From 8afd75543eee1531e72957ed44e0fdcfaf395e00 Mon Sep 17 00:00:00 2001 From: Akos Balla Date: Wed, 24 Apr 2024 22:53:54 +0200 Subject: [PATCH] fix cyrus backup --- TODO.md | 1 - tasks/backups.yml | 11 +++++++---- templates/ldap/fix_domain_aci.ldif.j2 | 4 ++-- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/TODO.md b/TODO.md index 1dbae9f..b051d68 100644 --- a/TODO.md +++ b/TODO.md @@ -2,7 +2,6 @@ List of things not implemented yet, but planned -* create not-yet-exising-in-OS users in LDAP * if possible, configure `adduser` and so to work on LDAP * authenticate Apache admin sites via LDAP * confirm if PostfixAdmin is needed at all diff --git a/tasks/backups.yml b/tasks/backups.yml index 6874b54..e0f1712 100644 --- a/tasks/backups.yml +++ b/tasks/backups.yml @@ -37,8 +37,7 @@ - { name: "opendkim", paths: ["/etc/opendkim", "/etc/opendkim.conf"], service: True } - { name: "opendmarc", paths: ["/etc/opendmarc", "/etc/opendmarc.conf"], service: True } - { name: "kolab", paths: ["/etc/kolab"] } - - { name: "cyrus-imap", paths: ["/etc/imap"] } - - { name: "cyrus-imap", paths: ["/etc/cyrus-imap"], service: True } + - { name: "cyrus-imap", paths: ["/etc/imap", "/etc/cyrus-imap"], service: True } # - { name: "postfix", paths: ["/etc/postfix", "/etc/mail/postfixadmin", "/var/vmail"], service: True } - { name: "postfix", paths: ["/etc/postfix", "/var/vmail"], service: True } - { name: "ssl", paths: ["/etc/letsencrypt"] } @@ -114,7 +113,7 @@ - wg_vpn - name: Restore backups tags: restore - when: mariadb_backup_path is defined or ldap_backup_path is defined or opendkim_backup_path is defined or opendmarc_backup_path is defined or vsftpd_backup_path is defined or ssl_backup_path is defined or kolab_backup_path is defined or cyrus-imap_backup_path is defined or postfix_backup_path is defined or pdns_backup_path is defined or wg_vpn_backup_path is defined + when: mariadb_backup_path is defined or ldap_backup_path is defined or opendkim_backup_path is defined or opendmarc_backup_path is defined or vsftpd_backup_path is defined or ssl_backup_path is defined or kolab_backup_path is defined or imap_backup_path is defined or postfix_backup_path is defined or pdns_backup_path is defined or wg_vpn_backup_path is defined block: - name: Prepare MariaDB backup when: mariadb_backup_path is defined @@ -183,6 +182,11 @@ # ansible.builtin.command: "dsctl {{ mailserver_hostname }} start" register: start_ldap_server changed_when: start_ldap_server.rc == 0 + - name: Restore service tarball backups + ansible.builtin.include_tasks: restore_service_tarball_backup.yml + vars: + service: cyrus-imap + service_backup_path: "{{ imap_backup_path }}" - name: Restore service tarball backups ansible.builtin.include_tasks: restore_service_tarball_backup.yml vars: @@ -194,7 +198,6 @@ - opendmarc - vsftpd - kolab - - cyrus-imap - postfix - pdns - wg_vpn diff --git a/templates/ldap/fix_domain_aci.ldif.j2 b/templates/ldap/fix_domain_aci.ldif.j2 index 1924ed8..f2e9930 100644 --- a/templates/ldap/fix_domain_aci.ldif.j2 +++ b/templates/ldap/fix_domain_aci.ldif.j2 @@ -1,4 +1,4 @@ -dn: cn=kolab,cn=config +dn: associateddomain={{ mailserver_domain }},cn=kolab,cn=config changetype: modify add: aci -aci: (targetattr = "*") (version 3.0;acl "Admin Access for {{ users | selectattr('name', 'equalto', mailserver_admin_user) | map(attribute='name') | first}} at {{ mailserver_domain }}";allow (all)(userdn = "ldap:///uid={{ users | selectattr('name', 'equalto', mailserver_admin_user) | map(attribute='name') | first}},dc={{ mailserver_domain | split('.') | join(',dc=') }}");) +aci: (targetattr = "*") (version 3.0;acl "Admin Access for {{ users | selectattr('name', 'equalto', mailserver_admin_user) | map(attribute='name') | first}} at {{ mailserver_domain }}";allow (all)(userdn = "ldap:///uid={{ users | selectattr('name', 'equalto', mailserver_admin_user) | map(attribute='name') | first}},ou=people,dc={{ mailserver_domain | split('.') | join(',dc=') }}");)