ungleich-public/cdist-contrib

Fork 3

[__opendkim_key] Overall improvements in key management #22

Merged

fnux merged 2 commits from opendkim-improvements into master

2024-05-15 11:45:52 +00:00

evilham commented

2022-03-25 10:04:31 +00:00

Collaborator

While developing this, I noticed that the type was handling inconsistently the
expectation that a cdist object with the same __object_id gets modified.
Instead more and more lines were added to, e.g. SigningTable and KeyTable.

In order to solve this, some backwards compatibility breaking is necessary.

This is probably not too terrible since:

the --selector parameter was mandatory, therefore the fallback for the key
location is triggered.
OpenDKIM uses the first match in SigningTable and KeyTable
__line and __block respectively append if they do not match

Closes #19 and #20

While developing this, I noticed that the type was handling inconsistently the expectation that a cdist object with the same __object_id gets *modified*. Instead more and more lines were added to, e.g. SigningTable and KeyTable. In order to solve this, some backwards compatibility breaking is necessary. This is probably not too terrible since: - the `--selector` parameter was mandatory, therefore the fallback for the key location is triggered. - OpenDKIM uses the first match in `SigningTable` and `KeyTable` - __line and __block respectively append if they do not match Closes #19 and #20

evilham added 3 commits 2022-03-25 10:04:32 +00:00

[__opendkim] FreeBSD: Fix service name inconsistency 9473f34910

This was going to be taken care of in __start_on_boot, but the solution to that
ended up not being generic enough; so this is what we get >,<.

While at it, add various variable value checks where it made sense.

[__opendkim] Deprecate --userid 91e8020837

The parameter could produce inconsistencies permissions-wise.

Users of the type that need this functionality can still use:
--custom-config 'UserId $USERID'

Closes #17

[__opendkim_key] Overall improvements in key management 60c6ee54a1

While developing this, I noticed that the type was handling inconsistently the
expectation that a cdist object with the same __object_id gets *modified*.
Instead more and more lines were added to, e.g. SigningTable and KeyTable.

In order to solve this, some backwards compatibility breaking is necessary.

This is probably not too terrible since:

- the `--selector` parameter was mandatory, therefore the fallback for the key
location is triggered.
- OpenDKIM uses the first match in `SigningTable` and `KeyTable`
- __line and __block respectively append if they do not match

Closes #19 and #20.

evilham added 1 commit 2022-03-25 10:09:39 +00:00

[__opendkim_genkey] Improve error text for unsupported OS c47d4dbaf2

It was not listing FreeBSD, which is currently supported.

evilham force-pushed opendkim-improvements from c47d4dbaf2 to 7ca0bcf8d9

2023-04-21 13:01:39 +00:00

Compare

fnux referenced this pull request

2024-03-26 15:45:16 +00:00

[__opendkim*] add debian support #28

fnux commented

2024-05-15 11:45:22 +00:00

Collaborator

Looks good - I also ran a quick test that worked as expected. I'll probably roll this out to real-world infrastructure in the coming weeks. Thanks!

❤️ 1

fnux merged commit 79baaf02b1 into master

2024-05-15 11:45:52 +00:00

fnux deleted branch opendkim-improvements

2024-05-15 11:45:52 +00:00

No reviewers

No labels

No milestone

No project

No assignees

2 participants

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: ungleich-public/cdist-contrib#22

No description provided.