Compare commits

..

4 Commits

4 changed files with 180 additions and 17 deletions

View File

@ -31,6 +31,7 @@ vars:
"ssl":false, "ssl":false,
"opendkim":false, "opendkim":false,
"myhostname":"$(sys.host)", "myhostname":"$(sys.host)",
"mynetworks":"",
"myorigin":"$myhostname", "myorigin":"$myhostname",
"mydestination":"$myhostname, localhost", "mydestination":"$myhostname, localhost",
"mail_location" : "mbox:~/mail:LAYOUT=maildir++:INBOX=/var/mail/%u:INDEX=~/mail/index:CONTROL=~/mail/control" "mail_location" : "mbox:~/mail:LAYOUT=maildir++:INBOX=/var/mail/%u:INDEX=~/mail/index:CONTROL=~/mail/control"
@ -43,6 +44,7 @@ vars:
"roundcube_db_pass":"roundcube-secret", "roundcube_db_pass":"roundcube-secret",
"roundcube_version":"1.6.4", "roundcube_version":"1.6.4",
"roundcube_password_recovery":false,
"vimb_rememberme_salt":"Xa])o3GwVe-$8>-vz}y<uR/@Nr*tMwA!^O,D~Npj/JBq8:kM=mLLF(UlFhPntV.(", "vimb_rememberme_salt":"Xa])o3GwVe-$8>-vz}y<uR/@Nr*tMwA!^O,D~Npj/JBq8:kM=mLLF(UlFhPntV.(",
"vimb_password_salt":"1M;C&Mn{4}){:f=VH*99S%dp)lnKdaQ8#;g>~+&D\C!2Ni+_AeocxD^ZhGQz-H/8", "vimb_password_salt":"1M;C&Mn{4}){:f=VH*99S%dp)lnKdaQ8#;g>~+&D\C!2Ni+_AeocxD^ZhGQz-H/8",
@ -55,11 +57,20 @@ vars:
"vmail_dir":"/var/vmail", "vmail_dir":"/var/vmail",
"vimb_src_tgz":"$(sys.workdir)/data/public/vimbadmin-3.4.1.tar.gz", "vimb_src_tgz":"$(sys.workdir)/data/public/vimbadmin-3.4.1.tar.gz",
"php_handler":"$(apache.default_php_handler)" "php_handler":"$(apache.default_php_handler)",
"postmaster_mail":"postmaster@$(sys.host)",
"webmaster_mail":"webmaster@$(sys.host)"
}'; }';
"cfg" data => mergedata(@(default_cfg),@(param_cfg)); "cfg" data => mergedata(@(default_cfg),@(param_cfg));
"roundcube_plugins" string => ifelse(strcmp("$(cfg[roundcube_password_recovery])","true"),
"['acl', 'archive', 'attachment_reminder', 'emoticons', 'enigma', 'hide_blockquote', 'identicon', 'jqueryui', 'managesieve', 'markasjunk', 'newmail_notifier', 'password', 'password_recovery', 'vcard_attachments', 'zipdownload']",
"['acl', 'archive', 'attachment_reminder', 'emoticons', 'enigma', 'hide_blockquote', 'identicon', 'jqueryui', 'managesieve', 'markasjunk', 'newmail_notifier', 'password', 'vcard_attachments', 'zipdownload']");
"mysql_cfg" data => '{ "mysql_cfg" data => '{
"settings":{ "settings":{
"mysqld":{ "mysqld":{
@ -84,7 +95,7 @@ vars:
"vimb_site" data => '{ "vimb_site" data => '{
"domain":"$(cfg[vimb_domain])", "domain":"$(cfg[vimb_domain])",
"aliases":[ ], "aliases":[ ],
"email":"7u83@mail.ru", "email":"$(cfg[webmaster_mail])",
"disable":false, "disable":false,
"doc_root":"$(apache.www_dir)/$(cfg[vimb_domain])/public", "doc_root":"$(apache.www_dir)/$(cfg[vimb_domain])/public",
"php_handler":"$(cfg[php_handler])", "php_handler":"$(cfg[php_handler])",
@ -119,10 +130,10 @@ Alias /vimbadmin $(apache.www_dir)/$(cfg[vimb_domain])/public
"roundcube_site" data => '{ "roundcube_site" data => '{
"domain":"$(cfg[webmail_domain])", "domain":"$(cfg[webmail_domain])",
"aliases":[ ], "aliases":[ ],
"email":"7u83@mail.ru", "email":"$(cfg[webmaster_mail])",
"disable":false, "disable":false,
"php_handler":"$(cfg[php_handler])", "php_handler":"$(cfg[php_handler])",
"doc_root":"$(apache.www_dir)/$(cfg[webmail_domain])/public", "doc_root":"$(apache.www_dir)/$(cfg[webmail_domain])/public/",
"ssl":true, "ssl":true,
"raw":" "raw":"
" "
@ -142,16 +153,28 @@ Alias /vimbadmin $(apache.www_dir)/$(cfg[vimb_domain])/public
"backup_dir":"$(cfg[backup_dir])/roundcube", "backup_dir":"$(cfg[backup_dir])/roundcube",
"settings":{ "settings":{
"imap_host":"\'tls://$(cfg[imap_domain]):143\'", "imap_host":"\'tls://$(cfg[imap_domain]):143\'",
"smtp_host":"\'tls://$(cfg[smtp_domain]):587\'" "smtp_host":"\'tls://$(cfg[smtp_domain]):587\'",
} "plugins":"$(roundcube_plugins)"
},
"keep_installer":true
}'; }';
"roundcube_password_recover_cfg" data => '{
"db_host":"$(vimb_cfg[db_host])",
"db_user":"$(vimb_cfg[db_user])",
"db_pass":"$(vimb_cfg[db_pass])",
"db_name":"$(vimb_cfg[db_name])",
"settings":{
"pr_admin_email":"\'$(cfg[postmaster_mail])\'",
"pr_replyto_email":"\'$(cfg[postmaster_mail])\'"
}
}';
"rspamd_site" data => '{ "rspamd_site" data => '{
"domain" : "$(cfg[rspamd_domain])", "domain" : "$(cfg[rspamd_domain])",
"aliases" : [ ], "aliases" : [ ],
"email": "7u83@mail.ru", "email": "$(cfg[webmaster_mail])",
"disable": false, "disable": false,
"ssl": true, "ssl": true,
"doc_root":"$(apache.www_dir)/$(cfg[rspamd_domain])", "doc_root":"$(apache.www_dir)/$(cfg[rspamd_domain])",
@ -384,13 +407,14 @@ managesieve_max_line_length = 65536
] ]
, ,
"main_raw":" "main_raw":"
#debug_peer_level=4 debug_peer_level=4
#debug_peer_list= 5.9.7.163 debug_peer_list=128.140.41.19
#compatibility_level = 3.8 #compatibility_level = 3.8
myhostname=$(cfg[myhostname]) myhostname=$(cfg[myhostname])
mydestination=$(cfg[mydestination]) mydestination=$(cfg[mydestination])
alias_maps=$(cfg[alias_maps]) alias_maps=$(cfg[alias_maps])
myorigin=$(cfg[myorigin]) myorigin=$(cfg[myorigin])
mynetworks=$(cfg[mynetworks])
local_recipient_maps = unix:passwd.byname $alias_maps local_recipient_maps = unix:passwd.byname $alias_maps
virtual_transport = lmtp:unix:private/dovecot-lmtp virtual_transport = lmtp:unix:private/dovecot-lmtp
@ -445,6 +469,8 @@ methods:
depends_on => {"aia_roundcube_installed"}; depends_on => {"aia_roundcube_installed"};
"any" usebundle => configure_roundcube_password_plugin(@(vimb_cfg)); "any" usebundle => configure_roundcube_password_plugin(@(vimb_cfg));
"any" usebundle => roundcube_install_password_recovery_plugin(@(roundcube_password_recover_cfg));
"any" usebundle => install_postfix_pkgs; "any" usebundle => install_postfix_pkgs;
@ -503,7 +529,7 @@ vars:
"aliases":[ "aliases":[
"$(aia_mailserver.cfg[smtp_domain])" "$(aia_mailserver.cfg[smtp_domain])"
], ],
"email":"7u83@mail.ru", "email":"$(aia_mailserver.cfg[webmaster_mail])",
"disable":false, "disable":false,
}'; }';

View File

@ -8,6 +8,7 @@ bundle agent roundcube(cfg)
classes: classes:
"dlbyversion" expression => not (isvariable ("cfg[src_tgz]")); "dlbyversion" expression => not (isvariable ("cfg[src_tgz]"));
"keep_installer" expression => isvariable("cfg[keep_installer]");
"roundcube_untar" expression => not(fileexists("$(install_sub_dir)/index.php")); "roundcube_untar" expression => not(fileexists("$(install_sub_dir)/index.php"));
@ -83,7 +84,8 @@ methods:
"any" usebundle => mysql_table_exists(@(cfg),"users"); "any" usebundle => mysql_table_exists(@(cfg),"users");
config_exists|roundcube_config_repaired:: config_exists|roundcube_config_repaired::
"any" usebundle => rm_rf ("$(install_sub_dir)/installer"); "any" usebundle => rm_rf ("$(install_sub_dir)/installer"),
if => not(keep_installer);
commands: commands:
roundcube_untar|roundcube_tgz_file_repaired:: roundcube_untar|roundcube_tgz_file_repaired::
@ -200,14 +202,18 @@ vars:
vars: vars:
"exx" string => "^\s*\$config\s*\['$(i)'\s*]\s*=\s*(?!33).*$"; "exx" string => "^\s*\$config\s*\['$(i)'\s*]\s*=\s*(?!33).*$";
"thev" string => "$($(v)[$(i)])";
replace_patterns: replace_patterns:
"^\s*\$config\s*\['$(i)'\s*]\s*=\s*(?!$($(v)[$(i)]);$).*" # "^\s*\$config\s*\['$(i)'\s*]\s*=\s*(?!$($(v)[$(i)]);$).*"
"^\s*\$config\s*\['$(i)'\s*]\s*=\s*(?!$(ev[$(i)]);$).*"
comment => "Correct the value '$(i)'", comment => "Correct the value '$(i)'",
#replace_with => value("$config['$(i)']=$($(v)[$(i)])"), #replace_with => value("$config['$(i)']=$($(v)[$(i)])"),
replace_with => value("$config['$(i)']=$($(v)[$(i)]);"), replace_with => value("$config['$(i)']=$($(v)[$(i)]);"),
classes => results("bundle", "replace_attempted_$(i)"); classes => results("bundle", "replace_attempted_$(i)");
reports: reports:
"THE V: $(thev)";
insert_lines: insert_lines:
# If the line doesn't exist, or there is more than one occurrence # If the line doesn't exist, or there is more than one occurrence
@ -239,7 +245,7 @@ vars:
"settings[db_dsnw]" string => "'mysql://$(cfg[db_user]):$(cfg[db_pass])@$(cfg[db_host])/$(cfg[db_name])'"; "settings[db_dsnw]" string => "'mysql://$(cfg[db_user]):$(cfg[db_pass])@$(cfg[db_host])/$(cfg[db_name])'";
"settings[language]" string => "'us_EN'"; "settings[language]" string => "'us_EN'";
"settings[plugins]" string => "['acl', 'archive', 'attachment_reminder', 'emoticons', 'enigma', 'hide_blockquote', 'identicon', 'jqueryui', 'managesieve', 'markasjunk', 'newmail_notifier', 'password', 'vcard_attachments', 'zipdownload']";
"idx" slist => getindices(@(cfg[settings])); "idx" slist => getindices(@(cfg[settings]));
"settings[$(idx)]" string => "$(cfg[settings][$(idx)])"; "settings[$(idx)]" string => "$(cfg[settings][$(idx)])";
@ -294,6 +300,65 @@ files:
edit_line => rc_line_based("$(this.bundle).settings"), edit_line => rc_line_based("$(this.bundle).settings"),
handle => "roundcube_password_config_edited", handle => "roundcube_password_config_edited",
depends_on => {"roundcube_password_config_created"}; depends_on => {"roundcube_password_config_created"};
} }
bundle agent roundcube_install_password_recovery_plugin(param_cfg)
{
classes:
"run_git" expression => not(fileexists("$(roundcube.install_sub_dir)/plugins/password_recovery"));
vars:
"config_file" string => "$(roundcube.install_sub_dir)/plugins/password_recovery/config.inc.php";
"default_cfg" data => '{
"password_recovery_git_url":"https://srcsrv.wikimedia.de/WMDE/roundcube-password_recovery.git -b wmde",
}';
"cfg" data => mergedata(@(default_cfg),@(param_cfg));
"settings[pr_db_dsn]" string => "'mysql://$(cfg[db_user]):$(cfg[db_pass])@$(cfg[db_host])/$(cfg[db_name])'";
"settings[pr_fields]" string => "[ 'altemail' => 'alt_email']";
"settings[pr_default_smtp_server]" string => "'localhost:25'";
"idx" slist => getindices(@(cfg[settings]));
"settings[$(idx)]" string => "$(cfg[settings][$(idx)])";
methods:
"any" usebundle => install_wget, handle=>"roundcube_wget_installed";
commands:
run_git::
"git clone --depth 1 $(cfg[password_recovery_git_url]) $(roundcube.install_sub_dir)/plugins/password_recovery && chown -R $(apache.www_user):$(apache.www_group) $(roundcube.install_sub_dir)/plugins/password_recovery"
contain => wmde_cmd_useshell,
handle => "roundcube_password_recovery_git_cloned",
depends_on => {"roundcube_wget_installed"};
!run_git::
"/usr/bin/true"
inform => "false",
handle => "roundcube_password_recovery_git_cloned";
files:
"$(config_file)"
perms => m("644"),
copy_from => seed_cp("$(def.wmde_lib)/templates/roundcube-password_recovery-config.inc.php.mustache"),
depends_on => {"roundcube_password_recovery_git_cloned"},
handle => "roundcube_password_recover_config_created";
"$(config_file)"
edit_line => rc_line_based("$(this.bundle).settings"),
handle => "roundcube_password_recover_config_edited",
depends_on => {"roundcube_password_recover_config_created"};
reports:
run_git::
"Run git";
!run_git::
"Dont run git";
}

View File

@ -109,6 +109,7 @@ mail_owner = {{vars.postfix.mail_owner}}
# parameters. # parameters.
# #
#mydomain = domain.tld #mydomain = domain.tld
mynetworks_style = host
# #
# CFengine Raw # CFengine Raw
@ -286,7 +287,7 @@ unknown_local_recipient_reject_code = 550
# #
#mynetworks_style = class #mynetworks_style = class
#mynetworks_style = subnet #mynetworks_style = subnet
mynetworks_style = host #mynetworks_style = host
# Alternatively, you can specify the mynetworks list by hand, in # Alternatively, you can specify the mynetworks list by hand, in
# which case Postfix ignores the mynetworks_style setting. # which case Postfix ignores the mynetworks_style setting.

View File

@ -0,0 +1,71 @@
<?php
// Database connection string and table name with user passwords
$config['pr_db_dsn'] = 'mysql://vimbadmin:vimbdb-secret@localhost/vimbadmin';
$config['pr_users_table'] = 'mailbox';
// Array with names for ext_fields in 'pr_users_table': [name_for_plugin => name_in_db]
// When using the postfix database 'mailbox' table, you must add two columns to this table: 'question' and 'answer'
// If the plugin does not find the columns it needs in the database, they will be created automatically
$config['pr_fields'] = [ 'altemail' => 'alt_email' ];
# 'phone' => 'phone', 'question' => 'question', 'answer' => 'answer',
// Admin email (this account will receive alerts when an user does not have an alternative email and phone)
$config['pr_admin_email'] = 'postmaster@your.domain.com';
// Address to be indicated as reply-to in mail notifications
$config['pr_replyto_email'] = 'postmaster@your.domain.com';
// Use secret question/answer to confirmation password recovery
$config['pr_use_question'] = false;
// Use message with code to confirmation password recovery
$config['pr_use_confirm_code'] = true;
// Confirmation code length
$config['pr_confirm_code_length'] = 6;
// Maximum number of attempts to send confirmation code
$config['pr_confirm_code_count_max'] = 3;
// Confirmation code duration (in minutes)
$config['pr_confirm_code_validity_time'] = 30;
// Use the Password plugin to save a new password
$config['pr_use_password_plugin'] = true;
// Minimum length of new password
// !!! Note: needed if not used Password plugin)
$config['pr_password_minimum_length'] = 8;
// Require the new password to have at least the specified strength score.
// Password strength is scored from 1 (weak) to 5 (strong).
// !!! Note: needed if not used Password plugin)
$config['pr_password_minimum_score'] = 1;
// SMTP settings
// $config['pr_default_smtp_server'] = 'tls://your.domain.com';
// $config['pr_default_smtp_user'] = 'no-reply@your.domain.com';
// $config['pr_default_smtp_pass'] = 'YOUR_SMTP_USER_PASSWORD';
$config['pr_default_smtp_server'] = 'localhost:25';
$config['pr_default_smtp_user'] = '';
$config['pr_default_smtp_pass'] = '';
// Full path to SMS send function
// This function must accept 2 parameters: phone number and message,
// and return true on success or false on failure
//
// Example of send SMS function using Clickatell HTTP API - see /lib/send.php
//
$config['pr_sms_send_function'] = dirname(__FILE__) . '/bin/sendsms.sh';
// Enables logging of password changes into /logs/password.log
$config['pr_password_log'] = true;
// Set to TRUE if you need write debug messages into /log/console.log
$config['pr_debug'] = false;
?>