From b8deeb07123e8251f075e4f306b5637dff7b31b5 Mon Sep 17 00:00:00 2001
From: Frank Brehm <frank.brehm@profitbricks.com>
Date: Mon, 29 Feb 2016 11:57:48 +0100
Subject: [PATCH] Adding state for /etc/postfix/postfix-cert.cnf

---
 postfix/common.sls             | 11 +++++++++++
 postfix/files/postfix-cert.cnf | 23 +++++++++++++++++++++++
 2 files changed, 34 insertions(+)
 create mode 100644 postfix/files/postfix-cert.cnf

diff --git a/postfix/common.sls b/postfix/common.sls
index 2e86e75..91dbe24 100644
--- a/postfix/common.sls
+++ b/postfix/common.sls
@@ -47,3 +47,14 @@ postfix:
     - template: jinja
     - backup: minion
 
+/etc/postfix/postfix-cert.cnf:
+  file.managed:
+    - source: postfix/files/postfix-cert.cnf
+    - user: root
+    - group: root
+    - mode: 644
+    - require:
+      - file: /etc/postfix
+    - template: jinja
+    - backup: minion
+
diff --git a/postfix/files/postfix-cert.cnf b/postfix/files/postfix-cert.cnf
new file mode 100644
index 0000000..2d5100e
--- /dev/null
+++ b/postfix/files/postfix-cert.cnf
@@ -0,0 +1,23 @@
+RANDFILE = /usr/share/postfix.rand
+
+[ req ]
+default_bits = 1024
+encrypt_key = yes
+distinguished_name = req_dn
+x509_extensions = cert_type
+prompt = no
+
+[ req_dn ]
+C=DE
+ST=Berlin
+L=Berlin
+O=Frank Brehm
+OU=Mail Server Postfix SSL key
+CN={{ grains['fqdn'] }}
+emailAddress={{ salt['pillar.get']('postfix:postmaster_address', 'postmaster@brehm-online.com') }}
+
+
+[ cert_type ]
+nsCertType = server
+
+# vim: filetype=dosini
-- 
2.39.5