From 5897b97065cea3b40fc432450ca89dcf7f8f7611 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Kleinekath=C3=B6fer?= Date: Fri, 6 Jan 2023 15:35:06 +0100 Subject: [PATCH 01/12] Renamed mail notification method for watchdog to be more general --- data/Dockerfiles/watchdog/watchdog.sh | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/data/Dockerfiles/watchdog/watchdog.sh b/data/Dockerfiles/watchdog/watchdog.sh index 231d0ecd5..517d160e0 100755 --- a/data/Dockerfiles/watchdog/watchdog.sh +++ b/data/Dockerfiles/watchdog/watchdog.sh @@ -97,7 +97,7 @@ log_msg() { echo $(date) $(printf '%s\n' "${1}") } -function mail_error() { +function notify_error() { THROTTLE= [[ -z ${1} ]] && return 1 # If exists, body will be the content of "/tmp/${1}", even if ${2} is set @@ -197,7 +197,7 @@ get_container_ip() { # One-time check if grep -qi "$(echo ${IPV6_NETWORK} | cut -d: -f1-3)" <<< "$(ip a s)"; then if [[ -z "$(get_ipv6)" ]]; then - mail_error "ipv6-config" "enable_ipv6 is true in docker-compose.yml, but an IPv6 link could not be established. Please verify your IPv6 connection." + notify_error "ipv6-config" "enable_ipv6 is true in docker-compose.yml, but an IPv6 link could not be established. Please verify your IPv6 connection." fi fi @@ -747,7 +747,7 @@ olefy_checks() { # Notify about start if [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]]; then - mail_error "watchdog-mailcow" "Watchdog started monitoring mailcow." + notify_error "watchdog-mailcow" "Watchdog started monitoring mailcow." fi # Create watchdog agents @@ -1029,33 +1029,33 @@ while true; do fi if [[ ${com_pipe_answer} == "ratelimit" ]]; then log_msg "At least one ratelimit was applied" - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${com_pipe_answer}" + [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && notify_error "${com_pipe_answer}" elif [[ ${com_pipe_answer} == "mail_queue_status" ]]; then log_msg "Mail queue status is critical" - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${com_pipe_answer}" + [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && notify_error "${com_pipe_answer}" elif [[ ${com_pipe_answer} == "external_checks" ]]; then log_msg "Your mailcow is an open relay!" # Define $2 to override message text, else print service was restarted at ... - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${com_pipe_answer}" "Please stop mailcow now and check your network configuration!" + [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && notify_error "${com_pipe_answer}" "Please stop mailcow now and check your network configuration!" elif [[ ${com_pipe_answer} == "mysql_repl_checks" ]]; then log_msg "MySQL replication is not working properly" # Define $2 to override message text, else print service was restarted at ... # Once mail per 10 minutes - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${com_pipe_answer}" "Please check the SQL replication status" 600 + [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && notify_error "${com_pipe_answer}" "Please check the SQL replication status" 600 elif [[ ${com_pipe_answer} == "dovecot_repl_checks" ]]; then log_msg "Dovecot replication is not working properly" # Define $2 to override message text, else print service was restarted at ... # Once mail per 10 minutes - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${com_pipe_answer}" "Please check the Dovecot replicator status" 600 + [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && notify_error "${com_pipe_answer}" "Please check the Dovecot replicator status" 600 elif [[ ${com_pipe_answer} == "certcheck" ]]; then log_msg "Certificates are about to expire" # Define $2 to override message text, else print service was restarted at ... # Only mail once a day - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${com_pipe_answer}" "Please renew your certificate" 86400 + [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && notify_error "${com_pipe_answer}" "Please renew your certificate" 86400 elif [[ ${com_pipe_answer} == "acme-mailcow" ]]; then log_msg "acme-mailcow did not complete successfully" # Define $2 to override message text, else print service was restarted at ... - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${com_pipe_answer}" "Please check acme-mailcow for further information." + [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && notify_error "${com_pipe_answer}" "Please check acme-mailcow for further information." elif [[ ${com_pipe_answer} == "fail2ban" ]]; then F2B_RES=($(timeout 4s ${REDIS_CMDLINE} --raw GET F2B_RES 2> /dev/null)) if [[ ! -z "${F2B_RES}" ]]; then @@ -1065,7 +1065,7 @@ while true; do log_msg "Banned ${host}" rm /tmp/fail2ban 2> /dev/null timeout 2s whois "${host}" > /tmp/fail2ban - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && [[ ${WATCHDOG_NOTIFY_BAN} =~ ^([yY][eE][sS]|[yY])+$ ]] && mail_error "${com_pipe_answer}" "IP ban: ${host}" + [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && [[ ${WATCHDOG_NOTIFY_BAN} =~ ^([yY][eE][sS]|[yY])+$ ]] && notify_error "${com_pipe_answer}" "IP ban: ${host}" done fi elif [[ ${com_pipe_answer} =~ .+-mailcow ]]; then @@ -1085,7 +1085,7 @@ while true; do else log_msg "Sending restart command to ${CONTAINER_ID}..." curl --silent --insecure -XPOST https://dockerapi/containers/${CONTAINER_ID}/restart - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${com_pipe_answer}" + [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && notify_error "${com_pipe_answer}" log_msg "Wait for restarted container to settle and continue watching..." sleep 35 fi From 9ef14a20d17ebdeaa49249e66068699827040fb7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Kleinekath=C3=B6fer?= Date: Fri, 6 Jan 2023 15:43:43 +0100 Subject: [PATCH 02/12] Centralized checking of enabled notifications --- data/Dockerfiles/watchdog/watchdog.sh | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/data/Dockerfiles/watchdog/watchdog.sh b/data/Dockerfiles/watchdog/watchdog.sh index 517d160e0..e6e70ba72 100755 --- a/data/Dockerfiles/watchdog/watchdog.sh +++ b/data/Dockerfiles/watchdog/watchdog.sh @@ -98,6 +98,8 @@ log_msg() { } function notify_error() { + # Check if one of the notification options is enabled + [[ -z ${WATCHDOG_NOTIFY_EMAIL} ]] && [[ -z ${WATCHDOG_NOTIFY_WEBHOOK} ]] && return 0 THROTTLE= [[ -z ${1} ]] && return 1 # If exists, body will be the content of "/tmp/${1}", even if ${2} is set @@ -746,9 +748,7 @@ olefy_checks() { } # Notify about start -if [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]]; then - notify_error "watchdog-mailcow" "Watchdog started monitoring mailcow." -fi +notify_error "watchdog-mailcow" "Watchdog started monitoring mailcow." # Create watchdog agents @@ -1029,33 +1029,33 @@ while true; do fi if [[ ${com_pipe_answer} == "ratelimit" ]]; then log_msg "At least one ratelimit was applied" - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && notify_error "${com_pipe_answer}" + notify_error "${com_pipe_answer}" elif [[ ${com_pipe_answer} == "mail_queue_status" ]]; then log_msg "Mail queue status is critical" - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && notify_error "${com_pipe_answer}" + notify_error "${com_pipe_answer}" elif [[ ${com_pipe_answer} == "external_checks" ]]; then log_msg "Your mailcow is an open relay!" # Define $2 to override message text, else print service was restarted at ... - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && notify_error "${com_pipe_answer}" "Please stop mailcow now and check your network configuration!" + notify_error "${com_pipe_answer}" "Please stop mailcow now and check your network configuration!" elif [[ ${com_pipe_answer} == "mysql_repl_checks" ]]; then log_msg "MySQL replication is not working properly" # Define $2 to override message text, else print service was restarted at ... # Once mail per 10 minutes - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && notify_error "${com_pipe_answer}" "Please check the SQL replication status" 600 + notify_error "${com_pipe_answer}" "Please check the SQL replication status" 600 elif [[ ${com_pipe_answer} == "dovecot_repl_checks" ]]; then log_msg "Dovecot replication is not working properly" # Define $2 to override message text, else print service was restarted at ... # Once mail per 10 minutes - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && notify_error "${com_pipe_answer}" "Please check the Dovecot replicator status" 600 + notify_error "${com_pipe_answer}" "Please check the Dovecot replicator status" 600 elif [[ ${com_pipe_answer} == "certcheck" ]]; then log_msg "Certificates are about to expire" # Define $2 to override message text, else print service was restarted at ... # Only mail once a day - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && notify_error "${com_pipe_answer}" "Please renew your certificate" 86400 + notify_error "${com_pipe_answer}" "Please renew your certificate" 86400 elif [[ ${com_pipe_answer} == "acme-mailcow" ]]; then log_msg "acme-mailcow did not complete successfully" # Define $2 to override message text, else print service was restarted at ... - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && notify_error "${com_pipe_answer}" "Please check acme-mailcow for further information." + notify_error "${com_pipe_answer}" "Please check acme-mailcow for further information." elif [[ ${com_pipe_answer} == "fail2ban" ]]; then F2B_RES=($(timeout 4s ${REDIS_CMDLINE} --raw GET F2B_RES 2> /dev/null)) if [[ ! -z "${F2B_RES}" ]]; then @@ -1065,7 +1065,7 @@ while true; do log_msg "Banned ${host}" rm /tmp/fail2ban 2> /dev/null timeout 2s whois "${host}" > /tmp/fail2ban - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && [[ ${WATCHDOG_NOTIFY_BAN} =~ ^([yY][eE][sS]|[yY])+$ ]] && notify_error "${com_pipe_answer}" "IP ban: ${host}" + [[ ${WATCHDOG_NOTIFY_BAN} =~ ^([yY][eE][sS]|[yY])+$ ]] && notify_error "${com_pipe_answer}" "IP ban: ${host}" done fi elif [[ ${com_pipe_answer} =~ .+-mailcow ]]; then @@ -1085,7 +1085,7 @@ while true; do else log_msg "Sending restart command to ${CONTAINER_ID}..." curl --silent --insecure -XPOST https://dockerapi/containers/${CONTAINER_ID}/restart - [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && notify_error "${com_pipe_answer}" + notify_error "${com_pipe_answer}" log_msg "Wait for restarted container to settle and continue watching..." sleep 35 fi @@ -1095,3 +1095,4 @@ while true; do kill -USR1 ${BACKGROUND_TASKS[*]} fi done + From fe8131f7430ec3d2b97793587bcbf88bd058a67a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Kleinekath=C3=B6fer?= Date: Fri, 6 Jan 2023 15:52:36 +0100 Subject: [PATCH 03/12] Only sent mail if enabled --- data/Dockerfiles/watchdog/watchdog.sh | 63 ++++++++++++++------------- 1 file changed, 33 insertions(+), 30 deletions(-) diff --git a/data/Dockerfiles/watchdog/watchdog.sh b/data/Dockerfiles/watchdog/watchdog.sh index e6e70ba72..5d962309a 100755 --- a/data/Dockerfiles/watchdog/watchdog.sh +++ b/data/Dockerfiles/watchdog/watchdog.sh @@ -124,37 +124,40 @@ function notify_error() { else SUBJECT="${WATCHDOG_SUBJECT}: ${1}" fi - IFS=',' read -r -a MAIL_RCPTS <<< "${WATCHDOG_NOTIFY_EMAIL}" - for rcpt in "${MAIL_RCPTS[@]}"; do - RCPT_DOMAIN= - RCPT_MX= - RCPT_DOMAIN=$(echo ${rcpt} | awk -F @ {'print $NF'}) - CHECK_FOR_VALID_MX=$(dig +short ${RCPT_DOMAIN} mx) - if [[ -z ${CHECK_FOR_VALID_MX} ]]; then - log_msg "Cannot determine MX for ${rcpt}, skipping email notification..." - return 1 - fi - [ -f "/tmp/${1}" ] && BODY="/tmp/${1}" - timeout 10s ./smtp-cli --missing-modules-ok \ - "${SMTP_VERBOSE}" \ - --charset=UTF-8 \ - --subject="${SUBJECT}" \ - --body-plain="${BODY}" \ - --add-header="X-Priority: 1" \ - --to=${rcpt} \ - --from="watchdog@${MAILCOW_HOSTNAME}" \ - --hello-host=${MAILCOW_HOSTNAME} \ - --ipv4 - if [[ $? -eq 1 ]]; then # exit code 1 is fine - log_msg "Sent notification email to ${rcpt}" - else - if [[ "${SMTP_VERBOSE}" == "" ]]; then - log_msg "Error while sending notification email to ${rcpt}. You can enable verbose logging by setting 'WATCHDOG_VERBOSE=y' in mailcow.conf." - else - log_msg "Error while sending notification email to ${rcpt}." + + if [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]]; then + IFS=',' read -r -a MAIL_RCPTS <<< "${WATCHDOG_NOTIFY_EMAIL}" + for rcpt in "${MAIL_RCPTS[@]}"; do + RCPT_DOMAIN= + RCPT_MX= + RCPT_DOMAIN=$(echo ${rcpt} | awk -F @ {'print $NF'}) + CHECK_FOR_VALID_MX=$(dig +short ${RCPT_DOMAIN} mx) + if [[ -z ${CHECK_FOR_VALID_MX} ]]; then + log_msg "Cannot determine MX for ${rcpt}, skipping email notification..." + return 1 fi - fi - done + [ -f "/tmp/${1}" ] && BODY="/tmp/${1}" + timeout 10s ./smtp-cli --missing-modules-ok \ + "${SMTP_VERBOSE}" \ + --charset=UTF-8 \ + --subject="${SUBJECT}" \ + --body-plain="${BODY}" \ + --add-header="X-Priority: 1" \ + --to=${rcpt} \ + --from="watchdog@${MAILCOW_HOSTNAME}" \ + --hello-host=${MAILCOW_HOSTNAME} \ + --ipv4 + if [[ $? -eq 1 ]]; then # exit code 1 is fine + log_msg "Sent notification email to ${rcpt}" + else + if [[ "${SMTP_VERBOSE}" == "" ]]; then + log_msg "Error while sending notification email to ${rcpt}. You can enable verbose logging by setting 'WATCHDOG_VERBOSE=y' in mailcow.conf." + else + log_msg "Error while sending notification email to ${rcpt}." + fi + fi + done + fi } get_container_ip() { From 3e69304f0f9c22abd8b777d66c8a1099a3d2ef12 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Kleinekath=C3=B6fer?= Date: Fri, 6 Jan 2023 16:25:18 +0100 Subject: [PATCH 04/12] Send webhook --- data/Dockerfiles/watchdog/watchdog.sh | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/data/Dockerfiles/watchdog/watchdog.sh b/data/Dockerfiles/watchdog/watchdog.sh index 5d962309a..741417c59 100755 --- a/data/Dockerfiles/watchdog/watchdog.sh +++ b/data/Dockerfiles/watchdog/watchdog.sh @@ -125,6 +125,7 @@ function notify_error() { SUBJECT="${WATCHDOG_SUBJECT}: ${1}" fi + # Send mail notification if enabled if [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]]; then IFS=',' read -r -a MAIL_RCPTS <<< "${WATCHDOG_NOTIFY_EMAIL}" for rcpt in "${MAIL_RCPTS[@]}"; do @@ -158,6 +159,23 @@ function notify_error() { fi done fi + + # Send webhook notification if enabled + if [[ ! -z ${WATCHDOG_NOTIFY_WEBHOOK} ]]; then + if [[ -z ${WATCHDOG_NOTIFY_WEBHOOK_BODY} ]]; then + log_msg "No webhook body set, skipping webhook notification..." + return 1 + fi + + WEBHOOK_BODY=$(echo "${WATCHDOG_NOTIFY_WEBHOOK_BODY}" | envsubst '$SUBJECT,$BODY') + + curl -X POST \ + -H "Content-Type: application/json" \ + -d ${WEBHOOK_BODY} \ + ${WATCHDOG_NOTIFY_WEBHOOK} + + log_msg "Posted notification to webhook" + fi } get_container_ip() { From b83841d2533a62e44300ee5b36c3b1a4121e7b02 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Kleinekath=C3=B6fer?= Date: Sat, 7 Jan 2023 15:44:29 +0100 Subject: [PATCH 05/12] Replace placeholders with sed --- data/Dockerfiles/watchdog/watchdog.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/Dockerfiles/watchdog/watchdog.sh b/data/Dockerfiles/watchdog/watchdog.sh index 741417c59..ada402bad 100755 --- a/data/Dockerfiles/watchdog/watchdog.sh +++ b/data/Dockerfiles/watchdog/watchdog.sh @@ -167,7 +167,7 @@ function notify_error() { return 1 fi - WEBHOOK_BODY=$(echo "${WATCHDOG_NOTIFY_WEBHOOK_BODY}" | envsubst '$SUBJECT,$BODY') + WEBHOOK_BODY=$(echo ${WATCHDOG_NOTIFY_WEBHOOK_BODY} | sed "s/\$SUBJECT\|\${SUBJECT}/$SUBJECT/g" | sed "s/\$BODY\|\${BODY}/$BODY/" | sed "s/\"/\\\\\"/g") curl -X POST \ -H "Content-Type: application/json" \ From b6b399a590dc3da14ac51d976ed59d54be530ad1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Kleinekath=C3=B6fer?= Date: Sat, 7 Jan 2023 16:00:17 +0100 Subject: [PATCH 06/12] Fixed POST to webhook --- data/Dockerfiles/watchdog/watchdog.sh | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/data/Dockerfiles/watchdog/watchdog.sh b/data/Dockerfiles/watchdog/watchdog.sh index ada402bad..2b8ff78fb 100755 --- a/data/Dockerfiles/watchdog/watchdog.sh +++ b/data/Dockerfiles/watchdog/watchdog.sh @@ -167,14 +167,13 @@ function notify_error() { return 1 fi - WEBHOOK_BODY=$(echo ${WATCHDOG_NOTIFY_WEBHOOK_BODY} | sed "s/\$SUBJECT\|\${SUBJECT}/$SUBJECT/g" | sed "s/\$BODY\|\${BODY}/$BODY/" | sed "s/\"/\\\\\"/g") + # Replace subject and body placeholders + WEBHOOK_BODY=$(echo ${WATCHDOG_NOTIFY_WEBHOOK_BODY} | sed "s/\$SUBJECT\|\${SUBJECT}/$SUBJECT/g" | sed "s/\$BODY\|\${BODY}/$BODY/") + + # POST to webhook + curl -X POST -H "Content-Type: application/json" -d "${WEBHOOK_BODY}" ${WATCHDOG_NOTIFY_WEBHOOK} - curl -X POST \ - -H "Content-Type: application/json" \ - -d ${WEBHOOK_BODY} \ - ${WATCHDOG_NOTIFY_WEBHOOK} - - log_msg "Posted notification to webhook" + log_msg "Sent notification using webhook" fi } From 38f5e293b0770db1dcd86564a89357a46fb708d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Kleinekath=C3=B6fer?= Date: Sat, 7 Jan 2023 16:21:11 +0100 Subject: [PATCH 07/12] Webhook variables in config generation --- generate_config.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/generate_config.sh b/generate_config.sh index 70dc58877..da11f60a6 100755 --- a/generate_config.sh +++ b/generate_config.sh @@ -338,6 +338,13 @@ USE_WATCHDOG=y #WATCHDOG_NOTIFY_EMAIL=a@example.com,b@example.com,c@example.com #WATCHDOG_NOTIFY_EMAIL= +# Send notifications to a webhook URL that receives a POST request with the content type "application/json". +# You can use this to send notifications to services like Discord, Slack and others. +#WATCHDOG_NOTIFY_WEBHOOK=https://discord.com/api/webhooks/XXXXXXXXXXXXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX +# JSON body included in the webhook POST request. Needs to be in single quotes. +# Following variables are available: SUBJECT, BODY +#WATCHDOG_NOTIFY_WEBHOOK_BODY='{"username": "Mailcow Watchdog", "content": "**${SUBJECT}**\n${BODY}"}' + # Notify about banned IP (includes whois lookup) WATCHDOG_NOTIFY_BAN=n From 50fde60899c42a4a3e5bc2dcf8c5a6f00a00a2e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Kleinekath=C3=B6fer?= Date: Sat, 7 Jan 2023 16:29:43 +0100 Subject: [PATCH 08/12] Added webhook variables to update script --- update.sh | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/update.sh b/update.sh index 34d173540..4ada78d87 100755 --- a/update.sh +++ b/update.sh @@ -367,6 +367,8 @@ CONFIG_ARRAY=( "SKIP_SOGO" "USE_WATCHDOG" "WATCHDOG_NOTIFY_EMAIL" + "WATCHDOG_NOTIFY_WEBHOOK" + "WATCHDOG_NOTIFY_WEBHOOK_BODY" "WATCHDOG_NOTIFY_BAN" "WATCHDOG_EXTERNAL_CHECKS" "WATCHDOG_SUBJECT" @@ -546,6 +548,20 @@ for option in ${CONFIG_ARRAY[@]}; do echo "#MAILDIR_SUB=Maildir" >> mailcow.conf echo "MAILDIR_SUB=" >> mailcow.conf fi + elif [[ ${option} == "WATCHDOG_NOTIFY_WEBHOOK" ]]; then + if ! grep -q ${option} mailcow.conf; then + echo "Adding new option \"${option}\" to mailcow.conf" + echo '# Send notifications to a webhook URL that receives a POST request with the content type "application/json".' >> mailcow.conf + echo '# You can use this to send notifications to services like Discord, Slack and others.' >> mailcow.conf + echo '#WATCHDOG_NOTIFY_WEBHOOK=https://discord.com/api/webhooks/XXXXXXXXXXXXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' >> mailcow.conf + fi + elif [[ ${option} == "WATCHDOG_NOTIFY_WEBHOOK_BODY" ]]; then + if ! grep -q ${option} mailcow.conf; then + echo "Adding new option \"${option}\" to mailcow.conf" + echo '# JSON body included in the webhook POST request. Needs to be in single quotes.' >> mailcow.conf + echo '# Following variables are available: SUBJECT, BODY' >> mailcow.conf + echo '#WATCHDOG_NOTIFY_WEBHOOK_BODY=\'{"username": "Mailcow Watchdog", "content": "**${SUBJECT}**\n${BODY}"}\'' >> mailcow.conf + fi elif [[ ${option} == "WATCHDOG_NOTIFY_BAN" ]]; then if ! grep -q ${option} mailcow.conf; then echo "Adding new option \"${option}\" to mailcow.conf" @@ -925,4 +941,4 @@ fi # echo # git reflog --color=always | grep "Before update on " # echo -# echo "Use \"git reset --hard hash-on-the-left\" and run $COMPOSE_COMMAND up -d afterwards." \ No newline at end of file +# echo "Use \"git reset --hard hash-on-the-left\" and run $COMPOSE_COMMAND up -d afterwards." From e4347792b87e6537b02e885c223f4e5b95957400 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Kleinekath=C3=B6fer?= Date: Sun, 8 Jan 2023 20:02:18 +0100 Subject: [PATCH 09/12] mailcow should be llow --- generate_config.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/generate_config.sh b/generate_config.sh index da11f60a6..3181eac79 100755 --- a/generate_config.sh +++ b/generate_config.sh @@ -343,7 +343,7 @@ USE_WATCHDOG=y #WATCHDOG_NOTIFY_WEBHOOK=https://discord.com/api/webhooks/XXXXXXXXXXXXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX # JSON body included in the webhook POST request. Needs to be in single quotes. # Following variables are available: SUBJECT, BODY -#WATCHDOG_NOTIFY_WEBHOOK_BODY='{"username": "Mailcow Watchdog", "content": "**${SUBJECT}**\n${BODY}"}' +#WATCHDOG_NOTIFY_WEBHOOK_BODY='{"username": "mailcow Watchdog", "content": "**${SUBJECT}**\n${BODY}"}' # Notify about banned IP (includes whois lookup) WATCHDOG_NOTIFY_BAN=n From 7877215d597e42f1f761a4ea4695e6888eac4238 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Kleinekath=C3=B6fer?= Date: Sun, 8 Jan 2023 20:02:46 +0100 Subject: [PATCH 10/12] mailcow should be lowercase --- update.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/update.sh b/update.sh index 4ada78d87..8e23f4147 100755 --- a/update.sh +++ b/update.sh @@ -560,7 +560,7 @@ for option in ${CONFIG_ARRAY[@]}; do echo "Adding new option \"${option}\" to mailcow.conf" echo '# JSON body included in the webhook POST request. Needs to be in single quotes.' >> mailcow.conf echo '# Following variables are available: SUBJECT, BODY' >> mailcow.conf - echo '#WATCHDOG_NOTIFY_WEBHOOK_BODY=\'{"username": "Mailcow Watchdog", "content": "**${SUBJECT}**\n${BODY}"}\'' >> mailcow.conf + echo '#WATCHDOG_NOTIFY_WEBHOOK_BODY=\'{"username": "mailcow Watchdog", "content": "**${SUBJECT}**\n${BODY}"}\'' >> mailcow.conf fi elif [[ ${option} == "WATCHDOG_NOTIFY_BAN" ]]; then if ! grep -q ${option} mailcow.conf; then From a3c5f785e9dd8412cb2807de71246ce12f91ebf6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Kleinekath=C3=B6fer?= Date: Mon, 20 Feb 2023 22:34:53 +0100 Subject: [PATCH 11/12] Added new env vars to docker compose --- docker-compose.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index b940b3367..61e7a78e4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -471,6 +471,8 @@ services: - WATCHDOG_NOTIFY_EMAIL=${WATCHDOG_NOTIFY_EMAIL:-} - WATCHDOG_NOTIFY_BAN=${WATCHDOG_NOTIFY_BAN:-y} - WATCHDOG_SUBJECT=${WATCHDOG_SUBJECT:-Watchdog ALERT} + - WATCHDOG_NOTIFY_WEBHOOK=${WATCHDOG_NOTIFY_WEBHOOK} + - WATCHDOG_NOTIFY_WEBHOOK_BODY=${WATCHDOG_NOTIFY_WEBHOOK_BODY} - WATCHDOG_EXTERNAL_CHECKS=${WATCHDOG_EXTERNAL_CHECKS:-n} - WATCHDOG_MYSQL_REPLICATION_CHECKS=${WATCHDOG_MYSQL_REPLICATION_CHECKS:-n} - WATCHDOG_VERBOSE=${WATCHDOG_VERBOSE:-n} From 218ba6950187c2648769e8eeef0c3529023cecd7 Mon Sep 17 00:00:00 2001 From: FreddleSpl0it Date: Mon, 11 Dec 2023 15:44:11 +0100 Subject: [PATCH 12/12] [Watchdog] add curl verbose & use | as sed delimiter --- data/Dockerfiles/watchdog/watchdog.sh | 6 ++++-- docker-compose.yml | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/data/Dockerfiles/watchdog/watchdog.sh b/data/Dockerfiles/watchdog/watchdog.sh index 2b8ff78fb..1e0d68137 100755 --- a/data/Dockerfiles/watchdog/watchdog.sh +++ b/data/Dockerfiles/watchdog/watchdog.sh @@ -19,9 +19,11 @@ fi if [[ "${WATCHDOG_VERBOSE}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then SMTP_VERBOSE="--verbose" + CURL_VERBOSE="--verbose" set -xv else SMTP_VERBOSE="" + CURL_VERBOSE="" exec 2>/dev/null fi @@ -168,10 +170,10 @@ function notify_error() { fi # Replace subject and body placeholders - WEBHOOK_BODY=$(echo ${WATCHDOG_NOTIFY_WEBHOOK_BODY} | sed "s/\$SUBJECT\|\${SUBJECT}/$SUBJECT/g" | sed "s/\$BODY\|\${BODY}/$BODY/") + WEBHOOK_BODY=$(echo ${WATCHDOG_NOTIFY_WEBHOOK_BODY} | sed "s|\$SUBJECT\|\${SUBJECT}|$SUBJECT|g" | sed "s|\$BODY\|\${BODY}|$BODY|") # POST to webhook - curl -X POST -H "Content-Type: application/json" -d "${WEBHOOK_BODY}" ${WATCHDOG_NOTIFY_WEBHOOK} + curl -X POST -H "Content-Type: application/json" ${CURL_VERBOSE} -d "${WEBHOOK_BODY}" ${WATCHDOG_NOTIFY_WEBHOOK} log_msg "Sent notification using webhook" fi diff --git a/docker-compose.yml b/docker-compose.yml index 61e7a78e4..8ab7bb8cf 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -448,7 +448,7 @@ services: - /lib/modules:/lib/modules:ro watchdog-mailcow: - image: mailcow/watchdog:1.97 + image: mailcow/watchdog:1.99 dns: - ${IPV4_NETWORK:-172.22.1}.254 tmpfs: