Open func0der opened 3 years ago
Hi ! Yes, I like your proposal ! :-) But, maybe did you already noticed some missing parameters ?! kr
Yep, basics like SignatureAlgorithm
or MinimumKeyBits
.
Maybe they are new parameters that just appeared in a later version than the one that was recent when you created the module.
But they are pretty important to harden security nower days.
Also SendReports, ReportsAddress for example. Plus a number of the options are in the template erb file statically commented out. They need to exist as class params with default values so they are not included but they do get included if custom values are provided.
The MTA
parameter is also missing.
With #35 the parameter opendkim::additional_options
has been added. These will be added into the /etc/opendkim.conf
. See https://github.com/lvicainne/puppet-opendkim/pull/35/files#diff-fad50a39577733382b5f4c6a98ba3ac1841ae115bc23d9975140726dca5d3524R153-R165
Hey and thanks for the module.
Since your times to work on this seems limited, why do not we not include a parameter for all unsupported config lines for the
/etc/opendkim.conf
file.This way you/the community does not have to open a pr for every parameter out there and the module gets more future proof.
It could be a simple array lines, that are put out into the config file. Alternatively the template parameter could be made configurable and people could just add their own config files templates with those lines already defined.