From: Ludovic CHEVALIER Date: Tue, 23 Apr 2013 17:45:43 +0000 (+0200) Subject: Merge branch 'master' of ateliers.heureux-cyclage.org:lhc/ateliers X-Git-Url: https://git.cyclocoop.org/?p=lhc%2Fateliers.git;a=commitdiff_plain;h=f40b9456a0359223ae8e5c4e2bcd0e6cd6d1ada8;hp=a11ad78672a096632b15a660509d7dd5f7c5eae5 Merge branch 'master' of ateliers.heureux-cyclage.org:lhc/ateliers Conflicts: etc/cron.d/mysql-backup --- diff --git a/etc/cron.d/mysql-backup b/etc/cron.d/mysql-backup index f5642db..4822c59 100644 --- a/etc/cron.d/mysql-backup +++ b/etc/cron.d/mysql-backup @@ -1,3 +1,3 @@ MAILTO=backup # m h dom mon dow user command -0 3 */24 * * backup bin/mysql-backup '\%' -- --full-if-older-than 90D && bin/duplicity-remove mysql -maxdepth 1 -- remove-all-but-n-full 1 --force +0 3 * * * backup bin/mysql-backup '\%' -- --full-if-older-than 90D && bin/duplicity-remove mysql -maxdepth 1 -- remove-all-but-n-full 1 --force diff --git a/etc/nsd3/zone.d/cyclocoop.org.zone.m4 b/etc/nsd3/zone.d/cyclocoop.org.zone.m4 index 58f1018..66acf5d 100644 --- a/etc/nsd3/zone.d/cyclocoop.org.zone.m4 +++ b/etc/nsd3/zone.d/cyclocoop.org.zone.m4 @@ -13,7 +13,7 @@ define(`EXOLIA_IP4', `91.121.51.125') define(`EXOLIA_MX_NAME', `mail.cyclocoop.org.') * hébergeur : gresille.org -define(`GRESILLE_IP4', `IP4(VM)') +define(`GRESILLE_IP4', `IP4(LOCAL)') divert(0)dnl $TTL 1d ; TTL (Time To Live) par défaut pour les enregistrements diff --git a/etc/nsd3/zone.d/heureux-cyclage.org.zone.m4 b/etc/nsd3/zone.d/heureux-cyclage.org.zone.m4 index f52d872..2a22435 100644 --- a/etc/nsd3/zone.d/heureux-cyclage.org.zone.m4 +++ b/etc/nsd3/zone.d/heureux-cyclage.org.zone.m4 @@ -9,7 +9,7 @@ MAKE_GETTER(`NAME') define(`FQDN', `NAME($1).ZONE_DOMAIN') * hébergeur : gresille.org -define(`GRESILLE_IP4', `IP4(VM)') +define(`GRESILLE_IP4', `IP4(LOCAL)') * hébergeur : kimsufi.com define(`KIMSUFI_IP4', `91.121.198.103') @@ -40,11 +40,13 @@ bicloud A IP4(KIMSUFI) burette A IP4(KIMSUFI) cartes A IP4(LAUTRENET) demo.burette A IP4(KIMSUFI) +fanout A IP4(GRESILLE) formations A IP4(LAUTRENET) git A IP4(GRESILLE) imap A IP4(GRESILLE) mail A IP4(LAUTRENET) mx A IP4(GRESILLE) +notifications A IP4(GRESILLE) ns A IP4(GRESILLE) questionnaires A IP4(GRESILLE) remorque 60 A IP4(KIMSUFI) diff --git a/etc/nsd3/zone.d/wiklou.org.zone.m4 b/etc/nsd3/zone.d/wiklou.org.zone.m4 index 4eda00a..d70fffa 100644 --- a/etc/nsd3/zone.d/wiklou.org.zone.m4 +++ b/etc/nsd3/zone.d/wiklou.org.zone.m4 @@ -9,7 +9,7 @@ MAKE_GETTER(`NAME') define(`FQDN', `NAME($1).ZONE_DOMAIN') * hébergeur : gresille.org -define(`GRESILLE_IP4', `IP4(VM)') +define(`GRESILLE_IP4', `IP4(LOCAL)') * hébergeur : lautre.net define(`LAUTRENET_IP4', `80.67.160.70') diff --git a/etc/postfix/heureux-cyclage.org/transport b/etc/postfix/heureux-cyclage.org/transport index 4255565..e69de29 100644 --- a/etc/postfix/heureux-cyclage.org/transport +++ b/etc/postfix/heureux-cyclage.org/transport @@ -1 +0,0 @@ -ludovic.chevalier@heureux-cyclage.org smtp:[mx.lautre.net] diff --git a/etc/postfix/main.cf b/etc/postfix/main.cf index 6325085..4129e41 100644 --- a/etc/postfix/main.cf +++ b/etc/postfix/main.cf @@ -158,7 +158,7 @@ smtpd_sender_restrictions = reject_unauth_pipelining reject_non_fqdn_sender #reject_unknown_sender_domain - permit + reject smtpd_starttls_timeout = 300s #smtpd_tls_always_issue_session_ids = yes smtpd_tls_CAfile = /etc/postfix/$mydomain/smtpd/x509/ca/crt.pem @@ -198,10 +198,12 @@ sympabounce_destination_recipient_limit = 1 # NOTE: non-blocking transport_maps = hash:/etc/postfix/$mydomain/transport + hash:/etc/postfix/$mydomain/transport-pending-transition-from-lautrenet regexp:/etc/sympa/transport #virtual_alias_domains = virtual_alias_maps = hash:/etc/postfix/$mydomain/virtual_alias + hash:/etc/postfix/$mydomain/virtual_alias-pending-transition-from-lautrenet regexp:/etc/sympa/virtual_alias # NOTE: do not specify virtual alias domain names in the main.cf # mydestination or relay_domains configuration parameters. diff --git a/etc/shorewall/macro.d/macro.Fanout b/etc/shorewall/macro.d/macro.Fanout new file mode 100644 index 0000000..3b58be3 --- /dev/null +++ b/etc/shorewall/macro.d/macro.Fanout @@ -0,0 +1,3 @@ +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP +PARAM - - tcp 1986 diff --git a/etc/shorewall/rules b/etc/shorewall/rules index aaed7e5..f3e0c33 100644 --- a/etc/shorewall/rules +++ b/etc/shorewall/rules @@ -13,6 +13,7 @@ HTTP(ACCEPT) net $FW HTTPS(ACCEPT) net $FW Limit(IMAPS,5,60):info net $FW tcp imaps IMAPS(ACCEPT) net $FW +Fanout(ACCEPT) net $FW Managesieve(ACCEPT) net $FW Mosh(ACCEPT) net $FW Ping(ACCEPT) net $FW diff --git a/etc/sv/fanout/local.sh b/etc/sv/fanout/local.sh new file mode 100644 index 0000000..a825a0a --- /dev/null +++ b/etc/sv/fanout/local.sh @@ -0,0 +1,27 @@ +home=/home/fanout +cd / + +"$tool"/local/adduser "$sv" \ + --disabled-login \ + --disabled-password \ + --group \ + --home "$home" \ + --shell /bin/false \ + --system + +sudo install -d -m 750 -o "$sv" -g "$sv" \ + "$home" +sudo install -d -m 750 -o sys -g sys \ + "$home"/src +sudo adduser sys "$sv" +if sudo test -d "$home"/src/.git + then + sudo -u sys /bin/sh -c "cd $home/src && git pull -v" + else + sudo -u sys git clone https://github.com/travisghansen/fanout "$home"/src + fi + +sudo -u sys make -C "$home"/src +sudo install -o 755 -o root -g root \ + "$home"/src/fanout \ + /usr/local/bin/fanout diff --git a/etc/sv/fanout/log/local.sh b/etc/sv/fanout/log/local.sh new file mode 100644 index 0000000..27e5554 --- /dev/null +++ b/etc/sv/fanout/log/local.sh @@ -0,0 +1,11 @@ +home=~fanout/log +"$tool"/local/adduser log-"$sv" \ + --disabled-login \ + --disabled-password \ + --group \ + --home "$home" \ + --shell /bin/false \ + --system +sudo install -d -m 750 -o log-"$sv" -g log-"$sv" \ + "$home"/log +sudo adduser log-"$sv" "$sv" diff --git a/etc/sv/fanout/log/run b/etc/sv/fanout/log/run new file mode 100644 index 0000000..4382b39 --- /dev/null +++ b/etc/sv/fanout/log/run @@ -0,0 +1,8 @@ +#!/bin/sh -eux +sv=${PWD%/log} +sv=${sv#/etc/sv/} +eval home="~log-$sv" + +cd "$home" +exec chpst -u log-"$sv":log-"$sv" \ + svlogd -v -tt "$home" diff --git a/etc/sv/fanout/run b/etc/sv/fanout/run new file mode 100755 index 0000000..bf65d66 --- /dev/null +++ b/etc/sv/fanout/run @@ -0,0 +1,10 @@ +#!/bin/sh -eux +exec 2>&1 +sv=${PWD#/etc/sv/} +eval "home=~$sv" + +exec /usr/bin/chpst \ + -u "$sv":"$sv" \ + /usr/local/bin/fanout \ + --debug-level=INFO \ + --port=1986 diff --git a/etc/sv/postfix/local.sh b/etc/sv/postfix/local.sh index 2c64f52..ec6ba0b 100644 --- a/etc/sv/postfix/local.sh +++ b/etc/sv/postfix/local.sh @@ -81,10 +81,14 @@ sudo install -m 640 -o root -g root \ "$tool"/etc/postfix/$local_domainname/transport \ /etc/postfix/$local_domainname/transport sudo postmap hash:/etc/postfix/$local_domainname/transport +sudo postmap hash:/etc/postfix/$local_domainname/transport-pending-transition-from-lautrenet + # TODO: supprimer ce transport à la migration des MX de lautre.net à ici. sudo install -m 640 -o root -g root \ "$tool"/etc/postfix/$local_domainname/virtual_alias \ /etc/postfix/$local_domainname/virtual_alias sudo postmap hash:/etc/postfix/$local_domainname/virtual_alias +sudo postmap hash:/etc/postfix/$local_domainname/virtual_alias-pending-transition-from-lautrenet + # TODO: supprimer ce virtual_alias à la migration des MX de lautre.net à ici. sudo install -d -m 770 -o root -g root \ /etc/skel/etc/mail \ /etc/skel/var/cache/mail \