puppet-prod/modules/stalwart/manifests/config.pp

# @summary Manages Stalwart Mail Server configuration
#
# @api private
class stalwart::config {
  assert_private()

  # Create base directories (package creates user/group and base dirs)
  file { [$stalwart::config_dir, $stalwart::data_dir, $stalwart::webadmin_unpack_path]:
    ensure => directory,
    owner  => 'stalwart',
    group  => 'stalwart',
    mode   => '0750',
  }

  # Ensure log directory exists
  file { '/var/log/stalwart':
    ensure => directory,
    owner  => 'stalwart',
    group  => 'stalwart',
    mode   => '0755',
  }

  # Main configuration file
  file { "${stalwart::config_dir}/config.toml":
    ensure  => file,
    owner   => 'stalwart',
    group   => 'stalwart',
    mode    => '0640',
    content => epp('stalwart/config.toml.epp', {
      'cluster_size'            => $stalwart::cluster_size,
      'other_cluster_members'   => $stalwart::other_cluster_members,
      'haproxy_ips'             => $stalwart::haproxy_ips,
      'effective_node_id'       => $stalwart::effective_node_id,
      'bind_address'            => $stalwart::bind_address,
      'advertise_address'       => $stalwart::advertise_address,
      'postgresql_host'         => $stalwart::postgresql_host,
      'postgresql_port'         => $stalwart::postgresql_port,
      'postgresql_database'     => $stalwart::postgresql_database,
      'postgresql_user'         => $stalwart::postgresql_user,
      'postgresql_password'     => $stalwart::postgresql_password.unwrap,
      'postgresql_ssl'          => $stalwart::postgresql_ssl,
      's3_endpoint'             => $stalwart::s3_endpoint,
      's3_bucket'               => $stalwart::s3_bucket,
      's3_region'               => $stalwart::s3_region,
      's3_access_key'           => $stalwart::s3_access_key,
      's3_secret_key'           => $stalwart::s3_secret_key.unwrap,
      's3_key_prefix'           => $stalwart::s3_key_prefix,
      'domains'                 => $stalwart::domains,
      'postfix_relay_host'      => $stalwart::postfix_relay_host,
      'enable_imap'             => $stalwart::enable_imap,
      'enable_imap_tls'         => $stalwart::enable_imap_tls,
      'enable_http'             => $stalwart::enable_http,
      'enable_smtp_submission'  => $stalwart::enable_smtp_submission,
      'data_dir'                => $stalwart::data_dir,
      'tls_cert'                => $stalwart::tls_cert,
      'tls_key'                 => $stalwart::tls_key,
      'log_level'               => $stalwart::log_level,
      'service_hostname'        => $stalwart::service_hostname,
      'fallback_admin_user'     => $stalwart::fallback_admin_user,
      'fallback_admin_password' => $stalwart::fallback_admin_password,
      'webadmin_unpack_path'    => $stalwart::webadmin_unpack_path,
      'webadmin_resource_url'   => $stalwart::webadmin_resource_url,
      'webadmin_auto_update'    => $stalwart::webadmin_auto_update,
      'node_facts'              => $facts,
    }),
    notify  => Service['stalwart'],
  }

  # Create directories for storage
  file { "${stalwart::data_dir}/queue":
    ensure => directory,
    owner  => 'stalwart',
    group  => 'stalwart',
    mode   => '0750',
  }

  file { "${stalwart::data_dir}/reports":
    ensure => directory,
    owner  => 'stalwart',
    group  => 'stalwart',
    mode   => '0750',
  }

}