danarchy_deploy 0.2.7 → 0.2.8

Sign up to get free protection for your applications and to get access to all the features.
Files changed (57) hide show
  1. checksums.yaml +4 -4
  2. data/.asdf_versions.json +5 -0
  3. data/.tool-versions +1 -0
  4. data/CHANGELOG.md +9 -0
  5. data/Gemfile.lock +9 -8
  6. data/danarchy_deploy.gemspec +4 -4
  7. data/lib/danarchy_deploy/groups.rb +0 -1
  8. data/lib/danarchy_deploy/services/init/openrc.rb +10 -6
  9. data/lib/danarchy_deploy/services/init.rb +28 -18
  10. data/lib/danarchy_deploy/services.rb +0 -1
  11. data/lib/danarchy_deploy/system/centos.rb +7 -0
  12. data/lib/danarchy_deploy/system/debian.rb +6 -0
  13. data/lib/danarchy_deploy/system/gentoo.rb +83 -23
  14. data/lib/danarchy_deploy/system/opensuse.rb +6 -0
  15. data/lib/danarchy_deploy/system.rb +13 -8
  16. data/lib/danarchy_deploy/templater.rb +1 -2
  17. data/lib/danarchy_deploy/users.rb +50 -42
  18. data/lib/danarchy_deploy/version.rb +1 -1
  19. data/lib/danarchy_deploy.rb +61 -19
  20. data/templates/applications/nginx/domain.conf.erb +38 -0
  21. data/templates/applications/php/phpfpm.conf.erb +19 -0
  22. data/templates/applications/php/user.conf.erb +19 -0
  23. data/templates/applications/wordpress/mysql_user_privileges.sql.erb +2 -0
  24. data/templates/applications/wordpress/wp-config.php.erb +82 -0
  25. data/templates/asdf/asdf.sh.erb +52 -0
  26. data/templates/deploy_template.json +6 -7
  27. data/templates/distcc/distccd.erb +14 -0
  28. data/templates/distcc/hosts.erb +2 -0
  29. data/templates/portage/make.conf.erb +30 -0
  30. data/templates/portage/package.use/bindist +3 -0
  31. data/templates/portage/package.use/documentation +3 -0
  32. data/templates/services/memcached/memcached.erb +40 -0
  33. data/templates/services/mysql/my.cnf.erb +143 -0
  34. data/templates/services/mysql/root_my.cnf.erb +11 -0
  35. data/templates/services/mysql/user_db_grants.sql.erb +33 -0
  36. data/templates/services/mysql/user_db_grants.sql.erb_cleanupUsers +52 -0
  37. data/templates/services/nginx/nginx.conf.erb +48 -0
  38. data/templates/services/php/php-fpm.conf.erb +2 -0
  39. data/templates/services/postfix/localmail.initial_setup.sh +19 -0
  40. data/templates/services/postfix/localmail.main.cf.erb +41 -0
  41. data/templates/services/postfix/mailname.erb +1 -0
  42. data/templates/services/postfix/mailrelayhost_main.cf.erb +33 -0
  43. data/templates/services/postfix/main.cf.erb +28 -0
  44. data/templates/services/postfix/master.cf.erb +124 -0
  45. data/templates/services/postfix/mysql-virtual-alias-maps.cf.erb +5 -0
  46. data/templates/services/postfix/mysql-virtual-mailbox-domains.cf.erb +5 -0
  47. data/templates/services/postfix/mysql-virtual-mailbox-maps.cf.erb +5 -0
  48. data/templates/system/authorized_keys.erb +5 -0
  49. data/templates/system/crontab.erb +8 -0
  50. data/templates/system/dmcrypt.erb +17 -0
  51. data/templates/system/exports.erb +4 -0
  52. data/templates/system/fstab.erb +4 -0
  53. data/templates/system/sudoers.erb +5 -0
  54. metadata +44 -11
  55. data/.ruby-gemset +0 -1
  56. data/.ruby-version +0 -1
  57. /data/bin/{setup → setup-dd} +0 -0
@@ -0,0 +1,143 @@
1
+ # /etc/mysql/my.cnf: The global mysql configuration file.
