From 840c1dcda6a5303ebe043c3e53f90d54728a2bbc Mon Sep 17 00:00:00 2001 From: "b.waal" Date: Sat, 31 Aug 2019 10:10:16 +0200 Subject: [PATCH] Update 'installer.sh' Added Postfix installation & configuration --- installer.sh | 45 ++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 42 insertions(+), 3 deletions(-) diff --git a/installer.sh b/installer.sh index 6122ae2..bc6022d 100644 --- a/installer.sh +++ b/installer.sh @@ -26,7 +26,7 @@ email=admin@ictdagbesteding.nl phpver=7.2 domonly=${domain} domain=mail.${domain} - +branch=dev ##----------------## # Pre-Config # ##----------------## @@ -206,7 +206,7 @@ wget --tries=3 https://downloads.sourceforge.net/project/postfixadmin/postfixadm tar -xf /tmp/postfixadmin.tar.gz -C /var/www/"$domain"/html/postfixadmin --strip-components=1 chmod 755 -R /var/www/"$domain"/html/postfixadmin/templates_c chown -R www-data: /var/www/"$domain"/html/ -wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/dev/config/postfixadmin/config.local.php -O /var/www/$domain/html/postfixadmin/config.local.php +wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/postfixadmin/config.local.php -O /var/www/$domain/html/postfixadmin/config.local.php sed -i -e 's/PASSword/'$password'/' -e 's/dOmaINnamE/'$domonly'/' /var/www/"$domain"/html/postfixadmin/config.local.php sudo -u www-data php /var/www/"$domain"/html/postfixadmin/upgrade.php bash /var/www/"$domain"/html/postfixadmin/scripts/postfixadmin-cli admin add superadmin@"$domonly" --superadmin 1 --active 1 --password "$password" --password2 "$password" @@ -223,9 +223,48 @@ apt install -y python-certbot-nginx mkdir -p /etc/letsencrypt/live/$domain/ certbot --nginx -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos echo "certbot --nginx -n -d $domain -m $email --hsts --redirect --no-eff-email --agree-tos" > ~/certbotactivate.sh +bash ~/certbotactivate.sh sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/nginx/sites-available/"$domain" sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/nginx/sites-available/"$domain" sed -i 's#include /etc/letsencrypt/options-ssl-nginx.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/nginx/sites-available/"$domain" openssl dhparam -out /etc/ssl/certs/dhparam.pem 1024 chmod 755 -R /etc/ssl/certs/dhparam.pem -systemctl restart nginx \ No newline at end of file +systemctl restart nginx + +##-----------------------## +# Postfix Installer # +##-----------------------## +debconf-set-selections <<< "postfix postfix/mailname string $(hostname -f)" +debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'" +apt install postfix postfix-mysql -y + +##---------------------------## +# Postfix Configuration # +##---------------------------## +mkdir -p /etc/postfix/sql +wget --tries=3 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/postfix/mysql_virtual_alias_domain_catchall_maps.cf -O /etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf +wget --tries=3 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/postfix/mysql_virtual_alias_domain_mailbox_maps.cf -O /etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf +wget --tries=3 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/postfix/mysql_virtual_alias_domain_maps.cf -O /etc/postfix/sql/postfix/mysql_virtual_alias_domain_maps.cf +wget --tries=3 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/postfix/mysql_virtual_alias_maps.cf -O /etc/postfix/sql/mysql_virtual_alias_maps.cf +wget --tries=3 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/postfix/mysql_virtual_domains_maps.cf -O /etc/postfix/sql/mysql_virtual_domains_maps.cf +wget --tries=3 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/postfix/mysql_virtual_mailbox_maps.cf -O /etc/postfix/sql/mysql_virtual_mailbox_maps.cf +postconf -e "virtual_mailbox_domains = mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf" +postconf -e "virtual_alias_maps = mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf" +postconf -e "virtual_mailbox_maps = mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf" +postconf -e "virtual_transport = lmtp:unix:private/dovecot-lmtp" +postconf -e "smtp_tls_security_level = may" +postconf -e "smtpd_tls_security_level = may" +postconf -e "smtp_tls_note_starttls_offer = yes" +postconf -e "smtpd_tls_loglevel = 1" +postconf -e "smtpd_tls_received_header = yes" +postconf -e "smtpd_tls_cert_file = /etc/letsencrypt/live/"$domain"/fullchain.pem" +postconf -e "smtpd_tls_key_file = /etc/letsencrypt/live/"$domain"/privkey.pem" +postconf -e "smtpd_sasl_type = dovecot" +postconf -e "smtpd_sasl_path = private/auth" +postconf -e "smtpd_sasl_local_domain =" +postconf -e "smtpd_sasl_security_options = noanonymous" +postconf -e "broken_sasl_auth_clients = yes" +postconf -e "smtpd_sasl_auth_enable = yes" +postconf -e "smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination" +sed -i 's/mynetworks = /#mynetworks = /g' /etc/postfix/main.cf +systemctl restart postfix.service