sasl
Tested with Travis CI
Table of Contents
Description
This module manages Cyrus SASL.
Setup
What sasl affects
This module can install per-application SASL configuration, automatically pulling in any additional packages to provide the required authentication methods. It can also manage saslauthd if that is the chosen mechanism along with its own configuration options.
Beginning with sasl
In the very simplest case, you can just include the following:
include ::saslUsage
To configure Postfix for DIGEST-MD5 and CRAM-MD5
authentication using the sasldb backend:
include ::sasl
::sasl::application { 'smtpd':
pwcheck_method => 'auxprop',
auxprop_plugin => 'sasldb',
mech_list => ['digest-md5', 'cram-md5'],
}To configure Postfix for PLAIN and LOGIN
authentication using the saslauthd backend which itself is using
LDAP+STARTTLS:
include ::sasl
class { '::sasl::authd':
mechanism => 'ldap',
ldap_auth_method => 'bind',
ldap_search_base => 'ou=people,dc=example,dc=com',
ldap_servers => ['ldap://ldap.example.com'],
ldap_start_tls => true,
ldap_tls_cacert_dir => '/etc/pki/tls/certs',
ldap_tls_ciphers => 'AES256',
}
::sasl::application { 'smtpd':
pwcheck_method => 'saslauthd',
mech_list => ['plain', 'login'],
}Reference
The reference documentation is generated with puppet-strings and the latest version of the documentation is hosted at bodgit.github.io/puppet-sasl/.
Limitations
This module has been built on and tested against Puppet 4.4.0 and higher.
The module has been tested on:
-
RedHat Enterprise Linux 6/7
-
Ubuntu 12.04/14.04/16.04
-
Debian 6/7/8
Development
The module has both rspec-puppet and beaker-rspec tests. Run them with:
$ bundle exec rake test
$ PUPPET_INSTALL_TYPE=agent PUPPET_INSTALL_VERSION=x.y.z bundle exec rake beaker:<nodeset>Please log issues or pull requests at github.