[__root_mail_dma] Add new role to manage local root mail.

This type has been tested in FreeBSD and Debian-like systems (Debian, Devuan,
Ubuntu).

type/__root_mail_dma/files/aliases

@@ -0,0 +1,68 @@
+# Based off FreeBSD's /etc/aliases
+#
+#	>>>>>>>>>>	The program "newaliases" must be run after
+#	>> NOTE >>	this file is updated for any changes to
+#	>>>>>>>>>>	show through to sendmail.
+#
+#
+# See also RFC 2142, `MAILBOX NAMES FOR COMMON SERVICES, ROLES
+# AND FUNCTIONS', May 1997
+# 	http://tools.ietf.org/html/rfc2142
+
+# Pretty much everything else in this file points to "root", so
+# you would do well in either reading root's mailbox or forwarding
+# root's email from here.
+
+# root: me@my.domain
+
+
+# Basic system aliases -- these MUST be present
+MAILER-DAEMON: postmaster
+postmaster: root
+
+# General redirections for pseudo accounts
+_dhcp:	root
+_pflogd: root
+auditdistd:	root
+bin:	root
+bind:	root
+daemon:	root
+games:	root
+hast:	root
+kmem:	root
+mailnull: postmaster
+man:	root
+news:	root
+nobody:	root
+operator: root
+pop:	root
+proxy:	root
+smmsp:	postmaster
+sshd:	root
+system:	root
+toor:	root
+tty:	root
+usenet: news
+uucp:	root
+
+# Well-known aliases -- these should be filled in!
+manager:	root
+dumper:		root
+
+# BUSINESS-RELATED MAILBOX NAMES
+info:		root
+marketing:	root
+sales:		root
+support:	root
+
+# NETWORK OPERATIONS MAILBOX NAMES
+abuse:	root
+noc:		root
+security:	root
+
+# SUPPORT MAILBOX NAMES FOR SPECIFIC INTERNET SERVICES
+ftp: 		root
+ftp-bugs: 	ftp
+hostmaster: 	root
+webmaster: 	root
+www: 		webmaster

type/__root_mail_dma/gencode-remote

@@ -0,0 +1,20 @@
+#!/bin/sh -e
+
+if [ -f "${__object}/parameter/send-test-email" ]; then
+	SEND_EMAIL="YES"
+fi
+
+if [ "${SEND_EMAIL}" != "YES" ]; then
+	exit 0
+fi
+
+cat <<EOF
+sendmail root << EOM
+Subject: [cdist] Testing root mail on '${__target_host}'
+
+You can safely ignore this message, it means your system will notify you
+correctly of any relevant messages.
+
+Enjoy!
+EOM
+EOF

type/__root_mail_dma/man.rst

@@ -0,0 +1,83 @@
+cdist-type__root_mail_dma(7)
+============================
+
+NAME
+----
+cdist-type__root_mail_dma - Setup root email with the DragonFly Mail Agent
+
+
+DESCRIPTION
+-----------
+This (singleton) type uses dma, a small Mail Transport Agent (MTA), to accept
+mails from locally installed Mail User Agents (MUA) and deliver the mails
+to a remote destination.
+
+Remote delivery happens over TLS to one or more mailboxes that are local to the
+email server configured in the `smart-host` parameter.
+
+
+REQUIRED PARAMETERS
+-------------------
+smart-host
+    The destination email server. The addresses passed in `root-email` must be
+    either local to the `smart-host` or it must be configured to act as a relay
+    for the host being configured by this type.
+
+
+REQUIRED MULTIPLE PARAMETERS
+----------------------------
+root-email
+    Destination email address. Can be specified multiple times or just once
+    with each address separated by commas.
+    This will be setup in `/etc/aliases` as the destination for the local
+    root mailbox.
+
+
+BOOLEAN PARAMETERS
+------------------
+send-test-email
+    If present, after setup this type will send an email to root, to allow you
+    to easily test your setup.
+
+
+OPTIONAL PARAMETERS
+-------------------
+mailname
+    If present, this will be the hostname used to identify this host and the
+    remote part of the from addresses.
+    If not defined, it defaults to `/etc/mailname` on Debian-derived Operating
+    Systems and to `__target_host` otherwise.
+    See `dma(8)` for more information.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+    # Send root email to both our BOFH and the nice-admin.
+    # That way they can figure things out together.
+    __root_mail_dma \
+      --root-email bofh@domain.tld \
+      --root-email nice-admin@domain.tld \
+      --smart-host mx1.domain.tld \
+      --send-test-email
+
+
+SEE ALSO
+--------
+- `DragonFly Mail Agent <https://github.com/corecode/dma>`_
+- `DragonFly Handbook MTA <https://www.dragonflybsd.org/handbook/mta/>`_
+
+
+AUTHORS
+-------
+Evilham <contact@evilham.com>
+
+
+COPYING
+-------
+Copyright \(C) 2020 Evilham. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.

