- Description
- Setup - The basics of getting started with sasl
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
This module manages Cyrus SASL.
This module can install per-application SASL configuration, automatically pulling in any additional packages to provide the required authentication methods. It can also manage saslauthd if that is the chosen mechanism along with its own configuration options.
In the very simplest case, you can just include the following:
include ::saslTo configure Postfix for DIGEST-MD5 and CRAM-MD5 authentication using the
sasldb backend:
include ::sasl
::sasl::application { 'smtpd':
pwcheck_method => 'auxprop',
auxprop_plugin => 'sasldb',
mech_list => ['digest-md5', 'cram-md5'],
}To configure Postfix for PLAIN and LOGIN authentication using the saslauthd
backend which itself is using LDAP+STARTTLS:
include ::sasl
class { '::sasl::authd':
mechanism => 'ldap',
ldap_auth_method => 'bind',
ldap_search_base => 'ou=people,dc=example,dc=com',
ldap_servers => ['ldap://ldap.example.com'],
ldap_start_tls => true,
ldap_tls_cacert_dir => '/etc/pki/tls/certs',
ldap_tls_ciphers => 'AES256',
}
::sasl::application { 'smtpd':
pwcheck_method => 'saslauthd',
mech_list => ['plain', 'login'],
}The reference documentation is generated with puppet-strings and the latest version of the documentation is hosted at https://bodgit.github.io/puppet-sasl/ and available also in the REFERENCE.md.
This module has been built on and tested against Puppet 5 and higher.
The module has been tested on:
- RedHat Enterprise Linux 6/7
- Ubuntu 14.04/16.04
- Debian 8
The module relies on PDK and has both rspec-puppet and beaker-rspec tests. Run them with:
$ bundle exec rake spec
$ PUPPET_INSTALL_TYPE=agent PUPPET_INSTALL_VERSION=x.y.z bundle exec rake beaker:<nodeset>
Please log issues or pull requests at github.