paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Watchdog] Minor text changes and send whois report of banned IP

master
andryyy 2019-06-10 22:40:21 +02:00
parent 7bc2b6b35b
commit 7145c380b0
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
2 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
data/Dockerfiles/watchdog/Dockerfile
View File

@ -27,6 +27,7 @@ RUN apk add --update \
perl-term-readkey \ perl-term-readkey \
tini \ tini \
tzdata \ tzdata \
whois \
&& curl https://raw.githubusercontent.com/mludvig/smtp-cli/v3.9/smtp-cli -o /smtp-cli \ && curl https://raw.githubusercontent.com/mludvig/smtp-cli/v3.9/smtp-cli -o /smtp-cli \
&& chmod +x smtp-cli && chmod +x smtp-cli

19
data/Dockerfiles/watchdog/watchdog.sh
View File

@ -59,13 +59,11 @@ function mail_error() {
[[ -z ${2} ]] && BODY="Service was restarted on $(date), please check your mailcow installation." || BODY="$(date) - ${2}" [[ -z ${2} ]] && BODY="Service was restarted on $(date), please check your mailcow installation." || BODY="$(date) - ${2}"
WATCHDOG_NOTIFY_EMAIL=$(echo "${WATCHDOG_NOTIFY_EMAIL}" | sed 's/"//;s|"$||') WATCHDOG_NOTIFY_EMAIL=$(echo "${WATCHDOG_NOTIFY_EMAIL}" | sed 's/"//;s|"$||')
# Some exceptions for subject and body formats # Some exceptions for subject and body formats
if [[ ${1} == "watchdog-mailcow" ]]; then if [[ ${1} == "fail2ban" ]]; then
SUBJECT="Watchdog started"
elif [[ ${1} == "fail2ban" ]]; then
SUBJECT="${BODY}" SUBJECT="${BODY}"
BODY="Please see netfilter-mailcow for more details and triggered rules." BODY="Please see netfilter-mailcow for more details and triggered rules."
else else
SUBJECT="Watchdog: ${1} triggered an event" SUBJECT="Watchdog ALERT: ${1}"
fi fi
IFS=',' read -r -a MAIL_RCPTS <<< "${WATCHDOG_NOTIFY_EMAIL}" IFS=',' read -r -a MAIL_RCPTS <<< "${WATCHDOG_NOTIFY_EMAIL}"
for rcpt in "${MAIL_RCPTS[@]}"; do for rcpt in "${MAIL_RCPTS[@]}"; do
@ -77,15 +75,14 @@ function mail_error() {
log_msg "Cannot determine MX for ${rcpt}, skipping email notification..." log_msg "Cannot determine MX for ${rcpt}, skipping email notification..."
return 1 return 1
fi fi
[ -f "/tmp/${1}" ] && ATTACH="--attach /tmp/${1}@text/plain" || ATTACH= [ -f "/tmp/${1}" ] && BODY="/tmp/${1}"
./smtp-cli --missing-modules-ok \ ./smtp-cli --missing-modules-ok \
--subject="${SUBJECT}" \ --subject="${SUBJECT}" \
--body-plain="${BODY}" \ --body-plain="${BODY}" \
--to=${rcpt} \ --to=${rcpt} \
--from="watchdog@${MAILCOW_HOSTNAME}" \ --from="watchdog@${MAILCOW_HOSTNAME}" \
--server="${RCPT_MX}" \ --server="${RCPT_MX}" \
--hello-host=${MAILCOW_HOSTNAME} \ --hello-host=${MAILCOW_HOSTNAME}
${ATTACH}
log_msg "Sent notification email to ${rcpt}" log_msg "Sent notification email to ${rcpt}"
done done
} }
@ -669,7 +666,7 @@ while true; do
done done
) & ) &
# Restart container when threshold limit reached # Actions when threshold limit is reached
while true; do while true; do
CONTAINER_ID= CONTAINER_ID=
HAS_INITDB= HAS_INITDB=
@ -688,10 +685,12 @@ while true; do
redis-cli -h redis-mailcow DEL F2B_RES > /dev/null redis-cli -h redis-mailcow DEL F2B_RES > /dev/null
host= host=
for host in "${F2B_RES[@]}"; do for host in "${F2B_RES[@]}"; do
log_msg "Banned ${F2B_RES}" log_msg "Banned ${host}"
rm /tmp/fail2ban 2> /dev/null
whois ${host} > /tmp/fail2ban
[[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${com_pipe_answer}" "IP ban: ${host}" [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${com_pipe_answer}" "IP ban: ${host}"
done done
elif [[ ${com_pipe_answer} =~ .+-mailcow ]] || [[ ${com_pipe_answer} == "ipv6nat-mailcow" ]]; then elif [[ ${com_pipe_answer} =~ .+-mailcow ]]; then
kill -STOP ${BACKGROUND_TASKS[*]} kill -STOP ${BACKGROUND_TASKS[*]}
sleep 3 sleep 3
CONTAINER_ID=$(curl --silent --insecure https://dockerapi/containers/json | jq -r ".[] | {name: .Config.Labels[\"com.docker.compose.service\"], id: .Id}" | jq -rc "select( .name | tostring | contains(\"${com_pipe_answer}\")) | .id") CONTAINER_ID=$(curl --silent --insecure https://dockerapi/containers/json | jq -r ".[] | {name: .Config.Labels[\"com.docker.compose.service\"], id: .Id}" | jq -rc "select( .name | tostring | contains(\"${com_pipe_answer}\")) | .id")