Weekly Journal 29 - Ansible, Mutt

Synopsis

Finally found some time to work on my APIBan automation project and started migrating my email to Mutt.

Ansible and APIs

This week had a few quiet moments to work on my APIBan automation. I made some significant progress which was nice, but it also raised some questions around the approach I am taking. APIBan, like the name suggests, is an API that delivers a list of bad actor IP addresses. This particular list is centered around SIP spammers. SIP spammers scan IP addresses looking for open SIP endpoints that they can exploit to steal phone service, usually so they can make scam calls.

For my project, I am attempting to download the list of known bad IP addresses and create Linux iptables rules to block traffic from them. Ansible does not have great support for calling an API and using the data from the result later in the process. I started my project by creating a couple of shell scripts that calls the API and consolidates the multiple pages of data into a single list of IP addresses. While writing the script itself was reasonably straightforward, using the results with Ansible feels kind of awkward. In order to use the results, I will need to write additional shell scripts and that seems to go against the natural flow of Ansible. It just doesn’t feel right.

I think this may be a situation where it would make sense to build a custom Ansible module. That should make it easier to handle the imperative nature of working with the API in the module while making it feel more like the standard Ansible experience. I think building a module prototype will be my next step when I have to work on this again.

Mutt

I have been working on transferring my email from the Google Mail account I have used for years over to something I manage myself. I have chosen Migadu to host my email, and I have setup Mutt as my mail client. I used to use Mutt several years ago, and it feels good to go back to using a CLI mail client. I am still in the early stages of getting everything setup. I still need to figure out how to handle filtering and indexing my email.

What’s Next?

I am hoping to start working on my Ansible module, and continuing to setup my new personal email.