feat: implement dovecot backend server with postfix virtual mailbox integration

- create profiles::dovecot::backend class for IMAPS server configuration
- add virtual mailbox support to profiles::postfix::gateway with enable_dovecot parameter
- restructure common hieradata elements into mail.yaml
- add virtual mailbox and alias map templates with ERB generation
- add comprehensive type validation using Stdlib::Email, Stdlib::Fqdn, Stdlib::IP types
- configure vmail user (UID/GID 5000) with shared storage on /shared/apps/maildata
- update roles::infra::mail::backend to include both dovecot and postfix profiles
This commit is contained in:
2025-11-01 19:03:04 +11:00
parent 78adef0eee
commit 528fbe4190
9 changed files with 277 additions and 25 deletions
+48 -5
View File
@@ -47,15 +47,24 @@ class profiles::postfix::gateway (
'permit_mynetworks',
'reject_unauth_destination',
],
Hash[String, String] $smtp_tls_policy_maps = {},
Hash[Stdlib::Fqdn, String] $smtp_tls_policy_maps = {},
Hash[String, String] $sender_canonical_maps = {},
Hash[String, String] $sender_access_maps = {},
Hash[Stdlib::Email, String] $sender_access_maps = {},
Hash[String, String] $relay_recipients_maps = {},
Hash[String, String] $relay_domains_maps = {},
Hash[Stdlib::Fqdn, String] $relay_domains_maps = {},
Hash[String, String] $recipient_canonical_maps = {},
Hash[String, String] $recipient_access_maps = {},
Hash[String, String] $postscreen_access_maps = {},
Hash[Stdlib::Email, String] $recipient_access_maps = {},
Hash[Variant[Stdlib::IP::Address, Stdlib::IP::Address::CIDR], String] $postscreen_access_maps = {},
Hash[String, String] $helo_access_maps = {},
Hash[Stdlib::Email, String] $virtual_mailbox_maps = {},
Hash[Variant[Stdlib::Email, Pattern[/^@.+$/]], Stdlib::Email] $virtual_alias_maps = {},
# Dovecot integration
Boolean $enable_dovecot = false,
Array[Stdlib::Fqdn] $virtual_mailbox_domains = [],
String $virtual_uid_maps = 'static:5000',
String $virtual_gid_maps = 'static:5000',
Stdlib::Absolutepath $virtual_mailbox_base = '/var/vmail',
String $virtual_transport = 'dovecot',
) {
$alias_maps_string = join($alias_maps, ', ')
@@ -281,6 +290,7 @@ class profiles::postfix::gateway (
},
}
# Postfix maps (all using templates now)
$postfix_maps = {
'postscreen_access' => {
@@ -333,6 +343,39 @@ class profiles::postfix::gateway (
'type' => 'hash',
'content' => template('profiles/postfix/gateway/smtp_tls_policy_maps.erb')
},
'virtual_mailbox_maps' => {
'ensure' => 'present',
'type' => 'hash',
'content' => template('profiles/postfix/gateway/virtual_mailbox_maps.erb')
},
'virtual_alias_maps' => {
'ensure' => 'present',
'type' => 'hash',
'content' => template('profiles/postfix/gateway/virtual_alias_maps.erb')
},
}
if $enable_dovecot {
postfix::config {
'virtual_mailbox_domains': value => join($virtual_mailbox_domains, ', ');
'virtual_mailbox_maps': value => 'hash:/etc/postfix/virtual_mailbox_maps';
'virtual_alias_maps': value => 'hash:/etc/postfix/virtual_alias_maps';
'virtual_uid_maps': value => $virtual_uid_maps;
'virtual_gid_maps': value => $virtual_gid_maps;
'virtual_mailbox_base': value => $virtual_mailbox_base;
'virtual_transport': value => $virtual_transport;
'home_mailbox': value => "${virtual_mailbox_base}/%d/%n/Maildir";
}
} else {
postfix::config {
'virtual_mailbox_domains': ensure => 'absent';
'virtual_mailbox_maps': ensure => 'absent';
'virtual_uid_maps': ensure => 'absent';
'virtual_gid_maps': ensure => 'absent';
'virtual_mailbox_base': ensure => 'absent';
'virtual_transport': ensure => 'absent';
'home_mailbox': ensure => 'absent';
}
}
# Merge base configs with postscreen configs