Ben Vincent
9dd74013ea
- add stalwart module - add psql database on the shared patroni instance - add ceph-rgw credentials to eyaml - ensure psql pass and s3 access key are converted to sensitive Reviewed-on: #418
26 lines
643 B
Puppet
26 lines
643 B
Puppet
# @summary Manages Stalwart Mail Server service
|
|
#
|
|
# @api private
|
|
class stalwart::service {
|
|
assert_private()
|
|
|
|
# Service is installed by the RPM package
|
|
service { 'stalwart':
|
|
ensure => running,
|
|
enable => true,
|
|
subscribe => [
|
|
File[$stalwart::tls_cert],
|
|
File[$stalwart::tls_key],
|
|
],
|
|
}
|
|
|
|
# Add capability to bind to privileged ports (143, 443, 993)
|
|
systemd::manage_dropin { 'bind-capabilities.conf':
|
|
ensure => present,
|
|
unit => 'stalwart.service',
|
|
service_entry => {
|
|
'AmbientCapabilities' => 'CAP_NET_BIND_SERVICE',
|
|
},
|
|
notify => Service['stalwart'],
|
|
}
|
|
} |