[untested] sdcron: remove authentication when emailing
Arnaud DABY-SEESARAM
parent
eaf82a0920
commit
b4a878fff8
|
|
@ -1,20 +1,4 @@
|
|||
---
|
||||
- name: Temporarily store the password of the SMTP user
|
||||
template:
|
||||
src: tmppass.j2
|
||||
dst: /tmp/sdcron_pass
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Launch systemd-creds encrypt on the password for sdcron, and store the result in a variable
|
||||
command: systemd-creds --pretty --name=smtppass encrypt /tmp/sdcron_pass -
|
||||
register: creds
|
||||
|
||||
- name: Delete the password of the SMTP user
|
||||
file:
|
||||
state: absent
|
||||
path: /tmp/sdcron_pass
|
||||
|
||||
- name: Adding services to send status emails
|
||||
template:
|
||||
src: etc/systemd/system/{{ item }}@.service.j2
|
||||
|
|
|
|||
|
|
@ -4,7 +4,4 @@ Description=Sends failure mail for service %i
|
|||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/var/local/sendstatusmail.sh failure %i
|
||||
Environment="SMTP_PORT=465" "SMTP_USER=sdcron"
|
||||
{{{ creds.stdout_lines }}}
|
||||
# User / Group = ce qu'on veut en vrai
|
||||
|
||||
|
|
|
|||
|
|
@ -2,9 +2,9 @@
|
|||
Description=Timer for {{ item.name }}.
|
||||
|
||||
[Timer]
|
||||
{% if item.type == "intervalbased" %}
|
||||
{% if ( item.type | default("intervalbased") ) == "intervalbased" %}
|
||||
OnBootSec=5m
|
||||
OnUnitInactiveSec={{ item.interval }}
|
||||
OnUnitInactiveSec={{ item.interval | default ('12h') }}
|
||||
{% else %}
|
||||
OnCalendar={{ item.calendar }}
|
||||
{% endif %}
|
||||
|
|
|
|||
|
|
@ -4,6 +4,3 @@ Description=Sends success mail for service %i
|
|||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/var/local/sendstatusmail.sh success %i
|
||||
Environment="SMTP_PORT=465" "SMTP_USER=sdcron"
|
||||
{{{ creds.stdout_lines }}}
|
||||
# User / Group = ce qu'on veut en vrai
|
||||
|
|
|
|||
|
|
@ -1 +0,0 @@
|
|||
{{{ vault.sdcron.smtp_pass }}}
|
||||
|
|
@ -1,65 +1,21 @@
|
|||
#!/usr/bin/bash -ue
|
||||
|
||||
|
||||
# The script assumes that:
|
||||
# - SMTP_PORT and SMTP_USER are environment variables to store the port and account to use on the SMTP server.
|
||||
# - if authentication is to be used, credentials called smtppass and smtpuser is passed by sd.
|
||||
|
||||
|
||||
status="${1}"
|
||||
service_name="${2}"
|
||||
|
||||
|
||||
|
||||
## identification to use fot the mail server:
|
||||
# identifyme is set to 1 if authentication is possible, 0 otherwise
|
||||
|
||||
identifyme=1
|
||||
smtp_pass=$(systemd-creds cat smtppass) || identifyme=0
|
||||
smtp_user=$SMTP_USER
|
||||
smtp_port=$SMTP_PORT
|
||||
|
||||
smtp_server="redisdead.crans.org"
|
||||
smtp_rcpt="nounous@crans.org"
|
||||
email="sdcron@crans.org"
|
||||
|
||||
|
||||
## Write the email in a temporary file
|
||||
tmp=$(mktemp /tmp/mail.XXXXX)
|
||||
|
||||
echo "From: sdcron <sdcron@crans.org>
|
||||
To: nounous@crans.org
|
||||
/usr/bin/sendmail -t <<EOF
|
||||
To: ${smtp_rcpt}
|
||||
Subject: ${status} of the service ${service_name}.
|
||||
Date: $(date -R)
|
||||
|
||||
Salut, tout est dans le sujet $\ddot\smile$!
|
||||
Détails ci-dessous :
|
||||
$(systemctl status ${service_name}.service)
|
||||
|
||||
Cordialement,
|
||||
|
||||
--
|
||||
Cordialement
|
||||
|
||||
sdcron
|
||||
|
||||
" | tee "$tmp"
|
||||
|
||||
|
||||
|
||||
## Send the email
|
||||
case identifyme in
|
||||
0 )
|
||||
curl --ssl-reqd \
|
||||
--url "smtps://${smtp_server}:${smtp_port}" \
|
||||
--mail-from "${email}" \
|
||||
--mail-rcpt "${smtp_rcpt}" \
|
||||
--upload-file "$tmp"
|
||||
;;
|
||||
1 )
|
||||
curl --ssl-reqd \
|
||||
--url "smtps://${smtp_server}:${smtp_port}" \
|
||||
--user "${smtp_user}:${smtp_pass}" \
|
||||
--mail-from "${email}" \
|
||||
--mail-rcpt "${smtp_rcpt}" \
|
||||
--upload-file "$tmp"
|
||||
;;
|
||||
esac
|
||||
|
||||
rm "$tmp"
|
||||
EOF
|
||||
|
|
|
|||
Loading…
Reference in New Issue