Browse Source

OpenDMARC running under Postgres (?)

Alex Payne 9 years ago
parent
commit
2352d2d67e

+ 91
- 65
roles/mailserver/files/etc_opendmarc_import.sql View File

1
---
1
+# Source: http://www.trusteddomain.org/pipermail/opendmarc-users/2015-February/000447.html
2
 
2
 
3
-USE opendmarc;
3
+START TRANSACTION;
4
 
4
 
5
-CREATE TABLE IF NOT EXISTS domains (
6
-        id INT NOT NULL AUTO_INCREMENT,
7
-        name VARCHAR(255) NOT NULL,
8
-        firstseen TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
5
+SET standard_conforming_strings=off;
6
+SET escape_string_warning=off;
7
+SET CONSTRAINTS ALL DEFERRED;
9
 
8
 
10
-        PRIMARY KEY(id),
11
-        UNIQUE KEY(name)
9
+CREATE TABLE "domains" (
10
+  "id" integer NOT NULL,
11
+  "name" varchar(510) NOT NULL,
12
+  "firstseen" timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
13
+  PRIMARY KEY ("id"),
14
+  UNIQUE ("name")
12
 );
15
 );
13
 
16
 
14
-CREATE TABLE IF NOT EXISTS requests (
15
-        id INT NOT NULL AUTO_INCREMENT,
16
-        domain INT NOT NULL,
17
-        repuri VARCHAR(255) NOT NULL,
18
-        adkim TINYINT NOT NULL,
19
-        aspf TINYINT NOT NULL,
20
-        policy TINYINT NOT NULL,
21
-        spolicy TINYINT NOT NULL,
22
-        pct TINYINT NOT NULL,
23
-        locked TINYINT NOT NULL,
24
-        firstseen TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
25
-        lastsent TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00',
26
-
27
-        PRIMARY KEY(id),
28
-        KEY(lastsent),
29
-        UNIQUE KEY(domain)
17
+CREATE TABLE "ipaddr" (
18
+  "id" integer NOT NULL,
19
+  "addr" varchar(128) NOT NULL,
20
+  "firstseen" timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
21
+  PRIMARY KEY ("id"),
22
+  UNIQUE ("addr")
30
 );
23
 );
31
 
24
 
32
-CREATE TABLE IF NOT EXISTS reporters (
33
-        id INT NOT NULL AUTO_INCREMENT,
34
-        name VARCHAR(255) NOT NULL,
35
-        firstseen TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
36
-
37
-        PRIMARY KEY(id),
38
-        UNIQUE KEY(name)
25
+CREATE TABLE "messages" (
26
+  "id" integer NOT NULL,
27
+  "date" timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
28
+  "jobid" varchar(256) NOT NULL,
29
+  "reporter" integer  NOT NULL,
30
+  "policy" tinyint(3)  NOT NULL,
31
+  "disp" tinyint(3)  NOT NULL,
32
+  "ip" integer  NOT NULL,
33
+  "env_domain" integer  NOT NULL,
34
+  "from_domain" integer  NOT NULL,
35
+  "policy_domain" integer  NOT NULL,
36
+  "spf" tinyint(3)  NOT NULL,
37
+  "align_dkim" tinyint(3)  NOT NULL,
38
+  "align_spf" tinyint(3)  NOT NULL,
39
+  "sigcount" tinyint(3)  NOT NULL,
40
+  PRIMARY KEY ("id"),
41
+  UNIQUE ("reporter", "date", "jobid")
39
 );
42
 );
40
 
43
 
41
-CREATE TABLE IF NOT EXISTS ipaddr (
42
-	id INT NOT NULL AUTO_INCREMENT,
43
-	addr VARCHAR(64) NOT NULL,
44
-	firstseen TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
44
+CREATE TABLE "reporters" (
45
+  "id" integer NOT NULL,
46
+  "name" varchar(510) NOT NULL,
47
+  "firstseen" timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
48
+  PRIMARY KEY ("id"),
49
+  UNIQUE ("name")
50
+);
45
 
51
 
46
-	PRIMARY KEY(id),
47
-	UNIQUE KEY(addr)
52
+CREATE TABLE "requests" (
53
+  "id" integer NOT NULL,
54
+  "domain" integer NOT NULL,
55
+  "repuri" varchar(510) NOT NULL,
56
+  "adkim" tinyint(4) NOT NULL,
57
+  "aspf" tinyint(4) NOT NULL,
58
+  "policy" tinyint(4) NOT NULL,
59
+  "spolicy" tinyint(4) NOT NULL,
60
+  "pct" tinyint(4) NOT NULL,
61
+  "locked" tinyint(4) NOT NULL,
62
+  "firstseen" timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
63
+  "lastsent" timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
64
+  PRIMARY KEY ("id"),
65
+  UNIQUE ("domain")
48
 );
66
 );
49
 
67
 
50
-CREATE TABLE IF NOT EXISTS messages (
51
-        id INT NOT NULL AUTO_INCREMENT,
52
-        date TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
53
-        jobid VARCHAR(128) NOT NULL,
54
-        reporter INT UNSIGNED NOT NULL,
55
-        policy TINYINT UNSIGNED NOT NULL,
56
-        disp TINYINT UNSIGNED NOT NULL,
57
-        ip INT UNSIGNED NOT NULL,
58
-        env_domain INT UNSIGNED NOT NULL,
59
-        from_domain INT UNSIGNED NOT NULL,
60
-        policy_domain INT UNSIGNED NOT NULL,
61
-        spf TINYINT UNSIGNED NOT NULL,
62
-        align_dkim TINYINT UNSIGNED NOT NULL,
63
-        align_spf TINYINT UNSIGNED NOT NULL,
64
-        sigcount TINYINT UNSIGNED NOT NULL,
65
-
66
-        PRIMARY KEY(id),
67
-        KEY(date),
68
-        UNIQUE KEY(reporter, date, jobid)
68
+CREATE TABLE "signatures" (
69
+  "id" integer NOT NULL,
70
+  "message" integer NOT NULL,
71
+  "domain" integer NOT NULL,
72
+  "pass" tinyint(4) NOT NULL,
73
+  "error" tinyint(4) NOT NULL,
74
+  PRIMARY KEY ("id")
69
 );
75
 );
70
 
76
 
71
-CREATE TABLE IF NOT EXISTS signatures (
72
-        id INT NOT NULL AUTO_INCREMENT,
73
-        message INT NOT NULL,
74
-        domain INT NOT NULL,
75
-        pass TINYINT NOT NULL,
76
-        error TINYINT NOT NULL,
77
+COMMIT;
77
 
78
 
78
-        PRIMARY KEY(id),
79
-        KEY(message)
80
-);
79
+-- Sequences --
80
+START TRANSACTION;
81
+
82
+CREATE SEQUENCE domains_id_seq;
83
+SELECT setval('domains_id_seq', max(id)) FROM domains;
84
+ALTER TABLE "domains" ALTER COLUMN "id" SET DEFAULT nextval('domains_id_seq');
85
+
86
+CREATE SEQUENCE ipaddr_id_seq;
87
+SELECT setval('ipaddr_id_seq', max(id)) FROM ipaddr;
88
+ALTER TABLE "ipaddr" ALTER COLUMN "id" SET DEFAULT nextval('ipaddr_id_seq');
89
+
90
+CREATE SEQUENCE messages_id_seq;
91
+SELECT setval('messages_id_seq', max(id)) FROM messages;
92
+ALTER TABLE "messages" ALTER COLUMN "id" SET DEFAULT nextval('messages_id_seq');
93
+
94
+CREATE SEQUENCE reporters_id_seq;
95
+SELECT setval('reporters_id_seq', max(id)) FROM reporters;
96
+ALTER TABLE "reporters" ALTER COLUMN "id" SET DEFAULT nextval('reporters_id_seq');
97
+
98
+CREATE SEQUENCE requests_id_seq;
99
+SELECT setval('requests_id_seq', max(id)) FROM requests;
100
+ALTER TABLE "requests" ALTER COLUMN "id" SET DEFAULT nextval('requests_id_seq');
101
+
102
+CREATE SEQUENCE signatures_id_seq;
103
+SELECT setval('signatures_id_seq', max(id)) FROM signatures;
104
+ALTER TABLE "signatures" ALTER COLUMN "id" SET DEFAULT nextval('signatures_id_seq');
105
+
106
+COMMIT;

+ 4
- 0
roles/mailserver/handlers/main.yml View File

14
   action: shell PGPASSWORD='{{ mail_db_password }}' psql -h localhost -d {{ mail_db_database }} -U {{ mail_db_username }} -f /etc/postfix/import.sql --set ON_ERROR_STOP=1
14
   action: shell PGPASSWORD='{{ mail_db_password }}' psql -h localhost -d {{ mail_db_database }} -U {{ mail_db_username }} -f /etc/postfix/import.sql --set ON_ERROR_STOP=1
15
   notify: restart postfix
15
   notify: restart postfix
16
 
16
 
17
+- name: import sql opendmarc
18
+  action: shell PGPASSWORD='{{ mail_db_opendmarc_password }}' psql -h localhost -d {{ mail_db_opendmarc_database }} -U {{ mail_db_opendmarc_username }} -f /etc/opendmarc/import.sql --set ON_ERROR_STOP=1
19
+  notify: restart postfix
20
+
17
 - name: restart opendmarc
21
 - name: restart opendmarc
18
   service: name=opendmarc state=restarted
22
   service: name=opendmarc state=restarted
19
 
23
 

+ 1
- 1
roles/mailserver/tasks/main.yml View File

1
 - include: postfix.yml tags=postfix
1
 - include: postfix.yml tags=postfix
2
 - include: dovecot.yml tags=dovecot
2
 - include: dovecot.yml tags=dovecot
3
 - include: opendkim.yml tags=opendkim
3
 - include: opendkim.yml tags=opendkim
4
-- include: dmarc.yml tags=dmarc
4
+- include: opendmarc.yml tags=dmarc
5
 - include: rspamd.yml tags=rspamd
5
 - include: rspamd.yml tags=rspamd
6
 - include: solr.yml tags=solr
6
 - include: solr.yml tags=solr
7
 - include: checkrbl.yml tags=checkrbl
7
 - include: checkrbl.yml tags=checkrbl

roles/mailserver/tasks/dmarc.yml → roles/mailserver/tasks/opendmarc.yml View File

1
 - name: Install OpenDMARC milter and related packages
1
 - name: Install OpenDMARC milter and related packages
2
   apt: pkg={{ item }} state=installed update_cache=yes
2
   apt: pkg={{ item }} state=installed update_cache=yes
3
   with_items:
3
   with_items:
4
-      - mysql-server
5
-      - python-mysqldb
6
-      - opendmarc
4
+    - postgresql
5
+    - python-psycopg2
6
+    - opendmarc
7
 
7
 
8
 - name: Copy OpenDMARC configuration file into place
8
 - name: Copy OpenDMARC configuration file into place
9
   template: src=etc_opendmarc.conf.j2 dest=/etc/opendmarc.conf owner=root group=root
9
   template: src=etc_opendmarc.conf.j2 dest=/etc/opendmarc.conf owner=root group=root
21
     - restart opendmarc
21
     - restart opendmarc
22
     - restart postfix
22
     - restart postfix
23
 
23
 
24
-- name: Copy OpenDMARC database schema file into place
25
-  copy: src=etc_opendmarc_import.sql dest=/etc/opendmarc/import.sql owner=root group=root
26
-
27
 - name: Create database user for OpenDMARC reports
24
 - name: Create database user for OpenDMARC reports
28
-  mysql_user: user={{ mail_db_opendmarc_username }} password={{ mail_db_opendmarc_password }} state=present priv="opendmarc.*:ALL"
25
+  postgresql_user: login_host=localhost login_user={{ db_admin_username }} login_password="{{ db_admin_password }}" name={{ mail_db_opendmarc_username }} password="{{ mail_db_opendmarc_password }}" state=present
29
 
26
 
30
 - name: Create database for OpenDMARC reports
27
 - name: Create database for OpenDMARC reports
31
-  mysql_db: name={{ mail_db_opendmarc_database }} state=present
28
+  postgresql_db: login_host=localhost login_user={{ db_admin_username }} login_password="{{ db_admin_password }}" name={{ mail_db_opendmarc_database }} state=present owner={{ mail_db_opendmarc_username }}
32
 
29
 
33
-- name: Import database schema for OpenDMARC reports
34
-  mysql_db: name={{ mail_db_opendmarc_database }} state=import target=/etc/opendmarc/import.sql
35
-  tags: import_mysql_postfix
30
+- name: Copy OpenDMARC database schema file into place
31
+  copy: src=etc_opendmarc_import.sql dest=/etc/opendmarc/import.sql owner=root group=root mode=0600
32
+  notify: import sql opendmarc
36
 
33
 
37
 - name: Copy nightly OpenDMARC report generation script into place
34
 - name: Copy nightly OpenDMARC report generation script into place
38
   template: src=etc_opendmarc_report.sh.j2 dest=/etc/opendmarc/report.sh owner=root group=root mode="755"
35
   template: src=etc_opendmarc_report.sh.j2 dest=/etc/opendmarc/report.sh owner=root group=root mode="755"

Loading…
Cancel
Save