Merge remote-tracking branch 'refs/remotes/origin/main'

2023-11-05 00:40:32 +01:00 · 2023-11-05 00:40:32 +01:00 · 45a90a300d
parent d6b6eb7033 89923acbca
commit 45a90a300d
9 changed files with 216 additions and 36 deletions
--- a/apache.cf
+++ b/apache.cf
@ -41,6 +41,7 @@ vars:

 	"cfg_deps" slist => {  "apache_pkgs_installed" };

+	any::
 	"log_dir_mode" string => "750";

 	freebsd::
@ -212,7 +213,7 @@ commands:
 reports:
 }

-bundle agent install_apache(raw)
+bundle agent install_apache
 {

 methods:
@ -287,6 +288,8 @@ commands:
 	"/bin/sh"
 	args => "$(sys.workdir)/inputs/$(def.wmde_libdir)/scripts/del-files-not-in-list.sh $(apache.cfg_dir)/Vhosts $(sys.workdir)/data/agent/apache/domains.txt && echo dummy.conf > $(sys.workdir)/data/agent/apache/domains.txt",
 	inform => "false",
+	handle => "apache_vhost_dir_cleaned",
+	depends_on => {"apache_dummy_conf_created"},
 	contain => wmde_cmd_useshell; 


@ -356,9 +359,14 @@ vars:
 		"$(site[ssl_key])");

 	use_ssl&(use_certbot)::
-		"vhostdeps" slist => {"apache_ssl_created$(site[domain])"};
+		"vhostdeps" slist => {
+			"apache_ssl_created$(site[domain])",
+			"apache_vhost_dir_cleaned"
+		};
 	(!use_ssl)|(!use_certbot)::
-		"vhostdeps" slist => {};
+		"vhostdeps" slist => {
+			"apache_vhost_dir_cleaned"
+		};
 	files:

 	delete::
--- a/dovecot.cf
+++ b/dovecot.cf
@ -9,13 +9,23 @@ classes:
 	"rspamd_scripts" expression => strcmp("$(cfg[rspamd_scripts])","true");

 vars:
+	"imap_key" string => "$(cfg_dir)/private/imap.key";
+	"imap_cert" string => "$(cfg_dir)/private/imap.crt";
+	"submission_key" string => "$(cfg_dir)/private/submission.key";
+	"submission_cert" string => "$(cfg_dir)/private/submission.crt";
+
+
+
 	freebsd::
+		"service_name" string => "dovecot";
 		"cfg_dir" string => "/usr/local/etc/dovecot";
 		"dovecot_conf" string => "$(cfg_dir)/dovecot.conf";

 		"pkgs" slist => {
-			"dovecot"
+			"dovecot",
+			"dovecot-pigeonhole"
 		};
+		"sievec_exe" string => "/usr/local/bin/sievec";
 	debian::
 		"cfg_dir" string => "/etc/dovecot";
 		"dovecot_conf" string => "$(cfg_dir)/dovecot.conf";
@ -84,14 +94,14 @@ methods:
 files:	
 	"$(cfg_dir)/."
 	create => "true",
-	perms => mog("755","root","root"),
+	perms => m("755"),
 	depends_on => {"dovecot_pkgs_installed"},
 	handle => "dovecot_cfg_dir_created";
 	
 	"$(dovecot_conf)"
 	classes => if_repaired(dovecot_repaired),
 	create => "true",
-	perms => mog("644","root","root"),
+	perms => m("644"),
 	template_method => "mustache",
 	depends_on => {"dovecot_pkgs_installed","dovecot_cfg_dir_created"},
 	handle => "dovecot_cfg_created",
@ -102,26 +112,26 @@ files:
 		"$(imap_cert)" 
 		handle => "dovecot_imap_cert_installed",
 		classes => if_repaired(dovecot_repaired),
-		copy_from => local_dcp( execresult(  "/usr/bin/readlink -qfn $(cfg[imap_cert])","noshell" )),
-		perms => mog("600","root","root");
+		copy_from => local_dcp( execresult(  "/usr/bin/readlink -fn $(cfg[imap_cert])","noshell" )),
+		perms => m("600");

 		"$(imap_key)" 
 		handle => "dovecot_imap_key_installed",
 		classes => if_repaired(dovecot_repaired),
-		copy_from => local_dcp( execresult(  "/usr/bin/readlink -qfn $(cfg[imap_key])","noshell" )),
-		perms => mog("600","root","root");
+		copy_from => local_dcp( execresult(  "/usr/bin/readlink -fn $(cfg[imap_key])","noshell" )),
+		perms => m("600");

 		"$(submission_cert)" 
 		handle => "dovecot_submission_cert_installed",
 		classes => if_repaired(dovecot_repaired),
-		copy_from => local_dcp( execresult(  "/usr/bin/readlink -qfn $(cfg[submission_cert])","noshell" )),
-		perms => mog("600","root","root");
+		copy_from => local_dcp( execresult(  "/usr/bin/readlink -fn $(cfg[submission_cert])","noshell" )),
+		perms => m("600");

 		"$(submission_key)" 
 		handle => "dovecot_submission_key_installed",
 		classes => if_repaired(dovecot_repaired),
-		copy_from => local_dcp( execresult(  "/usr/bin/readlink -qfn $(cfg[submission_key])","noshell" )),
-		perms => mog("600","root","root");
+		copy_from => local_dcp( execresult(  "/usr/bin/readlink -fn $(cfg[submission_key])","noshell" )),
+		perms => m("600");


 	
--- a/mailserver.cf
+++ b/mailserver.cf
@ -37,32 +37,32 @@ vars:

 	"dbs" string => string_mustache('
 		"userdbs":[
-			{{#cfg.pam_auth}}
-			{
-				"driver":"passwd",
-				"args":""
-			},
-			{{/cfg.pam_auth}}
 			{{#fg.vimb_auth}}
 			{
 				"driver":"sql",
 				"args":"$(dovecot_vimbadmin_sql.cfg_file)"
 			},
 			{{/cfg.vimb_auth}}
-		],
-		"passdbs":[
 			{{#cfg.pam_auth}}
 			{
-				"driver":"pam",
-				"args":"dovecot"
-			}, 
+				"driver":"passwd",
+				"args":""
+			},
 			{{/cfg.pam_auth}}
+		],
+		"passdbs":[
 			{{#cfg.vimb_auth}}
 			{
 				"driver":"sql",
 				"args":"$(dovecot_vimbadmin_sql.cfg_file)"
 			} ,
 			{{/cfg.vimb_auth}}
+			{{#cfg.pam_auth}}
+			{
+				"driver":"pam",
+				"args":"dovecot"
+			}, 
+			{{/cfg.pam_auth}}
 		],',
 	bundlestate("$(this.bundle)"));
 	
@ -185,6 +185,6 @@ methods:
 	"any" usebundle => dovecot(@(dovecot_cfg));
 	"any" usebundle => postfix(@(postfix_cfg));
 reports:
-	"DCP: $(dovecot_protos)";
-	"DBS: $(dbs)";
+#	"DCP: $(dovecot_protos)";
+#	"DBS: $(dbs)";
 }
--- a/mysql.cf
+++ b/mysql.cf
@ -256,9 +256,12 @@ reports:

 bundle agent mysql_backup_db(cfg,file)
 {
+classes:
+	"type_$(mysql.type)" ;
+
 vars:
 	"table_exists_cmd" string => '$(mysql.mysql_cmd) -e "show tables LIKE \'$(table_name)\'" $(cdfg[db_name]) | grep -q $(table_name)';
-	"cmd" string => "$(mysql.mysqldump_cmd) --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) >$(file)";
+	"cmd" string => "$(mysql.mysqldump_cmd) --no-tablespaces --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) >$(file)";


 }
@ -273,11 +276,18 @@ vars:
 bundle agent create_mysql_backup_cron_job(cfg,file,table_name,run)
 {
 classes:
+	"type_$(mysql.type)" ;
 	"create_cron" expression => strcmp("$(run)","true");
 vars:
+
 	"table_exists_cmd" string => '$(mysql.mysql_cmd) -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) -e "show tables LIKE \'$(table_name)\'" | grep -q $(table_name)';
+
+	type_mariadb::
 	"backup_cmd" string => "$(mysql.mysqldump_cmd) --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) >$(file)";

