Notifications work in the form of email. The backend software used here is postfix  configured as a MTA. The options allow to configure to send mail via SMTP servers using the standard port or use SSL/TLS. The web interface allows inputing two delivery addresses. Both are assigned to the root user.
The central MTA configuration is stored in
openmediavault creates the
/etc/postfix/recipient_canonical to define the root (admin) and normal users mail addresses when added via the web interface. Example:
root firstname.lastname@example.org mike email@example.com @server.lan firstname.lastname@example.org
When a scheduled task is defined to run as a certain user the output generated from that task, will be sent to that user defined mail.
The last line is the catch all address. For example a scheduled task set to be run as user with no mail defined in their profile will get the output generated sent to the catch all address (
email@example.com). The same will happen with any other mail action intended for an undefined user (not in that list)
Mails can be sent from terminal also with mail command. mail receives from stdin.
$ echo "Message body" | mail -s "Test subject" mike
Mail will be delivered to
firstname.lastname@example.org as it is defined in canonical_recipients. The delivery address can be explicit also:
$ echo "Message body" | mail -s "Test subject" email@example.com
$ echo "Message body" | mail -s "Test subject" john
Mail will delivered to
firstname.lastname@example.org because user john does not have an email address defined in canonical_recipients, so it goes to the catch all address.
openmediavault stores the configuration values in the database (including the password). Before posting information for support please sanitize the values.
The server will send notifications for this events:
- Log in from browser (If cookies are allowed, then it just sends once).
- Use of sudo by a user not in allowed group.
- Summary of locked users by pam_tally2 . This happens when a user or admin attempts fails to log in for more than three times.
- MD RAID events: degraded, reshape, etc. [D]
- Monit software: php-fpm, nginx, netatalk, rrdcached, collectd and omv-engined. [D]
- Monit filesystem: usage and mount points. [D]
- Monit system: CPU, Load and memory usage. [D]
- Scheduled tasks. [D]
- Rsync jobs. [D]
- Cron-apt: Summary of upgrade packages available. [D]
- SMART: Report of attribute changes. [D]
Options marked with [D] can be disabled selectivly. The rest only when the whole notification backend is disabled.
Gmail can be used in notifications. If you have 2FA enabled for the account, then is necessary to create an app password
SMTP Server: smtp.gmail.com SMTP Port: 587 Encryption mode: STARTTLS Sender email: email@example.com (include domain) Authentication required: Yes Username: firstname.lastname@example.org (include domain) Password: <the app password here> Primary email: email@example.com Secondary email: optional
Aliases are allowed. This is good for filtering later in gmail.
firstname.lastname@example.org can be
Gmail requires “access for less secure applications” to be enabled, in order for openmediavault to send notifications using
smtp.gmail.com. Enable access for less secure applications
If the remote SMTP server uses port 465, openmediavault will reconfigure the MTA to use the corresponding directives as documented in postfix for wrapper mode.
Third Party Notifications¶
Whenever a mail is dispatched by the MTA, postfix will execute a run-parts of this directory
/usr/share/openmediavault/notification/sink.d, passing the following environmental variables:
OMV_NOTIFICATION_FROM OMV_NOTIFICATION_RECIPIENT OMV_NOTIFICATION_SUBJECT OMV_NOTIFICATION_DATE OMV_NOTIFICATION_MESSAGE_FILE
Also the following positional arguments are passed:
$1 The path of the file containing the message text (OMV_NOTIFICATION_MESSAGE_FILE) $2 The FROM email address (OMV_NOTIFICATION_FROM) $3 The TO recipient email adresses (OMV_NOTIFICATION_RECIPIENT)
Most modern non mail notifications systems have a documented API, where you can send text using curl payloads with a secret TOKEN. So most common case would be to use MESSAGE_FILE variable only in your script.
Your script’s filename must adhere to the following standards:
- Do not add an extension to your script in the run-parts directory, otherwise it will get excluded.
- Make sure the script file is executable. In this case also make sure the script is not a symlink to a mounted filesystem with noexec flag.