add_whitelists.sh

Anton-Babaskin · web-flow · commit ee14a1a1a28f · 2025-08-13T16:02:33.000+03:00
diff --git a/add_whitelists.sh b/add_whitelists.sh
@@ -1,172 +1,78 @@
-#!/usr/bin/env bash
-set -Eeuo pipefail
-
-POSTFIX_FILE="/etc/postfix/client_whitelist"
-POSTGREY_FILE="/etc/postgrey/whitelist_clients.local"
-BACKUP_DATE="$(date +%F_%H%M%S)"
-
-usage() {
-  cat <<'EOF'
-Usage:
-  ./add_whitelists.sh [-n] <domain-or-ip>
-  ./add_whitelists.sh [-n] -f <file_with_entries>
-
-Options:
-  -f FILE   File with entries (one per line, empty lines and #comments ignored)
-  -n        Dry-run mode (no changes applied)
-  -h        Show this help message
-EOF
-  exit 1
-}
-
-DRY=0
-LIST_FILE=""
-while getopts ":f:nh" opt; do
-  case "$opt" in
-    f) LIST_FILE="$OPTARG" ;;
-    n) DRY=1 ;;
-    h) usage ;;
-    *) usage ;;
-  esac
+#!/bin/bash
+
+# Скрипт для добавления доменов и IP в Postfix и Postgrey whitelist
+# Использование: ./add_whitelists.sh whitelist.txt
+
+# Цвета
+RED="\e[31m"
+GREEN="\e[32m"
+YELLOW="\e[33m"
+CYAN="\e[36m"
+RESET="\e[0m"
+
+# Проверка аргумента
+if [ -z "$1" ]; then
+    echo -e "❌ ${RED}Укажите файл с доменами и IP. Пример: ./add_whitelists.sh whitelist.txt${RESET}"
+    exit 1
+fi
+
+LIST_FILE="$1"
+DRY_RUN=0
+
+echo -e "🛠 ${CYAN}Dry-run:${RESET} $DRY_RUN"
+
+# Пути к файлам
+PF_FILE="/etc/postfix/client_whitelist"
+PG_FILE="/etc/postgrey/whitelist_clients.local"
+
+# Создаём файлы, если нет
+echo -e "📄 ${YELLOW}Creating file:${RESET} $PF_FILE"
+touch "$PF_FILE"
+
+echo -e "📄 ${YELLOW}Creating file:${RESET} $PG_FILE"
+touch "$PG_FILE"
+
+# Резервные копии
+PF_BACKUP="${PF_FILE}.bak_$(date +%F_%H%M%S)"
+PG_BACKUP="${PG_FILE}.bak_$(date +%F_%H%M%S)"
+
+cp "$PF_FILE" "$PF_BACKUP"
+echo -e "📦 ${CYAN}Backup:${RESET} $PF_BACKUP"
+
+cp "$PG_FILE" "$PG_BACKUP"
+echo -e "📦 ${CYAN}Backup:${RESET} $PG_BACKUP"
+
+# Добавляем в Postfix
+grep -vE '^\s*#|^\s*$' "$LIST_FILE" | while read -r entry; do
+    echo "$entry    OK" >> "$PF_FILE"
 done
-shift $((OPTIND - 1))
+echo -e "➕ ${GREEN}Adding to Postfix:${RESET} $LIST_FILE OK"
 
-SINGLE_TARGET="${1:-}"
+# Добавляем в Postgrey (только домены, без IP)
+grep -vE '^\s*#|^\s*$' "$LIST_FILE" | grep -vE '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' >> "$PG_FILE"
+echo -e "➕ ${GREEN}Adding to Postgrey:${RESET} $LIST_FILE"
 
-if [[ -z "$SINGLE_TARGET" && -z "$LIST_FILE" ]]; then
-  usage
-fi
+# Перегенерация и рестарт сервисов
+postmap "$PF_FILE"
+echo -e "🔄 ${YELLOW}Restarting Postfix${RESET}"
+systemctl restart postfix
 
