Chef config for postfix – in progress

1. You have to install chef-dk on your workstation
2. You have to get a hosted chef account, or install chef-server on premise.
3. You got to init your chef workstation with private key and validation key (or use starter kit)
4. You got to setup your node with an account with “sudo” ability
4. You got to “knife bootstrap” your node
5. You got to init your chef-repo
6. Edit the following files
7. Berk install your dependencies
8. Berk upload your cookbook
9. Remote “chef-client” your node
10 . REPL – Enjoy!

The following is in attribute/default.rb

default['postfix']['mail_type'] = 'master'
default['postfix']['main']['myhostname'] = ''
default['postfix']['main']['mydomain'] = ''
default['postfix']['main']['mydestination'] = ''
default['postfix']['main']['inet_interfaces'] = 'all'
default['postfix']['main']['smtpd_use_tls'] = 'no'

default['postfix']['main']['smtp_sasl_auth_enable'] = 'yes'
# if smtp_sasl_auth_enable is 'yes' the following 3 attr will be blank and should be override
override['postfix']['main']['relayhost'] = '[]:25'
override['postfix']['sasl']['smtp_sasl_user_name'] = '<test>'
override['postfix']['sasl']['smtp_sasl_passwd'] = '<test>'
default['postfix']['main']['smtp_sasl_security_options'] = 'noanonymous'
default['postfix']['main']['smtp_use_tls'] = 'yes'
default['postfix']['main']['smtp_tls_security_level'] = 'encrypt'
default['postfix']['main']['smtp_tls_note_starttls_offer'] = 'yes'

The following is recipe/postfix.rb

# Comment smtp_fallback_relay in in order to avoid mx loopback
master_config = "/etc/postfix/"
smtp_fallback_relay = /(^\s+-o smtp_fallback_relay=.*$)/

ruby_block " Comment smtp_relay_fallback" do
  block do
    sed =
    sed.search_file_replace(smtp_fallback_relay, '#\1')
  only_if { ::File.readlines(master_config).grep(smtp_fallback_relay).any? }

# reload postfix
service 'postfix' do
  action :reload

The following is recipe/default.rb

include_recipe 'postfix'
include_recipe 'postfix::sasl_auth'
include_recipe 'yc_postfix::postfix'

#chef #ruby #configuration-management #automation #config