feat: create stalwart module (#418)
- add stalwart module - add psql database on the shared patroni instance - add ceph-rgw credentials to eyaml - ensure psql pass and s3 access key are converted to sensitive Reviewed-on: #418
This commit was merged in pull request #418.
This commit is contained in:
@@ -0,0 +1,26 @@
|
||||
# @summary Manages Stalwart Mail Server service
|
||||
#
|
||||
# @api private
|
||||
class stalwart::service {
|
||||
assert_private()
|
||||
|
||||
# Service is installed by the RPM package
|
||||
service { 'stalwart':
|
||||
ensure => running,
|
||||
enable => true,
|
||||
subscribe => [
|
||||
File[$stalwart::tls_cert],
|
||||
File[$stalwart::tls_key],
|
||||
],
|
||||
}
|
||||
|
||||
# Add capability to bind to privileged ports (143, 443, 993)
|
||||
systemd::manage_dropin { 'bind-capabilities.conf':
|
||||
ensure => present,
|
||||
unit => 'stalwart.service',
|
||||
service_entry => {
|
||||
'AmbientCapabilities' => 'CAP_NET_BIND_SERVICE',
|
||||
},
|
||||
notify => Service['stalwart'],
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user