Compare commits

...

11 Commits

Author SHA1 Message Date
Tube 89923acbca FreeBSD adaptions 2023-11-04 22:10:30 +01:00
Tube 75b21f4bc0 Roundcube configure oprion added 2023-11-04 22:09:52 +01:00
Tube bae06b80df bundle install_postfix_pks added 2023-11-04 22:09:27 +01:00
Tube 49ebedbb55 Modules not installed by default on freebsd 2023-11-04 22:08:37 +01:00
Tube 26028c9652 Addptions for freebsd 2023-11-04 22:08:02 +01:00
Tube 0b7b31eb3e Dependencies added 2023-11-04 22:07:30 +01:00
Tube 1e1c0e8f0d Some fixes for mysql80 mysqldump 2023-11-04 21:56:03 +01:00
Tube d863bb157b Merge branch 'main' of https://srcsrv.wikimedia.de/WMDE/wmdeit-cf-wmdelib 2023-11-03 23:11:40 +01:00
Tube 0b9b6780b4 Removed debug_peerl_level 2023-11-03 23:11:20 +01:00
Tube 5d383badcc Moved iSQL auth before pam 2023-11-03 20:11:18 +01:00
Tube bed7362475 removed root, root mog 2023-11-03 19:38:18 +01:00
9 changed files with 216 additions and 36 deletions

View File

@ -41,6 +41,7 @@ vars:
"cfg_deps" slist => { "apache_pkgs_installed" };
any::
"log_dir_mode" string => "750";
freebsd::
@ -212,7 +213,7 @@ commands:
reports:
}
bundle agent install_apache(raw)
bundle agent install_apache
{
methods:
@ -287,6 +288,8 @@ commands:
"/bin/sh"
args => "$(sys.workdir)/inputs/$(def.wmde_libdir)/scripts/del-files-not-in-list.sh $(apache.cfg_dir)/Vhosts $(sys.workdir)/data/agent/apache/domains.txt && echo dummy.conf > $(sys.workdir)/data/agent/apache/domains.txt",
inform => "false",
handle => "apache_vhost_dir_cleaned",
depends_on => {"apache_dummy_conf_created"},
contain => wmde_cmd_useshell;
@ -356,9 +359,14 @@ vars:
"$(site[ssl_key])");
use_ssl&(use_certbot)::
"vhostdeps" slist => {"apache_ssl_created$(site[domain])"};
"vhostdeps" slist => {
"apache_ssl_created$(site[domain])",
"apache_vhost_dir_cleaned"
};
(!use_ssl)|(!use_certbot)::
"vhostdeps" slist => {};
"vhostdeps" slist => {
"apache_vhost_dir_cleaned"
};
files:
delete::

View File

@ -9,13 +9,23 @@ classes:
"rspamd_scripts" expression => strcmp("$(cfg[rspamd_scripts])","true");
vars:
"imap_key" string => "$(cfg_dir)/private/imap.key";
"imap_cert" string => "$(cfg_dir)/private/imap.crt";
"submission_key" string => "$(cfg_dir)/private/submission.key";
"submission_cert" string => "$(cfg_dir)/private/submission.crt";
freebsd::
"service_name" string => "dovecot";
"cfg_dir" string => "/usr/local/etc/dovecot";
"dovecot_conf" string => "$(cfg_dir)/dovecot.conf";
"pkgs" slist => {
"dovecot"
"dovecot",
"dovecot-pigeonhole"
};
"sievec_exe" string => "/usr/local/bin/sievec";
debian::
"cfg_dir" string => "/etc/dovecot";
"dovecot_conf" string => "$(cfg_dir)/dovecot.conf";
@ -84,14 +94,14 @@ methods:
files:
"$(cfg_dir)/."
create => "true",
perms => mog("755","root","root"),
perms => m("755"),
depends_on => {"dovecot_pkgs_installed"},
handle => "dovecot_cfg_dir_created";
"$(dovecot_conf)"
classes => if_repaired(dovecot_repaired),
create => "true",
perms => mog("644","root","root"),
perms => m("644"),
template_method => "mustache",
depends_on => {"dovecot_pkgs_installed","dovecot_cfg_dir_created"},
handle => "dovecot_cfg_created",
@ -102,26 +112,26 @@ files:
"$(imap_cert)"
handle => "dovecot_imap_cert_installed",
classes => if_repaired(dovecot_repaired),
copy_from => local_dcp( execresult( "/usr/bin/readlink -qfn $(cfg[imap_cert])","noshell" )),
perms => mog("600","root","root");
copy_from => local_dcp( execresult( "/usr/bin/readlink -fn $(cfg[imap_cert])","noshell" )),
perms => m("600");
"$(imap_key)"
handle => "dovecot_imap_key_installed",
classes => if_repaired(dovecot_repaired),
copy_from => local_dcp( execresult( "/usr/bin/readlink -qfn $(cfg[imap_key])","noshell" )),
perms => mog("600","root","root");
copy_from => local_dcp( execresult( "/usr/bin/readlink -fn $(cfg[imap_key])","noshell" )),
perms => m("600");
"$(submission_cert)"
handle => "dovecot_submission_cert_installed",
classes => if_repaired(dovecot_repaired),
copy_from => local_dcp( execresult( "/usr/bin/readlink -qfn $(cfg[submission_cert])","noshell" )),
perms => mog("600","root","root");
copy_from => local_dcp( execresult( "/usr/bin/readlink -fn $(cfg[submission_cert])","noshell" )),
perms => m("600");
"$(submission_key)"
handle => "dovecot_submission_key_installed",
classes => if_repaired(dovecot_repaired),
copy_from => local_dcp( execresult( "/usr/bin/readlink -qfn $(cfg[submission_key])","noshell" )),
perms => mog("600","root","root");
copy_from => local_dcp( execresult( "/usr/bin/readlink -fn $(cfg[submission_key])","noshell" )),
perms => m("600");

