Compare commits

..

No commits in common. "83c714ad31ef2892e74bf9947ae9a652fd5bceea" and "1e20758f51beb46161a0fb0371169b5d8d85ba4f" have entirely different histories.

8 changed files with 79 additions and 179 deletions

View File

@ -18,9 +18,6 @@ vars:
"imap_key" string => "$(cfg_dir)/private/imap.key"; "imap_key" string => "$(cfg_dir)/private/imap.key";
"imap_cert" string => "$(cfg_dir)/private/imap.crt"; "imap_cert" string => "$(cfg_dir)/private/imap.crt";
"submission_key" string => "$(cfg_dir)/private/submission.key";
"submission_cert" string => "$(cfg_dir)/private/submission.crt";
"service_name" string => "dovecot"; "service_name" string => "dovecot";
@ -40,11 +37,9 @@ methods:
"any" usebundle => wmde_service("$(service_name)","dovecot_kept","dovecot_repaired"), "any" usebundle => wmde_service("$(service_name)","dovecot_kept","dovecot_repaired"),
depends_on => { depends_on => {
"dovecot_pkgs_installed", "dovecot_pkgs_installed",
"dovecot_cfg_created",
"dovecot_imap_key_installed", "dovecot_imap_key_installed",
"dovecot_imap_cert_installed", "dovecot_imap_cert_installed",
"dovecot_submission_key_installed", "dovecot_cfg_created"
"dovecot_submission_cert_installed",
}; };
services: services:
@ -76,18 +71,6 @@ files:
copy_from => local_dcp( execresult( "/usr/bin/readlink -qfn $(cfg[imap_key])","noshell" )), copy_from => local_dcp( execresult( "/usr/bin/readlink -qfn $(cfg[imap_key])","noshell" )),
perms => mog("600","root","root"); perms => mog("600","root","root");
"$(submission_cert)"
handle => "dovecot_submission_cert_installed",
classes => if_repaired(dovecot_repaired),
copy_from => local_dcp( execresult( "/usr/bin/readlink -qfn $(cfg[submission_cert])","noshell" )),
perms => mog("600","root","root");
"$(submission_key)"
handle => "dovecot_submission_key_installed",
classes => if_repaired(dovecot_repaired),
copy_from => local_dcp( execresult( "/usr/bin/readlink -qfn $(cfg[submission_key])","noshell" )),
perms => mog("600","root","root");

106
mysql.cf
View File

@ -2,41 +2,31 @@
# #
# #
bundle agent mysql(cfg_param) bundle agent mysql
{ {
vars: vars:
"default_cfg" data => '{ "bind_address" string => "127.0.0.1";
"bind_address":"127.0.0.1", "user" string => "mysql";
"user":"mysql", "port" string => "3306";
"port":"3306"
}';
"cfg" data => mergedata(@(default_cfg),@(cfg_param));
freebsd:: freebsd::
# "pkg" string => "mariadb106-server"; # "pkg" string => "mariadb106-server";
"pkg" string => "mysql80-server"; "pkg" string => "mysql80-server";
"service_name" string => "mysql-server"; "service_name" string => "mysql-server";
"cfg_dir" string => "/usr/local/etc/mysql";
"cfg_file" string => "/usr/local/etc/mysql/my.cnf"; "cfg_file" string => "/usr/local/etc/mysql/my.cnf";
"bin_dir" string => "/usr/local/bin"; "mysql_cmd" string => "/usr/local/bin/mysql";
debian:: debian::
"pkg" slist => {"mariadb-server"}; "pkg" slist => {"mariadb-common", "mariadb-client", "mariadb-server"};
"client_pkgs" slist => {"mariadb-client"};
"service_name" string => "mysql"; "service_name" string => "mysql";
"cfg_dir" string => "/etc/mysql";
"cfg_file" string => "/etc/mysql/my.cnf"; "cfg_file" string => "/etc/mysql/my.cnf";
"bin_dir" string => "/usr/bin"; "mysql_cmd" string => "/usr/bin/mysql";
any:: commands:
"mysql_cmd" string => "$(bin_dir)/mysql"; # debian&mysql_repaired::
"mysqldump_cmd" string => "$(bin_dir)/mysqldump"; # "/usr/bin/mysql_install_db"
# depends_on => { "mysql_pkgs_installed" },
# handle => "mysql_db_installed";
files: files:
"$(cfg_dir)/."
create => "true",
perms => mog("0755","root","root"),
handle => "mysql_cfg_dir_created";
"$(cfg_file)" "$(cfg_file)"
create => "true", create => "true",
@ -44,7 +34,7 @@ files:
edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/my.cnf.mustache", edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/my.cnf.mustache",
template_method => "mustache", template_method => "mustache",
handle => "mysql_cfg_created", handle => "mysql_cfg_created",
depends_on => {"mysql_cfg_dir_created"}, # depends_on => {"mysql_db_installed"},
classes => if_repaired("mysql_repaired"); classes => if_repaired("mysql_repaired");
@ -63,19 +53,10 @@ services:
service_policy => "restart", service_policy => "restart",
depends_on => {"mysql_running","mysql_cfg_created"}; depends_on => {"mysql_running","mysql_cfg_created"};
reports:
} }
bundle agent install_mysql_client
{
methods:
"any" usebundle => wmde_install_packages(@(mysql.client_pkgs),"mysql_client"),
handle => "mysql_client_installed";
}
body contain mysql_cmd body contain mysql_cmd
{ {
useshell=>"useshell"; useshell=>"useshell";
@ -100,6 +81,15 @@ vars:
"classname" string => "mysql_$(dbdef[db_name])_$(table_name)_exists"; "classname" string => "mysql_$(dbdef[db_name])_$(table_name)_exists";
"cmd" string => 'if mysql $(xargs) -e "show tables LIKE \'$(table_name)\'" $(dbdef[db_name]) | grep -q \'$(table_name)\'; then echo "+$(classname)"; else echo "-$(classname)"; fi'; "cmd" string => 'if mysql $(xargs) -e "show tables LIKE \'$(table_name)\'" $(dbdef[db_name]) | grep -q \'$(table_name)\'; then echo "+$(classname)"; else echo "-$(classname)"; fi';
#"cmd" string => '"if mysql -e \\\"show tables"';
# "cmdfile" string => hash("$cmd)","sha256");
#files:
# "/tmp/$(cmdfile)"
# create => "true",
# content => "$(cmd)",
# handle => "mysql_$(cmdfile)_created";
commands: commands:
"$(cmd)" "$(cmd)"
@ -107,61 +97,11 @@ commands:
inform => "false", inform => "false",
module => "true"; module => "true";
reports:
}
bundle agent mysql_backup_all(cfg)
{
vars:
"cmd" string => '$(mysql.mysql_cmd) -N -e \'show databases\' | while read dbname; do $(mysql.mysqldump_cmd) --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M "$dbname" > $(cfg[backup_dir])/"$dbname".sql; done';
reports: reports:
# "CMD: $(cmd)"; # "CMD: $(cmd)";
} }
bundle agent mysql_backup_db(cfg,file)
{
vars:
"table_exists_cmd" string => '$(mysql.mysql_cmd) -e "show tables LIKE \'$(table_name)\'" $(cdfg[db_name]) | grep -q $(table_name)';
"cmd" string => "$(mysql.mysqldump_cmd) --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) >$(file)";
}
bundle agent create_mysql_backup_cron_job(cfg,file,table_name,run)
{
classes:
"create_cron" expression => strcmp("$(run)","true");
vars:
"table_exists_cmd" string => '$(mysql.mysql_cmd) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) -e "show tables LIKE \'$(table_name)\'" $(cfg[db_name]) | grep -q $(table_name)';
"backup_cmd" string => "$(mysql.mysqldump_cmd) --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M -h$(cfg[db_host]) -u$(cfg[db_user]) -p$(cfg[db_pass]) $(cfg[db_name]) >$(file)";
files:
!create_cron::
"/etc/cron.d/$(cfg[db_name])"
delete=>tidy;
create_cron::
"/etc/cron.d/$(cfg[db_name])"
perms => m("644"),
create => "true",
content => "
#
# /etc/cron.d/roundcube
#
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
0 * * * * root $(table_exists_cmd) && $(backup_cmd)
";
}
bundle agent create_mysql_db(cfg) bundle agent create_mysql_db(cfg)
{ {
vars: vars:
@ -178,5 +118,7 @@ commands:
args => "$(args)", args => "$(args)",
inform => "false"; inform => "false";
#mysql -u <username> -p -e "USE <database_name>;" && mysql -u <username> -p -e "SHOW TABLES LIKE '<table_name>';" | grep -q '<table_name>' && exit 0 || exit 1
reports: reports:
} }

