Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Arch Linux
infrastructure
Commits
62276551
Commit
62276551
authored
Dec 30, 2020
by
Jelle van der Waa
🚧
Browse files
Merge branch 'fix-donate' into 'master'
use fetchmail for donor import See merge request
!248
parents
040595fe
8decc2e9
Pipeline
#4288
passed with stage
in 45 seconds
Changes
17
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
host_vars/archlinux.org
→
host_vars/archlinux.org
/misc
View file @
62276551
---
filesystem: btrfs
fetchmail_user: "donate@archlinux.org"
fetchmail_delivery_cmd: "/usr/local/bin/donor_import_wrapper.sh"
ipv4_address: "95.217.163.246"
ipv6_address: "2a01:4f9:c010:6b1f::1"
...
...
host_vars/archlinux.org/vault_archlinux.yml
0 → 100644
View file @
62276551
$ANSIBLE_VAULT;1.1;AES256
30343863353037356134636339633536323666663861393166653963303537303365656531643830
3862336361376565346630313638393632333931333939350a653338623261633739396464333236
30613562663166653039616433353239313164653233373531343734643934643962646662366264
3761663633333036310a363166343037616266613235343937343465646332666235333864396333
30623733346138393864666436376236663263393661623762366237626331356630373762666138
61386262623533326265613966356636666665643430386561343563306431623137313932643334
303930343963306437396165663235353739
host_vars/patchwork.archlinux.org/vault_patchwork.yml
View file @
62276551
$ANSIBLE_VAULT;1.1;AES256
3
8343839616266323863666465663431343935333663613637656139646631336431376131663764
3739393932303339353936313034313831633335316332620a38336431356633386237663637
366
3
3
13434396138343333383336333262323862
63
6
16
6653835
616
6
39363
16665363935366165346165
6433383735386261300a633862333661303639353734306333366233333237313162623562386130
3938306233313834323561313566303638
666663
65376266613
36
1
326
43139323239323938643932
353
4303434653435643765663833386238
623
0
32
3063376661333939633532306539333035316537
613
739623366326235356137623633386137
3
9323465346236343761323262393437336164613164653665626235386561383335396533373238
6432656264613366353930343763386534646131656361370a36633535613938353437323333
366
5
3
73930323562383139323666633832376
6316
232
616
4
39363
7303866333862353032303130353362
3933613433313964360a373739303336653333386332323638633335383337313334623635326266
62363863643166396530
666
3
663
13837346365306230
36326
3643335393334303034636332356538
353
065326434396232353139336335
623
2
32
64363431643232346662383639306438333238313766
613
838336337313665643837353135383063
playbooks/archlinux.org.yml
View file @
62276551
...
...
@@ -34,6 +34,7 @@
-
{
role
:
sudo
}
-
{
role
:
uwsgi
}
-
{
role
:
memcached
}
-
{
role
:
fetchmail
}
-
{
role
:
archweb
,
archweb_planet
:
true
}
-
{
role
:
fail2ban
}
-
{
role
:
prometheus_exporters
}
roles/archweb/defaults/main.yml
View file @
62276551
...
...
@@ -20,9 +20,7 @@ archweb_site: true
archweb_mirrorcheck
:
false
archweb_mirrorresolv
:
false
archweb_pgp_import
:
false
archweb_donor_import
:
false
archweb_planet
:
false
archweb_donor_maildir
:
'
/var/lib/archweb/donate'
archweb_populate_signoffs
:
false
archweb_keyring
:
'
/etc/pacman.d/gnupg/pubring.gpg'
archweb_reporead
:
false
...
...
roles/archweb/tasks/main.yml
View file @
62276551
...
...
@@ -204,37 +204,6 @@
-
daemon reload
when
:
archweb_site|bool
-
name
:
install donor_import service and timer
template
:
src="{{ item }}.j2" dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
with_items
:
-
archweb-donor_import.service
-
archweb-donor_import.timer
notify
:
-
daemon reload
when
:
archweb_donor_import|bool
-
name
:
create maildir dump dir
file
:
path={{ archweb_donor_maildir }}/{{ item }} recurse=yes state=directory owner=archweb group=users mode=0755
with_items
:
-
cur
-
new
when
:
archweb_donor_import|bool
-
name
:
install dump donor mail service and timer
template
:
src="{{ item }}.j2" dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
with_items
:
-
archweb-dump_donor_mail.service
-
archweb-dump_donor_mail.timer
notify
:
-
daemon reload
when
:
archweb_donor_import|bool
-
name
:
install archweb donor mail dump script
template
:
src="dump-mails.sh.j2" dest="/usr/local/bin/dump-mails.sh" owner=root group=root mode=0755
notify
:
-
daemon reload
when
:
archweb_donor_import|bool
-
name
:
deploy archweb
template
:
src=archweb.ini.j2 dest=/etc/uwsgi/vassals/archweb.ini owner=archweb group=http mode=0640
when
:
archweb_site|bool
...
...
@@ -283,16 +252,11 @@
service
:
name="archweb-rebuilderd.timer" enabled=yes state=started
when
:
archweb_site
-
name
:
start and enable archweb donor_import and archweb-dump_donor_mail timer
systemd
:
name
:
"
{{
item
}}"
enabled
:
yes
state
:
started
daemon_reload
:
yes
with_items
:
-
archweb-donor_import.timer
-
archweb-dump_donor_mail.timer
when
:
archweb_donor_import|bool
-
name
:
install donation import wrapper script
template
:
src=donor_import_wrapper.sh.j2 dest=/usr/local/bin/donor_import_wrapper.sh owner=root group=root mode=0755
-
name
:
install sudoer rights for fetchmail to call archweb django scripts
template
:
src=sudoers-fetchmail-archweb.j2 dest=/etc/sudoers.d/fetchmail-archweb owner=root group=root mode=0440
-
name
:
create retro dir
file
:
state=directory owner=archweb group=archweb mode=0755 path="{{ archweb_retro_dir }}"
...
