mailserver - modernize code and add missing config example parts

2022-11-28 23:06:58 +01:00
parent 3bf94eb781
commit 755dfaf150
2 changed files with 157 additions and 147 deletions
--- a/seqs/mailserver.cfg.example
+++ b/seqs/mailserver.cfg.example
@@ -2,20 +2,40 @@
 # MAS = Mail Server
-MAS_DOMAIN="mydomain.com"
+readonly MAS_DOMAIN="mydomain.com"
-MAS_RELAYHOST=
+readonly MAS_RELAYHOST=
-MAS_RELAYUSER=
+readonly MAS_RELAYUSER=
-MAS_RELAYPASS=
+readonly MAS_RELAYPASS=
-MAS_DBUSER='pfa'
+# Settings for virtualizing mailboxes and domains
-MAS_DBPASS='pass'
+
-MAS_DBNAME='pfa_db'
+readonly MAS_DBUSER='pfa'
-MAS_mysql_virtual_domains_maps="user = '\$MAS_DBUSER'
+readonly MAS_DBPASS='pass'
-password = '\$MAS_DBPASS'
+readonly MAS_DBNAME='pfa_db'
-hosts = localhost
+readonly MAS_DBHOST='localhost'
-dbname = '\$MAS_DBNAME'
+readonly MAS_VIRTUAL_USER='vmail'
-query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'
+readonly MAS_VIRTUAL_USER_ID='5000'
 readonly MAS_VIRTUAL_FOLDER_BASE='/var/vmail'
 readonly MAS_VIRTUAL_USER_PART="user=$MAS_DBUSER
 password=$MAS_DBPASS
 hosts=$MAS_DBHOST
 dbname=$MAS_DBNAME"
 MAS_mysql_virtual_domains_maps="query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'
 #query = SELECT domain FROM domain WHERE domain='%s'
 #optional query to use when relaying for backup MX
 #query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '0' AND active = '1'
 #expansion_limit = 100"
 MAS_mysql_virtual_mailbox_maps="query = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'
 #expansion_limit = 100"
 MAS_mysql_virtual_alias_domain_mailbox_maps="query = SELECT maildir FROM mailbox,alias_domain WHERE alias_domain.alias_domain = '%d' and mailbox.username = CONCAT('%u', '@', alias_domain.target_domain) AND mailbox.active = 1 AND alias_domain.active='1'"
 MAS_mysql_virtual_alias_maps="query = SELECT goto FROM alias WHERE address='%s' AND active = '1'
 #expansion_limit = 100"
 MAS_mysql_virtual_alias_domain_maps="query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('%u', '@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'"
 MAS_mysql_virtual_alias_domain_catchall_maps="# handles catch-all settings of target-domain
 query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'"
--- a/seqs/mailserver.sh
+++ b/seqs/mailserver.sh
@@ -6,36 +6,34 @@
 # MDA = Mail Delivery Agent (dovecot)
 # MUA = Mail User Agent (Mail program used by the user)
-toolName=mailserver
+readonly toolName=mailserver
-mtaName=postfix
+readonly mtaName=postfix
-mtaUser=postfix
+readonly mtaUser=postfix
-mtaDeps="$mtaName $mtaName-mysql"
+readonly mtaDeps="$mtaName $mtaName-mysql"
-mtaConfLoc="/etc/$mtaName"
+readonly mtaConfLoc="/etc/$mtaName"
-mtaMysqlConfLoc="$mtaConfLoc/sql"
+readonly mtaMysqlConfLoc="$mtaConfLoc/sql"
-mdaName=dovecot
+readonly mdaName=dovecot
-mdaConfLoc="/etc/$mdaName"
+readonly mdaConfLoc="/etc/$mdaName"
-mdaConfDir="$mdaConfLoc/conf.d"
+readonly mdaConfDir="$mdaConfLoc/conf.d"
-mdaDeps="dovecot-imapd dovecot-lmtpd dovecot-mysql dovecot-managesieved dovecot-sieve"
+readonly mdaDeps="dovecot-imapd dovecot-lmtpd dovecot-mysql dovecot-managesieved dovecot-sieve"
-# Get script working directory
+sq_aptOpt=
-# (when called from a different directory)
+sq_config=0
 WDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >>/dev/null 2>&1 && pwd )"
 CONFIG=0
 CONFIG_FILE_NAME="${toolName}.cfg"
 CONFIG_FILE_TEMPLATE="$WDIR/${CONFIG_FILE_NAME}.example"
 seq_config() {
-  if [ $(id -u) -ne 0 ] ; then
+  root || endReturn -o 1 "No root"
-    endReturn -o 1 "No root"
+
-  fi
+  #initSeqConfig "$CONFIG_FILE_NAME" "$CONFIG_FILE_TEMPLATE"
-  initSeqConfig "$CONFIG_FILE_NAME" "$CONFIG_FILE_TEMPLATE"
+  if initSeqConfig "${seq_configName:?}" "${seq_configTemplate:?}" ; then
-  if [ $? -eq 0 ] ; then
+    sq_config=1
    CONFIG=1
    info "     Domain: ${MAS_DOMAIN:-}"
-  elif [ $? -eq 1 ] ; then
+  else
-    # Config $CONFIG_FILE_NAME created. Needs modification first
+    dry || return 1
    dry || return -1
  fi
  ## Apt cmdline option to suppress user interaction
  interactive || sq_aptOpt="-y"
  return 0
 }
@@ -47,21 +45,16 @@ step_1() {
 step_2_info() { echo "Install $mtaName"; }
 step_2() {
-  local aptOpt=
+  confirm -n -y "In the following dialog chose \"Internet site\" and enter $MAS_DOMAIN as your domain. Enter to continue..."
-  if quiet;then
+  exe apt install $mtaDeps ${sq_aptOpt:-}
    aptOpt="-y"
  else
    read -p "In the following dialog chose \"Internet site\" and enter $MAS_DOMAIN as your domain. Enter to continue..."
  fi
  exe apt install $mtaDeps $aptOpt
 }
 step_3_info() { echo "Enable $mtaName"; }
 step_3() {
  exe systemctl enable $mtaName
-  echo -e " [I] Printing $mtaName status\n"
+  info "Printing $mtaName status"
  exe service $mtaName status
-  echo -e "\n [I] Installed postfix version: $(postconf mail_version)"
+  info "Installed postfix version: $(postconf mail_version)"
 }
 step_4_info() { echo "$mtaName basic domain configuration"; }
@@ -74,17 +67,18 @@ step_4() {
 step_5_info() { echo "$mtaName enable submission service"; }
 step_5() {
-  info -e " [I] Copy following lines...\n"
+  local mtaConfSubmission="${seq_origin:?}/$toolName/submissionService"
  local mtaConfSmtps="${seq_origin:?}/$toolName/smtpsService"
  info "Copy following lines..."
  exe cat "$mtaConfSubmission"
-  exe read -rep $'\nPress Enter to open the '$mtaConfLoc'/master.cf'
+  confirm -n -y "Press Enter to open the $mtaConfLoc/master.cf"
-  exe vi $mtaConfLoc/master.cf
+  editor $mtaConfLoc/master.cf
-  exe info
+  info
  exe cat "$mtaConfSmtps"
-  exe read -rep $'\nPress Enter to open the '$mtaConfLoc'/master.cf'
+  confirm -n -y "Press Enter to open the $mtaConfLoc/master.cf"
-  exe vi $mtaConfLoc/master.cf
+  editor $mtaConfLoc/master.cf
 }
 mtaConfSubmission="$WDIR/$toolName/submissionService"
 mtaConfSmtps="$WDIR/$toolName/smtpsService"
 step_6_info() { echo "Configure TLS"; }
 step_6() {
@@ -111,8 +105,8 @@ step_7() {
 step_8_info() { echo "Install $mdaName"; }
 step_8() {
-  exe apt install $mdaDeps
+  exe apt install $mdaDeps ${sq_aptOpt}
-  info -e "\n [I] Installed version: $(dovecot --version)"
+  info "Installed version: $(dovecot --version)"
 }
 step_9_info() {
@@ -207,18 +201,11 @@ step_20_info() {
 }
 step_20_alias() { echo "virtual"; }
 step_20() {
-  local qOpt=
+  exe ${seq_origin:?}/postfixadmin.sh ${sqr_args} install
  if quiet ; then
    qOpt="-q"
  fi
  exe $WDIR/postfixadmin.sh ${qOpt} install
 }
 step_21_info() { echo "Create $mtaName mysql query files"; }
 step_21() {
  # eval needed to expand sourced configuration variables
  local localMysqlUser=`eval "echo \"$MAS_VIRTUAL_USER_PART\""`
  exe mkdir -p "$mtaMysqlConfLoc"
  local mtaFile
@@ -232,11 +219,10 @@ step_21() {
    "mysql_virtual_alias_domain_catchall_maps"\
  )
-  for mtaFile in ${mtaMysqlFiles[@]}
+  for mtaFile in ${mtaMysqlFiles[@]} ; do
-  do
+    mtaVar="MAS_${mtaFile}"
    eval 'mtaVar=$MAS_'${mtaFile}
    info "creating ${mtaFile}.cf"
-    exe echo -e "$localMysqlUser\n$mtaVar" > "$mtaMysqlConfLoc/${mtaFile}.cf"
+    exep echo -e "${MAS_VIRTUAL_USER_PART:?}\n${!mtaVar:?}" \> "$mtaMysqlConfLoc/${mtaFile}.cf"
  done
  exe chown -R root:${mtaUser} "$mtaMysqlConfLoc"
@@ -273,65 +259,73 @@ step_23() {
 step_24_info() { echo "$mdaName virtualisation configuration instructions"; }
 step_24() {
-  echo "# Configuring Mailbox Location"
+  color green
-  echo "  [/etc/dovecot/conf.d/10-mail.conf]"
+  cat <<END_STEP24
-  echo "   mail_location = maildir:~/Maildir"
+# Configuring Mailbox Location
-  echo "   mail_home = ${MAS_VIRTUAL_FOLDER_BASE}/%d/%n"
+  [/etc/dovecot/conf.d/10-mail.conf]
-  echo
+   mail_location = maildir:~/Maildir
-  echo "# Configure authentication"
+   mail_home = ${MAS_VIRTUAL_FOLDER_BASE}/%d/%n
-  echo "  [/etc/dovecot/conf.d/10-auth.conf]"
+
-  echo "   # Username with domain"
+# Configure authentication
-  echo "   auth_username_format = %u"
+  [/etc/dovecot/conf.d/10-auth.conf]
-  echo "   # Find and uncomment following line"
+   # Username with domain
-  echo "   !include auth-sql.conf.ext"
+   auth_username_format = %u
-  echo "   # Comment following line to prevent local users from sending mail"
+   # Find and uncomment following line
-  echo "   # without having registered an email address"
+   !include auth-sql.conf.ext
-  echo "   #!include auth-system.conf.ext"
+   # Comment following line to prevent local users from sending mail
-  echo "   # Debug login issues in /var/log/maillog by adding:"
+   # without having registered an email address
-  echo "   auth_debug = yes"
+   #!include auth-system.conf.ext
-  echo "   auth_debug_passwords = yes"
+   # Debug login issues in /var/log/maillog by adding:
-  echo
+   auth_debug = yes
-  echo "# Adding mysql login information"
+   auth_debug_passwords = yes
-  echo "  [/etc/dovecot/dovecot-sql.conf.ext]"
+
-  echo "   driver = mysql"
+# Adding mysql login information
-  echo "   connect = host=$MAS_DBHOST dbname=$MAS_DBNAME user=$MAS_DBUSER password='${MAS_DBPASS}'"
+  [/etc/dovecot/dovecot-sql.conf.ext]
-  echo "   default_pass_scheme = MD5"
+   driver = mysql
-  echo "   password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND active='1'"
+   connect = host=$MAS_DBHOST dbname=$MAS_DBNAME user=$MAS_DBUSER password='${MAS_DBPASS}'
-  echo "   user_query = SELECT maildir, $MAS_VIRTUAL_USER_ID AS uid, $MAS_VIRTUAL_USER_ID AS gid FROM mailbox WHERE username = '%u' AND active='1'"
+   default_pass_scheme = MD5
-  echo "   iterate_query = SELECT username AS user FROM mailbox"
+   password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND active='1'
   user_query = SELECT maildir, $MAS_VIRTUAL_USER_ID AS uid, $MAS_VIRTUAL_USER_ID AS gid FROM mailbox WHERE username = '%u' AND active='1'
   iterate_query = SELECT username AS user FROM mailbox
 END_STEP24
 }
 step_25_info() {
  echo "Configure sieve for virtual users"
 }
 step_25() {
-  echo "# Sieve script configuration"
+  color green
-  echo "  [$mdaConfDir/90-sieve.conf]"
+  cat << END_STEP25
-  echo "   sieve = file:/var/vmail/%d/%n/sieve;active=/var/vmail/%d/%n/.dovecot.sieve"
+# Sieve script configuration
-  echo "   sieve_extensions = +notify +imapflags +vnd.dovecot.execute"
+  [$mdaConfDir/90-sieve.conf]
-  echo "   sieve_plugins = sieve_extprograms"
+   sieve = file:/var/vmail/%d/%n/sieve;active=/var/vmail/%d/%n/.dovecot.sieve
-  echo "   sieve_user_log = file:/var/vmail/%d/%n/sieve/sieve.log"
+   sieve_extensions = +notify +imapflags +vnd.dovecot.execute
-  echo
+   sieve_plugins = sieve_extprograms
-  echo "# Enable sieve for lmtp"
+   sieve_user_log = file:/var/vmail/%d/%n/sieve/sieve.log
-  echo "  [$mdaConfDir/20-lmtp.conf]"
+
-  echo "   postmaster_address = postmaster@$MAS_DOMAIN"
+# Enable sieve for lmtp
-  echo "   mail_plugins = $mail_plugins sieve"
+  [$mdaConfDir/20-lmtp.conf]
-  echo
+   postmaster_address = postmaster@$MAS_DOMAIN
-  echo "# Enable excution of external programs (e.g. to send xmpp messages on certain keywords)"
+   mail_plugins = \$mail_plugins sieve
-  echo "  [$mdaConfDir/90-sieve-extprograms.conf]"
+
-  echo "   sieve_execute_bin_dir = /usr/lib/dovecot/sieve-execute"
+# Enable excution of external programs (e.g. to send xmpp messages on certain keywords)
-  echo
+  [$mdaConfDir/90-sieve-extprograms.conf]
-  echo "# Notes on execution of scripts"
+   sieve_execute_bin_dir = /usr/lib/dovecot/sieve-execute
-  echo "  * Scripts are executed with the $MAS_VIRTUAL_USER user"
+
-  echo "  * Scripts must no be writeable by others"
+# Notes on execution of scripts
-  echo "    (chown root:$MAS_VIRTUAL_USER script; chmod 750 script)"
+  * Scripts are executed with the $MAS_VIRTUAL_USER user
-  echo "  * \$HOME is set to the virtual users home"
+  * Scripts must no be writeable by others
-  echo "    (e.g. /var/vmail/$MAS_DOMAIN/max)"
+    (chown root:$MAS_VIRTUAL_USER script; chmod 750 script)
-  echo
+  * \$HOME is set to the virtual users home
-  echo "# Notes about sendxmpp"
+    (e.g. /var/vmail/$MAS_DOMAIN/max)
-  echo "  * .sendxmpprc resides in every virtual users home"
+
-  echo "    and must be owned by $MAS_VIRTUAL_USER"
+# Notes about sendxmpp
-  echo "    (chown $MAS_VIRTUAL_USER: .sendxmpprc; chmod 700 .sendxmpprc)"
+  * .sendxmpprc resides in every virtual users home
    and must be owned by $MAS_VIRTUAL_USER
    (chown $MAS_VIRTUAL_USER: .sendxmpprc; chmod 700 .sendxmpprc)
 END_STEP25
 }
 step_50_info() { echo "Adding default relay host for sending mails"; }
@@ -355,12 +349,12 @@ step_52_info() {
 step_52_alias() { echo "client_access"; }
 step_52() {
  if [ ! -f "$mtaClientAccessLoc" ] ; then
-    echo " [I] Generating $mtaClientAccessLoc"
+    info "Generating $mtaClientAccessLoc"
-    exep "echo \"# myhost.lan OK\" > \"$mtaClientAccessLoc\""
+    exep echo "# myhost.lan OK" \> "$mtaClientAccessLoc"
-    echo " [I] Don't forget to add the following"
+    info    "Don't forget to add the following"
-    echo "     [$mtaConfLoc/main.cf]"
+    info -a "[$mtaConfLoc/main.cf]"
-    echo "      smtpd_relay_restrictions ="
+    info -a "  smtpd_relay_restrictions ="
-    echo "          check_client_access hash:$mtaClientAccessLoc"
+    info -a "      check_client_access hash:$mtaClientAccessLoc"
  fi
  info "Updating $mtaClientAccessLoc"
  exe postmap "$mtaClientAccessLoc"
@@ -375,10 +369,10 @@ step_54() {
  if [ ! -f "$mtaRecipientAccessLoc" ] ; then
    info "Generating $mtaRecipientAccessLoc"
    exep "echo \"# unwanted@${MAS_DOMAIN} 550 No mailbox. Nothing to see here.\" > \"$mtaRecipientAccessLoc\""
-    echo " [I] Don't forget to add the following"
+    info    "Don't forget to add the following"
-    echo "     [$mtaConfLoc/main.cf]"
+    info -a "[$mtaConfLoc/main.cf]"
-    echo "      smtpd_recipient_restrictions ="
+    info -a " smtpd_recipient_restrictions ="
-    echo "          check_recipient_access hash:$mtaRecipientAccessLoc"
+    info -a "     check_recipient_access hash:$mtaRecipientAccessLoc"
  fi
  info "Updating $mtaRecipientAccessLoc"
  exe postmap "$mtaRecipientAccessLoc"
@@ -397,10 +391,10 @@ step_56() {
    exe postconf -e "smtp_sasl_mechanism_filter = plain"
    exe postconf -e "smtp_tls_security_level = encrypt"
    exe postconf -e "smtp_tls_mandatory_ciphers = high"
-    echo " [I] Don't forget to add credentials for the new relay"
+    info    "Don't forget to add credentials for the new relay"
-    echo "     [$saslPassFile]"
+    info -a "[$saslPassFile]"
-    echo "      user@extern.com username:passwort"
+    info -a " user@extern.com username:passwort"
-    echo "     postmap $saslPassFile"
+    info -a "postmap $saslPassFile"
  fi
  info "Updating $mtaSenderRelayLoc"
  exe postmap "$mtaSenderRelayLoc"
@@ -423,21 +417,17 @@ step_100() {
      -f)
        shift
        fromAdr="-f ${1:-} "
-        shift
+        shift ;;
        ;;
      -u)
        shift
        asUser="sudo -u ${1:-} "
-        shift
+        shift ;;
        ;;
      *)
-        break
+        break ;;
        ;;
    esac
  done
-  if [ -n "${1:-}" ] ; then
+  [ -n "${1:-}" ] && toAdr="$1"
-    toAdr="$1"
+
  fi
  exe ${asUser}sh -c "echo \"Subject: Test from Postfix\nIt is \$(date)\n\nGreetings \$(whoami)\" | sendmail ${fromAdr}$toAdr"
 }
@@ -455,11 +445,11 @@ step_104_alias() { echo "delqueue"; }
 step_104() {
  shift
  local msgId="ALL"
-  if [ -n "${1:-}" ] ; then
+  [ -n "${1:-}" ] && msgId="$1"
    msgId="$1"
  fi
  exe postsuper -d "$msgId"
 }
 # shellcheck disable=SC2034 # Appears unused
 readonly sqr_minVersion=16
 # shellcheck disable=SC1091 # Don't follow this source
 . /usr/local/bin/sequencer.sh