From 8dfef7c493ba2690efe337d880006daaa8ec1dfc Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 29 Jan 2021 18:23:16 +0100 Subject: [PATCH 01/30] Added OpenDKIM to Postfix module --- SubModules/postfix/appendCMS-Pre_conf.sh | 18 +++++++ SubModules/postfix/apt.pkg.list | 2 +- SubModules/postfix/conf.sh | 61 +++++++++++++++++++++--- SubModules/postfix/config/opendkim.conf | 12 +++++ SubModules/postfix/generic.pkg.list | 2 +- SubModules/postfix/opendkim-init.sh | 35 ++++++++++++++ installer.sh | 2 +- 7 files changed, 123 insertions(+), 9 deletions(-) create mode 100644 SubModules/postfix/appendCMS-Pre_conf.sh create mode 100644 SubModules/postfix/config/opendkim.conf create mode 100644 SubModules/postfix/opendkim-init.sh diff --git a/SubModules/postfix/appendCMS-Pre_conf.sh b/SubModules/postfix/appendCMS-Pre_conf.sh new file mode 100644 index 0000000..7657c89 --- /dev/null +++ b/SubModules/postfix/appendCMS-Pre_conf.sh @@ -0,0 +1,18 @@ +if [ -z "${sitename}" ]; then sitename=${domain//./_};fi +#ADD DOMAIN +sudo --user opendkim mkdir /etc/opendkim/keys/"$domain" +sudo --user opendkim opendkim-genkey -r -D /etc/opendkim/keys/"$domain" -d "$domain" -s vps +echo "$domain" >> /etc/opendkim/TrustedHosts +echo "vps._domainkey."$domain" "$domain":vps:/etc/opendkim/keys/"$domain"/vps.private" >> /etc/opendkim/KeyTable + +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh +sed -i -e 's/DOMAINname/'$domain'/' 's/SITEName/'$sitename'/' ~/OpenDKIMInit-$sitename.sh + +cat << EOF > /etc/update-motd.d/51-opendkim-"$sitename" +#!/bin/sh +red='\e[1;31m%s\e[0m\n' +printf "\n" +printf \$red "To enable mail for $domain please run Please run bash ~/OpenDKIMInit-$sitename.sh after the first wordpress login" +printf "\n" +EOF +chmod +x /etc/update-motd.d/51-opendkim-"$sitename" \ No newline at end of file diff --git a/SubModules/postfix/apt.pkg.list b/SubModules/postfix/apt.pkg.list index b318606..9e3fe93 100644 --- a/SubModules/postfix/apt.pkg.list +++ b/SubModules/postfix/apt.pkg.list @@ -1 +1 @@ -mailutils \ No newline at end of file +mailutils opendkim-tools \ No newline at end of file diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index f7c847c..4a041d5 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -1,10 +1,15 @@ + +systemctl stop postfix opendkim + + ##-------------## # Postfix # ##-------------## -sed -i 's/#inet_interfaces = all/inet_interfaces = loopback-only/g' /etc/postfix/main.cf -sed -i 's/mydestination/#mydestination/g' /etc/postfix/main.cf -sed -i 's/relayhost =/mydestination = '$hostname', localhost.'$hostname', '$hostname'/g' /etc/postfix/main.cf +sed -i "/^inet_interfaces =/c\inet_interfaces = loopback-only" /etc/postfix/main.cf +sed -i "/recipient_delimiter =/c\recipient_delimiter = +" /etc/postfix/main.cf +sed -i "/^mydestination =/c\mydestination = \"$hostname\", localhost.\"$hostname\", \"$hostname\"" /etc/postfix/main.cf +echo "$hostname" > /etc/mailname echo "bounce_notice_recipient = info@$domain" >> /etc/postfix/main.cf cat < /etc/aliases # See man 5 aliases for format @@ -13,6 +18,50 @@ root: $email EOF newaliases -systemctl start postfix -systemctl enable postfix -systemctl reload postfix \ No newline at end of file +cat <> +milter_default_action = accept +milter_protocol = 2 +smtpd_milters = unix:/var/run/opendkim/opendkim.sock +non_smtpd_milters = unix:/var/run/opendkim/opendkim.sock +EOF + + +##--------------## +# OpenDKIM # +##--------------## + +adduser postfix opendkim +mkdir /etc/opendkim/keys +chown opendkim:opendkim /etc/opendkim/keys -R +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim.conf +cat < /etc/opendkim/TrustedHosts +127.0.0.1 +::1 +localhost +$(curl -s -4 icanhazip.com) +$(curl -s -6 icanhazip.com) +${hostname} +EOF + + +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then + mkdir /var/spool/postfix/opendkim + sudo chown opendkim:postfix /var/spool/postfix/opendkim + sed -i "/^RUNDIR=/c\RUNDIR=/var/spool/postfix/var/run/opendkim" /etc/default/opendkim + echo "TrustAnchorFile /usr/share/dns/root.key" >> /etc/opendkim/conf + bash /lib/opendkim/opendkim.service.generate + systemctl daemon-reload +fi + +cat << EOF > /etc/update-motd.d/51-generalSPF +#!/bin/sh +red='\e[1;31m%s\e[0m\n' +printf "\n" +printf \$red "To enable mail for this server add \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" to $hostname SPF" +printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalSPF\"" +printf "\n" +EOF +chmod +x /etc/update-motd.d/51-generalSPF + +systemctl start postfix opendkim +systemctl enable postfix opendkim diff --git a/SubModules/postfix/config/opendkim.conf b/SubModules/postfix/config/opendkim.conf new file mode 100644 index 0000000..9446ba4 --- /dev/null +++ b/SubModules/postfix/config/opendkim.conf @@ -0,0 +1,12 @@ +Syslog yes +UMask 007 +Socket local:/var/run/opendkim/opendkim.sock +PidFile /var/run/opendkim/opendkim.pid +OversignHeaders From +UserID opendkim +Canonicalization relaxed/simple +Mode s +KeyTable refile:/etc/opendkim/KeyTable +SigningTable refile:/etc/opendkim/SigningTable +ExternalIgnoreList refile:/etc/opendkim/TrustedHosts +InternalHosts refile:/etc/opendkim/TrustedHosts diff --git a/SubModules/postfix/generic.pkg.list b/SubModules/postfix/generic.pkg.list index 638b1b7..c07114a 100644 --- a/SubModules/postfix/generic.pkg.list +++ b/SubModules/postfix/generic.pkg.list @@ -1 +1 @@ -postfix \ No newline at end of file +postfix opendkim \ No newline at end of file diff --git a/SubModules/postfix/opendkim-init.sh b/SubModules/postfix/opendkim-init.sh new file mode 100644 index 0000000..34b4c48 --- /dev/null +++ b/SubModules/postfix/opendkim-init.sh @@ -0,0 +1,35 @@ +if [ -n "$1" ]; then + if [[ "$1" = "--enable" ]]; then + echo "Enableing DKIM" + + echo "*@DOMAINname vps._domainkey.DOMAINname >>/etc/opendkim/SigningTable\ + systemctl reload opendkim + #Remove script + while true; do + read -p "Remove this script -> yes/no?" yn + case $yn in + [Nn]* ) + break;; + [Yy]* ) + rm -- "$0" + break;; + * )echo "Choose yes or no.";; + esac + done + exit + fi +fi +echo "Required to enable mailing for this system" +echo "Please add the folloing to your SPF Record in the DNS of DOMAINname" +echo "" +echo "Optional to enable dkim" +echo "ip4:$(curl -s -4 icanhazip.com) ip6:$(curl -s -6 icanhazip.com)" +echo "Please add the folloing TXT Record to the DNS of DOMAINname" +echo "WARNING the output is split, please combine key before inserting into DNS" +cat /etc/opendkim/keys/DOMAINname/vps.txt + +echo "" +echo "If DNS is propegated then run \"bash $0 --enable\"" + +rm -f /etc/update-motd.d/51-opendkim-SITEName + diff --git a/installer.sh b/installer.sh index 43b9eeb..dd063b5 100644 --- a/installer.sh +++ b/installer.sh @@ -24,7 +24,7 @@ fi #Git-repo repo=https://git.ictmaatwerk.com/VPS-scripts/Web-V2 -branch=master +branch=PostfixTesting branchtype=branch #=branch for branch and =tag for release #Installer-config phpver=7.4 From 9c36d12d5215cc6a1ae8ee75c5f1964950533b6f Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 4 Feb 2021 15:25:57 +0100 Subject: [PATCH 02/30] added CMSHook for postfix module and updated conf CMSHook wil be inplemented so CMS releated Module configuration, this wil be loaded when using appendCMS and the main intaller --- SubModules/postfix/CMSHook-conf.sh | 23 ++++++++++++++++++++ SubModules/postfix/CMSHook-preconf.sh | 27 ++++++++++++++++++++++++ SubModules/postfix/appendCMS-Pre_conf.sh | 18 ---------------- SubModules/postfix/conf.sh | 26 ++++++++++++++++++++++- SubModules/postfix/opendkim-init.sh | 2 +- SubModules/postfix/preconf.sh | 9 ++------ 6 files changed, 78 insertions(+), 27 deletions(-) create mode 100644 SubModules/postfix/CMSHook-conf.sh create mode 100644 SubModules/postfix/CMSHook-preconf.sh delete mode 100644 SubModules/postfix/appendCMS-Pre_conf.sh diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh new file mode 100644 index 0000000..5164b4a --- /dev/null +++ b/SubModules/postfix/CMSHook-conf.sh @@ -0,0 +1,23 @@ +#ADD DOMAIN +sudo --user opendkim mkdir /etc/opendkim/keys/"$maildomain" +sudo --user opendkim opendkim-genkey -r -D /etc/opendkim/keys/"$maildomain" -d "$maildomain" -s vps +echo "$maildomain" >> /etc/opendkim/TrustedHosts +echo "vps._domainkey."$maildomain" "$maildomain":vps:/etc/opendkim/keys/"$maildomain"/vps.private" >> /etc/opendkim/KeyTable + +if [ $webserv != nginx_nonphp ]; then + echo "php_admin_value[mail.force_extra_parameters] = \"-f$mailas -F'$maildomain'\"" >> "$phpPoolDir"/"$sitename".conf +fi + + +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh +sed -i -e 's/DOMAINname/'$domain'/' 's/SITEName/'$sitename'/' ~/OpenDKIMInit-$sitename.sh + +cat << EOF > /etc/update-motd.d/51-opendkim-"$sitename" +#!/bin/sh +red='\e[1;31m%s\e[0m\n' +printf "\n" +printf \$red "To enable mail for $domain please run please run bash ~/OpenDKIMInit-$sitename.sh" +printf "\n" +EOF +chmod +x /etc/update-motd.d/51-opendkim-"$sitename" +systemctl reload opendkim $phpFPMService \ No newline at end of file diff --git a/SubModules/postfix/CMSHook-preconf.sh b/SubModules/postfix/CMSHook-preconf.sh new file mode 100644 index 0000000..a95924d --- /dev/null +++ b/SubModules/postfix/CMSHook-preconf.sh @@ -0,0 +1,27 @@ +if [ -z "${sitename}" ]; then sitename=${domain//./_};fi +if [ $IMODE = n ]; then + if (whiptail --title "Config" --yesno " Send mail as info@$domain of $domain" 11 78); then + mailas=info@$domain + maildomain=$domain +else + mailas=$(whiptail --nocancel --inputbox " Enter mail addres for sending mail" 11 78 --title "Config" 3>&1 1>&2 2>&3) + sed -e 's/[^@]*@//' <<< "$mail" +fi + +fi +if [ $IMODE = l ]; then + while true; do + read -p "Hostname with nxdi.nl -> yes/no?" yn + case $yn in + [Yy]* ) + mailas=info@$domain + maildomain=$domain + break;; + [Nn]* ) + echo 'Enter full hostname:' + read hostname + break;; + * )echo "Choose yes or no.";; + esac + done +fi diff --git a/SubModules/postfix/appendCMS-Pre_conf.sh b/SubModules/postfix/appendCMS-Pre_conf.sh deleted file mode 100644 index 7657c89..0000000 --- a/SubModules/postfix/appendCMS-Pre_conf.sh +++ /dev/null @@ -1,18 +0,0 @@ -if [ -z "${sitename}" ]; then sitename=${domain//./_};fi -#ADD DOMAIN -sudo --user opendkim mkdir /etc/opendkim/keys/"$domain" -sudo --user opendkim opendkim-genkey -r -D /etc/opendkim/keys/"$domain" -d "$domain" -s vps -echo "$domain" >> /etc/opendkim/TrustedHosts -echo "vps._domainkey."$domain" "$domain":vps:/etc/opendkim/keys/"$domain"/vps.private" >> /etc/opendkim/KeyTable - -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh -sed -i -e 's/DOMAINname/'$domain'/' 's/SITEName/'$sitename'/' ~/OpenDKIMInit-$sitename.sh - -cat << EOF > /etc/update-motd.d/51-opendkim-"$sitename" -#!/bin/sh -red='\e[1;31m%s\e[0m\n' -printf "\n" -printf \$red "To enable mail for $domain please run Please run bash ~/OpenDKIMInit-$sitename.sh after the first wordpress login" -printf "\n" -EOF -chmod +x /etc/update-motd.d/51-opendkim-"$sitename" \ No newline at end of file diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 4a041d5..e6cabcc 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -10,7 +10,11 @@ sed -i "/^inet_interfaces =/c\inet_interfaces = loopback-only" /etc/postfix/main sed -i "/recipient_delimiter =/c\recipient_delimiter = +" /etc/postfix/main.cf sed -i "/^mydestination =/c\mydestination = \"$hostname\", localhost.\"$hostname\", \"$hostname\"" /etc/postfix/main.cf echo "$hostname" > /etc/mailname -echo "bounce_notice_recipient = info@$domain" >> /etc/postfix/main.cf +if [ "$(echo "$hostname" | grep -o "\." | wc -l)" -eq 1 ]; then + echo "bounce_notice_recipient = admin@$hostname" >> /etc/postfix/main.cf +else + echo "bounce_notice_recipient = admin@$(sed 's/.*\.\(.*\..*\)/\1/' <<< $hostname)" >> /etc/postfix/main.cf +fi cat < /etc/aliases # See man 5 aliases for format postmaster: root @@ -34,6 +38,7 @@ adduser postfix opendkim mkdir /etc/opendkim/keys chown opendkim:opendkim /etc/opendkim/keys -R curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim.conf +dkimname sed 's/\..*$//' <<< "$url" cat < /etc/opendkim/TrustedHosts 127.0.0.1 ::1 @@ -53,11 +58,21 @@ if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist systemctl daemon-reload fi +$odksec=$(sed 's/\..*$//' <<< $hostname) +sudo --user opendkim mkdir /etc/opendkim/keys/"$hostname" +sudo --user opendkim opendkim-genkey -r -D /etc/opendkim/keys/"$hostname" -d "$hostname" -s $odksec +echo ""$odksec"._domainkey."$hostname" "$hostname":"$odksec":/etc/opendkim/keys/"$hostname"/"$odksec".private" >> /etc/opendkim/KeyTable +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim-init.sh -o ~/OpenDKIMInit-host.sh +sed -i -e 's/DOMAINname/'$hostname'/' 's/SITEName/'host'/' 's/vps/'$odksec'/' ~/OpenDKIMInit-host.sh +unset odksec + + cat << EOF > /etc/update-motd.d/51-generalSPF #!/bin/sh red='\e[1;31m%s\e[0m\n' printf "\n" printf \$red "To enable mail for this server add \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" to $hostname SPF" +printf \$red "to enable DKKIM for the hostname run bash ~/OpenDKIMInit-host.sh" printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalSPF\"" printf "\n" EOF @@ -65,3 +80,12 @@ chmod +x /etc/update-motd.d/51-generalSPF systemctl start postfix opendkim systemctl enable postfix opendkim + +#if using Append module run for existing cms/sites +if [ -z "${postfixappended}" ]; then + for sitename in /etc/ICTM/sites/*; do + domain=${sitename//_/.} + source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/appendCMS-preconf.sh) + source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/appendCMS-conf.sh) + done +fi \ No newline at end of file diff --git a/SubModules/postfix/opendkim-init.sh b/SubModules/postfix/opendkim-init.sh index 34b4c48..ba52059 100644 --- a/SubModules/postfix/opendkim-init.sh +++ b/SubModules/postfix/opendkim-init.sh @@ -2,7 +2,7 @@ if [ -n "$1" ]; then if [[ "$1" = "--enable" ]]; then echo "Enableing DKIM" - echo "*@DOMAINname vps._domainkey.DOMAINname >>/etc/opendkim/SigningTable\ + echo "*@DOMAINname vps._domainkey.DOMAINname" >>/etc/opendkim/SigningTable systemctl reload opendkim #Remove script while true; do diff --git a/SubModules/postfix/preconf.sh b/SubModules/postfix/preconf.sh index 1d01d0c..0276a07 100644 --- a/SubModules/postfix/preconf.sh +++ b/SubModules/postfix/preconf.sh @@ -1,13 +1,8 @@ if [ -z "${domain}" ]; then - if [ $IMODE = n ]; then - domain=$(whiptail --nocancel --inputbox " Enter the domain without WWW " 11 82 --title "Config" 3>&1 1>&2 2>&3) - elif [ $IMODE = l ]; then - echo "Enter the domain without WWW:" - read domain - fi + postfixappended=1 fi if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then - debconf-set-selections <<< "postfix postfix/mailname string $domain" + debconf-set-selections <<< "postfix postfix/mailname string $hostname" debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'" fi \ No newline at end of file From 7e6be6bf72ccde3c2af1fb777d47630b1e6483d7 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 16:54:06 +0100 Subject: [PATCH 03/30] Updated Inst:AppendCMS Mod:Postfix Inst:AppendCMS added var store when adding CMS Mod:Postfix Added fix to conf.sh --- AppendCMS.sh | 6 ++++++ SubModules/postfix/conf.sh | 4 +++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index 0966189..979e4c8 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -156,6 +156,12 @@ fi #Cleaning options from menu CMS="${CMS//:}" && CMS="${CMS,,}" +##-----------------## +# Storeing vars # +##-----------------## + +touch /etc/ICTM/sites/"$sitename" + ##-----------## # AptList # diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index e6cabcc..685d080 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -22,7 +22,9 @@ root: $email EOF newaliases -cat <> +cat <> /etc/postfix/main.cf + +#openDKIM milter_default_action = accept milter_protocol = 2 smtpd_milters = unix:/var/run/opendkim/opendkim.sock From 2988258ffd5fe0ee8c988535be811076244eddbc Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 17:12:34 +0100 Subject: [PATCH 04/30] Mod:Postfix Updated Config.sh fixed mkdir, various typos and existing CMS/site detection --- SubModules/postfix/conf.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 685d080..6970ec2 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -37,10 +37,9 @@ EOF ##--------------## adduser postfix opendkim -mkdir /etc/opendkim/keys +mkdir -p /etc/opendkim/keys chown opendkim:opendkim /etc/opendkim/keys -R curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim.conf -dkimname sed 's/\..*$//' <<< "$url" cat < /etc/opendkim/TrustedHosts 127.0.0.1 ::1 @@ -60,7 +59,7 @@ if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist systemctl daemon-reload fi -$odksec=$(sed 's/\..*$//' <<< $hostname) +odksec=$(sed 's/\..*$//' <<< $hostname) sudo --user opendkim mkdir /etc/opendkim/keys/"$hostname" sudo --user opendkim opendkim-genkey -r -D /etc/opendkim/keys/"$hostname" -d "$hostname" -s $odksec echo ""$odksec"._domainkey."$hostname" "$hostname":"$odksec":/etc/opendkim/keys/"$hostname"/"$odksec".private" >> /etc/opendkim/KeyTable @@ -84,8 +83,9 @@ systemctl start postfix opendkim systemctl enable postfix opendkim #if using Append module run for existing cms/sites -if [ -z "${postfixappended}" ]; then - for sitename in /etc/ICTM/sites/*; do +if [ ! -z "${postfixappended}" ]; then + for file in /etc/ICTM/sites/*; do + sitename="${file##*/}" domain=${sitename//_/.} source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/appendCMS-preconf.sh) source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/appendCMS-conf.sh) From c60b57d41b65003b41d1a4bcfa458e30f740e698 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 17:23:40 +0100 Subject: [PATCH 05/30] Mod:Postfix Fixed incorrect links & dkim conf dir Updated location of OpenDKIM config files to default /etc/opendkim.d from /etc/opendkim Updated config file to reflect filename hanges in repo --- SubModules/postfix/CMSHook-conf.sh | 10 +++++----- SubModules/postfix/conf.sh | 25 +++++++++++++------------ SubModules/postfix/config/opendkim.conf | 8 ++++---- SubModules/postfix/opendkim-init.sh | 4 ++-- 4 files changed, 24 insertions(+), 23 deletions(-) diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh index 5164b4a..38e4efc 100644 --- a/SubModules/postfix/CMSHook-conf.sh +++ b/SubModules/postfix/CMSHook-conf.sh @@ -1,15 +1,15 @@ #ADD DOMAIN -sudo --user opendkim mkdir /etc/opendkim/keys/"$maildomain" -sudo --user opendkim opendkim-genkey -r -D /etc/opendkim/keys/"$maildomain" -d "$maildomain" -s vps -echo "$maildomain" >> /etc/opendkim/TrustedHosts -echo "vps._domainkey."