monit-sympa/sympa/recipe/sympa_fix_dkim_dmarc.recipe

#!/usr/bin/env miaou-recipe

# CONSTANTS

GLOBAL_CONF=/etc/sympa/sympa/sympa.conf
FOUND=false

# FUNCTIONS

function fix_dkim_dmarc_global {
	if ! grep -q "^dkim_feature[[:space:]]*on" $GLOBAL_CONF; then
		local sympa_domain=$(grep '^domain' "$GLOBAL_CONF" | cut -f2)
		/opt/miaou-bash/tools/append_or_replace '^dkim_feature.*$' 'dkim_feature    on' $GLOBAL_CONF
		/opt/miaou-bash/tools/append_or_replace '^dkim_signature_apply_on.*$' 'dkim_signature_apply_on  any' $GLOBAL_CONF
		/opt/miaou-bash/tools/append_or_replace '^dkim_parameters.private_key_path.*$' 'dkim_parameters.private_key_path /etc/dkimkeys/mail.private' $GLOBAL_CONF
		/opt/miaou-bash/tools/append_or_replace '^dkim_parameters.selector.*$' 'dkim_parameters.selector  mail' $GLOBAL_CONF
		/opt/miaou-bash/tools/append_or_replace '^dkim_parameters.signer_domain.*$' "dkim_parameters.signer_domain $sympa_domain" $GLOBAL_CONF

		/opt/miaou-bash/tools/append_or_replace '^arc_feature.*$' 'arc_feature on' $GLOBAL_CONF
		/opt/miaou-bash/tools/append_or_replace '^remove_dkim_headers.*$' 'remove_dkim_headers on' $GLOBAL_CONF
		/opt/miaou-bash/tools/append_or_replace '^dmarc_protection.mode*$' 'dmarc_protection.mode   dmarc_reject' $GLOBAL_CONF

		echo 'dkim feature now enabled'
		FOUND=true
	else
		echo 'dkim feature already enabled globally!'
	fi
}

function fix_dkim_dmarc_local {
	config_files=$(find $LIST_DATA_DIR -name "config" -type f)
	for i in $config_files; do
		if grep -q -e ^dmarc -e ^dkim $i; then
			FOUND=true
			echo "found problematic configuration in $i"
			remove_section_from_file $i dkim
			remove_section_from_file $i dmarc
		fi
	done
}

function remove_section_from_file {
	local file=$1
	local section=$2
	awk "/^$section/{found=1} !found{print} /^$/{found=0}" $file > $file.new
	mv $file.new $file
	chown sympa:sympa $file
}

function restart_services {
	$FOUND && systemctl restart sympa wwsympa.socket || true
}

# MAIN

set -Eue
fix_dkim_dmarc_global
fix_dkim_dmarc_local
restart_services