type/__root_mail_dma/manifest

@@ -0,0 +1,153 @@
+#!/bin/sh -e
+
+os="$(cat "${__global}/explorer/os")"
+
+root_email="$(tr '\n' ',' < "${__object}/parameter/root-email" | sed -E 's/,+$//')"
+smart_host="$(cat "${__object}/parameter/smart-host")"
+
+if [ -f "${__object}/parameter/mailname" ]; then
+	mailname="$(cat "${__object}/parameter/mailname")"
+else
+	# default mailname behaviour is different in certain systems
+	case ${os} in
+		debian|devuan|ubuntu)
+			# Debian-like default to /etc/mailname
+			mailname="/etc/mailname"
+		;;
+		*)
+			# Otherwise let's use the hostname
+			mailname="${__target_host}"
+		;;
+	esac
+fi
+
+aliases_file=/etc/mail/aliases
+case ${os} in
+	debian|devuan|ubuntu)
+		# Debian-like requires installing DMA
+		__package dma
+		# Moving forward without DMA doesn't make much sense
+		export require="__package/dma"
+		aliases_file=/etc/aliases
+	;;
+	freebsd)
+		# Disable sendmail + stop if necessary
+		__key_value \
+			--file      "/etc/rc.conf" \
+			--comment   "# Disable sendmail " \
+			--key       "sendmail_enable" \
+			--delimiter "=" \
+			--value     "NONE" \
+			--onchange  "service sendmail onestop || true" \
+			"sendmail_enable"
+		# Setup mailwrapper accordingly
+		__file /etc/mail/mailer.conf \
+			--mode 0644 \
+			--source '-' <<EOF
+sendmail	/usr/libexec/dma
+send-mail	/usr/libexec/dma
+mailq		/usr/libexec/dma
+newaliases	/usr/libexec/dma
+rmail		/usr/libexec/dma
+EOF
+	;;
+	*)
+		cat > /dev/stderr <<EOF
+Your OS (${os}) is not supported yet.
+
+Maybe adding support is as simple as adapting the packages or allowing it,
+we highly encourage you to open a PR with the necessary changes.
+See: https://code.ungleich.ch/ungleich-public/cdist-contrib/
+EOF
+		exit 1
+	;;
+esac
+
+DMA_CONF="$(cat <<EOF
+# Managed remotely, changes will be lost
+#
+# Your smarthost (also called relayhost).  Leave blank if you don't want
+# smarthost support.
+SMARTHOST ${smart_host}
+
+# Use this SMTP port.  Most users will be fine with the default (25)
+#PORT 25
+
+# Path to your alias file.  Just stay with the default.
+#ALIASES /etc/aliases
+
+# Path to your spooldir.  Just stay with the default.
+#SPOOLDIR /var/spool/dma
+
+# SMTP authentication
+#AUTHPATH /etc/dma/auth.conf
+
+# Uncomment if yout want TLS/SSL support
+SECURETRANSFER
+
+# Uncomment if you want STARTTLS support (only used in combination with
+# SECURETRANSFER)
+STARTTLS
+
+# Uncomment if you have specified STARTTLS above and it should be allowed
+# to fail ("opportunistic TLS", use an encrypted connection when available
+# but allow an unencrypted one to servers that do not support it)
+#OPPORTUNISTIC_TLS
+
+# Path to your local SSL certificate
+#CERTFILE
+
+# If you want to use plain text SMTP login without using encryption, change
+# the SECURE entry below to INSECURE.  Otherwise plain login will only work
+# over a secure connection.  Use this option with caution.
+#SECURE
+
+# Uncomment if you want to defer your mails.  This is useful if you are
+# behind a dialup line.  You have to submit your mails manually with dma -q
+#DEFER
+
+# Uncomment if you want the bounce message to include the complete original
+# message, not just the headers.
+#FULLBOUNCE
+
+# The internet hostname dma uses to identify the host.
+# If not set or empty, the result of gethostname(2) is used.
+# If MAILNAME is an absolute path to a file, the first line of this file
+# will be used as the hostname.
+MAILNAME ${mailname}
+
+# Masquerade envelope from addresses with this address/hostname.
+# Use this if mails are not accepted by destination mail servers because
+# your sender domain is invalid.
+# By default, MASQUERADE is not set.
+# Format: MASQUERADE [user@][host]
+# Examples:
+# MASQUERADE john@  on host "hamlet" will send all mails as john@hamlet
+# MASQUERADE percolator  will send mails as \$username@percolator, e.g. fish@percolator
+# MASQUERADE herb@ert  will send all mails as herb@ert
+
+# Directly forward the mail to the SMARTHOST bypassing aliases and local delivery
+#NULLCLIENT
+EOF
+)"
+
+__file /etc/dma/dma.conf --mode 0644 --source '-' <<EOF
+${DMA_CONF}
+EOF
+
+# Setup aliases file (Debian doesn't create it by default)
+__file	--state exists \
+	--mode 0644 \
+	--source "${__type}/files/aliases" \
+	"${aliases_file}"
+export require="${require} __file${aliases_file}"
+
+
+# Setup the root alias
+__key_value	--key 'root' \
+		--delimiter ":" \
+		--comment "# Main admin(s) for this host" \
+		--value "${root_email}" \
+		--onchange 'newaliases' \
+		--file "${aliases_file}" \
+		root_mail_alias

type/__root_mail_dma/parameter/boolean

@@ -0,0 +1 @@
+send-test-email

type/__root_mail_dma/parameter/optional

@@ -0,0 +1 @@
+mailname

type/__root_mail_dma/parameter/required

@@ -0,0 +1 @@
+smart-host

type/__root_mail_dma/parameter/required_multiple

@@ -0,0 +1 @@
+root-email