2
+
3
+ # The following options will be passed to all MySQL clients
4
+ [client]
5
+ #password = your_password
6
+ port = 3306
7
+ socket = /var/run/mysqld/mysqld.sock
8
+
9
+ [mysql]
10
+ character-sets-dir=/usr/share/mariadb/charsets
11
+ default-character-set=utf8
12
+
13
+ [mysqladmin]
14
+ character-sets-dir=/usr/share/mariadb/charsets
15
+ default-character-set=utf8
16
+
17
+ [mysqlcheck]
18
+ character-sets-dir=/usr/share/mariadb/charsets
19
+ default-character-set=utf8
20
+
21
+ [mysqldump]
22
+ character-sets-dir=/usr/share/mariadb/charsets
23
+ default-character-set=utf8
24
+
25
+ [mysqlimport]
26
+ character-sets-dir=/usr/share/mariadb/charsets
27
+ default-character-set=utf8
28
+
29
+ [mysqlshow]
30
+ character-sets-dir=/usr/share/mariadb/charsets
31
+ default-character-set=utf8
32
+
33
+ [myisamchk]
34
+ character-sets-dir=/usr/share/mariadb/charsets
35
+
36
+ [myisampack]
37
+ character-sets-dir=/usr/share/mariadb/charsets
38
+
39
+ # use [safe_mysqld] with mysql-3
40
+ [mysqld_safe]
41
+ err-log = /var/log/mysql/mysqld.err
42
+
43
+ # add a section [mysqld-4.1] or [mysqld-5.0] for specific configurations
44
+ [mysqld]
45
+ expire_logs_days = 30
46
+ character-set-server = utf8
47
+ user = mysql
48
+ port = 3306
49
+ socket = /var/run/mysqld/mysqld.sock
50
+ pid-file = /var/run/mysqld/mysqld.pid
51
+ log-error = /var/log/mysql/mysqld.err
52
+ basedir = /usr
53
+ datadir = <%= @variables[:datadir] ? @variables[:datadir] : '/var/lib/mysql' %>
54
+ skip-external-locking
55
+ key_buffer_size = 16M
56
+ max_allowed_packet = 4M
57
+ table_open_cache = 400
58
+ sort_buffer_size = 512K
59
+ net_buffer_length = 16K
60
+ read_buffer_size = 256K
61
+ read_rnd_buffer_size = 512K
62
+ myisam_sort_buffer_size = 8M
63
+ lc_messages_dir = /usr/share/mariadb
64
+ #Set this to your desired error message language
65
+ lc_messages = en_US
66
+
67
+ # security:
68
+ # using "localhost" in connects uses sockets by default
69
+ # skip-networking
70
+ bind-address = <%= @variables[:bind_address] ? @variables[:bind_address] : '127.0.0.1' %>
71
+ skip-name-resolve
72
+
73
+ log-bin = /var/log/mysql/mysql-bin.log
74
+ binlog_format = MIXED
75
+ binlog_expire_logs_seconds = 604800 # 7 days binlogs
76
+ server-id = 1
77
+
78
+ # point the following paths to different dedicated disks
79
+ tmpdir = /tmp/
80
+ #log-update = /path-to-dedicated-directory/hostname
81
+
82
+ # you need the debug USE flag enabled to use the following directives,
83
+ # if needed, uncomment them, start the server and issue
84
+ # #tail -f /tmp/mysqld.sql /tmp/mysqld.trace
85
+ # this will show you *exactly* what's happening in your server ;)
86
+
87
+ #log = /tmp/mysqld.sql
88
+ #gdb
89
+ #debug = d:t:i:o,/tmp/mysqld.trace
90
+ #one-thread
91
+
92
