This repository has been archived by the owner on Dec 20, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 18
/
Copy pathpost_install.sh
160 lines (120 loc) · 5.63 KB
/
post_install.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
set -e
# Check for min system requirements
if (($(($(free -mt|awk '/^Total:/{print $2}')*1)) <= 700)); then
echo -e "EasyMail has been stopped because of the following minimum requirements:\n";
echo -e "- RAM (or RAM + SWAP) >= 1GB\n\n";
exit;
fi
# run only once
ALREADY_RUN_POST_INSTALL_FILE="/opt/easymail/already-run-post-install.txt"
if [ ! -e "$ALREADY_RUN_POST_INSTALL_FILE" ]; then
mkdir /etc/opendkim/keys -p
echo "127.0.0.1
localhost
192.168.0.1/24
" >> /etc/opendkim/TrustedHosts
chown opendkim:opendkim /etc/opendkim/ -R
chown -R mysql:mysql /var/lib/mysql /var/run/mysqld
fi
bash /run.sh;
if [ -e "$ALREADY_RUN_POST_INSTALL_FILE" ]; then
exit;
fi
touch $ALREADY_RUN_POST_INSTALL_FILE
# create payload directory
mkdir -p /opt/easymail/data/{mysql,dovecot,ssl}
# Get variables
export EASYMAIL_CONFIG="/opt/easymail/config.ini"
export ROUNDCUBE_MYSQL_USERNAME=$(cat "$EASYMAIL_CONFIG" | grep mysql_roundcube_username: | awk -F':' '{ print $2;}')
export MYSQL_HOSTNAME=$(cat "$EASYMAIL_CONFIG" | grep mysql_easymail_hostname: | awk -F':' '{ print $2;}')
export MYSQL_USERNAME=$(cat "$EASYMAIL_CONFIG" | grep mysql_easymail_username: | awk -F':' '{ print $2;}')
export ROOT_MYSQL_USERNAME=$(cat "$EASYMAIL_CONFIG" | grep mysql_root_username: | awk -F':' '{ print $2;}')
export OLD_ROOT_MYSQL_PASSWORD=$(cat "$EASYMAIL_CONFIG" | grep mysql_root_password: | awk -F':' '{ print $2;}')
export MYSQL_DATABASE=$(cat "$EASYMAIL_CONFIG" | grep mysql_easymail_database: | awk -F':' '{ print $2;}')
# Define some functions
function set_hostname {
sed -i "s/__EASYMAIL_HOSTNAME__/$HOSTNAME/g" $1
}
function get_rand_password() {
< /dev/urandom tr -dc A-Za-z-0-9 | head -c${1:-60};
}
function apply_easymail_configs {
export FILEPATH=$1;
sed -i "s/__EASYMAIL_MYSQL_PASSWORD__/$MYSQL_PASSWORD/g" $FILEPATH
sed -i "s/__EASYMAIL_ROOT_MYSQL_PASSWORD__/$ROOT_MYSQL_PASSWORD/g" $FILEPATH
sed -i "s/__EASYMAIL_ROUNDCUBE_MYSQL_PASSWORD__/$ROUNDCUBE_MYSQL_PASSWORD/g" $FILEPATH
sed -i "s/__EASYMAIL_ADMIN_PASSWORD_UNENCRYPTED__/$ADMIN_PASSWORD_UNENCRYPTED/g" $FILEPATH
sed -i "s/__EASYMAIL_HOSTNAME__/$HOSTNAME/g" $FILEPATH
}
export -f set_hostname
# Re-generate the passwords
export ADMIN_PASSWORD_UNENCRYPTED=$(get_rand_password)
export ADMIN_PASSWORD=$(openssl passwd -1 $ADMIN_PASSWORD_UNENCRYPTED)
export ROOT_MYSQL_PASSWORD=$(get_rand_password)
export MYSQL_PASSWORD=$(get_rand_password)
export ROUNDCUBE_MYSQL_PASSWORD=$(get_rand_password)
export SSL_CA_BUNDLE_FILE="/opt/easymail/data/ssl/public.pem"
export SSL_PRIVATE_KEY_FILE="/opt/easymail/data/ssl/private.pem"
chmod 0777 -R /opt/easymail/data/ssl
# if the sertificate files are there don't re-generate them.
if [ ! -e "$SSL_CA_BUNDLE_FILE" ] || [ ! -e "$SSL_PRIVATE_KEY_FILE" ] ; then
# Re-generate the self-signed certificate
openssl req -new -x509 -days 365000 -nodes -subj "/C=/ST=/L=/O=/CN=EasyMail" -out "$SSL_CA_BUNDLE_FILE" -keyout "$SSL_PRIVATE_KEY_FILE"
fi
# new SSL location for Postfix
postconf -e smtpd_tls_cert_file=$SSL_CA_BUNDLE_FILE
postconf -e smtpd_tls_key_file=$SSL_PRIVATE_KEY_FILE
# new SSL location for Nginx
sed -i -e "s#ssl_certificate .*#ssl_certificate $SSL_CA_BUNDLE_FILE;#g" /etc/nginx/sites-enabled/roundcube
sed -i -e "s#ssl_certificate_key .*#ssl_certificate_key $SSL_PRIVATE_KEY_FILE;#g" /etc/nginx/sites-enabled/roundcube
# new SSL location for Dovecot
sed -i -e "s#ssl_cert .*#ssl_cert = <$SSL_CA_BUNDLE_FILE#g" /etc/dovecot/dovecot.conf
sed -i -e "s#ssl_key .*#ssl_key = <$SSL_PRIVATE_KEY_FILE#g" /etc/dovecot/dovecot.conf
# Set HOSTNAME for auto configurations
set_hostname /usr/share/nginx/autoconfig_and_autodiscover/autoconfig.php
set_hostname /usr/share/nginx/autoconfig_and_autodiscover/autodiscover.php
# Set HOSTNAME for Roundcube
set_hostname /etc/nginx/sites-enabled/roundcube
# Set HOSTNAME for Postfix
debconf-set-selections <<< "postfix postfix/mailname string $HOSTNAME"
# Set HOSTNAME for MySQL
export ADMIN_EMAIL="admin@$HOSTNAME"
mysql -u$ROOT_MYSQL_USERNAME -p$OLD_ROOT_MYSQL_PASSWORD << EOF
USE $MYSQL_DATABASE;
UPDATE \`virtual_domains\`
SET \`name\`='$HOSTNAME'
WHERE \`id\`='1';
UPDATE \`virtual_users\`
SET \`email\`='$ADMIN_EMAIL', \`password\`='$ADMIN_PASSWORD'
WHERE \`id\`='1';
ALTER USER 'roundcube_user'@'127.0.0.1' IDENTIFIED BY '$ROUNDCUBE_MYSQL_PASSWORD';
ALTER USER 'mailuser'@'%' IDENTIFIED BY '$MYSQL_PASSWORD';
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '$ROOT_MYSQL_PASSWORD' WITH GRANT OPTION;
DROP USER root@localhost;
EOF
# reset generate roundcubemail
apply_easymail_configs /usr/share/nginx/roundcubemail/plugins/password/config.inc.php
apply_easymail_configs /usr/share/nginx/roundcubemail/config/config.inc.php
apply_easymail_configs /usr/share/nginx/roundcubemail/public_html/plugins/password/config.inc.php
# Set HOSTNAME for Dovecot
mkdir -p /var/mail/vhosts/$HOSTNAME
chown vmail:vmail /var/mail/vhosts -R
apply_easymail_configs /etc/dovecot/dovecot.conf
apply_easymail_configs /etc/dovecot/dovecot-sql.conf.ext
apply_easymail_configs /etc/dovecot/conf.d/20-lmtp.conf
echo "log_path = /opt/easymail/logs/dovecot.log" >> /etc/dovecot/dovecot.conf
postconf -e myhostname="$HOSTNAME"
apply_easymail_configs /etc/postfix/mysql-virtual-mailbox-maps.cf
apply_easymail_configs /etc/postfix/mysql-recipient-bcc-maps.cf
apply_easymail_configs /etc/postfix/mysql-virtual-alias-maps.cf
apply_easymail_configs /etc/postfix/mysql-virtual-mailbox-domains.cf
apply_easymail_configs /etc/opendkim.conf
# Reload services
service nginx restart
service dovecot reload
service postfix reload
echo "Create a log dir"
mkdir /opt/easymail/logs/
echo "Add new configurations to easymail config file"
apply_easymail_configs $EASYMAIL_CONFIG
update-ca-certificates