Parcourir la source

OpenDMARC running under Postgres (?)

Alex Payne il y a 9 ans
Parent
révision
2352d2d67e

+ 91
- 65
roles/mailserver/files/etc_opendmarc_import.sql Voir le fichier

@@ -1,89 +1,106 @@
1
---
1
+# Source: http://www.trusteddomain.org/pipermail/opendmarc-users/2015-February/000447.html
2 2
 
3
-USE opendmarc;
3
+START TRANSACTION;
4 4
 
5
-CREATE TABLE IF NOT EXISTS domains (
6
-        id INT NOT NULL AUTO_INCREMENT,
7
-        name VARCHAR(255) NOT NULL,
8
-        firstseen TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
5
+SET standard_conforming_strings=off;
6
+SET escape_string_warning=off;
7
+SET CONSTRAINTS ALL DEFERRED;
9 8
 
10
-        PRIMARY KEY(id),
11
-        UNIQUE KEY(name)
9
+CREATE TABLE "domains" (
10
+  "id" integer NOT NULL,
11
+  "name" varchar(510) NOT NULL,
12
+  "firstseen" timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
13
+  PRIMARY KEY ("id"),
14
+  UNIQUE ("name")
12 15
 );
13 16
 
14
-CREATE TABLE IF NOT EXISTS requests (
15
-        id INT NOT NULL AUTO_INCREMENT,
16
-        domain INT NOT NULL,
17
-        repuri VARCHAR(255) NOT NULL,
18
-        adkim TINYINT NOT NULL,
19
-        aspf TINYINT NOT NULL,
20
-        policy TINYINT NOT NULL,
21
-        spolicy TINYINT NOT NULL,
22
-        pct TINYINT NOT NULL,
23
-        locked TINYINT NOT NULL,
24
-        firstseen TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
25
-        lastsent TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00',
26
-
27
-        PRIMARY KEY(id),
28
-        KEY(lastsent),
29
-        UNIQUE KEY(domain)
17
+CREATE TABLE "ipaddr" (
18
+  "id" integer NOT NULL,
19
+  "addr" varchar(128) NOT NULL,
20
+  "firstseen" timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
21
+  PRIMARY KEY ("id"),
22
+  UNIQUE ("addr")
30 23
 );
31 24
 
32
-CREATE TABLE IF NOT EXISTS reporters (
33
-        id INT NOT NULL AUTO_INCREMENT,
34
-        name VARCHAR(255) NOT NULL,
35
-        firstseen TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
36
-
37
-        PRIMARY KEY(id),
38
-        UNIQUE KEY(name)
25
+CREATE TABLE "messages" (
26
+  "id" integer NOT NULL,
27
+  "date" timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
28
+  "jobid" varchar(256) NOT NULL,
29
+  "reporter" integer  NOT NULL,
30
+  "policy" tinyint(3)  NOT NULL,
31
+  "disp" tinyint(3)  NOT NULL,
32
+  "ip" integer  NOT NULL,
33
+  "env_domain" integer  NOT NULL,
34
+  "from_domain" integer  NOT NULL,
35
+  "policy_domain" integer  NOT NULL,
36
+  "spf" tinyint(3)  NOT NULL,
37
+  "align_dkim" tinyint(3)  NOT NULL,
38
+  "align_spf" tinyint(3)  NOT NULL,
39
+  "sigcount" tinyint(3)  NOT NULL,
40
+  PRIMARY KEY ("id"),
41
+  UNIQUE ("reporter", "date", "jobid")
39 42
 );
40 43
 
41
-CREATE TABLE IF NOT EXISTS ipaddr (
42
-	id INT NOT NULL AUTO_INCREMENT,
43
-	addr VARCHAR(64) NOT NULL,
44
-	firstseen TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
44
+CREATE TABLE "reporters" (
45
+  "id" integer NOT NULL,
46
+  "name" varchar(510) NOT NULL,
47
+  "firstseen" timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
48
+  PRIMARY KEY ("id"),
49
+  UNIQUE ("name")
50
+);
45 51
 
46
-	PRIMARY KEY(id),
47
-	UNIQUE KEY(addr)
52
+CREATE TABLE "requests" (
53
+  "id" integer NOT NULL,
54
+  "domain" integer NOT NULL,
55
+  "repuri" varchar(510) NOT NULL,
56
+  "adkim" tinyint(4) NOT NULL,
57
+  "aspf" tinyint(4) NOT NULL,
58
+  "policy" tinyint(4) NOT NULL,
59
+  "spolicy" tinyint(4) NOT NULL,
60
+  "pct" tinyint(4) NOT NULL,
61
+  "locked" tinyint(4) NOT NULL,
62
+  "firstseen" timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
63
+  "lastsent" timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
64
+  PRIMARY KEY ("id"),
65
+  UNIQUE ("domain")
48 66
 );
49 67
 
50
-CREATE TABLE IF NOT EXISTS messages (
51
-        id INT NOT NULL AUTO_INCREMENT,
52
-        date TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
53
-        jobid VARCHAR(128) NOT NULL,
54
-        reporter INT UNSIGNED NOT NULL,
55
-        policy TINYINT UNSIGNED NOT NULL,
56
-        disp TINYINT UNSIGNED NOT NULL,
57
-        ip INT UNSIGNED NOT NULL,
58
-        env_domain INT UNSIGNED NOT NULL,
59
-        from_domain INT UNSIGNED NOT NULL,
60
-        policy_domain INT UNSIGNED NOT NULL,
61
-        spf TINYINT UNSIGNED NOT NULL,
62
-        align_dkim TINYINT UNSIGNED NOT NULL,
63
-        align_spf TINYINT UNSIGNED NOT NULL,
64
-        sigcount TINYINT UNSIGNED NOT NULL,
65
-
66
-        PRIMARY KEY(id),
67
-        KEY(date),
68
-        UNIQUE KEY(reporter, date, jobid)
68
+CREATE TABLE "signatures" (
69
+  "id" integer NOT NULL,
70
+  "message" integer NOT NULL,
71
+  "domain" integer NOT NULL,
72
+  "pass" tinyint(4) NOT NULL,
73
+  "error" tinyint(4) NOT NULL,
74
+  PRIMARY KEY ("id")
69 75
 );
70 76
 
71
-CREATE TABLE IF NOT EXISTS signatures (
72
-        id INT NOT NULL AUTO_INCREMENT,
73
-        message INT NOT NULL,
74
-        domain INT NOT NULL,
75
-        pass TINYINT NOT NULL,
76
-        error TINYINT NOT NULL,
77
+COMMIT;
77 78
 
78
-        PRIMARY KEY(id),
79
-        KEY(message)
80
-);
79
+-- Sequences --
80
+START TRANSACTION;
81
+
82
+CREATE SEQUENCE domains_id_seq;
83
+SELECT setval('domains_id_seq', max(id)) FROM domains;
84
+ALTER TABLE "domains" ALTER COLUMN "id" SET DEFAULT nextval('domains_id_seq');
85
+
86
+CREATE SEQUENCE ipaddr_id_seq;
87
+SELECT setval('ipaddr_id_seq', max(id)) FROM ipaddr;
88
+ALTER TABLE "ipaddr" ALTER COLUMN "id" SET DEFAULT nextval('ipaddr_id_seq');
89
+
90
+CREATE SEQUENCE messages_id_seq;
91
+SELECT setval('messages_id_seq', max(id)) FROM messages;
92
+ALTER TABLE "messages" ALTER COLUMN "id" SET DEFAULT nextval('messages_id_seq');
93
+
94
+CREATE SEQUENCE reporters_id_seq;
95
+SELECT setval('reporters_id_seq', max(id)) FROM reporters;
96
+ALTER TABLE "reporters" ALTER COLUMN "id" SET DEFAULT nextval('reporters_id_seq');
97
+
98
+CREATE SEQUENCE requests_id_seq;
99
+SELECT setval('requests_id_seq', max(id)) FROM requests;
100
+ALTER TABLE "requests" ALTER COLUMN "id" SET DEFAULT nextval('requests_id_seq');
101
+
102
+CREATE SEQUENCE signatures_id_seq;
103
+SELECT setval('signatures_id_seq', max(id)) FROM signatures;
104
+ALTER TABLE "signatures" ALTER COLUMN "id" SET DEFAULT nextval('signatures_id_seq');
105
+
106
+COMMIT;