8
php.cf
View File

@ -38,13 +38,7 @@ vars:
"php$(version)-mysql", "php$(version)-mysql",
"php-json", "php-json",
"php$(version)-xml", "php$(version)-xml",
"php-gd", "php-gd"
"php-mbstring",
"php-intl",
"php-curl",
"php-imagick",
"php-ldap",
}; };
ubuntu:: ubuntu::
"pkgs" slist => { "pkgs" slist => {

View File

@ -9,7 +9,7 @@ vars:
"local.d/milter_headers.conf", "local.d/milter_headers.conf",
# "local.d/actions.conf", # "local.d/actions.conf",
"local.d/worker-normal.inc", "local.d/worker-normal.inc",
"local.d/worker-proxy.inc", # "local.d/worker-proxy.inc",
# "local.d/worker-controller.inc", # "local.d/worker-controller.inc",
# "local.d/classifier-bayes.conf", # "local.d/classifier-bayes.conf",
# "local.d/worker-fuzzy.inc", # "local.d/worker-fuzzy.inc",
@ -29,28 +29,53 @@ vars:
"service_name" string => "rspamd"; "service_name" string => "rspamd";
"root_user" string => "root"; "root_user" string => "root";
"root_group" string => "root"; "root_group" string => "root";
packages:
freebsd::
methods: "$(rspamd.pkgs)"
"any" usebundle => wmde_install_packages(@(pkgs),"rspamd"); policy => "present",
"any" usebundle => wmde_service("$(service_name)","rspamd_kept","rspamd_repaired"), package_module => pkg,
depends_on => {"rspamd_cfgs_done"}; handle => "rspamd_pkg_installed",
classes => if_repaired(rspamd_changed);
debian::
"$(rspamd.pkgs)"
policy => "present",
package_module => apt_get,
handle => "rspamd_pkg_installed",
classes => if_repaired(rspamd_changed);
fedora|centos::
"$(rspamd.pkgs)"
policy => "present",
package_module => yum,
handle => "rspamd_pkg_installed",
classes => if_repaired(rspamd_changed);
files: files:
"$(cfg_dir)/." "$(cfg_dir)/."
perms => uperm("$(root_user)","$(root_group)","755"), perms => uperm("$(root_user)","$(root_group)","755"),
depends_on => { "rspamd_pkgs_installed" }, depends_on => { "rspamd_pkg_installed" },
handle => "rspamd_cfg_dir_created"; handle => "rspamd_cfg_dir_created";
"$(cfg_dir)/$(cfgfiles)" "$(cfg_dir)/$(cfgfiles)"
create => "true", create => "true",
edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/rspamd/$(cfgfiles).mustache", edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/rspamd/$(cfgfiles).mustache",
template_method => "mustache", template_method => "mustache",
perms => m("644"), perms => uperm("$(root_user)","$(root_group)","644"),
template_data => bundlestate("$(this.bundle)"), template_data => bundlestate("$(this.bundle)"),
depends_on => { "rspamd_pkgs_installed","rspamd_cfg_dir_created" }, depends_on => { "rspamd_pkg_installed","rspamd_cfg_dir_created" },
classes => if_repaired(rspamd_repaired), classes => if_repaired(rspamd_restart),
handle => "rspamd_cfgs_done"; handle => "rspamd_cfgs_done";
services:
"$(service_name)"
service_policy => "start",
depends_on => { "rspamd_cfgs_done" },
handle => "rspamd_running";
rspamd_restart::
"$(service_name)"
service_policy => "restart",
depends_on => { "rspamd_running", "rspamd_cfgs_done"};
reports: reports:
# "RSPAMD: $(cfgjs)"; # "RSPAMD: $(cfgjs)";
# "RSJ: $(worker_normalx)"; # "RSJ: $(worker_normalx)";

