bingen
/
rpi_docker_home_server
Vērot 1
Pievienot zvaigznīti 0
Atdalīts 0
Kods Problēmas 0 Izmaiņu pieprasījumi 0 Laidieni 0 Vikivietne Aktivitāte
Nevar pievienot vairāk kā 25 tēmas Tēmai ir jāsākas ar burtu vai ciparu, tā var saturēt domu zīmes ('-') un var būt līdz 35 simboliem gara.
60 Revīzijas
6 Atzari
Koks: f62e1e6157
Atzari Tagi
${ item.name }
Izveidot atzaru ${ searchTerm }
no 'f62e1e6157'
${ noResults }
rpi_docker_home_server/images/email/startup.sh

105 rindas
3.5KB
Neapstrādāts Vainot Vēsture 

  1. #!bin/bash

  2. 

  3. # set LDAP password from secret

  4. if [ ! -z $LDAP_BIND_PWD_FILE -a -f $LDAP_BIND_PWD_FILE ]; then

  5.     LDAP_BIND_PWD=`cat $LDAP_BIND_PWD_FILE`;

  6. fi

  7. 

  8. function replace {

  9.     #echo $1

  10.     sed -i "s/\${LDAP_SERVER_HOST}/${LDAP_SERVER_HOST}/g" $1

  11.     sed -i "s/\${LDAP_BIND_DN}/${LDAP_BIND_DN}/g" $1

  12.     sed -i "s/\${LDAP_SEARCH_BASE}/${LDAP_SEARCH_BASE}/g" $1

  13.     sed -i "s/\${DOMAIN}/${DOMAIN}/g" $1

  14.     sed -i "s/\${LDAP_BIND_PWD}/${LDAP_BIND_PWD}/g" $1

  15. }

  16. for i in `find /tmp/config/postfix -type f -exec ls {} \;`; do

  17.     replace $i

  18. done;

  19. for i in `find /tmp/config/dovecot -type f -exec ls {} \;`; do

  20.     replace $i

  21. done;

  22. for i in `find /tmp/config/dovecot/conf.d -type f -exec ls {} \;`; do

  23.     replace $i

  24. done;

  25. for i in `find /tmp/config/saslauth -type f -exec ls {} \;`; do

  26.     replace $i

  27. done;

  28. 

  29. # Postfix

  30. cp -f /tmp/config/postfix/* /etc/postfix/

  31. mkdir -p /etc/postfix/sasl

  32. cp -f /tmp/config/postfix/sasl/* /etc/postfix/sasl/sasl

  33. echo "${DOMAIN}		OK" >> /etc/postfix/virtual_domains;

  34. for i in ${VIRTUAL_DOMAINS[@]}; do

  35.     echo "$i	OK" >> /etc/postfix/virtual_domains;

  36. done;

  37. postmap hash:/etc/postfix/virtual_domains

  38. 

  39. # TLS certs

  40. cd /tmp

  41. openssl genrsa -des3 -passout pass:${LDAP_BIND_PWD} -out mail.domain.tld.key 4096

  42. chmod 600 mail.domain.tld.key

  43. openssl req -new -key mail.domain.tld.key -out mail.domain.tld.csr \

  44.         -passin pass:${LDAP_BIND_PWD} \

  45.         -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.${DOMAIN}"

  46. openssl x509 -req -days 365 -in mail.domain.tld.csr -signkey mail.domain.tld.key \

  47.         -out mail.domain.tld.crt -passin pass:${LDAP_BIND_PWD}

  48. openssl rsa -in mail.domain.tld.key -out mail.domain.tld.key.nopass \

  49.         -passin pass:${LDAP_BIND_PWD}

  50. mv mail.domain.tld.key.nopass mail.domain.tld.key

  51. openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650 \

  52.         -passout pass:${LDAP_BIND_PWD} \

  53.         -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.${DOMAIN}"

  54. chmod 600 mail.domain.tld.key

  55. chmod 600 cakey.pem

  56. mv mail.domain.tld.key /etc/ssl/private/

  57. mv mail.domain.tld.crt /etc/ssl/certs/

  58. mv cakey.pem /etc/ssl/private/

  59. mv cacert.pem /etc/ssl/certs/

  60. # DH

  61. mkdir -p /etc/postfix/certs

  62. cd /etc/postfix/certs

  63. openssl dhparam -2 -out dh_512.pem 512

  64. openssl dhparam -2 -out dh_1024.pem 1024

  65. chown -R root:root /etc/postfix/certs/

  66. chmod -R 600 /etc/postfix/certs/

  67. 

  68. # Dovecot

  69. mkdir -p /etc/dovecot/private

  70. openssl req -new -x509 -nodes -out /etc/dovecot/dovecot.pem -keyout /etc/dovecot/private/dovecot.pem -days 3650 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.${DOMAIN}"

  71. cp -f /tmp/config/dovecot/* /etc/dovecot/

  72. cp -f /tmp/config/dovecot/conf.d/* /etc/dovecot/conf.d/

  73. #Saslauthd

  74. cp -f /tmp/config/saslauth/saslauthd /etc/default/

  75. cp -f /tmp/config/saslauth/saslauthd.conf /etc/

  76. chown root:sasl /etc/saslauthd.conf

  77. chmod 640 /etc/saslauthd.conf

  78. 

  79. #rm -Rf /tmp/config

  80. 

  81. # getmail

  82. # https://stackoverflow.com/a/9625233/1937418

  83. for i in `ls ${MAIL_DATA_PATH}/getmail/getmailrc-*`; do

  84.     (crontab -l 2>/dev/null; echo "*/5  *  *   *   *   sudo -u vmail getmail -r $i --getmaildir ${MAIL_DATA_PATH}/getmail/ >> /dev/null") | crontab - ;

  85. done;

  86. touch ${MAIL_DATA_PATH}/getmail/getmail.log

  87. #chown -R vmail:vmail ${MAIL_DATA_PATH}/getmail

  88. 

  89. if [ -z "${DATA_CHOWN}" -o "${DATA_CHOWN}" != "0" ]; then

  90.     echo "Changing ownership of Data folder. It may take a while..."

  91.     chown -R vmail:vmail ${MAIL_DATA_PATH}

  92. fi

  93. 

  94. service rsyslog start

  95. service postfix start

  96. service dovecot start

  97. service saslauthd start

  98. service cron start

  99. 

  100. tail -fn 0 /var/log/mail.log

  101. 

  102. tail -f /dev/null

  103. 

  104. exit 0