...
roles/archweb/templates/archweb-donor_import.service.j2
deleted
100644 → 0
View file @
040595fe
[Unit]
Description=archweb donor_import service
After=network.target
[Service]
Type=oneshot
User=archweb
WorkingDirectory={{ archweb_dir }}
ExecStart={{ archweb_dir }}/env/bin/python manage.py donor_import {{ archweb_donor_maildir }}
Nice=5
[Install]
WantedBy=multi-user.target
roles/archweb/templates/archweb-donor_import.timer.j2
deleted
100644 → 0
View file @
040595fe
[Unit]
Description=archweb donor_import timer
[Timer]
OnUnitActiveSec=1w
OnBootSec=15min
RandomizedDelaySec=1h
[Install]
WantedBy=timers.target
roles/archweb/templates/archweb-dump_donor_mail.service.j2
deleted
100644 → 0
View file @
040595fe
[Unit]
Description=dump donate mail service
After=network.target
[Service]
Type=oneshot
ExecStart=/usr/local/bin/dump-mails.sh
Nice=5
[Install]
WantedBy=multi-user.target
roles/archweb/templates/archweb-dump_donor_mail.timer.j2
deleted
100644 → 0
View file @
040595fe
[Unit]
Description=dump donate mail timer
[Timer]
OnUnitActiveSec=1w
OnBootSec=15min
RandomizedDelaySec=1h
[Install]
WantedBy=timers.target
roles/archweb/templates/donor_import_wrapper.sh.j2
0 → 100644
View file @
62276551
#!/bin/bash
sudo
-u
archweb /usr/bin/env
PW_PYTHON
={{
archweb_dir
}}
/env/bin/python
{{
archweb_dir
}}
/manage.py donor_import
roles/archweb/templates/dump-mails.sh.j2
deleted
100755 → 0
View file @
040595fe
#!/bin/bash
set
-e
shopt
-s
nullglob
dump_mails
()
{
target_dir
=
"
$1
"
;
shift
date
=
$(
date
+%s
)
searchquery
=(
all
)
for
user
in
"
$@
"
;
do
mailcount
=
$(
doveadm search
-u
"
$user
"
"
${
searchquery
[@]
}
"
|
wc
-l
)
if
((
mailcount
>
0
))
;
then
echo
"dumping
$mailcount
mails from
$user
..."
>
&2
doveadm search
-u
"
$user
"
"
${
searchquery
[@]
}
"
|
while
read
guid uid
;
do
doveadm fetch
-u
"
$user
"
text mailbox-guid
"
$guid
"
uid
"
$uid
"
|
sed
'/^text:$/d; s#^\f$##'
>
"
$target_dir
/
$user
-
$date
-
$uid
.msg"
#doveadm expunge -u "$user" mailbox-guid "$guid" uid "$uid"
done
fi
done
}
dump_mails
"{{ archweb_donor_maildir }}/cur"
donate
roles/archweb/templates/sudoers-fetchmail-archweb.j2
0 → 100644
View file @
62276551
fetchmail ALL=(archweb) NOPASSWD: /usr/bin/env PW_PYTHON={{ archweb_dir }}/env/bin/python {{ archweb_dir }}/manage.py donor_import
roles/fetchmail/templates/fetchmailrc.j2
View file @
62276551
...
...
@@ -8,6 +8,6 @@ poll mail.archlinux.org
bad-header accept
proto imap
user {{ fetchmail_user }}
password {{
postfix_relay
_password }}
password {{
fetchmail
_password }}
options idle sslcertck ssl sslproto "TLS1.2+" limitflush limit 25000000 fetchall
mda "{{ fetchmail_delivery_cmd }}"
roles/patchwork/files/fetchmail-patchwork
deleted
100644 → 0
View file @
040595fe
fetchmail ALL=(patchwork) NOPASSWD: /usr/bin/env PW_PYTHON=/srv/http/patchwork/env/bin/python /srv/http/patchwork/patchwork/bin/parsemail.sh
roles/patchwork/tasks/main.yml
View file @
62276551
...
...
@@ -101,7 +101,7 @@
template
:
src="patchwork-parsemail-wrapper.sh.j2" dest="/usr/local/bin/patchwork-parsemail-wrapper.sh" owner=root group=root mode=0755
-
name
:
install sudoer rights for fetchmail to call patchwork
copy
:
src=
fetchmail-patchwork dest=/etc/sudoers.d/fetchmail-patchwork owner=root group=root mode=0440
template
:
src=sudoers-
fetchmail-patchwork
.j2
dest=/etc/sudoers.d/fetchmail-patchwork owner=root group=root mode=0440
-
name
:
install patchwork memcached service
template
:
src="patchwork-memcached.service.j2" dest="/etc/systemd/system/patchwork-memcached.service" owner=root group=root mode=0644
...
...
roles/patchwork/templates/sudoers-fetchmail-patchwork.j2
0 → 100644
View file @
62276551
fetchmail ALL=(patchwork) NOPASSWD: /usr/bin/env PW_PYTHON={{ patchwork_dir }}/env/bin/python {{ patchwork_dir }}/patchwork/bin/parsemail.sh
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment