server-dotfiles/mail/setup.sh

366 lines
8.3 KiB
Bash
Raw Normal View History

2020-11-29 13:14:23 +01:00
#! /bin/bash
2020-07-14 11:07:33 +02:00
2021-01-30 15:49:10 +01:00
# version v0.2.4 stable
# executed manually (via Make)
# task wrapper for various setup scripts
2020-07-14 11:07:33 +02:00
2021-01-30 15:49:10 +01:00
SCRIPT='setup.sh'
2020-07-14 11:07:33 +02:00
2020-11-29 13:14:23 +01:00
set -euEo pipefail
2021-01-30 15:49:10 +01:00
trap '__log_err ${FUNCNAME[0]:-"?"} ${BASH_COMMAND:-"?"} ${LINENO:-"?"} ${?:-"?"}' ERR
2020-11-29 13:14:23 +01:00
trap '_unset_vars || :' EXIT
function __log_err
{
printf "\n \e[1m\e[31mUNCHECKED ERROR\e[0m\n%s\n%s\n%s\n%s\n\n" \
2021-01-30 15:49:10 +01:00
" script = ${SCRIPT:-${0}}" \
" function = ${1} / ${2}" \
" line = ${3}" \
" exit code = ${4}" >&2
2020-07-14 11:07:33 +02:00
}
2020-11-29 13:14:23 +01:00
function _unset_vars
{
unset CDIR CRI INFO IMAGE_NAME CONTAINER_NAME DEFAULT_CONFIG_PATH
unset USE_CONTAINER WISHED_CONFIG_PATH CONFIG_PATH VOLUME USE_TTY
unset SCRIPT USING_SELINUX
}
function _get_current_directory
{
if dirname "$(readlink -f "${0}")" &>/dev/null
then
2021-01-30 15:49:10 +01:00
CDIR="$(dirname "$(readlink -f "${0}")")"
2020-11-29 13:14:23 +01:00
elif realpath -e -L "${0}" &>/dev/null
then
CDIR="$(realpath -e -L "${0}")"
CDIR="${CDIR%/setup.sh}"
2020-07-14 11:07:33 +02:00
fi
2020-11-29 13:14:23 +01:00
}
2020-07-14 11:07:33 +02:00
2020-11-29 13:14:23 +01:00
CDIR="$(pwd)"
_get_current_directory
2020-07-14 11:07:33 +02:00
2020-11-29 13:14:23 +01:00
CRI=
INFO=
IMAGE_NAME=
2021-01-30 15:49:10 +01:00
CONTAINER_NAME=
2020-11-29 13:14:23 +01:00
DEFAULT_CONFIG_PATH="${CDIR}/config"
2020-07-14 11:07:33 +02:00
USE_CONTAINER=false
2020-11-29 13:14:23 +01:00
WISHED_CONFIG_PATH=
CONFIG_PATH=
VOLUME=
USE_TTY=
USING_SELINUX=
function _check_root
{
if [[ ${EUID} -ne 0 ]]
then
echo "Curently docker-mailserver doesn't support podman's rootless mode, please run this script as root user."
2021-01-30 15:49:10 +01:00
exit 1
2020-11-29 13:14:23 +01:00
fi
}
2020-07-14 11:07:33 +02:00
2020-11-29 13:14:23 +01:00
function _update_config_path
{
if [[ -n ${CONTAINER_NAME} ]]
then
VOLUME=$(${CRI} inspect "${CONTAINER_NAME}" \
2020-07-14 11:07:33 +02:00
--format="{{range .Mounts}}{{ println .Source .Destination}}{{end}}" | \
grep "/tmp/docker-mailserver$" 2>/dev/null)
fi
2020-11-29 13:14:23 +01:00
if [[ -n ${VOLUME} ]]
then
CONFIG_PATH=$(echo "${VOLUME}" | awk '{print $1}')
2020-07-14 11:07:33 +02:00
fi
}
2020-11-29 13:14:23 +01:00
function _inspect
{
if _docker_image_exists "${IMAGE_NAME}"
then
echo "Image: ${IMAGE_NAME}"
2020-07-14 11:07:33 +02:00
else
2020-11-29 13:14:23 +01:00
echo "Image: '${IMAGE_NAME}' cant be found."
2020-07-14 11:07:33 +02:00
fi
2020-11-29 13:14:23 +01:00
if [[ -n ${CONTAINER_NAME} ]]
then
echo "Container: ${CONTAINER_NAME}"
echo "Config mount: ${CONFIG_PATH}"
2020-07-14 11:07:33 +02:00
else
echo "Container: Not running, please start docker-mailserver."
fi
}
2020-11-29 13:14:23 +01:00
function _usage
{
2021-01-30 15:49:10 +01:00
echo "${SCRIPT:-${0}} Bootstrapping Script
2020-11-29 13:14:23 +01:00
Usage: ${0} [-i IMAGE_NAME] [-c CONTAINER_NAME] <subcommand> <subcommand> [args]
2020-07-14 11:07:33 +02:00
OPTIONS:
2021-01-30 15:49:10 +01:00
-i IMAGE_NAME The name of the docker-mailserver image
The default value is
'docker.io/mailserver/docker-mailserver:latest'
2020-07-14 11:07:33 +02:00
-c CONTAINER_NAME The name of the running container.
2020-11-29 13:14:23 +01:00
-p PATH Config folder path (default: ${CDIR}/config)
-h Show this help dialogue
-z Allow container access to the bind mount content
that is shared among multiple containers
on a SELinux-enabled host.
-Z Allow container access to the bind mount content
that is private and unshared with other containers
on a SELinux-enabled host.
2020-07-14 11:07:33 +02:00
SUBCOMMANDS:
email:
2020-11-29 13:14:23 +01:00
${0} email add <email> [<password>]
${0} email update <email> [<password>]
${0} email del <email>
${0} email restrict <add|del|list> <send|receive> [<email>]
${0} email list
2020-07-14 11:07:33 +02:00
alias:
2020-11-29 13:14:23 +01:00
${0} alias add <email> <recipient>
${0} alias del <email> <recipient>
${0} alias list
2020-07-14 11:07:33 +02:00
quota:
2020-11-29 13:14:23 +01:00
${0} quota set <email> [<quota>]
${0} quota del <email>
2020-07-14 11:07:33 +02:00
config:
2021-01-30 15:49:10 +01:00
${0} config dkim <keysize> (default: 4096) <domain> (optional - for LDAP systems)
2020-11-29 13:14:23 +01:00
${0} config ssl <fqdn>
2020-07-14 11:07:33 +02:00
relay:
2020-11-29 13:14:23 +01:00
${0} relay add-domain <domain> <host> [<port>]
${0} relay add-auth <domain> <username> [<password>]
${0} relay exclude-domain <domain>
2020-07-14 11:07:33 +02:00
debug:
2020-11-29 13:14:23 +01:00
${0} debug fetchmail
${0} debug fail2ban [<unban> <ip-address>]
${0} debug show-mail-logs
${0} debug inspect
${0} debug login <commands>
help: Show this help dialogue
2020-07-14 11:07:33 +02:00
"
}
2020-11-29 13:14:23 +01:00
function _docker_image_exists
{
2021-01-30 15:49:10 +01:00
${CRI} history -q "${1}" &>/dev/null
return ${?}
2020-07-14 11:07:33 +02:00
}
2020-11-29 13:14:23 +01:00
function _docker_image
{
if ${USE_CONTAINER}
then
# reuse existing container specified on command line
${CRI} exec "${USE_TTY}" "${CONTAINER_NAME}" "${@}"
2020-07-14 11:07:33 +02:00
else
2020-11-29 13:14:23 +01:00
# start temporary container with specified image
if ! _docker_image_exists "${IMAGE_NAME}"
then
echo "Image '${IMAGE_NAME}' not found. Pulling ..."
${CRI} pull "${IMAGE_NAME}"
2020-07-14 11:07:33 +02:00
fi
2020-11-29 13:14:23 +01:00
${CRI} run --rm \
-v "${CONFIG_PATH}":/tmp/docker-mailserver"${USING_SELINUX}" \
"${USE_TTY}" "${IMAGE_NAME}" "${@}"
2020-07-14 11:07:33 +02:00
fi
}
2020-11-29 13:14:23 +01:00
function _docker_container
{
if [[ -n ${CONTAINER_NAME} ]]
then
${CRI} exec "${USE_TTY}" "${CONTAINER_NAME}" "${@}"
2020-07-14 11:07:33 +02:00
else
2021-01-30 15:49:10 +01:00
echo "The mailserver is not running!"
exit 1
2020-07-14 11:07:33 +02:00
fi
}
2020-11-29 13:14:23 +01:00
function _main
{
2021-01-30 15:49:10 +01:00
if command -v docker &>/dev/null
2020-11-29 13:14:23 +01:00
then
CRI=docker
2021-01-30 15:49:10 +01:00
elif command -v podman &>/dev/null
2020-11-29 13:14:23 +01:00
then
CRI=podman
_check_root
else
echo "No supported Container Runtime Interface detected."
