From 1dfd4ad9b102b9e6ca9b1f237764562ee5c85121 Mon Sep 17 00:00:00 2001
From: Brian Zalewski <59970525+ProfessorManhattan@users.noreply.github.com>
Date: Tue, 1 Aug 2023 06:28:03 +0000
Subject: [PATCH] Fixed Postfix forwarding over SendGrid

---
 .../run_before_01-system-homebrew.sh.tmpl     | 23 +++++++++++
 .../run_onchange_after_05-postfix.sh.tmpl     | 40 ++++++++++++++++++-
 .../postfix/com.apple.postfix.master.plist    |  6 ++-
 .../postfix/{main.cf => main.cf.tmpl}         | 10 ++++-
 home/dot_config/rkhunter/cron                 | 36 +++++++----------
 software.yml                                  |  2 +-
 6 files changed, 89 insertions(+), 28 deletions(-)
 rename home/dot_config/postfix/{main.cf => main.cf.tmpl} (66%)

diff --git a/home/.chezmoiscripts/universal/run_before_01-system-homebrew.sh.tmpl b/home/.chezmoiscripts/universal/run_before_01-system-homebrew.sh.tmpl
index f95d901f..c1b5da2c 100644
--- a/home/.chezmoiscripts/universal/run_before_01-system-homebrew.sh.tmpl
+++ b/home/.chezmoiscripts/universal/run_before_01-system-homebrew.sh.tmpl
@@ -14,6 +14,29 @@
 {{ includeTemplate "universal/profile-before" }}
 {{ includeTemplate "universal/logg-before" }}
 
+### Configure hostname
+# Source: https://www.tecmint.com/set-hostname-permanently-in-linux/
+if [ -d /Applications ] && [ -d /System ]; then
+  # Source: https://apple.stackexchange.com/questions/287760/set-the-hostname-computer-name-for-macos
+  logg info 'Setting macOS hostname / local hostname / computer name'
+  sudo scutil --set HostName '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}' && logg success 'Changed HostName to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
+  sudo scutil --set LocalHostName '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.local' && logg success 'Changed LocalHostName to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.local'
+  sudo scutil --set ComputerName '{{ .host.hostname | replace .host.domain "" | replace "." "" }}' && logg success 'Changed ComputerName to {{ .host.hostname | replace .host.domain "" | replace "." "" }}'
+  logg info 'Flushing DNS cache'
+  dscacheutil -flushcache
+elif [ -f /etc/passwd ]; then
+  logg info 'Setting Linux hostname'
+  hostname '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}' && logg success 'Changed hostname to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
+  if command -v hostnamectl > /dev/null; then
+    logg info 'Ensuring hostname persists after reboot'
+    sudo hostnamectl set-hostname '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}' && logg success 'Permanently changed hostname to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
+  else
+    logg warn '`hostnamectl` was not available in the PATH - this operating system type might be unsupported'
+  fi
+else
+  logg warn 'Could not configure hostname because system type was not detectable'
+fi
+
 ### Configure Firewall
 if [ -d /Applications ] && [ -d /System ]; then
   logg info 'Disabling the block all incoming traffic option in the system Firewall settings'
diff --git a/home/.chezmoiscripts/universal/run_onchange_after_05-postfix.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_05-postfix.sh.tmpl
index e7e5ba05..f6f6c15d 100644
--- a/home/.chezmoiscripts/universal/run_onchange_after_05-postfix.sh.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_after_05-postfix.sh.tmpl
@@ -1,4 +1,4 @@
-{{- if or (and (ne .host.distro.family "windows") (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "SENDGRID_API_KEY")) (env "SENDGRID_API_KEY")) -}}
+{{- if or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "SENDGRID_API_KEY"))) (env "SENDGRID_API_KEY")) -}}
 #!/usr/bin/env bash
 # @file SendGrid Postfix Configuration
 # @brief Configures Postfix to use SendGrid as a relay host so you can use the `mail` program to send e-mail from the command-line
@@ -58,6 +58,43 @@ if command -v postfix > /dev/null; then
             sudo chmod 600 /etc/postfix/sasl_passwd
             logg info 'Updating Postfix hashmaps for /etc/postfix/sasl_passwd'
             sudo postmap /etc/postfix/sasl_passwd
+        else
+            logg warn '~/.config/postfix/sasl_passwd file is missing'
+        fi
+
+        ### Forward root e-mails
+        if [ -d /root ]; then
+            logg info 'Forwarding root e-mails to {{ .user.email }}'
+            echo '{{ .user.email }}' | sudo tee /root/.forward > /dev/null || logg error 'Failed to set root user .forward file'
+        elif [ -d /var/root ]; then
+            logg info 'Forwarding root e-mails to {{ .user.email }}'
+            echo '{{ .user.email }}' | sudo tee /var/root/.forward > /dev/null || logg error 'Failed to set root user .forward file'
+        else
+            logg warn 'Unable to identify root user home directory'
+        fi
+
+        ### Forward user e-mails
+
+        ### Ensure /etc/postfix/header_checks exists
+        if [ ! -d /etc/postfix/header_checks ]; then
+            logg info 'Creating /etc/postfix/header_checks since it does not exist'
+            sudo touch /etc/postfix/header_checks
+        fi
+
+        ### Re-write header From for SendGrid
+        if ! cat /etc/postfix/header_checks | grep 'no-reply@{{ .host.domain }}' > /dev/null; then
+            logg info 'Added From REPLACE to /etc/postfix/header_checks'
+            echo '/^From:.*@{{ .host.domain }}/ REPLACE From: no-reply@{{ .host.domain }}' | sudo tee -a /etc/postfix/header_checks > /dev/null
+        fi
+
+        ### Update aliases
+        if [ -f /etc/aliases ]; then
+            logg info 'Forward root e-mails to {{ .user.email }}'
+            sudo sed s/#root.*/root:\ {{ .user.email }}/ -i /etc/aliases && sudo newaliases
+            if ! cat /etc/aliases | grep '{{ .user.username }}: root' > /dev/null; then
+                logg info 'Forward user e-mail to root@localhost'
+                echo '{{ .user.username }}: root' | sudo tee -a /etc/aliases > /dev/null
+            fi
         fi
 
