Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

RSS

postfix-dovecot (9) Versions 3.0.0

Installs and configures a mail server using Postfix, Dovecot, PostfixAdmin and SpamAssassin, including Amazon SES support.

Berkshelf/Librarian
Policyfile
Knife
cookbook 'postfix-dovecot', '~> 3.0.0'
cookbook 'postfix-dovecot', '~> 3.0.0', :supermarket
knife cookbook site install postfix-dovecot
knife cookbook site download postfix-dovecot
README
Dependencies
Changelog
Quality 78%

Postfix Dovecot Cookbook

GitHub License

Cookbook Version Dependency Status Build Status

Installs and configures a mail server using Postfix, Dovecot, PostfixAdmin and SpamAssassin, including Amazon SES support.

Requirements

Supported Platforms

This cookbook has been tested on the following platforms:

  • Amazon Linux
  • CentOS >= 6.0
  • Debian >= 7.0
  • Fedora >= 17.0
  • Ubuntu >= 12.04

Please, let us know if you use it successfully on any other platform.

Required Cookbooks

Required Applications

  • Dovecot >= 2: requires this version of dovecot to be available by the distribution's package manager
  • Chef 12.5 or higher.
  • Ruby 2.2 or higher.

Attributes

Attribute Default Description
node['postfix-dovecot']['postmaster_address'] 'postmaster@foo.bar' Postmaster mail address.
node['postfix-dovecot']['hostname'] node['fqdn'] Hostname.
node['postfix-dovecot']['rbls'] [] Mail RBLs array.
node['postfix-dovecot']['database']['type'] 'mysql' Database type. Possible values are: 'mysql', 'postgresql' (Please, see below).
node['postfix-dovecot']['sieve']['enabled'] true Whether to enable sieve.
node['postfix-dovecot']['sieve']['global_path'] "#{default['dovecot']['conf_path']}/sieve/default.sieve" Sieve global path.
node['postfix-dovecot']['spamc']['enabled'] true Whether to enable SpamAssassin.
node['postfix-dovecot']['spamc']['recipe'] 'onddo-spamassassin' Spamc recipe name to use.
node['postfix-dovecot']['vmail']['user'] 'vmail' Virtual mail system user name.
node['postfix-dovecot']['vmail']['group'] node['postfix-dovecot']['vmail']['user'] Virtual mail system group name.
node['postfix-dovecot']['vmail']['uid'] 5000 Virtual mail system user id.
node['postfix-dovecot']['vmail']['gid'] node['postfix-dovecot']['vmail']['uid'] Virtual mail system group id.
node['postfix-dovecot']['vmail']['home'] '/var/vmail' Virtual mail user home path.

Amazon SES Attributes

You can use node['postfix-dovecot']['ses']['enabled'] to enable SES for sending emails.

Attribute Default Description
node['postfix-dovecot']['ses']['enabled'] false Whether to enable Amazon SES.
node['postfix-dovecot']['ses']['source'] 'attributes' Where to read the credentials from. Possible values: 'attributes', 'chef-vault'.
node['postfix-dovecot']['ses']['vault'] 'amazon' Chef Vault bag to read SES credentials from.
node['postfix-dovecot']['ses']['item'] 'ses' Chef Vault item.
node['postfix-dovecot']['ses']['region'] 'us-east-1' Amazon AWS region, used to calculate the servers.
node['postfix-dovecot']['ses']['servers'] calculated Amazon SES SMTP servers array.
node['postfix-dovecot']['ses']['username'] 'USERNAME' SES SMTP username. See Obtaining Your Amazon SES SMTP Credentials documentation.
node['postfix-dovecot']['ses']['password'] 'PASSWORD' Amazon SES SMTP password.

When Chef Vault is disabled in node['postfix-dovecot']['ses']['source'], this is the default behavior, the credentials are read from ['username'] and ['password'] attributes.

When credentials should be read using chef-vault, the Chef Vault bag must have the following structure:

{
  "username": "AMAZON_USERNAME",
  "password": "AMAZON_PASSWORD"
}

See the Chef-Vault documentation to learn how to create chef-vault bags.

The SSL Certificate

This cookbook uses the ssl_certificate cookbook to create the SSL certificate. The namespace used is node['postfix-dovecot']. For example:

node.default['postfix-dovecot']['common_name'] = 'mail.example.com'
include_recipe 'postfix-dovecot'

This certificate is used for Postfix and Dovecot. For PostfixAdmin, you should use the node['postfixadmin'] namespace.

You can also tweak the supported SSL ciphers setting the node['ssl_certificate']['service']['compatibility'] attribute:

node.default['ssl_certificate']['service']['compatibility'] = :modern

include_recipe 'postfix-dovecot'

See the ssl_certificate namespace documentation for more information.

Recipes

postfix-dovecot::default

Installs and configures everything.

postfix-dovecot::vmail

Creates vmail user.

postfix-dovecot::spam

Installs and configures SpamAssassin.

postfix-dovecot::postfix

Installs and configures Postfix.

postfix-dovecot::postfix_mysql

Installs Postfix package with MySQL support. Used by the postfix-dovecot::postfix recipe.

postfix-dovecot::postfix_postgresql

Installs Postfix package with PostgreSQL support. Used by the postfix-dovecot::postfix recipe.

postfix-dovecot::postfixadmin

Installs and configures PostfixAdmin.

postfix-dovecot::dovecot

Installs and configures Dovecot 2.

Usage Examples

Including in a Cookbook Recipe

Running it from a recipe:

node['postfix-dovecot']['postmaster_address'] = 'postmaster@foobar.com'
node['postfix-dovecot']['hostname'] = 'mail.foobar.com'

include_recipe 'postfix-dovecot::default'

postfixadmin_admin 'admin@admindomain.com' do
  password 'sup3r-s3cr3t-p4ss'
  action :create
end

postfixadmin_domain 'foobar.com' do
  login_username 'admin@admindomain.com'
  login_password 'sup3r-s3cr3t-p4ss'
end

postfixadmin_mailbox 'bob@foobar.com' do
  password 'alice'
  login_username 'admin@admindomain.com'
  login_password 'sup3r-s3cr3t-p4ss'
end

postfixadmin_alias 'billing@foobar.com' do
  goto 'bob@foobar.com'
  login_username 'admin@admindomain.com'
  login_password 'sup3r-s3cr3t-p4ss'
end

Don't forget to include the postfix-dovecot cookbook as a dependency in the metadata.

# metadata.rb
# [...]

depends 'postfix-dovecot'

Including in the Run List

Another alternative is to include the default recipe in your Run List.

{
  "name": "mail.example.com",
  "[...]": "[...]",
  "run_list": [
    "[...]",
    "recipe[postfix-dovecot]"
  ]
}

Enabling Some RBLs

You can enable some RBLs to avoid spam:

node.default['postfix-dovecot']['rbls'] = %w(
  dnsbl.sorbs.net
  zen.spamhaus.org
  bl.spamcop.net
  cbl.abuseat.org
)
include_recipe 'postfix-dovecot::default'

PostgreSQL Support

PostgreSQL support should be considered experimental at the moment. Use at your own risk.

Any feedback you can provide regarding the PostgreSQL support will be greatly appreciated.

PostgreSQL Support on CentOS and Fedora

The latest CentOS and Fedora versions come without PostgreSQL support in their Postfix package. So we need to recompile it using the SRPM, enabling the PostgreSQL support.

The postfix-dovecot::postfix_postgresql recipe takes care of it transparently. This recipe has been tested using test-kitchen, but it may not work for all cases. This code has been tested in the following platforms:

  • CentOS 6.5 and 7.0
  • Fedora 19 and 20.

Please, let us know if you use PostgreSQL support successfully on any other platform.

PostgreSQL Support on Amazon Linux

Support for PostgreSQL on Amazon Linux is still not finished because of the need to patch the provided SRPM. Its implementation would require a little monkey-patching.

Please, open an issue if you need the support of PostgreSQL on Amazon Linux.

PostgreSQL Versions < 9.3

If you are using PostgreSQL version < 9.3, you may need to adjust the shmmax and shmall kernel parameters to configure the shared memory. You can see the example used for the integration tests.

Some cookbook attributes are used internally to add PostgreSQL support. They can make your journey smoother if you need to improve PostgreSQL support.

Attribute Default Description
node['postfix-dovecot']['yum'] calculated A list of yum repositories to add to include the source SRPMs.
node['postfix-dovecot']['postfix']['srpm']['packages'] calculated Packages required for compiling Postfix from sources.
node['postfix-dovecot']['postfix']['srpm']['rpm_regexp'] calculated An array with two values, a pattern and a replacement. This Regexp is used to get the final Postfix RPM name from the SRPM name.
node['postfix-dovecot']['postfix']['srpm']['rpm_build_args'] calculated A string with the arguments to pass to rpmbuild application. Normally contains the required option to enable PostgreSQL in the Postfix SRPM.

See the attributes/postfix_postgresql.rb file for default examples.

Please do not hesitate to make a PR if you improve the PostgreSQL support ;-)

Testing

See TESTING.md.

Contributing

Please do not hesitate to open an issue with any questions or problems.

See CONTRIBUTING.md.

TODO

See TODO.md.

License and Author

Author: Xabier de Zuazo (xabier@zuazo.org)
Contributor: Uwe Stuehler
Copyright: Copyright (c) 2015, Xabier de Zuazo
Copyright: Copyright (c) 2014-2015, Onddo Labs, SL.
License: Apache License, Version 2.0
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

Dependent cookbooks

yum ~> 5.0
ssl_certificate ~> 2.0
postfix-full ~> 0.1
postfixadmin ~> 3.0
onddo-spamassassin ~> 2.0
dovecot ~> 3.0
build-essential ~> 8.0
chef-vault ~> 2.0

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

Change Log

All notable changes to the postfix-dovecot cookbook will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

3.0.0 - 2017-03-14

Added

  • metadata: Add chef_version.
  • README: Add github and license badges.

Changed

  • Update some cookbook versions:
    • chef-vault from 1 to 2.
    • dovecot from 2 to 3.
    • postfixadmin from 2 to 3 (fixes issue #7, thanks Arunderwood for reporting).
    • ssl_certificate from 1 to 2.
    • onddo-spamassassin from 1 to 2.
    • yum from 3 to 5.
  • Dovecot: enable SSL explicitly.
  • Update RuboCop to version 0.40 and fix new offenses.
  • CHANGELOG: Follow "Keep a CHANGELOG".

Removed

  • Drop Chef < 12.5 support.
  • Drop Ruby < 2.2 support.
  • Metadata: Remove grouping (RFC-85).
  • Remove postfix_full recipe.
  • README: Remove documentation about locale (old).

Fixed

  • Fix CentOS 7 and Scientific support with PostgreSQL.
  • Fix PostgreSQL support on CentOS and Fedora.
  • Fix Chef 13 deprecation warnings.

2.0.1 - 2015-09-03

Fixed

2.0.0 - 2015-08-22

Changed

Added

  • metadata: Add source_url and issues_url.
  • README: Put the cookbook name in the title.

1.2.0 - 2015-01-09

Added

  • Add Dovecot SSL certificate generation.
  • Integrate with ssl_certificate cookbook version 1.2.

Changed

  • Gemfile: Update RuboCop to 0.28.0.

Fixed

  • metadata: Fix attributes default types.
  • README: Fix some typos and update Supermarket links.

1.1.0 - 2014-11-09

Added

  • Add RBL support.
  • Allow postfix configuration (tables and master.cf) to be modfied easily.
  • Create Postfix tables directory, required by SES.

Changed

  • Improve SES support:
    • Read the SES credentials from chef vault bag.
    • Add node['postfix-dovecot']['ses']['region'] attribute.
    • Update SES servers.
  • metadata: update to use dovecot cookbook version 2.
  • Simplify smtp_tls_CAfile attribute case.
  • Homogenize license headers.
  • README:
    • Use single quotes in examples.
    • Use markdown tables.
    • Fix Usage Examples title.

Fixed

  • ::dovecot recipe: Fix password reading with encrypt attributes enabled.
  • Fix new RuboCop offenses.

1.0.0 - 2014-10-07

Added

  • Integrate with ssl_certificate cookbook.
  • Add PostgreSQL support.

Changed

  • Rename ::postfix_full recipe to ::postfix.
  • Update to work with postfixadmin cookbook 1.0.0.
  • Improve Postfix chroot file creation, based on postfix-full master code.
  • Set common_name for PostfixAdmin and Postfix SSL certs.
  • metadata: use pessimistic version constraints.
  • Use #default_unless instead of #set_unless.
  • ::postfixadmin recipe: remove #set_unless usage.
  • README:
    • Separate README file in multiple files.
    • Add some badges.
    • Some small documentation fixes.

Removed

  • Drop Ruby < 1.9.3 support.
  • Drop Chef < 11.14.2 support.

Fixed

  • Fix hostname attribute default value when FQDN is not set.
  • Fix all RuboCop offenses.

0.3.0 - 2014-09-14

Added

  • Ensure /etc/mailname file creation.
  • Add Fedora and Amazon Linux support.

Changed

  • Depends on postfixadmin cookbook version < 1.0.0.
  • README: Amazon SES Tests section: KITCHEN_LOCAL_YAML variable value fixed.

0.2.0 - 2013-08-09

Added

Fixed

  • Fix resolv.conf inside chroot in CentOS.

0.1.0 - 2013-06-16

  • Initial release of postfix-dovecot.

Collaborator Number Metric
            

3.0.0 failed this metric

Failure: Cookbook has 1 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric
            

3.0.0 passed this metric

Foodcritic Metric
            

3.0.0 failed this metric

FC069: Ensure standardized license defined in metadata: postfix-dovecot/metadata.rb:1
FC072: Metadata should not contain "attribute" keyword: postfix-dovecot/metadata.rb:1
Run with Foodcritic Version 12.2.1 with tags metadata,correctness ~FC031 ~FC045 and failure tags any

License Metric
            

3.0.0 passed this metric

No Binaries Metric
            

3.0.0 passed this metric

Publish Metric
            

3.0.0 passed this metric

Supported Platforms Metric
            

3.0.0 passed this metric

Testing File Metric
            

3.0.0 passed this metric

Version Tag Metric
            

3.0.0 passed this metric