Fixed file permissions

This commit is contained in:
Tobias Herre 2023-10-20 20:02:18 +02:00
parent ab6d740b09
commit 743f75a929
1 changed files with 219 additions and 0 deletions

219
postfix.cf Normal file
View File

@ -0,0 +1,219 @@
#
#
#
bundle agent postfix(cfg)
{
vars:
freebsd::
"pkgs" slist => {
"postfix-sasl",
};
"db_dir" string => "/var/db";
"service_name" string => "postfix";
"cfg_dir" string => "/usr/local/etc/postfix";
"master_cf" string => "/usr/local/etc/postfix/master.cf";
"main_cf" string => "/usr/local/etc/postfix/main.cf";
"mailer_conf" string => "/usr/local/etc/mail/mailer.conf";
"mail_group" string => "maildrop";
"daemon_dir" string => "/usr/local/libexec/postfix";
"queue_dir" string => "/var/spool/postfix";
"bin_dir" string => "/usr/local/bin";
"sbin_dir" string => "/usr/local/sbin";
"user" string => "postfix";
"group" string => "wheel";
"mail_owner" string => "postfix";
debian::
"pkgs" slist => {
"postfix",
"postfix-mysql"
};
"service_name" string => "postfix";
"cfg_dir" string => "/etc/postfix";
"master_cf" string => "/etc/postfix/master.cf";
"main_cf" string => "/etc/postfix/main.cf";
"mailer_conf" string => "/usr/local/etc/mail/mailer.conf";
"mail_group" string => "postdrop";
"daemon_dir" string => "/usr/lib/postfix/sbin";
"bin_dir" string => "/usr/bin";
"sbin_dir" string => "/usr/sbin";
"queue_dir" string => "/var/spool/postfix";
"db_dir" string => "/var/db";
"user" string => "postfix";
"group" string => "postfix";
"mail_owner" string => "postfix";
"postmap_cmd" string => "/usr/sbin/postmap";
any::
"data_dir" string => "$(db_dir)/postfix";
users:
debian::
"$(postfix.user)"
policy => "present",
groups_secondary => { "mail","sasl" },
classes => if_repaired(postfix_repaired);
methods:
"any" usebundle => wmde_install_packages(@(pkgs),"postfix");
"any" usebundle => wmde_service("$(service_name)","postfix_kept","postfix_repaired"),
depends_on => {
"postfix_pkgs_installed",
"postfix_master_cfg_ready",
"postfix_main_cfg_ready"
};
files:
"$(postfix.cfg_dir)/."
create => "true",
perms => m(755);
"$(postfix.db_dir)/."
create => "true",
perms => mog("755","root","root"),
handle => "postfix_db_dir_created";
"$(postfix.data_dir)/."
create => "true",
depends_on => {"postfix_db_dir_created"},
perms => mog("750","$(postfix.user)","$(postfix.group)");
"$(postfix.main_cf)"
classes => if_repaired(postfix_repaired),
create => "true",
perms => m("644"),
template_method => "mustache",
handle => "postfix_main_cfg_ready",
depends_on => {"postfix_pkgs_installed"},
edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/postfix-main.cf.mustache";
vars:
"master_cf_content" string => string_mustache(
readfile("$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/postfix-master.cf.mustache")
),
handle => "master_cf_content_ready";
files:
"$(postfix.master_cf)"
create => "true",
depends_on => {"postfix_pkgs_installed","master_cf_content_ready"},
handle => "postfix_master_cfg_ready",
perms => m("644"),
classes => if_repaired(postfix_repaired),
# content => "$(master_cf_content)";
content => regex_replace("$(master_cf_content)", "\\\\dollar", "$", "g");
# "$(postfix.master_cf)"
# create => "true",
# template_method => "mustache",
# depends_on => {"postfix_pkgs_installed"},
# handle => "postfix_master_cfg_ready",
# classes => if_repaired(postfix_repaired),
# edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/postfix-master.cf.mustache";
reports:
}
bundle agent install_postfix
{
services:
"$(postfix.service_name)"
depends_on => {"postfix_installed"},
service_policy => "start",
handle => "postfix_running";
"postfix_changed"::
"$(postfix.service_name)"
service_policy => "restart",
depends_on => {"postfix_installed","postfix_running"};
packages:
freebsd::
"$(postfix.pkgs)"
policy => "present",
package_module => pkg,
classes => if_repaired(postfix_changed),
handle=>"postfix_installed";
debian::
"$(postfix.pkgs)"
policy => "present",
package_module => apt_get,
classes => if_repaired(postfix_changed),
handle=>"postfix_installed";
#perms => uperm("$(postfix.user)","$(postfix.group)","750");
reports:
"postfix_installed"::
"Postfix was installed";
}
body perms m_rxdirs_on(mode)
{
inherit_from => m( $(mode) );
rxdirs => "true";
}
bundle agent postfix_vimbadmin_sql(cfg)
{
vars:
"file[virtual_alias_maps]" string =>"query = SELECT goto FROM alias WHERE address = '%s' AND active = '1'";
"file[virtual_domains_maps]" string => "query = SELECT domain FROM domain WHERE domain = '%s' AND backupmx = '0' AND active = '1'";
"file[virtual_mailbox_maps]" string => "query = SELECT maildir FROM mailbox WHERE username = '%s' AND active = '1'";
# "file[relay_domains]" string => "query = SELECT domain FROM domain WHERE domain = '%s' AND backupmx = '0' AND active = '1'";
# "file[relay_recipient_maps]" string => "query = SELECT maildir FROM mailbox WHERE username = '%s' AND active = '1'";
"idx" slist => getindices("file");
"sql_dir" string => "$(postfix.cfg_dir)/sql";
"$(idx)" string => "$(sql_dir)/$(idx).sql";
files:
"$(sql_dir)/."
create => "true",
perms => m("755");
"$(sql_dir)/$(idx).sql"
create=>"true",
perms=>m("644"),
content=>"
user = $(cfg[db_user])
password = $(cfg[db_pass])
hosts = $(cfg[db_host])
dbname = $(cfg[db_name])
$(file[$(idx)])
";
reports:
# "INDX: $(sql_dir)";
}
bundle agent postfix_copy_tsv(src_dir,dst_dir,file)
{
classes:
"run_postmap" expression => fileexists("$(dst_dir)/$(file).db");
files:
"$(dst_dir)/$(file).tsv"
copy_from => sync_cp("$(src_dir)/$(file).tsv","$(sys.policy_hub)"),
classes => if_repaired(run_postmap); #"postfix_$(file)_changed");
commands:
run_postmap::
"$(postfix.postmap_cmd)"
args => "$(dst_dir)/$(file).tsv";
reports:
}