# Copyright (C) 2019 Ian Kelling
# SPDX-License-Identifier: AGPL-3.0-or-later
+
+# shellcheck disable=SC2254 # makes for a lot of unneeded quotes
+
+
+# perusing through /el/mainlog without test messages:
+# &!testignore|jtuttle|
+#
+#&! testignore|jtuttle|eximbackup|/usr/sbin/exim4 -bpu
+
# todo: check new macro DKIM_TIMESTAMPS
# todo: check if REMOTE_SMTP_INTERFACE or REMOTE_SMTP_TRANSPORTS_HEADERS_REMOVE can simplify my or fsfs config
done
}
sre() {
+ local enabled
for service; do
m systemctl restart $service
- m systemctl enable $service;
+ # Optimization for exim,
+ # is-enabled: 0m0.015s
+ # enable: 0m0.748s
+ # It is related to this message:
+ # exim4.service is not a native service, redirecting to systemd-sysv-install.
+ # Executing: /lib/systemd/systemd-sysv-install enable exim4
+ enabled=$(systemctl is-enabled $service 2>/dev/null ||:)
+ if [[ $enabled != enabled ]]; then
+ m systemctl enable $service
+ fi
done
}
mailhost() {
# enable 587 in addition to the default 25, so that
# i can send mail where port 25 is firewalled by isp
-daemon_smtp_ports = 25 : 587
+daemon_smtp_ports = 25 : 587 : 10025
# default of 25, can get stuck when catching up on mail
smtp_accept_max = 400
smtp_accept_reserve = 100
# those docs are rather old and I see a 110k spam message
# pretty quickly looking through my spam folder.
-warn
+#warn
!hosts = +iank_trusted
remove_header = X-Spam_score: X-Spam_score_int : X-Spam_bar : X-Spam_report
# # setup chgrp www-data in ./conflink
pi-nostart radicale
+ m usermod -a -G radicale iank
u /etc/systemd/system/radicale.service.d/override.conf <<EOF
[Unit]
m systemctl daemon-reload
fi
-# checking bhost_t is redundant, but could help us catch errors.
-if $bhost_t || [[ -e /etc/wireguard/wghole.conf ]]; then
- # todo: in mail-setup, we have a static list of backup hosts, not *y
- m systemctl --now enable wg-quick@wghole
+# optimization, this only needs to run once.
+if [[ ! -e /sys/class/net/wghole ]]; then
+ # checking bhost_t is redundant, but could help us catch errors.
+ if $bhost_t || [[ -e /etc/wireguard/wghole.conf ]]; then
+ # todo: in mail-setup, we have a static list of backup hosts, not *y
+ m systemctl --now enable wg-quick@wghole
+ fi
fi
-sysd-prom-fail-install epanicclean
-m systemctl --now enable epanicclean
+# optimization, this only needs to be run once
+if [[ ! -e /var/lib/prometheus/node-exporter/exim_paniclog.prom ]]; then
+ sysd-prom-fail-install epanicclean
+ m systemctl --now enable epanicclean
+fi
case $HOSTNAME in
je)
;;
esac
-m /a/bin/ds/mail-cert-cron -1
-sre mailcert.timer
+# optimization, this only needs to run once.
+if [[ ! -e /etc/exim4/fullchain.pem ]]; then
+ m /a/bin/ds/mail-cert-cron -1
+ m systemctl --now enable mailcert.timer
+fi
case $HOSTNAME in
$MAIL_HOST|bk)
$MAIL_HOST|bk|je)
# start spamassassin/dovecot before exim.
sre dovecot spamassassin
- # need to wait a bit before restarting exim, else I
- # get a paniclog entry like: spam acl condition: all spamd servers failed
- sleep 3
+ # Wait a bit before restarting exim, else I get a paniclog entry
+ # like: spam acl condition: all spamd servers failed. But I'm tired
+ # of waiting. I'll deal with this some other way.
+ #
+ # sleep 3
m systemctl --now enable mailclean.timer
;;&
$MAIL_HOST)