+ # the rest of the innodb config follows:
93
+ # don't eat too much memory, we're trying to be safe on 64Mb boxes
94
+ # you might want to bump this up a bit on boxes with more RAM
95
+ innodb_buffer_pool_size = 128M
96
+ #
97
+ # i'd like to use /var/lib/mysql/innodb, but that is seen as a database :-(
98
+ # and upstream wants things to be under /var/lib/mysql/, so that's the route
99
+ # we have to take for the moment
100
+ #innodb_data_home_dir = /var/lib/mysql/
101
+ #innodb_log_arch_dir = /var/lib/mysql/
102
+ #innodb_log_group_home_dir = /var/lib/mysql/
103
+ # you may wish to change this size to be more suitable for your system
104
+ # the max is there to avoid run-away growth on your machine
105
+ innodb_data_file_path = ibdata1:10M:autoextend:max:128M
106
+ # we keep this at around 25% of of innodb_buffer_pool_size
107
+ # sensible values range from 1MB to (1/innodb_log_files_in_group*innodb_buffer_pool_size)
108
+ innodb_log_file_size = 48M
109
+ # this is the default, increase it if you have very large transactions going on
110
+ innodb_log_buffer_size = 8M
111
+ # see the innodb config docs, the other options are not always safe
112
+ innodb_flush_log_at_trx_commit = 1
113
+ innodb_lock_wait_timeout = 50
114
+ innodb_file_per_table
115
+
116
+ # Uncomment this to get FEDERATED engine support
117
+ #plugin-load=federated=ha_federated.so
118
+ #loose-federated
119
+
120
+ [mysqldump]
121
+ quick
122
+ max_allowed_packet = 16M
123
+
124
+ [mysql]
125
+ # uncomment the next directive if you are not familiar with SQL
126
+ #safe-updates
127
+
128
+ [isamchk]
129
+ key_buffer_size = 20M
130
+ sort_buffer_size = 20M
131
+ read_buffer = 2M
132
+ write_buffer = 2M
133
+
134
+ [myisamchk]
135
+ key_buffer_size = 20M
136
+ sort_buffer_size = 20M
137
+ read_buffer_size = 2M
138
+ write_buffer_size = 2M
139
+
140
+ [mysqlhotcopy]
141
+ interactive-timeout
142
+
143
+ [mariadb]
@@ -0,0 +1,11 @@
1
+ [mysql]
2
+ <%= @variables[:host] ? "host=\"#{@variables[:host]}\"\n" : '' -%>
3
+ <%= @variables[:user] ? "user=\"#{@variables[:user]}\"\n" : '' -%>
4
+ <%= @variables[:pass] ? "password=\"#{@variables[:pass]}\"\n" : '' -%>
5
+ <%= @variables[:port] ? "port=\"#{@variables[:port]}\"\n" : '' -%>
6
+
7
+ [client]
8
+ <%= @variables[:host] ? "host=\"#{@variables[:host]}\"\n" : '' -%>
9
+ <%= @variables[:user] ? "user=\"#{@variables[:user]}\"\n" : '' -%>
10
+ <%= @variables[:pass] ? "password=\"#{@variables[:pass]}\"\n" : '' -%>
11
+ <%= @variables[:port] ? "port=\"#{@variables[:port]}\"\n" : '' -%>
@@ -0,0 +1,33 @@
1
+ DROP DATABASE IF EXISTS test;
2
+
3
+ <% @variables.each do |mysql| -%>
4
+ <% if mysql[:action] == 'grant' -%>
5
+
6
+ CREATE DATABASE IF NOT EXISTS `<%= mysql[:database] %>`;
7
+ GRANT <%= mysql[:grants].join(', ') %>
8
+ ON `<%= mysql[:database] %>`.*
9
+ TO `<%= mysql[:user] %>`@`<%= mysql[:host] %>`
10
+ IDENTIFIED BY '<%= DanarchyDeploy::Helpers.decode_base64(mysql[:password]) %>';
11
+
12
+ <% elsif mysql[:action] == 'revoke' -%>
13
+
14
+ REVOKE <%= mysql[:grants].join(', ') %>
15
+ ON `<%= mysql[:database] %>`.*
16
+ FROM `<%= mysql[:user] %>`@`<%= mysql[:host] %>`;
17
+
18
+ <% elsif mysql[:action] == 'drop' %>
19
+
20
+ DROP DATABASE IF EXISTS <%= mysql[:database] %>;
21
+ REVOKE ALL PRIVILEGES
22
+ ON `<%= mysql[:database] %>`.*
23
+ FROM `<%= mysql[:user] %>`@`<%= mysql[:host] %>`;
24
+ DROP USER `<%= mysql[:user] %>`;
25
+
26
+ <% elsif mysql[:action] == 'dropuser' %>
27
+
28
+ DROP USER IF EXISTS `<%= mysql[:user] %>`@`<%= mysql[:host] %>`;
29
+
30
+ <% end -%>
31
+ <% end -%>
32
+
33
+ FLUSH PRIVILEGES;
@@ -0,0 +1,52 @@
1
+ DROP DATABASE IF EXISTS test;
2
+
3
+ <% @variables.each do |mysql| -%>
4
+ <% if mysql[:action] == 'grant' -%>
5
+
6
+ CREATE DATABASE IF NOT EXISTS `<%= mysql[:database] %>`;
7
+ GRANT <%= mysql[:grants].join(', ') %>
8
+ ON `<%= mysql[:database] %>`.*
9
+ TO `<%= mysql[:user] %>`@`<%= mysql[:host] %>`
10
+ IDENTIFIED BY '<%= DanarchyDeploy::Helpers.decode_base64(mysql[:password]) %>';
11
+
12
+ <% elsif mysql[:action] == 'revoke' -%>
13
+
14
+ REVOKE <%= mysql[:grants].join(', ') %>
15
+ ON `<%= mysql[:database] %>`.*
16
+ FROM `<%= mysql[:user] %>`@`<%= mysql[:host] %>`;
17
+
18
+ <% elsif mysql[:action] == 'drop' %>
19
+
20
+ DROP DATABASE IF EXISTS <%= mysql[:database] %>;
21
+ REVOKE ALL PRIVILEGES
22
+ ON `<%= mysql[:database] %>`.*
23
+ FROM `<%= mysql[:user] %>`@`<%= mysql[:host] %>`;
24
+ DROP USER `<%= mysql[:user] %>`;
25
+
26
+ <% elsif mysql[:action] == 'dropuser' %>
27
+
28
+ DROP USER IF EXISTS `<%= mysql[:user] %>`@`<%= mysql[:host] %>`;
29
+
30
+ <% end -%>
31
+
32
+ # Cleanup user privileges without grants
33
+ SET @keep_hosts = NULL;
34
+ SELECT GROUP_CONCAT(Host) INTO @keep_hosts
35
+ FROM (
36
+ SELECT Host FROM mysql.db
37
+ WHERE User = '<%= mysql[:user] %>'
38
+ UNION
39
+ SELECT Host FROM mysql.tables_priv
40
+ WHERE User = '<%= mysql[:user] %>'
41
+ ) AS T;
42
+
43
+ SET @drop_users = SELECT GROUP_CONCAT('\'', user, '\'@\'', host, '\'') FROM mysql.user
44
+ WHERE User = '<%= mysql[:user] %>'
45
+ AND NOT FIND_IN_SET(Host, @keep_hosts);
46
+ PREPARE stmt1 FROM @drop_users;
47
+ EXECUTE stmt1;
48
+ DEALLOCATE PREPARE stmt1;
49
+
50
+ <% end -%>
51
+
52
+ FLUSH PRIVILEGES;
@@ -0,0 +1,48 @@
1
+ user <%= @variables[:web_user] ? @variables[:web_user] : 'nginx' %>;
2
+ worker_processes auto;
3
+
4
+ error_log /var/log/nginx/error_log info;
5
+
6
+ events {
7
+ worker_connections 1024;
8
+ use epoll;
9
+
10
+ }
11
+
12
+ http {
13
+ include /etc/nginx/mime.types;
14
+ default_type text/html;
15
+
16
+ log_format main
17
+ '$remote_addr - $remote_user [$time_local] '
18
+ '"$request" $status $bytes_sent '
19
+ '"$http_referer" "$http_user_agent" '
20
+ '"$gzip_ratio"';
21
+
22
+ client_header_timeout 10m;
23
+ client_body_timeout 10m;
24
+ client_max_body_size <%= @variables[:client_max_body_size] ? @variables[:client_max_body_size] : '32mm' %>;
25
+ send_timeout 10m;
26
+
27
+ connection_pool_size 256;
28
+ client_header_buffer_size 1k;
29
+ large_client_header_buffers 4 2k;
30
+ request_pool_size 4k;
31
+
32
+ gzip on;
33
+
34
+ output_buffers 1 32k;
35
+ postpone_output 1460;
36
+
37
+ sendfile on;
38
+ tcp_nopush on;
39
+ tcp_nodelay on;
40
+
41
+ keepalive_timeout 75 20;
42
+
43
+ ignore_invalid_headers on;
44
+
45
+ index index.html;
46
+
47
+ include /home/*/nginx/sites-enabled/*.conf;
48
+ }
@@ -0,0 +1,2 @@
1
+ [Global]
2
+ include=/home/*/php-fpm/sites-enabled/*.conf
@@ -0,0 +1,19 @@
1
+ #!/bin/bash
2
+
3
+ if [[ ${UID} != 0 ]]; then
4
+ echo 'Run this script as root!'
5
+ exit 1
6
+ fi
7
+
8
+ postfix upgrade-configuration
9
+ postfix check
10
+
11
+ newaliases
12
+
13
+ if [[ $(which rc-service) ]]; then
14
+ rc-service postfix restart
15
+ elif [[ $(which systemctl) ]]; then
16
+ systemctl restart postfix
17
+ else
18
+ echo 'Unable to determine init system! Restart postfix manually.'
19
+ fi
@@ -0,0 +1,41 @@
1
+
2
+ compatibility_level = 3.8
3
+
4
+
5
+ queue_directory = /var/spool/postfix
6
+ command_directory = /usr/sbin
7
+ daemon_directory = /usr/libexec/postfix
8
+ data_directory = /var/lib/postfix
9
+
10
+ mail_owner = postfix
11
+ myhostname = localhost
12
+ mydomain = localdomain
13
+
14
+ inet_interfaces = $myhostname, localhost
15
+ mydestination = $myhostname, localhost.$mydomain, localhost
16
+
17
+ unknown_local_recipient_reject_code = 550
18
+ mynetworks_style = host
19
+ default_transport = error:outside mail is not deliverable
20
+
21
+ debug_peer_level = 2
22
+ debugger_command =
23
+ PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
24
+ ddd $daemon_directory/$process_name $process_id & sleep 5
25
+
26
+
27
+ sendmail_path = /usr/sbin/sendmail
28
+ newaliases_path = /usr/bin/newaliases
29
+ mailq_path = /usr/bin/mailq
30
+
31
+ setgid_group = postdrop
32
+ html_directory = no
33
+
34
+ manpage_directory = /usr/share/man
35
+ sample_directory = /etc/postfix
36
+
37
+ readme_directory = no
38
+ inet_protocols = ipv4
39
+ shlib_directory = /usr/lib64/postfix/${mail_version}
40
+ meta_directory = /etc/postfix
41
+ home_mailbox = .maildir/
@@ -0,0 +1 @@
1
+ <%= @variables[:hostname] %>
@@ -0,0 +1,33 @@
1
+ smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
2
+ biff = no
3
+
4
+ # appending .domain is the MUA's job.
5
+ append_dot_mydomain = no
6
+
7
+ # Uncomment the next line to generate \"delayed mail\" warnings
8
+ #delay_warning_time = 4h
9
+
10
+ readme_directory = no
11
+
12
+ # TLS parameters
13
+ smtpd_tls_cert_file = <%= @variables[:ssl_cert] %>
14
+ smtpd_tls_key_file = <%= @variables[:ssl_key] %>
15
+ smtpd_use_tls = <%= @variables[:use_tls] || 'yes' %>
16
+ smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
17
+ smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
18
+
19
+ # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
20
+ # information on enabling SSL in the smtp client.
21
+
22
+ smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
23
+ myhostname = <%= @variables[:hostname] %>
24
+ alias_maps = hash:/etc/aliases
25
+ alias_database = hash:/etc/aliases
26
+ myorigin = /etc/mailname
27
+ mydestination = <%= @variables[:hostname] %>, localhost
28
+ relayhost = <%= @variables[:relayhost] %>
29
+ mynetworks = <%= @variables[:mynetworks] %> 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
30
+ mailbox_size_limit = 0
31
+ recipient_delimiter = +
32
+ inet_interfaces = all
33
+ inet_protocols = ipv4
@@ -0,0 +1,28 @@
1
+ smtpd_banner = $myhostname ESMTP $mail_name
2
+ biff = no
3
+
4
+ # TLS parameters
5
+ smtpd_use_tls = <%= @variables[:use_tls] %>
6
+ smtpd_tls_auth_only = <%= @variables[:use_tls] %>
7
+ smtpd_tls_cert_file = <%= @variables[:ssl_cert] %>
8
+ smtpd_tls_key_file = <%= @variables[:ssl_key] %>
9
+ smtpd_tls_CAfile = <%= @variables[:ssl_cacert] %>
10
+
11
+ smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
12
+ smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
13
+
14
+ # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
15
+ # information on enabling SSL in the smtp client.
16
+
17
+ smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
18
+ myhostname = <%= @variables[:hostname] %>
19
+ alias_maps = hash:/etc/aliases
20
+ alias_database = hash:/etc/aliases
21
+ myorigin = /etc/mailname
22
+ mydestination = <%= @variables[:hostname] %>, localhost
23
+ relayhost = <%= @variables[:relayhost] %>
24
+ mynetworks = <%= @variables[:mynetworks] %> 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
25
+ mailbox_size_limit = 0
26
+ recipient_delimiter = +
27
+ inet_interfaces = all
28
+ inet_protocols = ipv4
@@ -0,0 +1,124 @@
1
+ #
2
+ # Postfix master process configuration file. For details on the format
3
+ # of the file, see the master(5) manual page (command: "man 5 master" or
4
+ # on-line: http://www.postfix.org/master.5.html).
5
+ #
6
+ # Do not forget to execute "postfix reload" after editing this file.
7
+ #
8
+ # ==========================================================================
9
+ # service type private unpriv chroot wakeup maxproc command + args
10
+ # (yes) (yes) (yes) (never) (100)
11
+ # ==========================================================================
12
+ smtp inet n - - - - smtpd
13
+ #smtp inet n - - - 1 postscreen
14
+ #smtpd pass - - - - - smtpd
15
+ #dnsblog unix - - - - 0 dnsblog
16
+ #tlsproxy unix - - - - 0 tlsproxy
17
+ submission inet n - - - - smtpd
18
+ -o syslog_name=postfix/submission
19
+ -o smtpd_tls_security_level=encrypt
20
+ # -o smtpd_sasl_auth_enable=yes
21
+ # -o smtpd_reject_unlisted_recipient=no
22
+ # -o smtpd_client_restrictions=$mua_client_restrictions
23
+ # -o smtpd_helo_restrictions=$mua_helo_restrictions
24
+ # -o smtpd_sender_restrictions=$mua_sender_restrictions
25
+ # -o smtpd_recipient_restrictions=
26
+ # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
27
+ # -o milter_macro_daemon_name=ORIGINATING
28
+ smtps inet n - - - - smtpd
29
+ -o syslog_name=postfix/smtps
30
+ # -o smtpd_tls_wrappermode=yes
31
+ # -o smtpd_sasl_auth_enable=yes
32
+ # -o smtpd_reject_unlisted_recipient=no
33
+ # -o smtpd_client_restrictions=$mua_client_restrictions
34
+ # -o smtpd_helo_restrictions=$mua_helo_restrictions
35
+ # -o smtpd_sender_restrictions=$mua_sender_restrictions
36
+ # -o smtpd_recipient_restrictions=
37
+ # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
38
+ # -o milter_macro_daemon_name=ORIGINATING
39
+ #628 inet n - - - - qmqpd
40
+ pickup unix n - - 60 1 pickup
41
+ cleanup unix n - - - 0 cleanup
42
+ qmgr unix n - n 300 1 qmgr
43
+ #qmgr unix n - n 300 1 oqmgr
44
+ tlsmgr unix - - - 1000? 1 tlsmgr
45
+ rewrite unix - - - - - trivial-rewrite
46
+ bounce unix - - - - 0 bounce
47
+ defer unix - - - - 0 bounce
48
+ trace unix - - - - 0 bounce
49
+ verify unix - - - - 1 verify
50
+ flush unix n - - 1000? 0 flush
51
+ proxymap unix - - n - - proxymap
52
+ proxywrite unix - - n - 1 proxymap
53
+ smtp unix - - - - - smtp
54
+ relay unix - - - - - smtp
55
+ # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
56
+ showq unix n - - - - showq
57
+ error unix - - - - - error
58
+ retry unix - - - - - error
59
+ discard unix - - - - - discard
60
+ local unix - n n - - local
61
+ virtual unix - n n - - virtual
62
+ lmtp unix - - - - - lmtp
63
+ anvil unix - - - - 1 anvil
64
+ scache unix - - - - 1 scache
65
+ #
66
+ # ====================================================================
67
+ # Interfaces to non-Postfix software. Be sure to examine the manual
68
+ # pages of the non-Postfix software to find out what options it wants.
69
+ #
70
+ # Many of the following services use the Postfix pipe(8) delivery
71
+ # agent. See the pipe(8) man page for information about ${recipient}
72
+ # and other message envelope options.
73
+ # ====================================================================
74
+ #
75
+ # maildrop. See the Postfix MAILDROP_README file for details.
76
+ # Also specify in main.cf: maildrop_destination_recipient_limit=1
77
+ #
78
+ maildrop unix - n n - - pipe
79
+ flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
80
+ #
81
+ # ====================================================================
82
+ #
83
+ # Recent Cyrus versions can use the existing "lmtp" master.cf entry.
84
+ #
85
+ # Specify in cyrus.conf:
86
+ # lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
87
+ #
88
+ # Specify in main.cf one or more of the following:
89
+ # mailbox_transport = lmtp:inet:localhost
90
+ # virtual_transport = lmtp:inet:localhost
91
+ #
92
+ # ====================================================================
93
+ #
94
+ # Cyrus 2.1.5 (Amos Gouaux)
95
+ # Also specify in main.cf: cyrus_destination_recipient_limit=1
96
+ #
97
+ #cyrus unix - n n - - pipe
98
+ # user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
99
+ #
100
+ # ====================================================================
101
+ # Old example of delivery via Cyrus.
102
+ #
103
+ #old-cyrus unix - n n - - pipe
104
+ # flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
105
+ #
106
+ # ====================================================================
107
+ #
108
+ # See the Postfix UUCP_README file for configuration details.
