DamionDamion · December 1, 2024 14:52
diff --git a/script.sh b/script.sh
 #
 # Debain 10, postgresql, postfix
 # This servers as a lose lazy refernce, not a turnkey runscript.
 # See: https://wiki.policyd.org/installing

 # requirements
 apt install libnet-server-perl libnet-cidr-perl libnet-dns-perl libmail-spf-perl libtimedate-perl libdbi-perl libdbd-pg-perl

 # Use 2.1.x snapshot
 wget https://download.policyd.org/v2.1.x-201310261831/cluebringer-v2.1.x-201310261831.tar.gz

 tar xvf cluebringer-v2.1.x-201310261831.tar.gz

 # postgres db setup
 sudo -u postgres psql
 create user policyd;
 \password
 create database policyd owner policyd;

 cd cluebringer-v2.1.x-201310261831/
 cd database

 for i in core.tsql access_control.tsql quotas.tsql amavis.tsql checkhelo.tsql checkspf.tsql greylisting.tsql accounting.tsql; do ./convert-tsql pgsql $i; done > policyd.sql

 #removed #comments from sql script
 sed '/^#/ d' policyd.sql > cleaned.sql

 psql -h 127.0.0.1 -U policyd -W policyd < cleaned.sql

 cd ..

 # policyd2.1 expects the config to be in /etc/cbpolicyd/
 cp cluebringer.conf /etc/cbpolicyd/
 mkdir /usr/local/lib/cbpolicyd-2.1
 cp -r cbp /usr/local/lib/cbpolicyd-2.1/
 cp -r awitpt/awitpt /usr/local/lib/cbpolicyd-2.1/
 cp cbpadmin /usr/local/bin/
 cp cbpolicyd /usr/local/sbin/
 mkdir /var/log/cbpolicyd
 mkdir /var/run/cbpolicyd

 useradd -r -s /usr/sbin/nologin cbpolicyd #probably don't run as root, yeah

 chown cbpolicyd.cbpolicyd /var/log/cbpolicyd /var/run/cbpolicyd

 # Here's my nice systemd script just for you
 echo "[Unit]
 Description=Policyd
 After=network.target
 After=syslog.target
 After=postgresql.service
 Before=postfix.service
 Requires=postgresql.service

 [Install]
 WantedBy=multi-user.target

 [Service]
 User=cbpolicyd
 Group=cbpolicyd
 Type=forking
 ExecStart=/usr/local/sbin/cbpolicyd
 Restart=on-failure
 TimeoutSec=60
 Restart=always" > /etc/systemd/system/policyd.service

 #
 # You need to edit /etc/cbpolicyd/cluebringer.conf and uncomment many/most of the directives now.
 # enabled logging and chech /var/log/cbpolicyd/cbpolicyd.log for errors.
 #
 # Also you should reference https://wiki.policyd.org/installing for the webui
 # it's basically a wordpress installation for comparison. Follow the bouncing ball
 #
 # Oh, also add
 # smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10031, permit_mynetworks... etc
 # smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031
 # to your postfix main.cf
 #
	#
	# Debain 10, postgresql, postfix
	# This servers as a lose lazy refernce, not a turnkey runscript.
	# See: https://wiki.policyd.org/installing

	# requirements
	apt install libnet-server-perl libnet-cidr-perl libnet-dns-perl libmail-spf-perl libtimedate-perl libdbi-perl libdbd-pg-perl

	# Use 2.1.x snapshot
	wget https://download.policyd.org/v2.1.x-201310261831/cluebringer-v2.1.x-201310261831.tar.gz

	tar xvf cluebringer-v2.1.x-201310261831.tar.gz

	# postgres db setup
	sudo -u postgres psql
	create user policyd;
	\password
	create database policyd owner policyd;

	cd cluebringer-v2.1.x-201310261831/
	cd database

	for i in core.tsql access_control.tsql quotas.tsql amavis.tsql checkhelo.tsql checkspf.tsql greylisting.tsql accounting.tsql; do ./convert-tsql pgsql $i; done > policyd.sql

	#removed #comments from sql script
	sed '/^#/ d' policyd.sql > cleaned.sql

	psql -h 127.0.0.1 -U policyd -W policyd < cleaned.sql

	cd ..

	# policyd2.1 expects the config to be in /etc/cbpolicyd/
	cp cluebringer.conf /etc/cbpolicyd/
	mkdir /usr/local/lib/cbpolicyd-2.1
	cp -r cbp /usr/local/lib/cbpolicyd-2.1/
	cp -r awitpt/awitpt /usr/local/lib/cbpolicyd-2.1/
	cp cbpadmin /usr/local/bin/
	cp cbpolicyd /usr/local/sbin/
	mkdir /var/log/cbpolicyd
	mkdir /var/run/cbpolicyd

	useradd -r -s /usr/sbin/nologin cbpolicyd #probably don't run as root, yeah

	chown cbpolicyd.cbpolicyd /var/log/cbpolicyd /var/run/cbpolicyd

	# Here's my nice systemd script just for you
	echo "[Unit]
	Description=Policyd
	After=network.target
	After=syslog.target
	After=postgresql.service
	Before=postfix.service
	Requires=postgresql.service

	[Install]
	WantedBy=multi-user.target

	[Service]
	User=cbpolicyd
	Group=cbpolicyd
	Type=forking
	ExecStart=/usr/local/sbin/cbpolicyd
	Restart=on-failure
	TimeoutSec=60
	Restart=always" > /etc/systemd/system/policyd.service

	#
	# You need to edit /etc/cbpolicyd/cluebringer.conf and uncomment many/most of the directives now.
	# enabled logging and chech /var/log/cbpolicyd/cbpolicyd.log for errors.
	#
	# Also you should reference https://wiki.policyd.org/installing for the webui
	# it's basically a wordpress installation for comparison. Follow the bouncing ball
	#
	# Oh, also add
	# smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10031, permit_mynetworks... etc
	# smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031
	# to your postfix main.cf
	#