update--

2026-02-09 14:23:32 +01:00
parent 8fe4047694
commit b6097221e7
31 changed files with 47 additions and 5911 deletions
--- a/roles/common/files/o13-mail/etc/postfix/header_checks.pcre
+++ b/roles/common/files/o13-mail/etc/postfix/header_checks.pcre
@@ -1,43 +0,0 @@
-# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
-
-# ---
-# - Replace headers
-
-# - Replace recieved from IPv4 / IPv6 header - hide senders IP address and also 'Authenticated sender'
-#
-/^Received: from (.* \([-._[:alnum:]]+ \[[.[:digit:]]{7,15}\]\))(.*)\(Authenticated sender: ([^)]+)\)(.*)/ REPLACE Received: from anonymized.ipv4 (localhost [127.0.0.1])$2(Authenticated sender: hidden)$4
-#
-/^Received: from (.*IP[vV]6:(([0-9a-f]{0,4}:){1,7}[0-9a-f]{1,4})\]\){0,1})(.*)\(Authenticated sender: ([^)]+)\)(.*)/ REPLACE Received: from anonymized.ipv6 (localhost [::1])$4(Authenticated sender: hidden)$6
-
-# - Replace recieved from IPv4 / IPv6 header - hide only sender IP address
-#
-#/^Received: from (.* \([-._[:alnum:]]+ \[[.[:digit:]]{7,15}\]\))(.*)\(Authenticated sender: (.*) / REPLACE Received: from anonymized.ipv4 (localhost [127.0.0.1])$2(Authenticated sender: $3
-
-#/^Received: from (.*IP[vV]6:(([0-9a-f]{0,4}:){1,7}[0-9a-f]{1,4})\]\){0,1})(.*)\(Authenticated sender: (.*) / REPLACE Received: from anonymized.ipv6 (localhost [::1])$4(Authenticated sender: $5
-
-# ---
-# - Ignore Headers
-# ---
-
-#/^\s*User-Agent/        IGNORE
-#/^\s*X-Enigmail/        IGNORE
-#/^\s*X-Mailer/          IGNORE
-#/^\s*X-Originating-IP/  IGNORE
-
-
-# ---
-# - Reject / Discard headers
-# ---
-
-/^To:.*<>/                    REJECT Possible SPAM Blank email address To: header - Header-Spamschutzregel T0-1001
-
-/\(envelope-from <>\)/        REJECT Possible SPAM - Header-Spamschutzregel RECIEV-1001
-
-/^Reply-To: .+\@inx1and1\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1001
-
-/^From:.*<>/                  REJECT Possible SPAM - Header-Spamschutzregel FROM-1001
-
-/^Date: .* 19[0-9][0-9]/      REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1001
-/^Date: .* 200[0-9]/          REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1002
-/^Date: .* 201[0-9]/          REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1003
-/^Date: .* 2020/              REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1004
--- a/roles/common/files/o13-mail/root/bin/monitoring/conf/check_webservice_load.conf
+++ b/roles/common/files/o13-mail/root/bin/monitoring/conf/check_webservice_load.conf
@@ -1,178 +0,0 @@
-# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
-
-#---------------------------------------
-#-----------------------------
-# Settings
-#-----------------------------
-#---------------------------------------
-
-
-# ---
-# - LOGGING
-# -
-# - This Parameter is now obsolete. If script is running in a terminal, then output ist verbose,
-# - the output will be verbos. If running as cronjob, output will only be written, if warnings or 
-# - errors occurs.
-# ---
-
-
-# - What to check
-# -
-check_load=true
-check_mysql=false
-
-# - PostgreSQL
-# -
-# - NOT useful, if more than one PostgreSQL instances are running!
-# -
-check_postgresql=true
-
-check_apache=true
-check_nginx=false
-check_php_fpm=true
-check_redis=false
-check_website=false
-
-# - If service is not listen on 127.0.0.1/loclhost, curl check must
-# - be ommited
-# -
-# - Defaults to: ommit_curl_check_nginx=false
-# -
-#ommit_curl_check_nginx=false
-
-# - Is this a vserver guest machine?
-# -
-# - Not VSerber guest host does not support systemd!
-# -
-# - defaults to: vserver_guest=false
-# -
-#vserver_guest=false
-
-
-# - Additional Settings for check_mysql
-# -
-# - MySQL / MariaDB credentials
-# -
-# - Giving password on command line is insecure an sind mysql 5.5
-# - you will get a warning doing so.
