From 6be613d07ddc6d0b1e4b73f93c0fa1c0b1f7ba10 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sun, 24 Nov 2013 03:53:39 +0100 Subject: Postfix master (nullmailer) configuration We use a dedicated instance for each role: MDA, MTA out, MX, etc. --- lib/postmap | 94 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ lib/postmulti | 84 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 178 insertions(+) create mode 100644 lib/postmap create mode 100644 lib/postmulti (limited to 'lib') diff --git a/lib/postmap b/lib/postmap new file mode 100644 index 0000000..8c6c319 --- /dev/null +++ b/lib/postmap @@ -0,0 +1,94 @@ +#!/usr/bin/python +# +# Create or update postfix's alias and lookup tables through ansible +# playbooks. +# +# Copyright 2013 Guilhem Moulin +# +# Licensed under the GNU GPL version 3 or higher. +# + +try: + import selinux + HAVE_SELINUX=True +except ImportError: + HAVE_SELINUX=False + + +# Look up for the file suffix corresponding to 'db'. If 'db' is unset, +# pick the default_detabase_type of the given instance instead. +def file_suffix(instance, db): + if not db: + cmd = [ os.path.join(os.sep, 'usr', 'sbin', 'postconf') ] + if instance: + config = os.path.join(os.sep, 'etc', 'postfix-%s' % instance) + cmd.extend([ '-c', config ]) + cmd.extend([ '-h', 'default_database_type' ]) + null = open (os.devnull, 'wb') + db = subprocess.check_output(cmd, stderr=null).rstrip() + null.closed + + # See postmap(1) and postalias(1) + suffixes = { 'btree': 'db', 'cdb': 'cdb', 'hash': 'db' } + return suffixes[db] + + +# Compile the given (alias/lookup) table +def compile(cmd, instance, db, src): + cmd = [ os.path.join(os.sep, 'usr', 'sbin', cmd) ] + if instance: + config = os.path.join(os.sep, 'etc', 'postfix-%s' % instance) + cmd.extend([ '-c', config ]) + + if db: + src = "%s:%s" % (db,src) + + cmd.append(src) + subprocess.check_output(cmd, stderr=subprocess.STDOUT) + + +def main(): + module = AnsibleModule( + argument_spec = dict( + src = dict( required=True ), + db = dict( choices=['btree','cdb','hash'] ), + cmd = dict( choices=['postmap','postalias'], default='postmap' ), + instance = dict( required=False ) + ), + add_file_common_args=True, + supports_check_mode=True + ) + + params = module.params + src = params['src'] + cmd = params['cmd'] + + if os.path.isabs(src): + src = src + else: + module.fail_json(msg="absolute paths are required") + + if not os.path.exists(src): + module.fail_json(src=src, msg="no such file") + + try: + dst = "%s.%s" % (src, file_suffix(params['instance'], params['db'])) + params['dest'] = dst + file_args = module.load_file_common_arguments(params) + + changed = False + msg = None + if not os.path.exists(dst) or os.path.getmtime(dst) <= os.path.getmtime(src): + changed = True + if not module.check_mode: + msg = compile( params['cmd'], params['instance'], params['db'], src) + except subprocess.CalledProcessError, e: + module.fail_json(rv=e.returncode, msg=e.output.rstrip()) + + changed = module.set_file_attributes_if_different(file_args, changed) + module.exit_json(changed=changed, msg=msg) + + +# this is magic, see lib/ansible/module_common.py +#<> +main() diff --git a/lib/postmulti b/lib/postmulti new file mode 100644 index 0000000..a6e971c --- /dev/null +++ b/lib/postmulti @@ -0,0 +1,84 @@ +#!/usr/bin/python +# +# Create and manage postfix instances. +# +# Copyright 2013 Guilhem Moulin +# +# Licensed under the GNU GPL version 3 or higher. +# + + +# Look up postfix configuration variable +def postconf(k, instance=None): + cmd = [ os.path.join(os.sep, 'usr', 'sbin', 'postconf') ] + if instance: + config = os.path.join(os.sep, 'etc', 'postfix-%s' % instance) + cmd.extend([ '-c', config ]) + cmd.extend([ '-h', k ]) + return subprocess.check_output(cmd, stderr=subprocess.STDOUT).rstrip() + + +def main(): + module = AnsibleModule( + argument_spec = dict( + instance = dict( required=True ), + group = dict( required=False ) + ), + supports_check_mode=True + ) + + params = module.params + instance = params['instance'] + group = params['group'] + + changed=False + try: + enable = postconf('multi_instance_enable') + wrapper = postconf('multi_instance_wrapper') + + if enable != "yes" or not wrapper: + # Initiate postmulti + changed = True + if module.check_mode: + module.exit_json(changed=changed, msg="init postmulti") + cmd = [ os.path.join(os.sep, 'usr', 'sbin', 'postmulti') ] + cmd.extend([ '-e', 'init' ]) + subprocess.check_output(cmd, stderr=subprocess.STDOUT).rstrip() + + instances = postconf('multi_instance_directories').split() + if os.path.join(os.sep, 'etc', 'postfix-%s' % instance) not in instances: + changed = True + # Create the instance + + if module.check_mode: + module.exit_json(changed=changed, msg="create postmulti") + cmd = [ os.path.join(os.sep, 'usr', 'sbin', 'postmulti') ] + cmd.extend([ '-e', 'create' ]) + if group: + cmd.extend([ '-G', group ]) + cmd.extend([ '-I', 'postfix-%s' % instance ]) + subprocess.check_output(cmd, stderr=subprocess.STDOUT).rstrip() + + elif group != postconf('multi_instance_group', instance): + changed = True + + # Assign a new group, or remove the existing group + if module.check_mode: + module.exit_json(changed=changed, msg="assign group") + cmd = [ os.path.join(os.sep, 'usr', 'sbin', 'postmulti') ] + cmd.extend([ '-e', 'assign', '-i', 'postfix-%s' % instance ]) + if group: + cmd.extend([ '-G', group ]) + else: + cmd.extend([ '-G', '-' ]) + subprocess.check_output(cmd, stderr=subprocess.STDOUT).rstrip() + + module.exit_json(changed=changed) + + except subprocess.CalledProcessError, e: + module.fail_json(rv=e.returncode, msg=e.output.rstrip()) + + +# this is magic, see lib/ansible/module_common.py +#<> +main() -- cgit v1.2.3