+	type_mysql8::
+	"backup_cmd" string => "$(mysql.mysqldump_cmd) --set-gtid-purged=OFF  --no-tablespaces --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) >$(file)";
+

 files:
 	!create_cron::
@ -315,7 +325,7 @@ vars:
 	"args" string => "-e \"CREATE DATABASE IF NOT EXISTS $(db_name); GRANT ALL PRIVILEGES ON $(db_name).* TO '$(db_user)'@'$(host)' IDENTIFIED BY '$(db_pass)'; \" ";

 	type_mysql8::
-	"args" string => "-e \"CREATE DATABASE IF NOT EXISTS $(db_name); CREATE USER IF NOT EXISTS '$(db_user)'@'$(host)'; ALTER USER '$(db_user)'@'$(host)' IDENTIFIED BY '$(db_pass)'; GRANT ALL PRIVILEGES ON $(db_name).* TO '$(db_user)'@'$(host)';\" ";
+	"args" string => "-e \"CREATE DATABASE IF NOT EXISTS $(db_name); CREATE USER IF NOT EXISTS '$(db_user)'@'$(host)'; ALTER USER '$(db_user)'@'$(host)' IDENTIFIED BY '$(db_pass)'; GRANT RELOAD ON *.* to '$(db_user)'@'$(host)'; GRANT ALL PRIVILEGES ON $(db_name).* TO '$(db_user)'@'$(host)';\" ";

 commands:

--- a/php.cf
+++ b/php.cf
@ -19,12 +19,15 @@ vars:
 		"pkgs" slist => {
 			"php$(php.bsdvs)-session",
 			"php$(php.bsdvs)-zip",
+			"php$(php.bsdvs)-zlib",
+			"php$(php.bsdvs)-phar",
 			"php$(php.bsdvs)-pgsql",
 			"php$(php.bsdvs)-mysqli",
 			"php$(php.bsdvs)-filter",
 			"php$(php.bsdvs)-mbstring",
 			"php$(php.bsdvs)-dom",
 			"php$(php.bsdvs)-xml",
+			"php$(php.bsdvs)-simplexml",
 			"php$(php.bsdvs)-ctype",
 			"php$(php.bsdvs)-intl",
 			"php$(php.bsdvs)-curl",
@ -39,7 +42,9 @@ vars:
 			"php$(php.bsdvs)-sqlite3",
 			"php$(php.bsdvs)-pdo_pgsql",
 			"php$(php.bsdvs)-pdo_mysql",
-
+			"php$(php.bsdvs)-tokenizer",
+			"php$(php.bsdvs)-gettext"
+		#	"php$(php.bsdvs)-pear-channel-doctrine"
 			
 		};
 	#	"php$(bsdvs)-json",
--- a/postfix.cf
+++ b/postfix.cf
@ -8,7 +8,8 @@ vars:

 	freebsd::
 		"pkgs" slist => {
-			"postfix-sasl",
+			"postfix-mysql",
+			#"postfix",
 		};
 		"db_dir" string => "/var/db";
 		"service_name" string => "postfix";
@ -83,8 +84,13 @@ users:
 methods:
 #	"any" usebundle => wmde_install_packages(@(pkgs),"postfix");
 	"any" usebundle => install_postfix_pkgs;
+	"any" usebundle => postfix_postinstall_pkgs,
+		depends_on => {"postfix_pkgs_installed"},
+		handle => "postfix_postinstall_pkgs_ready";
+
 	"any" usebundle => wmde_service("$(service_name)","postfix_kept","postfix_repaired"),
 		depends_on => {
+			"postfix_postinstall_pkgs_ready",
 			"postfix_pkgs_installed",
 			"postfix_master_cfg_ready",
 			"postfix_main_cfg_ready"
@ -103,7 +109,7 @@ files:

 	"$(postfix.db_dir)/."
 	create => "true",
-	perms => mog("755","root","root"),
+	perms => m("755"),
 	handle => "postfix_db_dir_created";

 	"$(postfix.data_dir)/."
@ -247,6 +253,20 @@ reports:

 }

+
+bundle agent postfix_postinstall_pkgs
+{
+commands:
+	freebsd::
+	"install -d /usr/local/etc/mail && install -m 0644 /usr/local/share/postfix/mailer.conf.postfix /usr/local/etc/mail/mailer.conf"
+	contain => wmde_cmd_useshell,
+	if => not(fileexists("/usr/local/etc/mail/mailer.conf")),
+	handle => "postfix_bsd_mailer_conf_installed";
+
+	"/usr/sbin/sysrc sendmail_enable=\"NONE\""
+	depends_on => {"postfix_bsd_mailer_conf_installed"};
+}
+
 #
 # Install postfix pacgages as they come from repos
 # This sould also create the postfix user 
--- a/roundcube.cf
+++ b/roundcube.cf
@ -38,6 +38,8 @@ vars:
 		"dltype" string => "wget";
 		"dlsrc" string => "https://github.com/roundcube/roundcubemail/releases/download/$(cfg[version])/$(tgzname)";

+	"config_file" string => "$(install_sub_dir)/config/config.inc.php";
+
 reports:
 #	dlbyversion::
 #		"dl by version";
@ -143,3 +145,128 @@ methods:
 		"$(dst)","roundcube_tgz_file",'{}');	
 	
