Want to subscribe to topics you're interested in?
Become a Member

Beta Branch update tools/emailnotify.sh add AWS SES smtp support in 123.09beta01

Discussion in 'Centmin Mod Github Commits' started by eva2000, Sep 19, 2020.

  1. eva2000

    eva2000 Administrator Staff Member

    45,681
    10,372
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,095
    Local Time:
    2:17 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    update tools/emailnotify.sh add AWS SES smtp support in 123.09beta01

    - Update tools/emailnotify.sh to support AWS SES smtp server credential based email sending for more reliable email delivery. For prior info on how tools/emailnotify.sh worked read Beta Branch - add tools/emailnotify.sh in 123.09beta01
    - To switch tools/emailnotify.sh to use AWS SES smtp server, you need to have created an Amazon SES smtp credential username/password and obtained your Amazon SES smtp server name. You will need to populate the below variables within persistent config file at /etc/centminmod/custom_config.inc with the following - where EMAILNOTIFY_SES_FROM_EMAIL is your verified email address you setup in Amazon SES settings and EMAILNOTIFY_SES_TO_EMAIL is your desired email address you want tools/emailnotify.sh to send emails to. The EMAILNOTIFY_SES_SMTP_SERVER would be the one displayed to you when you configured your specific Amazon SES region smtp mail server i.e. email-smtp.us-east-1.amazonaws.com

    Code (Text):
    EMAILNOTIFY_SES='y'
    EMAILNOTIFY_SES_FROM_EMAIL='your_ses_verified_from_email_address'
    EMAILNOTIFY_SES_TO_EMAIL='your_desired_email_to_receive_server_emails'
    # CC and BCC options are optional. If not need, set and leave empty without a value
    EMAILNOTIFY_SES_CC_EMAIL='your_desired_cc_email_to_receive_server_emails'
    EMAILNOTIFY_SES_BCC_EMAIL='your_desired_bcc_email_to_receive_server_emails'
    EMAILNOTIFY_SES_SMTP_USERNAME='your_ses_smtp_username'
    EMAILNOTIFY_SES_SMTP_PASSWORD='your_ses_smtp_password'
    EMAILNOTIFY_SES_SMTP_SERVER='your_ses_smtp_server'
    EMAILNOTIFY_SES_SMTP_PORT='587'


    Continue reading...

    123.09beta01 branch
     
  2. eva2000

    eva2000 Administrator Staff Member

    45,681
    10,372
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,095
    Local Time:
    2:17 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    tools/emailnotify.sh eventual purpose is to be built into a tool which handles all Centmin Mod's email notification/alerts behind the scenes. Not everyone properly setups or wants to setup the properly main hostname DKIM, SPF, DMARC records outlined at Email - Steps to ensure your site/server email doesn't end up in spam inboxes or configure Postfix AWS SES relaying. So adding AWS SES support to tools/emailnotify.sh is a workaround as the underlying system uses openssl s_client to send the actual email - not touching Postfix MTA at all.

    Example with persistent config file set

    Code (Text):
    EMAILNOTIFY_SES='y'
    EMAILNOTIFY_SES_FROM_EMAIL='your_ses_verified_from_email_address'
    EMAILNOTIFY_SES_TO_EMAIL='your_desired_email_to_receive_server_emails'
    # CC and BCC options are optional. If not need, set and leave empty without a value
    EMAILNOTIFY_SES_CC_EMAIL=''
    EMAILNOTIFY_SES_BCC_EMAIL=''
    EMAILNOTIFY_SES_SMTP_USERNAME='your_ses_smtp_username'
    EMAILNOTIFY_SES_SMTP_PASSWORD='your_ses_smtp_password'
    EMAILNOTIFY_SES_SMTP_SERVER='email-smtp.us-east-1.amazonaws.com'
    EMAILNOTIFY_SES_SMTP_PORT='587'

    Usage
    Code (Text):
    /usr/local/src/centminmod/tools/emailnotify.sh
    Usage:
    /usr/local/src/centminmod/tools/emailnotify.sh send emailbody emailsubject
    

    Run tools/emailnotify.sh send command with onewordbody and asubject. The body and subject can take only one word by default without spaces.

    So a onewordbody with asubject would be:
    Code (Text):
    /usr/local/src/centminmod/tools/emailnotify.sh send onewordbody asubject
    ----------------------------------------------------
    Send email via SES using openssl client
    Success email send will end with line:
    451 4.4.2 Timeout waiting for data from client
    and return to command prompt after 10 seconds
    ----------------------------------------------------
    CONNECTION ESTABLISHED
    Protocol version: TLSv1.2
    Ciphersuite: ECDHE-RSA-AES256-GCM-SHA384
    Peer certificate: CN = email-smtp.us-east-1.amazonaws.com
    Hash used: SHA512
    Server Temp Key: ECDH, P-256, 256 bits
    250 Ok
    250-email-smtp.amazonaws.com
    250-8BITMIME
    250-SIZE 10485760
    250-STARTTLS
    250-AUTH PLAIN LOGIN
    250 Ok
    334 VXNlcm5hbWU6
    334 UGFzc3dvcmQ6
    235 Authentication successful.
    250 Ok
    250 Ok
    354 End data with <CR><LF>.<CR><LF>
    250 Ok 01000174a2a56da7-1d98b529-63f6-475d-be6d-2c6602babf71-000000
    451 4.4.2 Timeout waiting for data from client.
    

    after 250 ending code, there will be a 10 second wait time until openssl closes the SMTP connection with a 451 4.4.2 Timeout waiting for data from client message.

    Email you receive will look something like

    ses-emailnotify.sh-gmail-inbox-01.png ses-emailnotify.sh-gmail-inbox-02.png
     
  3. eva2000

    eva2000 Administrator Staff Member

    45,681
    10,372
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,095
    Local Time:
    2:17 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    The first example above isn't that useful for oneword body responses without spaces. So tools/emailnotify.sh supports sending the contents of a file as the body of the message.

    Example if you want to send your cminfo sar-json output to yourself you can save the cminfo sar-json output to a text file i.e. /tmp/sar-json.log
    Code (Text):
    cminfo sar-json > /tmp/sar-json.log
    

    Code (Text):
    /usr/local/src/centminmod/tools/emailnotify.sh send /tmp/sar-json.log sar-json
    

    Code (Text):
    /usr/local/src/centminmod/tools/emailnotify.sh send /tmp/sar-json.log sar-json
    ----------------------------------------------------
    Send email via SES using openssl client
    Success email send will end with line:
    451 4.4.2 Timeout waiting for data from client
    and return to command prompt after 10 seconds
    ----------------------------------------------------
    CONNECTION ESTABLISHED
    Protocol version: TLSv1.2
    Ciphersuite: ECDHE-RSA-AES256-GCM-SHA384
    Peer certificate: CN = email-smtp.us-east-1.amazonaws.com
    Hash used: SHA512
    Server Temp Key: ECDH, P-256, 256 bits
    250 Ok
    250-email-smtp.amazonaws.com
    250-8BITMIME
    250-SIZE 10485760
    250-STARTTLS
    250-AUTH PLAIN LOGIN
    250 Ok
    334 VXNlcm5hbWU6
    334 UGFzc3dvcmQ6
    235 Authentication successful.
    250 Ok
    250 Ok
    354 End data with <CR><LF>.<CR><LF>
    250 Ok 01000174a2b69da8-f67086c8-ff11-4248-90dd-c5bc5b59811f-000000
    451 4.4.2 Timeout waiting for data from client.
    


    And email would look like

    ses-emailnotify.sh-gmail-inbox-03.png
    And body contents would look like ses-emailnotify.sh-gmail-inbox-04.png
    where the contents would be what's contained in /tmp/sar-json.log text file.
    Code (Text):
    cat /tmp/sar-json.log
    {
      "timestamp": {
        "date": "2020-09-18",
        "time": "00:05:01",
        "utc": 1,
        "interval": 300
      },
      "cpu-load": [
        {
          "cpu": "all",
          "user": 0.26,
          "nice": 0,
          "system": 0.29,
          "iowait": 1.66,
          "steal": 0,
          "idle": 97.79
        }
      ],
      "process-and-context-switch": {
        "proc": 5.57,
        "cswch": 879.48
      },
      "io": {
        "tps": 14.74,
        "io-reads": {
          "rtps": 6.79,
          "bread": 240.64
        },
        "io-writes": {
          "wtps": 7.95,
          "bwrtn": 325.5
        }
      },
      "memory": {
        "memfree": 283196,
        "memused": 32457828,
        "memused-percent": 99.14,
        "buffers": 128800,
        "cached": 3030516,
        "commit": 19999244,
        "commit-percent": 57.41,
        "active": 2836992,
        "inactive": 1754580,
        "dirty": 6252,
        "swpfree": 65276,
        "swpused": 2029820,
        "swpused-percent": 96.88,
        "swpcad": 4608,
        "swpcad-percent": 0.23
      },
      "queue": {
        "runq-sz": 0,
        "plist-sz": 489,
        "ldavg-1": 0.43,
        "ldavg-5": 0.25,
        "ldavg-15": 0.15,
        "blocked": 0
      },
      "disk": [
        {
          "disk-device": "dev8-0",
          "tps": 10.44,
          "rd_sec": 225.38,
          "wr_sec": 165.76,
          "avgrq-sz": 37.45,
          "avgqu-sz": 0,
          "await": 0.32,
          "svctm": 0.11,
          "util-percent": 0.12
        },
        {
          "disk-device": "dev8-16",
          "tps": 4.3,
          "rd_sec": 15.25,
          "wr_sec": 159.74,
          "avgrq-sz": 40.69,
          "avgqu-sz": 0,
          "await": 0.52,
          "svctm": 0.06,
          "util-percent": 0.03
        },
        {
          "disk-device": "dev9-1",
          "tps": 6.06,
          "rd_sec": 39.12,
          "wr_sec": 127.32,
          "avgrq-sz": 27.48,
          "avgqu-sz": 0,
          "await": 0,
          "svctm": 0,
          "util-percent": 0
        },
        {
          "disk-device": "dev9-2",
          "tps": 8.55,
          "rd_sec": 198.47,
          "wr_sec": 27.15,
          "avgrq-sz": 26.39,
          "avgqu-sz": 0,
          "await": 0,
          "svctm": 0,
          "util-percent": 0
        }
      ]
    }
    


    Then if you've setup Amazon AWS SES Cloudwatch dashboard to monitor your AWS SES reputation for bounce and complaint rates (example here), you should be able to ensure more reliable delivery of your server related email notifications etc.

    ses-cloudwatch-dashboard-01.png
     
    Last edited: Sep 19, 2020
  4. eva2000

    eva2000 Administrator Staff Member

    45,681
    10,372
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,095
    Local Time:
    2:17 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    FYI, you can actually use body and subject with spaces if you wrap them in double quotes i.e.

    Code (Text):
    /usr/local/src/centminmod/tools/emailnotify.sh send /tmp/sar-json.log "sar-json log info"
    

    or
    Code (Text):
    /usr/local/src/centminmod/tools/emailnotify.sh send "body contents" "subject title"
    


    ses-emailnotify.sh-gmail-inbox-05.png
     
  5. eva2000

    eva2000 Administrator Staff Member

    45,681
    10,372
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,095
    Local Time:
    2:17 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Another example send php -v command output via AWS SES

    Code (Text):
    /usr/local/src/centminmod/tools/emailnotify.sh send "$(php -v)" "php version"

    Code (Text):
    /usr/local/src/centminmod/tools/emailnotify.sh send "$(php -v)" "php version"              
    ----------------------------------------------------
    Send email via SES using openssl client
    Success email send will end with line:
    451 4.4.2 Timeout waiting for data from client
    and return to command prompt after 10 seconds
    ----------------------------------------------------
    
    CONNECTION ESTABLISHED
    Protocol version: TLSv1.2
    Ciphersuite: ECDHE-RSA-AES256-GCM-SHA384
    Peer certificate: CN = email-smtp.us-east-1.amazonaws.com
    Hash used: SHA512
    Server Temp Key: ECDH, P-256, 256 bits
    250 Ok
    250-email-smtp.amazonaws.com
    250-8BITMIME
    250-SIZE 10485760
    250-STARTTLS
    250-AUTH PLAIN LOGIN
    250 Ok
    334 VXNlcm5hbWU6
    334 UGFzc3dvcmQ6
    235 Authentication successful.
    250 Ok
    250 Ok
    354 End data with <CR><LF>.<CR><LF>
    250 Ok 01000174a36cf505-1316362c-a08f-4487-8183-af55a58eccf3-000000
    451 4.4.2 Timeout waiting for data from client.


    ses-emailnotify.sh-gmail-inbox-06.png

    Not too sure of when UTC reported times are for your timezone ? You can add Centmin Mod mytimes command out to your email body too
    Code (Text):
    /usr/local/src/centminmod/tools/emailnotify.sh send "$(php -v; mytimes)" "php version"
    

    ses-emailnotify.sh-gmail-inbox-07.png

    You could do same for most commands instead of saving in an intermediate file too by wrapping commands in "$(your commands)" for the body argument
    Code (Text):
    /usr/local/src/centminmod/tools/emailnotify.sh send "$(cminfo sar-json)" "cminfo sar-json"
    
    /usr/local/src/centminmod/tools/emailnotify.sh send "$(cminfo top)" "cminfo top"
    
    /usr/local/src/centminmod/tools/emailnotify.sh send "$(cminfo sar-cpu)" "cminfo sar-cpu"
    
    /usr/local/src/centminmod/tools/emailnotify.sh send "$(cminfo sar-mem)" "cminfo sar-mem"
    

    or list the last 5 nginx_upgrade logs and send the listing to your AWS SES defined to email address
    Code (Text):
    /usr/local/src/centminmod/tools/emailnotify.sh send "$(cminfo listlogs | grep nginx_upgrade | tail -5)" "last 5 nginx upgrade logs"
    

    your email body would of the output from the command
    Code (Text):
    cminfo listlogs | grep nginx_upgrade | tail -5
    -rw-r--r--  1 root root 1.9M Aug 12 05:53 centminmod_123.09beta01.b557_120820-055103_nginx_upgrade.log
    -rw-r--r--  1 root root  615 Aug 22 12:39 centminmod_123.09beta01.b561_220820-123931_nginx_upgrade.log
    -rw-r--r--  1 root root 1.8M Aug 22 12:40 centminmod_123.09beta01.b561_220820-123851_nginx_upgrade.log
    -rw-r--r--  1 root root  615 Sep  2 09:01 centminmod_123.09beta01.b573_020920-090151_nginx_upgrade.log
    -rw-r--r--  1 root root 1.9M Sep  2 09:04 centminmod_123.09beta01.b573_020920-090142_nginx_upgrade.log
    


    ses-emailnotify.sh-gmail-inbox-09.png
     
    Last edited: Sep 19, 2020
  6. eva2000

    eva2000 Administrator Staff Member

    45,681
    10,372
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,095
    Local Time:
    2:17 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Most recent update to tools/emailnotify.sh now allows you to pass an optional 3rd argument for a custom to email address overriding the default to email address Beta Branch - update tools/emailnotify.sh in 123.09beta01

    example
    Code (Text):
    cd /usr/local/src/centminmod/tools
    ./emailnotify.sh send "$(cminfo sar-json)" "cminfo sar-json" your-to-email@domain.com