         if [ -d /Applications ] && [ -d /System ]; then
@@ -66,6 +103,7 @@ if command -v postfix > /dev/null; then
             if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/postfix/com.apple.postfix.master.plist" ]; then
                 logg info 'Copying com.apple.postfix.master.plist'
                 sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/postfix/com.apple.postfix.master.plist" /System/Library/LaunchDaemons/com.apple.postfix.master.plist
+                sudo launchctl load /System/Library/LaunchDaemons/com.apple.postfix.master.plist && logg success 'launchctl load of com.apple.postfix.master successful'
             fi
             logg info 'Starting postfix'
             sudo postfix start
diff --git a/home/dot_config/postfix/com.apple.postfix.master.plist b/home/dot_config/postfix/com.apple.postfix.master.plist
index 762fe605..833ea15d 100644
--- a/home/dot_config/postfix/com.apple.postfix.master.plist
+++ b/home/dot_config/postfix/com.apple.postfix.master.plist
@@ -9,8 +9,6 @@
         <key>ProgramArguments</key>
         <array>
                 <string>master</string>
-                <string>-e</string>
-                <string>60</string>
         </array>
         <key>QueueDirectories</key>
         <array>
@@ -22,5 +20,9 @@
         <true/>
         <key>KeepAlive</key>
         <true/>
+        <key>StandardErrorPath</key>
+	<string>/var/log/com.apple.postfix.master.plist.error.log</string>
+	<key>StandardOutPath</key>
+	<string>/var/log/ccom.apple.postfix.master.plist.debug.log</string>
 </dict>
 </plist>
\ No newline at end of file
diff --git a/home/dot_config/postfix/main.cf b/home/dot_config/postfix/main.cf.tmpl
similarity index 66%
rename from home/dot_config/postfix/main.cf
rename to home/dot_config/postfix/main.cf.tmpl
index 07cdc83d..7250b259 100644
--- a/home/dot_config/postfix/main.cf
+++ b/home/dot_config/postfix/main.cf.tmpl
@@ -5,13 +5,19 @@
 #     This configuration file is appended to `/etc/postfix/main.cf` by one of the scripts. It configures SendGrid
 #     as a relay host that Postfix can use. More details can be found in the 
 #     [SendGrid documentation on integrating Postfix](https://docs.sendgrid.com/for-developers/sending-email/postfix).
+#
+#     Some FROM addresses do not work properly when using SendGrid. Because of this, the configuration will automatically
+#     re-write the FROM address to equal `system@public.domain.com`, where `public.domain.com` is the value specified under
+#     `.host.domain` in `~/.config/chezmoi/chezmoi.yml`.
 
+header_size_limit = 4096000
+myhostname = {{ .host.domain }}
+relayhost = [smtp.sendgrid.net]:587
+smtp_header_checks = regexp:/etc/postfix/header_checks
 smtp_sasl_auth_enable = yes
 smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 smtp_sasl_security_options = noanonymous
 smtp_sasl_tls_security_options = noanonymous
 smtp_tls_security_level = encrypt
-header_size_limit = 4096000
-relayhost = [smtp.sendgrid.net]:587
 
 ### INSTALL DOCTOR MANAGED ### END
\ No newline at end of file
diff --git a/home/dot_config/rkhunter/cron b/home/dot_config/rkhunter/cron
index c1815aba..7d78c3e9 100644
--- a/home/dot_config/rkhunter/cron
+++ b/home/dot_config/rkhunter/cron
@@ -1,41 +1,33 @@
-#!/bin/sh
+#!/usr/bin/env bash
 
-RKHUNTER=/usr/bin/rkhunter
-
-test -x $RKHUNTER || exit 0
-
-# source our config
-. /etc/rkhunter.conf
+# Include configuration
+if [ -f /usr/local/etc/rkhunter.conf ]; then
+  . /usr/local/etc/rkhunter.conf
+elif [ -f /etc/rkhunter.conf ]; then
+  . /etc/rkhunter.conf
+else
+  echo "Failed to find rkhunter.conf file" && exit 1
+fi
 
 if [ -z "$NICE" ]; then
     NICE=0
 fi
 
-if [ -z "$RUN_CHECK_ON_BATTERY" ]; then
-    RUN_CHECK_ON_BATTERY="false"
-fi
-
-# Do not run daily check if running on battery except if explicitely allowed
-if [ -x /usr/bin/on_ac_power >/dev/null 2>&1 ]; then
-    on_ac_power >/dev/null 2>&1
-    [ $? -eq 1 -a "$RUN_CHECK_ON_BATTERY" != "true" ] && exit 0
-fi
-
 case "$CRON_DAILY_RUN" in
      [YyTt]*)
-        OUTFILE=`mktemp` || exit 1
-        /usr/bin/nice -n $NICE $RKHUNTER --cronjob --report-warnings-only --appendlog > $OUTFILE
+        OUTFILE="$(mktemp)"
+        nice -n $NICE rkhunter --cronjob --report-warnings-only --update --appendlog > $OUTFILE
         if [ -s "$OUTFILE" -a -n "$REPORT_EMAIL" ]; then
           (
-            echo "Subject: [rkhunter] $(hostname) - Daily report"
+            echo "Subject: [rkhunter] $(hostname) - Daily Report"
             echo "To: $REPORT_EMAIL"
             echo ""
             cat $OUTFILE
-          ) | /usr/sbin/mailx $REPORT_EMAIL
+          ) | mailx $REPORT_EMAIL
         fi
         rm -f $OUTFILE
         ;;
       *)
        exit 0
        ;;
-esac
+esac
\ No newline at end of file
diff --git a/software.yml b/software.yml
index 6c910e4d..2254c61e 100644
--- a/software.yml
+++ b/software.yml
@@ -9451,7 +9451,7 @@ softwarePackages:
     _github: null
     _home: https://www.vmware.com/
     _name: VMWare
-    _when:darwin: test -d "/Applications/VMware Fusion.app"
+    _when:darwin: '! test -d "/Applications/VMware Fusion.app" && ! test -d "$HOME/Applications/VMware Fusion.app"'
     ansible: professormanhattan.vmware
     cask: vmware-fusion
   what-ip: