cronekorkn/bundlewrap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Compare commits

base: cronekorkn:f60108dee161ba5bc42f66f2a8af984f6202faf8
Branches Tags
cronekorkn:master
cronekorkn:routeros
cronekorkn:mailman
cronekorkn:proxmox_mergable
cronekorkn:proxmox
cronekorkn:mseibert_yourls
cronekorkn:n8n
cronekorkn:router
cronekorkn:freescout
cronekorkn:homeassistant-supervised
cronekorkn:conflecttest
cronekorkn:wp
cronekorkn:rufbereitschafts-alarm
cronekorkn:dnssec_2
cronekorkn:dnssec
cronekorkn:apt_sources_as_dict
cronekorkn:wordpress
cronekorkn:iperf3
cronekorkn:picsort-pythoon
cronekorkn:network_metadata_rework
cronekorkn:blog_dirty
cronekorkn:blog
cronekorkn:icinga2_notifications
cronekorkn:icinga_neumachen
cronekorkn:nextcloud_conf_in_metadata
cronekorkn:mastodon
cronekorkn:rtmp
cronekorkn:deterministic_rsa
cronekorkn:deterministic_rsa_test
cronekorkn:left4dead2
cronekorkn:temp130752653
cronekorkn:zfs_encrypt
cronekorkn:icingaweb
cronekorkn:ldap
cronekorkn:icinga2_remote_2
cronekorkn:icinga2_local
cronekorkn:icinga
cronekorkn:icinga2_remote
cronekorkn:modprobe
cronekorkn:autoconfig
cronekorkn:basic_auth
cronekorkn:crystal-buildserver
cronekorkn:build_Server
cronekorkn:cya_hetzner
cronekorkn:dns_challenge3
cronekorkn:dns_challenge2
cronekorkn:dns_challenge
cronekorkn:gpiod
cronekorkn:multi-redis
cronekorkn:l4d2
cronekorkn:wireguard_clients
cronekorkn:alles_sets
cronekorkn:hdict
cronekorkn:all_units
cronekorkn:unitbug_isolation
cronekorkn:whatsbroken
cronekorkn:minimal_mailserver
..
compare: cronekorkn:84e5176e0759d1bab77ec6d5a360bbb82a3ce33e
Branches Tags
cronekorkn:master
cronekorkn:routeros
cronekorkn:mailman
cronekorkn:proxmox_mergable
cronekorkn:proxmox
cronekorkn:mseibert_yourls
cronekorkn:n8n
cronekorkn:router
cronekorkn:freescout
cronekorkn:homeassistant-supervised
cronekorkn:conflecttest
cronekorkn:wp
cronekorkn:rufbereitschafts-alarm
cronekorkn:dnssec_2
cronekorkn:dnssec
cronekorkn:apt_sources_as_dict
cronekorkn:wordpress
cronekorkn:iperf3
cronekorkn:picsort-pythoon
cronekorkn:network_metadata_rework
cronekorkn:blog_dirty
cronekorkn:blog
cronekorkn:icinga2_notifications
cronekorkn:icinga_neumachen
cronekorkn:nextcloud_conf_in_metadata
cronekorkn:mastodon
cronekorkn:rtmp
cronekorkn:deterministic_rsa
cronekorkn:deterministic_rsa_test
cronekorkn:left4dead2
cronekorkn:temp130752653
cronekorkn:zfs_encrypt
cronekorkn:icingaweb
cronekorkn:ldap
cronekorkn:icinga2_remote_2
cronekorkn:icinga2_local
cronekorkn:icinga
cronekorkn:icinga2_remote
cronekorkn:modprobe
cronekorkn:autoconfig
cronekorkn:basic_auth
cronekorkn:crystal-buildserver
cronekorkn:build_Server
cronekorkn:cya_hetzner
cronekorkn:dns_challenge3
cronekorkn:dns_challenge2
cronekorkn:dns_challenge
cronekorkn:gpiod
cronekorkn:multi-redis
cronekorkn:l4d2
cronekorkn:wireguard_clients
cronekorkn:alles_sets
cronekorkn:hdict
cronekorkn:all_units
cronekorkn:unitbug_isolation
cronekorkn:whatsbroken
cronekorkn:minimal_mailserver

No commits in common. "f60108dee161ba5bc42f66f2a8af984f6202faf8" and "84e5176e0759d1bab77ec6d5a360bbb82a3ce33e" have entirely different histories.
f60108dee1 ... 84e5176e07

9 changed files with 28 additions and 44 deletions
Show stats Expand all files Collapse all files

10
bin/script-template
View file

@ -4,3 +4,13 @@ from bundlewrap.repo import Repository
from os.path import realpath, dirname from os.path import realpath, dirname
repo = Repository(dirname(dirname(realpath(__file__)))) repo = Repository(dirname(dirname(realpath(__file__))))
domains = set()
for node in repo.nodes:
domains.update(
set(node.metadata.get('opendkim/domains', []))
)
print(domains)
# Do in Metaproc

21
bundles/mailserver/metadata.py
View file

@ -1,5 +1,3 @@
from ipaddress import ip_interface
database_password = repo.vault.password_for(f'{node.name} db mailserver') database_password = repo.vault.password_for(f'{node.name} db mailserver')
defaults = { defaults = {
@ -12,7 +10,6 @@ defaults = {
'password': database_password, 'password': database_password,
}, },
'test_password': repo.vault.password_for(f'{node.name} test_pw mailserver'), 'test_password': repo.vault.password_for(f'{node.name} test_pw mailserver'),
'domains': [],
}, },
'postgresql': { 'postgresql': {
'roles': { 'roles': {
@ -36,24 +33,6 @@ defaults = {
}, },
} }
@metadata_reactor.provides(
'dns',
)
def dns(metadata):
dns = {}
for domain in metadata.get('mailserver/domains'):
dns[domain] = {
'MX': [
str(ip_interface(metadata.get('network/ipv4')).ip)
],
}
return {
'dns': dns,
}
@metadata_reactor.provides( @metadata_reactor.provides(
'letsencrypt/domains', 'letsencrypt/domains',
) )

25
bundles/network/metadata.py
View file

@ -5,28 +5,23 @@ from ipaddress import ip_interface
'interfaces', 'interfaces',
) )
def interfaces(metadata): def interfaces(metadata):
interface = {
'ips': [],
}
if metadata.get('network/ipv4', None):
interface['ips'].append(metadata.get('network/ipv4'))
interface['gateway4'] = metadata.get('network/gateway4')
if metadata.get('network/ipv6', None):
interface['ips'].append(metadata.get('network/ipv6'))
interface['gateway6'] = metadata.get('network/gateway6')
return { return {
'interfaces': { 'interfaces': {
metadata.get('network/interface'): interface, metadata.get('network/interface'): {
'ips': list(filter(None.__ne__, [
metadata.get('network/ipv4', None),
metadata.get('network/ipv6', None),
])),
'gateway4': metadata.get('network/gateway4', None),
'gateway6': metadata.get('network/gateway6', None),
},
} }
} }
@metadata_reactor.provides( @metadata_reactor.provides(
'network/gateway4', 'interfaces/gateway4',
'network/gateway6', 'interfaces/gateway6',
) )
def guess_gateway(metadata): def guess_gateway(metadata):
if metadata.get('network/gateway4', None): if metadata.get('network/gateway4', None):

1
bundles/nginx/metadata.py
View file

@ -1,4 +1,5 @@
from ipaddress import ip_interface from ipaddress import ip_interface
from bundlewrap.metadata import atomic
defaults = { defaults = {
'apt': { 'apt': {

6
bundles/opendkim/items.py
View file

@ -32,20 +32,20 @@ files = {
'/etc/opendkim/key_table': { '/etc/opendkim/key_table': {
'content_type': 'mako', 'content_type': 'mako',
'context': { 'context': {
'domains': node.metadata.get('mailserver/domains'), 'domains': node.metadata.get('opendkim/domains'),
}, },
**file_attributes, **file_attributes,
}, },
'/etc/opendkim/signing_table': { '/etc/opendkim/signing_table': {
'content_type': 'mako', 'content_type': 'mako',
'context': { 'context': {
'domains': node.metadata.get('mailserver/domains'), 'domains': node.metadata.get('opendkim/domains'),
}, },
**file_attributes, **file_attributes,
}, },
} }
for domain in node.metadata.get('mailserver/domains'): for domain in node.metadata.get('opendkim/domains'):
directories[f'/etc/opendkim/keys/{domain}'] = { directories[f'/etc/opendkim/keys/{domain}'] = {
**file_attributes, **file_attributes,
'purge': True, 'purge': True,

3
bundles/opendkim/metadata.py
View file

@ -13,6 +13,7 @@ defaults = {
}, },
}, },
'opendkim': { 'opendkim': {
'domains': [],
'keys': {}, 'keys': {},
}, },
'dns': { 'dns': {
@ -31,7 +32,7 @@ defaults = {
def keys(metadata): def keys(metadata):
keys = {} keys = {}
for domain in metadata.get('mailserver/domains'): for domain in metadata.get('opendkim/domains'):
if domain in metadata.get(f'opendkim/keys'): if domain in metadata.get(f'opendkim/keys'):
continue continue

1
groups/all.py
View file

@ -1 +0,0 @@
{}

3
groups/os/linux.py
View file

@ -1,7 +1,4 @@
{ {
'supergroups': [
'all',
],
'bundles': [ 'bundles': [
'network', 'network',
'systemd', 'systemd',

2
nodes/htz.mails.py
View file

@ -37,6 +37,8 @@
'mailserver': { 'mailserver': {
'hostname': 'mail2.sublimity.de', 'hostname': 'mail2.sublimity.de',
'admin_email': 'postmaster@sublimity.de', 'admin_email': 'postmaster@sublimity.de',
},
'opendkim': {
'domains': [ 'domains': [
'mail2.sublimity.de', 'mail2.sublimity.de',
# 'sublimity.de', # 'sublimity.de',