postfix: new spam.sh update script that avoids reloading if files did not change.
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend
|:-:|:-:|:-:|:-:|:-:
|2612|5|2607|5|:-1:
Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/306//ansiblelint">Evolix » ansible-roles » unstable #306</a>
gitea/ansible-roles/pipeline/head This commit looks good
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend
|:-:|:-:|:-:|:-:|:-:
|2612|5|2607|5|:-1:
Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/306//ansiblelint">Evolix » ansible-roles » unstable #306</a>
gitea/ansible-roles/pipeline/head This commit looks good
This commit is contained in:
parent
4b4b34e849
commit
3c3db4fefa
|
@ -43,6 +43,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
|
|||
* postfix (packmail or when postfix_slow_transport_include is True): change `minimal_backoff_time` from 2h to 15m (see HowtoPostfix)
|
||||
* postfix (packmail) : optimize Amavis integration
|
||||
* redis: standardize plugins path from /usr/local/share/munin/ to /usr/local/lib/munin/plugins/
|
||||
* postfix: new spam.sh update script that avoids reloading if files did not change.
|
||||
|
||||
### Fixed
|
||||
|
||||
|
|
|
@ -1,87 +1,98 @@
|
|||
#!/bin/bash
|
||||
|
||||
#set -x
|
||||
|
||||
umask 022
|
||||
|
||||
tmp_file=$(mktemp)
|
||||
tmp_dir="/tmp/spam_sh"
|
||||
mkdir -p "${tmp_dir}"
|
||||
data_url="http://antispam00.evolix.org/spam"
|
||||
rc=0
|
||||
|
||||
tmp=$(mktemp -d)
|
||||
function is_installed {
|
||||
dpkg -l "${1}" 2>&1 | grep -v "no packages found matching" | grep -q ^ii
|
||||
}
|
||||
|
||||
if [ -f $tmp_file ] ;
|
||||
then rm $tmp_file ;
|
||||
function is_new {
|
||||
# Check whether a file name provided as argument has been changed remotely
|
||||
cd "${tmp_dir}"
|
||||
wget -q -t 3 "${data_url}/${1}.md5" -O "${1}.md5.new"
|
||||
if ! [ -e "${1}.md5" ] || ! cmp -s "$1.md5" "${1}.md5.new"; then
|
||||
return 0
|
||||
fi
|
||||
return 1
|
||||
}
|
||||
|
||||
sleep $[ $RANDOM / 1024 ]
|
||||
function download {
|
||||
cd "${tmp_dir}"
|
||||
wget -q -t 3 "${data_url}/${1}" -O "${1}"
|
||||
wget -q -t 3 "${data_url}/${1}.md5" -O "${1}.md5"
|
||||
}
|
||||
|
||||
# Postfix
|
||||
cd $tmp
|
||||
function check_integrity {
|
||||
cd "$tmp_dir"
|
||||
md5sum -c "${1}.md5" > /dev/null && [ -e "${1}" ]
|
||||
}
|
||||
|
||||
wget -q -t 3 http://antispam00.evolix.org/spam/client.access -O $tmp_file
|
||||
cp $tmp_file /etc/postfix/client.access
|
||||
rm $tmp_file
|
||||
function cleanup {
|
||||
rm -f /etc/postfix/header_kill.db
|
||||
rm -f /etc/postfix/header_kill_local.db
|
||||
rm -f "$tmp_dir"/*.md5.new
|
||||
}
|
||||
|
||||
wget -q -t 3 http://antispam00.evolix.org/spam/sender.access -O $tmp_file
|
||||
cp $tmp_file /etc/postfix/sender.access
|
||||
rm $tmp_file
|
||||
|
||||
wget -q -t 3 http://antispam00.evolix.org/spam/recipient.access -O $tmp_file
|
||||
cp $tmp_file /etc/postfix/recipient.access
|
||||
rm $tmp_file
|
||||
|
||||
wget -q -t 3 http://antispam00.evolix.org/spam/header_kill -O $tmp_file
|
||||
cp $tmp_file /etc/postfix/header_kill
|
||||
rm $tmp_file
|
||||
|
||||
wget -q -t 3 http://antispam00.evolix.org/spam/sa-blacklist.access -O sa-blacklist.access
|
||||
wget -q -t 3 http://antispam00.evolix.org/spam/sa-blacklist.access.md5 -O $tmp_file
|
||||
if md5sum -c $tmp_file > /dev/null && [ -s sa-blacklist.access ] ; then
|
||||
cp sa-blacklist.access /etc/postfix/sa-blacklist.access
|
||||
postfix_dbs="client.access sender.access recipient.access header_kill sa-blacklist.access spamd.cidr"
|
||||
for db in ${postfix_dbs}; do
|
||||
if is_new "${db}"; then
|
||||
download "${db}"
|
||||
if check_integrity "${db}"; then
|
||||
cp "${tmp_dir}/${db}" /etc/postfix/
|
||||
if [ "${db}" != "header_kill" ]; then
|
||||
/usr/sbin/postmap -r "/etc/postfix/${db}"
|
||||
fi
|
||||
rm sa-blacklist.access
|
||||
rm $tmp_file
|
||||
|
||||
/usr/sbin/postmap hash:/etc/postfix/client.access
|
||||
/usr/sbin/postmap hash:/etc/postfix/sender.access
|
||||
/usr/sbin/postmap hash:/etc/postfix/recipient.access
|
||||
/usr/sbin/postmap -r hash:/etc/postfix/sa-blacklist.access
|
||||
|
||||
wget -q -t 3 http://antispam00.evolix.org/spam/spamd.cidr -O spamd.cidr
|
||||
wget -q -t 3 http://antispam00.evolix.org/spam/spamd.cidr.md5 -O $tmp_file
|
||||
if md5sum -c $tmp_file > /dev/null && [ -s spamd.cidr ] ; then
|
||||
cp spamd.cidr /etc/postfix/spamd.cidr
|
||||
else
|
||||
>&2 echo "Integrity check failed for new ${db}."
|
||||
rc=1
|
||||
fi
|
||||
rm spamd.cidr
|
||||
rm $tmp_file
|
||||
|
||||
fi
|
||||
done
|
||||
|
||||
# SpamAssassin
|
||||
cd $tmp
|
||||
wget -q -t 3 http://antispam00.evolix.org/spam/evolix_rules.cf -O evolix_rules.cf
|
||||
wget -q -t 3 http://antispam00.evolix.org/spam/evolix_rules.cf.md5 -O $tmp_file
|
||||
if md5sum -c $tmp_file > /dev/null && [ -s evolix_rules.cf ] ; then
|
||||
dpkg -l spamassassin 2>&1 | grep -v "no packages found matching" | grep -q ^ii && cp evolix_rules.cf /etc/spamassassin
|
||||
dpkg -l spamassassin 2>&1 | grep -v "no packages found matching" | grep -q ^ii && /etc/init.d/spamassassin reload > /dev/null
|
||||
sa_db="evolix_rules.cf"
|
||||
if is_installed spamassassin; then
|
||||
if is_new "${sa_db}"; then
|
||||
download "${sa_db}"
|
||||
if check_integrity "${sa_db}"; then
|
||||
cp ${tmp_dir}/evolix_rules.cf /etc/spamassassin
|
||||
/etc/init.d/spamassassin reload > /dev/null
|
||||
if [ -d /etc/spamassassin/sa-update-hooks.d ]; then
|
||||
run-parts --lsbsysinit /etc/spamassassin/sa-update-hooks.d
|
||||
fi
|
||||
else
|
||||
>&2 echo "Integrity check failed for ${sa_db}."
|
||||
rc=1
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
# ClamAV
|
||||
cd $tmp
|
||||
wget -q -t 3 http://antispam00.evolix.org/spam/evolix.ndb -O evolix.ndb
|
||||
wget -q -t 3 http://antispam00.evolix.org/spam/evolix.ndb.md5 -O $tmp_file
|
||||
dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && chown clamav: evolix.ndb
|
||||
if md5sum -c $tmp_file > /dev/null && [ -s evolix.ndb ] ; then
|
||||
dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && cp -a evolix.ndb /var/lib/clamav/
|
||||
fi
|
||||
wget -q -t 3 http://antispam00.evolix.org/spam/evolix.hsb -O evolix.hsb
|
||||
wget -q -t 3 http://antispam00.evolix.org/spam/evolix.hsb.md5 -O $tmp_file
|
||||
dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && chown clamav: evolix.hsb
|
||||
if md5sum -c $tmp_file > /dev/null && [ -s evolix.hsb ] ; then
|
||||
dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && cp -a evolix.hsb /var/lib/clamav/
|
||||
fi
|
||||
dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && /etc/init.d/clamav-daemon reload-database > /dev/null
|
||||
rm $tmp_file
|
||||
cleanup
|
||||
|
||||
rm -rf $tmp
|
||||
exit "${rc}"
|
||||
|
||||
# Commenté car fichiers plus maintenus (cf. Reg)
|
||||
## ClamAV
|
||||
#cd $tmp
|
||||
#wget -q -t 3 http://antispam00.evolix.org/spam/evolix.ndb -O evolix.ndb
|
||||
#wget -q -t 3 http://antispam00.evolix.org/spam/evolix.ndb.md5 -O $tmp_file
|
||||
#dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && chown clamav: evolix.ndb
|
||||
#if md5sum -c $tmp_file > /dev/null && [ -s evolix.ndb ] ; then
|
||||
# dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && cp -a evolix.ndb /var/lib/clamav/
|
||||
#fi
|
||||
#wget -q -t 3 http://antispam00.evolix.org/spam/evolix.hsb -O evolix.hsb
|
||||
#wget -q -t 3 http://antispam00.evolix.org/spam/evolix.hsb.md5 -O $tmp_file
|
||||
#dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && chown clamav: evolix.hsb
|
||||
#if md5sum -c $tmp_file > /dev/null && [ -s evolix.hsb ] ; then
|
||||
# dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && cp -a evolix.hsb /var/lib/clamav/
|
||||
#fi
|
||||
#dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && /etc/init.d/clamav-daemon reload-database > /dev/null
|
||||
#rm $tmp_file
|
||||
#
|
||||
#rm -rf $tmp
|
||||
|
|
Loading…
Reference in a new issue