3 # grab tokens in case they were dropped by sudo
4 if [ -x "$(which aklog)" ]; then
5 # ignore exit code, may fail on older versions
10 # FIXME: we're ignoring status of the touch command because we
11 # had to set mailman_domains.cfg immutable on mail relays not
12 # running mailman due to deficiencies on the domtool mailman
13 # plugin. Needs to be removed when not needed...
14 sudo
-u domtool
touch /var
/domtool
/local_domains.cfg
/var
/domtool
/relay_domains.cfg
/var
/domtool
/mailman_domains.cfg || true
15 /bin
/echo -n "domainlist local_domains = " >/etc
/exim
4/conf.d
/main
/10_domtool-domains
16 /bin
/cat /var
/domtool
/local_domains.cfg
>>/etc
/exim
4/conf.d
/main
/10_domtool-domains
17 /bin
/echo "" >>/etc
/exim
4/conf.d
/main
/10_domtool-domains
18 /bin
/echo -n "domainlist relay_to_domains = " >>/etc
/exim
4/conf.d
/main
/10_domtool-domains
19 /bin
/cat /var
/domtool
/relay_domains.cfg
>>/etc
/exim
4/conf.d
/main
/10_domtool-domains
20 /bin
/echo "" >>/etc
/exim
4/conf.d
/main
/10_domtool-domains
21 /bin
/echo -n "domainlist mm_domains = " >>/etc
/exim
4/conf.d
/main
/10_domtool-domains
22 /bin
/cat /var
/domtool
/mailman_domains.cfg
>>/etc
/exim
4/conf.d
/main
/10_domtool-domains
23 /bin
/echo "" >>/etc
/exim
4/conf.d
/main
/10_domtool-domains
29 /usr
/bin
/rsync
-r --delete /var
/domtool
/vhosts
/ /etc
/apache
2/vhosts
/
30 service apache2 reload
36 /usr
/bin
/rsync
-r --delete /var
/domtool
/vhosts
/ /etc
/apache
2/vhosts
/
40 /usr
/bin
/rsync
-r --delete /var
/domtool
/vhosts
/ /etc
/apache
/vhosts
/
47 /usr
/bin
/rsync
-r --delete /var
/domtool
/vhosts
/ /etc
/apache
/vhosts
/
51 /usr
/bin
/rsync
-r --delete /var
/domtool
/zones
/ /etc
/bind
/zones
/
52 /bin
/chown
-R bind /etc
/bind
/zones
53 /bin
/cp /var
/domtool
/named.conf.
local /etc
/bind
/
54 /bin
/chown root
:bind /etc
/bind
/named.conf.
local
55 /bin
/chmod 644 /etc
/bind
/named.conf.
local
59 sudo
-u domtool
touch /var
/domtool
/aliases
/var
/domtool
/aliases.default
60 /bin
/cp /var
/domtool
/aliases
/etc
/aliases.hosted
61 /bin
/cp /var
/domtool
/aliases.default
/etc
/aliases.wildcard
65 /bin
/echo "HCOOP_VHOSTS = {" >/etc
/mailman
/vhosts_cfg.py
66 /bin
/cat /var
/domtool
/mailman.map
>>/etc
/mailman
/vhosts_cfg.py
67 /bin
/echo "}" >>/etc
/mailman
/vhosts_cfg.py
68 service mailman reload
72 VMAILDB
=`domtool-config -path vmaildb`
73 if [ -z "$VMAILDB" ]; then
74 echo "domtool-config not found, not syncing courier vmail userdb"
77 /usr
/bin
/rsync
-r --delete ${VMAILDB}/ /etc
/courier
/userdb
79 /bin
/chown
-R domtool
:nogroup
/etc
/courier
/userdb
80 /bin
/cat /etc
/courier
/userdb
/* >/etc
/courier
/exim
81 /bin
/chmod o-r
/etc
/courier
/exim
82 /usr
/sbin
/exim_dbmbuild
/etc
/courier
/exim
/etc
/courier
/exim.dat
83 /bin
/chgrp
mail /etc
/courier
/exim.dat
84 /bin
/chmod o-r
/etc
/courier
/exim.dat
87 SHAREDROOT
=`domtool-config -path shared-root`
88 /usr
/bin
/rsync
-r --delete ${SHAREDROOT}/email
/spamassassin
/addrs
/ /etc
/spamassassin
/addrs
91 /bin
/grep $2 /var
/log
/exim
4/mainlog
94 /bin
/chown
-R domtool
:nogroup
/var
/log
/apache
2/user
97 /bin
/chown
-R domtool
:nogroup
/var
/log
/apache
/user
100 /bin
/cp /var
/domtool
/waklog.conf
/etc
/apache
2/
101 service apache2 reload
104 # Ideally this would check if the config worked first
105 # (ferm failing just uses the previous config at
106 # least). Does it need to chown/chmod the generated
108 /bin
/cp /var
/domtool
/firewall
/*.conf
/etc
/ferm
/
112 # new firewall publishing method that integrates with puppet (sort of)
113 /bin
/cp /var
/domtool
/firewall
/*.conf
/etc
/ferm
/
114 if [ ! -d /etc
/puppetlabs
]; then
119 if ( /usr
/sbin
/ferm
--noexec /etc
/ferm
/ferm.conf
); then
120 for chain
in FERM-INPUT FERM-OUTPUT
; do
121 /sbin
/iptables
-F $chain
122 /sbin
/ip6tables
-F $chain
124 /usr
/sbin
/ferm
--domain ip
--noexec --lines /etc
/ferm
/ferm.conf | iptables-restore
--noflush
125 /usr
/sbin
/ferm
--domain ip6
--noexec --lines /etc
/ferm
/ferm.conf | ip6tables-restore
--noflush
128 echo "firewall: ferm failed, aborting regeneration."
132 echo "Usage: domtool-publish [apache|bind|courier|exim|mailman|smtplog STRING|users|firewall]"