for service; do
# ignore services that dont exist
if systemctl cat $service &>/dev/null; then
- m systemctl stop $service;
- m systemctl disable $service
+ m systemctl disable --now $service
fi
done
}
-sre () {
+sre() {
for service; do
m systemctl restart $service
m systemctl enable $service;
# * Install universal packages
+
+# installs epanicclean
+/a/bin/ds/install-my-scripts
+
if [[ $(debian-codename-compat) == bionic ]]; then
cat >/etc/apt/preferences.d/spamassassin <<'EOF'
Package: spamassassin sa-compile spamc
# * mail vpn config
-vpnser=mailvpn.service
+# old.
+#vpnser=mailvpn.service
+# todo: this hangs if it cant resolv the endpoint. we
+# want it to just retry in the background.
vpnser=wg-quick@wgmail.service
case $HOSTNAME in
$MAIL_HOST)
+ rsync -aiSAX --chown=root:root --chmod=g-s /p/c/filesystem/etc/wireguard/ /etc/wireguard
bindpaths="/etc/127.0.0.1-resolv:/run/systemd/resolve /etc/basic-nsswitch:/etc/resolved-nsswitch:norbind"
;;&
bk)
bindpaths="/etc/10.173.8.1-resolv:/etc/127.0.0.1-resolv"
;;&
+ *)
+ d=/p/c/machine_specific/$HOSTNAME/filesystem/etc/wireguard/
+ if [[ -d $d ]]; then
+ rsync -aiSAX --chown=root:root --chmod=g-s $d /etc/wireguard
+ fi
+ ;;
esac
i /etc/systemd/system/wg-quick@wgmail.service.d/override.conf <<EOF
# https://github.com/nextcloud/user_external#readme
# plus mailinabox example
-\$CONFIG['user_backends'] = array(array('class' => 'OC_User_IMAP','arguments' => array('127.0.0.1', 143, null),),);
+#\$CONFIG['user_backends'] = array(array('class' => 'OC_User_IMAP','arguments' => array('127.0.0.1', 143, null),),);
# based on installer check
/a/exe/cedit nn /etc/hosts <<'EOF' || [[ $? == 1 ]]
# note: i put nn.b8.nz into bind for good measure
-10.173.8.2 nn.b8.nz mail.iankelling.org
+10.173.8.2 nn.b8.nz mx.iankelling.org
EOF
# note: systemd-resolved will consult /etc/hosts, dnsmasq wont. this assumes
# weve configured this file in dnsmasq if we are using it.
/a/exe/cedit mail /etc/dnsmasq-servers.conf <<'EOF' || [[ $? == 1 ]]
-server=/mail.iankelling.org/127.0.1.1
+server=/mx.iankelling.org/127.0.1.1
EOF
# I used to use debconf-set-selections + dpkg-reconfigure,
# which then updates this file
echo|i /etc/exim4/conf.d/router/190_exim4-config_fsfsmarthost
echo|i /etc/exim4/conf.d/rcpt_local_acl
echo|i /etc/exim4/conf.d/router/890_backup_copy
+ echo|i /etc/exim4/conf.d/main/000_local-nn
if $bhost_t; then
transport = backup_maildir
EOF
-
wgholeip=$(sed -rn 's/^ *Address *= *([^/]+).*/\1/p' /etc/wireguard/wghole.conf)
cat >>/etc/exim4/update-exim4.conf.conf <<EOF
dc_other_hostnames='eximbackup.b8.nz'
dc_local_interfaces='127.0.0.1;::1;$wgholeip'
+
EOF
else
cat >>/etc/exim4/update-exim4.conf.conf <<EOF
m systemctl daemon-reload
fi
+sstart epanicclean.timer
+
case $HOSTNAME in
je)
/a/exe/web-conf apache2 je.b8.nz
;;&
$MAIL_HOST|bk)
sstart mailnn mailnnroute
- # If these have changes, id rather manually restart it, id rather
- # not restart and cause temporary errors
- if $reload; then
- sre $vpnser
- else
- sstart $vpnser
- fi
;;&
$MAIL_HOST)
+ # we use dns to start wg
if $reload; then
sre unbound
else
fi
;;&
$MAIL_HOST|bk)
+ # If these have changes, id rather manually restart it, id rather
+ # not restart and cause temporary errors
+ if $reload; then
+ sre $vpnser
+ else
+ sstart $vpnser
+ fi
if ! systemctl is-active clamav-daemon >/dev/null; then
sstart clamav-daemon
+ out=$(rsync -aiSAX --chown=root:root --chmod=g-s /a/bin/ds/filesystem/etc/systemd/system/epanicclean.{timer,service} /etc/systemd/system)
+ if [[ $out ]]; then
+ reload=true
+ fi
+
# note, this will cause paniclog entries because it takes like 45
# seconds for clamav to start, i use ./epanic-clean to remove
# them.
$MAIL_HOST|bk|je)
cat >/usr/local/bin/send-test-forward <<'EOF'
#!/bin/bash
-exiqgrep -o 260 -i -r '^(testignore@(iankelling\.org|zroe\.org|expertpathologyreview\.com|amnimal\.ninja|je\.b8\.nz)|jtuttle@gnu\.org)$' | xargs /sbin/exim -Mrm >/dev/null
+olds=(
+/sbin/exiqgrep -o 260 -i -r '^(testignore@(iankelling\.org|zroe\.org|expertpathologyreview\.com|amnimal\.ninja|je\.b8\.nz)|jtuttle@gnu\.org)$')
+if (( ${#olds[@]} )); then
+ /sbin/exim -Mrm "${olds[@]}" >/dev/null
+fi
EOF
for test_from in ${test_froms[@]}; do
cat >>/usr/local/bin/send-test-forward <<EOFOUTER
# Multiple user names need to be separated by spaces.
# Root and postmaster mail recipient:
-# duplicated in brc2
-bum() {
- local cur host
- host=$1
- (( $# == 1 )) || return 1
- cur="$(awk '$2 == "/bu/mnt" {print $1}' /proc/mounts)"
- if [[ $cur ]]; then
- if [[ $cur == "$host:/bu/md" ]]; then
- return 0
- else
- fusermount -u /bu/mnt
- fi
- fi
- m sshfs bu@$host:/bu/home/md /bu/mnt -o reconnect,ServerAliveInterval=20,ServerAliveCountMax=30 -o allow_other
-}
-bu() {
- if mountpoint -q /bu/mnt; then
- if ! timeout -s 9 10 fusermount -u /bu/mnt; then
- fusermount -zu /bu/mnt
- fi
- fi
-}
-
-case $HOSTNAME in
- $MAIL_HOST)
- case $HOSTNAME in
- kw) bum x3 ;;
- x3) bum kw ;;
- kd|sy) bum x2 ;;
- x2) bum kd ;;
- esac
- ;;
- *)
- bu
- ;;
-esac
-
-
m exit 0
:
iankelling.org / git / distro-setup / blobdiff