X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;f=mail-setup;h=4ce604b0eed1011908505728dcfd71f1911ce84a;hb=aa9cb10514e29340a6d6a194ee189fa4364f1f2e;hp=47f5990258ca184d2c5388f6411ce25507f26701;hpb=f234193be4019bb40b50d2973632ce2469f4c0af;p=distro-setup diff --git a/mail-setup b/mail-setup index 47f5990..4ce604b 100755 --- a/mail-setup +++ b/mail-setup @@ -300,12 +300,11 @@ soff () { for service; do # ignore services that dont exist if systemctl cat $service &>/dev/null; then - m systemctl stop $service; - m systemctl disable $service + m systemctl disable --now $service fi done } -sre () { +sre() { for service; do m systemctl restart $service m systemctl enable $service; @@ -367,6 +366,10 @@ esac # * Install universal packages + +# installs epanicclean +/a/bin/ds/install-my-scripts + if [[ $(debian-codename-compat) == bionic ]]; then cat >/etc/apt/preferences.d/spamassassin <<'EOF' Package: spamassassin sa-compile spamc @@ -462,16 +465,26 @@ EOF # * mail vpn config -vpnser=mailvpn.service +# old. +#vpnser=mailvpn.service +# todo: this hangs if it cant resolv the endpoint. we +# want it to just retry in the background. vpnser=wg-quick@wgmail.service case $HOSTNAME in $MAIL_HOST) + rsync -aiSAX --chown=root:root --chmod=g-s /p/c/filesystem/etc/wireguard/ /etc/wireguard bindpaths="/etc/127.0.0.1-resolv:/run/systemd/resolve /etc/basic-nsswitch:/etc/resolved-nsswitch:norbind" ;;& bk) bindpaths="/etc/10.173.8.1-resolv:/etc/127.0.0.1-resolv" ;;& + *) + d=/p/c/machine_specific/$HOSTNAME/filesystem/etc/wireguard/ + if [[ -d $d ]]; then + rsync -aiSAX --chown=root:root --chmod=g-s $d /etc/wireguard + fi + ;; esac i /etc/systemd/system/wg-quick@wgmail.service.d/override.conf < 'OC_User_IMAP','arguments' => array('127.0.0.1', 143, null),),); +#\$CONFIG['user_backends'] = array(array('class' => 'OC_User_IMAP','arguments' => array('127.0.0.1', 143, null),),); # based on installer check @@ -2448,13 +2461,13 @@ EOF /a/exe/cedit nn /etc/hosts <<'EOF' || [[ $? == 1 ]] # note: i put nn.b8.nz into bind for good measure -10.173.8.2 nn.b8.nz mail.iankelling.org +10.173.8.2 nn.b8.nz mx.iankelling.org EOF # note: systemd-resolved will consult /etc/hosts, dnsmasq wont. this assumes # weve configured this file in dnsmasq if we are using it. /a/exe/cedit mail /etc/dnsmasq-servers.conf <<'EOF' || [[ $? == 1 ]] -server=/mail.iankelling.org/127.0.1.1 +server=/mx.iankelling.org/127.0.1.1 EOF # I used to use debconf-set-selections + dpkg-reconfigure, # which then updates this file @@ -2548,6 +2561,7 @@ EOF echo|i /etc/exim4/conf.d/router/190_exim4-config_fsfsmarthost echo|i /etc/exim4/conf.d/rcpt_local_acl echo|i /etc/exim4/conf.d/router/890_backup_copy + echo|i /etc/exim4/conf.d/main/000_local-nn if $bhost_t; then @@ -2608,11 +2622,11 @@ backup_local: transport = backup_maildir EOF - wgholeip=$(sed -rn 's/^ *Address *= *([^/]+).*/\1/p' /etc/wireguard/wghole.conf) cat >>/etc/exim4/update-exim4.conf.conf <>/etc/exim4/update-exim4.conf.conf </dev/null; then sstart clamav-daemon + out=$(rsync -aiSAX --chown=root:root --chmod=g-s /a/bin/ds/filesystem/etc/systemd/system/epanicclean.{timer,service} /etc/systemd/system) + if [[ $out ]]; then + reload=true + fi + # note, this will cause paniclog entries because it takes like 45 # seconds for clamav to start, i use ./epanic-clean to remove # them. @@ -2854,7 +2876,11 @@ EOF $MAIL_HOST|bk|je) cat >/usr/local/bin/send-test-forward <<'EOF' #!/bin/bash -exiqgrep -o 260 -i -r '^(testignore@(iankelling\.org|zroe\.org|expertpathologyreview\.com|amnimal\.ninja|je\.b8\.nz)|jtuttle@gnu\.org)$' | xargs /sbin/exim -Mrm >/dev/null +olds=( +/sbin/exiqgrep -o 260 -i -r '^(testignore@(iankelling\.org|zroe\.org|expertpathologyreview\.com|amnimal\.ninja|je\.b8\.nz)|jtuttle@gnu\.org)$') +if (( ${#olds[@]} )); then + /sbin/exim -Mrm "${olds[@]}" >/dev/null +fi EOF for test_from in ${test_froms[@]}; do cat >>/usr/local/bin/send-test-forward <