cookbook 'postfix-dovecot', '~> 3.0.0'
postfix-dovecot (9) Versions 3.0.0 Follow9
Installs and configures a mail server using Postfix, Dovecot, PostfixAdmin and SpamAssassin, including Amazon SES support.
cookbook 'postfix-dovecot', '~> 3.0.0', :supermarket
knife supermarket install postfix-dovecot
knife supermarket download postfix-dovecot
Postfix Dovecot Cookbook
Installs and configures a mail server using Postfix, Dovecot, PostfixAdmin and SpamAssassin, including Amazon SES support.
Requirements
Supported Platforms
This cookbook has been tested on the following platforms:
- Amazon Linux
- CentOS
>= 6.0
- Debian
>= 7.0
- Fedora
>= 17.0
- Ubuntu
>= 12.04
Please, let us know if you use it successfully on any other platform.
Required Cookbooks
- chef-vault
- build-essential
- dovecot
- onddo-spamassassin
- postfixadmin
- postfix-full by Malte Swart
- ssl_certificate
- yum
Required Applications
- Dovecot
>= 2
: requires this version of dovecot to be available by the distribution's package manager - Chef
12.5
or higher. - Ruby
2.2
or higher.
Attributes
Attribute | Default | Description |
---|---|---|
node['postfix-dovecot']['postmaster_address'] |
'postmaster@foo.bar' |
Postmaster mail address. |
node['postfix-dovecot']['hostname'] |
node['fqdn'] |
Hostname. |
node['postfix-dovecot']['rbls'] |
[] |
Mail RBLs array. |
node['postfix-dovecot']['database']['type'] |
'mysql' |
Database type. Possible values are: 'mysql' , 'postgresql' (Please, see below). |
node['postfix-dovecot']['sieve']['enabled'] |
true |
Whether to enable sieve. |
node['postfix-dovecot']['sieve']['global_path'] |
"#{default['dovecot']['conf_path']}/sieve/default.sieve" |
Sieve global path. |
node['postfix-dovecot']['spamc']['enabled'] |
true |
Whether to enable SpamAssassin. |
node['postfix-dovecot']['spamc']['recipe'] |
'onddo-spamassassin' |
Spamc recipe name to use. |
node['postfix-dovecot']['vmail']['user'] |
'vmail' |
Virtual mail system user name. |
node['postfix-dovecot']['vmail']['group'] |
node['postfix-dovecot']['vmail']['user'] |
Virtual mail system group name. |
node['postfix-dovecot']['vmail']['uid'] |
5000 |
Virtual mail system user id. |
node['postfix-dovecot']['vmail']['gid'] |
node['postfix-dovecot']['vmail']['uid'] |
Virtual mail system group id. |
node['postfix-dovecot']['vmail']['home'] |
'/var/vmail' |
Virtual mail user home path. |
Amazon SES Attributes
You can use node['postfix-dovecot']['ses']['enabled']
to enable SES for sending emails.
Attribute | Default | Description |
---|---|---|
node['postfix-dovecot']['ses']['enabled'] |
false |
Whether to enable Amazon SES. |
node['postfix-dovecot']['ses']['source'] |
'attributes' |
Where to read the credentials from. Possible values: 'attributes' , 'chef-vault' . |
node['postfix-dovecot']['ses']['vault'] |
'amazon' |
Chef Vault bag to read SES credentials from. |
node['postfix-dovecot']['ses']['item'] |
'ses' |
Chef Vault item. |
node['postfix-dovecot']['ses']['region'] |
'us-east-1' |
Amazon AWS region, used to calculate the servers. |
node['postfix-dovecot']['ses']['servers'] |
calculated | Amazon SES SMTP servers array. |
node['postfix-dovecot']['ses']['username'] |
'USERNAME' |
SES SMTP username. See Obtaining Your Amazon SES SMTP Credentials documentation. |
node['postfix-dovecot']['ses']['password'] |
'PASSWORD' |
Amazon SES SMTP password. |
When Chef Vault is disabled in node['postfix-dovecot']['ses']['source']
, this is the default behavior, the credentials are read from ['username']
and ['password']
attributes.
When credentials should be read using chef-vault
, the Chef Vault bag must have the following structure:
{ "username": "AMAZON_USERNAME", "password": "AMAZON_PASSWORD" }
See the Chef-Vault documentation to learn how to create chef-vault bags.
The SSL Certificate
This cookbook uses the ssl_certificate
cookbook to create the SSL certificate. The namespace used is node['postfix-dovecot']
. For example:
node.default['postfix-dovecot']['common_name'] = 'mail.example.com' include_recipe 'postfix-dovecot'
This certificate is used for Postfix and Dovecot. For PostfixAdmin, you should use the node['postfixadmin']
namespace.
You can also tweak the supported SSL ciphers setting the node['ssl_certificate']['service']['compatibility']
attribute:
node.default['ssl_certificate']['service']['compatibility'] = :modern include_recipe 'postfix-dovecot'
See the ssl_certificate
namespace documentation for more information.
Recipes
postfix-dovecot::default
Installs and configures everything.
postfix-dovecot::vmail
Creates vmail user.
postfix-dovecot::spam
Installs and configures SpamAssassin.
postfix-dovecot::postfix
Installs and configures Postfix.
postfix-dovecot::postfix_mysql
Installs Postfix package with MySQL support. Used by the postfix-dovecot::postfix
recipe.
postfix-dovecot::postfix_postgresql
Installs Postfix package with PostgreSQL support. Used by the postfix-dovecot::postfix
recipe.
postfix-dovecot::postfixadmin
Installs and configures PostfixAdmin.
postfix-dovecot::dovecot
Installs and configures Dovecot 2.
Usage Examples
Including in a Cookbook Recipe
Running it from a recipe:
node['postfix-dovecot']['postmaster_address'] = 'postmaster@foobar.com' node['postfix-dovecot']['hostname'] = 'mail.foobar.com' include_recipe 'postfix-dovecot::default' postfixadmin_admin 'admin@admindomain.com' do password 'sup3r-s3cr3t-p4ss' action :create end postfixadmin_domain 'foobar.com' do login_username 'admin@admindomain.com' login_password 'sup3r-s3cr3t-p4ss' end postfixadmin_mailbox 'bob@foobar.com' do password 'alice' login_username 'admin@admindomain.com' login_password 'sup3r-s3cr3t-p4ss' end postfixadmin_alias 'billing@foobar.com' do goto 'bob@foobar.com' login_username 'admin@admindomain.com' login_password 'sup3r-s3cr3t-p4ss' end
Don't forget to include the postfix-dovecot
cookbook as a dependency in the metadata.
# metadata.rb # [...] depends 'postfix-dovecot'
Including in the Run List
Another alternative is to include the default recipe in your Run List.
{ "name": "mail.example.com", "[...]": "[...]", "run_list": [ "[...]", "recipe[postfix-dovecot]" ] }
Enabling Some RBLs
You can enable some RBLs to avoid spam:
node.default['postfix-dovecot']['rbls'] = %w( dnsbl.sorbs.net zen.spamhaus.org bl.spamcop.net cbl.abuseat.org ) include_recipe 'postfix-dovecot::default'
PostgreSQL Support
PostgreSQL support should be considered experimental at the moment. Use at your own risk.
Any feedback you can provide regarding the PostgreSQL support will be greatly appreciated.
PostgreSQL Support on CentOS and Fedora
The latest CentOS and Fedora versions come without PostgreSQL support in their Postfix package. So we need to recompile it using the SRPM, enabling the PostgreSQL support.
The postfix-dovecot::postfix_postgresql
recipe takes care of it transparently. This recipe has been tested using test-kitchen
, but it may not work for all cases. This code has been tested in the following platforms:
- CentOS
6.5
and7.0
- Fedora
19
and20
.
Please, let us know if you use PostgreSQL support successfully on any other platform.
PostgreSQL Support on Amazon Linux
Support for PostgreSQL on Amazon Linux is still not finished because of the need to patch the provided SRPM. Its implementation would require a little monkey-patching.
Please, open an issue if you need the support of PostgreSQL on Amazon Linux.
PostgreSQL Versions < 9.3
If you are using PostgreSQL version < 9.3
, you may need to adjust the shmmax
and shmall
kernel parameters to configure the shared memory. You can see [the example used for the integration tests](test/cookbooks/postfix-dovecot_test/recipes/postgresql_memory.rb).
PostgreSQL Support Related Attributes
Some cookbook attributes are used internally to add PostgreSQL support. They can make your journey smoother if you need to improve PostgreSQL support.
Attribute | Default | Description |
---|---|---|
node['postfix-dovecot']['yum'] |
calculated | A list of yum repositories to add to include the source SRPMs. |
node['postfix-dovecot']['postfix']['srpm']['packages'] |
calculated | Packages required for compiling Postfix from sources. |
node['postfix-dovecot']['postfix']['srpm']['rpm_regexp'] |
calculated | An array with two values, a pattern and a replacement. This Regexp is used to get the final Postfix RPM name from the SRPM name. |
node['postfix-dovecot']['postfix']['srpm']['rpm_build_args'] |
calculated | A string with the arguments to pass to rpmbuild application. Normally contains the required option to enable PostgreSQL in the Postfix SRPM. |
See the attributes/postfix_postgresql.rb file for default examples.
Please do not hesitate to make a PR if you improve the PostgreSQL support ;-)
Testing
See TESTING.md.
Contributing
Please do not hesitate to open an issue with any questions or problems.
See CONTRIBUTING.md.
TODO
See TODO.md.
License and Author
Author: | Xabier de Zuazo (xabier@zuazo.org) |
Contributor: | Uwe Stuehler |
Copyright: | Copyright (c) 2015, Xabier de Zuazo |
Copyright: | Copyright (c) 2014-2015, Onddo Labs, SL. |
License: | Apache License, Version 2.0 |
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Dependent cookbooks
chef-vault ~> 2.0 |
build-essential ~> 8.0 |
dovecot ~> 3.0 |
onddo-spamassassin ~> 2.0 |
postfixadmin ~> 3.0 |
postfix-full ~> 0.1 |
ssl_certificate ~> 2.0 |
yum ~> 5.0 |
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
Change Log
All notable changes to the postfix-dovecot
cookbook will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
3.0.0 - 2017-03-14
Added
- metadata: Add
chef_version
. - README: Add github and license badges.
Changed
- Update some cookbook versions:
-
chef-vault
from1
to2
. -
dovecot
from2
to3
. -
postfixadmin
from2
to3
(fixes issue #7, thanks Arunderwood for reporting). -
ssl_certificate
from1
to2
. -
onddo-spamassassin
from1
to2
. -
yum
from3
to5
.
-
- Dovecot: enable SSL explicitly.
- Update RuboCop to version
0.40
and fix new offenses. - CHANGELOG: Follow "Keep a CHANGELOG".
Removed
- Drop Chef
< 12.5
support. - Drop Ruby
< 2.2
support. - Metadata: Remove grouping (RFC-85).
- Remove
postfix_full
recipe. - README: Remove documentation about locale (old).
Fixed
- Fix CentOS 7 and Scientific support with PostgreSQL.
- Fix PostgreSQL support on CentOS and Fedora.
- Fix Chef
13
deprecation warnings.
2.0.1 - 2015-09-03
Fixed
- Fix typo in
-f
argument to/usr/lib/dovecot/deliver
(issue #5, thanks Uwe Stuehler).
2.0.0 - 2015-08-22
Changed
- Update the
postfixadmin
cookbook to version2
(See thepostfixadmin
cookbook CHANGELOG for the update process). - Update
onddo-spamassassin
cookbook to version1
(See thepostfixadmin
cookbook CHANGELOG for the update process). - Update chef links to use chef.io domain.
- Update contact information and links after migration.
- Update RuboCop to
0.33.0
.
Added
- metadata: Add
source_url
andissues_url
. - README: Put the cookbook name in the title.
1.2.0 - 2015-01-09
Added
- Add Dovecot SSL certificate generation.
- Integrate with
ssl_certificate
cookbook version1.2
.
Changed
- Gemfile: Update RuboCop to
0.28.0
.
Fixed
- metadata: Fix attributes default types.
- README: Fix some typos and update Supermarket links.
1.1.0 - 2014-11-09
Added
- Add RBL support.
- Allow postfix configuration (tables and master.cf) to be modfied easily.
- Create Postfix tables directory, required by SES.
Changed
- Improve SES support:
- Read the SES credentials from chef vault bag.
- Add
node['postfix-dovecot']['ses']['region']
attribute. - Update SES servers.
- metadata: update to use
dovecot
cookbook version2
. - Simplify
smtp_tls_CAfile
attribute case. - Homogenize license headers.
- README:
- Use single quotes in examples.
- Use markdown tables.
- Fix Usage Examples title.
Fixed
-
::dovecot
recipe: Fix password reading with encrypt attributes enabled. - Fix new RuboCop offenses.
1.0.0 - 2014-10-07
Added
- Integrate with
ssl_certificate
cookbook. - Add PostgreSQL support.
Changed
- Rename
::postfix_full
recipe to::postfix
. - Update to work with
postfixadmin
cookbook1.0.0
. - Improve Postfix chroot file creation, based on
postfix-full
master code. - Set
common_name
for PostfixAdmin and Postfix SSL certs. - metadata: use pessimistic version constraints.
- Use
#default_unless
instead of#set_unless
. -
::postfixadmin
recipe: remove#set_unless
usage. - README:
- Separate README file in multiple files.
- Add some badges.
- Some small documentation fixes.
Removed
- Drop Ruby
< 1.9.3
support. - Drop Chef
< 11.14.2
support.
Fixed
- Fix hostname attribute default value when FQDN is not set.
- Fix all RuboCop offenses.
0.3.0 - 2014-09-14
Added
- Ensure /etc/mailname file creation.
- Add Fedora and Amazon Linux support.
Changed
- Depends on
postfixadmin
cookbook version< 1.0.0
. - README: Amazon SES Tests section: KITCHEN_LOCAL_YAML variable value fixed.
0.2.0 - 2013-08-09
Added
- Add Amazon SES support.
- Add SES tests.
Fixed
- Fix resolv.conf inside chroot in CentOS.
0.1.0 - 2013-06-16
- Initial release of
postfix-dovecot
.
Collaborator Number Metric
3.0.0 failed this metric
Failure: Cookbook has 1 collaborators. A cookbook must have at least 2 collaborators to pass this metric.
Contributing File Metric
3.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
3.0.0 failed this metric
FC069: Ensure standardized license defined in metadata: postfix-dovecot/metadata.rb:1
FC072: Metadata should not contain "attribute" keyword: postfix-dovecot/metadata.rb:1
FC121: Cookbook depends on cookbook made obsolete by Chef 14: postfix-dovecot/metadata.rb:1
FC122: Use the build_essential resource instead of the recipe: postfix-dovecot/recipes/postfix_postgresql.rb:27
Run with Foodcritic Version 16.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
No Binaries Metric
3.0.0 passed this metric
Testing File Metric
3.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
3.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
3.0.0 failed this metric
3.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
3.0.0 failed this metric
FC069: Ensure standardized license defined in metadata: postfix-dovecot/metadata.rb:1
FC072: Metadata should not contain "attribute" keyword: postfix-dovecot/metadata.rb:1
FC121: Cookbook depends on cookbook made obsolete by Chef 14: postfix-dovecot/metadata.rb:1
FC122: Use the build_essential resource instead of the recipe: postfix-dovecot/recipes/postfix_postgresql.rb:27
Run with Foodcritic Version 16.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
No Binaries Metric
3.0.0 passed this metric
Testing File Metric
3.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
3.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
3.0.0 failed this metric
FC072: Metadata should not contain "attribute" keyword: postfix-dovecot/metadata.rb:1
FC121: Cookbook depends on cookbook made obsolete by Chef 14: postfix-dovecot/metadata.rb:1
FC122: Use the build_essential resource instead of the recipe: postfix-dovecot/recipes/postfix_postgresql.rb:27
Run with Foodcritic Version 16.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
3.0.0 passed this metric
Testing File Metric
3.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
3.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
3.0.0 failed this metric
3.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number