293 lines
7.2 KiB
CFEngine3
293 lines
7.2 KiB
CFEngine3
#
|
|
#
|
|
#
|
|
|
|
bundle agent dovecot(cfg)
|
|
{
|
|
classes:
|
|
"use_ssl" expression => strcmp("$(cfg[ssl])","true");
|
|
"rspamd_scripts" expression => strcmp("$(cfg[rspamd_scripts])","true");
|
|
|
|
vars:
|
|
"imap_key" string => "$(cfg_dir)/private/imap.key";
|
|
"imap_cert" string => "$(cfg_dir)/private/imap.crt";
|
|
"submission_key" string => "$(cfg_dir)/private/submission.key";
|
|
"submission_cert" string => "$(cfg_dir)/private/submission.crt";
|
|
|
|
|
|
|
|
freebsd::
|
|
"service_name" string => "dovecot";
|
|
"cfg_dir" string => "/usr/local/etc/dovecot";
|
|
"dovecot_conf" string => "$(cfg_dir)/dovecot.conf";
|
|
|
|
"pkgs" slist => {
|
|
"dovecot",
|
|
"dovecot-pigeonhole"
|
|
};
|
|
"sievec_exe" string => "/usr/local/bin/sievec";
|
|
debian::
|
|
"cfg_dir" string => "/etc/dovecot";
|
|
"dovecot_conf" string => "$(cfg_dir)/dovecot.conf";
|
|
|
|
"imap_key" string => "$(cfg_dir)/private/imap.key";
|
|
"imap_cert" string => "$(cfg_dir)/private/imap.crt";
|
|
"submission_key" string => "$(cfg_dir)/private/submission.key";
|
|
"submission_cert" string => "$(cfg_dir)/private/submission.crt";
|
|
|
|
"sievec_exe" string => "/usr/bin/sievec";
|
|
|
|
|
|
"service_name" string => "dovecot";
|
|
"pkgs" slist => {
|
|
"dovecot-core",
|
|
"dovecot-mysql",
|
|
"dovecot-managesieved",
|
|
# "dovecot-submissiond",
|
|
"dovecot-lmtpd",
|
|
"dovecot-imapd",
|
|
"dovecot-pop3d"
|
|
|
|
};
|
|
centos::
|
|
"pkgs" slist => {
|
|
"dovecot",
|
|
"dovecot-mysql",
|
|
"dovecot-pigeonhole"
|
|
};
|
|
"cfg_dir" string => "/etc/dovecot";
|
|
"dovecot_conf" string => "$(cfg_dir)/dovecot.conf";
|
|
|
|
"imap_key" string => "$(cfg_dir)/private/imap.key";
|
|
"imap_cert" string => "$(cfg_dir)/private/imap.crt";
|
|
"submission_key" string => "$(cfg_dir)/private/submission.key";
|
|
"submission_cert" string => "$(cfg_dir)/private/submission.crt";
|
|
"service_name" string => "dovecot";
|
|
"sievec_exe" string => "/usr/bin/sievec";
|
|
|
|
use_ssl::
|
|
"service_deps" slist => {
|
|
"dovecot_pkgs_installed",
|
|
"dovecot_cfg_created",
|
|
"dovecot_imap_key_installed",
|
|
"dovecot_imap_cert_installed",
|
|
"dovecot_submission_key_installed",
|
|
"dovecot_submission_cert_installed",
|
|
};
|
|
!use_ssl::
|
|
"service_deps" slist => {
|
|
"dovecot_pkgs_installed",
|
|
"dovecot_cfg_created",
|
|
};
|
|
|
|
|
|
|
|
|
|
methods:
|
|
"any" usebundle => wmde_install_packages(@(pkgs),"dovecot");
|
|
"any" usebundle => wmde_service("$(service_name)","dovecot_kept","dovecot_repaired"),
|
|
depends_on => @(service_deps);
|
|
rspamd_scripts::
|
|
"any" usebundle => dovecot_install_rspamd_sieve_scripts("$(dovecot.cfg_dir)/rspamd"),
|
|
depends_on => {"dovecot_pkgs_installed"};
|
|
|
|
files:
|
|
"$(cfg_dir)/."
|
|
create => "true",
|
|
perms => m("755"),
|
|
depends_on => {"dovecot_pkgs_installed"},
|
|
handle => "dovecot_cfg_dir_created";
|
|
|
|
"$(dovecot_conf)"
|
|
classes => if_repaired(dovecot_repaired),
|
|
create => "true",
|
|
perms => m("644"),
|
|
template_method => "mustache",
|
|
depends_on => {"dovecot_pkgs_installed","dovecot_cfg_dir_created"},
|
|
handle => "dovecot_cfg_created",
|
|
edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/dovecot/dovecot.conf.mustache";
|
|
|
|
use_ssl::
|
|
|
|
"$(imap_cert)"
|
|
handle => "dovecot_imap_cert_installed",
|
|
classes => if_repaired(dovecot_repaired),
|
|
copy_from => local_dcp( execresult( "/usr/bin/readlink -fn $(cfg[imap_cert])","noshell" )),
|
|
perms => m("600");
|
|
|
|
"$(imap_key)"
|
|
handle => "dovecot_imap_key_installed",
|
|
classes => if_repaired(dovecot_repaired),
|
|
copy_from => local_dcp( execresult( "/usr/bin/readlink -fn $(cfg[imap_key])","noshell" )),
|
|
perms => m("600");
|
|
|
|
"$(submission_cert)"
|
|
handle => "dovecot_submission_cert_installed",
|
|
classes => if_repaired(dovecot_repaired),
|
|
copy_from => local_dcp( execresult( "/usr/bin/readlink -fn $(cfg[submission_cert])","noshell" )),
|
|
perms => m("600");
|
|
|
|
"$(submission_key)"
|
|
handle => "dovecot_submission_key_installed",
|
|
classes => if_repaired(dovecot_repaired),
|
|
copy_from => local_dcp( execresult( "/usr/bin/readlink -fn $(cfg[submission_key])","noshell" )),
|
|
perms => m("600");
|
|
|
|
|
|
|
|
|
|
reports:
|
|
# use_ssl::
|
|
# "USE_SSL: TRUE";
|
|
# !use_ssl::
|
|
# "USE_SSL: FALSE";
|
|
|
|
# "IMAP_CERT: $(imap_cert)";
|
|
#
|
|
# dovecot_kept::
|
|
# "DOVECOT kept";
|
|
#
|
|
# dovecot_repaired::
|
|
# "DOVECOT repaired";
|
|
|
|
}
|
|
|
|
|
|
|
|
bundle agent dovecot_vimbadmin_sql(cfg,dovecot_cfg)
|
|
{
|
|
vars:
|
|
"cfg_file" string => "$(sys.workdir)/data/agent/dovecot/vimbadmin-sql.comf";
|
|
files:
|
|
"$(cfg_file)"
|
|
classes => if_repaired(dovecot_repaired),
|
|
create => "true",
|
|
template_method => "mustache",
|
|
edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/dovecot/vimbadmin-sql.conf.mustache";
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
bundle agent install_dovecot_pkgs
|
|
{
|
|
methods:
|
|
"any" usebundle => wmde_install_packages(@(dovecot.pkgs),"dovecot");
|
|
}
|
|
|
|
|
|
bundle agent install_global_sieve_script( filename , content)
|
|
{
|
|
vars:
|
|
"rep_class" string =>"global_sieve_repaired_$(filename)";
|
|
|
|
files:
|
|
"$(filename)"
|
|
create => "true",
|
|
content => "$(content)",
|
|
perms => m("644"),
|
|
handle => "global_sieve_$(filename)_created",
|
|
classes => if_repaired (sieve_repaired);
|
|
|
|
commands:
|
|
sieve_repaired::
|
|
"$(dovecot.sievec_exe)"
|
|
args => "$(filename)",
|
|
depends_on => { "global_sieve_$(filename)_created" };
|
|
reports:
|
|
|
|
}
|
|
|
|
bundle agent dovecot_install_sieve_script( filename , content, cls)
|
|
{
|
|
vars:
|
|
"rep_class" string =>"global_sieve_$(filename)_repaired";
|
|
|
|
files:
|
|
"$(filename)"
|
|
create => "true",
|
|
content => "$(content)",
|
|
perms => m("644"),
|
|
handle => "sieve_$(filename)_created",
|
|
classes => if_repaired ("$(cls)_repaired");
|
|
|
|
commands:
|
|
"$(cls)_repaired"::
|
|
"$(dovecot.sievec_exe)"
|
|
args => "$(filename)",
|
|
depends_on => { "sieve_$(filename)_created" };
|
|
reports:
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
bundle agent dovecot_rspamd_sieve_vars(read)
|
|
{
|
|
classes:
|
|
"$(read)";
|
|
vars:
|
|
# do_read::
|
|
# "ham_script" string => readfile("$(def.wmde_lib/scripts/rspamd-learn-ham.sieve.mustache)");
|
|
# "spam_script" string => readfile("$(def.wmde_lib/scripts/rspamd-learn-ham.sieve.mustache)");
|
|
# "ham_sh" string => readfile("$(def.wmde_lib/scripts/rspamd-learn-ham.sieve.mustache)");
|
|
# "spam_sh" string => readfile("$(def.wmde_lib/scripts/rspamd-learn-ham.sieve.mustache)");
|
|
|
|
}
|
|
|
|
bundle agent dovecot_install_rspamd_sieve_scripts(target_dir)
|
|
{
|
|
methods:
|
|
"any" usebundle => dovecot_rspamd_sieve_vars("do_read"),
|
|
handle => "dovecot_rspamd_vars_ready";
|
|
files:
|
|
"$(target_dir)/."
|
|
create => "true",
|
|
perms => m("755"),
|
|
handle => "dovecot_install_rspamd_sieve_scripts_dir_created";
|
|
|
|
methods:
|
|
"any" usebundle => dovecot_install_sieve_script( "$(target_dir)/rspamd-learn-ham.sieve",
|
|
# string_mustache(
|
|
readfile("$(def.wmde_lib)/scripts/dovecot/rspamd-learn-ham.sieve.mustache")
|
|
# ),
|
|
, "dovecot_sieve_ham"
|
|
) ,depends_on => {"dovecot_install_rspamd_sieve_scripts_dir_created"};
|
|
"any" usebundle => dovecot_install_sieve_script( "$(target_dir)/rspamd-learn-spam.sieve",
|
|
# string_mustache(
|
|
readfile("$(def.wmde_lib)/scripts/dovecot/rspamd-learn-spam.sieve.mustache")
|
|
# )
|
|
, "dovecot_sieve_spam"
|
|
|
|
) ,depends_on => {"dovecot_install_rspamd_sieve_scripts_dir_created"};
|
|
|
|
files:
|
|
|
|
"$(target_dir)/rspamd-learn-ham.sh"
|
|
create => "true",
|
|
content => string_mustache(
|
|
readfile("$(def.wmde_lib)/scripts/dovecot/rspamd-learn-ham.sh.mustache")
|
|
),
|
|
perms => m("755"),
|
|
depends_on => {"dovecot_install_rspamd_sieve_scripts_dir_created"};
|
|
|
|
"$(target_dir)/rspamd-learn-spam.sh"
|
|
create => "true",
|
|
content => string_mustache(
|
|
readfile("$(def.wmde_lib)/scripts/dovecot/rspamd-learn-spam.sh.mustache")
|
|
),
|
|
perms => m("755"),
|
|
depends_on => {"dovecot_install_rspamd_sieve_scripts_dir_created"};
|
|
|
|
|
|
|
|
reports:
|
|
|
|
|
|
|
|
}
|
|
|