Add storyboard exim router/transports

Configure routers and transports for storyboard based on Mailman-style VERP addressing. Messages accepted on the localhost interface with a sender address matching "*-bounces@" (eg, "storyboard-bounces@storyboard.openstack.org"), will be sent out with VERP addressing (eg "storyboard-bounces+user=example.com@storyboard.openstack.org). This way storyboard can perform bounce processing on messages it receives back to that address. Messages addressed to either "storyboard@", "storyboard-bounces@", or "storyboard-bounces+user=example.com@" will be delivered to storyboard by calling the '/path/to/storyboard inject $localpart' command. Storyboard may then parse the message as appropriate. Change-Id: I854006c19b22b233bae5017e4ad04c10a37e0adc Depends-On: Id4f69580eb126d058ee699f4e7bfdb01cfc7409c
2016-01-20 09:23:45 -08:00 · 2016-01-20 09:23:45 -08:00 · 891a0b6488
parent 1dd4a9d02e
commit 891a0b6488
1 changed files with 38 additions and 0 deletions
--- a/modules/openstack_project/manifests/storyboard.pp
+++ b/modules/openstack_project/manifests/storyboard.pp
@ -24,6 +24,44 @@ class openstack_project::storyboard(
  class { 'openstack_project::server':
    sysadmins                 => $sysadmins,
    iptables_public_tcp_ports => [80, 443],
+    manage_exim               => false,
+  }
+
+  class { '::exim':
+    sysadmins => $sysadmins,
+    routers => [
+      {'storyboard_verp_router' => {
+        'driver'              => 'dnslookup',
+        # we only consider messages sent in through loopback
+        'condition' => '${if or{{eq{$sender_host_address}{127.0.0.1}}\
+                         {eq{$sender_host_address}{::1}}}{yes}{no}}',
+        # we do not do this for traffic going to the local machine
+        'domains'             => '!+local_domains',
+        'ignore_target_hosts' => '<; 0.0.0.0; 64.94.110.11; 127.0.0.0/8; \
+                                  ::1/128;fe80::/10;fec0::/10;ff00::/8',
+        # only the un-VERPed bounce addresses are handled
+        'senders'             => '"*-bounces@*"',
+        'transport'           => 'storyboard_verp_smtp',
+      }},
+      # Send bounces to /dev/null until storyboard supports them.
+      {'storyboard' => {
+        'driver'                     => 'redirect',
+        'local_parts'                => 'storyboard',
+        'local_part_suffix_optional' => true,
+        'local_part_suffix'          => '-bounces : -bounces+*',
+        'data'                       => ':blackhole:',
+      }}
+      ],
+    transports => [
+      {'storyboard_verp_smtp' => {
+        'driver'         => 'smtp',
+        'return_path'    => '${local_part:$return_path}+$local_part\
+                             =$domain@${domain:$return_path}',
+        'max_rcpt'       => '1',
+        'headers_remove' => 'Errors-To',
+        'headers_add'    => 'Errors-To: ${return_path}',
+      }}
+      ],
  }

  mysql_backup::backup_remote { 'storyboard':