Work_Archive/VPS-scripts_Ubuntu-Mail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: Work_Archive:omega
Branches Tags
Work_Archive:beta Work_Archive:stable Work_Archive:omega Work_Archive:dev Work_Archive:alpha
..
compare: Work_Archive:stable
Branches Tags
Work_Archive:beta Work_Archive:stable Work_Archive:omega Work_Archive:dev Work_Archive:alpha

88 Commits
omega ... stable

Author SHA1 Message Date
b.waal
eda1f1635f Update 'installer.sh' 2019-10-16 14:29:15 +02:00
b.waal
b7665b7a40 Update 'installer.sh' 
Added Amavis to start after the ClamAV update
 2019-09-20 03:32:13 +02:00
b.waal
cf5e8ece54 Update 'installer.sh' 
Fixed SED in Postfix and Dovecot.

Fixed Legacy mode closing message.
 2019-09-20 02:31:43 +02:00
b.waal
211458008d Update 'installer.sh' 
Added "msg function" for configuring the spam into spam folder.

Updated a few SED commands in the Postfix and Dovecot section.

Added Amavis to the service disable and to crontab sections.

Disabled Postfix and Dovecot service on start. They will start with Amavis after the delay is done.

Added end-screen for Legacy mode to display the URL, Pasword and Logon.
 2019-09-20 01:44:28 +02:00
bprieshof
b2cf891f52 Updated Nginx config 2019-09-19 12:00:02 +02:00
bprieshof
d867b509bb Add 'config/nginx/PostfixAdmin-site-unconfigured' 2019-09-19 11:56:05 +02:00
bprieshof
93b96508ff converted Whiptail to msg function 2019-09-19 11:37:54 +02:00
b.waal
23b2d471c5 Update 'README.md' 2019-09-19 02:54:56 +02:00
b.waal
18f40739c9 Cleanup 
Added Certbot PPA to the beginning of the script.
Installing Certbot and all of it's plugins at the start.

Added $OUTPUT variables where necessary.

Cleaned up the section "Services".

Added whiptail messagebox at the end of the script to display the url, admin login and password.

Removed all deprecated "apt install -y" sections.

Corrected a few lines for the UI menu.
 2019-09-19 02:51:33 +02:00
b.waal
6b93846d95 Update 'installer.sh' 2019-09-18 21:53:27 +02:00
b.waal
211ce8b0b8 Update 'installer.sh' 2019-09-18 21:11:16 +02:00
b.waal
e56f01c45b Update 'config/amavis/21-ubuntu_defaults' 2019-09-18 15:25:11 +02:00
b.waal
3ae56e2aaa Update 'config/amavis/20-debian_defaults' 2019-09-18 15:24:41 +02:00
b.waal
1f3c24747b Update 'installer.sh' 2019-09-18 15:01:45 +02:00
b.waal
5b9f802e6d Update 'installer.sh' 2019-09-18 15:01:01 +02:00
b.waal
61338d1016 Update 'Future-Updates.md' 2019-09-18 14:56:53 +02:00
b.waal
77f671dde8 Update 'config/amavis/21-ubuntu_defaults' 2019-09-18 14:45:14 +02:00
b.waal
71541e88f7 Update 'installer.sh' 2019-09-18 14:16:38 +02:00
b.waal
7c27c71f08 Update 'installer.sh' 2019-09-18 02:46:50 +02:00
b.waal
e44e4926cf Update 'rainloop.sh' 2019-09-18 02:46:30 +02:00
b.waal
0eb242201a Update 'rainloop.sh' 2019-09-18 02:44:11 +02:00
b.waal
94dc84b68c Script cleaned 2019-09-18 02:43:51 +02:00
b.waal
e1f0d01e95 Update 'installer.sh' 2019-09-18 02:36:03 +02:00
b.waal
1232b3cb56 Update 'installer.sh' 2019-09-18 02:03:52 +02:00
b.waal
2285988c65 Update 'installer.sh' 2019-09-18 01:50:59 +02:00
b.waal
73b06cc875 Update 'installer.sh' 2019-09-18 01:20:03 +02:00
b.waal
0e938caf04 Fixed TERM=ansi variable for UI 2019-09-18 00:42:26 +02:00
b.waal
471f55fe79 Updated menu 2019-09-18 00:17:15 +02:00
b.waal
05f597ecb1 Update 'installer.sh' 2019-09-17 22:53:12 +02:00
b.waal
44134cb2f4 Disabled menu's, enabled static vars 2019-09-17 22:48:53 +02:00
b.waal
9f6e8c4d75 Update 'installer.sh' 2019-09-17 21:50:10 +02:00
b.waal
8925422f72 Updated menu UI 
All text is now outlined
 2019-09-17 21:30:44 +02:00
b.waal
7f03857243 Update 'installer.sh' 2019-09-17 14:36:24 +02:00
b.waal
55a5aff948 Update 'installer.sh' 2019-09-17 13:42:33 +02:00
b.waal
4bbd8e21aa Fixed UI 
SSH/Xterm does not support Whiptail with infoboxes.
Added " TERM=ansi" to correct this problem.
 2019-09-17 13:28:00 +02:00
b.waal
663ced9791 Update 'installer.sh' 2019-09-17 13:18:02 +02:00
b.waal
11a74b2a99 Update 'installer.sh' 2019-09-17 13:09:44 +02:00
b.waal
63aea9ba00 Fixed ppa:ondrej/php 
-y was missing
 2019-09-17 13:07:11 +02:00
b.waal
de619a03be Update 'installer.sh' 2019-09-17 12:57:52 +02:00
b.waal
a53341e9c7 Update 'installer.sh' 2019-09-17 12:54:40 +02:00
b.waal
7d8153a4bd Update 'installer.sh' 2019-09-17 12:50:41 +02:00
b.waal
26ea4dc812 Update 'installer.sh' 2019-09-17 12:15:26 +02:00
b.waal
17bf6a5ce4 Update 'installer.sh' 2019-09-17 11:56:12 +02:00
b.waal
91644acd1e Update 'installer.sh' 2019-09-17 11:33:15 +02:00
bprieshof
d1dd0deb61 Fixed error on 252 2019-09-15 20:22:03 +02:00
bprieshof
1fbad16e77 PKGM="apt" was defined twice 2019-09-15 20:00:14 +02:00
b.waal
3aac549e9f Updated installer dependencies 2019-09-15 19:45:29 +02:00
bprieshof
d2c79524bf Fixed Typo on 245 2019-09-15 19:38:53 +02:00
b.waal
417f04f424 Updated menu 2019-09-15 19:33:57 +02:00
b.waal
c5005325cd Removed bug Prieshof created!!!! 2019-09-15 19:29:35 +02:00
bprieshof
b4f676001e Updated Debug output 2019-09-15 19:26:12 +02:00
b.waal
82cb96f7bb Updated menu; quiet output 2019-09-15 18:50:06 +02:00
b.waal
5e1d78ae11 Update 'installer.sh' 2019-09-15 18:40:17 +02:00
b.waal
a070adb96f Updated menu; quiet output 2019-09-15 18:39:29 +02:00
b.waal
2cd628ddb0 Update 'installer.sh' 2019-09-15 18:36:31 +02:00
b.waal
aae409d1de Update 'installer.sh' 2019-09-15 18:25:11 +02:00
b.waal
10150b57ed Update 'installer.sh' 2019-09-15 18:24:24 +02:00
b.waal
b3ed80967d Updated menu 2019-09-15 18:16:57 +02:00
b.waal
01a7b6f297 Update 'README.md' 2019-09-15 18:00:12 +02:00
b.waal
e3af6482a3 Updated menu; whole script 2019-09-15 17:58:32 +02:00
b.waal
1f50580b2c Update 'installer.sh' 2019-09-15 17:31:22 +02:00
b.waal
2201cd39f2 Update 'installer.sh' 2019-09-15 17:24:16 +02:00
b.waal
d1152d5851 Updated menu; PostfixAdmin 2019-09-15 17:16:10 +02:00
b.waal
a8a4de4d9d Updated menu; SQL and PostfixAdmin 2019-09-15 17:09:09 +02:00
b.waal
31f1643ce9 Updated menu 2019-09-15 17:03:31 +02:00
b.waal
52bcda722f Updated Menu; static vars 2019-09-15 16:51:02 +02:00
b.waal
e88e007173 Updated menu 2019-09-15 16:46:14 +02:00
b.waal
e6e6ac943b Updated menu 
Wil je menu of wil je melater?
 2019-09-15 16:39:24 +02:00
b.waal
4a33908df2 Update 'installer.sh' 2019-09-15 16:33:32 +02:00
b.waal
f59d2e3e31 Update 'installer.sh' 2019-09-15 16:16:48 +02:00
bprieshof
7cdb8aca6f Update 'installer.sh' 2019-09-15 02:12:42 +02:00
b.waal
c3ceb7a475 Update 'installer.sh' 2019-09-14 23:45:05 +02:00
b.waal
cfde775b19 Update 'installer.sh' 2019-09-14 23:32:59 +02:00
b.waal
d61b3386d2 Update 'README.md' 2019-09-14 23:15:08 +02:00
b.waal
775ad8fd19 Update 'installer.sh' 2019-09-14 21:16:51 +02:00
b.waal
00d6e28b38 Update 'README.md' 2019-09-14 21:15:33 +02:00
bprieshof
32531509b8 Update 'installer.sh' 
restricted access to RainLoop data folder
 2019-09-12 23:13:53 +02:00
b.waal
3771f56788 Update 'Future-Updates.md' 2019-09-12 22:51:17 +02:00
bprieshof
cc171f3c1a Update 'README.md' 2019-09-12 22:39:13 +02:00
b.waal
acb3b60a65 Update 'Future-Updates.md' 2019-09-12 15:27:55 +02:00
b.waal
1e112f8ac0 Update 'Future-Updates.md' 2019-09-12 15:27:32 +02:00
b.waal
8f156c4989 Add 'Future-Updates.md' 2019-09-12 15:27:21 +02:00
b.waal
2ffc96fca5 Update 'installer.sh' 2019-09-12 15:17:22 +02:00
b.waal
792d141896 Update 'config/rainloop/application.ini' 2019-09-12 14:35:19 +02:00
b.waal
b7e85abde8 Update 'README.md' 2019-09-12 13:31:13 +02:00
b.waal
858ef39cb1 Update 'CHANGELOG.md' 2019-09-12 13:16:48 +02:00
b.waal
1ca857d77a Update 'CHANGELOG.md' 2019-09-12 13:16:05 +02:00
b.waal
0eab1fa487 Update 'installer.sh' 2019-09-12 13:12:34 +02:00
9 changed files with 352 additions and 242 deletions
Expand all files Collapse all files

15
CHANGELOG.md
View File

@@ -1,7 +1,20 @@
## 29-08-2019 / 31-08-2019:
```
Dev = done.
PostixAdmin, Postfix, Dovecot and Sieve working!
```
## 31-08-2019 / 01-09-2019:
```
Started Alpha Branch.
PHP7.3 and MySQL 8 working!
PHP7.3 and MySQL 8 working!
```
## 01-09-2019 / 12-09-2019:
```
Started Omega Branch.
Debloat option added. ClamAV, Spamassassin and Amavis integrated.
Added Manual Certbot option for testing purposes.
Unattended Security Updates integrated.
Few bugfixes.
```

7
Future-Updates.md Normal file
View File

@@ -0,0 +1,7 @@
## Future updates:
```
DKIM, Generate random password for MySQL, Update PostfixAdmin to the latest version. Log rotate?
Dovecot/Postfix authentication is plain-text, needs encryption?
Rainloop auto-refresh in background.
Set email quota
```

12
README.md
View File

@@ -1,11 +1,17 @@
# Ubuntu-Mail
**Get Started**:
**Get Started with the graphical installer**:
```
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/omega/installer.sh
bash installer.sh 2>&1 | tee output.log
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/stable/installer.sh -O /tmp/installer.sh
bash /tmp/installer.sh
```
**Legacy Installer for developing and debugging**:
```
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/stable/installer.sh -O /tmp/installer.sh
bash /tmp/installer.sh -l 2>&1 | tee ~/output.log
```
#### This script uses the following repo's as dependencies:
```
* VPS-scripts/Unattended-Security-Updates

15
config/amavis/20-debian_defaults
View File

@@ -33,19 +33,10 @@ $enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
$inet_socket_port = 10024; # default listening socket
#$sa_spam_subject_tag = '***SPAM*** ';
#$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level
#$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
#$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
#$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
$sa_tag_level_deflt = -999; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 1.0; # add 'spam detected' headers at that level
$sa_tag_level_deflt = 3.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 3.0; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 21.0; # triggers spam evasive actions
$sa_dsn_cutoff_level = 4; # spam level beyond which a DSN is not sent
$sa_dsn_cutoff_level = 5; # spam level beyond which a DSN is not sent

8
config/amavis/21-ubuntu_defaults
View File

@@ -9,13 +9,13 @@ $enable_dkim_verification = 1;
@whitelist_sender_acl = qw( .$mydomain );
$final_virus_destiny = D_DISCARD; # (defaults to D_BOUNCE)
$final_banned_destiny = D_DISCARD; # (defaults to D_BOUNCE)
$final_spam_destiny = D_DISCARD; # (defaults to D_REJECT)
$final_spam_destiny = D_PASS; # (defaults to D_REJECT)
$final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested
$sa_tag_level_deflt = -999; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 1.0; # add 'spam detected' headers at that level
$sa_tag_level_deflt = 3.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 3.0; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 21.0; # triggers spam evasive actions
$sa_dsn_cutoff_level = 4; # spam level beyond which a DSN is not sent
$sa_dsn_cutoff_level = 5; # spam level beyond which a DSN is not sent

52
config/nginx/PostfixAdmin-site-unconfigured Normal file
View File

@@ -0,0 +1,52 @@
server {
listen 80;
listen [::]:80;
root /var/www/DOMAINname/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name DOMAINname;
gzip on;
gzip_proxied any;
gzip_types text/plain text/css text/xml text/javascript application/javascript application/x-javascript image/svg image/svg+xml application/xml image/x-icon;
gzip_comp_level 2;
gzip_disable "msie6";
gzip_buffers 16 8k;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; allow all; }
location ~* \.(css|gif|ico|jpeg|jpg|js|png|svg|webp|eot|otf|woff|woff2|ttf|ogg)$ {
expires max;
log_not_found off;
add_header Cache-Control "public, no-transform";
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/phpPHPver-fpm.sock;
}
location ~ /\.ht {
deny all;
}
set $no_cache 0;
if ($request_method = POST) {
set $no_cache 1;
}
if ($query_string != "") {
set $no_cache 1;
}
if ($http_cookie = "PHPSESSID") {
set $no_cache 1;
}
location ^~ /rainloop/data {
deny all;
}
location ^~ /data {
deny all;
}
}

2
config/rainloop/application.ini
View File

@@ -275,7 +275,7 @@ allow_prefetch = On
allow_smart_html_links = On
cache_system_data = On
date_from_headers = On
autocreate_system_folders = On
autocreate_system_folders = Off
allow_message_append = Off
disable_iconv_if_mbstring_supported = Off
login_fault_delay = 1

437
installer.sh
View File

@@ -1,231 +1,214 @@
###==========================================###
## Ubuntu 18.04 Mailserver installer ##
###==========================================###
#!/bin/bash
##----------##
# Menu #
##----------##
#echo "Menu"
sed -i -e 's/magenta/blue/g' /etc/newt/palette
if [ "$1" != "-l" ]; then
echo "Normal mode"
PKGM="debconf-apt-progress -- apt"
OUTPUT='/dev/null'
IMODE=n
fi
#echo "Ubuntu 18.04 Mailserver installatie script."
#echo "Domein zonder www en mail.:"
#read domain
#echo "Algemeen wachtwoord:"
#read password
#echo "Administrator email:"
#read email
if [ "$1" = "-l" ]; then
echo "Legacy mode";
PKGM="apt"
OUTPUT='/dev/tty'
IMODE=l
fi
PKGA="add-apt-repository"
PKGI="${PKGM} install -y"
if [ $IMODE = n ]; then
if (whiptail --title "Ubuntu 18.04 Mail Server" --yesno " Do you want to install a mail server?" 8 78)
then
echo "" >/dev/null
else
whiptail --title "Credits" --msgbox " Made by: your local Wizard and God" 8 78
clear
exit
fi
echo "" >/dev/null
password=$(whiptail --nocancel --passwordbox "Please enter your password (should contain at least 2 digits and 6 characters)" 8 82 --title "Config" 3>&1 1>&2 2>&3)
domain=$(whiptail --nocancel --inputbox " Enter the domain without www or mail." 8 82 --title "Config" 3>&1 1>&2 2>&3)
email=$(whiptail --nocancel --inputbox " Enter the administrator e-mail" 8 82 --title "Config" 3>&1 1>&2 2>&3)
elif [ $IMODE = l ]; then
echo "" >/dev/null
echo "Ubuntu 18.04 Mailserver installation script."
echo "Domain without www or e-mail:"
read domain
echo "Please enter your password (should contain at least 2 digits and 6 characters:"
read password
echo "Administrator E-mail:"
read email
fi
##---------------##
# Functions #
##---------------##
msg () {
if [ $IMODE = n ]; then
TERM=ansi whiptail --title "Info" --infobox "$1" 8 52
fi
if [ $IMODE = l ]; then
echo "$1"
fi
}
##-----------------##
# Static-Vars #
##-----------------##
echo "Static-Vars"
domain=ictdownwerk.com
password=JW9t9ipdgLrWvMqHq7hX
email=admin@ictdagbesteding.nl
phpver=7.3
domonly=${domain}
domain=mail.${domain}
branch=omega
branch=stable
dhparam=1024
PKGA="add-apt-repository"
PKGI="${PKGM} install -y"
debconf-set-selections <<< "postfix postfix/mailname string $(hostname -f)"
debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'"
##----------------##
# Pre-Config #
##----------------##
hostnamectl set-hostname $domain
apt update
add-apt-repository universe -y
add-apt-repository ppa:ondrej/php -y
apt install software-properties-common -y
apt upgrade -y
apt autoremove -y
timedatectl set-timezone Europe/Amsterdam
msg " Pre-Configuring"
sleep 2
hostnamectl set-hostname $domain > $OUTPUT 2>&1
timedatectl set-timezone Europe/Amsterdam > $OUTPUT 2>&1
#mkdir -p /var/run/clamav
#adduser --system --no-create-home --disabled-password --disabled-login --shell /bin/false --group --home /var/lib/clamav clamav
#chown clamav:clamav /var/run/clamav
mkdir -p /etc/nginx
mkdir -p /var/www/"$domain"/html
chmod -R 755 /var/www
#if free | awk '/^Swap:/ {exit !$2}'; then
# echo "swap enabled" >/dev/null
#else
# fallocate -l 3G /swapfile
# chmod 600 /swapfile
# mkswap /swapfile
# swapon /swapfile
# echo '/swapfile swap swap defaults 0 0' >> /etc/fstab
#fi
#sed -i 's/#/vm.swappiness=40/g' /etc/sysctl.conf
##----------------------##
# Pre-Requirements #
##----------------------##
msg " Buzzy like a bee"
$PKGM update
$PKGI software-properties-common sudo
$PKGA universe -y > $OUTPUT 2>&1
$PKGA ppa:ondrej/php -y > $OUTPUT 2>&1
$PKGA ppa:certbot/certbot -y > $OUTPUT 2>&1
wget -q -t7 -O- https://repo.dovecot.org/DOVECOT-REPO-GPG | sudo apt-key add -
echo "deb https://repo.dovecot.org/ce-2.3-latest/ubuntu/$(lsb_release -cs) $(lsb_release -cs) main" | sudo tee -a /etc/apt/sources.list.d/dovecot.list > $OUTPUT 2>&1
$PKGM update
$PKGM upgrade -y
##-----------------------------##
# Installing Requirements #
##-----------------------------##
$PKGI nginx postfix postfix-mysql php${phpver} php${phpver}-curl php${phpver}-dom php${phpver}-common php${phpver}-imap php${phpver}-zip php${phpver}-fpm php${phpver}-cli php${phpver}-json php${phpver}-mysql php${phpver}-opcache php${phpver}-mbstring php${phpver}-readline libc-client2007e mlock gnupg2 curl dovecot-imapd dovecot-lmtpd dovecot-pop3d dovecot-mysql dovecot-sieve dovecot-managesieved spamassassin spamc razor pyzor clamav clamav-daemon clamsmtp libclamunrar7 clamdscan amavisd-new zip lrzip liblz4-tool lhasa arj unzip bzip2 nomarch cpio lzop cabextract arc apt-listchanges libauthen-sasl-perl libdbd-mysql-perl libdbi-perl libmail-dkim-perl ripole p7zip p7zip-full p7zip-rar rpm unrar unrar-free altermime libsnmp-perl libnet-ldap-perl libnet-ph-perl libnet-snpp-perl libnet-telnet-perl unzip unattended-upgrades fail2ban bc python-certbot-nginx opendkim opendkim-tools
##-------------##
# Debloat #
##-------------##
apt autoremove --purge lxcfs lxd lxd-client geoip-database snapd -y
$PKGM remove --purge lxcfs lxd lxd-client geoip-database snapd -y
$PKGM autoremove -y
##-----------------------##
# Html Folder Perms #
# HTML Folder Perms #
##-----------------------##
msg " Configuring HTML permissions"
sleep 2
chown -R www-data:www-data /var/www/"$domain"/html
##-----------##
# NGINX #
##-----------##
apt install -y nginx
#$PKGI nginx
msg " Configuring Nginx"
sleep 2
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Web/raw/branch/master/config/nginx/nginx-default.conf -O /etc/nginx/nginx.conf
cat <<EOF > /etc/nginx/sites-available/"$domain"
#fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=MYAPP:100m max_size=10g inactive=1440m;
server {
listen 80;
server_name www.$domain;
return 301 http://$domain\$request_uri;
}
server {
listen 80;
listen [::]:80;
root /var/www/$domain/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name $domain;
#return 301 \$scheme:/\$domain\$request_uri; Redirect to non-www
#return 301 https://domein.nl$request_uri; Redirect to other domain
#add_header X-Cache "\$upstream_cache_status";
#netdata here
gzip on;
gzip_proxied any;
gzip_types text/plain text/css text/xml text/javascript application/javascript application/x-javascript image/svg image/svg+xml application/xml image/x-icon;
gzip_comp_level 2;
gzip_disable "msie6";
gzip_buffers 16 8k;
# location /rspamd {
# proxy_pass http://127.0.0.1:11334/;
# proxy_set_header Host \$host;
# proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
#}
location / {
#try_files \$uri \$uri/ =404;
try_files \$uri \$uri/ /index.php\$is_args\$args;
#try_files \$uri \$uri/ \$uri.html \$uri.php\$is_args\$query_string;
}
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; allow all; }
location ~* \.(css|gif|ico|jpeg|jpg|js|png|svg|webp|eot|otf|woff|woff2|ttf|ogg)\$ {
expires max;
log_not_found off;
add_header Cache-Control "public, no-transform";
}
location ~ \.php\$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php${phpver}-fpm.sock;
#fastcgi_cache MYAPP;
#fastcgi_cache_valid 200 302 301 1m;
#fastcgi_cache_valid 404 1m;
#fastcgi_cache_bypass \$no_cache;
#fastcgi_no_cache \$no_cache;
#fastcgi_cache_revalidate on;
#fastcgi_cache_background_update on;
#fastcgi_cache_lock on;
#fastcgi_cache_use_stale updating;
#fastcgi_buffer_size 128k;
#fastcgi_buffers 256 16k;
#fastcgi_busy_buffers_size 256k;
#fastcgi_temp_file_write_size 256k;
}
location ~ /\.ht {
deny all;
}
location /phpmyadmin {
index index.php;
}
#Cache everything by default
set \$no_cache 0;
#Don't cache POST requests
if (\$request_method = POST) {
set \$no_cache 1;
}
#Don't cache if the URL contains a query string
if (\$query_string != "") {
set \$no_cache 1;
}
#Don't cache the following URLs
if (\$request_uri ~* "/(administrator/|login.php)") {
set \$no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if (\$http_cookie = "PHPSESSID") {
set \$no_cache 1;
}
}
EOF
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/stable/config/nginx/PostfixAdmin-site-unconfigured -O /etc/nginx/sites-available/"$domain"
sed -i -e 's/DOMAINname/'$domain'/' -e 's/PHPver/'$phpver'/' /etc/nginx/sites-available/"$domain"
ln -s /etc/nginx/sites-available/"$domain" /etc/nginx/sites-enabled/
##-------------------------------##
# NGINX Single core bug fix #
##-------------------------------##
msg " Applying Nginx bug-fix"
sleep 2
mkdir /etc/systemd/system/nginx.service.d
printf "[Service]\nExecStartPost=/bin/sleep 0.1\n" > /etc/systemd/system/nginx.service.d/override.conf
systemctl daemon-reload
systemctl restart nginx
##-----------------------##
# MySQL Installation #
##-----------------------##
msg " Installing MySQL"
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-MySQL/raw/branch/master/mysql-8.0.sh -O /tmp/mysql-8.0.sh
source /tmp/mysql-8.0.sh
##------------------------------##
# MySQL_Secure_Installation #
##------------------------------##
mysql -u root -p"$password" -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')"
mysql -u root -p"$password" -e "DELETE FROM mysql.user WHERE User=''"
mysql -u root -p"$password" -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'"
mysql -u root -p"$password" -e "SELECT user,authentication_string,plugin,host FROM mysql.user;"
mysql -u root -p"$password" -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '"$password"';"
mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
msg " Securing MySQL"
sleep 2
mysql -u root -p"$password" -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')" > $OUTPUT 2>&1
mysql -u root -p"$password" -e "DELETE FROM mysql.user WHERE User=''" > $OUTPUT 2>&1
mysql -u root -p"$password" -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'" > $OUTPUT 2>&1
mysql -u root -p"$password" -e "SELECT user,authentication_string,plugin,host FROM mysql.user;" > $OUTPUT 2>&1
mysql -u root -p"$password" -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '"$password"';" > $OUTPUT 2>&1
mysql -u root -p"$password" -e "FLUSH PRIVILEGES;" > $OUTPUT 2>&1
##-----------------------------##
# MySQL Database Creation #
##-----------------------------##
mysql -u root -p"$password" -e "CREATE DATABASE postfixadmin;"
mysql -u root -p"$password" -e "CREATE USER '"postfixadmin"'@'localhost' IDENTIFIED BY '"$password"';"
mysql -u root -p"$password" -e "GRANT ALL ON "postfixadmin".* TO "postfixadmin"@'localhost';"
mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
msg " Creating MySQL Databases"
sleep 2
mysql -u root -p"$password" -e "CREATE DATABASE postfixadmin;" > $OUTPUT 2>&1
mysql -u root -p"$password" -e "CREATE USER '"postfixadmin"'@'localhost' IDENTIFIED BY '"$password"';" > $OUTPUT 2>&1
mysql -u root -p"$password" -e "GRANT ALL ON "postfixadmin".* TO "postfixadmin"@'localhost';" > $OUTPUT 2>&1
mysql -u root -p"$password" -e "FLUSH PRIVILEGES;" > $OUTPUT 2>&1
##------------------##
# PostfixADMIN #
##------------------##
apt install php${phpver} php${phpver}-zip php${phpver}-fpm php${phpver}-cli php${phpver}-json php${phpver}-mysql php${phpver}-opcache php${phpver}-mbstring php${phpver}-readline -y
apt install libc-client2007e mlock php${phpver}-common php${phpver}-imap -y
msg " Configuring PostfixAdmin"
sleep 2
mkdir -p /var/www/"$domain"/html/postfixadmin/templates_c
wget -q -t7 https://git.ictmaatwerk.com/downloads/pfa/postfixadmin-3.1.tar.gz -O /tmp/postfixadmin.tar.gz
wget -q -t7 https://git.ictmaatwerk.com/downloads/pfa/postfixadmin-3.1-dark.tar.gz -O /tmp/postfixadmin.tar.gz
tar -xf /tmp/postfixadmin.tar.gz -C /var/www/"$domain"/html/postfixadmin --strip-components=1
chmod 755 -R /var/www/"$domain"/html/postfixadmin/templates_c
chown -R www-data: /var/www/"$domain"/html/
wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/postfixadmin/config.local.php -O /var/www/$domain/html/postfixadmin/config.local.php
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/postfixadmin/config.local.php -O /var/www/$domain/html/postfixadmin/config.local.php
sed -i -e 's/PASSword/'$password'/' -e 's/dOmaINnamE/'$domonly'/' /var/www/"$domain"/html/postfixadmin/config.local.php
sudo -u www-data php /var/www/"$domain"/html/postfixadmin/upgrade.php
bash /var/www/"$domain"/html/postfixadmin/scripts/postfixadmin-cli admin add superadmin@"$domonly" --superadmin 1 --active 1 --password "$password" --password2 "$password"
groupadd -g 5000 vmail
useradd -u 5000 -g vmail -s /usr/sbin/nologin -d /var/mail/vmail -m vmail
sed -i 's/Welcome to your new account./Welkom bij je nieuwe mailbox!/g' /var/www/"$domain"/html/postfixadmin/config.inc.php
sudo -u www-data php /var/www/"$domain"/html/postfixadmin/upgrade.php > $OUTPUT 2>&1
bash /var/www/"$domain"/html/postfixadmin/scripts/postfixadmin-cli admin add superadmin@"$domonly" --superadmin 1 --active 1 --password "$password" --password2 "$password" > $OUTPUT 2>&1
groupadd -g 5000 vmail > $OUTPUT 2>&1
useradd -u 5000 -g vmail -s /usr/sbin/nologin -d /var/mail/vmail -m vmail > $OUTPUT 2>&1
##--------------------##
# Certbot (Auto) #
##--------------------##
#add-apt-repository ppa:certbot/certbot -y
#apt install -y python-certbot-nginx
msg " Configuring Certbot"
#sleep 2
#certbot --nginx -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
#echo "certbot --nginx -n -d $domain -m $email --hsts --redirect --no-eff-email --agree-tos" > ~/certbotactivate.sh
#sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/nginx/sites-available/"$domain"
#sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/nginx/sites-available/"$domain"
#sed -i 's#include /etc/letsencrypt/options-ssl-nginx.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/nginx/sites-available/"$domain"
#openssl dhparam -out /etc/ssl/certs/dhparam.pem "$dhparam"
#chmod 777 -R /etc/ssl/certs/dhparam.pem
#openssl dhparam -out /etc/ssl/certs/dhparam.pem "$dhparam" > $OUTPUT 2>&1
#chmod 755 -R /etc/ssl/certs/dhparam.pem
##----------------------##
# Certbot (Manual) #
##----------------------##
msg " Configuring Certbot (manual)"
sleep 2
mkdir -p /etc/letsencrypt/live/$domain/
sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/nginx/sites-available/"$domain"
sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/nginx/sites-available/"$domain"
@@ -235,26 +218,21 @@ wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$bra
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/lets-encrypt/fullchain.pem -O /etc/letsencrypt/live/$domain/fullchain.pem
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/lets-encrypt/privkey.pem -O /etc/letsencrypt/live/$domain/privkey.pem
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/nginx/site-enabled -O /etc/nginx/sites-available/mail.ictdownwerk.com
openssl dhparam -out /etc/ssl/certs/dhparam.pem "$dhparam"
openssl dhparam -out /etc/letsencrypt/ssl-dhparams.pem "$dhparam"
chmod 777 -R /etc/letsencrypt/ssl-dhparams.pem
chmod 777 -R /etc/ssl/certs/dhparam.pem
chmod 777 -R /etc/letsencrypt/live/$domain/cert.pem
chmod 777 -R /etc/letsencrypt/live/$domain/chain.pem
chmod 777 -R /etc/letsencrypt/live/$domain/fullchain.pem
chmod 777 -R /etc/letsencrypt/live/$domain/privkey.pem
openssl dhparam -out /etc/ssl/certs/dhparam.pem "$dhparam" > $OUTPUT 2>&1
openssl dhparam -out /etc/letsencrypt/ssl-dhparams.pem "$dhparam" > $OUTPUT 2>&1
chmod 755 -R /etc/letsencrypt/ssl-dhparams.pem
chmod 755 -R /etc/ssl/certs/dhparam.pem
chmod 755 -R /etc/letsencrypt/live/$domain/cert.pem
chmod 755 -R /etc/letsencrypt/live/$domain/chain.pem
chmod 755 -R /etc/letsencrypt/live/$domain/fullchain.pem
chmod 755 -R /etc/letsencrypt/live/$domain/privkey.pem
chmod 644 -R /etc/nginx/sites-available/mail.ictdownwerk.com
##-----------------------##
# Postfix Installer #
##-----------------------##
debconf-set-selections <<< "postfix postfix/mailname string $(hostname -f)"
debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'"
apt install postfix postfix-mysql -y
##---------------------------##
# Postfix Configuration #
##---------------------------##
msg " Configuring Postfix"
sleep 2
mkdir -p /etc/postfix/sql
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/postfix/mysql_virtual_alias_domain_catchall_maps.cf -O /etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/postfix/mysql_virtual_alias_domain_mailbox_maps.cf -O /etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
@@ -262,12 +240,7 @@ wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$bra
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/postfix/mysql_virtual_alias_maps.cf -O /etc/postfix/sql/mysql_virtual_alias_maps.cf
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/postfix/mysql_virtual_domains_maps.cf -O /etc/postfix/sql/mysql_virtual_domains_maps.cf
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/postfix/mysql_virtual_mailbox_maps.cf -O /etc/postfix/sql/mysql_virtual_mailbox_maps.cf
sed -i 's/PASSword/'$password'/g' /etc/postfix/sql/mysql_virtual_domains_maps.cf
sed -i 's/PASSword/'$password'/g' /etc/postfix/sql/mysql_virtual_alias_maps.cf
sed -i 's/PASSword/'$password'/g' /etc/postfix/sql/mysql_virtual_alias_domain_maps.cf
sed -i 's/PASSword/'$password'/g' /etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
sed -i 's/PASSword/'$password'/g' /etc/postfix/sql/mysql_virtual_mailbox_maps.cf
sed -i 's/PASSword/'$password'/g' /etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
sed -i 's/PASSword/'$password'/g' /etc/postfix/sql/mysql_virtual_domains_maps.cf /etc/postfix/sql/mysql_virtual_alias_maps.cf /etc/postfix/sql/mysql_virtual_alias_domain_maps.cf /etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf /etc/postfix/sql/mysql_virtual_mailbox_maps.cf /etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
echo "#MySQL Database" >> /etc/postfix/main.cf
postconf -e "virtual_mailbox_domains = mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf"
postconf -e "virtual_alias_maps = mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf"
@@ -293,17 +266,11 @@ postconf -e "smtpd_recipient_restrictions = permit_sasl_authenticated,permit_myn
sed -i 's/mynetworks = /#mynetworks = /g' /etc/postfix/main.cf
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/$branch/config/postfix/master.cf -O /etc/postfix/master.cf
##-----------------------##
# Dovecot Installer #
##-----------------------##
wget -O- https://repo.dovecot.org/DOVECOT-REPO-GPG | sudo apt-key add -
echo "deb https://repo.dovecot.org/ce-2.3-latest/ubuntu/$(lsb_release -cs) $(lsb_release -cs) main" | sudo tee -a /etc/apt/sources.list.d/dovecot.list
apt update
apt install dovecot-imapd dovecot-lmtpd dovecot-pop3d dovecot-mysql -y
##---------------------------##
# Dovecot Configuration #
##---------------------------##
msg " Configuring Dovecot"
sleep 2
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/dovecot/15-mailboxes.conf -O /etc/dovecot/conf.d/15-mailboxes.conf
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/dovecot/10-mail.conf -O /etc/dovecot/conf.d/10-mail.conf
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/dovecot/10-auth.conf -O /etc/dovecot/conf.d/10-auth.conf
@@ -314,28 +281,29 @@ wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$bra
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/dovecot/dovecot-dict-sql.conf.ext -O /etc/dovecot/dovecot-dict-sql.conf.ext
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/dovecot/dovecot-sql.conf.ext -O /etc/dovecot/dovecot-sql.conf.ext
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/dovecot/quota-warning.sh -O /usr/local/bin/quota-warning.sh
sed -i 's/PASSword/'$password'/g' /etc/dovecot/dovecot-sql.conf.ext
sed -i 's/PASSword/'$password'/g' /etc/dovecot/dovecot-dict-sql.conf.ext
sed -i 's/PASSword/'$password'/g' /etc/dovecot/dovecot-sql.conf.ext /etc/dovecot/dovecot-dict-sql.conf.ext
sed -i -e 's/DOMAINname/'$domain'/' -e 's/#ssl_cert = /ssl_cert = /' -e 's/#ssl_key = /ssl_key = /' -e 's/#ssl_dh = /ssl_dh = /' /etc/dovecot/conf.d/10-ssl.conf
chmod +x /usr/local/bin/quota-warning.sh
##--------------------------------------##
# Dovecot move Spam to Spam Folder #
##--------------------------------------##
apt install dovecot-sieve dovecot-managesieved -y
msg " Configuring Spam Folder"
sleep 2
mkdir -p /etc/dovecot/sieve/
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/$branch/config/dovecot/15-lda.conf -O /etc/dovecot/conf.d/15-lda.conf
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/dovecot/90-sieve.conf -O /etc/dovecot/conf.d/90-sieve.conf
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/sieve/default.sieve -O /etc/dovecot/sieve/default.sieve
chown vmail:vmail /etc/dovecot/sieve/ -R
chown -R vmail:vmail /etc/dovecot/sieve/
chgrp dovecot /etc/dovecot/conf.d/90-sieve.conf
sievec /etc/dovecot/sieve/default.sieve
chgrp dovecot /etc/dovecot/sieve/default.svbin
sievec /etc/dovecot/sieve/default.sieve > $OUTPUT 2>&1
chgrp dovecot /etc/dovecot/sieve/default.svbin > $OUTPUT 2>&1
##------------------##
# Spamassassin #
##------------------##
apt install spamassassin spamc razor pyzor -y
msg " Configuring Spamassassin"
sleep 2
sed -i -e 's/# report_safe 1/report_safe 0/' -e 's/# required_score 5.0/required_score 5.0/' -e 's/endif # Mail::SpamAssassin::Plugin::Shortcircuit//' /etc/spamassassin/local.cf
echo "" >> /etc/spamassassin/local.cf
echo "skip_rbl_checks 0" >> /etc/spamassassin/local.cf
@@ -359,18 +327,21 @@ echo "endif # Mail::SpamAssassin::Plugin::Shortcircuit" >> /etc/spamassassin/loc
##------------##
# ClamAV #
##------------##
apt install clamav clamav-daemon clamsmtp libclamunrar7 clamdscan -y
msg " Configuring ClamAV"
sleep 2
mkdir -p /var/log/clamav
mkdir -p /var/lib/clamav
chown -R clamav:clamav /var/log/clamav
chown -R clamav:clamav /var/lib/clamav
chmod 777 -R /var/lib/clamav
chmod 775 -R /var/lib/clamav/* /var/lib/clamav
##------------##
# Amavis #
##------------##
apt install amavisd-new -y
apt install zip lrzip liblz4-tool lhasa arj unzip bzip2 nomarch cpio lzop cabextract arc apt-listchanges libauthen-sasl-perl libdbd-mysql-perl libdbi-perl libmail-dkim-perl ripole p7zip p7zip-full p7zip-rar rpm unrar unrar-free altermime libsnmp-perl libnet-ldap-perl libnet-ph-perl libnet-snpp-perl libnet-telnet-perl -y
msg " Configuring Amavis"
sleep 2
sed -i -e 's/@bypass/'@bypass'/' -e 's/ / /' /etc/amavis/conf.d/15-content_filter_mode
adduser clamav amavis
adduser clamav amavis > $OUTPUT 2>&1
sed -i 's/clamd.conf/'clamd.conf'/g' /etc/clamav/freshclam.conf
echo "#Pipe incoming mail trough Amavis" >> /etc/postfix/main.cf
postconf -e 'content_filter = amavis:[127.0.0.1]:10024'
@@ -401,40 +372,92 @@ wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$bra
##--------------##
# Rainloop #
##--------------##
apt install unzip -y
msg " Configuring Rainloop"
sleep 2
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/rainloop.sh -O /tmp/rainloop.sh
source /tmp/rainloop.sh
source /tmp/rainloop.sh > $OUTPUT 2>&1
ln -s /opt/rainloop /var/www/"$domain"/html/
##--------------##
# Fail2Ban #
##--------------##
apt install fail2ban -y
msg " Configuring Fail2Ban"
sleep 2
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/fail2ban/dovecot-pop3imap.conf -O /etc/fail2ban/filter.d/dovecot-pop3imap.conf
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/fail2ban/postfix-sasl.conf -O /etc/fail2ban/filter.d/postfix-sasl.conf
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/fail2ban/rainloop.conf -O /etc/fail2ban/filter.d/rainloop.conf
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/fail2ban/jail.local -O /etc/fail2ban/jail.local
sed -i 's/root@localhost/'$email'/g' /etc/fail2ban/jail.conf
systemctl restart fail2ban
systemctl restart fail2ban > $OUTPUT 2>&1
##---------------------------------##
# Unattended Security Updates #
##---------------------------------##
msg " Configuring Unattended Security Updates"
sleep 2
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Unattended-Security-Updates/raw/branch/master/installer.sh -O /tmp/unattended.sh
source /tmp/unattended.sh
##-----------------------##
# Enabling Services #
##-----------------------##
systemctl enable nginx mysql postfix postfix@- dovecot fail2ban clamav-daemon clamav-freshclam clamsmtp spamassassin amavisd-snmp-subagent amavis-mc amavis-snmp-subagent
##--------------##
# OpenDKIM #
##--------------##
msg " OpenDKIM"
sleep 2
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/beta/config/dkim/opendkim.sh -O /tmp/opendkim.sh
source /tmp/opendkim.sh
##-----------------------##
# Starting Services #
##-----------------------##
systemctl restart nginx mysql postfix postfix@- dovecot fail2ban clamav-daemon clamav-freshclam clamsmtp spamassassin amavisd-snmp-subagent amavis-mc amavis-snmp-subagent
##---------------------##
# System services #
##---------------------##
msg " Setting up system services"
sleep 2
systemctl enable nginx mysql postfix postfix@- dovecot fail2ban clamav-daemon clamav-freshclam clamsmtp spamassassin > $OUTPUT 2>&1
systemctl disable amavis amavisd-snmp-subagent amavis-mc postfix dovecot> $OUTPUT 2>&1
systemctl stop amavis amavisd-snmp-subagent amavis-mc postfix dovecot > $OUTPUT 2>&1
systemctl restart nginx mysql postfix@- fail2ban clamav-daemon clamav-freshclam clamsmtp spamassassin > $OUTPUT 2>&1
##---------------------------------##
# Updating ClamAV definitions #
##---------------------------------##
{
for ((i = 0 ; i <= 100 ; i+=1)); do sleep 3.0
echo $i
done
} | whiptail --gauge " Please wait while ClamAV is updating definitions..." 6 52 0
##-------------------------##
# Configuring Services #
##-------------------------##
systemctl start amavis amavisd-snmp-subagent amavis-mc postfix dovecot > $OUTPUT 2>&1
echo "@reboot root sleep 300 && systemctl start amavis amavisd-snmp-subagent amavis-mc postfix dovecot" >> /etc/crontab
##------------------##
# Final Update #
##------------------##
apt update
apt upgrade -y
msg " Final Update"
sleep 2
$PKGM update
$PKGM upgrade -y
$PKGM autoremove -y
##----------------------##
# End of installer #
##----------------------##
msg " Done installing!"
sleep 3
if [ $IMODE = n ]; then
whiptail --title "Info" --msgbox "Point your browser to https://$domain/postfixadmin to get started \n\nYour login is: superadmin@$domonly\nYour password is: $password" 10 108
whiptail --title "Credits" --msgbox " Made by: your local Wizard and God" 8 78
clear
fi
if [ $IMODE = l ]; then
clear
echo "Point your browser to https://$domain/postfixadmin to get started"
echo ""
echo "Your login is: superadmin@$domonly"
echo "Your password is: $password"
echo ""
read -p "Press enter to continue"
clear
fi

46
rainloop.sh
View File

@@ -1,12 +1,18 @@
##
# Crates system wide avalible rainloop instance
# to enable this on a domain create a symlink to the webroot
#
# and don't forget disable acces to data folder in nginx
##
#!/bin/bash
###======================###
## Rainloop installer ##
###======================###
##---------------------------------------------------------------##
# Creates a system wide available rainloop instance #
# to enable this on a domain create a symlink to the webroot #
# Don't forget disable access to the data folder in nginx #
##---------------------------------------------------------------##
apt install php${phpver}-curl php${phpver}-dom unzip gnupg2 curl -y
##install
##-----------##
# Install #
##-----------##
mkdir -p /opt/rainloop
wget http://www.rainloop.net/repository/webmail/rainloop-community-latest.zip -O /tmp/rlcl.zip
unzip -q /tmp/rlcl.zip -d /opt/rainloop
@@ -15,22 +21,30 @@ rm /tmp/rlcl.zip
php /opt/rainloop/index.php > /dev/null 2>&1
rm -f /opt/rainloop/data/_data_/_default_/domains/*
#fetching config files
##-------------------------##
# fetching config files #
##-------------------------##
mkdir -p /opt/rainloop/data/_data_/_default_/domains/
mkdir -p /opt/rainloop/data/_data_/_default_/configs/
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/rainloop/domains-default.ini -O /opt/rainloop/data/_data_/_default_/domains/default.ini
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/rainloop/application.ini -O /opt/rainloop/data/_data_/_default_/configs/application.ini
#setting Permissions
##-----------------------##
# Setting permissions #
##-----------------------##
chown -R www-data:www-data /opt/rainloop
find /opt/rainloop/ -type d -exec chmod 755 {} \;
find /opt/rainloop/ -type f -exec chmod 644 {} \;
#Storing version signature for auto updates
##----------------------------------------------##
# Storing version signature for auto-updates #
##----------------------------------------------##
signature=$(curl -s "https://www.rainloop.net/repository/webmail/rainloop-community-latest.zip.asc")
echo "$signature" > /var/log/rainloop-installed.asc
#creating Contact DB
##-----------------------##
# Creating Contact DB #
##-----------------------##
db_name="rainloop_contacts"
db_user="rainloop_contacts"
db_pass=$(date +%s|sha256sum|base64|head -c 32)
@@ -41,11 +55,15 @@ mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
sed -i 's/MYSQLPASS/'$db_pass'/g' /opt/rainloop/data/_data_/_default_/configs/application.ini
sed -i 's/MYSQLUSER/'$db_user'/g' /opt/rainloop/data/_data_/_default_/configs/application.ini
sed -i 's/MYSQLNAME/'$db_name'/g' /opt/rainloop/data/_data_/_default_/configs/application.ini
#scripts for enableing/disabling admin panel
##----------------------------------##
# Enabling/disabling admin panel #
##----------------------------------##
echo "sed -i 's/allow_admin_panel = Off/allow_admin_panel = On/g' /opt/rainloop/data/_data_/_default_/configs/application.ini" > ~/Enable-RLadmin.sh
echo "sed -i 's/allow_admin_panel = On/allow_admin_panel = Off/g' /opt/rainloop/data/_data_/_default_/configs/application.ini" > ~/Disable-RLadmin.sh
#downloading Update tool
##---------------------------##
# Downloading Update tool #
##---------------------------##
wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/rainloop/update-tools.sh -O /opt/update-rainloop.sh
chmod +x /opt/update-rainloop.sh