$maildomain" "$maildomain":vps:/etc/opendkim/keys/"$maildomain"/vps.private" >> /etc/opendkim/KeyTable +sudo --user opendkim mkdir /etc/opendkim.d/keys/"$maildomain" +sudo --user opendkim opendkim-genkey -r -D /etc/opendkim.d/keys/"$maildomain" -d "$maildomain" -s vps +echo "$maildomain" >> /etc/opendkim.d/TrustedHosts +echo "vps._domainkey."$maildomain" "$maildomain":vps:/etc/opendkim.d/keys/"$maildomain"/vps.private" >> /etc/opendkim.d/KeyTable if [ $webserv != nginx_nonphp ]; then echo "php_admin_value[mail.force_extra_parameters] = \"-f$mailas -F'$maildomain'\"" >> "$phpPoolDir"/"$sitename".conf fi -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh sed -i -e 's/DOMAINname/'$domain'/' 's/SITEName/'$sitename'/' ~/OpenDKIMInit-$sitename.sh cat << EOF > /etc/update-motd.d/51-opendkim-"$sitename" diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 6970ec2..1959030 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -37,10 +37,11 @@ EOF ##--------------## adduser postfix opendkim -mkdir -p /etc/opendkim/keys -chown opendkim:opendkim /etc/opendkim/keys -R -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim.conf -cat < /etc/opendkim/TrustedHosts +rm -rm /etc/opendkim.d +mkdir -p /etc/opendkim.d/keys +chown opendkim:opendkim /etc/opendkim.d/keys -R +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim.d.conf +cat < /etc/opendkim.d/TrustedHosts 127.0.0.1 ::1 localhost @@ -54,17 +55,17 @@ if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist mkdir /var/spool/postfix/opendkim sudo chown opendkim:postfix /var/spool/postfix/opendkim sed -i "/^RUNDIR=/c\RUNDIR=/var/spool/postfix/var/run/opendkim" /etc/default/opendkim - echo "TrustAnchorFile /usr/share/dns/root.key" >> /etc/opendkim/conf + echo "TrustAnchorFile /usr/share/dns/root.key" >> /etc/opendkim.d/conf bash /lib/opendkim/opendkim.service.generate systemctl daemon-reload fi odksec=$(sed 's/\..*$//' <<< $hostname) -sudo --user opendkim mkdir /etc/opendkim/keys/"$hostname" -sudo --user opendkim opendkim-genkey -r -D /etc/opendkim/keys/"$hostname" -d "$hostname" -s $odksec -echo ""$odksec"._domainkey."$hostname" "$hostname":"$odksec":/etc/opendkim/keys/"$hostname"/"$odksec".private" >> /etc/opendkim/KeyTable -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim-init.sh -o ~/OpenDKIMInit-host.sh -sed -i -e 's/DOMAINname/'$hostname'/' 's/SITEName/'host'/' 's/vps/'$odksec'/' ~/OpenDKIMInit-host.sh +sudo --user opendkim mkdir /etc/opendkim.d/keys/"$hostname" +sudo --user opendkim opendkim-genkey -r -D /etc/opendkim.d/keys/"$hostname" -d "$hostname" -s $odksec +echo ""$odksec"._domainkey."$hostname" "$hostname":"$odksec":/etc/opendkim.d/keys/"$hostname"/"$odksec".private" >> /etc/opendkim.d/KeyTable +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-host.sh +sed -i -e 's/DOMAINname/'$hostname'/' -e 's/SITEName/'host'/' 's/vps/'$odksec'/' ~/OpenDKIMInit-host.sh unset odksec @@ -87,7 +88,7 @@ if [ ! -z "${postfixappended}" ]; then for file in /etc/ICTM/sites/*; do sitename="${file##*/}" domain=${sitename//_/.} - source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/appendCMS-preconf.sh) - source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/appendCMS-conf.sh) + source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/CMSHook-preconf.sh) + source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/CMSHook-conf.sh) done fi \ No newline at end of file diff --git a/SubModules/postfix/config/opendkim.conf b/SubModules/postfix/config/opendkim.conf index 9446ba4..799422c 100644 --- a/SubModules/postfix/config/opendkim.conf +++ b/SubModules/postfix/config/opendkim.conf @@ -6,7 +6,7 @@ OversignHeaders From UserID opendkim Canonicalization relaxed/simple Mode s -KeyTable refile:/etc/opendkim/KeyTable -SigningTable refile:/etc/opendkim/SigningTable -ExternalIgnoreList refile:/etc/opendkim/TrustedHosts -InternalHosts refile:/etc/opendkim/TrustedHosts +KeyTable refile:/etc/opendkim.d/KeyTable +SigningTable refile:/etc/opendkim.d/SigningTable +ExternalIgnoreList refile:/etc/opendkim.d/TrustedHosts +InternalHosts refile:/etc/opendkim.d/TrustedHosts diff --git a/SubModules/postfix/opendkim-init.sh b/SubModules/postfix/opendkim-init.sh index ba52059..8460fc8 100644 --- a/SubModules/postfix/opendkim-init.sh +++ b/SubModules/postfix/opendkim-init.sh @@ -2,7 +2,7 @@ if [ -n "$1" ]; then if [[ "$1" = "--enable" ]]; then echo "Enableing DKIM" - echo "*@DOMAINname vps._domainkey.DOMAINname" >>/etc/opendkim/SigningTable + echo "*@DOMAINname vps._domainkey.DOMAINname" >>/etc/opendkim.d/SigningTable systemctl reload opendkim #Remove script while true; do @@ -26,7 +26,7 @@ echo "Optional to enable dkim" echo "ip4:$(curl -s -4 icanhazip.com) ip6:$(curl -s -6 icanhazip.com)" echo "Please add the folloing TXT Record to the DNS of DOMAINname" echo "WARNING the output is split, please combine key before inserting into DNS" -cat /etc/opendkim/keys/DOMAINname/vps.txt +cat /etc/opendkim.d/keys/DOMAINname/vps.txt echo "" echo "If DNS is propegated then run \"bash $0 --enable\"" From 10838eb815cd3e6b469b2b87184a192aea01edbe Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 17:33:26 +0100 Subject: [PATCH 06/30] Mod:Postfix updated CMSHook and fixed sed (again) --- SubModules/postfix/CMSHook-preconf.sh | 11 ++++++----- SubModules/postfix/conf.sh | 4 ++-- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/SubModules/postfix/CMSHook-preconf.sh b/SubModules/postfix/CMSHook-preconf.sh index a95924d..1292d46 100644 --- a/SubModules/postfix/CMSHook-preconf.sh +++ b/SubModules/postfix/CMSHook-preconf.sh @@ -1,25 +1,26 @@ if [ -z "${sitename}" ]; then sitename=${domain//./_};fi if [ $IMODE = n ]; then - if (whiptail --title "Config" --yesno " Send mail as info@$domain of $domain" 11 78); then + if (whiptail --title "Config" --yesno " Send mail as info@$domain for $domain" 11 78); then mailas=info@$domain maildomain=$domain else mailas=$(whiptail --nocancel --inputbox " Enter mail addres for sending mail" 11 78 --title "Config" 3>&1 1>&2 2>&3) - sed -e 's/[^@]*@//' <<< "$mail" + maildomain=$(sed -e 's/[^@]*@//' <<< "$mail") fi fi if [ $IMODE = l ]; then while true; do - read -p "Hostname with nxdi.nl -> yes/no?" yn + read -p "Send mail as info@$domain for $domain" yn case $yn in [Yy]* ) mailas=info@$domain maildomain=$domain break;; [Nn]* ) - echo 'Enter full hostname:' - read hostname + echo 'Enter mail addres for sending mail' + read mail + maildomain=$(sed -e 's/[^@]*@//' <<< "$mail") break;; * )echo "Choose yes or no.";; esac diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 1959030..db7df5e 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -37,7 +37,7 @@ EOF ##--------------## adduser postfix opendkim -rm -rm /etc/opendkim.d +rm -rf /etc/opendkim.d mkdir -p /etc/opendkim.d/keys chown opendkim:opendkim /etc/opendkim.d/keys -R curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim.d.conf @@ -65,7 +65,7 @@ sudo --user opendkim mkdir /etc/opendkim.d/keys/"$hostname" sudo --user opendkim opendkim-genkey -r -D /etc/opendkim.d/keys/"$hostname" -d "$hostname" -s $odksec echo ""$odksec"._domainkey."$hostname" "$hostname":"$odksec":/etc/opendkim.d/keys/"$hostname"/"$odksec".private" >> /etc/opendkim.d/KeyTable curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-host.sh -sed -i -e 's/DOMAINname/'$hostname'/' -e 's/SITEName/'host'/' 's/vps/'$odksec'/' ~/OpenDKIMInit-host.sh +sed -i -e 's/DOMAINname/'$hostname'/' -e 's/SITEName/'host'/' -e 's/vps/'$odksec'/' ~/OpenDKIMInit-host.sh unset odksec From 616f0a216225bbcb22aae19403111dff2f6c4c1d Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 18:05:23 +0100 Subject: [PATCH 07/30] Mod:Postfix Fixed ODK Sock for deb & Clean CMSHOOK --- SubModules/postfix/CMSHook-conf.sh | 2 +- SubModules/postfix/CMSHook-preconf.sh | 24 ++++++++++++------------ SubModules/postfix/conf.sh | 4 ++-- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh index 38e4efc..2fa4488 100644 --- a/SubModules/postfix/CMSHook-conf.sh +++ b/SubModules/postfix/CMSHook-conf.sh @@ -10,7 +10,7 @@ fi curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh -sed -i -e 's/DOMAINname/'$domain'/' 's/SITEName/'$sitename'/' ~/OpenDKIMInit-$sitename.sh +sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEName/'$sitename'/' ~/OpenDKIMInit-$sitename.sh cat << EOF > /etc/update-motd.d/51-opendkim-"$sitename" #!/bin/sh diff --git a/SubModules/postfix/CMSHook-preconf.sh b/SubModules/postfix/CMSHook-preconf.sh index 1292d46..7d0bb76 100644 --- a/SubModules/postfix/CMSHook-preconf.sh +++ b/SubModules/postfix/CMSHook-preconf.sh @@ -1,28 +1,28 @@ if [ -z "${sitename}" ]; then sitename=${domain//./_};fi if [ $IMODE = n ]; then - if (whiptail --title "Config" --yesno " Send mail as info@$domain for $domain" 11 78); then - mailas=info@$domain - maildomain=$domain -else - mailas=$(whiptail --nocancel --inputbox " Enter mail addres for sending mail" 11 78 --title "Config" 3>&1 1>&2 2>&3) - maildomain=$(sed -e 's/[^@]*@//' <<< "$mail") + if (whiptail --title "Config" --yesno " Send mail as info@$domain for $domain?" 