# * functions & constants
-pre="${0##*/}:"
+pre="${0##*/}:${SSH_CLIENT:+ $HOSTNAME:}"
m() { printf "$pre %s\n" "$*"; "$@"; }
e() { printf "$pre %s\n" "$*"; }
err() { printf "$pre %s\n" "$*" >&2; exit 1; }
# Aug 02 21:59:27 sy systemd[1]: wg-quick@wgmail.service: Failed with result 'exit-code'.
# Aug 02 21:59:27 sy systemd[1]: Failed to start WireGuard via wg-quick(8) for wgmail.
# Aug 02 21:59:47 sy systemd[1]: wg-quick@wgmail.service: Scheduled restart job, restart counter is at 1.
-# Aug 02 21:59:47 sy systemd[1]: Stopped WireGuard via wg-quick(8) for wgmail.
+# Aug 02 21:95:47 sy systemd[1]: Stopped WireGuard via wg-quick(8) for wgmail.
# Aug 02 21:59:47 sy systemd[1]: Starting WireGuard via wg-quick(8) for wgmail...
# Aug 02 21:59:47 sy wg-quick[3424]: wg-quick: `wgmail' already exists
# Aug 02 21:59:47 sy systemd[1]: wg-quick@wgmail.service: Main process exited, code=exited, status=1/FAILURE
u /etc/spamassassin/mylocal.cf <<'EOF'
# this is mylocal.cf because the normal local.cf has a bunch of upstream stuff i dont want to mess with
+
# /usr/share/doc/exim4-base/README.Debian.gz:
# SpamAssassin's default report should not be used in a add_header
# statement since it contains empty lines. (This triggers e.g. Amavis'
NICE="--nicelevel 15"
CRON=1
EOF
+
+case $HOSTNAME in
+ bk)
+u /etc/spamassassin/my_thishost.cf <<'EOF'
+# note: these are duplicated in exim config
+# veth0/1 # bk bk_ip6
+internal_networks 10.173.8.1/32 10.173.8.2/32 85.119.83.50/32 2001:ba8:1f1:f0c9::2
+trusted_networks 10.173.8.1/32 10.173.8.2/32 85.119.83.50/32 2001:ba8:1f1:f0c9::2
+EOF
+
+ ;;
+ je)
+ u /etc/spamassassin/my_thishost.cf <<'EOF'
+# note: these are duplicated in exim config
+# veth0/1 # je je_ipv6
+internal_networks 10.173.8.1/32 10.173.8.2/32 85.119.82.128/32 2001:ba8:1f1:f09d::2/128
+trusted_networks 10.173.8.1/32 10.173.8.2/32 85.119.82.128/32 2001:ba8:1f1:f09d::2/128
+EOF
+ ;;
+ *)
+ u /etc/spamassassin/my_thishost.cf <<'EOF'
+# note: these are duplicated in exim config
+# veth0/1 # li li_ip6
+internal_networks 10.173.8.1/32 10.173.8.2/32 72.14.176.105/32 2600:3c00::f03c:91ff:fe6d:baf8/128
+trusted_networks 10.173.8.1/32 10.173.8.2/32 72.14.176.105/32 2600:3c00::f03c:91ff:fe6d:baf8/128
+EOF
+;;
+ esac
+
##### end spamassassin config
domainlist local_hostnames = ! je.b8.nz : ! bk.b8.nz : *.b8.nz : b8.nz
+# note: most of these are duplicated in spamassassin config
hostlist iank_trusted = <; \
# veth0
10.173.8.1 ; \
rm composer-setup.php
# based on error when running composer
- mkdir /var/www/.composer
+ mkdir -p /var/www/.composer
chown www-data:www-data /var/www/.composer
### end composer install
rcdirs=(/usr/local/lib/rcexpertpath /usr/local/lib/rcninja)
- ncdirs=(/var/www/ncninja)
ncdirs=(/var/www/ncexpertpath /var/www/ncninja)
# point debian cronjob to our local install, preventing daily cron error
rcdir=${rcdirs[i]}
rcbase=${rcdir##*/}
ncdir=${ncdirs[i]}
- myncdir=/root/${ncdir##*/}
- mkdir -p $myncdir
# copied from debians cronjob
u /etc/cron.d/$rcbase <<EOF
for ((i=0; i < ${#bkdomains[@]}; i++)); do
domain=${bkdomains[i]}
ncdir=${ncdirs[i]}
+ myncdir=/var/local/${ncdir##*/}
ncbase=${ncdir##*/}
+ mkdir -p $myncdir
m cd /var/www
if [[ ! -e $ncdir/index.php ]]; then
# if we wanted to only install a specific version, use something like
m touch $myncdir/done-install
fi
- # note, strange this happend where updater did not increment the version var,
- # mine was stuck on 20. I manually updated it.
m cd $ncdir/config
- if [[ ! -e $myncdir/config.php-orig ]]; then
- m cp -a config.php $myncdir/config.php-orig
- fi
- cat $myncdir/config.php-orig - >$myncdir/tmp.php <<EOF
+ # if we did this more than once, it would revert the
+ # version number to the original.
+ if [[ ! -e $myncdir/config.php-orig || ! -s config.php ]]; then
+ if [[ -s config.php ]]; then
+ m cp -a config.php $myncdir/config.php-orig
+ # keep the file so it keeps the same permissions.
+ truncate -s0 config.php
+ fi
+ cat $myncdir/config.php-orig - >$myncdir/tmp.php <<EOF
# https://docs.nextcloud.com/server/19/admin_manual/configuration_server/email_configuration.html
\$CONFIG["mail_smtpmode"] = "sendmail";
\$CONFIG["mail_smtphost"] = "127.0.0.1";
var_export(\$CONFIG);
fwrite(STDOUT, ";\n");
EOF
- e running php $myncdir/tmp.php
- # note: we leave it around place for debugging
- php $myncdir/tmp.php >config.php
+ e running php $myncdir/tmp.php
+ # note: we leave it around place for debugging
+ # shellcheck disable=SC2024 # intended
+ sudo -u www-data php $myncdir/tmp.php >config.php
+ fi
cd $ncdir
m sudo -u www-data php occ maintenance:update:htaccess
list=$(sudo -u www-data php $ncdir/occ --output=json_pretty app:list)
m php /var/www/$ncbase/updater/updater.phar -n
# throw a sleep in just because who knows what else is undocumented
sleep 5
-./occ upgrade
+m php occ upgrade
EOFOUTER
chmod +x /usr/local/bin/ncup
debug_print = "R: smarthost for $local_part@$domain"
driver = manualroute
domains = ! +local_domains
-# send most mail through eggs, helps fsfs sender reputation.
+# comment senders to send most mail through eggs, helps fsfs sender reputation.
# uncomment and optionally move to 188 file to send through my own servers again
senders = *@gnu.org
transport = smarthost_dkim