]>
Commit | Line | Data |
---|---|---|
d0d5b944 DM |
1 | #!/usr/bin/perl -T |
2 | ||
3 | $ENV{'PATH'} = '/sbin:/bin:/usr/sbin:/usr/bin'; | |
4 | ||
5 | delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; | |
6 | ||
7 | use strict; | |
8 | use warnings; | |
9 | use Time::Local; | |
10 | ||
c7f1f473 | 11 | use PVE::Certificate; |
d0d5b944 DM |
12 | use PVE::SafeSyslog; |
13 | use PVE::INotify; | |
14 | use PVE::RESTEnvironment; | |
15 | ||
16 | use PMG::Utils; | |
17 | use PMG::Config; | |
18 | use PMG::ClusterConfig; | |
19 | use PMG::DBTools; | |
b2a65168 | 20 | use PMG::API2::Subscription; |
c7e9e145 | 21 | use PMG::API2::APT; |
c7f1f473 WB |
22 | use PMG::API2::Certificates; |
23 | use PMG::CertHelpers; | |
24 | use PMG::NodeConfig; | |
d0d5b944 DM |
25 | |
26 | $SIG{'__WARN__'} = sub { | |
27 | my $err = $@; | |
28 | my $t = $_[0]; | |
29 | chomp $t; | |
30 | print STDERR "$t\n"; | |
31 | syslog('warning', "%s", $t); | |
32 | $@ = $err; | |
33 | }; | |
34 | ||
35 | PVE::RESTEnvironment->setup_default_cli_env(); | |
36 | ||
37 | initlog('pmg-daily', 'mail'); | |
38 | ||
b2a65168 DM |
39 | my $nodename = PVE::INotify::nodename(); |
40 | ||
41 | eval { PMG::API2::Subscription->update({ node => $nodename }); }; | |
42 | if (my $err = $@) { | |
43 | syslog ('err', "update subscription info failed: $err"); | |
44 | } | |
45 | ||
d0d5b944 DM |
46 | my $cfg = PMG::Config->new(); |
47 | ||
152ac93e DM |
48 | if (my $statlifetime = $cfg->get ('admin', 'statlifetime')) { |
49 | my $count = 0; | |
d0d5b944 DM |
50 | eval { |
51 | my $dbh = PMG::DBTools::open_ruledb(); | |
8fb6f404 | 52 | $count = PMG::DBTools::purge_statistic_database($dbh, $statlifetime); |
d0d5b944 DM |
53 | }; |
54 | if (my $err = $@) { | |
b902c0b8 | 55 | syslog('err', $err); |
d0d5b944 | 56 | } else { |
152ac93e | 57 | syslog('info', "cleanup removed $count entries from statistic database") if $count; |
d0d5b944 | 58 | } |
d0d5b944 DM |
59 | } |
60 | ||
c7e9e145 | 61 | # check for available updates |
1359baef | 62 | # We assume that users with subscriptions want information |
c7e9e145 | 63 | # about new packages. |
726cfb99 FG |
64 | my $info = eval { PMG::API2::Subscription::read_etc_subscription() }; |
65 | my $notify = ($info && $info->{status} eq 'active') ? 1 : 0; | |
c7e9e145 DM |
66 | eval { PMG::API2::APT->update_database({ node => $nodename, notify => $notify, quiet => 1 }); }; |
67 | if (my $err = $@) { | |
68 | syslog ('err', "update apt database failed: $err"); | |
69 | } | |
d0d5b944 DM |
70 | |
71 | # rotate razor log file | |
72 | rename('/root/.razor/razor-agent.log', '/root/.razor/razor-agent.log.0'); | |
73 | ||
85d295d6 DM |
74 | # setup proxy env (assume sa-update use http) |
75 | if (my $http_proxy = $cfg->get('admin', 'http_proxy')) { | |
76 | $ENV{http_proxy} = $http_proxy; | |
77 | } | |
78 | ||
7122424b | 79 | # update spamassassin rules |
b27918fc | 80 | my $restart_filter = 0; |
7122424b DC |
81 | if (system('sa-update') == 0) { |
82 | # if the exit code is 0, new updates were downloaded | |
83 | # then restart the pmg-smtp-filter to load the new rules | |
b27918fc | 84 | $restart_filter = 1; |
7122424b DC |
85 | } |
86 | ||
b27918fc | 87 | eval { |
991d8f1c | 88 | $restart_filter = 1 if PMG::Utils::update_local_spamassassin_channels(0); |
b27918fc SI |
89 | }; |
90 | syslog('err', "$@") if $@; | |
91 | ||
92 | PMG::Utils::service_cmd('pmg-smtp-filter', 'restart') if $restart_filter; | |
1359baef | 93 | # run bayes database maintenance |
d0d5b944 DM |
94 | system('sa-learn --force-expire >/dev/null 2>&1'); |
95 | ||
c7f1f473 WB |
96 | eval { |
97 | my $node_config = PMG::NodeConfig::load_config(); | |
98 | my $acme_node_config = PMG::NodeConfig::get_acme_conf($node_config); | |
99 | my $acme_domains = $acme_node_config && $acme_node_config->{domains}; | |
100 | if ($acme_domains) { | |
101 | my %typed_domains = map { | |
102 | $_ => PMG::NodeConfig::filter_domains_by_type($acme_domains, $_) | |
103 | } qw(api smtp); | |
104 | ||
105 | foreach my $type (qw(api smtp)) { | |
106 | next if !$typed_domains{$type}; | |
107 | ||
108 | # Guard both certificates separately. | |
109 | eval { | |
110 | my $cert = PMG::CertHelpers::cert_path($type); | |
111 | if (!-e $cert) { | |
112 | syslog ('info', "ACME config found for '$type' certificate, but no custom certificate exists. Skipping ACME renewal until initial certificate has been deployed."); | |
113 | next; | |
114 | } | |
115 | ||
116 | if (PVE::Certificate::check_expiry($cert, time() + 30*24*60*60)) { | |
117 | PMG::API2::Certificates->renew_acme_cert({ node => $nodename, type => $type }); | |
118 | } else { | |
119 | syslog ('info', "Custom '$type' certificate does not expire soon, skipping ACME renewal."); | |
120 | } | |
121 | }; | |
122 | syslog ('err', "Renewing '$type' ACME certificate failed: $@") if $@; | |
123 | } | |
124 | } | |
125 | }; | |
126 | syslog ('err', "Renewing ACME certificate failed: $@") if $@; | |
127 | ||
d0d5b944 DM |
128 | exit (0); |
129 |