View File

@ -37,32 +37,32 @@ vars:
"dbs" string => string_mustache('
"userdbs":[
{{#cfg.pam_auth}}
{
"driver":"passwd",
"args":""
},
{{/cfg.pam_auth}}
{{#fg.vimb_auth}}
{
"driver":"sql",
"args":"$(dovecot_vimbadmin_sql.cfg_file)"
},
{{/cfg.vimb_auth}}
],
"passdbs":[
{{#cfg.pam_auth}}
{
"driver":"pam",
"args":"dovecot"
},
"driver":"passwd",
"args":""
},
{{/cfg.pam_auth}}
],
"passdbs":[
{{#cfg.vimb_auth}}
{
"driver":"sql",
"args":"$(dovecot_vimbadmin_sql.cfg_file)"
} ,
{{/cfg.vimb_auth}}
{{#cfg.pam_auth}}
{
"driver":"pam",
"args":"dovecot"
},
{{/cfg.pam_auth}}
],',
bundlestate("$(this.bundle)"));
@ -185,6 +185,6 @@ methods:
"any" usebundle => dovecot(@(dovecot_cfg));
"any" usebundle => postfix(@(postfix_cfg));
reports:
"DCP: $(dovecot_protos)";
"DBS: $(dbs)";
# "DCP: $(dovecot_protos)";
# "DBS: $(dbs)";
}

View File

@ -256,9 +256,12 @@ reports:
bundle agent mysql_backup_db(cfg,file)
{
classes:
"type_$(mysql.type)" ;
vars:
"table_exists_cmd" string => '$(mysql.mysql_cmd) -e "show tables LIKE \'$(table_name)\'" $(cdfg[db_name]) | grep -q $(table_name)';
"cmd" string => "$(mysql.mysqldump_cmd) --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) >$(file)";
"cmd" string => "$(mysql.mysqldump_cmd) --no-tablespaces --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) >$(file)";
}
@ -273,11 +276,18 @@ vars:
bundle agent create_mysql_backup_cron_job(cfg,file,table_name,run)
{
classes:
"type_$(mysql.type)" ;
"create_cron" expression => strcmp("$(run)","true");
vars:
"table_exists_cmd" string => '$(mysql.mysql_cmd) -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) -e "show tables LIKE \'$(table_name)\'" | grep -q $(table_name)';
type_mariadb::
"backup_cmd" string => "$(mysql.mysqldump_cmd) --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) >$(file)";
type_mysql8::
"backup_cmd" string => "$(mysql.mysqldump_cmd) --set-gtid-purged=OFF --no-tablespaces --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) >$(file)";
files:
!create_cron::
@ -315,7 +325,7 @@ vars:
"args" string => "-e \"CREATE DATABASE IF NOT EXISTS $(db_name); GRANT ALL PRIVILEGES ON $(db_name).* TO '$(db_user)'@'$(host)' IDENTIFIED BY '$(db_pass)'; \" ";
type_mysql8::
"args" string => "-e \"CREATE DATABASE IF NOT EXISTS $(db_name); CREATE USER IF NOT EXISTS '$(db_user)'@'$(host)'; ALTER USER '$(db_user)'@'$(host)' IDENTIFIED BY '$(db_pass)'; GRANT ALL PRIVILEGES ON $(db_name).* TO '$(db_user)'@'$(host)';\" ";
"args" string => "-e \"CREATE DATABASE IF NOT EXISTS $(db_name); CREATE USER IF NOT EXISTS '$(db_user)'@'$(host)'; ALTER USER '$(db_user)'@'$(host)' IDENTIFIED BY '$(db_pass)'; GRANT RELOAD ON *.* to '$(db_user)'@'$(host)'; GRANT ALL PRIVILEGES ON $(db_name).* TO '$(db_user)'@'$(host)';\" ";
commands:

