Inital commit for mailserver related seqs

2021-01-12 22:32:09 +01:00
parent 9f262616fb
commit 688d1c871b
6 changed files with 690 additions and 0 deletions
--- a/seqs/mailserver.cfg.example
+++ b/seqs/mailserver.cfg.example
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+# MAS = Mail Server
+
+MAS_DOMAIN="mydomain.com"
+MAS_RELAYHOST=
+MAS_RELAYUSER=
+MAS_RELAYPASS=
+
+MAS_DBUSER='pfa'
+MAS_DBPASS='pass'
+MAS_DBNAME='pfa_db'
+MAS_mysql_virtual_domains_maps="user = '\$MAS_DBUSER'
+password = '\$MAS_DBPASS'
+hosts = localhost
+dbname = '\$MAS_DBNAME'
+query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'
+#query = SELECT domain FROM domain WHERE domain='%s'
+#optional query to use when relaying for backup MX
+#query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '0' AND active = '1'
+#expansion_limit = 100"
--- a/seqs/mailserver.sh
+++ b/seqs/mailserver.sh
@@ -0,0 +1,375 @@
+#!/bin/bash
+
+# Installing a mailserver including postfix postfixadmin and dovecot
+#
+# MTA = Mail Transport Agent (postfix)
+# MDA = Mail Delivery Agent (dovecot)
+# MUA = Mail User Agent (Mail program used by the user)
+
+toolName=mailserver
+mtaName=postfix
+mtaUser=postfix
+mtaDeps="$mtaName $mtaName-mysql"
+mtaConfLoc="/etc/$mtaName"
+mtaMysqlConfLoc="$mtaConfLoc/sql"
+mdaName=dovecot
+mdaConfLoc="/etc/$mdaName"
+mdaConfDir="$mdaConfLoc/conf.d"
+mdaDeps="dovecot-imapd dovecot-lmtpd dovecot-mysql dovecot-managesieved dovecot-sieve"
+
+# Get script working directory
+# (when called from a different directory)
+WDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >>/dev/null 2>&1 && pwd )"
+CONFIG=0
+CONFIG_FILE_NAME="${toolName}.cfg"
+CONFIG_FILE_TEMPLATE="$WDIR/${CONFIG_FILE_NAME}.example"
+
+step_config() {
+  if [ $(id -u) -ne 0 ] ; then
+    endReturn -o 1 "No root"
+  fi
+  initSeqConfig "$CONFIG_FILE_NAME" "$CONFIG_FILE_TEMPLATE"
+  if [ $? -eq 0 ] ; then
+    CONFIG=1
+    echo "     Domain: $MAS_DOMAIN"
+  elif [ $? -eq 1 ] ; then
+    # Config $CONFIG_FILE_NAME created. Needs modification first
+    exit 1
+  fi
+}
+
+step_1_info() { echo "Update apt repositories"; }
+step_1_alias() { ALIAS="install"; }
+step_1() {
+  exe apt update
+}
+
+step_2_info() { echo "Install $mtaName"; }
+step_2() {
+  local aptOpt=
+  if [ $QUIET -ne 0 ];then
+    aptOpt="-y"
+  else
+    read -p "In the following dialog chose \"Internet site\" and enter $MAS_DOMAIN as your domain. Enter to continue..."
+  fi
+  exe apt install $mtaDeps $aptOpt
+}
+
+step_3_info() { echo "Enable $mtaName"; }
+step_3() {
+  exe systemctl enable $mtaName
+  echo -e " [I] Printing $mtaName status\n"
+  exe service $mtaName status
+  echo -e "\n [I] Installed postfix version: $(postconf mail_version)"
+}
+
+step_4_info() { echo "$mtaName basic domain configuration"; }
+step_4() {
+  exe postconf -e "myhostname = mail.$MAS_DOMAIN"
+  exe postconf -e "mydomain = $MAS_DOMAIN"
+  exe postconf -e "myorigin = $MAS_DOMAIN"
+  exe postconf -e "mydestination = $MAS_DOMAIN, \$myhostname, mail.\$mydomain, localhost.\$mydomain, localhost"
+}
+
+step_5_info() { echo "$mtaName enable submission service"; }
+step_5() {
+  echo -e " [I] Copy following lines...\n"
+  exe cat "$mtaConfSubmission"
+  exe read -rep $'\nPress Enter to open the '$mtaConfLoc'/master.cf'
+  exe vi $mtaConfLoc/master.cf
+  exe echo
+  exe cat "$mtaConfSmtps"
+  exe read -rep $'\nPress Enter to open the '$mtaConfLoc'/master.cf'
+  exe vi $mtaConfLoc/master.cf
+}
+mtaConfSubmission="$WDIR/$toolName/submissionService"
+mtaConfSmtps="$WDIR/$toolName/smtpsService"
+
+step_6_info() { echo "Configure TLS"; }
+step_6() {
+  exe postconf "smtpd_tls_cert_file = /etc/letsencrypt/live/$MAS_DOMAIN/fullchain.pem"
+  exe postconf "smtpd_tls_key_file = /etc/letsencrypt/live/$MAS_DOMAIN/privkey.pem"
+
+  #Force TLSv1.3 or TLSv1.2
+  exe postconf "smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1"
+  exe postconf "smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1"
+  exe postconf "smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1"
+  exe postconf "smtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1"
+
+  echo " [I] Restarting $mtaName"
+  exe service $mtaName restart
+}
+
+step_7_info() { echo "Install $mdaName"; }
+step_7() {
+  exe apt install $mdaDeps
+  echo -e "\n [I] Installed version: $(dovecot --version)"
+}
+
+step_8_info() {
+  echo "Configure $mdaName"
+  if [ $CONTEXT_HELP -ne 0 ] ; then
+    echo
+  fi
+}
+step_8() {
+  echo "# Configuring Mailbox Location"
+  echo "  [/etc/dovecot/conf.d/10-mail.conf]"
+  echo "   mail_location = maildir:~/Maildir"
+  echo "   mail_privileged_group = mail"
+  echo
+  echo "  usermod -aG mail dovecot"
+  echo
+  echo "# Configuring Authentication Mechanism"
+  echo "  [/etc/dovecot/conf.d/10-auth.conf]"
+  echo "   disable_plaintext_auth = yes"
+  echo "   # Login with full mail address"
+  echo "   auth_username_format = %n"
+  echo "   # "login" to support older mail clients"
+  echo "   auth_mechanisms = plain login"
+  echo
+  echo "# Configure SSL/TLS Encryption"
+  echo "  [/etc/dovecot/conf.d/10-ssl.conf]"
+  echo "   ssl = required"
+  echo "   ssl_cert = </etc/letsencrypt/live/$MAS_DOMAIN/fullchain.pem"
+  echo "   ssl_key = </etc/letsencrypt/live/$MAS_DOMAIN/privkey.pem"
+  echo "   ssl_min_protocol = TLSv1.2"
+  echo "   ssl_prefer_server_ciphers = yes"
+  echo "   ssl_dh = </etc/dovecot/dh.pem"
+  echo
+  echo "   openssl dhparam -out /etc/dovecot/dh.pem 4096"
+  echo
+  echo "# SASL Authentication Between Postfix and Dovecot"
+  echo "  [/etc/dovecot/conf.d/10-master.conf]"
+  echo "   # Add to service auth {"
+  echo "   service auth {"
+  echo "     unix_listener /var/spool/postfix/private/auth {"
+  echo "       mode = 0600"
+  echo "       user = postfix"
+  echo "       group = postfix"
+  echo "     }"
+  echo "   }"
+  echo
+  echo "# Auto-create Sent and Trash Folder"
+  echo "  [/etc/dovecot/conf.d/15-mailboxes.conf]"
+  echo "   # Add \"auto = create\" to folder e.g.:"
+  echo "   mailbox Trash {"
+  echo "     auto = create"
+  echo "     special_use = \\Trash"
+  echo "   }"
+  echo
+  echo "# Using Dovecot to Deliver Email to Message Store"
+  echo "  Make sure lmtp protocol is installed with dovecot-lmtp"
+  echo "  [/etc/dovecot/conf.d/10-master.conf]"
+  echo "   # Change lmtp service definition to:"
+  echo "   service lmtp {"
+  echo "     unix_listener /var/spool/postfix/private/dovecot-lmtp {"
+  echo "       mode = 0600"
+  echo "       user = postfix"
+  echo "       group = postfix"
+  echo "     }"
+  echo "   }"
+  echo
+  echo "  [/etc/postfix/main.cf]"
+  echo
+  echo "  postconf -e \"mailbox_transport = lmtp:unix:private/dovecot-lmtp\""
+  echo "  postconf -e \"smtputf8_enable = no\""
+}
+
+step_20_info() { 
+  echo "Install postfixadmin and create mysql database"
+  echoinfo "Virtualize mailboxes, domains and aliases by using a mysql database"
+}
+step_20_alias() { ALIAS="virtual"; }
+step_20() {
+  local qOpt=
+  if [ $QUIET -ne 0 ] ; then
+    qOpt="-q"
+  fi
+  exe $WDIR/postfixadmin.sh ${qOpt} install
+}
+
+step_21_info() { echo "Create $mtaName mysql query files"; }
+step_21() {
+  # eval needed to expand sourced configuration variables
+  local localMysqlUser=`eval "echo \"$MAS_VIRTUAL_USER_PART\""`
+  
+  exe mkdir -p "$mtaMysqlConfLoc"
+
+  local mtaFile
+  local mtaVar
+  local mtaMysqlFiles=(\
+    "mysql_virtual_domains_maps"\
+    "mysql_virtual_mailbox_maps"\
+    "mysql_virtual_alias_domain_mailbox_maps"\
+    "mysql_virtual_alias_maps"\
+    "mysql_virtual_alias_domain_maps"\
+    "mysql_virtual_alias_domain_catchall_maps"\
+    )
+    
+  for mtaFile in ${mtaMysqlFiles[@]}
+  do
+    eval 'mtaVar=$MAS_'${mtaFile}
+    echo " [I] creating ${mtaFile}.cf"
+    exe echo -e "$localMysqlUser\n$mtaVar" > "$mtaMysqlConfLoc/${mtaFile}.cf"
+  done
+  
+  exe chown -R root:${mtaUser} "$mtaMysqlConfLoc"
+  exe chmod 640 "${mtaMysqlConfLoc}"/*
+}
+
+step_22_info() { echo "Modify $mtaName configuration for virtual mailboxes"; }
+step_22() {
+  exe postconf -e "virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf"
+  exe postconf -e "virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf"
+  exe postconf -e "virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf"
+  exe postconf -e "virtual_transport = lmtp:unix:private/dovecot-lmtp"
+ 
+  # Apex domain removed, it is handled as virtual domain now 
+  exe postconf -e "mydestination = \$myhostname, localhost.\$mydomain, localhost"
+  # Base location for the virtual maildirs
+  exe postconf -e "virtual_mailbox_base = $MAS_VIRTUAL_FOLDER_BASE"
+  exe postconf -e "virtual_minimum_uid = $MAS_VIRTUAL_USER_ID"
+  exe postconf -e "virtual_uid_maps = static:$MAS_VIRTUAL_USER_ID"
+  exe postconf -e "virtual_gid_maps = static:$MAS_VIRTUAL_USER_ID"
+}
+
+step_23_info() { echo "Create virtual user $MAS_VIRTUAL_USER and folder $MAS_VIRTUAL_FOLDER_BASE"; }
+step_23() {
+  exe mkdir -p "$MAS_VIRTUAL_FOLDER_BASE"
+  exe groupadd --gid $MAS_VIRTUAL_USER_ID $MAS_VIRTUAL_USER
+  exe adduser --disabled-login --disabled-password --home "$MAS_VIRTUAL_FOLDER_BASE" --uid $MAS_VIRTUAL_USER_ID --gid $MAS_VIRTUAL_USER_ID $MAS_VIRTUAL_USER
+  exe chown -R ${MAS_VIRTUAL_USER}: "$MAS_VIRTUAL_FOLDER_BASE"
+  exe chmod -R 770 "$MAS_VIRTUAL_FOLDER_BASE"
+
+  echo " [I] Restarting $mtaName"
+  exe service $mtaName restart
+}
+
+step_24_info() { echo "$mdaName virtualisation configuration instructions"; }
+step_24() {
+  echo "# Configuring Mailbox Location"
+  echo "  [/etc/dovecot/conf.d/10-mail.conf]"
+  echo "   mail_location = maildir:~/Maildir"
+  echo "   mail_home = ${MAS_VIRTUAL_FOLDER_BASE}/%d/%n"
+  echo
+  echo "# Configure authentication"
+  echo "  [/etc/dovecot/conf.d/10-auth.conf]"
+  echo "   # Username with domain"
+  echo "   auth_username_format = %u"
+  echo "   # Find and uncomment following line"
+  echo "   !include auth-sql.conf.ext"
+  echo "   # Comment following line to prevent local users from sending mail"
+  echo "   # without having registered an email address"
+  echo "   #!include auth-system.conf.ext"
+  echo "   # Debug login issues in /var/log/maillog by adding:"
+  echo "   auth_debug = yes"
+  echo "   auth_debug_passwords = yes"
+  echo
+  echo "# Adding mysql login information"
+  echo "  [/etc/dovecot/dovecot-sql.conf.ext]"
+  echo "   driver = mysql"
+  echo "   connect = host=$MAS_DBHOST dbname=$MAS_DBNAME user=$MAS_DBUSER password='${MAS_DBPASS}'"
+  echo "   default_pass_scheme = MD5"
+  echo "   password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND active='1'"
+  echo "   user_query = SELECT maildir, $MAS_VIRTUAL_USER_ID AS uid, $MAS_VIRTUAL_USER_ID AS gid FROM mailbox WHERE username = '%u' AND active='1'"
+  echo "   iterate_query = SELECT username AS user FROM mailbox"
+}
+
+step_25_info() {
+  echo "Configure sieve for virtual users"
+  if [ $CONTEXT_HELP -ne 0 ] ; then
+    echo
+  fi
+}
+step_25() {
+  echo "# Sieve script configuration"
+  echo "  [$mdaConfDir/90-sieve.conf]"
+  echo "   sieve = file:/var/vmail/%d/%n/sieve;active=/var/vmail/%d/%n/.dovecot.sieve"
+  echo "   sieve_extensions = +notify +imapflags +vnd.dovecot.execute"
+  echo "   sieve_plugins = sieve_extprograms"
+  echo "   sieve_user_log = file:/var/vmail/%d/%n/sieve/sieve.log"
+  echo
+  echo "# Enable excution of external programs (e.g. to send xmpp messages on certain keywords)"
+  echo "  [$mdaConfDir/90-sieve-extprograms.conf]"
+  echo "   sieve_execute_bin_dir = /usr/lib/dovecot/sieve-extprograms"
+  echo
+  echo "# Enable sieve for lmtp"
+  echo "  [$mdaConfDir/20-lmtp.conf]"
+  echo "   mail_plugins = $mail_plugins sieve"
+}
+
+step_50_info() { echo "Adding relay host for sending mails"; }
+step_50() {
+  exe postconf -e "relayhost = $MAS_RELAYHOST"
+  exe postconf -e "smtp_sasl_auth_enable = yes"
+  exe postconf -e "smtp_sasl_password_maps = hash:$saslPassFile"
+  addConf -s "$MAS_RELAYHOST $MAS_RELAYUSER:$MAS_RELAYPASS" "$saslPassFile"
+  exe postmap "$saslPassFile"
+}
+saslPassFile="$mtaConfLoc/sasl_password"
+
+step_52_info() { 
+  echo "Grant access for specific (local) hostnames"
+  echoinfo "Workaround when local clients connect to 25 with different ips (v6)"
+}
+step_52_alias() { ALIAS="client_access"; }
+step_52() {
+  if [ ! -f "$mtaClientAccessLoc" ] ; then
+    echo " [I] Generating $mtaClientAccessLoc"
+    exep "echo \"# myhost.lan OK\" > \"$mtaClientAccessLoc\""
+    echo " [I] Don't forget to add the following"
+    echo "     [$mtaConfLoc/main.cf]"
+    echo "      smtpd_relay_restrictions ="
+    echo "          check_client_access hash:$mtaClientAccessLoc"
+  fi
+  echo " [I] Updating $mtaClientAccessLoc"
+  exe postmap "$mtaClientAccessLoc"
+}
+mtaClientAccessLoc="$mtaConfLoc/client_access"
+
+step_54_info() { 
+  echo "Deny recipient access for listed mail addresses"
+}
+step_54_alias() { ALIAS="recipient_access"; }
+step_54() {
+  if [ ! -f "$mtaRecipientAccessLoc" ] ; then
+    echo " [I] Generating $mtaRecipientAccessLoc"
+    exep "echo \"# unwanted@${MAS_DOMAIN} 550 No mailbox. Nothing to see here.\" > \"$mtaRecipientAccessLoc\""
+    echo " [I] Don't forget to add the following"
+    echo "     [$mtaConfLoc/main.cf]"
+    echo "      smtpd_recipient_restrictions ="
+    echo "          check_recipient_access hash:$mtaRecipientAccessLoc"
+  fi
+  echo " [I] Updating $mtaRecipientAccessLoc"
+  exe postmap "$mtaRecipientAccessLoc"
+}
+mtaRecipientAccessLoc="$mtaConfLoc/recipient_access"
+
+step_100_info() { echo "Send testmail"; }
+step_100() {
+  echo -e "Subject: TestPostfix\nIt goes on" | sendmail martin@winklerfamilie.de
+}
+
+step_102_info() { echo "Show mail queue"; }
+step_102_alias() { ALIAS="showqueue"; }
+step_102() {
+  exe sendmail -bp
+}
+
+step_104_info() {
+  echo "Delete mail queue [ID]"
+  echoinfo "Delete all queued mails if [ID] is empty"
+}
+step_104_alias() { ALIAS="delqueue"; }
+step_104() {
+  shift
+  local msgId="ALL"
+  if [ ! -z $1 ] ; then
+    msgId="$1"
+  fi
+  exe postsuper -d "$msgId"
+}
+
+VERSION_SEQREV=11
+. /usr/local/bin/sequencer.sh
--- a/seqs/mailserver/smtpsService
+++ b/seqs/mailserver/smtpsService
@@ -0,0 +1,8 @@
+smtps     inet  n       -       y       -       -       smtpd
+ -o syslog_name=postfix/smtps
+ -o smtpd_tls_wrappermode=yes
+ -o smtpd_sasl_auth_enable=yes
+ -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
+ -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
+ -o smtpd_sasl_type=dovecot
+ -o smtpd_sasl_path=private/auth
--- a/seqs/mailserver/submissionService
+++ b/seqs/mailserver/submissionService
@@ -0,0 +1,9 @@
+submission     inet     n    -    y    -    -    smtpd
+ -o syslog_name=postfix/submission
+ -o smtpd_tls_security_level=encrypt
+ -o smtpd_tls_wrappermode=no
+ -o smtpd_sasl_auth_enable=yes
+ -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
+ -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
+ -o smtpd_sasl_type=dovecot
+ -o smtpd_sasl_path=private/auth
--- a/seqs/postfixadmin.cfg.example
+++ b/seqs/postfixadmin.cfg.example
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+# Postfixamdin configuration
+
+PFA_SRV_LOC="/srv/postfixadmin"
+PFA_WEB_LOC="/var/www/pfa"
+PFA_DATABASE="pfa_db"
+PFA_BACKUP="/root/backup/pfa"
+PFA_PHP_VERSION="7.3"
--- a/seqs/postfixadmin.sh
+++ b/seqs/postfixadmin.sh
@@ -0,0 +1,268 @@
+#!/bin/bash
+
+toolName=postfixadmin
+toolPhpDeps='php${PFA_PHP_VERSION}-fpm php${PFA_PHP_VERSION}-imap php${PFA_PHP_VERSION}-mbstring php${PFA_PHP_VERSION}-mysql php${PFA_PHP_VERSION}-json php${PFA_PHP_VERSION}-curl php${PFA_PHP_VERSION}-zip php${PFA_PHP_VERSION}-xml php${PFA_PHP_VERSION}-bz2 php${PFA_PHP_VERSION}-intl php${PFA_PHP_VERSION}-gmp'
+toolConfName="config.local.php"
+toolTemplates="templates_c"
+toolTemplatesLoc="$PFA_SRV_LOC/$toolTemplates"
+toolAdditionsLoc="$PFA_SRV_LOC/ADDITIONS"
+latestUrl="https://api.github.com/repos/$toolName/$toolName/releases/latest"
+fetchmailDeps="fetchmail liblockfile-simple-perl"
+
+# Get script working directory
+# (when called from a different directory)
+WDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >>/dev/null 2>&1 && pwd )"
+CONFIG=0
+CONFIG_FILE_NAME="${toolName}.cfg"
+CONFIG_FILE_TEMPLATE="$WDIR/${CONFIG_FILE_NAME}.example"
+
+step_config() {
+  initSeqConfig "$CONFIG_FILE_NAME" "$CONFIG_FILE_TEMPLATE"
+  if [ $? -eq 0 ] ; then
+    echo "     ${toolName} path:   ${PFA_WEB_LOC}"
+    echo "     ${toolName} backup: ${PFA_BACKUP}"
+    echo "             php Version: ${PFA_PHP_VERSION}"
+    CONFIG=1
+  fi
+}
+
+step_1_info() { 
+  # eval needed to expand sourced configuration variables
+  local localDeps=`eval "echo \"$toolPhpDeps\""`
+  echo "Install $toolName dependencies:"
+  echoinfo "$localDeps"
+}
+step_1_alias() { ALIAS="install"; }
+step_1() {
+  # eval needed to expand sourced configuration variables
+  local localDeps=`eval "echo \"$toolPhpDeps\""`
+  local aptOpt=
+  if [ $QUIET -ne 0 ];then
+    aptOpt="-y"
+  fi
+  exe apt update
+  exe apt install $localDeps $aptOpt
+}
+
+step_2_info() { echo "Install $toolName to $PFA_SRV_LOC"; }
+step_2() {
+  step upgrade
+}
+
+step_3_info() { echo "Install fetchmail"; }
+step_3_alias() { ALIAS="install_fetchmail"; }
+step_3() {
+  local aptOpt=
+  if [ $QUIET -ne 0 ];then
+    aptOpt="-y"
+  fi
+  exe apt install $fetchmailDeps $aptOpt
+  endReturn -o $? "Failed to install fetchmail"
+  exe systemctl stop fetchmail
+  exe systemctl disable fetchmail
+  echo " [I] Create lock folder"
+  exe mkdir -p "$fetchmailLockDir"
+  exe chown ${fetchmail}: "$fetchmailLockDir"
+}
+fetchmailUser="fetchmail"
+fetchmailLockDir="/var/lock/fetchmail"
+
+step_4_info() { echo "Configure postfixadmin to use fetchmail"; }
+step_4() {
+  echo "# Create mysql config"
+  echo "  [$PFA_SRV_LOC/fetchmail.conf]"
+  echo "   # Follow instructions in $toolAdditionsLoc/fetchmail.pl"
+  echo
+  echo "  [$toolAdditionsLoc/fetchmail.pl]"
+  echo "   # Change path to fetchmail.conf (see above)"
+  echo
+  echo " [I] Run step cron when configuration is done"
+}
+
+step_6_info() { echo "Create postfixadmin fetchmail plugin cron"; }
+step_6_alias() { ALIAS="cron"; }
+step_6() {
+  addConf -s "$fetchPluginCron" "$fetchPluginCronLoc"
+}
+fetchPluginCronLoc="/etc/cron.d/fetchmailplugin"
+fetchPluginCron="*/1 * * * * fetchmail /srv/postfixadmin/ADDITIONS/fetchmail.pl > /dev/null"
+
+step_18_info() { echo "Check for updates"; }
+step_18_alias() { ALIAS="updatecheck"; }
+step_18() {
+  shift
+  local isInstalled=
+  local latestVersion=
+  if [ ! -z $1 ] ; then
+    latestVersion="$1"
+  else
+    latestVersion=$(curl --silent "$latestUrl" | grep -Po '"tag_name": "postfixadmin-\K.*?(?=")')
+  fi
+
+  isInstalled=$(grep -E "${latestVersion}" "${PFA_WEB_LOC}/version" >>/dev/null 2>&1 && echo "1" || echo "0")
+  if [ $isInstalled -eq 1 ] ; then
+    echo " [I] Version $latestVersion is already installed"
+    return 1
+  else
+    echo " [I] Update to $latestVersion available"
+  fi
+  return 0
+}
+
+
+step_20_info() { 
+  echo -n "Create a backup [POSTFIXADMIN SRV ROOT]"
+  if [ $CONFIG -ne 0 ] ; then
+    echo " at $PFA_BACKUP"
+  else
+    echo
+  fi
+}
+step_20_alias() { ALIAS="backup"; }
+step_20() {
+  shift
+  local tempRoot=
+  if [ $CONFIG -eq 0 ] ; then
+    echoerr " [E] No configuration file found"
+    return 1
+  fi
+  if [ ! -z $PFA_BACKUP ] ; then
+    exe mkdir -p "$PFA_BACKUP"
+  fi
+  if [ ! -z $1 ] ; then
+    tempRoot="$1"
+  else
+    tempRoot="$PFA_SRV_LOC"
+  fi
+
+  local srvBackup="$PFA_BACKUP/${toolName}_`date +%Y%m%d-%H%M%S`.tar.gz"
+  echo " [I] Backing up server directory to $srvBackup"
+  exe cd "$tempRoot/.."
+  exe tar czf "$srvBackup" $(basename "$tempRoot")
+
+  exe $WDIR/mysql.sh -qq backup "$PFA_DATABASE" "$PFA_BACKUP"
+}
+
+step_22_info() {
+  shift
+  if [ -z $1 ] ; then
+    echo -n "Get latest version from github"
+    if [ $CONTEXT_HELP -eq 0 ] ; then
+      echo ": $(curl --silent "$latestUrl" | grep -Po '"tag_name": "postfixadmin-\K.*?(?=")')"
+    else
+      echo " [CUSTOM VERSION]"
+    fi
+  else
+    echo "Get version $1 from github"
+  fi
+}
+step_22_alias() { ALIAS="upgrade"; }
+step_22() {
+  shift # don't need step number
+  local latestVersion=
+  if [ ! -z $1 ] ; then
+    latestVersion="$1"
+  else
+    latestVersion=$(curl --silent "$latestUrl" | grep -Po '"tag_name": "postfixadmin-\K.*?(?=")')
+  fi
+
+  if [ -z $latestVersion ] ; then
+    echoerr " [E] Cannot determine latest version from github repository"
+    return 1
+  elif [ $QUIET -eq 0 ] ; then
+    echo
+    exe read -p "Install $latestVersion to $PFA_SRV_LOC [n]o/(y)es? " answer
+    case $answer in
+      [yY])
+        ;;
+      *)
+        echoerr " [I] Upgrade aborted"
+        return 1
+        ;;
+    esac
+  fi
+
+  # Major versions are stated in the CHANGELOG.TXT without the trailing minor version e.g. "3.3" for "3.3.0"
+  # Trailing ".0" is removed if exists
+  local isInstalled=$(grep -E "Version ${latestVersion%.0} " "${PFA_SRV_LOC}/CHANGELOG.TXT" >>/dev/null 2>&1 && echo "1" || echo "0")
+  if [ $isInstalled -eq 1 ] ; then
+    echoerr " [E] Version $latestVersion is already installed"
+    return 2
+  fi
+  
+  # Download
+  local downUrl="https://github.com/$toolName/$toolName/archive/postfixadmin-${latestVersion}.tar.gz"
+  local tempExtract="$tempDown/postfixadmin-postfixadmin-$latestVersion"
+  
+  if [ ! -e "$tempExtract" ] ; then
+    exe mkdir -p "$tempDown"
+    exe wget -O "$tempLoc" $downUrl
+    endReturn -o $? "Download failed: $downUrl"
+    exe cd "$tempDown"
+    exe tar -xf "$tempLoc"
+    endReturn -o $? "Extract failed: $tempLoc"
+  else
+    echo " [I] Found existing download: $tempExtract"
+  fi
+
+  # Installation
+  local tempBu="${PFA_SRV_LOC}_bu_`date +%Y%m%d-%H%M%S`"
+
+  if [ -e "$PFA_SRV_LOC" ] ; then
+    exe mv "$PFA_SRV_LOC" "$tempBu"
+    step backup "$tempBu"
+    endReturn -o $? "Backup failed; $PFA_SRV_LOC renamed!"
+  fi
+  echo " [I] Installing version $latestVersion to $PFA_SRV_LOC"
+  exe cp -ar "$tempExtract" "$PFA_SRV_LOC"
+  exe mkdir -p $(dirname "$PFA_WEB_LOC")
+  echo " [I] Create symlink to $PFA_WEB_LOC"
+  exe ln -fs "$PFA_SRV_LOC/public" "$PFA_WEB_LOC"
+
+  # Setting file permissions
+  exe chown -R www-data: "$PFA_SRV_LOC/public"
+
+  # Configuration
+  local webConf="$tempBu/$toolConfName"
+  if [ -e "$webConf" ] ; then
+    echo " [I] Copying configuration"
+    exe cp -ar "$webConf" "$PFA_SRV_LOC/"
+  else
+    echo " [I] Creating empty configuration file $PFA_SRV_LOC/$toolConfName"
+    exep "echo -e \"# Created gy $WDIR/$(basename $0)\\n\\n# Changeme\" > \"$PFA_SRV_LOC/$toolConfName\""
+  fi
+
+  # Templates
+  local templatesLoc="$tempBu/$toolTemplates"
+  if [ -e "$templatesLoc" ] ; then
+    echo " [I] Copying $toolTemplates"
+    exe cp -ar "$templatesLoc" "$toolTemplatesLoc"
+  else
+    echo " [I] Creating empty directory $toolTemplatesLoc"
+    exe mkdir -p "$toolTemplatesLoc"
+    exe chown -R www-data: "$toolTemplatesLoc"
+  fi
+
+  exe rm -rf "$tempBu"
+}
+tempDown="/tmp/${toolName}"
+tempLoc="$tempDown/${toolName}.tar.gz"
+
+step_23_info() { echo "Clean temporary files: $tempDown"; }
+step_23_alias() { ALIAS="clean"; }
+step_23() {
+  exe rm -rf "$tempDown"
+}
+
+step_100_info() { 
+  echo "$toolName client script [OPTIONS]"
+  echoinfo "[OPTIONS] are passed on to $toolName-cli unmodified"
+}
+step_100_alias() { ALIAS="cli"; }
+step_100() {
+  shift
+  exe ${PFA_SRV_LOC}/scripts/$toolName-cli $@
+}
+
+VERSION_SEQREV=11
+. /usr/local/bin/sequencer.sh