from os import listdir from os.path import join directories = { '/etc/rspamd/local.d': { 'purge': True, 'needs': { 'pkg_apt:rspamd', }, 'triggers': { 'svc_systemd:rspamd:restart', }, }, '/etc/rspamd/override.d': { 'purge': True, 'needs': { 'pkg_apt:rspamd', }, 'triggers': { 'svc_systemd:rspamd:restart', }, }, '/var/lib/rspamd/dkim': { 'owner': '_rspamd', 'group': '_rspamd', 'mode': '0750', }, } svc_systemd = { 'rspamd': { 'needs': { 'file:', 'pkg_apt:rspamd', }, }, 'clamav-daemon': { 'needs': { 'pkg_apt:clamav', 'pkg_apt:clamav-daemon', }, }, 'clamav-freshclam': { 'needs': { 'pkg_apt:clamav-freshclam', }, }, } files = { '/etc/rspamd/local.d/ip_whitelist.map': { 'content_type': 'mako', 'triggers': { 'svc_systemd:rspamd:restart', }, }, } actions = { 'rspamd_assure_dkim_key_permissions': { 'command': 'chown _rspamd:_rspamd /var/lib/rspamd/dkim/*.key', 'needs': { 'directory:/var/lib/rspamd/dkim', }, }, } # TODO manage this using bundlewrap if 'dkim' in node.metadata.get('rspamd', {}): for i in {'arc', 'dkim_signing'}: files[f'/etc/rspamd/local.d/{i}.conf'] = { 'source': 'dkim.conf', 'content_type': 'mako', 'needs': { 'action:rspamd_generate_dkim_key', }, 'triggers': { 'svc_systemd:rspamd:restart', }, } actions['rspamd_generate_dkim_key'] = { 'command': node.metadata['rspamd']['dkim'].format_into('cd /var/lib/rspamd/dkim && /usr/bin/rspamadm dkim_keygen -s "{0}" -b 2048 -k "{0}.key" > "{0}.txt"'), 'unless': node.metadata['rspamd']['dkim'].format_into('test -f "/var/lib/rspamd/dkim/{0}.key"'), 'needs': { 'directory:/var/lib/rspamd/dkim', }, 'needed_by': { 'action:rspamd_assure_dkim_key_permissions', }, } if 'password' in node.metadata.get('rspamd', {}): files['/etc/rspamd/local.d/worker-controller.inc'] = { 'content_type': 'mako', 'triggers': { 'svc_systemd:rspamd:restart', }, } local_config_path = join(repo.path, 'bundles', 'rspamd', 'files', 'local.d') for f in listdir(local_config_path): files[f'/etc/rspamd/local.d/{f}'] = { 'source': f'local.d/{f}', 'triggers': { 'svc_systemd:rspamd:restart', }, } override_config_path = join(repo.path, 'bundles', 'rspamd', 'files', 'override.d') for f in listdir(override_config_path): files[f'/etc/rspamd/override.d/{f}'] = { 'source': f'override.d/{f}', 'triggers': { 'svc_systemd:rspamd:restart', }, }