postfix: Implement authentication in wiki bounce handler
Signed-off-by: Florian Pritz <bluewind@xinu.at>
This commit is contained in:
parent
b8845b0c28
commit
d5d968b771
9 changed files with 79 additions and 3 deletions
17
host_vars/orion.archlinux.org/wiki-bouncehandler
Normal file
17
host_vars/orion.archlinux.org/wiki-bouncehandler
Normal file
|
@ -0,0 +1,17 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
39396466326266613063333338356431653461636562643535363038613865343230303430363564
|
||||
3632646531646565336366396635353834633939316237610a343933366465663939303930376339
|
||||
37363636363531323866653962353335613366333137343737316639323661636363633364346138
|
||||
6462666365626134660a313632636537663137386437343662383335616665393561356165613333
|
||||
38353364356238386364303065343333636463333234326234643332343137373639366130656335
|
||||
64633533363034303664633435653937633566303537666164306130383738386235633232623965
|
||||
38663164633230613432356266313135383838343331326534353365656432376463313366356231
|
||||
61656338623134636265356561313630353935633037306430376430383034313631303538336637
|
||||
33623733376363366336373337366663356434303931313132356164643334363630333834313665
|
||||
32356336643436653763346333326432616438313530316530353937306237376563313032373333
|
||||
34353763396166636161633036343935356334353335623034383238316532663930613864623335
|
||||
61666165376662633934336232633634643961363064356566626235653530643261643039336436
|
||||
62616438376161643930613063323739393237383563646630373430373734386430353933353433
|
||||
35646463633034613166623233623164363638636533623037303465346239623962343337646665
|
||||
31363065306539383066386362613635346431333135326461636136336232643030336464613430
|
||||
35376537386236353236
|
|
@ -7,3 +7,7 @@ postfix_patchwork_user: "patchwork"
|
|||
postfix_patchwork_mail_handler: "/usr/local/bin/patchwork-parsemail-wrapper.sh"
|
||||
|
||||
mail_domain: "mail.archlinux.org"
|
||||
|
||||
postfix_wiki_bounce_mail_handler: "/usr/local/bin/wiki-bouncehandler.pl"
|
||||
postfix_wiki_bounce_user: "wiki_bouncehandler"
|
||||
postfix_wiki_bounce_config: "/etc/wiki-bouncehandler.conf"
|
||||
|
|
28
roles/postfix/files/bouncehandler.pl
Normal file
28
roles/postfix/files/bouncehandler.pl
Normal file
|
@ -0,0 +1,28 @@
|
|||
#!/usr/bin/env perl
|
||||
use strict;
|
||||
use warnings;
|
||||
|
||||
use Config::Simple;
|
||||
use Data::Dumper;
|
||||
use MediaWiki::API;
|
||||
|
||||
die "Missing required argument (config file path)" if @ARGV == 0;
|
||||
|
||||
my $config = Config::Simple->new($ARGV[0]) or die Config::Simple->error();
|
||||
|
||||
my $mw = MediaWiki::API->new({api_url => 'https://wiki.archlinux.org/api.php'});
|
||||
|
||||
$mw->login( { lgname => $config->param('bot_credentials.username'), lgpassword => $config->param('bot_credentials.password') } )
|
||||
|| die $mw->{error}->{code} . ': ' . $mw->{error}->{details};
|
||||
|
||||
|
||||
my $stdin = do { local $/; <STDIN> };
|
||||
|
||||
my $reply = $mw->api({
|
||||
action => "bouncehandler",
|
||||
email => $stdin,
|
||||
}) || die $mw->{error}->{code} . ': ' . $mw->{error}->{details};;
|
||||
|
||||
# output reply in case of error. doc doesn't say what the replies are so we just output everything for now
|
||||
warn Dumper($reply);
|
||||
|
|
@ -11,6 +11,7 @@
|
|||
- main.cf
|
||||
- master.cf
|
||||
- transport
|
||||
- transport.pcre
|
||||
- aliases
|
||||
- relay_transport_map
|
||||
- users.pcre
|
||||
|
@ -60,6 +61,21 @@
|
|||
template: src=letsencrypt.hook.d.j2 dest=/etc/letsencrypt/hook.d/postfix owner=root group=root mode=0755
|
||||
when: postfix_smtpd_public
|
||||
|
||||
- name: install bouncehandler config
|
||||
template: src=wiki-bouncehandler.conf.j2 dest={{postfix_wiki_bounce_config}} owner={{postfix_wiki_bounce_user}} group=root mode=0600
|
||||
when: postfix_server
|
||||
|
||||
- name: install packages for bounce handler
|
||||
pacman: name=perl-mediawiki-api,perl-config-simple state=present
|
||||
when: postfix_server
|
||||
|
||||
- name: install bouncehandler script
|
||||
copy: src=bouncehandler.pl dest={{postfix_wiki_bounce_mail_handler}} owner=root group=root mode=0755
|
||||
when: postfix_server
|
||||
|
||||
- name: make bouncehandler user
|
||||
user: name={{postfix_wiki_bounce_user}} shell=/bin/false skeleton=/var/empty state={{"present" if postfix_server else "absent"}}
|
||||
|
||||
- name: start and enable postfix
|
||||
service: name=postfix enabled=yes state=started
|
||||
|
||||
|
|
|
@ -28,5 +28,3 @@ abuse: postmaster
|
|||
decode: root
|
||||
|
||||
devnull: /dev/null
|
||||
|
||||
wiki_bounce: "|curl -d action=bouncehandler --data-urlencode email@- https://wiki.archlinux.org/api.php"
|
||||
|
|
|
@ -182,6 +182,7 @@ local_recipient_maps =
|
|||
$alias_maps
|
||||
${indexed}/mailman_compat
|
||||
${indexed}/relay_transport_map
|
||||
pcre:${config_directory}/transport.pcre
|
||||
relocated_maps = ${indexed}/relocated
|
||||
{% endif %}
|
||||
|
||||
|
@ -193,12 +194,17 @@ relay_domains =
|
|||
transport_maps =
|
||||
${indexed}/transport
|
||||
${indexed}/relay_transport_map
|
||||
pcre:${config_directory}/transport.pcre
|
||||
#${indexed}/temporary_mailman_maps
|
||||
|
||||
{% if postfix_patchwork_enabled %}
|
||||
patchwork_destination_recipient_limit = 1
|
||||
{% endif %}
|
||||
|
||||
{% if postfix_server %}
|
||||
wiki_bouncehandler_destination_recipient_limit = 1
|
||||
{% endif %}
|
||||
|
||||
authorized_mailq_users = root
|
||||
|
||||
header_checks = pcre:/etc/postfix/header_checks
|
||||
|
|
|
@ -124,3 +124,8 @@ scache unix - - n - 1 scache
|
|||
patchwork unix - n n - - pipe
|
||||
flags=DFRX user={{postfix_patchwork_user}} argv={{postfix_patchwork_mail_handler}}
|
||||
{% endif %}
|
||||
|
||||
{% if postfix_server %}
|
||||
wiki_bouncehandler unix - n n - - pipe
|
||||
flags=DFRX user={{postfix_wiki_bounce_user}} argv=/usr/bin/systemd-cat {{postfix_wiki_bounce_mail_handler}} {{postfix_wiki_bounce_config}}
|
||||
{% endif %}
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
/wiki-bounce-[\w.]+-\w+-\w+-\w...............@archlinux.org/ wiki_bounce
|
3
roles/postfix/templates/wiki-bouncehandler.conf.j2
Normal file
3
roles/postfix/templates/wiki-bouncehandler.conf.j2
Normal file
|
@ -0,0 +1,3 @@
|
|||
[bot_credentials]
|
||||
username = {{wiki_bouncehandler_username}}
|
||||
password = {{wiki_bouncehandler_password}}
|
Loading…
Reference in a new issue