+ 4
- 0
roles/mailserver/handlers/main.yml Voir le fichier

@@ -14,6 +14,10 @@
14 14
   action: shell PGPASSWORD='{{ mail_db_password }}' psql -h localhost -d {{ mail_db_database }} -U {{ mail_db_username }} -f /etc/postfix/import.sql --set ON_ERROR_STOP=1
15 15
   notify: restart postfix
16 16
 
17
+- name: import sql opendmarc
18
+  action: shell PGPASSWORD='{{ mail_db_opendmarc_password }}' psql -h localhost -d {{ mail_db_opendmarc_database }} -U {{ mail_db_opendmarc_username }} -f /etc/opendmarc/import.sql --set ON_ERROR_STOP=1
19
+  notify: restart postfix
20
+
17 21
 - name: restart opendmarc
18 22
   service: name=opendmarc state=restarted
19 23
 

+ 1
- 1
roles/mailserver/tasks/main.yml Voir le fichier

@@ -1,7 +1,7 @@
1 1
 - include: postfix.yml tags=postfix
2 2
 - include: dovecot.yml tags=dovecot
3 3
 - include: opendkim.yml tags=opendkim
4
-- include: dmarc.yml tags=dmarc
4
+- include: opendmarc.yml tags=dmarc
5 5
 - include: rspamd.yml tags=rspamd
6 6
 - include: solr.yml tags=solr
7 7
 - include: checkrbl.yml tags=checkrbl

roles/mailserver/tasks/dmarc.yml → roles/mailserver/tasks/opendmarc.yml Voir le fichier

@@ -1,9 +1,9 @@
1 1
 - name: Install OpenDMARC milter and related packages
2 2
   apt: pkg={{ item }} state=installed update_cache=yes
3 3
   with_items:
4
-      - mysql-server
5
-      - python-mysqldb
6
-      - opendmarc
4
+    - postgresql
5
+    - python-psycopg2
6
+    - opendmarc
7 7
 
8 8
 - name: Copy OpenDMARC configuration file into place
9 9
   template: src=etc_opendmarc.conf.j2 dest=/etc/opendmarc.conf owner=root group=root
@@ -21,18 +21,15 @@
21 21
     - restart opendmarc
22 22
     - restart postfix
23 23
 
24
-- name: Copy OpenDMARC database schema file into place
25
-  copy: src=etc_opendmarc_import.sql dest=/etc/opendmarc/import.sql owner=root group=root
26
-
27 24
 - name: Create database user for OpenDMARC reports
28
-  mysql_user: user={{ mail_db_opendmarc_username }} password={{ mail_db_opendmarc_password }} state=present priv="opendmarc.*:ALL"
25
+  postgresql_user: login_host=localhost login_user={{ db_admin_username }} login_password="{{ db_admin_password }}" name={{ mail_db_opendmarc_username }} password="{{ mail_db_opendmarc_password }}" state=present
29 26
 
30 27
 - name: Create database for OpenDMARC reports
31
-  mysql_db: name={{ mail_db_opendmarc_database }} state=present
28
+  postgresql_db: login_host=localhost login_user={{ db_admin_username }} login_password="{{ db_admin_password }}" name={{ mail_db_opendmarc_database }} state=present owner={{ mail_db_opendmarc_username }}
32 29
 
33
-- name: Import database schema for OpenDMARC reports
34
-  mysql_db: name={{ mail_db_opendmarc_database }} state=import target=/etc/opendmarc/import.sql
35
-  tags: import_mysql_postfix
30
+- name: Copy OpenDMARC database schema file into place
31
+  copy: src=etc_opendmarc_import.sql dest=/etc/opendmarc/import.sql owner=root group=root mode=0600
32
+  notify: import sql opendmarc
36 33
 
37 34
 - name: Copy nightly OpenDMARC report generation script into place
38 35
   template: src=etc_opendmarc_report.sh.j2 dest=/etc/opendmarc/report.sh owner=root group=root mode="755"

Chargement…
Annuler
Enregistrer