2020-11-07 21:31:18 +00:00
|
|
|
defaults = {
|
|
|
|
'apt': {
|
|
|
|
'packages': {
|
|
|
|
'postfix': {},
|
|
|
|
},
|
|
|
|
},
|
2020-11-10 09:21:37 +00:00
|
|
|
'icinga2_api': {
|
|
|
|
'postfix': {
|
|
|
|
'services': {
|
|
|
|
'POSTFIX PROCESS': {
|
|
|
|
'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_systemd_unit postfix@-',
|
|
|
|
},
|
|
|
|
'POSTFIX QUEUE': {
|
|
|
|
'command_on_monitored_host': 'sudo /usr/local/share/icinga/plugins/check_postfix_queue -w 20 -c 40 -d 50',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2020-11-07 21:31:18 +00:00
|
|
|
}
|
|
|
|
|
2020-11-10 09:21:37 +00:00
|
|
|
if node.has_bundle('postfixadmin'):
|
2020-11-13 11:37:26 +00:00
|
|
|
defaults['backups'] = {
|
|
|
|
'paths': {
|
|
|
|
'/var/mail',
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
2020-11-10 09:21:37 +00:00
|
|
|
defaults['icinga2_api']['postfix']['services'].update({
|
|
|
|
'SMTP CONNECT': {
|
|
|
|
'check_command': 'check_smtp',
|
|
|
|
},
|
|
|
|
'SMTP SUBMISSION CONNECT': {
|
|
|
|
'check_command': 'check_smtp',
|
|
|
|
'vars.port': '587',
|
|
|
|
},
|
|
|
|
})
|
|
|
|
else:
|
|
|
|
defaults['icinga2_api']['postfix']['services'].update({
|
|
|
|
'SMTP CONNECT': {
|
|
|
|
'command_on_monitored_host': '/usr/lib/nagios/plugins/check_smtp -H localhost',
|
|
|
|
},
|
|
|
|
})
|
|
|
|
|
|
|
|
|
2020-11-21 09:30:05 +00:00
|
|
|
# FIXME find a working, non-shitty check for that
|
|
|
|
#@metadata_reactor
|
2020-11-10 09:21:37 +00:00
|
|
|
def fill_icinga_spam_blocklist_check_with_hostname(metadata):
|
2020-11-10 13:28:12 +00:00
|
|
|
checks = {}
|
|
|
|
|
|
|
|
for variant, ips in repo.libs.tools.resolve_identifier(repo, node.name).items():
|
|
|
|
for ip in ips:
|
|
|
|
if not ip.is_private:
|
|
|
|
checks[f'SPAM BLOCKLIST {ip}'] = {
|
|
|
|
'check_command': 'check_rbl',
|
|
|
|
'vars.ip': str(ip),
|
|
|
|
}
|
2020-11-10 09:21:37 +00:00
|
|
|
|
|
|
|
return {
|
|
|
|
'icinga2_api': {
|
|
|
|
'postfix': {
|
2020-11-10 13:28:12 +00:00
|
|
|
'services': checks,
|
2020-11-10 09:21:37 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2020-11-07 21:31:18 +00:00
|
|
|
@metadata_reactor
|
|
|
|
def letsencrypt(metadata):
|
|
|
|
if not node.has_bundle('letsencrypt'):
|
|
|
|
raise DoNotRunAgain
|
|
|
|
|
|
|
|
result = {
|
|
|
|
'reload_after': {
|
|
|
|
'postfix',
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
myhostname = metadata.get('postfix/myhostname', None)
|
|
|
|
|
|
|
|
if myhostname and myhostname != metadata.get('hostname'):
|
|
|
|
result['domains'] = {
|
2020-11-11 07:35:36 +00:00
|
|
|
myhostname: set(),
|
2020-11-07 21:31:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return {
|
|
|
|
'letsencrypt': result,
|
|
|
|
}
|