-msg() { printf '%b\n' "$*"; }
-die() { printf 'ERROR: %s\n' "$*" >&2; exit 1; }
-
-require_root() {
-  if [[ $EUID -ne 0 ]]; then
-    die "Run as root or with sudo."
-  fi
-}
-
-ensure_file() {
-  local path="$1"
-  local dir
-  dir="$(dirname "$path")"
-  if [[ ! -d "$dir" ]]; then
-    msg "📁 Creating directory: $dir"
-    [[ $DRY -eq 0 ]] && mkdir -p "$dir"
-  fi
-  if [[ ! -f "$path" ]]; then
-    msg "📝 Creating file: $path"
-    [[ $DRY -eq 0 ]] && touch "$path"
-    [[ $DRY -eq 0 ]] && chmod 644 "$path"
-  fi
-}
-
-backup_if_exists() {
-  local path="$1"
-  if [[ -f "$path" ]]; then
-    msg "🗂  Backup: ${path}.bak_${BACKUP_DATE}"
-    [[ $DRY -eq 0 ]] && cp -a "$path" "${path}.bak_${BACKUP_DATE}"
-  fi
-}
-
-is_domain() {
-  local s="$1"
-  [[ "$s" =~ ^([A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?\.)+[A-Za-z]{2,}$ ]]
-}
-
-is_ipv4() {
-  local s="$1"
-  [[ "$s" =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]]
-}
-
-is_cidr() {
-  local s="$1"
-  [[ "$s" =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}$ ]]
-}
-
-already_in_file() {
-  local needle="$1"
-  local file="$2"
-  grep -qE -- "^${needle//./\\.}([[:space:]]|$)" "$file"
-}
-
-add_postfix() {
-  local v="$1"
-  if already_in_file "$v" "$POSTFIX_FILE"; then
-    msg "ℹ️  Already in Postfix: $v"
-    return 1
-  fi
-  msg "➕ Adding to Postfix: $v OK"
-  [[ $DRY -eq 0 ]] && echo "$v OK" >> "$POSTFIX_FILE"
-  return 0
-}
-
-add_postgrey() {
-  local v="$1"
-  if already_in_file "$v" "$POSTGREY_FILE"; then
-    msg "ℹ️  Already in Postgrey: $v"
-    return 1
-  fi
-  msg "➕ Adding to Postgrey: $v"
-  [[ $DRY -eq 0 ]] && echo "$v" >> "$POSTGREY_FILE"
-  return 0
-}
-
-process_entry() {
-  local raw="$1"
-  local entry
-  entry="$(echo "$raw" | tr '[:upper:]' '[:lower:]' | xargs)"
-  [[ -z "$entry" ]] && return 0
-  [[ "$entry" =~ ^# ]] && return 0
-
-  if is_cidr "$entry"; then
-    msg "⚠️  CIDR '$entry' not supported in hash map."
-    return 0
-  elif is_ipv4 "$entry"; then
-    add_postfix "$entry" && CHANGED_POSTFIX=1 || true
-  elif is_domain "$entry"; then
-    add_postfix "$entry" && CHANGED_POSTFIX=1 || true
-    add_postgrey "$entry" && CHANGED_POSTGREY=1 || true
-  else
-    msg "❌ Invalid entry: $entry"
-    ERRORS=$((ERRORS + 1))
-    return 1
-  fi
-}
-
-require_root
-msg "🔧 Dry-run: $DRY"
-
-ensure_file "$POSTFIX_FILE"
-ensure_file "$POSTGREY_FILE"
-backup_if_exists "$POSTFIX_FILE"
-backup_if_exists "$POSTGREY_FILE"
-
-CHANGED_POSTFIX=0
-CHANGED_POSTGREY=0
-ERRORS=0
-
-if [[ -n "$LIST_FILE" ]]; then
-  [[ -f "$LIST_FILE" ]] || die "File not found: $LIST_FILE"
-  while IFS= read -r line || [[ -n "$line" ]]; do
-    process_entry "$line" || true
-  done < "$LIST_FILE"
-else
-  process_entry "$SINGLE_TARGET" || true
-fi
+echo -e "🔄 ${YELLOW}Restarting Postgrey${RESET}"
+systemctl restart postgrey
 
-if [[ $DRY -eq 0 ]]; then
-  if [[ $CHANGED_POSTFIX -eq 1 ]]; then
-    msg "🧰 postmap $POSTFIX_FILE"
-    postmap "$POSTFIX_FILE"
-    msg "🔄 Restarting Postfix"
-    systemctl restart postfix
-  fi
-  if [[ $CHANGED_POSTGREY -eq 1 ]]; then
-    msg "🔄 Restarting Postgrey"
-    systemctl restart postgrey || true
-  fi
-  msg "✅ Done. Changes: Postfix=${CHANGED_POSTFIX}, Postgrey=${CHANGED_POSTGREY}, Errors=${ERRORS}"
-else
-  msg "🔎 Dry-run complete. Would change: Postfix=${CHANGED_POSTFIX}, Postgrey=${CHANGED_POSTGREY}, Errors=${ERRORS}"
-fi
+# Итог
+POSTFIX_COUNT=$(grep -vE '^\s*#|^\s*$' "$LIST_FILE" | wc -l)
+POSTGREY_COUNT=$(grep -vE '^\s*#|^\s*$' "$LIST_FILE" | grep -vE '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | wc -l)
+
+echo -e "✅ ${GREEN}Done.${RESET} Changes: Postfix=${CYAN}$POSTFIX_COUNT${RESET}, Postgrey=${CYAN}$POSTGREY_COUNT${RESET}, Errors=${CYAN}0${RESET}"
+
+echo -e "\n📊 ${YELLOW}Всего добавлено в белый список ($POSTFIX_COUNT записей):${RESET}"
+
+# Красивый цветной вывод — IP одним цветом, домены другим
+grep -vE '^\s*#|^\s*$' "$LIST_FILE" | while read -r entry; do
+    if [[ "$entry" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+        echo -e "   🌐 ${CYAN}$entry${RESET}"   # IP — голубой
+    else
+        echo -e "   🏷  ${GREEN}$entry${RESET}" # Домен — зелёный
+    fi
+done
