ISTI-ansible-roles
/
ansible-role-postfix
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Introduce pflogsumm.

This commit is contained in:
Andrea Dell'Amico 2021-12-04 18:20:15 +01:00
parent 0aae2ebe17
commit a4865cd41e
Signed by: adellam
GPG Key ID: 147ABE6CEB9E20FF
6 changed files with 104 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
defaults/main.yml
View File

@ -7,10 +7,12 @@ postfix_relay_rh_pkgs:
- cyrus-sasl-lib - cyrus-sasl-lib
- cyrus-sasl-plain - cyrus-sasl-plain
- cyrus-sasl-md5 - cyrus-sasl-md5
- postfix-perl-scripts
postfix_relay_deb_pkgs: postfix_relay_deb_pkgs:
- postfix - postfix
- libsasl2-2 - libsasl2-2
- pflogsumm
############################################################################# #############################################################################
# Set them to true when you want configure your machine to send email to a relay # Set them to true when you want configure your machine to send email to a relay
@ -202,6 +204,13 @@ postfix_default_destination_concurrency_limit: 5
postfix_behind_haproxy: False postfix_behind_haproxy: False
postfix_postscreen_port: 1024 postfix_postscreen_port: 1024
postfix_pflogsumm_reports: False
postfix_pflogsumm_mail_report: False
postfix_pflogsumm_mail_report_address: 'postmaster'
postfix_pflogsumm_dir: /var/log/smtp_reports
postfix_pflogsumm_logfile: '{{ postfix_pflogsumm_dir }}/pflogsumm.log'
postfix_pflogsumm_options: '-d yesterday --problems_first --rej_add_from --verbose_msg_detail -q'
postfix_pflogsumm_reports_days: 10
# #
# Nagios monitoring # Nagios monitoring
# #

1
tasks/main.yml
View File

@ -1,6 +1,7 @@
--- ---
- import_tasks: smtp-common-packages.yml - import_tasks: smtp-common-packages.yml
- import_tasks: smtp-configuration.yml - import_tasks: smtp-configuration.yml
- import_tasks: postfix_pflogsumm.yml
- import_tasks: postfix_firewalld.yml - import_tasks: postfix_firewalld.yml
when: ansible_distribution_file_variety == "RedHat" when: ansible_distribution_file_variety == "RedHat"
- import_tasks: smtp-sasl-auth.yml - import_tasks: smtp-sasl-auth.yml

1
tasks/postfix_firewalld.yml
View File

@ -5,4 +5,5 @@
firewalld: service={{ item.service }} zone={{ item.zone }} permanent={{ item.permanent | default(True) }} state={{ item.state }} immediate=True firewalld: service={{ item.service }} zone={{ item.zone }} permanent={{ item.permanent | default(True) }} state={{ item.state }} immediate=True
with_items: '{{ postfix_firewalld_services }}' with_items: '{{ postfix_firewalld_services }}'
when: firewalld_enabled
tags: [ 'postfix', 'firewall', 'firewalld', 'iptables', 'iptables_rules' ] tags: [ 'postfix', 'firewall', 'firewalld', 'iptables', 'iptables_rules' ]

74
tasks/postfix_pflogsumm.yml Normal file
View File

@ -0,0 +1,74 @@
---
- name: Configure pflogsumm
block:
- name: Set the postfix logfile path in EL distributions
set_fact:
postfix_logfile: /var/log/maillog
when: ansible_distribution_file_variety == "RedHat"
- name: Set the postfix logfile path in deb distributions
set_fact:
postfix_logfile: /var/log/mail.log
when: ansible_distribution_file_variety == "Debian"
- name: Install the pflogsumm script
ansible.builtin.template:
src: pflogsumm_report.sh.j2
dest: /usr/local/sbin/pflogsumm_report
owner: root
group: root
mode: 0750
- name: Install the pflogsumm cron job
ansible.builtin.cron:
name: pflogsumm report
user: root
job: /usr/local/sbin/pflogsumm_report
special_time: daily
cron_file: pflogsumm_report
state: present
- name: Create the pflogsumm report directory
ansible.builtin.file:
dest: '{{ postfix_pflogsumm_dir }}'
state: directory
owner: root
group: root
mode: 0750
when: not postfix_pflogsumm_mail_report
- name: Install the logrotate configuration for pflogsumm
ansible.builtin.template:
src: pflogsumm_logrotate.j2
dest: /etc/logrotate.d/pflogsumm
owner: root
group: root
mode: 0644
when: not postfix_pflogsumm_mail_report
when: postfix_pflogsumm_reports
tags: [ 'postfix', 'postfix_pflogsumm' ]
- name: Remove the pflogsum configuration
block:
- name: Remove the pflogsum cron job
ansible.builtin.cron:
name: pflogsumm report
user: root
job: /usr/local/sbin/pflogsumm_report
special_time: daily
cron_file: pflogsumm_report
state: present
- name: Create the pflogsumm report directory
ansible.builtin.file:
dest: '{{ postfix_pflogsumm_dir }}'
state: absent
- name: Install the logrotate configuration for pflogsumm
ansible.builtin.file:
dest: /etc/logrotate.d/pflogsumm
state: absent
when: not postfix_pflogsumm_reports
tags: [ 'postfix', 'postfix_pflogsumm' ]

8
templates/pflogsumm_logrotate.j2 Normal file
View File

@ -0,0 +1,8 @@
{{ postfix_pflogsumm_logfile }} {
copytruncate
daily
rotate {{ postfix_pflogsumm_reports_days }}
nocompress
missingok
create 640 root root
}

11
templates/pflogsumm_report.sh.j2 Normal file
View File

@ -0,0 +1,11 @@
#!/bin/bash
{% if postfix_pflogsumm_mail_report %}
MAILTO={{ postfix_pflogsumm_mail_report_address }}
{% else %}
MAILTO=
{% endif %}
pflogsumm {{ postfix_pflogsumm_options }} {{ postfix_logfile }}{% if not postfix_pflogsumm_mail_report %} >> {{ postfix_pflogsumm_logfile }}{% endif %}
exit $?