kunsi/bundlewrap
1
0
Fork 0
Code Issues 2 Pull requests 1 Releases Activity
bundlewrap/bundles/rspamd/items.py
Franzi 78fda4f9e9
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
Details
bundles/rspamd: do not try to resolve faults in items.py
2021-09-06 09:28:30 +02:00

146 lines
3.9 KiB
Python
Raw Blame History

from os import listdir
from os.path import join
repo.libs.tools.require_bundle(node, 'redis', 'rspamd does not work without a redis cache')
directories = {
'/etc/rspamd/local.d': {
'purge': True,
'needs': {
'pkg_apt:rspamd',
},
'triggers': {
'svc_systemd:rspamd:restart',
},
},
'/etc/rspamd/override.d': {
'purge': True,
'needs': {
'pkg_apt:rspamd',
},
'triggers': {
'svc_systemd:rspamd:restart',
},
},
'/var/lib/rspamd/dkim': {
'owner': '_rspamd',
'group': '_rspamd',
'mode': '0750',
'needs': {
'pkg_apt:rspamd',
},
},
}
svc_systemd = {
'rspamd': {
'needs': {
'pkg_apt:rspamd',
},
},
'clamav-daemon': {
'needs': {
'pkg_apt:clamav',
'pkg_apt:clamav-daemon',
},
},
'clamav-freshclam': {
'needs': {
'pkg_apt:clamav-freshclam',
},
},
'rspamd-dmarc-report.timer': {
'needs': {
'file:/etc/systemd/system/rspamd-dmarc-report.service',
'file:/etc/systemd/system/rspamd-dmarc-report.timer',
},
},
}
files = {
'/etc/rspamd/local.d/ip_whitelist.map': {
'content_type': 'mako',
},
'/usr/local/bin/telegraf-rspamd-plugin': {
'mode': '0755',
},
'/etc/systemd/system/rspamd-dmarc-report.timer': {
'content_type': 'mako',
'context': {
'hour': node.magic_number%24,
'minute': node.magic_number%60,
},
'triggers': {
'action:systemd-reload',
'svc_systemd:rspamd-dmarc-report.timer:restart',
},
},
'/etc/systemd/system/rspamd-dmarc-report.service': {
'triggers': {
'action:systemd-reload',
},
},
}
if 'dkim' in node.metadata.get('rspamd', {}):
for i in {'arc', 'dkim_signing'}:
files[f'/etc/rspamd/local.d/{i}.conf'] = {
'source': 'dkim.conf',
'content_type': 'mako',
'needs': {
'action:rspamd_generate_dkim_key',
},
'triggers': {
'svc_systemd:rspamd:restart',
},
}
dkim_key = repo.libs.faults.ensure_fault_or_none(node.metadata['rspamd']['dkim'])
actions = {
'rspamd_assure_dkim_key_permissions': {
'command': 'chown _rspamd:_rspamd /var/lib/rspamd/dkim/*.key',
'unless': 'test -z "$(find /var/lib/rspamd/ -iname \"*.key\" \! -user _rspamd)"',
'needs': {
'action:rspamd_generate_dkim_key',
'directory:/var/lib/rspamd/dkim',
},
},
'rspamd_generate_dkim_key': {
'command': dkim_key.format_into('cd /var/lib/rspamd/dkim && /usr/bin/rspamadm dkim_keygen -s "{0}" -b 2048 -k "{0}.key" > "{0}.txt"'),
'unless': dkim_key.format_into('test -f "/var/lib/rspamd/dkim/{0}.key"'),
'needs': {
'directory:/var/lib/rspamd/dkim',
'pkg_apt:rspamd',
},
},
}
if 'password' in node.metadata.get('rspamd', {}):
files['/etc/rspamd/local.d/worker-controller.inc'] = {
'content_type': 'mako',
'triggers': {
'svc_systemd:rspamd:restart',
},
}
local_config_path = join(repo.path, 'bundles', 'rspamd', 'files', 'local.d')
for f in listdir(local_config_path):
files[f'/etc/rspamd/local.d/{f}'] = {
'source': f'local.d/{f}',
'content_type': 'mako',
'triggers': {
'svc_systemd:rspamd:restart',
},
}
override_config_path = join(repo.path, 'bundles', 'rspamd', 'files', 'override.d')
for f in listdir(override_config_path):
files[f'/etc/rspamd/override.d/{f}'] = {
'source': f'override.d/{f}',
'triggers': {
'svc_systemd:rspamd:restart',
},
}
Reference in a new issue View git blame Copy permalink