View File

@ -38,19 +38,6 @@ protocol imap {
#mail_max_userip_connections = 10 #mail_max_userip_connections = 10
} }
protocol submission {
ssl_cert = <{{vars.dovecot.submission_cert}}
ssl_key = <{{vars.dovecot.submission_key}}
# Space separated list of plugins to load (default is global mail_plugins).
#mail_plugins = $mail_plugins
# Maximum number of IMAP connections allowed for a user from each IP address.
# NOTE: The username is compared case-sensitively.
#mail_max_userip_connections = 10
}
{{#vars.dovecot.cfg.userdbs}} {{#vars.dovecot.cfg.userdbs}}
userdb { userdb {
@ -68,18 +55,5 @@ passdb {
} }
{{/vars.dovecot.cfg.passdbs}} {{/vars.dovecot.cfg.passdbs}}
{{#vars.dovecot.cfg.services}}
#
# {{comment}}
#
service {{@}} {
{{{raw}}}
}
{{/vars.dovecot.cfg.services}}
{{vars.dovecot.cfg.raw}} {{vars.dovecot.cfg.raw}}

View File

@ -3,7 +3,7 @@
# #
[client-server] [client-server]
port = {{vars.cfg.mysql.port}} port = {{vars.mysql.port}}
socket = /run/mysqld/mysqld.sock socket = /run/mysqld/mysqld.sock
#[mysql] #[mysql]
@ -11,10 +11,10 @@ socket = /run/mysqld/mysqld.sock
#no_auto_rehash #no_auto_rehash
[mysqld] [mysqld]
#log-error =/var/log/mysql/mysqld.log log-error =/var/log/mysql/mysqld.log
user = {{vars.mysql.cfg.user}} user = {{vars.mysql.user}}
port = {{vars.mysql.cfg.port}} port = {{vars.mysql.port}}
bind-address = {{vars.mysql.cfg.bind_address}} bind-address = 127.0.0.1
lower_case_table_names = 1 lower_case_table_names = 1

View File

@ -1,5 +1,5 @@
# #
# Managed by CFEngine # Managed by CFEngine
# #
{{{cfg.worker_normal}}} {{cfg.worker_normal}}

View File

@ -4,13 +4,11 @@
bundle agent vimbadmin(cfg) bundle agent vimbadmin(cfg)
{ {
classes:
"vimbadmin_restore_db_file" expression => isvariable("cfg[restore_db_file]");
vimbadmin_restore_db_file::
"vimbadmin_restore_db" expression => fileexists("$(cfg[restore_db_file])");
vars: vars:
"r" int => randomint(1,5),
handle => "rand_assigned";
"vsettings[resources.doctrine2.connection.options.driver]" string => "'$(cfg[db_driver])'"; "vsettings[resources.doctrine2.connection.options.driver]" string => "'$(cfg[db_driver])'";
"vsettings[resources.doctrine2.connection.options.dbname]" string => "'$(cfg[db_name])'"; "vsettings[resources.doctrine2.connection.options.dbname]" string => "'$(cfg[db_name])'";
"vsettings[resources.doctrine2.connection.options.user]" string => "'$(cfg[db_user])'"; "vsettings[resources.doctrine2.connection.options.user]" string => "'$(cfg[db_user])'";
@ -90,15 +88,9 @@ files:
commands: commands:
"(!mysql_$(cfg[db_name])_admin_exists)&(!vimbadmin_restore_db)":: "!mysql_$(cfg[db_name])_admin_exists"::
"cd $(cfg[install_dir]) && ./bin/doctrine2-cli.php orm:schema-tool:create " "cd $(cfg[install_dir]) && ./bin/doctrine2-cli.php orm:schema-tool:create "
contain => wmde_cmd_useshell, contain => wmde_cmd_useshell,
handle => "vimbadmin_db_initialized",
depends_on => {"vimbadmin_appini_edited"};
"(!mysql_$(cfg[db_name])_admin_exists)&vimbadmin_restore_db"::
"mysql -u $(cfg[db_user]) -p$(cfg[db_pass]) -h$(cfg[db_host]) $(cfg[db_name]) < $(cfg[restore_db_file])"
contain => wmde_cmd_useshell,
depends_on => {"vimbadmin_appini_edited"}; depends_on => {"vimbadmin_appini_edited"};
@ -129,16 +121,6 @@ methods:
"any" usebundle => mysql_table_exists(@(cfg),"admin"); "any" usebundle => mysql_table_exists(@(cfg),"admin");
reports: reports:
# "VIMBADMIN $(cfg[restore_db_file])";
# "vimbadmin_restore_db_file"::
# "RESTORE_DB_FILE";
# "vimbadmin_restore_db"::
# "RESTORE_DB";
# "(!mysql_$(cfg[db_name])_admin_exists)&vimbadmin_restore_db"::
# "Should restore db";
} }