Skip to content

Commit 109e0eb

Browse files
Anton-BabaskinAnton-Babaskin
authored
add_whitelists.sh
1 parent 81a1a08 commit 109e0eb

File tree

1 file changed

+47
-4
lines changed

1 file changed

+47
-4
lines changed

add_whitelists.sh

Lines changed: 47 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
#!/usr/bin/env bash
2-
# add_whitelists.sh — add one or many domains/IPs to Postfix + Postgrey
2+
# add_whitelists.sh — add one or many domains/IPs to Postfix + Postgrey with logging
33
# Usage:
44
# ./add_whitelists.sh example.com
55
# ./add_whitelists.sh -f whitelists.txt
@@ -11,6 +11,32 @@ POSTFIX_FILE="/etc/postfix/client_whitelist"
1111
POSTGREY_FILE="/etc/postgrey/whitelist_clients.local"
1212
BACKUP_DATE="$(date +%F_%H%M%S)"
1313

14+
# --- logging ---
15+
LOG_FILE="/var/log/add_whitelists.log"
16+
# If we can prepare the log file, we log; otherwise continue silently (no crash).
17+
LOG_ENABLED=0
18+
prepare_log() {
19+
local dir
20+
dir="$(dirname "$LOG_FILE")"
21+
if mkdir -p "$dir" 2>/dev/null; then
22+
# 0640 root:adm (or root:root if adm missing)
23+
touch "$LOG_FILE" 2>/dev/null || return 0
24+
chown root:adm "$LOG_FILE" 2>/dev/null || true
25+
chmod 0640 "$LOG_FILE" 2>/dev/null || true
26+
LOG_ENABLED=1
27+
fi
28+
}
29+
log_line() {
30+
# Log to file (if enabled) and echo to stdout
31+
local ts user msg
32+
ts="$(date '+%F %T')"
33+
user="${SUDO_USER:-$USER:-root}"
34+
msg="$*"
35+
if [ "$LOG_ENABLED" -eq 1 ]; then
36+
printf '%s [%s] %s\n' "$ts" "$user" "$msg" >> "$LOG_FILE" || true
37+
fi
38+
}
39+
1440
usage() {
1541
cat <<'EOF'
1642
Usage:
@@ -112,6 +138,7 @@ add_postgrey() {
112138
ADDED_ALL=()
113139
ADDED_PF=0
114140
ADDED_PG=0
141+
SKIPPED_PG=0
115142
ERRORS=0
116143

117144
process_entry() {
@@ -123,26 +150,34 @@ process_entry() {
123150

124151
if is_cidr "$entry"; then
125152
msg "⚠️ ${C_YELL}CIDR not supported in hash map:${C_RESET} $entry"
153+
log_line "SKIP CIDR $entry"
126154
return 0
127155
elif is_ipv4 "$entry"; then
128156
if add_postfix "$entry"; then
129157
ADDED_PF=$((ADDED_PF+1)); ADDED_ALL+=( "$entry" )
158+
SKIPPED_PG=$((SKIPPED_PG+1))
159+
log_line "ADD Postfix IP $entry"
160+
else
161+
log_line "SKIP duplicate (Postfix) IP $entry"
130162
fi
131163
elif is_domain "$entry"; then
132164
local touched=0
133-
if add_postfix "$entry"; then ADDED_PF=$((ADDED_PF+1)); touched=1; fi
134-
if add_postgrey "$entry"; then ADDED_PG=$((ADDED_PG+1)); touched=1; fi
165+
if add_postfix "$entry"; then ADDED_PF=$((ADDED_PF+1)); touched=1; log_line "ADD Postfix domain $entry"; else log_line "SKIP duplicate (Postfix) domain $entry"; fi
166+
if add_postgrey "$entry"; then ADDED_PG=$((ADDED_PG+1)); touched=1; log_line "ADD Postgrey domain $entry"; else log_line "SKIP duplicate (Postgrey) domain $entry"; fi
135167
[ "$touched" -eq 1 ] && ADDED_ALL+=( "$entry" )
136168
else
137169
msg "${C_RED}Invalid entry:${C_RESET} $entry"
138170
ERRORS=$((ERRORS+1))
171+
log_line "ERROR invalid entry $entry"
139172
return 1
140173
fi
141174
}
142175

143176
# ------------ main ------------
144177
require_root
178+
prepare_log
145179
msg "🔧 Dry-run: $DRY"
180+
[ "$LOG_ENABLED" -eq 1 ] && log_line "START dry=$DRY args: $*"
146181

147182
ensure_file "$POSTFIX_FILE"
148183
ensure_file "$POSTGREY_FILE"
@@ -163,11 +198,17 @@ if [ "$DRY" -eq 0 ]; then
163198
msg "🧰 postmap $POSTFIX_FILE"
164199
postmap "$POSTFIX_FILE"
165200
msg "🔄 Restarting Postfix"; systemctl restart postfix
201+
log_line "RESTART postfix (added=$ADDED_PF)"
166202
fi
167203
if [ "$ADDED_PG" -gt 0 ]; then
168204
msg "🔄 Restarting Postgrey"; systemctl restart postgrey || true
205+
log_line "RESTART postgrey (added=$ADDED_PG)"
206+
fi
207+
if [ "$SKIPPED_PG" -gt 0 ]; then
208+
msg "${C_GREEN}Done.${C_RESET} Changes: Postfix=${C_CYAN}${ADDED_PF}${C_RESET}, Postgrey=${C_CYAN}${ADDED_PG}${C_RESET} (skipped ${SKIPPED_PG} IPs), Errors=${C_CYAN}${ERRORS}${C_RESET}"
209+
else
210+
msg "${C_GREEN}Done.${C_RESET} Changes: Postfix=${C_CYAN}${ADDED_PF}${C_RESET}, Postgrey=${C_CYAN}${ADDED_PG}${C_RESET}, Errors=${C_CYAN}${ERRORS}${C_RESET}"
169211
fi
170-
msg "${C_GREEN}Done.${C_RESET} Changes: Postfix=${C_CYAN}${ADDED_PF}${C_RESET}, Postgrey=${C_CYAN}${ADDED_PG}${C_RESET}, Errors=${C_CYAN}${ERRORS}${C_RESET}"
171212
else
172213
msg "🔎 Dry-run complete. Would change: Postfix=${ADDED_PF}, Postgrey=${ADDED_PG}, Errors=${ERRORS}"
173214
fi
@@ -186,3 +227,5 @@ if [ "${#ADDED_ALL[@]}" -gt 0 ]; then
186227
else
187228
msg "ℹ️ No new entries were added."
188229
fi
230+
231+
[ "$LOG_ENABLED" -eq 1 ] && log_line "END pf=$ADDED_PF pg=$ADDED_PG skipped_pg_ips=$SKIPPED_PG errors=$ERRORS"

0 commit comments

Comments
 (0)