diff --git a/apache.cf b/apache.cf index e5243b2..83f41d0 100644 --- a/apache.cf +++ b/apache.cf @@ -41,6 +41,7 @@ vars: "cfg_deps" slist => { "apache_pkgs_installed" }; + any:: "log_dir_mode" string => "750"; freebsd:: @@ -212,7 +213,7 @@ commands: reports: } -bundle agent install_apache(raw) +bundle agent install_apache { methods: @@ -287,6 +288,8 @@ commands: "/bin/sh" args => "$(sys.workdir)/inputs/$(def.wmde_libdir)/scripts/del-files-not-in-list.sh $(apache.cfg_dir)/Vhosts $(sys.workdir)/data/agent/apache/domains.txt && echo dummy.conf > $(sys.workdir)/data/agent/apache/domains.txt", inform => "false", + handle => "apache_vhost_dir_cleaned", + depends_on => {"apache_dummy_conf_created"}, contain => wmde_cmd_useshell; @@ -356,9 +359,14 @@ vars: "$(site[ssl_key])"); use_ssl&(use_certbot):: - "vhostdeps" slist => {"apache_ssl_created$(site[domain])"}; + "vhostdeps" slist => { + "apache_ssl_created$(site[domain])", + "apache_vhost_dir_cleaned" + }; (!use_ssl)|(!use_certbot):: - "vhostdeps" slist => {}; + "vhostdeps" slist => { + "apache_vhost_dir_cleaned" + }; files: delete:: diff --git a/dovecot.cf b/dovecot.cf index 15572bb..2bd0806 100644 --- a/dovecot.cf +++ b/dovecot.cf @@ -9,13 +9,23 @@ classes: "rspamd_scripts" expression => strcmp("$(cfg[rspamd_scripts])","true"); vars: + "imap_key" string => "$(cfg_dir)/private/imap.key"; + "imap_cert" string => "$(cfg_dir)/private/imap.crt"; + "submission_key" string => "$(cfg_dir)/private/submission.key"; + "submission_cert" string => "$(cfg_dir)/private/submission.crt"; + + + freebsd:: + "service_name" string => "dovecot"; "cfg_dir" string => "/usr/local/etc/dovecot"; "dovecot_conf" string => "$(cfg_dir)/dovecot.conf"; "pkgs" slist => { - "dovecot" + "dovecot", + "dovecot-pigeonhole" }; + "sievec_exe" string => "/usr/local/bin/sievec"; debian:: "cfg_dir" string => "/etc/dovecot"; "dovecot_conf" string => "$(cfg_dir)/dovecot.conf"; @@ -84,14 +94,14 @@ methods: files: "$(cfg_dir)/." create => "true", - perms => mog("755","root","root"), + perms => m("755"), depends_on => {"dovecot_pkgs_installed"}, handle => "dovecot_cfg_dir_created"; "$(dovecot_conf)" classes => if_repaired(dovecot_repaired), create => "true", - perms => mog("644","root","root"), + perms => m("644"), template_method => "mustache", depends_on => {"dovecot_pkgs_installed","dovecot_cfg_dir_created"}, handle => "dovecot_cfg_created", @@ -102,26 +112,26 @@ files: "$(imap_cert)" handle => "dovecot_imap_cert_installed", classes => if_repaired(dovecot_repaired), - copy_from => local_dcp( execresult( "/usr/bin/readlink -qfn $(cfg[imap_cert])","noshell" )), - perms => mog("600","root","root"); + copy_from => local_dcp( execresult( "/usr/bin/readlink -fn $(cfg[imap_cert])","noshell" )), + perms => m("600"); "$(imap_key)" handle => "dovecot_imap_key_installed", classes => if_repaired(dovecot_repaired), - copy_from => local_dcp( execresult( "/usr/bin/readlink -qfn $(cfg[imap_key])","noshell" )), - perms => mog("600","root","root"); + copy_from => local_dcp( execresult( "/usr/bin/readlink -fn $(cfg[imap_key])","noshell" )), + perms => m("600"); "$(submission_cert)" handle => "dovecot_submission_cert_installed", classes => if_repaired(dovecot_repaired), - copy_from => local_dcp( execresult( "/usr/bin/readlink -qfn $(cfg[submission_cert])","noshell" )), - perms => mog("600","root","root"); + copy_from => local_dcp( execresult( "/usr/bin/readlink -fn $(cfg[submission_cert])","noshell" )), + perms => m("600"); "$(submission_key)" handle => "dovecot_submission_key_installed", classes => if_repaired(dovecot_repaired), - copy_from => local_dcp( execresult( "/usr/bin/readlink -qfn $(cfg[submission_key])","noshell" )), - perms => mog("600","root","root"); + copy_from => local_dcp( execresult( "/usr/bin/readlink -fn $(cfg[submission_key])","noshell" )), + perms => m("600"); diff --git a/mailserver.cf b/mailserver.cf index 1515224..3cc242c 100644 --- a/mailserver.cf +++ b/mailserver.cf @@ -37,32 +37,32 @@ vars: "dbs" string => string_mustache(' "userdbs":[ - {{#cfg.pam_auth}} - { - "driver":"passwd", - "args":"" - }, - {{/cfg.pam_auth}} {{#fg.vimb_auth}} { "driver":"sql", "args":"$(dovecot_vimbadmin_sql.cfg_file)" }, {{/cfg.vimb_auth}} - ], - "passdbs":[ {{#cfg.pam_auth}} { - "driver":"pam", - "args":"dovecot" - }, + "driver":"passwd", + "args":"" + }, {{/cfg.pam_auth}} + ], + "passdbs":[ {{#cfg.vimb_auth}} { "driver":"sql", "args":"$(dovecot_vimbadmin_sql.cfg_file)" } , {{/cfg.vimb_auth}} + {{#cfg.pam_auth}} + { + "driver":"pam", + "args":"dovecot" + }, + {{/cfg.pam_auth}} ],', bundlestate("$(this.bundle)")); @@ -185,6 +185,6 @@ methods: "any" usebundle => dovecot(@(dovecot_cfg)); "any" usebundle => postfix(@(postfix_cfg)); reports: - "DCP: $(dovecot_protos)"; - "DBS: $(dbs)"; +# "DCP: $(dovecot_protos)"; +# "DBS: $(dbs)"; } diff --git a/mysql.cf b/mysql.cf index 53319e9..720bb29 100644 --- a/mysql.cf +++ b/mysql.cf @@ -256,9 +256,12 @@ reports: bundle agent mysql_backup_db(cfg,file) { +classes: + "type_$(mysql.type)" ; + vars: "table_exists_cmd" string => '$(mysql.mysql_cmd) -e "show tables LIKE \'$(table_name)\'" $(cdfg[db_name]) | grep -q $(table_name)'; - "cmd" string => "$(mysql.mysqldump_cmd) --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) >$(file)"; + "cmd" string => "$(mysql.mysqldump_cmd) --no-tablespaces --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) >$(file)"; } @@ -273,11 +276,18 @@ vars: bundle agent create_mysql_backup_cron_job(cfg,file,table_name,run) { classes: + "type_$(mysql.type)" ; "create_cron" expression => strcmp("$(run)","true"); vars: + "table_exists_cmd" string => '$(mysql.mysql_cmd) -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) -e "show tables LIKE \'$(table_name)\'" | grep -q $(table_name)'; + + type_mariadb:: "backup_cmd" string => "$(mysql.mysqldump_cmd) --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) >$(file)"; + type_mysql8:: + "backup_cmd" string => "$(mysql.mysqldump_cmd) --set-gtid-purged=OFF --no-tablespaces --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) >$(file)"; + files: !create_cron:: @@ -315,7 +325,7 @@ vars: "args" string => "-e \"CREATE DATABASE IF NOT EXISTS $(db_name); GRANT ALL PRIVILEGES ON $(db_name).* TO '$(db_user)'@'$(host)' IDENTIFIED BY '$(db_pass)'; \" "; type_mysql8:: - "args" string => "-e \"CREATE DATABASE IF NOT EXISTS $(db_name); CREATE USER IF NOT EXISTS '$(db_user)'@'$(host)'; ALTER USER '$(db_user)'@'$(host)' IDENTIFIED BY '$(db_pass)'; GRANT ALL PRIVILEGES ON $(db_name).* TO '$(db_user)'@'$(host)';\" "; + "args" string => "-e \"CREATE DATABASE IF NOT EXISTS $(db_name); CREATE USER IF NOT EXISTS '$(db_user)'@'$(host)'; ALTER USER '$(db_user)'@'$(host)' IDENTIFIED BY '$(db_pass)'; GRANT RELOAD ON *.* to '$(db_user)'@'$(host)'; GRANT ALL PRIVILEGES ON $(db_name).* TO '$(db_user)'@'$(host)';\" "; commands: diff --git a/php.cf b/php.cf index 7042f18..121d315 100644 --- a/php.cf +++ b/php.cf @@ -19,12 +19,15 @@ vars: "pkgs" slist => { "php$(php.bsdvs)-session", "php$(php.bsdvs)-zip", + "php$(php.bsdvs)-zlib", + "php$(php.bsdvs)-phar", "php$(php.bsdvs)-pgsql", "php$(php.bsdvs)-mysqli", "php$(php.bsdvs)-filter", "php$(php.bsdvs)-mbstring", "php$(php.bsdvs)-dom", "php$(php.bsdvs)-xml", + "php$(php.bsdvs)-simplexml", "php$(php.bsdvs)-ctype", "php$(php.bsdvs)-intl", "php$(php.bsdvs)-curl", @@ -39,7 +42,9 @@ vars: "php$(php.bsdvs)-sqlite3", "php$(php.bsdvs)-pdo_pgsql", "php$(php.bsdvs)-pdo_mysql", - + "php$(php.bsdvs)-tokenizer", + "php$(php.bsdvs)-gettext" + # "php$(php.bsdvs)-pear-channel-doctrine" }; # "php$(bsdvs)-json", diff --git a/postfix.cf b/postfix.cf index 55a47c2..af13768 100644 --- a/postfix.cf +++ b/postfix.cf @@ -8,7 +8,8 @@ vars: freebsd:: "pkgs" slist => { - "postfix-sasl", + "postfix-mysql", + #"postfix", }; "db_dir" string => "/var/db"; "service_name" string => "postfix"; @@ -83,8 +84,13 @@ users: methods: # "any" usebundle => wmde_install_packages(@(pkgs),"postfix"); "any" usebundle => install_postfix_pkgs; + "any" usebundle => postfix_postinstall_pkgs, + depends_on => {"postfix_pkgs_installed"}, + handle => "postfix_postinstall_pkgs_ready"; + "any" usebundle => wmde_service("$(service_name)","postfix_kept","postfix_repaired"), depends_on => { + "postfix_postinstall_pkgs_ready", "postfix_pkgs_installed", "postfix_master_cfg_ready", "postfix_main_cfg_ready" @@ -103,7 +109,7 @@ files: "$(postfix.db_dir)/." create => "true", - perms => mog("755","root","root"), + perms => m("755"), handle => "postfix_db_dir_created"; "$(postfix.data_dir)/." @@ -247,6 +253,20 @@ reports: } + +bundle agent postfix_postinstall_pkgs +{ +commands: + freebsd:: + "install -d /usr/local/etc/mail && install -m 0644 /usr/local/share/postfix/mailer.conf.postfix /usr/local/etc/mail/mailer.conf" + contain => wmde_cmd_useshell, + if => not(fileexists("/usr/local/etc/mail/mailer.conf")), + handle => "postfix_bsd_mailer_conf_installed"; + + "/usr/sbin/sysrc sendmail_enable=\"NONE\"" + depends_on => {"postfix_bsd_mailer_conf_installed"}; +} + # # Install postfix pacgages as they come from repos # This sould also create the postfix user diff --git a/roundcube.cf b/roundcube.cf index 37fe3d7..24ca622 100644 --- a/roundcube.cf +++ b/roundcube.cf @@ -38,6 +38,8 @@ vars: "dltype" string => "wget"; "dlsrc" string => "https://github.com/roundcube/roundcubemail/releases/download/$(cfg[version])/$(tgzname)"; + "config_file" string => "$(install_sub_dir)/config/config.inc.php"; + reports: # dlbyversion:: # "dl by version"; @@ -143,3 +145,128 @@ methods: "$(dst)","roundcube_tgz_file",'{}'); } + + +bundle edit_line roundcube_values(tab, sectionName) +{ + vars: + "index" slist => getindices("$(tab)[$(sectionName)]"); + + # Be careful if the index string contains funny chars + "cindex[$(index)]" string => canonify("$(index)"); + + classes: + "edit_$(cindex[$(index)])" not => strcmp("$($(tab)[$(sectionName)][$(index)])","dontchange"), + comment => "Create conditions to make changes"; + + field_edits: + + # If the line is there, but commented out, first uncomment it +# "#+\s*$(index)\s*=.*" +# select_region => INI_section(escape("$(sectionName)")), + # edit_field => col("\s*=\s*","1","$(index)","set"), + # if => "edit_$(cindex[$(index)])"; + + # match a line starting like the key something + "\s*$(index)\s*=.*" + edit_field => col("\s*=\s*","2","$($(tab)[$(sectionName)][$(index)])","set"), + select_region => INI_section(escape("$(sectionName)")), + classes => results("bundle", "set_variable_values_ini_not_$(cindex[$(index)])"), + if => "edit_$(cindex[$(index)])"; + + delete_lines: + "!include.*"; + + insert_lines: + "[$(sectionName)]" + location => start, + comment => "Insert lines"; + + "$(index)=$($(tab)[$(sectionName)][$(index)])" + select_region => INI_section(escape("$(sectionName)")), + if => "!(set_variable_values_ini_not_$(cindex[$(index)])_kept|set_variable_values_ini_not_$(cindex[$(index)])_repaired).edit_$(cindex[$(index)])"; + +} + + +bundle edit_line rc_line_based(v) +{ +vars: + "i" slist => getindices("$(v)"); + + # Escape the value (had a problem with special characters and regex's) + "ev[$(i)]" string => escape("$($(v)[$(i)])"); + +vars: + "exx" string => "^\s*\$config\s*\['$(i)'\s*]\s*=\s*(?!33).