Compare commits

..

4 Commits

4 changed files with 180 additions and 17 deletions

View File

@ -31,6 +31,7 @@ vars:
"ssl":false,
"opendkim":false,
"myhostname":"$(sys.host)",
"mynetworks":"",
"myorigin":"$myhostname",
"mydestination":"$myhostname, localhost",
"mail_location" : "mbox:~/mail:LAYOUT=maildir++:INBOX=/var/mail/%u:INDEX=~/mail/index:CONTROL=~/mail/control"
@ -43,6 +44,7 @@ vars:
"roundcube_db_pass":"roundcube-secret",
"roundcube_version":"1.6.4",
"roundcube_password_recovery":false,
"vimb_rememberme_salt":"Xa])o3GwVe-$8>-vz}y<uR/@Nr*tMwA!^O,D~Npj/JBq8:kM=mLLF(UlFhPntV.(",
"vimb_password_salt":"1M;C&Mn{4}){:f=VH*99S%dp)lnKdaQ8#;g>~+&D\C!2Ni+_AeocxD^ZhGQz-H/8",
@ -55,11 +57,20 @@ vars:
"vmail_dir":"/var/vmail",
"vimb_src_tgz":"$(sys.workdir)/data/public/vimbadmin-3.4.1.tar.gz",
"php_handler":"$(apache.default_php_handler)"
"php_handler":"$(apache.default_php_handler)",
"postmaster_mail":"postmaster@$(sys.host)",
"webmaster_mail":"webmaster@$(sys.host)"
}';
"cfg" data => mergedata(@(default_cfg),@(param_cfg));
"roundcube_plugins" string => ifelse(strcmp("$(cfg[roundcube_password_recovery])","true"),
"['acl', 'archive', 'attachment_reminder', 'emoticons', 'enigma', 'hide_blockquote', 'identicon', 'jqueryui', 'managesieve', 'markasjunk', 'newmail_notifier', 'password', 'password_recovery', 'vcard_attachments', 'zipdownload']",
"['acl', 'archive', 'attachment_reminder', 'emoticons', 'enigma', 'hide_blockquote', 'identicon', 'jqueryui', 'managesieve', 'markasjunk', 'newmail_notifier', 'password', 'vcard_attachments', 'zipdownload']");
"mysql_cfg" data => '{
"settings":{
"mysqld":{
@ -84,7 +95,7 @@ vars:
"vimb_site" data => '{
"domain":"$(cfg[vimb_domain])",
"aliases":[ ],
"email":"7u83@mail.ru",
"email":"$(cfg[webmaster_mail])",
"disable":false,
"doc_root":"$(apache.www_dir)/$(cfg[vimb_domain])/public",
"php_handler":"$(cfg[php_handler])",
@ -119,10 +130,10 @@ Alias /vimbadmin $(apache.www_dir)/$(cfg[vimb_domain])/public
"roundcube_site" data => '{
"domain":"$(cfg[webmail_domain])",
"aliases":[ ],
"email":"7u83@mail.ru",
"email":"$(cfg[webmaster_mail])",
"disable":false,
"php_handler":"$(cfg[php_handler])",
"doc_root":"$(apache.www_dir)/$(cfg[webmail_domain])/public",
"doc_root":"$(apache.www_dir)/$(cfg[webmail_domain])/public/",
"ssl":true,
"raw":"
"
@ -142,16 +153,28 @@ Alias /vimbadmin $(apache.www_dir)/$(cfg[vimb_domain])/public
"backup_dir":"$(cfg[backup_dir])/roundcube",
"settings":{
"imap_host":"\'tls://$(cfg[imap_domain]):143\'",
"smtp_host":"\'tls://$(cfg[smtp_domain]):587\'"
}
"smtp_host":"\'tls://$(cfg[smtp_domain]):587\'",
"plugins":"$(roundcube_plugins)"
},
"keep_installer":true
}';
"roundcube_password_recover_cfg" data => '{
"db_host":"$(vimb_cfg[db_host])",
"db_user":"$(vimb_cfg[db_user])",
"db_pass":"$(vimb_cfg[db_pass])",
"db_name":"$(vimb_cfg[db_name])",
"settings":{
"pr_admin_email":"\'$(cfg[postmaster_mail])\'",
"pr_replyto_email":"\'$(cfg[postmaster_mail])\'"
}
}';
"rspamd_site" data => '{
"domain" : "$(cfg[rspamd_domain])",
"aliases" : [ ],
"email": "7u83@mail.ru",
"email": "$(cfg[webmaster_mail])",
"disable": false,
"ssl": true,
"doc_root":"$(apache.www_dir)/$(cfg[rspamd_domain])",
@ -384,13 +407,14 @@ managesieve_max_line_length = 65536
]
,
"main_raw":"
#debug_peer_level=4
#debug_peer_list= 5.9.7.163
debug_peer_level=4
debug_peer_list=128.140.41.19
#compatibility_level = 3.8
myhostname=$(cfg[myhostname])
mydestination=$(cfg[mydestination])
alias_maps=$(cfg[alias_maps])
myorigin=$(cfg[myorigin])
mynetworks=$(cfg[mynetworks])
local_recipient_maps = unix:passwd.byname $alias_maps
virtual_transport = lmtp:unix:private/dovecot-lmtp
@ -445,6 +469,8 @@ methods:
depends_on => {"aia_roundcube_installed"};
"any" usebundle => configure_roundcube_password_plugin(@(vimb_cfg));
"any" usebundle => roundcube_install_password_recovery_plugin(@(roundcube_password_recover_cfg));
"any" usebundle => install_postfix_pkgs;
@ -503,7 +529,7 @@ vars:
"aliases":[
"$(aia_mailserver.cfg[smtp_domain])"
],
"email":"7u83@mail.ru",
"email":"$(aia_mailserver.cfg[webmaster_mail])",
"disable":false,
}';

View File

@ -8,6 +8,7 @@ bundle agent roundcube(cfg)
classes:
"dlbyversion" expression => not (isvariable ("cfg[src_tgz]"));
"keep_installer" expression => isvariable("cfg[keep_installer]");
"roundcube_untar" expression => not(fileexists("$(install_sub_dir)/index.php"));
@ -83,7 +84,8 @@ methods:
"any" usebundle => mysql_table_exists(@(cfg),"users");
config_exists|roundcube_config_repaired::
"any" usebundle => rm_rf ("$(install_sub_dir)/installer");
"any" usebundle => rm_rf ("$(install_sub_dir)/installer"),
if => not(keep_installer);
commands:
roundcube_untar|roundcube_tgz_file_repaired::
@ -200,14 +202,18 @@ vars:
vars:
"exx" string => "^\s*\$config\s*\['$(i)'\s*]\s*=\s*(?!33).*$";
"thev" string => "$($(v)[$(i)])";
replace_patterns:
"^\s*\$config\s*\['$(i)'\s*]\s*=\s*(?!$($(v)[$(i)]);$).*"
# "^\s*\$config\s*\['$(i)'\s*]\s*=\s*(?!$($(v)[$(i)]);$).*"
"^\s*\$config\s*\['$(i)'\s*]\s*=\s*(?!$(ev[$(i)]);$).*"
comment => "Correct the value '$(i)'",
#replace_with => value("$config['$(i)']=$($(v)[$(i)])"),
replace_with => value("$config['$(i)']=$($(v)[$(i)]);"),
classes => results("bundle", "replace_attempted_$(i)");
reports:
"THE V: $(thev)";
insert_lines:
# If the line doesn't exist, or there is more than one occurrence
@ -239,7 +245,7 @@ vars:
"settings[db_dsnw]" string => "'mysql://$(cfg[db_user]):$(cfg[db_pass])@$(cfg[db_host])/$(cfg[db_name])'";
"settings[language]" string => "'us_EN'";
"settings[plugins]" string => "['acl', 'archive', 'attachment_reminder', 'emoticons', 'enigma', 'hide_blockquote', 'identicon', 'jqueryui', 'managesieve', 'markasjunk', 'newmail_notifier', 'password', 'vcard_attachments', 'zipdownload']";
"idx" slist => getindices(@(cfg[settings]));
"settings[$(idx)]" string => "$(cfg[settings][$(idx)])";
@ -294,6 +300,65 @@ files:
edit_line => rc_line_based("$(this.bundle).settings"),
handle => "roundcube_password_config_edited",
depends_on => {"roundcube_password_config_created"};
}
bundle agent roundcube_install_password_recovery_plugin(param_cfg)
{
classes:
"run_git" expression => not(fileexists("$(roundcube.install_sub_dir)/plugins/password_recovery"));
vars:
"config_file" string => "$(roundcube.install_sub_dir)/plugins/password_recovery/config.inc.php";
"default_cfg" data => '{
"password_recovery_git_url":"https://srcsrv.wikimedia.de/WMDE/roundcube-password_recovery.git -b wmde",
}';
"cfg" data => mergedata(@(default_cfg),@(param_cfg));
"settings[pr_db_dsn]" string => "'mysql://$(cfg[db_user]):$(cfg[db_pass])@$(cfg[db_host])/$(cfg[db_name])'";
"settings[pr_fields]" string => "[ 'altemail' => 'alt_email']";
"settings[pr_default_smtp_server]" string => "'localhost:25'";
"idx" slist => getindices(@(cfg[settings]));
"settings[$(idx)]" string => "$(cfg[settings][$(idx)])";
methods:
"any" usebundle => install_wget, handle=>"roundcube_wget_installed";
commands:
run_git::
"git clone --depth 1 $(cfg[password_recovery_git_url]) $(roundcube.install_sub_dir)/plugins/password_recovery && chown -R $(apache.www_user):$(apache.www_group) $(roundcube.install_sub_dir)/plugins/password_recovery"
contain => wmde_cmd_useshell,
handle => "roundcube_password_recovery_git_cloned",
depends_on => {"roundcube_wget_installed"};
!run_git::
"/usr/bin/true"
inform => "false",
handle => "roundcube_password_recovery_git_cloned";
files:
"$(config_file)"
perms => m("644"),
copy_from => seed_cp("$(def.wmde_lib)/templates/roundcube-password_recovery-config.inc.php.mustache"),
depends_on => {"roundcube_password_recovery_git_cloned"},
handle => "roundcube_password_recover_config_created";
"$(config_file)"
edit_line => rc_line_based("$(this.bundle).settings"),
handle => "roundcube_password_recover_config_edited",
depends_on => {"roundcube_password_recover_config_created"};
reports:
run_git::
"Run git";
!run_git::
"Dont run git";
}

View File

@ -109,6 +109,7 @@ mail_owner = {{vars.postfix.mail_owner}}
# parameters.
#
#mydomain = domain.tld
mynetworks_style = host
#
# CFengine Raw
@ -286,7 +287,7 @@ unknown_local_recipient_reject_code = 550
#
#mynetworks_style = class
#mynetworks_style = subnet
mynetworks_style = host
#mynetworks_style = host
# Alternatively, you can specify the mynetworks list by hand, in
# which case Postfix ignores the mynetworks_style setting.

View File

@ -0,0 +1,71 @@
<?php
// Database connection string and table name with user passwords
$config['pr_db_dsn'] = 'mysql://vimbadmin:vimbdb-secret@localhost/vimbadmin';
$config['pr_users_table'] = 'mailbox';
// Array with names for ext_fields in 'pr_users_table': [name_for_plugin => name_in_db]
// When using the postfix database 'mailbox' table, you must add two columns to this table: 'question' and 'answer'
// If the plugin does not find the columns it needs in the database, they will be created automatically
$config['pr_fields'] = [ 'altemail' => 'alt_email' ];
# 'phone' => 'phone', 'question' => 'question', 'answer' => 'answer',
// Admin email (this account will receive alerts when an user does not have an alternative email and phone)
$config['pr_admin_email'] = 'postmaster@your.domain.com';
// Address to be indicated as reply-to in mail notifications
$config['pr_replyto_email'] = 'postmaster@your.domain.com';
// Use secret question/answer to confirmation password recovery
$config['pr_use_question'] = false;
// Use message with code to confirmation password recovery
$config['pr_use_confirm_code'] = true;
// Confirmation code length
$config['pr_confirm_code_length'] = 6;
// Maximum number of attempts to send confirmation code
$config['pr_confirm_code_count_max'] = 3;
// Confirmation code duration (in minutes)
$config['pr_confirm_code_validity_time'] = 30;
// Use the Password plugin to save a new password
$config['pr_use_password_plugin'] = true;
// Minimum length of new password
// !!! Note: needed if not used Password plugin)
$config['pr_password_minimum_length'] = 8;
// Require the new password to have at least the specified strength score.
// Password strength is scored from 1 (weak) to 5 (strong).
// !!! Note: needed if not used Password plugin)
$config['pr_password_minimum_score'] = 1;
// SMTP settings
// $config['pr_default_smtp_server'] = 'tls://your.domain.com';
// $config['pr_default_smtp_user'] = 'no-reply@your.domain.com';
// $config['pr_default_smtp_pass'] = 'YOUR_SMTP_USER_PASSWORD';
$config['pr_default_smtp_server'] = 'localhost:25';
$config['pr_default_smtp_user'] = '';
$config['pr_default_smtp_pass'] = '';
// Full path to SMS send function
// This function must accept 2 parameters: phone number and message,
// and return true on success or false on failure
//
// Example of send SMS function using Clickatell HTTP API - see /lib/send.php
//
$config['pr_sms_send_function'] = dirname(__FILE__) . '/bin/sendsms.sh';
// Enables logging of password changes into /logs/password.log
$config['pr_password_log'] = true;
// Set to TRUE if you need write debug messages into /log/console.log
$config['pr_debug'] = false;
?>