From 743f75a929cb990367c1882c9ed2d31b1cacfba2 Mon Sep 17 00:00:00 2001 From: Tobias Herre Date: Fri, 20 Oct 2023 20:02:18 +0200 Subject: [PATCH] Fixed file permissions --- postfix.cf | 219 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 219 insertions(+) create mode 100644 postfix.cf diff --git a/postfix.cf b/postfix.cf new file mode 100644 index 0000000..77902e1 --- /dev/null +++ b/postfix.cf @@ -0,0 +1,219 @@ +# +# +# + +bundle agent postfix(cfg) +{ +vars: + + freebsd:: + "pkgs" slist => { + "postfix-sasl", + }; + "db_dir" string => "/var/db"; + "service_name" string => "postfix"; + "cfg_dir" string => "/usr/local/etc/postfix"; + "master_cf" string => "/usr/local/etc/postfix/master.cf"; + "main_cf" string => "/usr/local/etc/postfix/main.cf"; + "mailer_conf" string => "/usr/local/etc/mail/mailer.conf"; + "mail_group" string => "maildrop"; + "daemon_dir" string => "/usr/local/libexec/postfix"; + "queue_dir" string => "/var/spool/postfix"; + "bin_dir" string => "/usr/local/bin"; + "sbin_dir" string => "/usr/local/sbin"; + "user" string => "postfix"; + "group" string => "wheel"; + "mail_owner" string => "postfix"; + + debian:: + "pkgs" slist => { + "postfix", + "postfix-mysql" + }; + "service_name" string => "postfix"; + "cfg_dir" string => "/etc/postfix"; + "master_cf" string => "/etc/postfix/master.cf"; + "main_cf" string => "/etc/postfix/main.cf"; + "mailer_conf" string => "/usr/local/etc/mail/mailer.conf"; + "mail_group" string => "postdrop"; + "daemon_dir" string => "/usr/lib/postfix/sbin"; + "bin_dir" string => "/usr/bin"; + "sbin_dir" string => "/usr/sbin"; + "queue_dir" string => "/var/spool/postfix"; + "db_dir" string => "/var/db"; + "user" string => "postfix"; + "group" string => "postfix"; + "mail_owner" string => "postfix"; + "postmap_cmd" string => "/usr/sbin/postmap"; + any:: + "data_dir" string => "$(db_dir)/postfix"; + +users: + debian:: + "$(postfix.user)" + policy => "present", + groups_secondary => { "mail","sasl" }, + classes => if_repaired(postfix_repaired); + +methods: + "any" usebundle => wmde_install_packages(@(pkgs),"postfix"); + "any" usebundle => wmde_service("$(service_name)","postfix_kept","postfix_repaired"), + depends_on => { + "postfix_pkgs_installed", + "postfix_master_cfg_ready", + "postfix_main_cfg_ready" + }; + +files: + "$(postfix.cfg_dir)/." + create => "true", + perms => m(755); + + "$(postfix.db_dir)/." + create => "true", + perms => mog("755","root","root"), + handle => "postfix_db_dir_created"; + + "$(postfix.data_dir)/." + create => "true", + depends_on => {"postfix_db_dir_created"}, + perms => mog("750","$(postfix.user)","$(postfix.group)"); + + + "$(postfix.main_cf)" + classes => if_repaired(postfix_repaired), + create => "true", + perms => m("644"), + template_method => "mustache", + handle => "postfix_main_cfg_ready", + depends_on => {"postfix_pkgs_installed"}, + edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/postfix-main.cf.mustache"; + +vars: + "master_cf_content" string => string_mustache( + readfile("$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/postfix-master.cf.mustache") + ), + handle => "master_cf_content_ready"; + +files: + + "$(postfix.master_cf)" + create => "true", + depends_on => {"postfix_pkgs_installed","master_cf_content_ready"}, + handle => "postfix_master_cfg_ready", + perms => m("644"), + classes => if_repaired(postfix_repaired), +# content => "$(master_cf_content)"; + content => regex_replace("$(master_cf_content)", "\\\\dollar", "$", "g"); + +# "$(postfix.master_cf)" +# create => "true", +# template_method => "mustache", +# depends_on => {"postfix_pkgs_installed"}, +# handle => "postfix_master_cfg_ready", +# classes => if_repaired(postfix_repaired), +# edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/postfix-master.cf.mustache"; + + +reports: + +} + +bundle agent install_postfix +{ + +services: + "$(postfix.service_name)" + depends_on => {"postfix_installed"}, + service_policy => "start", + handle => "postfix_running"; + + "postfix_changed":: + "$(postfix.service_name)" + service_policy => "restart", + depends_on => {"postfix_installed","postfix_running"}; + +packages: + freebsd:: + "$(postfix.pkgs)" + policy => "present", + package_module => pkg, + classes => if_repaired(postfix_changed), + handle=>"postfix_installed"; + + debian:: + "$(postfix.pkgs)" + policy => "present", + package_module => apt_get, + classes => if_repaired(postfix_changed), + handle=>"postfix_installed"; + + #perms => uperm("$(postfix.user)","$(postfix.group)","750"); +reports: + "postfix_installed":: + "Postfix was installed"; + +} + +body perms m_rxdirs_on(mode) +{ + inherit_from => m( $(mode) ); + rxdirs => "true"; +} + +bundle agent postfix_vimbadmin_sql(cfg) +{ +vars: + "file[virtual_alias_maps]" string =>"query = SELECT goto FROM alias WHERE address = '%s' AND active = '1'"; + "file[virtual_domains_maps]" string => "query = SELECT domain FROM domain WHERE domain = '%s' AND backupmx = '0' AND active = '1'"; + "file[virtual_mailbox_maps]" string => "query = SELECT maildir FROM mailbox WHERE username = '%s' AND active = '1'"; +# "file[relay_domains]" string => "query = SELECT domain FROM domain WHERE domain = '%s' AND backupmx = '0' AND active = '1'"; +# "file[relay_recipient_maps]" string => "query = SELECT maildir FROM mailbox WHERE username = '%s' AND active = '1'"; + + "idx" slist => getindices("file"); + + "sql_dir" string => "$(postfix.cfg_dir)/sql"; + + "$(idx)" string => "$(sql_dir)/$(idx).sql"; +files: + "$(sql_dir)/." + create => "true", + perms => m("755"); + + "$(sql_dir)/$(idx).sql" + create=>"true", + perms=>m("644"), + content=>" +user = $(cfg[db_user]) +password = $(cfg[db_pass]) +hosts = $(cfg[db_host]) +dbname = $(cfg[db_name]) +$(file[$(idx)]) +"; + +reports: +# "INDX: $(sql_dir)"; + + +} + +bundle agent postfix_copy_tsv(src_dir,dst_dir,file) +{ + +classes: + "run_postmap" expression => fileexists("$(dst_dir)/$(file).db"); + +files: + "$(dst_dir)/$(file).tsv" + copy_from => sync_cp("$(src_dir)/$(file).tsv","$(sys.policy_hub)"), + classes => if_repaired(run_postmap); #"postfix_$(file)_changed"); +commands: + run_postmap:: + "$(postfix.postmap_cmd)" + args => "$(dst_dir)/$(file).tsv"; + + +reports: + +} +