commit 9f861cada475780127d3739298605d1abeded7d1
parent b86c8bf2ab50f23f06c0125ce169e56b69edcde2
Author: Petar Yotsev <petar@yotsev.xyz>
Date: Sun, 19 Dec 2021 13:53:27 +0000
Fix a lot of bugs
Diffstat:
3 files changed, 35 insertions(+), 37 deletions(-)
diff --git a/files/local.conf b/files/local.conf
@@ -15,11 +15,10 @@ ssl_key = </etc/ssl/private/<maildom>.key
ssl_min_protocol = TLSv1.2
ssl_cipher_list = ALL:!LOW:!EXP:!aNULL
ssl_prefer_server_ciphers = yes
-auth_mechanisms = plain login
-auth_username_format = %n
# user authentication
+auth_mechanisms = plain login
first_valid_uid = 2000
first_valid_gid = 2000
userdb {
@@ -123,5 +122,8 @@ protocol imap {
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext imapsieve vnd.dovecot.imapsieve
+#
# OpenBSD specific
+#
+
mmap_disable = yes
diff --git a/files/smtpd.conf b/files/smtpd.conf
@@ -13,7 +13,7 @@ table domains file:/etc/mail/domains
filter "rspamd" proc-exec "/usr/local/libexec/smtpd/filter-rspamd"
# listen directives
-listen on egress port 587 tls-require pki "mail" \
+listen on all port 587 tls-require pki "mail" \
hostname "<maildom>" auth <credentials> filter "rspamd"
action "local" mbox alias <aliases>
diff --git a/mmv b/mmv
@@ -2,7 +2,6 @@
domain=$1
maildom="mail.$domain"
-firstuse="true"
failed="false"
replace() { \
@@ -22,27 +21,21 @@ failure() { \
failed="true"
}
+# first use?
+if [ ! -f /etc/mail/maindom ]; then
+
#
# register domain
#
-[ -f /etc/mail/maindom ] && firstuse="false"
-
-if [ $firstuse = "true" ]; then
- echo "$domain" > /etc/mail/maindom
- echo "$domain" >> /etc/mail/domains
- success "Setting up email for the first time"
-else
- echo "$domain" >> /etc/mail/domains
- success "Adding domain $domain to existing setup"
-fi
+echo "$domain" > /etc/mail/maindom &&
+echo "$domain" >> /etc/mail/domains &&
+success "Setting up email for the first time"
#
# install required software
#
-[ $firstuse = "true" ] &&
-
pkg_add -u &&
pkg_add -I opensmtpd-extras opensmtpd-filter-rspamd dovecot \
dovecot-pigeonhole rspamd-3.0 redis sieve tor &&
@@ -54,8 +47,6 @@ failure "Failed to install required software"
# certs
#
-[ $firstuse = "true" ] &&
-
replace files/acme-client.conf >> /etc/acme-client.conf &&
replace files/httpd.conf >> /etc/httpd.conf &&
@@ -74,8 +65,6 @@ failure "Failed to sign tls certificates (letsencrypt)"
# vmail user & authentication
#
-[ $firstuse = "true" ] &&
-
touch /etc/mail/credentials &&
chmod 0440 /etc/mail/credentials &&
chown _smtpd:_dovecot /etc/mail/credentials &&
@@ -93,12 +82,11 @@ failure "Failed to createvmail user & authentication file"
# smtpd
#
-[ $firstuse = "true" ] &&
-
replace files/smtpd.conf > /etc/mail/smtpd.conf &&
cp files/madduser /usr/local/bin/ &&
cp files/mdeluser /usr/local/bin/ &&
+cp files/mpasswd /usr/local/bin/ &&
rcctl restart smtpd &&
@@ -109,8 +97,6 @@ failure "Failed to configure OpenSMTPD"
# dovecot
#
-[ $firstuse = "true" ] &&
-
echo "dovecot:\\
:openfiles-cur=1024:\\
:openfiles-max=2048:\\
@@ -146,8 +132,6 @@ failure "Failed to configure Dovecot"
# rspamd
#
-[ $firstuse = "true" ] &&
-
mkdir -p /etc/mail/dkim &&
openssl genrsa -out /etc/mail/dkim/$domain.key 1024 &&
openssl rsa -in /etc/mail/dkim/$domain.key \
@@ -168,7 +152,7 @@ failure "Failed to configure rspamd"
# tor hidden service
#
-patch /etc/tor/torrc files/torrc.diff
+patch /etc/tor/torrc files/torrc.diff &&
rcctl enable tor &&
rcctl start tor &&
@@ -180,8 +164,6 @@ failure "Failed to configure tor"
# dns
#
-[ $firstuse = "true" ] &&
-
pub_key=$(grep -v -e "---" /etc/mail/dkim/public.key | tr -d '\n' ) &&
mkdir -p /etc/mail/dns/$domain &&
echo "mail._domainkey.$domain. IN TXT \"v=DKIM1;k=rsa;p=$pub_key\"" > /etc/mail/dns/$domain/dkim &&
@@ -189,20 +171,14 @@ echo "$domain. IN TXT \"v=spf1 mx -all\"" > /etc/mail/dns/$domain/spf &&
echo "_dmarc.$domain. IN TXT
\"v=DMARC1;p=quarantine;pct=100;rua=mailto:postmaster@$domain\"" > /etc/mail/dns/$domain/dmarc &&
echo "$domain. IN MX 0 $maildom." > /etc/mail/dns/$domain/mx &&
-success "Wrote relevant dns records in /etc/mail/dns/$domain/"
-
-[ $firstuse = "false" ] &&
-
-echo "$domain. IN MX 0 $maildom." > /etc/mail/dns/$domain/mx &&
success "Wrote relevant dns records in /etc/mail/dns/$domain/" ||
failure "Failed to write relevant dns records in /etc/mail/dns/$domain/"
#
# setup admin account
#
-# TODO: does .forward work with virtual users?
-[ $firstuse = "true" ] &&
+# TODO: does .forward work with virtual users?
success \
"The creation of an admin account is required for this setup! Email to
@@ -210,7 +186,27 @@ it can be forwarded to an email address written in:
/var/vmail/$domain/admin/.forward
Choose a password for the \"admin\" user." &&
-madduser $domain admin
+madduser admin@$domain
+
+else
+
+#
+# register domain
+#
+
+echo "$domain" >> /etc/mail/domains
+success "Adding domain $domain to existing setup"
+
+#
+# dns
+#
+
+mkdir /etc/mail/dns/$domain
+echo "$domain. IN MX 0 $maildom." > /etc/mail/dns/$domain/mx &&
+success "Wrote relevant dns records in /etc/mail/dns/$domain/" ||
+failure "Failed to write relevant dns records in /etc/mail/dns/$domain/"
+
+fi
#
# final status
