postfix: fix stage path (#568)

- provision/*: replace many '|| exit' with 'set -e'
- *: git-lite -> git-tiny
- base: configure dma if available, skip ssmtp
- base: added assure_jail_nic, add devfs to fstab
- base: add TOASTER_BASE_PKGS, so a config options installs packages in the base jail
- dcc: add PF rdr and allow rules
- dns: create dns/control, use `set -e`
- dovecot & mongo: add sysvipc to JAIL_START_EXTRA
- dovecot: test IMAP & POP3 auth with curl
- editor: move vim config into include/editor
- editor: added TOASTER_EDITOR setting
- elastic: add post_configure()
- elastic: config stage to work
- elastic: check for dir before create
- elastic: install beats *after* testing ES & kibana
- elastic: kibana registration hoop jumping
- elastic: set correct kibana rc name
- haproxy: add pf allow rules
- host: direct error handling in plumb_nic
- host: quieter hosts
- mongo: set local db and config *after* testing
- mongo: on amd64, check for CPU with AVX support
- mta stuff into include/mta (sendmail, dma, ssmtp)
  - added TOASTER_BASE_MTA setting
  - host: use include/mta
- mt: remove lesser known / deprecated opts
- mt: use safe name for jails .conf file
- mt: more error handling
- mt: inline pfrule.sh
- mt: added jail_is_running
- mt: overwrite pfrule.sh (not append)
- mt: refactored `stop_jail`
- nagios: allow raw sockets
- postfix: fix stage path
- postfix: use port installed newaliases cmd
- rsnapshot: move * outside of quotes so glob works
- shell: add jexecl
- tinydns: refactor djb installers into include/djb
- tinydns: install djbdns from source (port deleted)
- unifi: install v8, and openjdk17
- vpopmail: switch back to port build
- vpopmail: install gmake port sooner
- vpopmail: get random pass w/o special shell chars
- add bats tests
- add vmactions/freebsd, disabled b/c slow (~3m)

.github/workflows/ci.yml

@@ -14,3 +14,39 @@ jobs:
       uses: ludeeus/action-shellcheck@master
       env:
         SHELLCHECK_OPTS: -s bash -e SC1004,SC1091,SC2009,SC2016,SC2039,SC2086,SC2119,SC2153
+
+  bats:
+    name: Bats
+    runs-on: ubuntu-latest
+    steps:
+    - name: checkout
+      uses: actions/checkout@v4
+    - name: Setup Bats
+      run: git submodule update --init --recursive
+    - name: bats test
+      run: ./test/bats/bin/bats test
+
+  freebsd:
+    if: false
+    runs-on: ubuntu-latest
+    name: FreeBSD
+    env:
+      MYTOKEN : ${{ secrets.MYTOKEN }}
+      MYTOKEN2: "value2"
+    steps:
+    - uses: actions/checkout@v4
+    - name: Test in FreeBSD
+      id: test
+      uses: vmactions/freebsd-vm@v1
+      with:
+        envs: 'MYTOKEN MYTOKEN2'
+        usesh: true
+        prepare: |
+          pkg install -y curl
+
+        run: |
+          pwd
+          ls -lah
+          whoami
+          env
+          freebsd-version

.gitmodules

@@ -0,0 +1,9 @@
+[submodule "test/bats"]
+	path = test/bats
+	url = https://github.com/bats-core/bats-core.git
+[submodule "test/test_helper/bats-support"]
+	path = test/test_helper/bats-support
+	url = https://github.com/bats-core/bats-support.git
+[submodule "test/test_helper/bats-assert"]
+	path = test/test_helper/bats-assert
+	url = https://github.com/bats-core/bats-assert.git

include/djb.sh

@@ -54,7 +54,6 @@ cd djbdns-1.05
 xzcat ../djbdns-1.05-test32.diff.xz | patch
 echo "cc" > conf-cc
 echo 'cc -s' > conf-ld
-#sed -i .bak -e 's/uint16.h/uint16.h uint32.h/g' Makefile
 sed -i .bak -e 's/"\/"/auto_home/; s/02755/0755/g' hier.c
 fetch -q -o - https://www.internic.net/domain/named.root \
     | grep ' A ' \

include/editor.sh

@@ -0,0 +1,88 @@
+#!/bin/sh
+
+configure_vim_tiny()
+{
+	if jail_is_running stage; then
+		stage_pkg_install vim-tiny
+	else
+		pkg install vim-tiny
+	fi
+
+	install_vimrc
+
+	# vim-tiny has no syntax or color files, so disable some stuff
+	sed -i '' \
+		-e 's/^syntax on/" syntax on/' \
+		-e 's/^colorscheme/" colorscheme/' \
+		-e 's/^set number/" set number/' \
+		-e 's/^set cursorline/" set cursorline/' \
+		-e 's/^set relativenumber/" set relativenumber/' \
+		"$_base/vimrc"
+}
+
+configure_vim()
+{
+	if jail_is_running stage; then
+		stage_pkg_install vim
+	else
+		pkg install vim
+	fi
+
+	install_vimrc
+
+	sed -i '' \
+		-e 's/set termguicolors/" set termguicolors/' \
+		-e 's/^set number/" set number/' \
+		-e 's/^set cursorline/" set cursorline/' \
+		-e 's/^set relativenumber/" set relativenumber/' \
+		"$_base/vimrc"
+
+	if fetch -m -o /usr/local/share/vim/vim91/colors/gruvbox.vim https://raw.githubusercontent.com/morhetz/gruvbox/master/colors/gruvbox.vim;
+	then
+		sed -i '' \
+			-e 's/^colorscheme.*/colorscheme gruvbox/' \
+			"$_base/vimrc"
+	fi
+}
+
+install_vimrc()
+{
+	tell_status "installing vimrc"
+
+	local _vimdir="$_base/usr/local/etc/vim"
+	if [ ! -d "$_vimdir" ]; then
+		mkdir -p "$_vimdir" || exit
+	fi
+
+	fetch -m -o "$_vimdir/vimrc" https://raw.githubusercontent.com/nandalopes/vim-for-server/main/vimrc
+}
+
+configure_neovim()
+{
+	if jail_is_running stage; then
+		stage_pkg_install neovim
+	else
+		pkg install neovim
+	fi
+
+	# todo
+}
+
+configure_editor()
+{
+	local _base=${1:-""}
+
+	case "$TOASTER_EDITOR" in
+		neovim)
+			configure_neovim
+			;;
+		vim-tiny)
+			configure_vim_tiny
+			;;
+		vim)
+			configure_vim
+			;;
+		vi) ;;
+		*)  ;;
+	esac
+}

