[MediaWiki-commits] [Gerrit] begin puppetizing clamav for otrs - change (operations/puppet)
Jgreen has uploaded a new change for review.
https://gerrit.wikimedia.org/r/85209
Change subject: begin puppetizing clamav for otrs
..
begin puppetizing clamav for otrs
Change-Id: I14f85603595d21afbaa1d49f1a859eb158f04ba1
---
M manifests/mail.pp
M manifests/role/otrs.pp
2 files changed, 43 insertions(+), 14 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/09/85209/1
diff --git a/manifests/mail.pp b/manifests/mail.pp
index 7d4ed08..84f002c 100644
--- a/manifests/mail.pp
+++ b/manifests/mail.pp
@@ -136,20 +136,22 @@
# - $hold_domains:
# List of domains to hold on the queue without processing
class roled(
- $local_domains = [ +system_domains ],
- $enable_mail_relay=false,
- $enable_otrs_server=false,
- $enable_mailman=false,
- $enable_imap_delivery=false,
- $enable_mail_submission=false,
- $enable_external_mail=false,
- $smart_route_list=[],
- $mediawiki_relay=false,
- $rt_relay=false,
- $enable_spamassassin=false,
- $outbound_ips=[ $ipaddress ],
- $list_outbound_ips=[],
- $hold_domains=[] ) {
+ $enable_clamav=false,
+ $enable_external_mail=false,
+ $enable_imap_delivery=false,
+ $enable_mail_relay=false,
+ $enable_mail_submission=false,
+ $enable_mailman=false,
+ $enable_otrs_server=false,
+ $enable_spamassassin=false,
+ $hold_domains=[],
+ $list_outbound_ips=[],
+ $local_domains = [ +system_domains ],
+ $mediawiki_relay=false,
+ $outbound_ips=[ $ipaddress ],
+ $rt_relay=false,
+ $smart_route_list=[]
+) {
class { exim::config: install_type = heavy, queuerunner =
combined }
Class[exim::config] - Class[exim::roled]
@@ -255,9 +257,35 @@
if ( $enable_spamassassin == true ) {
Class[spamassassin] - Class[exim::roled]
}
+ if ( $enable_clamav == true ) {
+ include clamav
+ }
}
}
+# https://help.ubuntu.com/community/EximClamAV
+# /usr/share/doc/clamav-base/README.Debian.gz
+class clamav {
+
+ systemuser { clamav:
+ name = clamav,
+ groups = Debian-exim, # needed for exim integration
+ }
+
+ package { [ clamav-daemon ]:
+ ensure = latest;
+ # note: freshclam needs an initial manual run to fetch virus
definitions
+ # this takes several minutes to run
+ }
+
+ service { clamd:
+ require = [ File[/etc/clamav/clamd.conf],
Package[clamav-daemon] ],
+ subscribe = [ File[/etc/clamav/clamd.conf] ],
+ ensure = running;
+ }
+
+}
+
# SpamAssassin http://spamassassin.apache.org/
class spamassassin(
$required_score = '5.0',
diff --git a/manifests/role/otrs.pp b/manifests/role/otrs.pp
index c5bdcc7..b625937 100644
--- a/manifests/role/otrs.pp
+++ b/manifests/role/otrs.pp
@@ -80,6 +80,7 @@
}
class { 'exim::roled':
+enable_clamav = 'true',
enable_otrs_server = 'true',
enable_spamassassin = 'true',
enable_external_mail = 'true',
--
To view, visit https://gerrit.wikimedia.org/r/85209
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I14f85603595d21afbaa1d49f1a859eb158f04ba1
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Jgreen jgr...@wikimedia.org
___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
[MediaWiki-commits] [Gerrit] begin puppetizing clamav for otrs - change (operations/puppet)
Jgreen has submitted this change and it was merged.
Change subject: begin puppetizing clamav for otrs
..
begin puppetizing clamav for otrs
Change-Id: I14f85603595d21afbaa1d49f1a859eb158f04ba1
---
M manifests/mail.pp
M manifests/role/otrs.pp
2 files changed, 43 insertions(+), 14 deletions(-)
Approvals:
Jgreen: Checked; Looks good to me, approved
jenkins-bot: Verified
diff --git a/manifests/mail.pp b/manifests/mail.pp
index 7d4ed08..84f002c 100644
--- a/manifests/mail.pp
+++ b/manifests/mail.pp
@@ -136,20 +136,22 @@
# - $hold_domains:
# List of domains to hold on the queue without processing
class roled(
- $local_domains = [ +system_domains ],
- $enable_mail_relay=false,
- $enable_otrs_server=false,
- $enable_mailman=false,
- $enable_imap_delivery=false,
- $enable_mail_submission=false,
- $enable_external_mail=false,
- $smart_route_list=[],
- $mediawiki_relay=false,
- $rt_relay=false,
- $enable_spamassassin=false,
- $outbound_ips=[ $ipaddress ],
- $list_outbound_ips=[],
- $hold_domains=[] ) {
+ $enable_clamav=false,
+ $enable_external_mail=false,
+ $enable_imap_delivery=false,
+ $enable_mail_relay=false,
+ $enable_mail_submission=false,
+ $enable_mailman=false,
+ $enable_otrs_server=false,
+ $enable_spamassassin=false,
+ $hold_domains=[],
+ $list_outbound_ips=[],
+ $local_domains = [ +system_domains ],
+ $mediawiki_relay=false,
+ $outbound_ips=[ $ipaddress ],
+ $rt_relay=false,
+ $smart_route_list=[]
+) {
class { exim::config: install_type = heavy, queuerunner =
combined }
Class[exim::config] - Class[exim::roled]
@@ -255,9 +257,35 @@
if ( $enable_spamassassin == true ) {
Class[spamassassin] - Class[exim::roled]
}
+ if ( $enable_clamav == true ) {
+ include clamav
+ }
}
}
+# https://help.ubuntu.com/community/EximClamAV
+# /usr/share/doc/clamav-base/README.Debian.gz
+class clamav {
+
+ systemuser { clamav:
+ name = clamav,
+ groups = Debian-exim, # needed for exim integration
+ }
+
+ package { [ clamav-daemon ]:
+ ensure = latest;
+ # note: freshclam needs an initial manual run to fetch virus
definitions
+ # this takes several minutes to run
+ }
+
+ service { clamd:
+ require = [ File[/etc/clamav/clamd.conf],
Package[clamav-daemon] ],
+ subscribe = [ File[/etc/clamav/clamd.conf] ],
+ ensure = running;
+ }
+
+}
+
# SpamAssassin http://spamassassin.apache.org/
class spamassassin(
$required_score = '5.0',
diff --git a/manifests/role/otrs.pp b/manifests/role/otrs.pp
index c5bdcc7..b625937 100644
--- a/manifests/role/otrs.pp
+++ b/manifests/role/otrs.pp
@@ -80,6 +80,7 @@
}
class { 'exim::roled':
+enable_clamav = 'true',
enable_otrs_server = 'true',
enable_spamassassin = 'true',
enable_external_mail = 'true',
--
To view, visit https://gerrit.wikimedia.org/r/85209
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I14f85603595d21afbaa1d49f1a859eb158f04ba1
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Jgreen jgr...@wikimedia.org
Gerrit-Reviewer: Jgreen jgr...@wikimedia.org
Gerrit-Reviewer: jenkins-bot
___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
