Fixed Postfix forwarding over SendGrid

This commit is contained in:
Brian Zalewski 2023-08-01 06:28:03 +00:00
parent 073d1923aa
commit 1dfd4ad9b1
6 changed files with 89 additions and 28 deletions

View file

@ -14,6 +14,29 @@
{{ includeTemplate "universal/profile-before" }}
{{ includeTemplate "universal/logg-before" }}
### Configure hostname
# Source: https://www.tecmint.com/set-hostname-permanently-in-linux/
if [ -d /Applications ] && [ -d /System ]; then
# Source: https://apple.stackexchange.com/questions/287760/set-the-hostname-computer-name-for-macos
logg info 'Setting macOS hostname / local hostname / computer name'
sudo scutil --set HostName '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}' && logg success 'Changed HostName to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
sudo scutil --set LocalHostName '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.local' && logg success 'Changed LocalHostName to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.local'
sudo scutil --set ComputerName '{{ .host.hostname | replace .host.domain "" | replace "." "" }}' && logg success 'Changed ComputerName to {{ .host.hostname | replace .host.domain "" | replace "." "" }}'
logg info 'Flushing DNS cache'
dscacheutil -flushcache
elif [ -f /etc/passwd ]; then
logg info 'Setting Linux hostname'
hostname '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}' && logg success 'Changed hostname to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
if command -v hostnamectl > /dev/null; then
logg info 'Ensuring hostname persists after reboot'
sudo hostnamectl set-hostname '{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}' && logg success 'Permanently changed hostname to {{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
else
logg warn '`hostnamectl` was not available in the PATH - this operating system type might be unsupported'
fi
else
logg warn 'Could not configure hostname because system type was not detectable'
fi
### Configure Firewall
if [ -d /Applications ] && [ -d /System ]; then
logg info 'Disabling the block all incoming traffic option in the system Firewall settings'

View file

@ -1,4 +1,4 @@
{{- if or (and (ne .host.distro.family "windows") (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "SENDGRID_API_KEY")) (env "SENDGRID_API_KEY")) -}}
{{- if or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "SENDGRID_API_KEY"))) (env "SENDGRID_API_KEY")) -}}
#!/usr/bin/env bash
# @file SendGrid Postfix Configuration
# @brief Configures Postfix to use SendGrid as a relay host so you can use the `mail` program to send e-mail from the command-line
@ -58,6 +58,43 @@ if command -v postfix > /dev/null; then
sudo chmod 600 /etc/postfix/sasl_passwd
logg info 'Updating Postfix hashmaps for /etc/postfix/sasl_passwd'
sudo postmap /etc/postfix/sasl_passwd
else
logg warn '~/.config/postfix/sasl_passwd file is missing'
fi
### Forward root e-mails
if [ -d /root ]; then
logg info 'Forwarding root e-mails to {{ .user.email }}'
echo '{{ .user.email }}' | sudo tee /root/.forward > /dev/null || logg error 'Failed to set root user .forward file'
elif [ -d /var/root ]; then
logg info 'Forwarding root e-mails to {{ .user.email }}'
echo '{{ .user.email }}' | sudo tee /var/root/.forward > /dev/null || logg error 'Failed to set root user .forward file'
else
logg warn 'Unable to identify root user home directory'
fi
### Forward user e-mails
### Ensure /etc/postfix/header_checks exists
if [ ! -d /etc/postfix/header_checks ]; then
logg info 'Creating /etc/postfix/header_checks since it does not exist'
sudo touch /etc/postfix/header_checks
fi
### Re-write header From for SendGrid
if ! cat /etc/postfix/header_checks | grep 'no-reply@{{ .host.domain }}' > /dev/null; then
logg info 'Added From REPLACE to /etc/postfix/header_checks'
echo '/^From:.*@{{ .host.domain }}/ REPLACE From: no-reply@{{ .host.domain }}' | sudo tee -a /etc/postfix/header_checks > /dev/null
fi
### Update aliases
if [ -f /etc/aliases ]; then
logg info 'Forward root e-mails to {{ .user.email }}'
sudo sed s/#root.*/root:\ {{ .user.email }}/ -i /etc/aliases && sudo newaliases
if ! cat /etc/aliases | grep '{{ .user.username }}: root' > /dev/null; then
logg info 'Forward user e-mail to root@localhost'
echo '{{ .user.username }}: root' | sudo tee -a /etc/aliases > /dev/null
fi
fi
if [ -d /Applications ] && [ -d /System ]; then
@ -66,6 +103,7 @@ if command -v postfix > /dev/null; then
if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/postfix/com.apple.postfix.master.plist" ]; then
logg info 'Copying com.apple.postfix.master.plist'
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/postfix/com.apple.postfix.master.plist" /System/Library/LaunchDaemons/com.apple.postfix.master.plist
sudo launchctl load /System/Library/LaunchDaemons/com.apple.postfix.master.plist && logg success 'launchctl load of com.apple.postfix.master successful'
fi
logg info 'Starting postfix'
sudo postfix start

View file

@ -9,8 +9,6 @@
<key>ProgramArguments</key>
<array>
<string>master</string>
<string>-e</string>
<string>60</string>
</array>
<key>QueueDirectories</key>
<array>
@ -22,5 +20,9 @@
<true/>
<key>KeepAlive</key>
<true/>
<key>StandardErrorPath</key>
<string>/var/log/com.apple.postfix.master.plist.error.log</string>
<key>StandardOutPath</key>
<string>/var/log/ccom.apple.postfix.master.plist.debug.log</string>
</dict>
</plist>

View file

@ -5,13 +5,19 @@
# This configuration file is appended to `/etc/postfix/main.cf` by one of the scripts. It configures SendGrid
# as a relay host that Postfix can use. More details can be found in the
# [SendGrid documentation on integrating Postfix](https://docs.sendgrid.com/for-developers/sending-email/postfix).
#
# Some FROM addresses do not work properly when using SendGrid. Because of this, the configuration will automatically
# re-write the FROM address to equal `system@public.domain.com`, where `public.domain.com` is the value specified under
# `.host.domain` in `~/.config/chezmoi/chezmoi.yml`.
header_size_limit = 4096000
myhostname = {{ .host.domain }}
relayhost = [smtp.sendgrid.net]:587
smtp_header_checks = regexp:/etc/postfix/header_checks
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_security_level = encrypt
header_size_limit = 4096000
relayhost = [smtp.sendgrid.net]:587
### INSTALL DOCTOR MANAGED ### END

View file

@ -1,41 +1,33 @@
#!/bin/sh
#!/usr/bin/env bash
RKHUNTER=/usr/bin/rkhunter
test -x $RKHUNTER || exit 0
# source our config
. /etc/rkhunter.conf
# Include configuration
if [ -f /usr/local/etc/rkhunter.conf ]; then
. /usr/local/etc/rkhunter.conf
elif [ -f /etc/rkhunter.conf ]; then
. /etc/rkhunter.conf
else
echo "Failed to find rkhunter.conf file" && exit 1
fi
if [ -z "$NICE" ]; then
NICE=0
fi
if [ -z "$RUN_CHECK_ON_BATTERY" ]; then
RUN_CHECK_ON_BATTERY="false"
fi
# Do not run daily check if running on battery except if explicitely allowed
if [ -x /usr/bin/on_ac_power >/dev/null 2>&1 ]; then
on_ac_power >/dev/null 2>&1
[ $? -eq 1 -a "$RUN_CHECK_ON_BATTERY" != "true" ] && exit 0
fi
case "$CRON_DAILY_RUN" in
[YyTt]*)
OUTFILE=`mktemp` || exit 1
/usr/bin/nice -n $NICE $RKHUNTER --cronjob --report-warnings-only --appendlog > $OUTFILE
OUTFILE="$(mktemp)"
nice -n $NICE rkhunter --cronjob --report-warnings-only --update --appendlog > $OUTFILE
if [ -s "$OUTFILE" -a -n "$REPORT_EMAIL" ]; then
(
echo "Subject: [rkhunter] $(hostname) - Daily report"
echo "Subject: [rkhunter] $(hostname) - Daily Report"
echo "To: $REPORT_EMAIL"
echo ""
cat $OUTFILE
) | /usr/sbin/mailx $REPORT_EMAIL
) | mailx $REPORT_EMAIL
fi
rm -f $OUTFILE
;;
*)
exit 0
;;
esac
esac

View file

@ -9451,7 +9451,7 @@ softwarePackages:
_github: null
_home: https://www.vmware.com/
_name: VMWare
_when:darwin: test -d "/Applications/VMware Fusion.app"
_when:darwin: '! test -d "/Applications/VMware Fusion.app" && ! test -d "$HOME/Applications/VMware Fusion.app"'
ansible: professormanhattan.vmware
cask: vmware-fusion
what-ip: