bundles/postfix: add SPAM BLOCKLISt for every non-private IP attached to the server
All checks were successful
bundlewrap/pipeline/head This commit looks good

This commit is contained in:
Franzi 2020-11-10 14:28:12 +01:00
parent aad1a742b7
commit f9bd2d695d
Signed by: kunsi
GPG key ID: 12E3D2136B818350

View file

@ -20,10 +20,6 @@ defaults = {
if node.has_bundle('postfixadmin'): if node.has_bundle('postfixadmin'):
defaults['icinga2_api']['postfix']['services'].update({ defaults['icinga2_api']['postfix']['services'].update({
'SPAM BLOCKLIST': {
'check_command': 'spam_blocklist',
# vars.ip will be filled using a metadata reactor
},
'SMTP CONNECT': { 'SMTP CONNECT': {
'check_command': 'check_smtp', 'check_command': 'check_smtp',
}, },
@ -42,17 +38,20 @@ else:
@metadata_reactor @metadata_reactor
def fill_icinga_spam_blocklist_check_with_hostname(metadata): def fill_icinga_spam_blocklist_check_with_hostname(metadata):
if not node.has_bundle('postfixadmin'): checks = {}
raise DoNotRunAgain
for variant, ips in repo.libs.tools.resolve_identifier(repo, node.name).items():
for ip in ips:
if not ip.is_private:
checks[f'SPAM BLOCKLIST {ip}'] = {
'check_command': 'check_rbl',
'vars.ip': str(ip),
}
return { return {
'icinga2_api': { 'icinga2_api': {
'postfix': { 'postfix': {
'services': { 'services': checks,
'SPAM BLOCKLIST': {
'vars.ip': metadata.get('postfix/myhostname', metadata.get('hostname', node.hostname)),
},
},
}, },
}, },
} }