no_verify - -# Delivery to a Maildir mail box. -local_user: - driver = accept - domains = +local_domains - condition = NOT_LOCALLY_SUBMITTED - local_part_suffix = +* - local_part_suffix_optional - address_data = ${lookup sqlite{USERDB \ - SELECT id, quota \ - FROM account \ - WHERE localpart='${quote_sqlite:$local_part}' \ - AND domain='${quote_sqlite:$domain}' \ - AND active='1'}{$value}fail} - transport = maildir_delivery - transport_home_directory = VMAIL/$domain/$local_part - transport_current_directory = VMAIL - -# Bounce/auto-reply messages for users that have left -user_left: - driver = accept - domains = +local_domains - condition = NOT_LOCALLY_SUBMITTED - require_files = CONFDIR/userleft/$domain/$local_part - transport = left_message - -<% end %> <% if enable_mail_relay != false then -%> # Redirect postmaster@$domain if it hasn't been accepted before @@ -753,59 +670,6 @@ group = MAILMAN_GID #headers_rewrite = \N^.*@(mail\.)?wiki[mp]edia\.org$\N "${if exists{MAILMAN_LISTS_HOME/lists/$local_part/config.pck}{$local_p...@lists.wikimedia.org}fail}" ct -<% end %> -<% if enable_imap_delivery == true then -%> -# Delivery via Dovecot's "deliver" LDA. The advantage over using Exim's -# internal Maildir appendfile transport is that it can immediately update -# Dovecot's internal indexes for better performance. -dovecot_delivery: - driver = pipe - command = DELIVER -m ${extract{mailbox}{$address_data}{$value}{INBOX}} - log_output - return_fail_output - message_prefix = - message_suffix = - delivery_date_add - envelope_to_add - return_path_add - user = vmail - group = vmail - -# appendfile transport for Maildir delivery -maildir_delivery: - driver = appendfile - maildir_format - directory = ${if def:address_file{$address_file}{$home}} - create_directory - create_file = belowhome - delivery_date_add - envelope_to_add - return_path_add - user = vmail - group = vmail - - # Quota support - quota = ${if !eq{$received_protocol}{local}{${extract{quota}{$address_data}{${value}K}{0}}}} - quota_is_inclusive = false - quota_warn_threshold = 100% - quota_warn_message = ${expand:${readfile{CONFDIR/quota_warn_message}}} - maildir_use_size_file - maildir_quota_directory_regex = ^(?:cur|new|\.(?!Trash).*) - maildir_tag = ,S=$message_size - -# Autoreply bounce transport for users that have left the organization -left_message: - driver = autoreply - file = CONFDIR/userleft/$domain/$local_part - file_expand - return_message - from = Wikimedia Foundation <postmas...@wikimedia.org> - to = $sender_address - reply_to = off...@wikimedia.org - subject = User ${quote_local_part:$local_part}@$domain has left the organization: returning message to sender - -reply_transport: - driver = autoreply <% end %> # POST VERP bounce emails to a MediaWiki 'bouncehandler' API -- To view, visit https://gerrit.wikimedia.org/r/164940 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I7cd3461b12c12ceab739c9ea2ea0d851b29e252a Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Mark Bergsma <m...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits