From b5ed319992dcfa52b4cae1a5c6af77c4e65908bd Mon Sep 17 00:00:00 2001 From: boksbc Date: Mon, 27 Oct 2025 03:40:57 +0100 Subject: [PATCH] Dovecot Systax Problem --- scripts/10-provision.sh | 11 ++++++----- scripts/21-le-deploy-hook.sh | 1 - scripts/95-woltguard.sh | 30 ++++++++++++++++++++++++++---- 3 files changed, 32 insertions(+), 10 deletions(-) diff --git a/scripts/10-provision.sh b/scripts/10-provision.sh index 4928e1e..0ed0800 100644 --- a/scripts/10-provision.sh +++ b/scripts/10-provision.sh @@ -2,6 +2,12 @@ set -euo pipefail source ./lib.sh +if [ -r /etc/mailwolt/installer.env ]; then + . /etc/mailwolt/installer.env +fi + +REDIS_PASS="${REDIS_PASS:-}" + SCRIPTS_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" find "$SCRIPTS_DIR/.." -type f -name "*.sh" -exec sed -i 's/\r$//' {} \; || true @@ -111,11 +117,6 @@ printf '\nrequirepass %s\n' "${REDIS_PASS}" >> "$REDIS_CONF" systemctl enable --now redis-server systemctl restart redis-server || true -# Passwort für spätere Steps persistieren (damit 80-app.sh es hat) -install -d -m 0755 /etc/mailwolt -echo "REDIS_PASS=${REDIS_PASS}" > /etc/mailwolt/installer.env -chmod 600 /etc/mailwolt/installer.env - # Sanity-Check (kein harter Exit, nur Log) if redis-cli -a "${REDIS_PASS}" ping 2>/dev/null | grep -q PONG; then log "Redis mit Passwort OK." diff --git a/scripts/21-le-deploy-hook.sh b/scripts/21-le-deploy-hook.sh index c09f67d..fb37804 100644 --- a/scripts/21-le-deploy-hook.sh +++ b/scripts/21-le-deploy-hook.sh @@ -14,7 +14,6 @@ set -eu # Installer-ENV laden (liefert UI_HOST/WEBMAIL_HOST/MAIL_HOSTNAME etc.) if [ -r /etc/mailwolt/installer.env ]; then - # shellcheck disable=SC1091 . /etc/mailwolt/installer.env fi diff --git a/scripts/95-woltguard.sh b/scripts/95-woltguard.sh index 6165629..5c3aa8a 100644 --- a/scripts/95-woltguard.sh +++ b/scripts/95-woltguard.sh @@ -72,11 +72,33 @@ chmod 0755 /usr/local/sbin/mailwolt-redis-ping.sh cat >/usr/local/sbin/mailwolt-rspamd-heal.sh <<'EOSH' #!/usr/bin/env bash set -euo pipefail + +INSTALLER_ENV="/etc/mailwolt/installer.env" +APP_ENV="/var/www/mailwolt/.env" + +REDIS_HOST="${REDIS_HOST:-127.0.0.1}" +REDIS_PORT="${REDIS_PORT:-6379}" +REDIS_PASS="${REDIS_PASS:-}" + +[[ -r "$INSTALLER_ENV" ]] && . "$INSTALLER_ENV" +if [[ -z "${REDIS_PASS}" && -r "$APP_ENV" ]]; then + REDIS_PASS="$(grep -E '^REDIS_PASS=' "$APP_ENV" | head -n1 | cut -d= -f2- || true)" +fi + +# Rspamd Runtime fixen install -d -m 0755 -o _rspamd -g _rspamd /run/rspamd || true [[ -S /var/lib/rspamd/rspamd.sock ]] && rm -f /var/lib/rspamd/rspamd.sock || true + +echo "$(date '+%F %T') heal run" >> /var/log/rspamd-heal.log + +# Neustart systemctl restart rspamd + +# Mini-Healthcheck sleep 2 ss -tln | grep -q ':11334' || echo "[WARN] Rspamd Controller Port 11334 nicht sichtbar" + +exit 0 EOSH chmod 0755 /usr/local/sbin/mailwolt-rspamd-heal.sh @@ -95,7 +117,7 @@ EOF # 20 – Rspamd (robust via process-matching + Heal) cat >/etc/monit/monitrc.d/20-rspamd.conf <<'EOF' -check process rspamd matching "/usr/bin/rspamd" +check process rspamd matching "rspamd: main process" start program = "/bin/systemctl start rspamd" with timeout 120 seconds stop program = "/bin/systemctl stop rspamd" depends on redis @@ -110,9 +132,9 @@ cat >/etc/monit/monitrc.d/30-postfix.conf <<'EOF' check process postfix with pidfile /var/spool/postfix/pid/master.pid start program = "/bin/systemctl start postfix" stop program = "/bin/systemctl stop postfix" - if failed port 25 protocol smtp then restart - if failed port 465 type tcpssl then restart - if failed port 587 type tcp then restart + if failed port 25 protocol smtp with timeout 20 seconds for 2 cycles then restart + if failed port 465 type tcpssl with timeout 10 seconds then restart + if failed port 587 type tcp with timeout 10 seconds then restart if 5 restarts within 5 cycles then alert EOF