Gnous/mailcow
2
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

[Dovecot] Add new SA rules

Browse Source
This commit is contained in:
andryyy 2019-08-21 21:07:15 +02:00
parent 2de800bd05
commit f35efbf39c
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
1 changed files with 33 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
data/Dockerfiles/dovecot/sa-rules.sh
View File

@ -1,25 +1,41 @@
#!/bin/bash #!/bin/bash
# Create temp directories
[[ ! -d /tmp/sa-rules-schaal ]] && mkdir -p /tmp/sa-rules-schaal
[[ ! -d /tmp/sa-rules-heinlein ]] && mkdir -p /tmp/sa-rules-heinlein [[ ! -d /tmp/sa-rules-heinlein ]] && mkdir -p /tmp/sa-rules-heinlein
if [[ ! -f /etc/rspamd/custom/sa-rules-heinlein ]]; then
# Hash current SA rules
if [[ ! -f /etc/rspamd/custom/sa-rules ]]; then
HASH_SA_RULES=0 HASH_SA_RULES=0
else else
HASH_SA_RULES=$(cat /etc/rspamd/custom/sa-rules-heinlein | md5sum | cut -d' ' -f1) HASH_SA_RULES=$(cat /etc/rspamd/custom/sa-rules | md5sum | cut -d' ' -f1)
fi fi
curl --connect-timeout 15 --max-time 30 http://www.spamassassin.heinlein-support.de/$(dig txt 1.4.3.spamassassin.heinlein-support.de +short | tr -d '"').tar.gz --output /tmp/sa-rules.tar.gz # Deploy
if [[ -f /tmp/sa-rules.tar.gz ]]; then ## Heinlein
tar xfvz /tmp/sa-rules.tar.gz -C /tmp/sa-rules-heinlein curl --connect-timeout 15 --max-time 30 http://www.spamassassin.heinlein-support.de/$(dig txt 1.4.3.spamassassin.heinlein-support.de +short | tr -d '"').tar.gz --output /tmp/sa-rules-heinlein.tar.gz
# create complete list of rules in a single file if gzip -t /tmp/sa-rules-heinlein.tar.gz; then
cat /tmp/sa-rules-heinlein/*cf > /etc/rspamd/custom/sa-rules-heinlein tar xfvz /tmp/sa-rules-heinlein.tar.gz -C /tmp/sa-rules-heinlein
# Only restart rspamd-mailcow when rules changed cat /tmp/sa-rules-heinlein/*cf > /etc/rspamd/custom/sa-rules
if [[ $(cat /etc/rspamd/custom/sa-rules-heinlein | md5sum | cut -d' ' -f1) != ${HASH_SA_RULES} ]]; then fi
CONTAINER_NAME=rspamd-mailcow ## Schaal
CONTAINER_ID=$(curl --silent --insecure https://dockerapi/containers/json | \ curl --connect-timeout 15 --max-time 30 http://sa.schaal-it.net/$(dig txt 1.4.3.sa.schaal-it.net +short | tr -d '"').tar.gz --output /tmp/sa-rules-schaal.tar.gz
jq -r ".[] | {name: .Config.Labels[\"com.docker.compose.service\"], id: .Id}" | \ if gzip -t /tmp/sa-rules-schaal.tar.gz; then
jq -rc "select( .name | tostring | contains(\"${CONTAINER_NAME}\")) | .id") tar xfvz /tmp/sa-rules-schaal.tar.gz -C /tmp/sa-rules-schaal
if [[ ! -z ${CONTAINER_ID} ]]; then # Append, do not overwrite
curl --silent --insecure -XPOST --connect-timeout 15 --max-time 120 https://dockerapi/containers/${CONTAINER_ID}/restart cat /tmp/sa-rules-schaal/*cf >> /etc/rspamd/custom/sa-rules
fi fi
if [[ "$(cat /etc/rspamd/custom/sa-rules | md5sum | cut -d' ' -f1)" != "${HASH_SA_RULES}" ]]; then
CONTAINER_NAME=rspamd-mailcow
CONTAINER_ID=$(curl --silent --insecure https://dockerapi/containers/json | \
jq -r ".[] | {name: .Config.Labels[\"com.docker.compose.service\"], id: .Id}" | \
jq -rc "select( .name | tostring | contains(\"${CONTAINER_NAME}\")) | .id")
if [[ ! -z ${CONTAINER_ID} ]]; then
curl --silent --insecure -XPOST --connect-timeout 15 --max-time 120 https://dockerapi/containers/${CONTAINER_ID}/restart
fi fi
fi fi
rm -rf /tmp/sa-rules-heinlein /tmp/sa-rules.tar.gz
# Cleanup
rm -rf /tmp/sa-rules-heinlein /tmp/sa-rules-heinlein.tar.gz
rm -rf /tmp/sa-rules-schaal /tmp/sa-rules-schaal.tar.gz