 }
+
+
+bundle edit_line roundcube_values(tab, sectionName)
+{
+  vars:
+      "index" slist => getindices("$(tab)[$(sectionName)]");
+
+      # Be careful if the index string contains funny chars
+      "cindex[$(index)]" string => canonify("$(index)");
+
+  classes:
+      "edit_$(cindex[$(index)])"     not => strcmp("$($(tab)[$(sectionName)][$(index)])","dontchange"),
+      comment => "Create conditions to make changes";
+
+  field_edits:
+
+      # If the line is there, but commented out, first uncomment it
+#      "#+\s*$(index)\s*=.*"
+#      select_region => INI_section(escape("$(sectionName)")),
+ #     edit_field => col("\s*=\s*","1","$(index)","set"),
+  #    if => "edit_$(cindex[$(index)])";
+
+      # match a line starting like the key something
+      "\s*$(index)\s*=.*"
+      edit_field => col("\s*=\s*","2","$($(tab)[$(sectionName)][$(index)])","set"),
+      select_region => INI_section(escape("$(sectionName)")),
+      classes => results("bundle", "set_variable_values_ini_not_$(cindex[$(index)])"),
+      if => "edit_$(cindex[$(index)])";
+
+	delete_lines:
+		"!include.*";
+
+  insert_lines:
+      "[$(sectionName)]"
+      location => start,
+      comment => "Insert lines";
+
+      "$(index)=$($(tab)[$(sectionName)][$(index)])"
+      select_region => INI_section(escape("$(sectionName)")),
+        if => "!(set_variable_values_ini_not_$(cindex[$(index)])_kept|set_variable_values_ini_not_$(cindex[$(index)])_repaired).edit_$(cindex[$(index)])";
+
+}
+
+
+bundle edit_line rc_line_based(v)
+{
+vars:
+      "i" slist => getindices("$(v)");
+
+      # Escape the value (had a problem with special characters and regex's)
+      "ev[$(i)]" string => escape("$($(v)[$(i)])");
+
+vars:
+	"exx" string => "^\s*\$config\s*\['$(i)'\s*]\s*=\s*(?!33).*$";
+
+replace_patterns:
+	"^\s*\$config\s*\['$(i)'\s*]\s*=\s*(?!$($(v)[$(i)]);$).*"
+           comment => "Correct the value '$(i)'",
+      #replace_with => value("$config['$(i)']=$($(v)[$(i)])"),
+      replace_with => value("$config['$(i)']=$($(v)[$(i)]);"),
+           classes => results("bundle", "replace_attempted_$(i)");
+
+reports:
+
+  insert_lines:
+      # If the line doesn't exist, or there is more than one occurrence
+      # of the LHS commented out, insert a new line and try to place it
+      # after the commented LHS (keep new line with old comments)
+   #   "$(i)$(sep)$($(v)[$(i)])"
+    #     comment => "Insert the value, marker '$(i)' exists",
+      #  location => after("^$(cp)($(i)$(bp).*|$(i))$"),
+     #         if => "replace_attempted_$(ci[$(i)])_reached.multiple_comments_$(ci[$(i)])";
+
+      # If the line doesn't exist and there are no occurrences
+      # of the LHS commented out, insert a new line at the eof
+#      "$(i)$(sep)$($(v)[$(i)])"
+ #        comment => "Insert the value, marker '$(i)' doesn't exist",
+  #            if => "replace_attempted_$(ci[$(i)])_reached.!multiple_comments_$(ci[$(i)]).!exists_$(ci[$(i)])";
+
+  reports:
+    verbose_mode|EXTRA::
+      "$(this.bundle): Line for '$(i)' exists" if => "exists_$(ci[$(i)])";
+      "$(this.bundle): Line for '$(i)' does not exist" if => "!exists_$(ci[$(i)])";
+}
+
+
+
+bundle agent configure_roundcube(cfg)
+{
+
+vars:
+
+	"settings[db_dsnw]" string => "'mysql://$(cfg[db_user]):$(cfg[db_pass])@$(cfg[db_host])/$(cfg[db_name])'";
+	"settings[language]" string => "'us_EN'";
+
+
+	"idx" slist  => getindices(@(cfg[settings]));
+	"settings[$(idx)]" string => "$(cfg[settings][$(idx)])";
+
+
+methods:
+	"any" usebundle => mysql_table_exists(@(cfg),"users");
+
+files:
+	"$(roundcube.config_file)"
+#create => "true",
+	perms => m("644"),
+	copy_from => seed_cp("$(def.wmde_lib)/templates/roundcube-config.inc.php.mustache"),
+	handle => "roundcube_config_created";
+	
+	"$(roundcube.config_file)"
+	edit_line => rc_line_based("$(this.bundle).settings"),
+	handle => "roundcube_config_edited",
+	depends_on => {"roundcube_config_created"};
+
+commands:
+	"!mysql_$(cfg[db_name])_users_exists"::
+		"cd $(roundcube.install_sub_dir) && bin/initdb.sh --dir SQL"
+		depends_on => {"roundcube_config_edited"},
+		contain => wmde_cmd_useshell;
+
+
+	
+reports:
+}
--- a/templates/postfix-main.cf.mustache
+++ b/templates/postfix-main.cf.mustache
@ -615,7 +615,7 @@ mynetworks_style = host
 # logging level when an SMTP client or server host name or address
 # matches a pattern in the debug_peer_list parameter.
 #
-debug_peer_level = 2
+# debug_peer_level = 2

 # The debug_peer_list parameter specifies an optional list of domain
 # or network patterns, /file/name patterns or type:name tables. When
--- a/vimbadmin.cf
+++ b/vimbadmin.cf
@ -62,14 +62,14 @@ files:

 	"$(cfg[install_dir])/public/.htaccess"
 		copy_from => seed_cp("$(cfg[install_dir])/public/.htaccess.dist"),
-		perms => mog("644","root","root"),
+		perms => m("644"),
 		depends_on => {"vimbadmin_untarred"},
 		handle => "vimbadmin_htaccess_copied";


 	"$(cfg[install_dir])/application/configs/application.ini"
 		copy_from => seed_cp("$(cfg[install_dir])/application/configs/application.ini.dist"),
-		perms => mog("644","root","root"),
+		perms => m("644"),
 		depends_on => {"vimbadmin_untarred"},
 		handle => "vimbadmin_appini_copied";

@ -127,7 +127,7 @@ commands:
 		#args => '-c $(php
 		
 	!vimbadmin_reconfigure::
-		"/bin/true" 
+		"/usr//bin/true" 
 			inform => "false",
 			handle => "vimbadmin_untarred";