*$"; + +replace_patterns: + "^\s*\$config\s*\['$(i)'\s*]\s*=\s*(?!$($(v)[$(i)]);$).*" + comment => "Correct the value '$(i)'", + #replace_with => value("$config['$(i)']=$($(v)[$(i)])"), + replace_with => value("$config['$(i)']=$($(v)[$(i)]);"), + classes => results("bundle", "replace_attempted_$(i)"); + +reports: + + insert_lines: + # If the line doesn't exist, or there is more than one occurrence + # of the LHS commented out, insert a new line and try to place it + # after the commented LHS (keep new line with old comments) + # "$(i)$(sep)$($(v)[$(i)])" + # comment => "Insert the value, marker '$(i)' exists", + # location => after("^$(cp)($(i)$(bp).*|$(i))$"), + # if => "replace_attempted_$(ci[$(i)])_reached.multiple_comments_$(ci[$(i)])"; + + # If the line doesn't exist and there are no occurrences + # of the LHS commented out, insert a new line at the eof +# "$(i)$(sep)$($(v)[$(i)])" + # comment => "Insert the value, marker '$(i)' doesn't exist", + # if => "replace_attempted_$(ci[$(i)])_reached.!multiple_comments_$(ci[$(i)]).!exists_$(ci[$(i)])"; + + reports: + verbose_mode|EXTRA:: + "$(this.bundle): Line for '$(i)' exists" if => "exists_$(ci[$(i)])"; + "$(this.bundle): Line for '$(i)' does not exist" if => "!exists_$(ci[$(i)])"; +} + + + +bundle agent configure_roundcube(cfg) +{ + +vars: + + "settings[db_dsnw]" string => "'mysql://$(cfg[db_user]):$(cfg[db_pass])@$(cfg[db_host])/$(cfg[db_name])'"; + "settings[language]" string => "'us_EN'"; + + + "idx" slist => getindices(@(cfg[settings])); + "settings[$(idx)]" string => "$(cfg[settings][$(idx)])"; + + +methods: + "any" usebundle => mysql_table_exists(@(cfg),"users"); + +files: + "$(roundcube.config_file)" +#create => "true", + perms => m("644"), + copy_from => seed_cp("$(def.wmde_lib)/templates/roundcube-config.inc.php.mustache"), + handle => "roundcube_config_created"; + + "$(roundcube.config_file)" + edit_line => rc_line_based("$(this.bundle).settings"), + handle => "roundcube_config_edited", + depends_on => {"roundcube_config_created"}; + +commands: + "!mysql_$(cfg[db_name])_users_exists":: + "cd $(roundcube.install_sub_dir) && bin/initdb.sh --dir SQL" + depends_on => {"roundcube_config_edited"}, + contain => wmde_cmd_useshell; + + + +reports: +} diff --git a/templates/postfix-main.cf.mustache b/templates/postfix-main.cf.mustache index 028fb07..c312443 100644 --- a/templates/postfix-main.cf.mustache +++ b/templates/postfix-main.cf.mustache @@ -615,7 +615,7 @@ mynetworks_style = host # logging level when an SMTP client or server host name or address # matches a pattern in the debug_peer_list parameter. # -debug_peer_level = 2 +# debug_peer_level = 2 # The debug_peer_list parameter specifies an optional list of domain # or network patterns, /file/name patterns or type:name tables. When diff --git a/vimbadmin.cf b/vimbadmin.cf index 6f6f220..8ef0d6a 100644 --- a/vimbadmin.cf +++ b/vimbadmin.cf @@ -62,14 +62,14 @@ files: "$(cfg[install_dir])/public/.htaccess" copy_from => seed_cp("$(cfg[install_dir])/public/.htaccess.dist"), - perms => mog("644","root","root"), + perms => m("644"), depends_on => {"vimbadmin_untarred"}, handle => "vimbadmin_htaccess_copied"; "$(cfg[install_dir])/application/configs/application.ini" copy_from => seed_cp("$(cfg[install_dir])/application/configs/application.ini.dist"), - perms => mog("644","root","root"), + perms => m("644"), depends_on => {"vimbadmin_untarred"}, handle => "vimbadmin_appini_copied"; @@ -127,7 +127,7 @@ commands: #args => '-c $(php !vimbadmin_reconfigure:: - "/bin/true" + "/usr//bin/true" inform => "false", handle => "vimbadmin_untarred";