[MediaWiki-commits] [Gerrit] exim: untangle exim4.conf between roles & simplify - change (operations/puppet)
Faidon Liambotis has submitted this change and it was merged. Change subject: exim: untangle exim4.conf between roles & simplify .. exim: untangle exim4.conf between roles & simplify Our humongous one-size-fits-all exim4.conf ERB template was probably not the best idea when it was originally conceived, but it has become even less so as our needs have evolved and our config has grown organically. The exim4 configuration language can be challenging to the untrained eye already, but our template is barely readable even by our most experienced with exim team members who often mess it up when trying to make change (including yours truly). Moreover, while this was an attempt to be DRY, in practice there are multiple sections where there is little to no overlap (e.g. routers, transports). On those that there is overlap, it is known that the template is unable to cope with that as intended, with certain combinations resulting into an invalid exim configuration (e.g. mailman without being a secondary mail relay) This is the cover & part 1 of a long series that has the purpose of untangling this mess, culiminating with a nail to the coffin of exim::roled. Change-Id: I1247cc99846bb206548aed6717c10d4d78557fb3 --- M manifests/mail.pp M templates/exim/exim4.conf.SMTP_IMAP_MM.erb 2 files changed, 5 insertions(+), 6 deletions(-) Approvals: Faidon Liambotis: Looks good to me, approved jenkins-bot: Verified diff --git a/manifests/mail.pp b/manifests/mail.pp index 1bc238e..e584797 100644 --- a/manifests/mail.pp +++ b/manifests/mail.pp @@ -61,10 +61,13 @@ include privateexim::listserve include exim4::ganglia +$config_template = template('exim/exim4.conf.SMTP_IMAP_MM.erb') +$filter_template = template('exim/system_filter.conf.erb') + class { 'exim4': variant => 'heavy', -config => template('exim/exim4.conf.SMTP_IMAP_MM.erb'), -filter => template('exim/system_filter.conf.erb'), +config => $config_template, +filter => $filter_template, } file { '/etc/exim4/defer_domains': diff --git a/templates/exim/exim4.conf.SMTP_IMAP_MM.erb b/templates/exim/exim4.conf.SMTP_IMAP_MM.erb index d09fea8..f8487e7 100644 --- a/templates/exim/exim4.conf.SMTP_IMAP_MM.erb +++ b/templates/exim/exim4.conf.SMTP_IMAP_MM.erb @@ -59,7 +59,6 @@ domainlist rt_domains = rt.wikimedia.org domainlist phab_domains = phabricator.wikimedia.org domainlist donate_domains = donate.wikimedia.org -domainlist spamassassin_domains = * hostlist wikimedia_nets = <; <%= scope.lookupvar('network::constants::all_networks').join(" ; ") %> hostlist relay_from_hosts = <; @[] ; 127.0.0.1 ; ::1 ; <% if @enable_mail_relay != false -%><%= scope.lookupvar('network::constants::external_networks').join(" ; ") %>; 10.0.0.0/8<% end %> @@ -124,9 +123,6 @@ # Other never_users = root : daemon : bin ignore_bounce_errors_after = 0h - -# Hold mail for these domains (e.g. for testing/debugging) -hold_domains = <%= @hold_domains.join(" : ") %> # force Gmail over IPv4 due to reports of bad spam reputation over IPv6 dns_ipv4_lookup = gmail-smtp-in.l.google.com : aspmx.l.google.com -- To view, visit https://gerrit.wikimedia.org/r/216635 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I1247cc99846bb206548aed6717c10d4d78557fb3 Gerrit-PatchSet: 2 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Faidon Liambotis Gerrit-Reviewer: Faidon Liambotis Gerrit-Reviewer: jenkins-bot <> ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
[MediaWiki-commits] [Gerrit] exim: untangle exim4.conf between roles & simplify - change (operations/puppet)
Faidon Liambotis has uploaded a new change for review. https://gerrit.wikimedia.org/r/216635 Change subject: exim: untangle exim4.conf between roles & simplify .. exim: untangle exim4.conf between roles & simplify Our humongous one-size-fits-all exim4.conf ERB template was probably not the best idea when it was originally conceived, but it has become even less so as our needs have evolved and our config has grown organically. The exim4 configuration language can be challenging to the untrained eye already, but our template is barely readable even by our most experienced with exim team members who often mess it up when trying to make change (including yours truly). Moreover, while this was an attempt to be DRY, in practice there are multiple sections where there is little to no overlap (e.g. routers, transports). On those that there is overlap, it is known that the template is unable to cope with that as intended, with certain combinations resulting into an invalid exim configuration (e.g. mailman without being a secondary mail relay) This is the cover & part 1 of a long series that has the purpose of untangling this mess, culiminating with a nail to the coffin of exim::roled. Change-Id: I1247cc99846bb206548aed6717c10d4d78557fb3 --- M manifests/mail.pp M templates/exim/exim4.conf.SMTP_IMAP_MM.erb 2 files changed, 5 insertions(+), 6 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/35/216635/1 diff --git a/manifests/mail.pp b/manifests/mail.pp index 22957e4..f11c919 100644 --- a/manifests/mail.pp +++ b/manifests/mail.pp @@ -61,10 +61,13 @@ include privateexim::listserve include exim4::ganglia +$config_template = template('exim/exim4.conf.SMTP_IMAP_MM.erb') +$filter_template = template('exim/system_filter.conf.erb') + class { 'exim4': variant => 'heavy', -config => template('exim/exim4.conf.SMTP_IMAP_MM.erb'), -filter => template('exim/system_filter.conf.erb'), +config => $config_template, +filter => $filter_template, } file { '/etc/exim4/defer_domains': diff --git a/templates/exim/exim4.conf.SMTP_IMAP_MM.erb b/templates/exim/exim4.conf.SMTP_IMAP_MM.erb index 2f04de1..176bdd8 100644 --- a/templates/exim/exim4.conf.SMTP_IMAP_MM.erb +++ b/templates/exim/exim4.conf.SMTP_IMAP_MM.erb @@ -59,7 +59,6 @@ domainlist rt_domains = rt.wikimedia.org domainlist phab_domains = phabricator.wikimedia.org domainlist donate_domains = donate.wikimedia.org -domainlist spamassassin_domains = * hostlist wikimedia_nets = <; <%= scope.lookupvar('network::constants::all_networks').join(" ; ") %> hostlist relay_from_hosts = <; @[] ; 127.0.0.1 ; ::1 ; <% if @enable_mail_relay != false -%><%= scope.lookupvar('network::constants::external_networks').join(" ; ") %>; 10.0.0.0/8<% end %> @@ -124,9 +123,6 @@ # Other never_users = root : daemon : bin ignore_bounce_errors_after = 0h - -# Hold mail for these domains (e.g. for testing/debugging) -hold_domains = <%= @hold_domains.join(" : ") %> # force Gmail over IPv4 due to reports of bad spam reputation over IPv6 dns_ipv4_lookup = gmail-smtp-in.l.google.com : aspmx.l.google.com -- To view, visit https://gerrit.wikimedia.org/r/216635 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I1247cc99846bb206548aed6717c10d4d78557fb3 Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Faidon Liambotis ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits