]> git.proxmox.com Git - pmg-api.git/blob - src/bin/pmg-daily
projects / pmg-api.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
dkim: add QID in warnings
[pmg-api.git] / src / bin / pmg-daily
1 #!/usr/bin/perl -T
2
3 $ENV{'PATH'} = '/sbin:/bin:/usr/sbin:/usr/bin';
4
5 delete @ENV{qw(IFS CDPATH ENV BASH_ENV)};
6
7 use strict;
8 use warnings;
9 use Time::Local;
10
11 use PVE::Certificate;
12 use PVE::SafeSyslog;
13 use PVE::INotify;
14 use PVE::RESTEnvironment;
15
16 use PMG::Utils;
17 use PMG::Config;
18 use PMG::ClusterConfig;
19 use PMG::DBTools;
20 use PMG::API2::Subscription;
21 use PMG::API2::APT;
22 use PMG::API2::Certificates;
23 use PMG::CertHelpers;
24 use PMG::NodeConfig;
25
26 $SIG{'__WARN__'} = sub {
27 my $err = $@;
28 my $t = $_[0];
29 chomp $t;
30 print STDERR "$t\n";
31 syslog('warning', "%s", $t);
32 $@ = $err;
33 };
34
35 PVE::RESTEnvironment->setup_default_cli_env();
36
37 initlog('pmg-daily', 'mail');
38
39 my $nodename = PVE::INotify::nodename();
40
41 eval { PMG::API2::Subscription->update({ node => $nodename }); };
42 if (my $err = $@) {
43 syslog ('err', "update subscription info failed: $err");
44 }
45
46 my $cfg = PMG::Config->new();
47
48 if (my $statlifetime = $cfg->get ('admin', 'statlifetime')) {
49 my $count = 0;
50 eval {
51 my $dbh = PMG::DBTools::open_ruledb();
52 $count = PMG::DBTools::purge_statistic_database($dbh, $statlifetime);
53 };
54 if (my $err = $@) {
55 syslog('err', $err);
56 } else {
57 syslog('info', "cleanup removed $count entries from statistic database") if $count;
58 }
59 }
60
61 # check for available updates
62 # We assume that users with subscriptions want information
63 # about new packages.
64 my $info = eval { PMG::API2::Subscription::read_etc_subscription() };
65 my $notify = ($info && $info->{status} eq 'active') ? 1 : 0;
66 eval { PMG::API2::APT->update_database({ node => $nodename, notify => $notify, quiet => 1 }); };
67 if (my $err = $@) {
68 syslog ('err', "update apt database failed: $err");
69 }
70
71 # rotate razor log file
72 rename('/root/.razor/razor-agent.log', '/root/.razor/razor-agent.log.0');
73
74 # setup proxy env (assume sa-update use http)
75 if (my $http_proxy = $cfg->get('admin', 'http_proxy')) {
76 $ENV{http_proxy} = $http_proxy;
77 }
78
79 # update spamassassin rules
80 my $restart_filter = 0;
81 if (system('sa-update') == 0) {
82 # if the exit code is 0, new updates were downloaded
83 # then restart the pmg-smtp-filter to load the new rules
84 $restart_filter = 1;
85 }
86
87 eval {
88 $restart_filter = 1 if PMG::Utils::update_local_spamassassin_channels(0);
89 };
90 syslog('err', "$@") if $@;
91
92 PMG::Utils::service_cmd('pmg-smtp-filter', 'restart') if $restart_filter;
93 # run bayes database maintenance
94 system('sa-learn --force-expire >/dev/null 2>&1');
95
96 eval {
97 my $node_config = PMG::NodeConfig::load_config();
98 my $acme_node_config = PMG::NodeConfig::get_acme_conf($node_config);
99 my $acme_domains = $acme_node_config && $acme_node_config->{domains};
100 if ($acme_domains) {
101 my %typed_domains = map {
102 $_ => PMG::NodeConfig::filter_domains_by_type($acme_domains, $_)
103 } qw(api smtp);
104
105 foreach my $type (qw(api smtp)) {
106 next if !$typed_domains{$type};
107
108 # Guard both certificates separately.
109 eval {
110 my $cert = PMG::CertHelpers::cert_path($type);
111 if (!-e $cert) {
112 syslog ('info', "ACME config found for '$type' certificate, but no custom certificate exists. Skipping ACME renewal until initial certificate has been deployed.");
113 next;
114 }
115
116 if (PVE::Certificate::check_expiry($cert, time() + 30*24*60*60)) {
117 PMG::API2::Certificates->renew_acme_cert({ node => $nodename, type => $type });
118 } else {
119 syslog ('info', "Custom '$type' certificate does not expire soon, skipping ACME renewal.");
120 }
121 };
122 syslog ('err', "Renewing '$type' ACME certificate failed: $@") if $@;
123 }
124 }
125 };
126 syslog ('err', "Renewing ACME certificate failed: $@") if $@;
127
128 exit (0);
129
PMG API