From 5f34642760dd99bb2ef671ff551f87471e308db7 Mon Sep 17 00:00:00 2001 From: Andrew Teixeira Date: Thu, 4 May 2023 12:36:18 -0400 Subject: [PATCH] Add autorestart config set show_diff to false for all private key resources --- manifests/config.pp | 24 ++++++++++++++---------- manifests/init.pp | 6 ++++++ templates/etc/opendkim.conf.epp | 13 ++++++++++++- 3 files changed, 32 insertions(+), 11 deletions(-) diff --git a/manifests/config.pp b/manifests/config.pp index 1043fa0..7e51bd5 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -121,6 +121,8 @@ 'signaturealgorithm' => $opendkim::signaturealgorithm, 'minimumkeybits' => $opendkim::minimumkeybits, 'additional_options' => $opendkim::additional_options, + 'autorestart' => $opendkim::autorestart, + 'autorestartrate' => $opendkim::autorestartrate, }), } @@ -137,11 +139,12 @@ if $opendkim::alldomain { if $opendkim::manage_private_keys == true { file { "${opendkim::configdir}/keys/${opendkim::selector}": - ensure => file, - content => $opendkim::privatekey, - owner => 'root', - group => $opendkim::group, - mode => '0640', + ensure => file, + content => $opendkim::privatekey, + owner => 'root', + group => $opendkim::group, + mode => '0640', + show_diff => false, } } @@ -191,11 +194,12 @@ if $opendkim::manage_private_keys == true { file { "${opendkim::configdir}/keys/${key['domain']}/${key['selector']}": - ensure => 'file', - content => $key['privatekey'], - owner => $opendkim::user, - group => $opendkim::group, - mode => '0600', + ensure => 'file', + content => $key['privatekey'], + owner => $opendkim::user, + group => $opendkim::group, + mode => '0600', + show_diff => false, } } diff --git a/manifests/init.pp b/manifests/init.pp index 72fb6e2..35c2762 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -91,6 +91,10 @@ # The privatekey used for signing in alldomain mode. # @param hash_algorithms # The hash_algorithms used for signing in alldomain mode. +# @param autorestart +# Either boolean or yes/no as to whether opendkim should restart on failure +# @param autorestartrate +# The rate limit on auto restarting # # @see Please see the README.md class opendkim ( @@ -139,6 +143,8 @@ Optional[String[1]] $publickeyextended = undef, Optional[String[1]] $privatekey = undef, Optional[String[1]] $hash_algorithms = undef, + Optional[Variant[Boolean,Enum['yes','no']]] $autorestart = undef, + Optional[Pattern[/\A[0-9]+\/[0-9]+[sSmMhHdD]\z/]] $autorestartrate = undef, ) { contain opendkim::install contain opendkim::user diff --git a/templates/etc/opendkim.conf.epp b/templates/etc/opendkim.conf.epp index 5aa7358..e1d115d 100644 --- a/templates/etc/opendkim.conf.epp +++ b/templates/etc/opendkim.conf.epp @@ -17,10 +17,21 @@ Optional[Array[String,1]] $senderheaders, Optional[String[1]] $signaturealgorithm, Optional[Integer[1]] $minimumkeybits, - Hash[String,Variant[Array[String],String,Integer,Boolean]] $additional_options + Hash[String,Variant[Array[String],String,Integer,Boolean]] $additional_options, + Variant[Boolean,Enum['yes','no']] $autorestart, + Optional[Pattern[/\A[0-9]+\/[0-9]+[sSmMhHdD]\z/]] $autorestartrate | -%> # THIS FILE IS MANAGED BY PUPPET +<% if $autorestart { -%> +# Auto restart the filter on failures +AutoRestart <%= $autorestart ? { true => 'yes', false => 'no', default => $autorestart } %> +<% } -%> +<% if $autorestartrate { -%> +# Maximum restart rate +AutoRestartRate <%= $autorestartrate %> +<% } -%> + # Specifies the path to the process ID file. PidFile <%= $pidfile %>