Mercurial > code > home > repos > infra
view mail/mail.py @ 326:5b88b38f2471
huge reorg, reog toplevel functions in preparation of a ui with nice task lists
| author | drewp@bigasterisk.com |
|---|---|
| date | Mon, 20 Jan 2025 21:55:08 -0800 |
| parents | mail.py@99c81fa0f2fc |
| children |
line wrap: on
line source
from pyinfra.context import host from pyinfra.operations import apt, files, server, systemd # ditto (and others?) might also run postfix; not sure how def dkim(): if host.name != 'prime': return ''' per domain keygen: prime(pts/4):~# mkdir /etc/opendkim/keys/chat.bigasterisk.com prime(pts/4):~# opendkim-genkey -b 1024 -d chat.bigasterisk.com -D /etc/opendkim/keys/chat.bigasterisk.com -s default -v opendkim-genkey: generating private key opendkim-genkey: private key written to default.private opendkim-genkey: extracting public key opendkim-genkey: DNS TXT record written to default.txt prime(pts/4):~# chown opendkim /etc/opendkim/keys/*/* ''' apt.packages(packages=['opendkim', 'opendkim-tools']) files.template(src='mail/dkim/opendkim-KeyTable', dest='/etc/opendkim/KeyTable') files.template(src='mail/dkim/opendkim-SigningTable', dest='/etc/opendkim/SigningTable') files.template(src='mail/dkim/opendkim-TrustedHosts', dest='/etc/opendkim/TrustedHosts') files.template(src='mail/dkim/opendkim.conf', dest='/etc/opendkim.conf') for domain in ['bigasterisk.com', 'chat.bigasterisk.com']: files.put(src=f'secrets/mail/{domain}-default.private', dest=f'/etc/opendkim/keys/{domain}/default.private', mode='0600', user='opendkim') files.template(src='mail/opendkim.service', dest='/usr/lib/systemd/system/opendkim.service') systemd.service(service='opendkim.service', enabled=True, running=True, restarted=True, daemon_reload=True) def postfix(): if host.name != 'prime': return apt.packages(packages=['postfix', 'isync']) files.template(src='mail/main.cf.j2', dest='/etc/postfix/main.cf') files.put(src='mail/mydestination', dest='/etc/postfix/mydestination') files.put(src='secrets/mail/aliases', dest='/etc/postfix/aliases') files.put(src='secrets/mail/sender_access', dest='/etc/postfix/sender_access') files.put(src='secrets/mail/virtual', dest='/etc/postfix/virtual') server.shell(commands=[ 'postmap /etc/postfix/sender_access', 'postmap /etc/postfix/virtual', 'postmap /etc/postfix/aliases', # broken 'postfix reload', ]) systemd.service(service='postfix@-.service', enabled=True, running=True) def mbsync(): if host.name != 'prime': return # todo: something to run ~drewp/mbsync/go at startup server.shell(commands=[ "cd /home/drewp/mbsync; /usr/bin/mbsync-get-cert 10.5.0.1 > servercert", ]) files.put(src='mail/file-count/file_count.py', dest='/opt/file_count.py') files.put(src='mail/file-count/file-count.service', dest='/etc/systemd/system/maildir-count.service') systemd.service(service='maildir-count.service', enabled=True, running=True, daemon_reload=True) # other machines, route mail to bang or prime for delivery # if host.name == 'bang': # apt.packages(packages=['postfix']) # files.template(src='templates/mail/main.cf.j2', dest='/etc/postfix/main.cf') # files.template(src='templates/mail/mydestination.j2', dest='/etc/postfix/mydestination') # files.put(src='secrets/mail/aliases', dest='/etc/postfix/aliases') # files.put(src='secrets/mail/sender_access', dest='/etc/postfix/sender_access') # files.put(src='secrets/mail/virtual', dest='/etc/postfix/virtual') # server.shell(commands=[ # 'postmap /etc/postfix/sender_access', # 'postmap /etc/postfix/virtual', # 'postmap /etc/postfix/aliases', # 'postfix reload', # ]) # systemd.service(service='postfix@-.service', enabled=True, running=True) # # server.shell(commands=[ # # # not working # # "cd /my/serv/dovecot; runuser -u drewp -- invoke certs", # # ]) operations = [ dkim, postfix, mbsync, ]