mirror of
https://github.com/myvesta/vesta.git
synced 2024-12-03 02:40:25 -08:00
235 lines
9.8 KiB
Plaintext
235 lines
9.8 KiB
Plaintext
#!/bin/bash
|
|
|
|
# info: add new ip and makes email to be sent via that IP only for SMTP authenticated users
|
|
# options: MAIL_HOSTNAME MAIL_IP
|
|
#
|
|
# The function add new ip, add new host for mail, try to generate letsencrypt for it, and makes email to be sent via that IP only for SMTP authenticated users
|
|
|
|
#----------------------------------------------------------#
|
|
# Variable&Function #
|
|
#----------------------------------------------------------#
|
|
|
|
whoami=$(whoami)
|
|
if [ "$whoami" != "root" ]; then
|
|
echo "You must be root to execute this script"
|
|
exit 1
|
|
fi
|
|
|
|
# Importing system environment
|
|
source /etc/profile
|
|
|
|
# Includes
|
|
source /usr/local/vesta/func/main.sh
|
|
|
|
MAIL_HOSTNAME=$1
|
|
MAIL_IP=$2
|
|
|
|
if [ $# -gt 2 ]; then
|
|
NETMASK=$3
|
|
else
|
|
NETMASK='255.255.255.192'
|
|
fi
|
|
|
|
if [ $# -gt 3 ]; then
|
|
INTERFACE=$4
|
|
else
|
|
INTERFACE='eth0'
|
|
fi
|
|
|
|
#----------------------------------------------------------#
|
|
# Verifications #
|
|
#----------------------------------------------------------#
|
|
|
|
check_args '2' "$#" 'MAIL_HOSTNAME MAIL_IP [NETMASK] [INTERFACE]'
|
|
is_domain_format_valid "$MAIL_HOSTNAME"
|
|
is_ip_format_valid "$MAIL_IP"
|
|
|
|
HOST_USER=$($VESTA/bin/v-search-domain-owner "$HOSTNAME")
|
|
if [ -z "$HOST_USER" ]; then
|
|
echo "Error: hostname $HOSTNAME is not created as web domain"
|
|
exit 4
|
|
fi
|
|
|
|
HOST_IP=$($VESTA/bin/v-list-web-domain "$HOST_USER" "$HOSTNAME" | grep 'IP:' | awk '{print $2}')
|
|
|
|
echo "HOSTNAME : $HOSTNAME"
|
|
echo "HOSTNAME IP : $HOST_IP"
|
|
echo "MAIL HOSTNAME: $MAIL_HOSTNAME"
|
|
echo "MAIL_IP : $MAIL_IP"
|
|
if [ $# -gt 2 ]; then
|
|
echo "NETMASK : $NETMASK"
|
|
fi
|
|
if [ $# -gt 3 ]; then
|
|
echo "INTERFACE : $INTERFACE"
|
|
fi
|
|
|
|
#----------------------------------------------------------#
|
|
# Action #
|
|
#----------------------------------------------------------#
|
|
|
|
if [ ! -f "/usr/local/vesta/data/ips/$MAIL_IP" ]; then
|
|
echo "=== Adding IP $MAIL_IP with netmask $NETMASK on interface $INTERFACE"
|
|
$VESTA/bin/v-add-sys-ip "$MAIL_IP" "$NETMASK" "$INTERFACE" 'admin' 'dedicated' '' ''
|
|
fi
|
|
|
|
MAIL_USER=$($VESTA/bin/v-search-domain-owner "$MAIL_HOSTNAME")
|
|
if [ -z "$MAIL_USER" ]; then
|
|
MAIL_USER=$HOST_USER
|
|
echo "=== Creating (sub)domain $MAIL_HOSTNAME"
|
|
$VESTA/bin/v-add-domain "$MAIL_USER" "$MAIL_HOSTNAME" "$MAIL_IP" 'yes'
|
|
echo "=== Deleting www from (sub)domain $MAIL_HOSTNAME"
|
|
www_host="www.$MAIL_HOSTNAME"
|
|
$VESTA/bin/v-delete-web-domain-alias "$MAIL_USER" "$MAIL_HOSTNAME" "$www_host" 'no'
|
|
$VESTA/bin/v-delete-dns-on-web-alias "$MAIL_USER" "$MAIL_HOSTNAME" "$www_host" 'no'
|
|
else
|
|
CURRENT_MAIL_IP=$($VESTA/bin/v-list-web-domain "$MAIL_USER" "$MAIL_HOSTNAME" | grep 'IP:' | awk '{print $2}')
|
|
if [ "$CURRENT_MAIL_IP" != "$MAIL_IP" ]; then
|
|
echo "=== Switching (sub)domain $MAIL_HOSTNAME to IP: $MAIL_IP"
|
|
$VESTA/bin/v-change-web-domain-ip "$MAIL_USER" "$MAIL_HOSTNAME" "$MAIL_IP" 'yes'
|
|
$VESTA/bin/v-change-dns-domain-ip "$MAIL_USER" "$MAIL_HOSTNAME" "$MAIL_IP" 'yes'
|
|
fi
|
|
fi
|
|
|
|
if [ -f "/home/$MAIL_USER/conf/web/ssl.$MAIL_HOSTNAME.ca" ]; then
|
|
echo "=== Signed SSL already installed"
|
|
else
|
|
echo "=== Installing LetsEncrypt for (sub)domain $MAIL_HOSTNAME"
|
|
$VESTA/bin/v-add-letsencrypt-domain "$MAIL_USER" "$MAIL_HOSTNAME" "" "yes"
|
|
if [ $? -ne 0 ]; then
|
|
echo "=== LetsEncrypt installation failed"
|
|
fi
|
|
fi
|
|
|
|
if [ ! -d "/etc/exim4/virtual" ]; then
|
|
echo "=== Creating /etc/exim4/virtual directory"
|
|
mkdir -p /etc/exim4/virtual
|
|
echo "$HOST_IP: $HOSTNAME" > /etc/exim4/virtual/helo_data
|
|
echo "$HOSTNAME: $HOST_IP" > /etc/exim4/virtual/interfaces
|
|
length=$(wc -c </etc/exim4/virtual/helo_data)
|
|
dd if=/dev/null of=/etc/exim4/virtual/helo_data obs="$((length-1))" seek=1 > /dev/null 2>&1
|
|
length=$(wc -c </etc/exim4/virtual/interfaces)
|
|
dd if=/dev/null of=/etc/exim4/virtual/interfaces obs="$((length-1))" seek=1 > /dev/null 2>&1
|
|
fi
|
|
check_grep1=$(grep -c "^$MAIL_IP:" /etc/exim4/virtual/helo_data)
|
|
check_grep2=$(grep -c ": $MAIL_HOSTNAME" /etc/exim4/virtual/helo_data)
|
|
if [ "$check_grep1" -eq 0 ] && [ "$check_grep2" -eq 0 ]; then
|
|
echo "=== Adding $MAIL_IP: $MAIL_HOSTNAME to /etc/exim4/virtual/helo_data"
|
|
echo "" >> /etc/exim4/virtual/helo_data
|
|
echo "$MAIL_IP: $MAIL_HOSTNAME" >> /etc/exim4/virtual/helo_data
|
|
length=$(wc -c </etc/exim4/virtual/helo_data)
|
|
dd if=/dev/null of=/etc/exim4/virtual/helo_data obs="$((length-1))" seek=1 > /dev/null 2>&1
|
|
fi
|
|
check_grep1=$(grep -c "^$MAIL_HOSTNAME:" /etc/exim4/virtual/interfaces)
|
|
check_grep2=$(grep -c ": $MAIL_IP" /etc/exim4/virtual/interfaces)
|
|
if [ "$check_grep1" -eq 0 ] && [ "$check_grep2" -eq 0 ]; then
|
|
echo "=== Adding $MAIL_HOSTNAME: $MAIL_IP to /etc/exim4/virtual/interfaces"
|
|
echo "" >> /etc/exim4/virtual/interfaces
|
|
echo "$MAIL_HOSTNAME: $MAIL_IP" >> /etc/exim4/virtual/interfaces
|
|
length=$(wc -c </etc/exim4/virtual/interfaces)
|
|
dd if=/dev/null of=/etc/exim4/virtual/interfaces obs="$((length-1))" seek=1 > /dev/null 2>&1
|
|
fi
|
|
|
|
echo "=== Generating IP SSL for hostname $HOSTNAME"
|
|
$VESTA/bin/v-make-ip-ssl "$HOST_USER" "$HOSTNAME"
|
|
echo "=== Generating IP SSL for mail hostname $MAIL_HOSTNAME"
|
|
$VESTA/bin/v-make-ip-ssl "$MAIL_USER" "$MAIL_HOSTNAME"
|
|
|
|
check_grep=$(grep -c 'smtp_active_hostname' /etc/exim4/exim4.conf.template)
|
|
if [ "$check_grep" -eq 0 ]; then
|
|
echo "=== patching exim4.conf.template"
|
|
mv /etc/exim4/exim4.conf.template /etc/exim4/exim4.conf.template-backup
|
|
cp /usr/local/vesta/install/debian/12/exim/exim4.conf.template /etc/exim4/exim4.conf.template
|
|
|
|
eximversion=$(exim4 --version | grep '^Exim version ' | awk '{print $3}')
|
|
if (( $(echo "$eximversion < 4.96" | bc -l) )); then
|
|
cp /usr/local/vesta/install/debian/12/exim/exim4.conf.template.without-srs /etc/exim4/exim4.conf.template
|
|
sed -i "s|message_linelength_limit|#message_linelength_limit|g" /etc/exim4/exim4.conf.template
|
|
fi
|
|
|
|
if (( $(echo "$eximversion < 4.94" | bc -l) )); then
|
|
sed -i "s|smtputf8_advertise_hosts|#smtputf8_advertise_hosts|g" /etc/exim4/exim4.conf.template
|
|
fi
|
|
|
|
sed -i "s|FIRSTIP|$HOST_IP|g" /etc/exim4/exim4.conf.template
|
|
sed -i "s|SECONDIP|$MAIL_IP|g" /etc/exim4/exim4.conf.template
|
|
sed -i "s|FIRSTHOST|$HOSTNAME|g" /etc/exim4/exim4.conf.template
|
|
sed -i "s|SECONDHOST|$MAIL_HOSTNAME|g" /etc/exim4/exim4.conf.template
|
|
sed -i "s|#local_interfaces|local_interfaces|g" /etc/exim4/exim4.conf.template
|
|
sed -i "s|#smtp_active_hostname|smtp_active_hostname|g" /etc/exim4/exim4.conf.template
|
|
sed -i "s|#smtp_banner|smtp_banner|g" /etc/exim4/exim4.conf.template
|
|
sed -i "s|#interface =|interface =|g" /etc/exim4/exim4.conf.template
|
|
sed -i "s|#helo_data =|helo_data =|g" /etc/exim4/exim4.conf.template
|
|
/usr/local/vesta/bin/v-sed 'tls_certificate = /usr/local/vesta/ssl/certificate.crt' 'tls_certificate = /usr/local/vesta/ssl/$received_ip_address.crt' '/etc/exim4/exim4.conf.template'
|
|
/usr/local/vesta/bin/v-sed 'tls_privatekey = /usr/local/vesta/ssl/certificate.key' 'tls_privatekey = /usr/local/vesta/ssl/$received_ip_address.key' '/etc/exim4/exim4.conf.template'
|
|
touch /etc/exim4/limit_per_email_account_max_sent_emails_per_hour
|
|
touch /etc/exim4/limit_per_email_account_max_recipients
|
|
touch /etc/exim4/limit_per_hosting_account_max_sent_emails_per_hour
|
|
touch /etc/exim4/limit_per_hosting_account_max_recipients
|
|
check_grep=$(grep -c '#SPAMASSASSIN' /etc/exim4/exim4.conf.template-backup)
|
|
if [ "$check_grep" -eq 0 ]; then
|
|
sed -i "s|#SPAMASSASSIN|SPAMASSASSIN|g" /etc/exim4/exim4.conf.template
|
|
fi
|
|
check_grep=$(grep -c '#SPAM_SCORE' /etc/exim4/exim4.conf.template-backup)
|
|
if [ "$check_grep" -eq 0 ]; then
|
|
sed -i "s|#SPAM_SCORE|SPAM_SCORE|g" /etc/exim4/exim4.conf.template
|
|
fi
|
|
check_grep=$(grep -c '#CLAMD' /etc/exim4/exim4.conf.template-backup)
|
|
if [ "$check_grep" -eq 0 ]; then
|
|
sed -i "s|#CLAMD|CLAMD|g" /etc/exim4/exim4.conf.template
|
|
fi
|
|
systemctl restart exim4
|
|
if [ $? -ne 0 ]; then
|
|
systemctl status exim4
|
|
cp /etc/exim4/exim4.conf.template-backup /etc/exim4/exim4.conf.template
|
|
systemctl restart exim4
|
|
echo "=== Patching failed, old exim conf returned, exim4 restarted again."
|
|
exit 1
|
|
fi
|
|
echo "=== Patching successful"
|
|
else
|
|
echo "=== exim4.conf.template already patched"
|
|
fi
|
|
|
|
check_grep=$(grep -c 'v-make-ip-ssl' /usr/local/vesta/conf/vesta.conf)
|
|
if [ "$check_grep" -eq 0 ]; then
|
|
echo "=== Set UPDATE_SSL_SCRIPT to 'v-make-ip-ssl'"
|
|
echo "UPDATE_SSL_SCRIPT='/usr/local/vesta/bin/v-make-ip-ssl'" >> /usr/local/vesta/conf/vesta.conf
|
|
else
|
|
echo "=== Value UPDATE_SSL_SCRIPT is already 'v-make-ip-ssl'"
|
|
fi
|
|
|
|
check_grep=$(grep -c "ip4:$MAIL_IP" /usr/local/vesta/data/templates/dns/default.tpl)
|
|
if [ "$check_grep" -eq 0 ]; then
|
|
echo "=== Adding IP to SPF"
|
|
sed -i "s|ip4:%ip%|ip4:%ip% ip4:$MAIL_IP|g" /usr/local/vesta/data/templates/dns/default.tpl
|
|
NOTFOUNDVAL="ip4:$MAIL_IP"
|
|
OLDVAL="ip4:$HOST_IP"
|
|
NEWVAL="ip4:$HOST_IP ip4:$MAIL_IP"
|
|
find /usr/local/vesta/data/users/*/dns/ -type f -exec grep -L "$NOTFOUNDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
|
|
find /home/*/conf/dns/ -type f -exec grep -L "$NOTFOUNDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
|
|
service bind9 reload
|
|
fi
|
|
|
|
echo "=== Done!"
|
|
|
|
ptr=$(dig +short -x $MAIL_IP)
|
|
ptr_len=${#ptr}
|
|
ptr_len=$((ptr_len-1))
|
|
ptr=${ptr:0:ptr_len}
|
|
if [ "$ptr" != "$MAIL_HOSTNAME" ]; then
|
|
echo "=============================================================================="
|
|
echo "WARNING:"
|
|
echo "PTR record (reverse DNS) for IP $MAIL_IP is $ptr"
|
|
echo "PTR record (reverse DNS) for IP $MAIL_IP should be $MAIL_HOSTNAME"
|
|
echo "=============================================================================="
|
|
fi
|
|
|
|
#----------------------------------------------------------#
|
|
# Vesta #
|
|
#----------------------------------------------------------#
|
|
|
|
# Logging
|
|
log_event "$OK" "$ARGUMENTS"
|
|
|
|
exit
|