Fixed Postfix forwarding over SendGrid
This commit is contained in:
parent
073d1923aa
commit
1dfd4ad9b1
6 changed files with 89 additions and 28 deletions
|
@ -14,6 +14,29 @@
|
||||||
{{ includeTemplate "universal/profile-before" }}
|
{{ includeTemplate "universal/profile-before" }}
|
||||||
{{ includeTemplate "universal/logg-before" }}
|
{{ includeTemplate "universal/logg-before" }}
|
||||||
|
|
||||||
|
### Configure hostname
|
||||||
|
# Source: https://www.tecmint.com/set-hostname-permanently-in-linux/
|
||||||
|
if [ -d /Applications ] && [ -d /System ]; then
|
||||||
|
# Source: https://apple.stackexchange.com/questions/287760/set-the-hostname-computer-name-for-macos
|
||||||
|
logg info 'Setting macOS hostname / local hostname / computer name'
|
||||||
|
sudo scutil --set HostName '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}' && logg success 'Changed HostName to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
|
||||||
|
sudo scutil --set LocalHostName '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.local' && logg success 'Changed LocalHostName to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.local'
|
||||||
|
sudo scutil --set ComputerName '{{ .host.hostname | replace .host.domain "" | replace "." "" }}' && logg success 'Changed ComputerName to {{ .host.hostname | replace .host.domain "" | replace "." "" }}'
|
||||||
|
logg info 'Flushing DNS cache'
|
||||||
|
dscacheutil -flushcache
|
||||||
|
elif [ -f /etc/passwd ]; then
|
||||||
|
logg info 'Setting Linux hostname'
|
||||||
|
hostname '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}' && logg success 'Changed hostname to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
|
||||||
|
if command -v hostnamectl > /dev/null; then
|
||||||
|
logg info 'Ensuring hostname persists after reboot'
|
||||||
|
sudo hostnamectl set-hostname '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}' && logg success 'Permanently changed hostname to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
|
||||||
|
else
|
||||||
|
logg warn '`hostnamectl` was not available in the PATH - this operating system type might be unsupported'
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
logg warn 'Could not configure hostname because system type was not detectable'
|
||||||
|
fi
|
||||||
|
|
||||||
### Configure Firewall
|
### Configure Firewall
|
||||||
if [ -d /Applications ] && [ -d /System ]; then
|
if [ -d /Applications ] && [ -d /System ]; then
|
||||||
logg info 'Disabling the block all incoming traffic option in the system Firewall settings'
|
logg info 'Disabling the block all incoming traffic option in the system Firewall settings'
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{{- if or (and (ne .host.distro.family "windows") (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "SENDGRID_API_KEY")) (env "SENDGRID_API_KEY")) -}}
|
{{- if or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "SENDGRID_API_KEY"))) (env "SENDGRID_API_KEY")) -}}
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
# @file SendGrid Postfix Configuration
|
# @file SendGrid Postfix Configuration
|
||||||
# @brief Configures Postfix to use SendGrid as a relay host so you can use the `mail` program to send e-mail from the command-line
|
# @brief Configures Postfix to use SendGrid as a relay host so you can use the `mail` program to send e-mail from the command-line
|