11 78); then + mailas=info@$domain + maildomain=$domain + else + mailas=$(whiptail --nocancel --inputbox " Enter mail addres for sending mail?" 11 78 --title "Config" 3>&1 1>&2 2>&3) + maildomain=$(sed -e 's/[^@]*@//' <<< "$mail") + fi fi -fi if [ $IMODE = l ]; then while true; do - read -p "Send mail as info@$domain for $domain" yn + read -p "Send mail as info@$domain for $domain? (y/n)" yn case $yn in [Yy]* ) mailas=info@$domain maildomain=$domain break;; [Nn]* ) - echo 'Enter mail addres for sending mail' - read mail - maildomain=$(sed -e 's/[^@]*@//' <<< "$mail") + echo 'Enter mail addres for sending mail? ' + read mail + maildomain=$(sed -e 's/[^@]*@//' <<< "$mail") break;; * )echo "Choose yes or no.";; esac done -fi +fi \ No newline at end of file diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index db7df5e..27e04d5 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -52,8 +52,8 @@ EOF if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then - mkdir /var/spool/postfix/opendkim - sudo chown opendkim:postfix /var/spool/postfix/opendkim + mkdir -p /var/spool/postfix/var/run/opendkim + sudo chown opendkim:postfix /var/spool/postfix/var/run/opendkim sed -i "/^RUNDIR=/c\RUNDIR=/var/spool/postfix/var/run/opendkim" /etc/default/opendkim echo "TrustAnchorFile /usr/share/dns/root.key" >> /etc/opendkim.d/conf bash /lib/opendkim/opendkim.service.generate From 46042d3ca92d0ba7f7e64b280e71a0afd84cf884 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 18:39:35 +0100 Subject: [PATCH 08/30] Mod:Postfix fixed PHP cfg Update & motd warn msgs --- SubModules/postfix/CMSHook-conf.sh | 5 +++-- SubModules/postfix/conf.sh | 6 +++--- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh index 2fa4488..f5f1956 100644 --- a/SubModules/postfix/CMSHook-conf.sh +++ b/SubModules/postfix/CMSHook-conf.sh @@ -5,14 +5,15 @@ echo "$maildomain" >> /etc/opendkim.d/TrustedHosts echo "vps._domainkey."$maildomain" "$maildomain":vps:/etc/opendkim.d/keys/"$maildomain"/vps.private" >> /etc/opendkim.d/KeyTable if [ $webserv != nginx_nonphp ]; then + echo "" >> "$phpPoolDir"/"$sitename".conf echo "php_admin_value[mail.force_extra_parameters] = \"-f$mailas -F'$maildomain'\"" >> "$phpPoolDir"/"$sitename".conf fi curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh -sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEName/'$sitename'/' ~/OpenDKIMInit-$sitename.sh +sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEName/'${sitename//_}'/' ~/OpenDKIMInit-$sitename.sh -cat << EOF > /etc/update-motd.d/51-opendkim-"$sitename" +cat << EOF > /etc/update-motd.d/51-opendkim-"${sitename//_}" #!/bin/sh red='\e[1;31m%s\e[0m\n' printf "\n" diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 27e04d5..91c6d8a 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -69,16 +69,16 @@ sed -i -e 's/DOMAINname/'$hostname'/' -e 's/SITEName/'host'/' -e 's/vps/'$odksec unset odksec -cat << EOF > /etc/update-motd.d/51-generalSPF +cat << EOF > /etc/update-motd.d/51-generalspf #!/bin/sh red='\e[1;31m%s\e[0m\n' printf "\n" printf \$red "To enable mail for this server add \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" to $hostname SPF" printf \$red "to enable DKKIM for the hostname run bash ~/OpenDKIMInit-host.sh" -printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalSPF\"" +printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalspf\"" printf "\n" EOF -chmod +x /etc/update-motd.d/51-generalSPF +chmod +x /etc/update-motd.d/51-generalspf systemctl start postfix opendkim systemctl enable postfix opendkim From 4ff12369d69bc2a218c1309333ebaf14b936bb39 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 18:39:35 +0100 Subject: [PATCH 09/30] Mod:Postfix fixed PHP cfg Update & motd warn msgs --- SubModules/postfix/CMSHook-conf.sh | 7 ++++--- SubModules/postfix/conf.sh | 6 +++--- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh index 2fa4488..da61e81 100644 --- a/SubModules/postfix/CMSHook-conf.sh +++ b/SubModules/postfix/CMSHook-conf.sh @@ -5,19 +5,20 @@ echo "$maildomain" >> /etc/opendkim.d/TrustedHosts echo "vps._domainkey."$maildomain" "$maildomain":vps:/etc/opendkim.d/keys/"$maildomain"/vps.private" >> /etc/opendkim.d/KeyTable if [ $webserv != nginx_nonphp ]; then + echo "" >> "$phpPoolDir"/"$sitename".conf echo "php_admin_value[mail.force_extra_parameters] = \"-f$mailas -F'$maildomain'\"" >> "$phpPoolDir"/"$sitename".conf fi curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh -sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEName/'$sitename'/' ~/OpenDKIMInit-$sitename.sh +sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEName/'${sitename//_}'/' ~/OpenDKIMInit-$sitename.sh -cat << EOF > /etc/update-motd.d/51-opendkim-"$sitename" +cat << EOF > /etc/update-motd.d/51-opendkim-"${sitename//_}" #!/bin/sh red='\e[1;31m%s\e[0m\n' printf "\n" printf \$red "To enable mail for $domain please run please run bash ~/OpenDKIMInit-$sitename.sh" printf "\n" EOF -chmod +x /etc/update-motd.d/51-opendkim-"$sitename" +chmod +x /etc/update-motd.d/51-opendkim-"${sitename//_}" systemctl reload opendkim $phpFPMService \ No newline at end of file diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 27e04d5..91c6d8a 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -69,16 +69,16 @@ sed -i -e 's/DOMAINname/'$hostname'/' -e 's/SITEName/'host'/' -e 's/vps/'$odksec unset odksec -cat << EOF > /etc/update-motd.d/51-generalSPF +cat << EOF > /etc/update-motd.d/51-generalspf #!/bin/sh red='\e[1;31m%s\e[0m\n' printf "\n" printf \$red "To enable mail for this server add \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" to $hostname SPF" printf \$red "to enable DKKIM for the hostname run bash ~/OpenDKIMInit-host.sh" -printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalSPF\"" +printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalspf\"" printf "\n" EOF -chmod +x /etc/update-motd.d/51-generalSPF +chmod +x /etc/update-motd.d/51-generalspf systemctl start postfix opendkim systemctl enable postfix opendkim From 98c5dec4d9511c333d90d51450e89c76c0a3d618 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 19:58:48 +0100 Subject: [PATCH 10/30] Mod:Postfix add global option to Seds & fixed cfg --- SubModules/postfix/CMSHook-conf.sh | 2 +- SubModules/postfix/conf.sh | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh index da61e81..e444b23 100644 --- a/SubModules/postfix/CMSHook-conf.sh +++ b/SubModules/postfix/CMSHook-conf.sh @@ -11,7 +11,7 @@ fi curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh -sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEName/'${sitename//_}'/' ~/OpenDKIMInit-$sitename.sh +sed -i -g -e 's/DOMAINname/'$domain'/g' -e 's/SITEName/'${sitename//_}'/g' ~/OpenDKIMInit-$sitename.sh cat << EOF > /etc/update-motd.d/51-opendkim-"${sitename//_}" #!/bin/sh diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 91c6d8a..eb1fc77 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -40,7 +40,7 @@ adduser postfix opendkim rm -rf /etc/opendkim.d mkdir -p /etc/opendkim.d/keys chown opendkim:opendkim /etc/opendkim.d/keys -R -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim.d.conf +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim cat < /etc/opendkim.d/TrustedHosts 127.0.0.1 ::1 @@ -55,7 +55,7 @@ if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist mkdir -p /var/spool/postfix/var/run/opendkim sudo chown opendkim:postfix /var/spool/postfix/var/run/opendkim sed -i "/^RUNDIR=/c\RUNDIR=/var/spool/postfix/var/run/opendkim" /etc/default/opendkim - echo "TrustAnchorFile /usr/share/dns/root.key" >> /etc/opendkim.d/conf + echo "TrustAnchorFile /usr/share/dns/root.key" >> /etc/opendkim.conf bash /lib/opendkim/opendkim.service.generate systemctl daemon-reload fi @@ -65,7 +65,7 @@ sudo --user opendkim mkdir /etc/opendkim.d/keys/"$hostname" sudo --user opendkim opendkim-genkey -r -D /etc/opendkim.d/keys/"$hostname" -d "$hostname" -s $odksec echo ""$odksec"._domainkey."$hostname" "$hostname":"$odksec":/etc/opendkim.d/keys/"$hostname"/"$odksec".private" >> /etc/opendkim.d/KeyTable curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-host.sh -sed -i -e 's/DOMAINname/'$hostname'/' -e 's/SITEName/'host'/' -e 's/vps/'$odksec'/' ~/OpenDKIMInit-host.sh +sed -i -e 's/DOMAINname/'$hostname'/g' -e 's/SITEName/'host'/g' -e 's/vps/'$odksec'/g' ~/OpenDKIMInit-host.sh unset odksec From 402a4b68e56d77e6c51a04219c7375bc2d4c7501 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 20:35:04 +0100 Subject: [PATCH 11/30] Mod:Postfix Fixed typo --- SubModules/postfix/CMSHook-conf.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh index e444b23..9216964 100644 --- a/SubModules/postfix/CMSHook-conf.sh +++ b/SubModules/postfix/CMSHook-conf.sh @@ -11,7 +11,7 @@ fi curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh -sed -i -g -e 's/DOMAINname/'$domain'/g' -e 's/SITEName/'${sitename//_}'/g' ~/OpenDKIMInit-$sitename.sh +sed -i -e 's/DOMAINname/'$domain'/g' -e 's/SITEName/'${sitename//_}'/g' ~/OpenDKIMInit-$sitename.sh cat << EOF > /etc/update-motd.d/51-opendkim-"${sitename//_}" #!/bin/sh From 84cda6333f75967c3fe3786295c3946863c6449a Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 20:58:24 +0100 Subject: [PATCH 12/30] Mod:Postfix bugfixes --- SubModules/postfix/CMSHook-conf.sh | 2 +- SubModules/postfix/CMSHook-preconf.sh | 4 ++-- SubModules/postfix/conf.sh | 3 ++- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh index 9216964..d66962d 100644 --- a/SubModules/postfix/CMSHook-conf.sh +++ b/SubModules/postfix/CMSHook-conf.sh @@ -11,7 +11,7 @@ fi curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh -sed -i -e 's/DOMAINname/'$domain'/g' -e 's/SITEName/'${sitename//_}'/g' ~/OpenDKIMInit-$sitename.sh +sed -i -e 's/DOMAINname/'$maildomain'/g' -e 's/SITEName/'${sitename//_}'/g' ~/OpenDKIMInit-$sitename.sh cat << EOF > /etc/update-motd.d/51-opendkim-"${sitename//_}" #!/bin/sh diff --git a/SubModules/postfix/CMSHook-preconf.sh b/SubModules/postfix/CMSHook-preconf.sh index 7d0bb76..41bf3ed 100644 --- a/SubModules/postfix/CMSHook-preconf.sh +++ b/SubModules/postfix/CMSHook-preconf.sh @@ -19,8 +19,8 @@ if [ $IMODE = l ]; then break;; [Nn]* ) echo 'Enter mail addres for sending mail? ' - read mail - maildomain=$(sed -e 's/[^@]*@//' <<< "$mail") + read mailas + maildomain=$(sed -e 's/[^@]*@//' <<< "$mailas") break;; * )echo "Choose yes or no.";; esac diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index eb1fc77..7cb0f25 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -40,7 +40,8 @@ adduser postfix opendkim rm -rf /etc/opendkim.d mkdir -p /etc/opendkim.d/keys chown opendkim:opendkim /etc/opendkim.d/keys -R -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim.conf +touch /etc/opendkim.d/SigningTable cat < /etc/opendkim.d/TrustedHosts 127.0.0.1 ::1 From af951799b5d2b78ba0e004301b9f57f2036816c3 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 21:08:36 +0100 Subject: [PATCH 13/30] Mod:Postfix added perl-Getopt for centos --- SubModules/postfix/conf.sh | 2 +- SubModules/postfix/dnf.pkg.list | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) create mode 100644 SubModules/postfix/dnf.pkg.list diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 7cb0f25..fab9531 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -36,7 +36,7 @@ EOF # OpenDKIM # ##--------------## -adduser postfix opendkim +useradd -G opendkim postfix rm -rf /etc/opendkim.d mkdir -p /etc/opendkim.d/keys chown opendkim:opendkim /etc/opendkim.d/keys -R diff --git a/SubModules/postfix/dnf.pkg.list b/SubModules/postfix/dnf.pkg.list new file mode 100644 index 0000000..72b8002 --- /dev/null +++ b/SubModules/postfix/dnf.pkg.list @@ -0,0 +1 @@ +perl-Getopt-Long \ No newline at end of file From cbba8b1d1b0e8d4591647e7ea80455d1e9420b23 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 21:17:22 +0100 Subject: [PATCH 14/30] Mod:Postfix fixed opendkim group for postfix --- SubModules/postfix/conf.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index fab9531..f0448f5 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -36,7 +36,7 @@ EOF # OpenDKIM # ##--------------## -useradd -G opendkim postfix +usermod –a –G opendkim postfix rm -rf /etc/opendkim.d mkdir -p /etc/opendkim.d/keys chown opendkim:opendkim /etc/opendkim.d/keys -R From 282851f1ede3e98137ba9d9b5dd8f2b9a7314a41 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 10 Feb 2021 12:02:39 +0100 Subject: [PATCH 15/30] Main:AppendCMS Renamed bck-util cms-handeler Renamed bck-util cms-handeler to CMSHook-conf for future compatibility --- AppendCMS.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index 979e4c8..c76c4d4 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -273,8 +273,8 @@ fi repobckutil=https://git.ictmaatwerk.com/VPS-scripts/Backup-Util branchbckutil=master -if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repobckutil"/raw/branch/"$branchbckutil"/cms-handeler.sh; then - source <(curl --retry 7 --retry-delay 5 -s "$repobckutil"/raw/branch/"$branchbckutil"/cms-handeler.sh) +if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repobckutil"/raw/branch/"$branchbckutil"/CMSHook-conf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$repobckutil"/raw/branch/"$branchbckutil"/CMSHook-conf.sh) fi ##------------## From 81b7e93678c21f3402e2802c3b1bc47b076572dd Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 10 Feb 2021 15:23:22 +0100 Subject: [PATCH 16/30] Main:All Added per CMS config for sub-modules If CMS is installed and a sub-module requires to be configured per CMS, this is handeled by new 'CMSHook-(pre)conf.sh' this has been added to Dev Docs Updated postfix sub-module to use new CMSHook Added 'itype' var for detection of install script type Now also storeing 'Allways on modules' in installer as EnabledAons --- AppendCMS.sh | 56 ++++++++++++++++++++++++++++----- AppendModule.sh | 13 +++++--- Docs/docs/Dev-Adding-Modules.md | 5 ++- SubModules/postfix/conf.sh | 2 +- SubModules/postfix/preconf.sh | 4 --- installer.sh | 46 +++++++++++++++++++++++++++ 6 files changed, 108 insertions(+), 18 deletions(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index c76c4d4..6e70de5 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -1,3 +1,12 @@ +#!/bin/bash + +############################### +# @author: Bram Prieshof # +# @author: Branco van de Waal # +############################### + +itype=AddCMS + ##-----------------## # Fetching Vars # ##-----------------## @@ -29,6 +38,9 @@ declare -n options="$webserv"Options ignphpcms=1 +#Options var setup for enabled sub-modules +option="${SelectedOptions,,}" && option="${option// /}" && option="${option//:/ }" && option="${option//'"'}" +option="$option""$EnabledAons" ##---------------## # Functions # @@ -205,6 +217,23 @@ if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$re source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/"$webserv"-preconf.sh) fi +#Preconfiguring module For CMS +for val1 in ${option[*]}; do + modListed=$(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/extModules.list|grep "$val1") + #Checking + if test -z "$modListed" + then + #Fetching from local repo + if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/CMSHook-preconf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/CMSHook-preconf.sh) + fi + else + #Fetching from remote repo + if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$modListed"CMSHook-preconf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$modListed"CMSHook-preconf.sh) + fi + fi +done ##-------------## # Installer # @@ -267,15 +296,26 @@ if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$re source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/"$webserv"-conf.sh) fi -##--------------------------## -# Backup-util Site Setup # -##--------------------------## +#Configuring Module for CMS + +for val1 in ${option[*]}; do + modListed=$(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/extModules.list|grep "$val1") + #Checking + if test -z "$modListed" + then + #Fetching from local repo + if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/CMSHook-conf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/CMSHook-conf.sh) + fi + else + #Fetching from remote repo + if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$modListed"CMSHook-conf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$modListed"CMSHook-conf.sh) + fi + fi +done + -repobckutil=https://git.ictmaatwerk.com/VPS-scripts/Backup-Util -branchbckutil=master -if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repobckutil"/raw/branch/"$branchbckutil"/CMSHook-conf.sh; then - source <(curl --retry 7 --retry-delay 5 -s "$repobckutil"/raw/branch/"$branchbckutil"/CMSHook-conf.sh) -fi ##------------## # Services # diff --git a/AppendModule.sh b/AppendModule.sh index bdaed34..af2b03f 100644 --- a/AppendModule.sh +++ b/AppendModule.sh @@ -1,13 +1,18 @@ +#!/bin/bash + +############################### +# @author: Bram Prieshof # +# @author: Branco van de Waal # +############################### + +itype=AddMod + ##-----------------## # Fetching Vars # ##-----------------## if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi -##-----------------## -# Fetching Vars # -##-----------------## - source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi diff --git a/Docs/docs/Dev-Adding-Modules.md b/Docs/docs/Dev-Adding-Modules.md index fc95801..1526377 100644 --- a/Docs/docs/Dev-Adding-Modules.md +++ b/Docs/docs/Dev-Adding-Modules.md @@ -14,6 +14,8 @@ In both cases the file structure is expected as shown below * ``-apt.pkg.list * ``-dnf.pkg.list * config/* +* CMSHook-preconf.sh +* CMSHook-conf.sh ## The internal module location SubModules/`` @@ -32,7 +34,8 @@ SubModules/`` | ``-apt.pkg.list | packagelist for specified webserver for distro's that use apt| | ``-dnf.pkg.list | packagelist for specified webserver for distro's that use dnf/yum| | config/* | Directory for config files | - +| CMSHook-conf.sh | Will run as addtional preconf when CSM is installed| +| CMSHook-conf.sh | Will run after a CSM is installed| # Defining in the menu ### Add the following to ModulesMenu.list diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index f0448f5..5af7539 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -85,7 +85,7 @@ systemctl start postfix opendkim systemctl enable postfix opendkim #if using Append module run for existing cms/sites -if [ ! -z "${postfixappended}" ]; then +if [ "$itype" = "AddMod" ]; then for file in /etc/ICTM/sites/*; do sitename="${file##*/}" domain=${sitename//_/.} diff --git a/SubModules/postfix/preconf.sh b/SubModules/postfix/preconf.sh index 0276a07..fec0bd6 100644 --- a/SubModules/postfix/preconf.sh +++ b/SubModules/postfix/preconf.sh @@ -1,7 +1,3 @@ -if [ -z "${domain}" ]; then - postfixappended=1 -fi - if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then debconf-set-selections <<< "postfix postfix/mailname string $hostname" debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'" diff --git a/installer.sh b/installer.sh index dd063b5..2df823d 100644 --- a/installer.sh +++ b/installer.sh @@ -1,5 +1,11 @@ #!/bin/bash +############################### +# @author: Bram Prieshof # +# @author: Branco van de Waal # +############################### + +itype=Main ##--------------------## # Legacy/Main Menu # @@ -435,6 +441,9 @@ if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$re source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/"$webserv"/reqmodules.sh) fi +#saving enabled Allways on modules +echo 'EnabledAons=('$aonoption')' > /etc/ICTM/selopts.list + #Combining selected option with always-on options option="$option""$aonoption" @@ -573,6 +582,24 @@ if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$re source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/"$webserv"-preconf.sh) fi +#Preconfiguring module For CMS +for val1 in ${option[*]}; do + modListed=$(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/extModules.list|grep "$val1") + #Checking + if test -z "$modListed" + then + #Fetching from local repo + if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/CMSHook-preconf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/CMSHook-preconf.sh) + fi + else + #Fetching from remote repo + if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$modListed"CMSHook-preconf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$modListed"CMSHook-preconf.sh) + fi + fi +done + #Saving updated vars for storeme in phpver sqlver PHPMyadmin; do declare -p $storeme | cut -d ' ' -f 3- >> /etc/ICTM/mainvar.list @@ -695,6 +722,25 @@ if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$re fi fi +#Configuring Module for CMS + +for val1 in ${option[*]}; do + modListed=$(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/extModules.list|grep "$val1") + #Checking + if test -z "$modListed" + then + #Fetching from local repo + if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/CMSHook-conf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/CMSHook-conf.sh) + fi + else + #Fetching from remote repo + if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$modListed"CMSHook-conf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$modListed"CMSHook-conf.sh) + fi + fi +done + ##------------## # Services # ##------------## From 064ceafe082fea9933797e6d885aba27e45ca4ac Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 11 Feb 2021 13:37:36 +0100 Subject: [PATCH 17/30] Main:AddCMS removed var ignphpcms Remove var 'ignphpcms' because it is no longer unused --- AppendCMS.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index 6e70de5..7afe15e 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -36,8 +36,6 @@ declare -n options="$webserv"Options # Static-Vars # ##----------------## -ignphpcms=1 - #Options var setup for enabled sub-modules option="${SelectedOptions,,}" && option="${option// /}" && option="${option//:/ }" && option="${option//'"'}" option="$option""$EnabledAons" From 638a8c1525fdb15c92c91b592364ef1ef77de6a9 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 11 Feb 2021 15:18:17 +0100 Subject: [PATCH 18/30] Main:* fix for CMSHooks, Mod:Postfix fix openDKIM Main:Inst Fixed failing to store storing EnabledAons/aonoption Main:AddCMS renamed option to EnOption to avoid resusing variable Mod:Postfix Fixed OpenDKIM usermod --- AppendCMS.sh | 10 +++++----- SubModules/postfix/conf.sh | 2 +- installer.sh | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index 7afe15e..b9385f9 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -37,8 +37,8 @@ declare -n options="$webserv"Options ##----------------## #Options var setup for enabled sub-modules -option="${SelectedOptions,,}" && option="${option// /}" && option="${option//:/ }" && option="${option//'"'}" -option="$option""$EnabledAons" +EnOption="${SelectedOptions[@],,}" && EnOption="${EnOption// /}" && EnOption="${EnOption//:/ }" && EnOption="${EnOption//'"'}" +EnOption="$EnOption""${EnabledAons[@]}" ##---------------## # Functions # @@ -163,7 +163,7 @@ if [ $IMODE = l ]; then done fi -#Cleaning options from menu +#Cleaning CMS from menu CMS="${CMS//:}" && CMS="${CMS,,}" ##-----------------## @@ -216,7 +216,7 @@ if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$re fi #Preconfiguring module For CMS -for val1 in ${option[*]}; do +for val1 in ${EnOption[*]}; do modListed=$(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/extModules.list|grep "$val1") #Checking if test -z "$modListed" @@ -296,7 +296,7 @@ fi #Configuring Module for CMS -for val1 in ${option[*]}; do +for val1 in ${EnOption[*]}; do modListed=$(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/extModules.list|grep "$val1") #Checking if test -z "$modListed" diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 5af7539..408f7d6 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -36,7 +36,7 @@ EOF # OpenDKIM # ##--------------## -usermod –a –G opendkim postfix +usermod -aG opendkim postfix rm -rf /etc/opendkim.d mkdir -p /etc/opendkim.d/keys chown opendkim:opendkim /etc/opendkim.d/keys -R diff --git a/installer.sh b/installer.sh index 2df823d..ad2fc3b 100644 --- a/installer.sh +++ b/installer.sh @@ -442,7 +442,7 @@ if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$re fi #saving enabled Allways on modules -echo 'EnabledAons=('$aonoption')' > /etc/ICTM/selopts.list +echo 'EnabledAons=('$aonoption')' >> /etc/ICTM/selopts.list #Combining selected option with always-on options option="$option""$aonoption" From 1423d72e5306b149fbd78166fb450f583b50e5cb Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 25 Feb 2021 11:34:42 +0100 Subject: [PATCH 19/30] Added rough versioning system --- AppendCMS.sh | 3 +++ AppendModule.sh | 3 +++ Scripts/Compat/Compat-V2.sh | 20 ++++++++++++++++++++ installer.sh | 3 ++- 4 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 Scripts/Compat/Compat-V2.sh diff --git a/AppendCMS.sh b/AppendCMS.sh index b9385f9..15d203c 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -6,6 +6,7 @@ ############################### itype=AddCMS +ScriptCompat=2 ##-----------------## # Fetching Vars # @@ -15,6 +16,8 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list +if [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi + if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi if [ $webserv != nginx_nonphp ]; then if [ ! -f "/etc/ICTM/phpvar.list" ] ; then bash <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/GeneratePhplist.sh) ; fi diff --git a/AppendModule.sh b/AppendModule.sh index af2b03f..48a8acf 100644 --- a/AppendModule.sh +++ b/AppendModule.sh @@ -6,6 +6,7 @@ ############################### itype=AddMod +ScriptCompat=2 ##-----------------## # Fetching Vars # @@ -15,6 +16,8 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list +if [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi + if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi if [ $webserv != nginx_nonphp ]; then if [ ! -f "/etc/ICTM/phpvar.list" ] ; then bash <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/GeneratePhplist.sh) ; fi diff --git a/Scripts/Compat/Compat-V2.sh b/Scripts/Compat/Compat-V2.sh new file mode 100644 index 0000000..f1bc84a --- /dev/null +++ b/Scripts/Compat/Compat-V2.sh @@ -0,0 +1,20 @@ +if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi + +source /etc/ICTM/selopts.list +source /etc/ICTM/mainvar.list + +source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/ModulesMenu.list) + +#Setting Menulist to webserver +declare -n CMSL="$webserv"CMSL +declare -n options="$webserv"Options + +#Updating mod lists +option=$(whiptail --nocancel --title "Additional modules" --checklist "Please select enabled features" 11 74 5 "${options[@]}" 3>&1 1>&2 2>&3) +aonoption="/MySQL/" +aonoption="$aonoption /Unattended-Security-Updates/" +aonoption="$aonoption /Backup-Util/" +aonoption="$aonoption /AcmeSH/" +echo 'SelectedOptions=('$option')' > /etc/ICTM/selopts.list +echo 'EnabledAons=('$aonoption')' >> /etc/ICTM/selopts.list +declare -p CompatVer | cut -d ' ' -f 3- >> /etc/ICTM/mainvar.list \ No newline at end of file diff --git a/installer.sh b/installer.sh index ad2fc3b..aca61b5 100644 --- a/installer.sh +++ b/installer.sh @@ -32,6 +32,7 @@ fi repo=https://git.ictmaatwerk.com/VPS-scripts/Web-V2 branch=PostfixTesting branchtype=branch #=branch for branch and =tag for release +CompatVer=2 #Installer-config phpver=7.4 PHPMyadmin=1 #Overwriten by cms's without php @@ -374,7 +375,7 @@ fi mkdir -p /etc/ICTM/sites echo "InstDate=$(date "+%d-%B-%Y")" >> /etc/ICTM/mainvar.list -for storeme in PKGM PKGI PKGUC PKGUP PKGLIST OUTPUT IMODE shortdist repo branch branchtype webserv email shortdist hostname; do +for storeme in PKGM PKGI PKGUC PKGUP PKGLIST OUTPUT IMODE shortdist repo branch branchtype webserv email shortdist hostname CompatVer; do declare -p $storeme | cut -d ' ' -f 3- >> /etc/ICTM/mainvar.list done From 5a7027810317c6f2f4b923a7d70f497024a940cd Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 26 Feb 2021 12:26:45 +0100 Subject: [PATCH 20/30] Main, Updated version detection --- AppendCMS.sh | 2 +- AppendModule.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index 15d203c..df064f2 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -16,7 +16,7 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list -if [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi +if [ -z ${ScriptCompat} ] || [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi if [ $webserv != nginx_nonphp ]; then diff --git a/AppendModule.sh b/AppendModule.sh index 48a8acf..0bc538f 100644 --- a/AppendModule.sh +++ b/AppendModule.sh @@ -16,7 +16,7 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list -if [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi +if [ -z ${ScriptCompat} ] || [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi if [ $webserv != nginx_nonphp ]; then From 0c62faa0aa5f1ce8174098852ad64eb62cd1385b Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 26 Feb 2021 12:29:05 +0100 Subject: [PATCH 21/30] Main, fixed checking wrong var in version check --- AppendCMS.sh | 2 +- AppendModule.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index df064f2..8456443 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -16,7 +16,7 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list -if [ -z ${ScriptCompat} ] || [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi +if [ -z ${CompatVer} ] || [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi if [ $webserv != nginx_nonphp ]; then diff --git a/AppendModule.sh b/AppendModule.sh index 0bc538f..411056f 100644 --- a/AppendModule.sh +++ b/AppendModule.sh @@ -16,7 +16,7 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list -if [ -z ${ScriptCompat} ] || [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi +if [ -z ${CompatVer} ] || [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi if [ $webserv != nginx_nonphp ]; then From d85678e56040327f330abef9bb8aca24487a02da Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 26 Feb 2021 12:31:56 +0100 Subject: [PATCH 22/30] Script:Compat fixed/added var --- Scripts/Compat/Compat-V2.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Scripts/Compat/Compat-V2.sh b/Scripts/Compat/Compat-V2.sh index f1bc84a..cc8b2c3 100644 --- a/Scripts/Compat/Compat-V2.sh +++ b/Scripts/Compat/Compat-V2.sh @@ -1,10 +1,14 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi +#Getting information and vars source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/ModulesMenu.list) +#NewCompat var +CompatVer=2 + #Setting Menulist to webserver declare -n CMSL="$webserv"CMSL declare -n options="$webserv"Options From b15f8a33ed88340d952f199bed6f6be177202b3a Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 26 Feb 2021 12:51:12 +0100 Subject: [PATCH 23/30] Script:Compat fix for getting option list Forceing "Normal install mode (Whiptail) " since this script requires it. For This sctipt only, since it was unable to get correct module list --- Scripts/Compat/Compat-V2.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/Scripts/Compat/Compat-V2.sh b/Scripts/Compat/Compat-V2.sh index cc8b2c3..d163554 100644 --- a/Scripts/Compat/Compat-V2.sh +++ b/Scripts/Compat/Compat-V2.sh @@ -4,11 +4,13 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list -source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/ModulesMenu.list) - #NewCompat var +IMODE="n" CompatVer=2 +#Getting module list +source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/ModulesMenu.list) + #Setting Menulist to webserver declare -n CMSL="$webserv"CMSL declare -n options="$webserv"Options From 4af278b6f02807b5ec0aaa2159cbcc3407d4a644 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 4 Mar 2021 11:07:27 +0100 Subject: [PATCH 24/30] Main:PhpUp added remove script if cur php is kept --- PhpUpdater.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/PhpUpdater.sh b/PhpUpdater.sh index 41da8d8..d8b41a7 100644 --- a/PhpUpdater.sh +++ b/PhpUpdater.sh @@ -92,6 +92,7 @@ if [ $IMODE = n ]; then $PKGP -y $phpPkgName* else PhpPurge=0 + echo "$PKGP -y $phpPkgName*" > ~/remove-PHP-$phpver fi fi From f28b08792c025e79ea8d70924783ecf06a38fe1e Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 11 Mar 2021 15:43:42 +0100 Subject: [PATCH 25/30] Scrtipt:Compat Cleanup and basic validation --- Scripts/Compat/Compat-V2.sh | 23 ++++++++++------------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/Scripts/Compat/Compat-V2.sh b/Scripts/Compat/Compat-V2.sh index d163554..82786a2 100644 --- a/Scripts/Compat/Compat-V2.sh +++ b/Scripts/Compat/Compat-V2.sh @@ -1,26 +1,23 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi #Getting information and vars -source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list +#CompatUpdater Setup +UpdaterCompatTo=2 +if [ -z ${CompatVer} ]; then CompatVer=1 ; fi +if [ "$CompatVer" -ge "$UpdaterCompatTo" ]; then echo "Web-V2 is update to-date,Update scipt version= $UpdaterCompatTo, Current version= $CompatVer" && exit ; fi + +printf '%s' "Updating Web-V2..." #NewCompat var -IMODE="n" -CompatVer=2 - -#Getting module list -source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/ModulesMenu.list) - -#Setting Menulist to webserver -declare -n CMSL="$webserv"CMSL -declare -n options="$webserv"Options +CompatVer=$UpdaterCompatTo #Updating mod lists -option=$(whiptail --nocancel --title "Additional modules" --checklist "Please select enabled features" 11 74 5 "${options[@]}" 3>&1 1>&2 2>&3) aonoption="/MySQL/" aonoption="$aonoption /Unattended-Security-Updates/" aonoption="$aonoption /Backup-Util/" aonoption="$aonoption /AcmeSH/" -echo 'SelectedOptions=('$option')' > /etc/ICTM/selopts.list echo 'EnabledAons=('$aonoption')' >> /etc/ICTM/selopts.list -declare -p CompatVer | cut -d ' ' -f 3- >> /etc/ICTM/mainvar.list \ No newline at end of file +declare -p CompatVer | cut -d ' ' -f 3- >> /etc/ICTM/mainvar.list + +printf " [\033[0;32mok\033[0m]\n" From 73bf0aa0f468ff60ff589419c75630feb5de2a42 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 12 Mar 2021 14:44:40 +0100 Subject: [PATCH 26/30] Mod:Postfix Made DKIM selector variable This so multiple servers useing Web-V2 can send from the same domain Now using odksec for host selector var and odkdomsec for domain selector var --- SubModules/postfix/CMSHook-conf.sh | 6 +++--- SubModules/postfix/CMSHook-preconf.sh | 18 ++++++++++++++++++ SubModules/postfix/conf.sh | 10 +++++----- SubModules/postfix/opendkim-init.sh | 4 ++-- 4 files changed, 28 insertions(+), 10 deletions(-) diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh index d66962d..ebcacbb 100644 --- a/SubModules/postfix/CMSHook-conf.sh +++ b/SubModules/postfix/CMSHook-conf.sh @@ -1,8 +1,8 @@ #ADD DOMAIN sudo --user opendkim mkdir /etc/opendkim.d/keys/"$maildomain" -sudo --user opendkim opendkim-genkey -r -D /etc/opendkim.d/keys/"$maildomain" -d "$maildomain" -s vps +sudo --user opendkim opendkim-genkey -r -D /etc/opendkim.d/keys/"$maildomain" -d "$maildomain" -s "$odkdomsec" echo "$maildomain" >> /etc/opendkim.d/TrustedHosts -echo "vps._domainkey."$maildomain" "$maildomain":vps:/etc/opendkim.d/keys/"$maildomain"/vps.private" >> /etc/opendkim.d/KeyTable +echo "$odkdomsec._domainkey."$maildomain" "$maildomain":"$odkdomsec":/etc/opendkim.d/keys/"$maildomain"/"$odkdomsec".private" >> /etc/opendkim.d/KeyTable if [ $webserv != nginx_nonphp ]; then echo "" >> "$phpPoolDir"/"$sitename".conf @@ -11,7 +11,7 @@ fi curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh -sed -i -e 's/DOMAINname/'$maildomain'/g' -e 's/SITEName/'${sitename//_}'/g' ~/OpenDKIMInit-$sitename.sh +sed -i -e 's/DOMAINname/'$maildomain'/g' -e 's/SITEName/'${sitename//_}'/g' -e 's/ODKSec/'$odkdomsec'/g' ~/OpenDKIMInit-$sitename.sh cat << EOF > /etc/update-motd.d/51-opendkim-"${sitename//_}" #!/bin/sh diff --git a/SubModules/postfix/CMSHook-preconf.sh b/SubModules/postfix/CMSHook-preconf.sh index 41bf3ed..63c679d 100644 --- a/SubModules/postfix/CMSHook-preconf.sh +++ b/SubModules/postfix/CMSHook-preconf.sh @@ -7,6 +7,11 @@ if [ $IMODE = n ]; then mailas=$(whiptail --nocancel --inputbox " Enter mail addres for sending mail?" 11 78 --title "Config" 3>&1 1>&2 2>&3) maildomain=$(sed -e 's/[^@]*@//' <<< "$mail") fi + if (whiptail --title "Config" --yesno " Use default DKIM selector [vps]?" 