109
+ #
110
+ uucp unix - n n - - pipe
111
+ flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
112
+ #
113
+ # Other external delivery methods.
114
+ #
115
+ ifmail unix - n n - - pipe
116
+ flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
117
+ bsmtp unix - n n - - pipe
118
+ flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
119
+ scalemail-backend unix - n n - 2 pipe
120
+ flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
121
+ mailman unix - n n - - pipe
122
+ flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
123
+ ${nexthop} ${user}
124
+
@@ -0,0 +1,5 @@
1
+ user = <%= @variables[:user] %>
2
+ password = <%= @variables[:password] %>
3
+ hosts = <%= @variables[:hosts] %>
4
+ dbname = <%= @variables[:dbname] %>
5
+ query = SELECT destination FROM aliases WHERE source='%s'
@@ -0,0 +1,5 @@
1
+ user = <%= @variables[:user] %>
2
+ password = <%= @variables[:password] %>
3
+ hosts = <%= @variables[:hosts] %>
4
+ dbname = <%= @variables[:dbname] %>
5
+ query = SELECT 1 FROM domains WHERE domain='%s'
@@ -0,0 +1,5 @@
1
+ user = <%= @variables[:user] %>
2
+ password = <%= @variables[:password] %>
3
+ hosts = <%= @variables[:hosts] %>
4
+ dbname = <%= @variables[:dbname] %>
5
+ query = SELECT 1 FROM users WHERE email='%s'
@@ -0,0 +1,5 @@
1
+ # Deployed by dAnarchyDeploy
2
+
3
+ <% @variables[:authorized_keys].each do |key| -%>
4
+ <%= "#{key}" %>
5
+ <% end -%>
@@ -0,0 +1,8 @@
1
+ # DanarchyDeploy crontab
2
+ SHELL=<%= @variables[:shell] || '/bin/bash' %>
3
+ PATH=<%= @variables[:path] || '/bin:/usr/bin' %>
4
+ BASH_ENV=<%= @variables[:env] || '~/.bashrc' %>
5
+
6
+ <% @variables[:jobs].each do |job| -%>
7
+ <%= "#{job[:schedule]}\t#{job[:command]}" %>
8
+ <% end -%>
@@ -0,0 +1,17 @@
1
+ # DanarchyDeploy dmcrypt
2
+ # How long to wait for each timeout (in seconds).
3
+ dmcrypt_key_timeout=1
4
+
5
+ # Max number of checks to perform (see dmcrypt_key_timeout).
6
+ #dmcrypt_max_timeout=300
7
+
8
+ # Number of password retries.
9
+ dmcrypt_retries=2
10
+
11
+ <% @variables.each do |device, volume| -%>
12
+ <%= "# Encrypted volume name|volgroup|device: #{device}" %>
13
+ <% volume[:variables].each do |key, value| -%>
14
+ <%= key -%>=<%= value %>
15
+ <% end -%>
16
+ <%# intentionally left blank %>
17
+ <% end -%>
@@ -0,0 +1,4 @@
1
+ # DanarchyDeploy NFS exports
2
+ <% @variables.each do |export| -%>
3
+ <%= "#{export[:filesystem]}\t#{export[:clients]}(#{export[:options]})" %>
4
+ <% end -%>
@@ -0,0 +1,4 @@
1
+ # DanarchyDeploy fstab
2
+ <% @variables.each do |mount| -%>
3
+ <%= "#{mount[:filesystem]}\t#{mount[:mountpoint]}\t#{mount[:type]}\t#{mount[:opts]}\t#{mount[:'dump/pass']}" %>
4
+ <% end -%>
@@ -0,0 +1,5 @@
1
+ # Deployed by dAnarchyDeploy
2
+
3
+ <% @variables[:rules].each do |r| -%>
4
+ <%= "#{r}" %>
5
+ <% end -%>