exit 10
2020-07-14 11:07:33 +02:00
fi
2021-01-30 15:49:10 +01:00
INFO=$(${CRI} ps --no-trunc --format "{{.Image}};{{.Names}}" --filter \
label=org.opencontainers.image.title="docker-mailserver" | tail -1)
2020-11-29 13:14:23 +01:00
IMAGE_NAME=${INFO%;*}
CONTAINER_NAME=${INFO#*;}
if [[ -z ${IMAGE_NAME} ]]
then
2021-01-30 15:49:10 +01:00
IMAGE_NAME=${NAME:-docker.io/mailserver/docker-mailserver:latest}
2020-11-29 13:14:23 +01:00
fi
2020-07-14 11:07:33 +02:00
2021-01-30 15:49:10 +01:00
if test -t 0
2020-11-29 13:14:23 +01:00
then
USE_TTY="-ti"
2021-01-30 15:49:10 +01:00
else
# GitHub Actions will fail (or really anything else
# lacking an interactive tty) if we don't set a
# value here; "-t" alone works for these cases.
USE_TTY="-t"
2020-11-29 13:14:23 +01:00
fi
2020-07-14 11:07:33 +02:00
2020-11-29 13:14:23 +01:00
local OPTIND
while getopts ":c:i:p:hzZ" OPT
do
case ${OPT} in
i ) IMAGE_NAME="${OPTARG}" ;;
z ) USING_SELINUX=":z" ;;
Z ) USING_SELINUX=":Z" ;;
c )
# container specified, connect to running instance
CONTAINER_NAME="${OPTARG}"
USE_CONTAINER=true
2020-07-14 11:07:33 +02:00
;;
2020-11-29 13:14:23 +01:00
h )
2020-07-14 11:07:33 +02:00
_usage
2020-11-29 13:14:23 +01:00
return
2020-07-14 11:07:33 +02:00
;;
2020-11-29 13:14:23 +01:00
p )
case "${OPTARG}" in
/* ) WISHED_CONFIG_PATH="${OPTARG}" ;;
* ) WISHED_CONFIG_PATH="${CDIR}/${OPTARG}" ;;
esac
2020-07-14 11:07:33 +02:00
2020-11-29 13:14:23 +01:00
if [[ ! -d ${WISHED_CONFIG_PATH} ]]
then
echo "Directory doesn't exist"
2020-07-14 11:07:33 +02:00
_usage
2020-11-29 13:14:23 +01:00
exit 40
2020-07-14 11:07:33 +02:00
fi
;;
2020-11-29 13:14:23 +01:00
* )
echo "Invalid option: -${OPTARG}" >&2
2020-07-14 11:07:33 +02:00
;;
2020-11-29 13:14:23 +01:00
2020-07-14 11:07:33 +02:00
esac
2020-11-29 13:14:23 +01:00
done
shift $(( OPTIND - 1 ))
if [[ -z ${WISHED_CONFIG_PATH} ]]
then
# no wished config path
_update_config_path
if [[ -z ${CONFIG_PATH} ]]
then
CONFIG_PATH=${DEFAULT_CONFIG_PATH}
fi
else
CONFIG_PATH=${WISHED_CONFIG_PATH}
fi
case ${1:-} in
email)
shift ; case ${1:-} in
add ) shift ; _docker_image addmailuser "${@}" ;;
update ) shift ; _docker_image updatemailuser "${@}" ;;
del ) shift ; _docker_image delmailuser "${@}" ;;
restrict ) shift ; _docker_container restrict-access "${@}" ;;
list ) _docker_image listmailuser ;;
* ) _usage ;;
esac
;;
alias)
shift ; case ${1:-} in
add ) shift ; _docker_image addalias "${1}" "${2}" ;;
del ) shift ; _docker_image delalias "${1}" "${2}" ;;
list ) shift ; _docker_image listalias ;;
* ) _usage ;;
esac
;;
quota)
shift ; case ${1:-} in
set ) shift ; _docker_image setquota "${@}" ;;
del ) shift ; _docker_image delquota "${@}" ;;
2021-01-30 15:49:10 +01:00
* ) _usage ;;
2020-11-29 13:14:23 +01:00
esac
;;
config)
shift ; case ${1:-} in
2021-01-30 15:49:10 +01:00
dkim ) _docker_image generate-dkim-config "${2:-4096}" "${3:-}" ;;
2020-11-29 13:14:23 +01:00
ssl ) _docker_image generate-ssl-certificate "${2}" ;;
* ) _usage ;;
esac
;;
relay)
shift ; case ${1:-} in
add-domain ) shift ; _docker_image addrelayhost "${@}" ;;
add-auth ) shift ; _docker_image addsaslpassword "${@}" ;;
exclude-domain ) shift ; _docker_image excluderelaydomain "${@}" ;;
* ) _usage ;;
esac
;;
debug)
shift ; case ${1:-} in
fetchmail ) _docker_image debug-fetchmail ;;
fail2ban ) shift ; _docker_container fail2ban "${@}" ;;
show-mail-logs ) _docker_container cat /var/log/mail/mail.log ;;
inspect ) _inspect ;;
login )
shift
if [[ -z ${1:-''} ]]
then
_docker_container /bin/bash
else
_docker_container /bin/bash -c "${@}"
fi
;;
* ) _usage ; exit 1 ;;
esac
;;
help ) _usage ;;
* ) _usage ; exit 1 ;;
esac
}
2020-07-14 11:07:33 +02:00
2020-11-29 13:14:23 +01:00
_main "${@}"