provision/geoip.sh
#!/bin/sh
set -e
. mail-toaster.sh
export JAIL_START_EXTRA=""
export JAIL_CONF_EXTRA=""
export JAIL_FSTAB=""
preflight_check() {
if [ -z "$MAXMIND_LICENSE_KEY" ]; then
echo "ERROR: edit mail-toaster.conf and set MAXMIND_LICENSE_KEY"
exit 1
fi
if [ "$GEOIP_UPDATER" = "geoipupdate" ] && [ -z "$MAXMIND_ACCOUNT_ID" ]; then
echo "ERROR: edit mail-toaster.conf and set MAXMIND_ACCOUNT_ID"
exit 1
fi
}
install_geoip_geoipupdate()
{
tell_status "install geoipupdate"
stage_pkg_install geoipupdate
}
install_geoip_mm_mirror()
{
tell_status "install maxmind-geolite-mirror"
stage_pkg_install npm-node20
stage_exec npm install -g maxmind-geolite-mirror
}
install_geoip()
{
for _d in etc db; do
_path="$STAGE_MNT/data/$_d"
[ -d "$_path" ] || mkdir "$_path"
done
if [ "$GEOIP_UPDATER" = "geoipupdate" ]; then
install_geoip_geoipupdate
else
install_geoip_mm_mirror
fi
}
configure_geoip_geoipupdate()
{
store_exec "$_weekly/999.maxmind-geolite-mirror" <<EO_GEO
#!/bin/sh
export MAXMIND_DB_DIR=/data/db/
/usr/local/bin/geoipupdate
EO_GEO
}
configure_geoip_mm_mirror()
{
store_exec "$_weekly/999.maxmind-geolite-mirror" <<EO_GEO_MM
#!/bin/sh
export MAXMIND_DB_DIR=/data/db/
export MAXMIND_LICENSE_KEY="$MAXMIND_LICENSE_KEY"
/usr/local/bin/node /usr/local/lib/node_modules/maxmind-geolite-mirror
EO_GEO_MM
}
geoip_periodic()
{
_weekly="$STAGE_MNT/usr/local/etc/periodic/weekly"
if [ "$GEOIP_UPDATER" = "geoipupdate" ]; then
configure_geoip_geoipupdate
else
configure_geoip_mm_mirror
fi
}
configure_geoip()
{
if [ -f "$ZFS_DATA_MNT/geoip/GeoIP.conf" ]; then
tell_status "installing GeoIP.conf"
cp "$ZFS_DATA_MNT/geoip/GeoIP.conf" "$STAGE_MNT/usr/local/etc"
else
sed -i '' \
-e "/^AccountID/ s/YOUR_ACCOUNT_ID_HERE/$MAXMIND_ACCOUNT_ID/" \
-e "/^LicenseKey/ s/YOUR_LICENSE_KEY_HERE/$MAXMIND_LICENSE_KEY/" \
-e '/^EditionIDs/ s/GeoLite2-City/GeoLite2-City GeoLite2-ASN/' \
-e '/^# DatabaseDirectory/ s/^# //' \
-e '/^DatabaseDirectory/ s|/usr/local/share/GeoIP|/data/db|' \
"$STAGE_MNT/usr/local/etc/GeoIP.conf"
fi
geoip_periodic
}
start_geoip()
{
tell_status "mirroring GeoIP databases"
if [ "$GEOIP_UPDATER" = "geoipupdate" ]; then
stage_exec /usr/local/bin/geoipupdate
else
stage_exec env MAXMIND_DB_DIR=/data/db/ /usr/local/bin/maxmind-geolite-mirror
fi
}
test_geoip()
{
echo "testing geoip..."
stage_exec ls /data/db/
test -f "$STAGE_MNT/data/db/GeoLite2-Country.mmdb"
echo "it worked"
}
migrate_geoip_dbs()
{
if [ ! -f "$ZFS_DATA_MNT/geoip/GeoLite2-Country.mmdb" ]; then
# no geoip data or data already migrated
return
fi
local _confirm_msg="
geoip data migration required. Choosing yes will:
1. stop the running geoip, spamassassin, and haraka jails
2. move the geoip data into a 'db' subdirectory
3. promote the newly build geoip jail
Then, for the spamassassin and haraka jails, you will need to do one of:
- update the mountpoint for the geoip db directory in jail.conf
- provision new jails
Proceed?
"
dialog --yesno "$_confirm_msg" 19 70 || return
service jail stop geoip spamassassin haraka
for _d in etc db; do
_path="$ZFS_DATA_MNT/geoip/$_d"
[ -d "$_path" ] || mkdir "$_path"
done
for _suffix in mmdb dat; do
for _db in "$ZFS_DATA_MNT"/geoip/*."$_suffix"; do
mv "$_db" "$ZFS_DATA_MNT/geoip/db/"
done
done
}
preflight_check
base_snapshot_exists || exit 1
migrate_geoip_dbs
create_staged_fs geoip
start_staged_jail geoip
install_geoip
configure_geoip
start_geoip
test_geoip
promote_staged_jail geoip