From 30ce409c4e99e0f7515f90fc69dd4d9027c425c2 Mon Sep 17 00:00:00 2001 From: Udo Waechter Date: Mon, 25 Aug 2025 10:40:17 +0200 Subject: [PATCH] maketank-scripts from ansible --- roles/mkt-scripts/files/README.md | 1 + .../files/amavis/generate-dkim-conf.sh | 51 +++++++++++++++++++ roles/mkt-scripts/files/amavis/sa-learn.sh | 33 ++++++++++++ .../files/dovecot/dovecot-generate-passdb.rb | 16 ++++++ .../mkt-scripts/files/dovecot/healthcheck.sh | 3 ++ .../files/dovecot/quota-warning.sh | 21 ++++++++ .../files/dovecot/upload_spam_ham.sh | 32 ++++++++++++ roles/mkt-scripts/files/ldap/backup.sh | 9 ++++ .../files/postfix/generate_maps.sh | 24 +++++++++ .../files/postfix/pflogsum-ganglia.rb | 15 ++++++ .../files/powerdns/cleanup_slave_zones.sh | 30 +++++++++++ .../files/update-motd.d/20-mkt-failover | 18 +++++++ .../mkt-scripts/files/update-motd.d/30-virsh | 5 ++ roles/mkt-scripts/tasks/main.yaml | 21 ++++++++ site.yaml | 2 + 15 files changed, 281 insertions(+) create mode 100644 roles/mkt-scripts/files/README.md create mode 100755 roles/mkt-scripts/files/amavis/generate-dkim-conf.sh create mode 100755 roles/mkt-scripts/files/amavis/sa-learn.sh create mode 100755 roles/mkt-scripts/files/dovecot/dovecot-generate-passdb.rb create mode 100755 roles/mkt-scripts/files/dovecot/healthcheck.sh create mode 100755 roles/mkt-scripts/files/dovecot/quota-warning.sh create mode 100755 roles/mkt-scripts/files/dovecot/upload_spam_ham.sh create mode 100755 roles/mkt-scripts/files/ldap/backup.sh create mode 100755 roles/mkt-scripts/files/postfix/generate_maps.sh create mode 100755 roles/mkt-scripts/files/postfix/pflogsum-ganglia.rb create mode 100755 roles/mkt-scripts/files/powerdns/cleanup_slave_zones.sh create mode 100755 roles/mkt-scripts/files/update-motd.d/20-mkt-failover create mode 100755 roles/mkt-scripts/files/update-motd.d/30-virsh create mode 100644 roles/mkt-scripts/tasks/main.yaml diff --git a/roles/mkt-scripts/files/README.md b/roles/mkt-scripts/files/README.md new file mode 100644 index 0000000..62fbed3 --- /dev/null +++ b/roles/mkt-scripts/files/README.md @@ -0,0 +1 @@ +Well, this is just a dummy file. \ No newline at end of file diff --git a/roles/mkt-scripts/files/amavis/generate-dkim-conf.sh b/roles/mkt-scripts/files/amavis/generate-dkim-conf.sh new file mode 100755 index 0000000..f16342f --- /dev/null +++ b/roles/mkt-scripts/files/amavis/generate-dkim-conf.sh @@ -0,0 +1,51 @@ +#!/bin/bash + +CDIR="/var/cache/amavis-dkim" +CONFDIR="/etc/amavis/conf.d" +LUPDATED=$(stat -c %Y ${CONFDIR}) + +[[ -d ${CDIR} ]] || mkdir -p ${CDIR} + +nmap -p 3306 10.201.0.4 |grep -q '3306/tcp.*open.*mysql' + +if [[ $? == 1 ]]; then + exit 1 +fi + +MYSQL="mysql --skip-ssl -h 10.201.0.4 -u maketank -pknatekam2007 -B --database=maketank_froxlor" + +#compare files +OLD=${CDIR}/dkim-domains.prev +[[ -e ${OLD} ]] || touch $OLD +NEW=${CDIR}/dkim-domains.new +${MYSQL} -e 'SELECT domain from panel_domains pd where pd.isemaildomain = "1" order by domain ASC;' |sed '1d' >$NEW + +# Add new DKIM entries +diff $OLD $NEW |awk -F '> ' '{print $2}' |awk NF | while read line; do + line_n=$(echo ${line} |tr '.' '_') + if [[ ! -e ${CONFDIR}/999-${line_n} ]]; then + cat <${CONFDIR}/999-${line_n} +# Automatically generated, do not edit +dkim_key( + '${line}', + 'mx', + '/etc/amavis/dkim/maketank.net.private.key' +); +1; +EOT + fi +done + +# Remove old DKIM entries +diff $OLD $NEW |awk -F '< ' '{print $2}' |awk NF | while read line; do + line_n=$(echo ${line} |tr '.' '_') + rm -fv ${CONFDIR}/999-${line_n} +done + + +UPDATED=$(stat -c %Y ${CONFDIR}) + +if [[ ${LUPDATED} -lt ${UPDATED} ]]; then + systemctl reload amavis.service + cp $NEW $OLD +fi \ No newline at end of file diff --git a/roles/mkt-scripts/files/amavis/sa-learn.sh b/roles/mkt-scripts/files/amavis/sa-learn.sh new file mode 100755 index 0000000..a23f5c6 --- /dev/null +++ b/roles/mkt-scripts/files/amavis/sa-learn.sh @@ -0,0 +1,33 @@ +#!/usr/bin/env bash + +BDIR="/var/spool/vmail_imapsieve_copy" +SALEARN=$(which sa-learn) + +[[ -x ${SALEARN} ]] || exit 1 + +remove_files () { + WHAT=$1 + #echo "WHAT=${WHAT} EXIT=${2}" + if [[ $2 -eq 0 ]]; then + for file in $(ls ${BDIR}/${WHAT}/*.eml 2>/dev/null); do + F=$(basename ${file}) + rm ${BDIR}/${WHAT}/${F} + done + fi +} + + +learn () { + WHAT=$1 + ls ${WHAT}/*.eml 1>/dev/null 2>&1 + if [[ $? -eq 0 ]]; then + ${SALEARN} --${WHAT} $BDIR/${WHAT}/*.eml + remove_files ${WHAT} $? + fi +} + +#We have stuff to download, put it in spool +cd ${BDIR} + +learn spam +learn ham diff --git a/roles/mkt-scripts/files/dovecot/dovecot-generate-passdb.rb b/roles/mkt-scripts/files/dovecot/dovecot-generate-passdb.rb new file mode 100755 index 0000000..9b82002 --- /dev/null +++ b/roles/mkt-scripts/files/dovecot/dovecot-generate-passdb.rb @@ -0,0 +1,16 @@ +#!/usr/bin/ruby + +require 'csv' + +csv = %x{echo "SELECT CONCAT_WS(':',mail_users.email,password_enc,uid, gid,homedir,maildir, (quota)) FROM mail_users JOIN panel_customers ON mail_users.customerid=panel_customers.customerid WHERE panel_customers.deactivated = 0" | mysql --skip-ssl -N -umaketank -pknatekam2007 -h 10.201.0.4 maketank_froxlor}.chomp +if $?.exitstatus == 0 + users = File.open('/etc/dovecot/users','w') + CSV.parse (csv) { |row| + ra = row[0].split(':') + mdir = ra[5].split('/') + hdir = ra[4]+mdir[0] + users.write( ra[0]+":{CRYPT}"+ra[1]+":"+ra[2]+":"+ra[3]+"::"+ra[4]+"::userdb_mail_driver=mdbox userdb_mail_path="+ra[4]+ra[5]+" userdb_quota_storage_size="+ra[6]+"M\n") + } + users.close unless users.nil? +end + diff --git a/roles/mkt-scripts/files/dovecot/healthcheck.sh b/roles/mkt-scripts/files/dovecot/healthcheck.sh new file mode 100755 index 0000000..829303e --- /dev/null +++ b/roles/mkt-scripts/files/dovecot/healthcheck.sh @@ -0,0 +1,3 @@ +#!/bin/sh + + diff --git a/roles/mkt-scripts/files/dovecot/quota-warning.sh b/roles/mkt-scripts/files/dovecot/quota-warning.sh new file mode 100755 index 0000000..cc9e341 --- /dev/null +++ b/roles/mkt-scripts/files/dovecot/quota-warning.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +PERCENT=$1 +FROM="postmaster@maketank.net" + +msg="From: $FROM +To: $USER +To: postmaster@maketank.net +Subject: Your email quota is $PERCENT% full +Content-Type: text/plain; charset=UTF-8 + +Your mailbox is now $PERCENT% full. +Please free up some space, or increase the quota settings for this account. + +Regards, +your IMAP-Mailbox. +" + +echo "$msg" | /usr/sbin/sendmail -f $FROM "$USER" + +exit 0 diff --git a/roles/mkt-scripts/files/dovecot/upload_spam_ham.sh b/roles/mkt-scripts/files/dovecot/upload_spam_ham.sh new file mode 100755 index 0000000..ff6a234 --- /dev/null +++ b/roles/mkt-scripts/files/dovecot/upload_spam_ham.sh @@ -0,0 +1,32 @@ +#!/usr/bin/env bash + +SWIFT="swift -A http://kvm01.int.lan:7480/auth/v2.0 -U mx:spam -K o99CuKcfmj31i2UumqB3h8Fh1K0T2bFBO2snbYpk" + +BDIR="/var/spool/vmail_imapsieve_copy" + +#run only if there is stuff in the dir + +SIZE=$(du -sb ${BDIR} |cut -f1) +[[ ${SIZE} -lt 12289 ]] && exit 0 + +cd $BDIR + +remove_files () { + if [[ $2 -eq 0 ]]; then + rm -f $1/* + fi +} + +#we have data, upload +ls ham/*.eml 1>/dev/null 2>&1 +if [[ $? -eq 0 ]]; then + ${SWIFT} upload mailing ham + remove_files ham $? +fi +ls spam/*.eml 1>/dev/null 2>&1 +if [[ $? -eq 0 ]]; then + ${SWIFT} upload mailing spam + remove_files spam $? +fi + + diff --git a/roles/mkt-scripts/files/ldap/backup.sh b/roles/mkt-scripts/files/ldap/backup.sh new file mode 100755 index 0000000..674719b --- /dev/null +++ b/roles/mkt-scripts/files/ldap/backup.sh @@ -0,0 +1,9 @@ +#!/bin/sh + +DATE=$(date '+%Y-%m-%d_%H') + +BDIR="/var/backups" +BFILE="${BDIR}/${DATE}" + +slapcat -b dc=maketank,dc=net > "${BFILE}_LDAP_dc_maketank_dc_net.ldif" +slapcat -b cn=config > "${BFILE}_LDAP_cn_config.ldif" \ No newline at end of file diff --git a/roles/mkt-scripts/files/postfix/generate_maps.sh b/roles/mkt-scripts/files/postfix/generate_maps.sh new file mode 100755 index 0000000..54ad2b0 --- /dev/null +++ b/roles/mkt-scripts/files/postfix/generate_maps.sh @@ -0,0 +1,24 @@ +#!/bin/bash +cd /etc/postfix + +nmap -p 3306 10.201.0.4 |grep -q '3306/tcp.*open.*mysql' + +if [[ $? == 1 ]]; then + exit 1 +fi + +MYSQL="mysql --skip-ssl -h 10.201.0.4 -u maketank -pknatekam2007 -B --database=maketank_froxlor" + +#virtual_alias_maps +OLD=/etc/postfix/virtual_alias_maps +NEW=/etc/postfix/virtual_alias_maps.new +${MYSQL} -e 'select email,destination from mail_virtual where destination <> "" and destination <> " " order by email ASC'|sed -e 's@ @, @g' |sed '1d' >$NEW + +if [[ $(md5sum $NEW|cut -f 1 -d ' ') != $(md5sum $OLD|cut -f 1 -d ' ') ]]; then + cp $NEW $OLD + /usr/sbin/postmap hash:$OLD +fi + +#Virtual domains +NEW=/etc/postfix/virtual_mailbox_domains +${MYSQL} -e 'select domain from panel_domains where isemaildomain = "1" order by domain ASC' |tr '\n' ','|sed s/,$//|sed s/^domain,// >$NEW diff --git a/roles/mkt-scripts/files/postfix/pflogsum-ganglia.rb b/roles/mkt-scripts/files/postfix/pflogsum-ganglia.rb new file mode 100755 index 0000000..d71398c --- /dev/null +++ b/roles/mkt-scripts/files/postfix/pflogsum-ganglia.rb @@ -0,0 +1,15 @@ +#!/usr/bin/ruby + +out = %x{/usr/sbin/logtail2 /var/log/mail.info |/usr/sbin/pflogsumm |/bin/grep -v "Grand Totals"|/usr/bin/head -22 |/usr/bin/awk '/\d+/ {print}'}.chomp + +out.each_line { |line| + line.delete!('"') + line.strip! + line.chomp! + str = line.split(' ') + met = str[1] + val = str[0].delete('^0-9') + cmd = "/usr/bin/gmetric -x 300 -d 30000 -g mail -t uint16 -D \"Postfix #{met}\" -n postfix_#{met} -v #{val}" + puts cmd + %x{#{cmd}} +} diff --git a/roles/mkt-scripts/files/powerdns/cleanup_slave_zones.sh b/roles/mkt-scripts/files/powerdns/cleanup_slave_zones.sh new file mode 100755 index 0000000..46b36f8 --- /dev/null +++ b/roles/mkt-scripts/files/powerdns/cleanup_slave_zones.sh @@ -0,0 +1,30 @@ +#!/bin/bash +##### PUPPET ############### +# from here: http://hostingondemand.nl/techniek/pdns-clean-up-script/ +# Dependencies: +# bind-utils +# sqlite3 +#### Config ################################ + +DB="/var/lib/powerdns/pdns.sqlite3" + +#### End of Config ######################### +SQL="/usr/bin/sqlite3 ${DB}" + +check() { + dig @$1 $2 -t SOA +noall +answer +nocomment | grep -q maketank.net + if [ $? != 0 ]; then + echo "$1 $2: Server not AUTH or SERVfail - removing zone..." + DOMAIN_ID=`$SQL "SELECT id FROM domains WHERE name=\'$2\' AND type=\'SLAVE\' AND master=\'$1\' LIMIT 1;"` + $SQL "DELETE FROM records WHERE domain_id=\'$DOMAIN_ID\';" + $SQL "DELETE FROM domains WHERE id=\'$DOMAIN_ID\';" + fi +} + +MASTERS=(`$SQL "SELECT DISTINCT ip FROM supermasters;"`) +for m in "${MASTERS[@]}"; do + NAMES=(`$SQL "SELECT name FROM domains WHERE type = \'SLAVE\' AND master = \'${m}\';"`) + for d in "${NAMES[@]}"; do + check ${m} ${d} + done +done \ No newline at end of file diff --git a/roles/mkt-scripts/files/update-motd.d/20-mkt-failover b/roles/mkt-scripts/files/update-motd.d/20-mkt-failover new file mode 100755 index 0000000..e6c4789 --- /dev/null +++ b/roles/mkt-scripts/files/update-motd.d/20-mkt-failover @@ -0,0 +1,18 @@ +#!/bin/bash +echo +echo "FailoverIPs on hosts" +OUT=$(curl -u '#ws+7PVgXWxp:UypGThnJ5KJDXTCN' https://robot-ws.your-server.de/failover 2>/dev/null) +#OUT=$(cat fo) + +#echo $OUT | +jq -a -r '.[] | [ .failover.ip, .failover.active_server_ip ] | @csv' <<< $OUT | +while read -r line +do + line=$(sed 's/"//g' <<< $line) + IFS=',' read -r -a arr <<< "$line" + FOIP=$(dig -x ${arr[0]} +short) + HOST=$(dig -x ${arr[1]} +short) + printf "%15s %20s => %15s %20s\n" ${arr[0]} ${FOIP::-1} ${arr[1]} ${HOST::-1} +done +echo +echo \ No newline at end of file diff --git a/roles/mkt-scripts/files/update-motd.d/30-virsh b/roles/mkt-scripts/files/update-motd.d/30-virsh new file mode 100755 index 0000000..d9527a4 --- /dev/null +++ b/roles/mkt-scripts/files/update-motd.d/30-virsh @@ -0,0 +1,5 @@ +#!/bin/bash + +echo +virsh list --all +echo \ No newline at end of file diff --git a/roles/mkt-scripts/tasks/main.yaml b/roles/mkt-scripts/tasks/main.yaml new file mode 100644 index 0000000..9f8177e --- /dev/null +++ b/roles/mkt-scripts/tasks/main.yaml @@ -0,0 +1,21 @@ +- name: "mkt-scripts: create dir" + file: + path: /etc/maketank + state: directory + mode: '0755' +- name: "mkt-scripts: create-remote-dirs" + file: + path: /etc/maketank/{{item.path}} + state: directory + mode: '0775' + with_filetree: files/ + when: item.state == 'directory' +- name: "mkt-scripts: copy-files" + copy: + src: "{{item.src}}" + dest: /etc/maketank/{{item.path}} + mode: '0744' + with_filetree: files/ + # combinations of 'is' and 'is not' can be used below. + when: item.state == 'file' + and item.path is not search("*.bak") \ No newline at end of file diff --git a/site.yaml b/site.yaml index b716e84..71f2c6e 100644 --- a/site.yaml +++ b/site.yaml @@ -4,3 +4,5 @@ roles: - role: common tags: common + - role: mkt-scripts + tags: mkt