Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status

RSS

opendkim-milter (5) Versions 1.0.10

Installs/Configures opendkim-milter

Policyfile
Berkshelf
Knife
cookbook 'opendkim-milter', '~> 1.0.10', :supermarket
cookbook 'opendkim-milter', '~> 1.0.10'
knife supermarket install opendkim-milter
knife supermarket download opendkim-milter
README
Dependencies
Changelog
Quality 33%

opendkim-milter Cookbook

Build Status
Cookbook Version

This cookbook allow to install and configure opendkim milter in many RedHat and Debian alike linux distributions.
Unlike many other implementations this one allows full flexibility in configuration and even provide a possibility to run
multiple instances of Opendkim - for instance signer and verifier as separate instances.

Attributes

  • node['opendkim-milter']['package'] - name of the package to be installed. Defaults to opendkim and normaly doesn't need to be changed
  • node['opendkim-milter']['services'] - hash with configuration for milters. Key of the hash is the name of the service, the hash with parameters described bellow

Services configuration

Each hash with parameters can contain the following fields:

  • service_name - string with the name for systemd service if it is needed to be different from the key pointing to this configuration
  • config - hash in format key: value with all necessary configuration directives for Opendkim. This configuration will be saved to file /etc/opendkim/service_name.conf
  • base_path - optional, defaults to /etc/opendkim. Gives a possibility to choose another location for configuration files.
  • user_targets - array, optional, allows to specify additional systemd targets that needs to be started before opendkim service. Useful if database is used in configuration for instance. See examples bellow.
  • user_options - array, optional, provides list of additional options for the opendkim. See examples bellow.
  • owner - string, optional, defaults to opendkim. Allows to run opendkim service as another user.
  • group - string, optional, defaults to opendkim. Allows to run opendkim service with different group, for instance postfix
  • databag_defaults - hash, optional. Contains the default values for databag_files items. It allows to specify common for all databag files parameters in one place only. See examples bellow.
  • databag_files - optional, hash with keys and other additional files that needs to be fetched from (encrypted) databag or chef-vault. Key of the hash is the path name of the file relative to base_path. The value is also hash with 3 essentional and 1 optional fields:
    • databag - name of the databag or vault
    • item - name of the item in databag or vault
    • field - name of the field in databag item
    • mode - optional, defaults to 0640, access mode for the file
  • config_files - optional, hash with keys and other additional files which provided directly via attributes.
    Key of the hash is the path name of the file relative to base_path. The value can be string, array or hash of key: value pairs. String is directly placed to the file, array represents multiline file with each element is a separate file line, each hash pair will be placed to separate file line, key/value separator is space.
  • key_files - fully similar to config_files, but deploys the files with access mode 400 instead of 640.

Examples

{
  "opendkim-milter": {
    "services": {
      "verifier": {
        "config": {
          "PidFile":          "/var/run/opendkim/verifier.pid",
          "Mode":             "v",
          "Syslog":           "yes",
          "SyslogSuccess":    "yes",
          "LogWhy":           "yes",
          "UserID":           "opendkim:postfix",
          "Socket":           "local:/var/run/opendkim/verifier.sock",
          "Umask":            "007",
          "OversignHeaders":  "From",
        },
        "group": "postfix",
        "user_targets": ["mysql.target"]
      },
      "signer": {
        "config": {
          "PidFile":          "/var/run/opendkim/signer.pid",
          "Mode":             "s",
          "Syslog":           "yes",
          "SyslogSuccess":    "yes",
          "LogWhy":           "yes",
          "UserID":           "opendkim:opendkim",
          "Socket":           "local:/var/run/opendkim/signer.sock",
          "Umask":            "007",
          "OversignHeaders":  "From",
          "Canonicalization": "relaxed/simple",
          "InternalHosts":    "refile:/etc/opendkim/TrustedHosts",
          "KeyTable":         "refile:/etc/opendkim/KeyTable",
          "SigningTable":     "refile:/etc/opendkim/SigningTable",
          "SignatureAlgorithm": "rsa-sha256",
        },
        "config_files": {
          "TrustedHosts": ["127.0.0.1", "::1"],
          "KeyTable": {
            "default._domainkey.example.com": "example.com:default:/etc/opendkim/keys/example.private",
            "default._domainkey.test.com": "test.com:default:/etc/opendkim/keys/test.private"
          },
          "SigningTable": {
            "*@example.com": "default._domainkey.example.com",
            "*@test.com": "default._domainkey.test.com"
          }
        },
        "key_files": {
          "keys/default.private": "file content as string, array or hash"
        },
        "databag_defaults": {
          "databag": "dkimkeys",
          "item": "example",
          "field": "key",
          "mode": "0660"
        },
        "databag_files": {
          "keys/example.private": {
            "field": "content",
            "mode": "0600"
          },
          "keys/test.private": {
            "item": "test"
          }
        }
      }
    }
  }
}

Note: the examples above are for demonstration of cookbook usage and do not pretend to be correct opendkim configuration.

Recipes

There are only 2 recipes
- default - the main one, which install the services accordingly to provided configuration
- install - called by default if no opendkim package is installed. Note that on RHEL and its derivates (CentOS, Amazonlinux) it also installs EPEL repo using yum-epel cookbook.

Resources

If desirable it is possible to set node['opendkim-milter']['services'] to empty hash and use only provided LWPR.
The resource name is opendkim_milter and meaning of all its properties described above. Here is small example:

opendkim_milter 'my_own_milter' do
  service_name  'verifier'
  base_path     '/opt/dkim'
  config        my_config_hash
  user_targets  ['mysql.target']
  owner         'postfix'
  group         'postfix'
  databag_files my_dkim_keys
  config_files  my_dkim_files
end

License & Authors

Copyright 2018-2019, Stanislav Voroniy

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

Dependent cookbooks

chef-vault >= 0.0.0
yum-epel >= 0.0.0

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

opendkim-milter CHANGELOG

This file is used to list changes made in each version of the opendkim-milter cookbook.

0.1.0

Initial release.

  • change 0
  • change 1

Collaborator Number Metric
            

1.0.10 failed this metric

Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric
            

1.0.10 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file

Foodcritic Metric
            

1.0.10 passed this metric

No Binaries Metric
            

1.0.10 passed this metric

Testing File Metric
            

1.0.10 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file

Version Tag Metric
            

1.0.10 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number