cookbook 'opendkim-milter', '~> 1.0.10'
opendkim-milter (5) Versions 1.0.10 Follow0
Installs/Configures opendkim-milter
cookbook 'opendkim-milter', '~> 1.0.10', :supermarket
knife supermarket install opendkim-milter
knife supermarket download opendkim-milter
opendkim-milter Cookbook
This cookbook allow to install and configure opendkim milter in many RedHat and Debian alike linux distributions.
Unlike many other implementations this one allows full flexibility in configuration and even provide a possibility to run
multiple instances of Opendkim - for instance signer and verifier as separate instances.
Attributes
-
node['opendkim-milter']['package']
- name of the package to be installed. Defaults toopendkim
and normaly doesn't need to be changed -
node['opendkim-milter']['services']
- hash with configuration for milters. Key of the hash is the name of the service, the hash with parameters described bellow
Services configuration
Each hash with parameters can contain the following fields:
-
service_name
- string with the name for systemd service if it is needed to be different from the key pointing to this configuration -
config
- hash in formatkey: value
with all necessary configuration directives for Opendkim. This configuration will be saved to file /etc/opendkim/service_name
.conf -
base_path
- optional, defaults to/etc/opendkim
. Gives a possibility to choose another location for configuration files. -
user_targets
- array, optional, allows to specify additional systemd targets that needs to be started before opendkim service. Useful if database is used in configuration for instance. See examples bellow. -
user_options
- array, optional, provides list of additional options for the opendkim. See examples bellow. -
owner
- string, optional, defaults toopendkim
. Allows to run opendkim service as another user. -
group
- string, optional, defaults toopendkim
. Allows to run opendkim service with different group, for instancepostfix
-
databag_defaults
- hash, optional. Contains the default values fordatabag_files
items. It allows to specify common for all databag files parameters in one place only. See examples bellow. -
databag_files
- optional, hash with keys and other additional files that needs to be fetched from (encrypted) databag or chef-vault. Key of the hash is the path name of the file relative tobase_path
. The value is also hash with 3 essentional and 1 optional fields:-
databag
- name of the databag or vault -
item
- name of the item in databag or vault -
field
- name of the field in databag item -
mode
- optional, defaults to0640
, access mode for the file
-
-
config_files
- optional, hash with keys and other additional files which provided directly via attributes.
Key of the hash is the path name of the file relative tobase_path
. The value can be string, array or hash ofkey: value
pairs. String is directly placed to the file, array represents multiline file with each element is a separate file line, each hash pair will be placed to separate file line, key/value separator is space. -
key_files
- fully similar toconfig_files
, but deploys the files with access mode 400 instead of 640.
Examples
{ "opendkim-milter": { "services": { "verifier": { "config": { "PidFile": "/var/run/opendkim/verifier.pid", "Mode": "v", "Syslog": "yes", "SyslogSuccess": "yes", "LogWhy": "yes", "UserID": "opendkim:postfix", "Socket": "local:/var/run/opendkim/verifier.sock", "Umask": "007", "OversignHeaders": "From", }, "group": "postfix", "user_targets": ["mysql.target"] }, "signer": { "config": { "PidFile": "/var/run/opendkim/signer.pid", "Mode": "s", "Syslog": "yes", "SyslogSuccess": "yes", "LogWhy": "yes", "UserID": "opendkim:opendkim", "Socket": "local:/var/run/opendkim/signer.sock", "Umask": "007", "OversignHeaders": "From", "Canonicalization": "relaxed/simple", "InternalHosts": "refile:/etc/opendkim/TrustedHosts", "KeyTable": "refile:/etc/opendkim/KeyTable", "SigningTable": "refile:/etc/opendkim/SigningTable", "SignatureAlgorithm": "rsa-sha256", }, "config_files": { "TrustedHosts": ["127.0.0.1", "::1"], "KeyTable": { "default._domainkey.example.com": "example.com:default:/etc/opendkim/keys/example.private", "default._domainkey.test.com": "test.com:default:/etc/opendkim/keys/test.private" }, "SigningTable": { "*@example.com": "default._domainkey.example.com", "*@test.com": "default._domainkey.test.com" } }, "key_files": { "keys/default.private": "file content as string, array or hash" }, "databag_defaults": { "databag": "dkimkeys", "item": "example", "field": "key", "mode": "0660" }, "databag_files": { "keys/example.private": { "field": "content", "mode": "0600" }, "keys/test.private": { "item": "test" } } } } } }
Note: the examples above are for demonstration of cookbook usage and do not pretend to be correct opendkim configuration.
Recipes
There are only 2 recipes
- default
- the main one, which install the services accordingly to provided configuration
- install
- called by default if no opendkim
package is installed. Note that on RHEL and its derivates (CentOS, Amazonlinux) it also installs EPEL repo using yum-epel
cookbook.
Resources
If desirable it is possible to set node['opendkim-milter']['services']
to empty hash and use only provided LWPR.
The resource name is opendkim_milter
and meaning of all its properties described above. Here is small example:
opendkim_milter 'my_own_milter' do service_name 'verifier' base_path '/opt/dkim' config my_config_hash user_targets ['mysql.target'] owner 'postfix' group 'postfix' databag_files my_dkim_keys config_files my_dkim_files end
License & Authors
- Author:: Stanislav Voroniy (stas@voroniy.com)
Copyright 2018-2019, Stanislav Voroniy Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Dependent cookbooks
chef-vault >= 0.0.0 |
yum-epel >= 0.0.0 |
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
opendkim-milter CHANGELOG
This file is used to list changes made in each version of the opendkim-milter cookbook.
0.1.0
Initial release.
- change 0
- change 1
Collaborator Number Metric
1.0.10 failed this metric
Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.
Contributing File Metric
1.0.10 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
1.0.10 passed this metric
No Binaries Metric
1.0.10 passed this metric
Testing File Metric
1.0.10 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
1.0.10 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
1.0.10 failed this metric
1.0.10 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
1.0.10 passed this metric
No Binaries Metric
1.0.10 passed this metric
Testing File Metric
1.0.10 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
1.0.10 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
1.0.10 passed this metric
1.0.10 passed this metric
Testing File Metric
1.0.10 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
1.0.10 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
1.0.10 failed this metric
1.0.10 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number