wmdeit-cf-wmdelib/rspamd.cf

131 lines
3.4 KiB
CFEngine3
Raw Normal View History

2023-10-06 16:50:42 +00:00
#
#
#
bundle agent rspamd(cfg)
{
2023-10-29 19:13:44 +00:00
classes:
"runpw" expression => isvariable("cfg[password]");
2023-10-06 16:50:42 +00:00
vars:
2023-11-03 11:54:27 +00:00
"tpl_deps" slist => { "rspamd_pkgs_installed","rspamd_cfg_dir_created" };
runpw::
"tpl_deps" slist => { "rspamd_pkgs_installed","rspamd_cfg_dir_created","rspamd_password_ready" };
any::
2023-10-06 16:50:42 +00:00
"cfgfiles" slist => {
"local.d/milter_headers.conf",
# "local.d/actions.conf",
"local.d/worker-normal.inc",
2023-10-16 07:24:52 +00:00
"local.d/worker-proxy.inc",
"local.d/worker-controller.inc",
"local.d/redis.conf",
2023-10-06 16:50:42 +00:00
# "local.d/classifier-bayes.conf",
# "local.d/worker-fuzzy.inc",
# "local.d/fuzzy_check.conf"
};
freebsd::
"pkgs" slist => {"rspamd"};
"cfg_dir" string => "/usr/local/etc/rspamd";
"service_name" string => "rspamd";
"root_user" string => "root";
"root_group" string => "wheel";
"rspamadm" string => "/usr/local/bin/rspamadm";
2023-10-06 16:50:42 +00:00
debian::
"pkgs" slist => {"rspamd"};
"cfg_dir" string => "/etc/rspamd";
"service_name" string => "rspamd";
"root_user" string => "root";
"root_group" string => "root";
"rspamadm" string => "/usr//bin/rspamadm";
2023-10-16 07:24:52 +00:00
2023-10-29 19:13:44 +00:00
centos::
"pkgs" slist => {"rspamd"};
"cfg_dir" string => "/etc/rspamd";
"service_name" string => "rspamd";
"root_user" string => "root";
"root_group" string => "root";
"rspamadm" string => "/usr//bin/rspamadm";
2023-11-03 11:54:27 +00:00
runpw::
2023-11-03 11:54:27 +00:00
"password" string => readfile("$(sys.workdir)/data/agent/rspamd/password-hash.txt"),
handle => "rspamd_password_ready",
depends_on => {"rspamd_password_hash_created"};
2023-10-29 19:13:44 +00:00
2023-11-03 11:54:27 +00:00
files:
runpw::
"$(sys.workdir)/data/agent/rspamd/password.txt"
create => "true",
content => "$(cfg[password])",
handle => "rspamd_password_created",
classes => if_repaired("rspamd_password_repaired");
rspamd_password_repaired::
"$(sys.workdir)/data/agent/rspamd/password-hash.txt"
content => execresult("$(rspamadm) pw -p $(cfg[password])","noshell"),
depends_on => {"rspamd_password_created"},
handle => "rspamd_password_hash_created";
commands:
!rspamd_password_repaired::
"/usr/bin/true"
depends_on => {"rspamd_password_created"},
handle => "rspamd_password_hash_created",
inform => "false";
2023-10-16 07:24:52 +00:00
methods:
"any" usebundle => install_rspamd_pkgs;
2023-10-16 07:24:52 +00:00
"any" usebundle => wmde_service("$(service_name)","rspamd_kept","rspamd_repaired"),
depends_on => {"rspamd_cfgs_done"};
2023-10-06 16:50:42 +00:00
files:
"$(cfg_dir)/."
perms => uperm("$(root_user)","$(root_group)","755"),
2023-10-16 07:24:52 +00:00
depends_on => { "rspamd_pkgs_installed" },
2023-10-06 16:50:42 +00:00
handle => "rspamd_cfg_dir_created";
"$(cfg_dir)/$(cfgfiles)"
create => "true",
edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/rspamd/$(cfgfiles).mustache",
template_method => "mustache",
2023-10-16 07:24:52 +00:00
perms => m("644"),
2023-10-06 16:50:42 +00:00
template_data => bundlestate("$(this.bundle)"),
2023-11-03 11:54:27 +00:00
depends_on => @(tpl_deps),
2023-10-16 07:24:52 +00:00
classes => if_repaired(rspamd_repaired),
2023-10-06 16:50:42 +00:00
handle => "rspamd_cfgs_done";
2023-10-06 16:50:42 +00:00
reports:
}
2023-10-29 19:13:44 +00:00
bundle agent rspamd_install_yum_repo
{
classes:
centos::
"install_yum_repo" expression => not(fileexists("/etc/yum.repos.d/rspamd.repo"));
commands:
install_yum_repo::
"wget"
args => "-qO /etc/yum.repos.d/rspamd.repo https://rspamd.com/rpm-stable/centos-$(sys.os_version_major)/rspamd.repo && rpm --import https://rspamd.com/rpm-stable/gpg.key ",
2023-10-29 19:13:44 +00:00
contain => wmde_cmd_useshell;
2023-10-06 16:50:42 +00:00
2023-10-29 19:13:44 +00:00
}
bundle agent install_rspamd_pkgs
{
methods:
"any" usebundle => rspamd_install_yum_repo, handle => "rspamd_yum_repo_installed";
"any" usebundle => wmde_install_packages(@(rspamd.pkgs),"rspamd"),
depends_on => {"rspamd_yum_repo_installed"};
}