-# - 
-# - Reading username/password fro file ist also possible, using MySQL/MariaDB
-# - commandline parameter '--defaults-file'.
-# - 
-# - Since Mysql Version 5.6, you can read username/password from
-# - encrypted file.
-# -
-# -    Create (encrypted) option file:
-# -    $ mysql_config_editor set --login-path=local --socket=/tmp/mysql.sock  --user=root --password
-# -    $ Password:
-# -
-# -    Use of option file:
-# -    $ mysql --login-path=local ...
-# -
-# - Example
-# -    mysql_credential_args="--login-path=local"
-# -    mysql_credential_args="--defaults-file=/etc/mysql/debian.cnf" (Debian default)
-# -    mysql_credential_args="--defaults-file=/usr/local/mysql/sys-maint.cnf"
-# -
-mysql_credential_args=""
-
-
-# - Additional Settings for check_php_fpm
-# -
-# - On Linux Vserver System set
-# -    curl_check_host=localhost
-# -
-# - On LX-Container set
-# -    curl_check_host=127.0.0.1
-# -
-curl_check_host=127.0.0.1
-
-# - Which PHP versions should be supported by this script. If more than one,
-# - give a blank separated list
-# -
-# - Example:
-# -    php_versions="5.4 5.6 7.0 7.1"
-# -
-php_versions="8.2"
-
-# - If PHP-FPM's ping.path setting does not match ping-$php_major_version,
-# - set the value given in your ping.path setting here. Give ping_path also
-# - the concerning php_version in form
-# -    <php-version>:<ping-path>
-# -
-# - Multiple settings are possible, give a blank separated list.
-# -
-# - Example:
-# -
-# -    ping_path="5.4:ping-site36_net 5.6:ping-oopen_de"
-# -
-ping_path=""
-
-
-# - Additional Settings for check_website - checking (expected) website response
-# -
-# - example:
-# -    is_working_url="https://www.outoflineshop.de/"
-# -    check_string='ool-account-links'
-# -    include_cleanup_function=true
-# -    extra_alert_address="ilker@so36.net"
-# -    cleanup_function='
-# -    rm -rf /var/www/www.outoflineshop.de/htdocs/var/cache/*
-# -    rm -rf /var/www/www.outoflineshop.de/htdocs/var/session/*
-# -    /usr/local/bin/redis-cli flushall > /dev/null 2>&1
-# -    if [[ "$?" = "0" ]]; then
-# -       ok "I have cleaned up directory \"/var/www/www.outoflineshop.de/htdocs/var/cache/\""
-# -    else
-# -       error "Cleaning up directory \"/var/www/www.outoflineshop.de/htdocs/var/cache/\" failed!"
-# -     fi
-# -    /etc/init.d/redis_6379 restart
-# -    if [[ "$?" = "0" ]]; then
-# -       ok "I restarted the redis service"
-# -       echo -e "\t[ Ok ]:    I restarted the redis service" >> $LOCK_DIR/extra_msg.txt
-# -    else
-# -       error "Restarting the redis server failed!"
-# -       echo -e "\t[ Error ]: Restarting the redis server failed!" >> $LOCK_DIR/extra_msg.txt
-# -    fi
-# -    '
-# -
-is_working_url=''
-
-check_string=''
-
-include_cleanup_function=true
-
-# - An extra e-mail address, which will be informed, if the given check URL
-# - does not response as expected (check_string) AFTER script checking, restarting
-# - servervices (webserver, php-fpm) and cleaning up (cleanup_function) was done.
-# -
-extra_alert_address=''
-
-# - php_version_of_working_url
-# -
-# - If given website (is_working_url) does not response as expected, this PHP FPM
-# - engines will be restarted.
-# -
-# - Type "None" if site does not support php
-# -
-# - If php_version_of_working_url is not set, PHP FPM processes of ALL versions (php_versions)
-# - will be restarted
-# -
-php_version_of_working_url=''
-
-# - Notice:
-# - If single qoutes "'" not needed inside cleanup function, then use single quotes
-# - to enclose variable "cleanup_function". Then you don't have do masquerade any 
-# - sign inside.
-# -
-# - Otherwise use double quotes and masq any sign to prevent bash from interpreting.
-# -
-cleanup_function='
-'
-
-
-# - E-Mail settings for sending script messages
-# -
-from_address="root@`hostname -f`"
-content_type='Content-Type: text/plain;\n charset="utf-8"'
-to_addresses="root"
-