create files domtool needs to modify as domtool
[hcoop/domtool2.git] / scripts / domtool-publish
1 #!/bin/sh -e
2
3 redo_exim() {
4 sudo -u domtool touch /var/domtool/local_domains.cfg /var/domtool/relay_domains.cfg /var/domtool/mailman_domains.cfg
5 /bin/echo -n "domainlist local_domains = " >/etc/exim4/conf.d/main/10_domtool-domains
6 /bin/cat /var/domtool/local_domains.cfg >>/etc/exim4/conf.d/main/10_domtool-domains
7 /bin/echo "" >>/etc/exim4/conf.d/main/10_domtool-domains
8 /bin/echo -n "domainlist relay_to_domains = " >>/etc/exim4/conf.d/main/10_domtool-domains
9 /bin/cat /var/domtool/relay_domains.cfg >>/etc/exim4/conf.d/main/10_domtool-domains
10 /bin/echo "" >>/etc/exim4/conf.d/main/10_domtool-domains
11 /bin/echo -n "domainlist mm_domains = " >>/etc/exim4/conf.d/main/10_domtool-domains
12 /bin/cat /var/domtool/mailman_domains.cfg >>/etc/exim4/conf.d/main/10_domtool-domains
13 /bin/echo "" >>/etc/exim4/conf.d/main/10_domtool-domains
14 service exim4 reload
15 }
16
17 case $1 in
18 apache)
19 /usr/bin/rsync -r --delete /var/domtool/vhosts/ /etc/apache2/vhosts/
20 service apache2 reload
21 ;;
22 apache-down)
23 service apache2 stop
24 ;;
25 apache-undown)
26 /usr/bin/rsync -r --delete /var/domtool/vhosts/ /etc/apache2/vhosts/
27 service apache2 start
28 ;;
29 apache1.3)
30 /usr/bin/rsync -r --delete /var/domtool/vhosts/ /etc/apache/vhosts/
31 service apache reload
32 ;;
33 apache1.3-down)
34 service apache stop
35 ;;
36 apache1.3-undown)
37 /usr/bin/rsync -r --delete /var/domtool/vhosts/ /etc/apache/vhosts/
38 service apache start
39 ;;
40 bind)
41 /usr/bin/rsync -r --delete /var/domtool/zones/ /etc/bind/zones/
42 /bin/chown -R bind /etc/bind/zones
43 /bin/cp /var/domtool/named.conf.local /etc/bind/
44 /bin/chown root:bind /etc/bind/named.conf.local
45 /bin/chmod 644 /etc/bind/named.conf.local
46 service bind9 restart
47 ;;
48 exim)
49 sudo -u domtool touch /var/domtool/aliases /var/domtool/aliases.default
50 /bin/cp /var/domtool/aliases /etc/aliases.hosted
51 /bin/cp /var/domtool/aliases.default /etc/aliases.wildcard
52 redo_exim
53 ;;
54 mailman)
55 /bin/echo "HCOOP_VHOSTS = {" >/etc/mailman/vhosts_cfg.py
56 /bin/cat /var/domtool/mailman.map >>/etc/mailman/vhosts_cfg.py
57 /bin/echo "}" >>/etc/mailman/vhosts_cfg.py
58 service mailman reload
59 redo_exim
60 ;;
61 courier)
62 VMAILDB=`domtool-config -path vmaildb`
63 if [ -z "$VMAILDB" ]; then
64 echo "domtool-config not found, not syncing courier vmail userdb"
65 exit 1
66 fi
67 /usr/bin/rsync -r --delete ${VMAILDB}/ /etc/courier/userdb
68 /usr/sbin/makeuserdb
69 /bin/chown -R domtool:nogroup /etc/courier/userdb
70 /bin/cat /etc/courier/userdb/* >/etc/courier/exim
71 /bin/chmod o-r /etc/courier/exim
72 /usr/sbin/exim_dbmbuild /etc/courier/exim /etc/courier/exim.dat
73 /bin/chgrp mail /etc/courier/exim.dat
74 /bin/chmod o-r /etc/courier/exim.dat
75 ;;
76 spamassassin)
77 SHAREDROOT=`domtool-config -path shared-root`
78 /usr/bin/rsync -r --delete ${SHAREDROOT}/email/spamassassin/addrs/ /etc/spamassassin/addrs
79 ;;
80 smtplog)
81 /bin/grep $2 /var/log/exim4/mainlog
82 ;;
83 apache-fixperms)
84 /bin/chown -R domtool:nogroup /var/log/apache2/user
85 ;;
86 apache1.3-fixperms)
87 /bin/chown -R domtool:nogroup /var/log/apache/user
88 ;;
89 users)
90 /bin/cp /var/domtool/waklog.conf /etc/apache2/
91 service apache2 reload
92 ;;
93 firewall)
94 # Ideally this would check if the config worked first
95 # (ferm failing just uses the previous config at
96 # least). Does it need to chown/chmod the generated
97 # rules?
98 /bin/cp /var/domtool/firewall/*.conf /etc/ferm/
99 service ferm reload
100 ;;
101 firewallpuppet)
102 # new firewall publishing method that integrates with puppet (sort of)
103 /bin/cp /var/domtool/firewall/*.conf /etc/ferm/
104 if [ ! -d /etc/puppetlabs ]; then
105 # legacy node
106 service ferm reload
107 exit
108 fi
109 if ( /usr/sbin/ferm --noexec /etc/ferm/ferm.conf ); then
110 for chain in FERM-INPUT FERM-OUTPUT; do
111 /sbin/iptables -F $chain
112 /sbin/ip6tables -F $chain
113
114 /usr/sbin/ferm --domain ip --noexec --lines /etc/ferm/ferm.conf | iptables-restore --noflush
115 /usr/sbin/ferm --domain ip6 --noexec --lines /etc/ferm/ferm.conf | ip6tables-restore --noflush
116 done
117 else
118 echo "firewall: ferm failed, aborting regeneration."
119 fi
120 ;;
121 *)
122 echo "Usage: domtool-publish [apache|bind|courier|exim|mailman|smtplog STRING|users|firewall]"
123 ;;
124 esac