11 78); then + odkdomsec=vps + else + odkdomsec=$(whiptail --nocancel --inputbox " Enter DKIM selector" 11 78 --title "Config" 3>&1 1>&2 2>&3) + fi fi if [ $IMODE = l ]; then @@ -25,4 +30,17 @@ if [ $IMODE = l ]; then * )echo "Choose yes or no.";; esac done + while true; do + read -p "Use default DKIM selector [vps]? (y/n)" yn + case $yn in + [Yy]* ) + odkdomsec=vps + break;; + [Nn]* ) + echo 'Enter DKIM selector? ' + read odkdomsec + break;; + * )echo "Choose yes or no.";; + esac + done fi \ No newline at end of file diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 408f7d6..a8c856b 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -61,13 +61,13 @@ if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist systemctl daemon-reload fi -odksec=$(sed 's/\..*$//' <<< $hostname) +odkhsec=$(sed 's/\..*$//' <<< $hostname) sudo --user opendkim mkdir /etc/opendkim.d/keys/"$hostname" -sudo --user opendkim opendkim-genkey -r -D /etc/opendkim.d/keys/"$hostname" -d "$hostname" -s $odksec -echo ""$odksec"._domainkey."$hostname" "$hostname":"$odksec":/etc/opendkim.d/keys/"$hostname"/"$odksec".private" >> /etc/opendkim.d/KeyTable +sudo --user opendkim opendkim-genkey -r -D /etc/opendkim.d/keys/"$hostname" -d "$hostname" -s $odkhsec +echo ""$odkhsec"._domainkey."$hostname" "$hostname":"$odkhsec":/etc/opendkim.d/keys/"$hostname"/"$odkhsec".private" >> /etc/opendkim.d/KeyTable curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-host.sh -sed -i -e 's/DOMAINname/'$hostname'/g' -e 's/SITEName/'host'/g' -e 's/vps/'$odksec'/g' ~/OpenDKIMInit-host.sh -unset odksec +sed -i -e 's/DOMAINname/'$hostname'/g' -e 's/SITEName/'host'/g' -e 's/ODKSec/'$odkhsec'/g' ~/OpenDKIMInit-host.sh +unset odkhsec cat << EOF > /etc/update-motd.d/51-generalspf diff --git a/SubModules/postfix/opendkim-init.sh b/SubModules/postfix/opendkim-init.sh index 8460fc8..c9e5561 100644 --- a/SubModules/postfix/opendkim-init.sh +++ b/SubModules/postfix/opendkim-init.sh @@ -2,7 +2,7 @@ if [ -n "$1" ]; then if [[ "$1" = "--enable" ]]; then echo "Enableing DKIM" - echo "*@DOMAINname vps._domainkey.DOMAINname" >>/etc/opendkim.d/SigningTable + echo "*@DOMAINname ODKSec._domainkey.DOMAINname" >>/etc/opendkim.d/SigningTable systemctl reload opendkim #Remove script while true; do @@ -26,7 +26,7 @@ echo "Optional to enable dkim" echo "ip4:$(curl -s -4 icanhazip.com) ip6:$(curl -s -6 icanhazip.com)" echo "Please add the folloing TXT Record to the DNS of DOMAINname" echo "WARNING the output is split, please combine key before inserting into DNS" -cat /etc/opendkim.d/keys/DOMAINname/vps.txt +cat /etc/opendkim.d/keys/DOMAINname/ODKSec.txt echo "" echo "If DNS is propegated then run \"bash $0 --enable\"" From 0dd431a8d5c8fb4862cb57185012e97a8e7f0017 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 18 Mar 2021 14:34:31 +0100 Subject: [PATCH 27/30] Mod:Postfix updated instructions --- SubModules/postfix/conf.sh | 6 +++--- SubModules/postfix/opendkim-init.sh | 11 +++++++---- 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index a8c856b..323c0a2 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -69,12 +69,12 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules sed -i -e 's/DOMAINname/'$hostname'/g' -e 's/SITEName/'host'/g' -e 's/ODKSec/'$odkhsec'/g' ~/OpenDKIMInit-host.sh unset odkhsec - -cat << EOF > /etc/update-motd.d/51-generalspf +/etc/update-motd.d/51-generalspf +cat << EOF > test.sh #!/bin/sh red='\e[1;31m%s\e[0m\n' printf "\n" -printf \$red "To enable mail for this server add \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" to $hostname SPF" +printf \$red "To enable mail for this server add the folling ip's \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" for $hostname" printf \$red "to enable DKKIM for the hostname run bash ~/OpenDKIMInit-host.sh" printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalspf\"" printf "\n" diff --git a/SubModules/postfix/opendkim-init.sh b/SubModules/postfix/opendkim-init.sh index c9e5561..d8a035a 100644 --- a/SubModules/postfix/opendkim-init.sh +++ b/SubModules/postfix/opendkim-init.sh @@ -20,11 +20,14 @@ if [ -n "$1" ]; then fi fi echo "Required to enable mailing for this system" -echo "Please add the folloing to your SPF Record in the DNS of DOMAINname" -echo "" -echo "Optional to enable dkim" +echo "Please add the folloing to your SPF Record in the DNS of DOMAINname," echo "ip4:$(curl -s -4 icanhazip.com) ip6:$(curl -s -6 icanhazip.com)" -echo "Please add the folloing TXT Record to the DNS of DOMAINname" +echo "" +echo "Alternatively use the 'a' and 'mx' in the SPF record just make sure the server has an 'A' and 'AAA' record pointing to it" +echo "" +echo "" +echo "Optionally to enable dkim" +echo "Add the folloing TXT Record to the DNS of DOMAINname" echo "WARNING the output is split, please combine key before inserting into DNS" cat /etc/opendkim.d/keys/DOMAINname/ODKSec.txt From 22df00dd804158b682e0a094b12b1a4612afc1ae Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 18 Mar 2021 14:46:00 +0100 Subject: [PATCH 28/30] Mod:Postfix added blacklist check reminder --- SubModules/postfix/conf.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 323c0a2..3c60f80 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -75,7 +75,9 @@ cat << EOF > test.sh red='\e[1;31m%s\e[0m\n' printf "\n" printf \$red "To enable mail for this server add the folling ip's \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" for $hostname" -printf \$red "to enable DKKIM for the hostname run bash ~/OpenDKIMInit-host.sh" +printf \$red Check Blacklist using the following url: "https://www.debouncer.com/blacklistlookup?t=$hostname" +printf \n +printf \$red "Optionally, to enable DKIM for the hostname run bash ~/OpenDKIMInit-host.sh" printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalspf\"" printf "\n" EOF From f755e27fb423bab9fa7b90aee1fee8c3e35382ab Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 18 Mar 2021 14:57:42 +0100 Subject: [PATCH 29/30] Mod:Postfix Fixed oopsie --- SubModules/postfix/conf.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 3c60f80..6b9ec0a 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -69,14 +69,14 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules sed -i -e 's/DOMAINname/'$hostname'/g' -e 's/SITEName/'host'/g' -e 's/ODKSec/'$odkhsec'/g' ~/OpenDKIMInit-host.sh unset odkhsec -/etc/update-motd.d/51-generalspf -cat << EOF > test.sh + +cat << EOF > /etc/update-motd.d/51-generalspf #!/bin/sh red='\e[1;31m%s\e[0m\n' printf "\n" printf \$red "To enable mail for this server add the folling ip's \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" for $hostname" -printf \$red Check Blacklist using the following url: "https://www.debouncer.com/blacklistlookup?t=$hostname" -printf \n +printf \$red "Check Blacklist using the following url: 'https://www.debouncer.com/blacklistlookup?t=$hostname'" +printf "\n" printf \$red "Optionally, to enable DKIM for the hostname run bash ~/OpenDKIMInit-host.sh" printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalspf\"" printf "\n" From 31c7ba85c8132f0441feafb278f45675b5658383 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 18 Mar 2021 16:04:53 +0100 Subject: [PATCH 30/30] Mod:Postfix Updated msg's --- SubModules/postfix/conf.sh | 8 ++++++-- SubModules/postfix/opendkim-init.sh | 1 + 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 6b9ec0a..2d4c3b7 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -74,11 +74,15 @@ cat << EOF > /etc/update-motd.d/51-generalspf #!/bin/sh red='\e[1;31m%s\e[0m\n' printf "\n" -printf \$red "To enable mail for this server add the folling ip's \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" for $hostname" +printf \$red "To enable mail for this server add the folling Records for $hostname:" +printf \$red "A record: \$(curl -s -4 icanhazip.com)" +printf \$red "AAA record: \$(curl -s -6 icanhazip.com)" +printf \$red "MX record: '0 mail'" +printf \$red "SPF record: '\"v=spf1 a mx -all\"'" printf \$red "Check Blacklist using the following url: 'https://www.debouncer.com/blacklistlookup?t=$hostname'" printf "\n" printf \$red "Optionally, to enable DKIM for the hostname run bash ~/OpenDKIMInit-host.sh" -printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalspf\"" +printf \$red "Remove notice this by running \"rm /etc/update-motd.d/51-generalspf\"" printf "\n" EOF chmod +x /etc/update-motd.d/51-generalspf diff --git a/SubModules/postfix/opendkim-init.sh b/SubModules/postfix/opendkim-init.sh index d8a035a..4a2c861 100644 --- a/SubModules/postfix/opendkim-init.sh +++ b/SubModules/postfix/opendkim-init.sh @@ -20,6 +20,7 @@ if [ -n "$1" ]; then fi fi echo "Required to enable mailing for this system" +echo "Please make sure a valid MX record, and A/AAA are set for DOMAINname," echo "Please add the folloing to your SPF Record in the DNS of DOMAINname," echo "ip4:$(curl -s -4 icanhazip.com) ip6:$(curl -s -6 icanhazip.com)" echo ""