7
php.cf
View File

@ -19,12 +19,15 @@ vars:
"pkgs" slist => {
"php$(php.bsdvs)-session",
"php$(php.bsdvs)-zip",
"php$(php.bsdvs)-zlib",
"php$(php.bsdvs)-phar",
"php$(php.bsdvs)-pgsql",
"php$(php.bsdvs)-mysqli",
"php$(php.bsdvs)-filter",
"php$(php.bsdvs)-mbstring",
"php$(php.bsdvs)-dom",
"php$(php.bsdvs)-xml",
"php$(php.bsdvs)-simplexml",
"php$(php.bsdvs)-ctype",
"php$(php.bsdvs)-intl",
"php$(php.bsdvs)-curl",
@ -39,7 +42,9 @@ vars:
"php$(php.bsdvs)-sqlite3",
"php$(php.bsdvs)-pdo_pgsql",
"php$(php.bsdvs)-pdo_mysql",
"php$(php.bsdvs)-tokenizer",
"php$(php.bsdvs)-gettext"
# "php$(php.bsdvs)-pear-channel-doctrine"
};
# "php$(bsdvs)-json",

View File

@ -8,7 +8,8 @@ vars:
freebsd::
"pkgs" slist => {
"postfix-sasl",
"postfix-mysql",
#"postfix",
};
"db_dir" string => "/var/db";
"service_name" string => "postfix";
@ -83,8 +84,13 @@ users:
methods:
# "any" usebundle => wmde_install_packages(@(pkgs),"postfix");
"any" usebundle => install_postfix_pkgs;
"any" usebundle => postfix_postinstall_pkgs,
depends_on => {"postfix_pkgs_installed"},
handle => "postfix_postinstall_pkgs_ready";
"any" usebundle => wmde_service("$(service_name)","postfix_kept","postfix_repaired"),
depends_on => {
"postfix_postinstall_pkgs_ready",
"postfix_pkgs_installed",
"postfix_master_cfg_ready",
"postfix_main_cfg_ready"
@ -103,7 +109,7 @@ files:
"$(postfix.db_dir)/."
create => "true",
perms => mog("755","root","root"),
perms => m("755"),
handle => "postfix_db_dir_created";
"$(postfix.data_dir)/."
@ -247,6 +253,20 @@ reports:
}
bundle agent postfix_postinstall_pkgs
{
commands:
freebsd::
"install -d /usr/local/etc/mail && install -m 0644 /usr/local/share/postfix/mailer.conf.postfix /usr/local/etc/mail/mailer.conf"
contain => wmde_cmd_useshell,
if => not(fileexists("/usr/local/etc/mail/mailer.conf")),
handle => "postfix_bsd_mailer_conf_installed";
"/usr/sbin/sysrc sendmail_enable=\"NONE\""
depends_on => {"postfix_bsd_mailer_conf_installed"};
}
#
# Install postfix pacgages as they come from repos
# This sould also create the postfix user