include/mta.sh

@@ -0,0 +1,123 @@
+#!/bin/sh
+
+configure_mta()
+{
+	local _base=${1:-""}
+	local _mta=${2:-"$TOASTER_BASE_MTA"}
+
+	if [ "$_mta" = "dma" ] && [ -x "$_base/usr/libexec/dma" ]; then
+		disable_sendmail
+		enable_dma
+	elif [ "$_mta" = "sendmail" ]; then
+		enable_sendmail
+	elif [ -x "$_base/usr/libexec/dma" ]; then
+		disable_sendmail
+		enable_dma
+	else
+		disable_sendmail
+		install_ssmtp
+	fi
+}
+
+enable_sendmail()
+{
+	local _sysrc="sysrc -f $_base/etc/rc.conf"
+
+	if [ "$($_sysrc -n sendmail_enable)" != "YES" ]; then
+		$_sysrc sendmail_enable=YES
+	fi
+
+	if [ "$($_sysrc -n sendmail_outbound_enable)" != "YES" ]; then
+		$_sysrc sendmail_outbound_enable=YES
+	fi
+
+	if jail_is_running stage; then
+		stage_exec service sendmail start
+	else
+		service sendmail start
+	fi
+
+	set_root_alias
+
+	cp "$_base/usr/share/examples/sendmail/mailer.conf" "$_base/etc/mail/mailer.conf"
+}
+
+disable_sendmail()
+{
+	if jail_is_running stage; then
+		if pgrep -j stage sendmail; then stage_exec service sendmail onestop; fi
+	else
+		if pgrep -j none sendmail; then service sendmail onestop; fi
+	fi
+
+	local _sysrc="sysrc -f $_base/etc/rc.conf"
+
+	if [ "$($_sysrc -n sendmail_enable)" != "NONE" ]; then
+		$_sysrc sendmail_enable=NONE
+	fi
+
+	if [ "$($_sysrc -n sendmail_outbound_enable)" != "NO" ]; then
+		$_sysrc sendmail_outbound_enable=NO
+	fi
+}
+
+set_root_alias()
+{
+	local _aliases="$_base/etc/mail/aliases"
+
+	if grep -q my.domain "$_aliases"; then
+		tell_status "setting root email in $_aliases to $TOASTER_ADMIN_EMAIL"
+
+		sed -i '' \
+			-e "/^# root:/ s/^# //" \
+			-e "/^root/ s/me@my.domain/$TOASTER_ADMIN_EMAIL/" \
+			"$_aliases"
+	fi
+}
+
+enable_dma()
+{
+	tell_status "setting up dma"
+	cp "$_base/usr/share/examples/dma/mailer.conf" "$_base/etc/mail/mailer.conf"
+
+	echo "dma.conf: $_base/etc/dma/dma.conf"
+	sed -i '' \
+		-e "s/^#SMARTHOST/SMARTHOST $TOASTER_MSA/" \
+		"$_base/etc/dma/dma.conf"
+
+	set_root_alias
+}
+
+install_ssmtp()
+{
+	tell_status "installing ssmtp"
+
+	if jail_is_running stage; then
+		stage_pkg_install ssmtp
+	else
+		pkg install ssmtp
+	fi
+
+	tell_status "configuring ssmtp"
+	if [ ! -f "$_base/usr/local/etc/ssmtp/revaliases" ]; then
+		cp "$_base/usr/local/etc/ssmtp/revaliases.sample" \
+		   "$_base/usr/local/etc/ssmtp/revaliases"
+	fi
+
+	sed -e "/^root=/ s/postmaster/$TOASTER_ADMIN_EMAIL/" \
+		-e "/^mailhub=/ s/=mail/=$TOASTER_MSA/" \
+		-e "/^rewriteDomain=/ s/=\$/=$TOASTER_MAIL_DOMAIN/" \
+		-e '/^#FromLineOverride=YES/ s/#//' \
+		"$_base/usr/local/etc/ssmtp/ssmtp.conf.sample" \
+		> "$_base/usr/local/etc/ssmtp/ssmtp.conf" || exit
+
+	tee "$_base/etc/mail/mailer.conf" <<EO_MAILER_CONF
+sendmail	/usr/local/sbin/ssmtp
+send-mail	/usr/local/sbin/ssmtp
+mailq		/usr/local/sbin/ssmtp
+newaliases	/usr/local/sbin/ssmtp
+hoststat	/usr/bin/true
+purgestat	/usr/bin/true
+EO_MAILER_CONF
+
+}

include/shell.sh

@@ -41,6 +41,7 @@ export HISTIGNORE="&:[bf]g:exit"
 shopt -s histappend
 shopt -s cdspell
 alias h="history 200"
+alias ll="ls -alFG"
 EO_BASH_PROFILE
 
 	if ! grep -qs profile "$1"; then
@@ -66,6 +67,13 @@ case $(id -u) in
     0) PS1="${PS1}# ";;
     *) PS1="${PS1}$ ";;
 esac
+
+jexecl() {
+  if   [ -z "$1" ]; then /usr/sbin/jexec;
+  elif [ -n "$2" ]; then /usr/sbin/jexec ${@:1};
+  else /usr/sbin/jexec $1 login -f -h $(hostname) root;
+  fi
+}
 EO_BOURNE_SHELL
 	fi