||||||
|
@ -58,6 +58,43 @@ if command -v postfix > /dev/null; then
|
||||||
sudo chmod 600 /etc/postfix/sasl_passwd
|
sudo chmod 600 /etc/postfix/sasl_passwd
|
||||||
logg info 'Updating Postfix hashmaps for /etc/postfix/sasl_passwd'
|
logg info 'Updating Postfix hashmaps for /etc/postfix/sasl_passwd'
|
||||||
sudo postmap /etc/postfix/sasl_passwd
|
sudo postmap /etc/postfix/sasl_passwd
|
||||||
|
else
|
||||||
|
logg warn '~/.config/postfix/sasl_passwd file is missing'
|
||||||
|
fi
|
||||||
|
|
||||||
|
### Forward root e-mails
|
||||||
|
if [ -d /root ]; then
|
||||||
|
logg info 'Forwarding root e-mails to {{ .user.email }}'
|
||||||
|
echo '{{ .user.email }}' | sudo tee /root/.forward > /dev/null || logg error 'Failed to set root user .forward file'
|
||||||
|
elif [ -d /var/root ]; then
|
||||||
|
logg info 'Forwarding root e-mails to {{ .user.email }}'
|
||||||
|
echo '{{ .user.email }}' | sudo tee /var/root/.forward > /dev/null || logg error 'Failed to set root user .forward file'
|
||||||
|
else
|
||||||
|
logg warn 'Unable to identify root user home directory'
|
||||||
|
fi
|
||||||
|
|
||||||
|
### Forward user e-mails
|
||||||
|
|
||||||
|
### Ensure /etc/postfix/header_checks exists
|
||||||
|
if [ ! -d /etc/postfix/header_checks ]; then
|
||||||
|
logg info 'Creating /etc/postfix/header_checks since it does not exist'
|
||||||
|
sudo touch /etc/postfix/header_checks
|
||||||
|
fi
|
||||||
|
|
||||||
|
### Re-write header From for SendGrid
|
||||||
|
if ! cat /etc/postfix/header_checks | grep 'no-reply@{{ .host.domain }}' > /dev/null; then
|
||||||
|
logg info 'Added From REPLACE to /etc/postfix/header_checks'
|
||||||
|
echo '/^From:.*@{{ .host.domain }}/ REPLACE From: no-reply@{{ .host.domain }}' | sudo tee -a /etc/postfix/header_checks > /dev/null
|
||||||
|
fi
|
||||||
|
|
||||||
|
### Update aliases
|
||||||
|
if [ -f /etc/aliases ]; then
|
||||||
|
logg info 'Forward root e-mails to {{ .user.email }}'
|
||||||
|
sudo sed s/#root.*/root:\ {{ .user.email }}/ -i /etc/aliases && sudo newaliases
|
||||||
|
if ! cat /etc/aliases | grep '{{ .user.username }}: root' > /dev/null; then
|
||||||
|
logg info 'Forward user e-mail to root@localhost'
|
||||||
|
echo '{{ .user.username }}: root' | sudo tee -a /etc/aliases > /dev/null
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -d /Applications ] && [ -d /System ]; then
|
if [ -d /Applications ] && [ -d /System ]; then
|
||||||
|
@ -66,6 +103,7 @@ if command -v postfix > /dev/null; then
|
||||||
if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/postfix/com.apple.postfix.master.plist" ]; then
|
if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/postfix/com.apple.postfix.master.plist" ]; then
|
||||||
logg info 'Copying com.apple.postfix.master.plist'
|
logg info 'Copying com.apple.postfix.master.plist'
|
||||||
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/postfix/com.apple.postfix.master.plist" /System/Library/LaunchDaemons/com.apple.postfix.master.plist
|
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/postfix/com.apple.postfix.master.plist" /System/Library/LaunchDaemons/com.apple.postfix.master.plist
|
||||||
|
sudo launchctl load /System/Library/LaunchDaemons/com.apple.postfix.master.plist && logg success 'launchctl load of com.apple.postfix.master successful'
|
||||||
fi
|
fi
|
||||||
logg info 'Starting postfix'
|
logg info 'Starting postfix'
|
||||||
sudo postfix start
|
sudo postfix start
|
||||||
|
|
|
@ -9,8 +9,6 @@
|
||||||
<key>ProgramArguments</key>
|
<key>ProgramArguments</key>
|
||||||
<array>
|
<array>
|
||||||
<string>master</string>
|
<string>master</string>
|
||||||
<string>-e</string>
|
|
||||||
<string>60</string>
|
|
||||||
</array>
|
</array>
|
||||||
<key>QueueDirectories</key>
|
<key>QueueDirectories</key>
|
||||||
<array>
|
<array>
|
||||||
|
@ -22,5 +20,9 @@
|
||||||
<true/>
|
<true/>
|
||||||
<key>KeepAlive</key>
|
<key>KeepAlive</key>
|
||||||
<true/>
|
<true/>
|
||||||
|
<key>StandardErrorPath</key>
|
||||||
|
<string>/var/log/com.apple.postfix.master.plist.error.log</string>
|
||||||
|
<key>StandardOutPath</key>
|
||||||
|
<string>/var/log/ccom.apple.postfix.master.plist.debug.log</string>
|
||||||
</dict>
|
</dict>
|
||||||
</plist>
|
</plist>
|
|
@ -5,13 +5,19 @@
|
||||||
# This configuration file is appended to `/etc/postfix/main.cf` by one of the scripts. It configures SendGrid
|
# This configuration file is appended to `/etc/postfix/main.cf` by one of the scripts. It configures SendGrid
|
||||||
# as a relay host that Postfix can use. More details can be found in the
|
# as a relay host that Postfix can use. More details can be found in the
|
||||||
# [SendGrid documentation on integrating Postfix](https://docs.sendgrid.com/for-developers/sending-email/postfix).
|
# [SendGrid documentation on integrating Postfix](https://docs.sendgrid.com/for-developers/sending-email/postfix).
|
||||||
|
#
|
||||||
|
# Some FROM addresses do not work properly when using SendGrid. Because of this, the configuration will automatically
|
||||||
|
# re-write the FROM address to equal `system@public.domain.com`, where `public.domain.com` is the value specified under
|
||||||
|
# `.host.domain` in `~/.config/chezmoi/chezmoi.yml`.
|
||||||
|
|
||||||
|
header_size_limit = 4096000
|
||||||
|
myhostname = {{ .host.domain }}
|
||||||
|
relayhost = [smtp.sendgrid.net]:587
|
||||||
|
smtp_header_checks = regexp:/etc/postfix/header_checks
|
||||||
smtp_sasl_auth_enable = yes
|
smtp_sasl_auth_enable = yes
|
||||||
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
|
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
|
||||||
smtp_sasl_security_options = noanonymous
|
smtp_sasl_security_options = noanonymous
|
||||||
smtp_sasl_tls_security_options = noanonymous
|
smtp_sasl_tls_security_options = noanonymous
|
||||||
smtp_tls_security_level = encrypt
|
smtp_tls_security_level = encrypt
|
||||||
header_size_limit = 4096000
|
|
||||||
relayhost = [smtp.sendgrid.net]:587
|
|
||||||
|
|
||||||
### INSTALL DOCTOR MANAGED ### END
|
### INSTALL DOCTOR MANAGED ### END
|
|
@ -1,37 +1,29 @@
|
||||||
#!/bin/sh
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
RKHUNTER=/usr/bin/rkhunter
|
# Include configuration
|
||||||
|
if [ -f /usr/local/etc/rkhunter.conf ]; then
|
||||||
test -x $RKHUNTER || exit 0
|
. /usr/local/etc/rkhunter.conf
|
||||||
|
elif [ -f /etc/rkhunter.conf ]; then
|
||||||
# source our config
|
. /etc/rkhunter.conf
|
||||||
. /etc/rkhunter.conf
|
else
|
||||||
|
echo "Failed to find rkhunter.conf file" && exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
if [ -z "$NICE" ]; then
|
if [ -z "$NICE" ]; then
|
||||||
NICE=0
|
NICE=0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -z "$RUN_CHECK_ON_BATTERY" ]; then
|
|
||||||
RUN_CHECK_ON_BATTERY="false"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Do not run daily check if running on battery except if explicitely allowed
|
|
||||||
if [ -x /usr/bin/on_ac_power >/dev/null 2>&1 ]; then
|
|
||||||
on_ac_power >/dev/null 2>&1
|
|
||||||
[ $? -eq 1 -a "$RUN_CHECK_ON_BATTERY" != "true" ] && exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
case "$CRON_DAILY_RUN" in
|
case "$CRON_DAILY_RUN" in
|
||||||
[YyTt]*)
|
[YyTt]*)
|
||||||
OUTFILE=`mktemp` || exit 1
|
OUTFILE="$(mktemp)"
|
||||||
/usr/bin/nice -n $NICE $RKHUNTER --cronjob --report-warnings-only --appendlog > $OUTFILE
|
nice -n $NICE rkhunter --cronjob --report-warnings-only --update --appendlog > $OUTFILE
|
||||||
if [ -s "$OUTFILE" -a -n "$REPORT_EMAIL" ]; then
|
if [ -s "$OUTFILE" -a -n "$REPORT_EMAIL" ]; then
|
||||||
(
|
(
|
||||||
echo "Subject: [rkhunter] $(hostname) - Daily report"
|
echo "Subject: [rkhunter] $(hostname) - Daily Report"
|
||||||
echo "To: $REPORT_EMAIL"
|
echo "To: $REPORT_EMAIL"
|
||||||
echo ""
|
echo ""
|
||||||
cat $OUTFILE
|
cat $OUTFILE
|
||||||
) | /usr/sbin/mailx $REPORT_EMAIL
|
) | mailx $REPORT_EMAIL
|
||||||
fi
|
fi
|
||||||
rm -f $OUTFILE
|
rm -f $OUTFILE
|
||||||
;;
|
;;
|
||||||
|
|
|
@ -9451,7 +9451,7 @@ softwarePackages:
|
||||||
_github: null
|
_github: null
|
||||||
_home: https://www.vmware.com/
|
_home: https://www.vmware.com/
|
||||||
_name: VMWare
|
_name: VMWare
|
||||||
_when:darwin: test -d "/Applications/VMware Fusion.app"
|
_when:darwin: '! test -d "/Applications/VMware Fusion.app" && ! test -d "$HOME/Applications/VMware Fusion.app"'
|
||||||
ansible: professormanhattan.vmware
|
ansible: professormanhattan.vmware
|
||||||
cask: vmware-fusion
|
cask: vmware-fusion
|
||||||
what-ip:
|
what-ip:
|
||||||
|
|
Loading…
Reference in a new issue