View File

@ -38,6 +38,8 @@ vars:
"dltype" string => "wget";
"dlsrc" string => "https://github.com/roundcube/roundcubemail/releases/download/$(cfg[version])/$(tgzname)";
"config_file" string => "$(install_sub_dir)/config/config.inc.php";
reports:
# dlbyversion::
# "dl by version";
@ -143,3 +145,128 @@ methods:
"$(dst)","roundcube_tgz_file",'{}');
}
bundle edit_line roundcube_values(tab, sectionName)
{
vars:
"index" slist => getindices("$(tab)[$(sectionName)]");
# Be careful if the index string contains funny chars
"cindex[$(index)]" string => canonify("$(index)");
classes:
"edit_$(cindex[$(index)])" not => strcmp("$($(tab)[$(sectionName)][$(index)])","dontchange"),
comment => "Create conditions to make changes";
field_edits:
# If the line is there, but commented out, first uncomment it
# "#+\s*$(index)\s*=.*"
# select_region => INI_section(escape("$(sectionName)")),
# edit_field => col("\s*=\s*","1","$(index)","set"),
# if => "edit_$(cindex[$(index)])";
# match a line starting like the key something
"\s*$(index)\s*=.*"
edit_field => col("\s*=\s*","2","$($(tab)[$(sectionName)][$(index)])","set"),
select_region => INI_section(escape("$(sectionName)")),
classes => results("bundle", "set_variable_values_ini_not_$(cindex[$(index)])"),
if => "edit_$(cindex[$(index)])";
delete_lines:
"!include.*";
insert_lines:
"[$(sectionName)]"
location => start,
comment => "Insert lines";
"$(index)=$($(tab)[$(sectionName)][$(index)])"
select_region => INI_section(escape("$(sectionName)")),
if => "!(set_variable_values_ini_not_$(cindex[$(index)])_kept|set_variable_values_ini_not_$(cindex[$(index)])_repaired).edit_$(cindex[$(index)])";
}
bundle edit_line rc_line_based(v)
{
vars:
"i" slist => getindices("$(v)");
# Escape the value (had a problem with special characters and regex's)
"ev[$(i)]" string => escape("$($(v)[$(i)])");
vars:
"exx" string => "^\s*\$config\s*\['$(i)'\s*]\s*=\s*(?!33).*$";
replace_patterns:
"^\s*\$config\s*\['$(i)'\s*]\s*=\s*(?!$($(v)[$(i)]);$).*"
comment => "Correct the value '$(i)'",
#replace_with => value("$config['$(i)']=$($(v)[$(i)])"),
replace_with => value("$config['$(i)']=$($(v)[$(i)]);"),
classes => results("bundle", "replace_attempted_$(i)");
reports:
insert_lines:
# If the line doesn't exist, or there is more than one occurrence
# of the LHS commented out, insert a new line and try to place it
# after the commented LHS (keep new line with old comments)
# "$(i)$(sep)$($(v)[$(i)])"
# comment => "Insert the value, marker '$(i)' exists",
# location => after("^$(cp)($(i)$(bp).*|$(i))$"),
# if => "replace_attempted_$(ci[$(i)])_reached.multiple_comments_$(ci[$(i)])";
# If the line doesn't exist and there are no occurrences
# of the LHS commented out, insert a new line at the eof
# "$(i)$(sep)$($(v)[$(i)])"
# comment => "Insert the value, marker '$(i)' doesn't exist",
# if => "replace_attempted_$(ci[$(i)])_reached.!multiple_comments_$(ci[$(i)]).!exists_$(ci[$(i)])";
reports:
verbose_mode|EXTRA::
"$(this.bundle): Line for '$(i)' exists" if => "exists_$(ci[$(i)])";
"$(this.bundle): Line for '$(i)' does not exist" if => "!exists_$(ci[$(i)])";
}
bundle agent configure_roundcube(cfg)
{
vars:
"settings[db_dsnw]" string => "'mysql://$(cfg[db_user]):$(cfg[db_pass])@$(cfg[db_host])/$(cfg[db_name])'";
"settings[language]" string => "'us_EN'";
"idx" slist => getindices(@(cfg[settings]));
"settings[$(idx)]" string => "$(cfg[settings][$(idx)])";
methods:
"any" usebundle => mysql_table_exists(@(cfg),"users");
files:
"$(roundcube.config_file)"
#create => "true",
perms => m("644"),
copy_from => seed_cp("$(def.wmde_lib)/templates/roundcube-config.inc.php.mustache"),
handle => "roundcube_config_created";
"$(roundcube.config_file)"
edit_line => rc_line_based("$(this.bundle).settings"),
handle => "roundcube_config_edited",
depends_on => {"roundcube_config_created"};
commands:
"!mysql_$(cfg[db_name])_users_exists"::
"cd $(roundcube.install_sub_dir) && bin/initdb.sh --dir SQL"
depends_on => {"roundcube_config_edited"},
contain => wmde_cmd_useshell;
reports:
}

View File

@ -615,7 +615,7 @@ mynetworks_style = host
# logging level when an SMTP client or server host name or address
# matches a pattern in the debug_peer_list parameter.
#
debug_peer_level = 2
# debug_peer_level = 2
# The debug_peer_list parameter specifies an optional list of domain
# or network patterns, /file/name patterns or type:name tables. When

View File

@ -62,14 +62,14 @@ files:
"$(cfg[install_dir])/public/.htaccess"
copy_from => seed_cp("$(cfg[install_dir])/public/.htaccess.dist"),
perms => mog("644","root","root"),
perms => m("644"),
depends_on => {"vimbadmin_untarred"},
handle => "vimbadmin_htaccess_copied";
"$(cfg[install_dir])/application/configs/application.ini"
copy_from => seed_cp("$(cfg[install_dir])/application/configs/application.ini.dist"),
perms => mog("644","root","root"),
perms => m("644"),
depends_on => {"vimbadmin_untarred"},
handle => "vimbadmin_appini_copied";
@ -127,7 +127,7 @@ commands:
#args => '-c $(php
!vimbadmin_reconfigure::
"/bin/true"
"/usr//bin/true"
inform => "false",
handle => "vimbadmin_untarred";