2020-11-07 21:32:08 +00:00
|
|
|
# WIP
|
|
|
|
defaults = {
|
|
|
|
'apt': {
|
2020-11-08 09:43:51 +00:00
|
|
|
'repos': {
|
|
|
|
'rspamd': {
|
|
|
|
'items': {
|
|
|
|
'deb [arch=amd64] http://rspamd.com/apt-stable/ {os_release} main',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2020-11-07 21:32:08 +00:00
|
|
|
'packages': {
|
2020-11-08 09:43:51 +00:00
|
|
|
'clamav': {},
|
|
|
|
'clamav-daemon': {},
|
|
|
|
'clamav-freshclam': {},
|
|
|
|
'clamav-unofficial-sigs': {},
|
2020-11-07 21:32:08 +00:00
|
|
|
'rspamd': {},
|
|
|
|
},
|
|
|
|
},
|
2020-11-08 09:43:51 +00:00
|
|
|
'cron': {
|
|
|
|
'clamav-unofficial-sigs': f'{node.magic_number%60} */4 * * * clamav /usr/sbin/clamav-unofficial-sigs >/dev/null',
|
|
|
|
},
|
2020-11-07 21:32:08 +00:00
|
|
|
}
|
2020-11-08 09:43:51 +00:00
|
|
|
|
|
|
|
|
|
|
|
# Nodes managed by us should always be able to send mail to all other
|
|
|
|
# servers.
|
|
|
|
@metadata_reactor
|
|
|
|
def populate_permitted_ips_list_with_ips_from_repo(metadata):
|
|
|
|
ips = set()
|
|
|
|
|
|
|
|
for rnode in repo.nodes:
|
|
|
|
for ip in repo.libs.tools.resolve_identifier(repo, rnode.name):
|
|
|
|
if not ip.is_private:
|
|
|
|
ips.add(str(ip))
|
|
|
|
|
|
|
|
return {
|
|
|
|
'rspamd': {
|
|
|
|
'ignore_spam_check_for_ips': ips,
|
|
|
|
},
|
|
|
|
}
|