From d72960d6eef7b5c48a6504a023388b770d156c02 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 26 May 2023 15:26:34 +0000 Subject: [PATCH] Fixed OpenDKIM settings in mail --- bin/.env | 4 ++-- bin/gluerecords.sh | 8 ++++---- lib/mail.sh | 8 +++++++- lib/nextcloud.sh | 4 +++- lib/traefik.sh | 2 +- 5 files changed, 17 insertions(+), 9 deletions(-) diff --git a/bin/.env b/bin/.env index 4f91d8a..dd5845e 100644 --- a/bin/.env +++ b/bin/.env @@ -1,8 +1,8 @@ # Domain name -DOMAIN="customer5.fangfree.com" +DOMAIN="federated.sh" # Company name -COMPANY="Fang Free Inc" +COMPANY="FederatedSH Org" # Country Code (US, HK, GB, JP, etc) COUNTRY="US" diff --git a/bin/gluerecords.sh b/bin/gluerecords.sh index 5431766..e895f2a 100755 --- a/bin/gluerecords.sh +++ b/bin/gluerecords.sh @@ -1,9 +1,9 @@ -#!/bin/bash -x +#!/bin/bash . /federated/lib/functions.sh check_gluerecords() { - echo -ne "\n* Checking glue records for $DOMAIN_NEW.." + echo -ne "\n* Checking glue records for $DOMAIN_NEW to match $EXTERNALIP.\n" # Setup DOMAIN variable for domain or subdomain DOMAIN_ARRAY=(${DOMAIN_NEW//./ }) if [ "${#DOMAIN_ARRAY[@]}" -eq "2" ]; then @@ -30,10 +30,10 @@ check_gluerecords() { CHECK_A2=`dig +noall +authority +additional +norecurse @"$NS_PARENT" NS "$DOMAIN_NEW". | grep A | grep -i ns2.$DOMAIN_NEW | grep $EXTERNALIP` [ $? -ne 0 ] && failcheck "Couldn't find glue / authoritative A record ns2.$DOMAIN_NEW to $EXTERNALIP" - echo -ne "done." + echo -ne "* Glue records are correct!\n\n" } -DOMAIN_NEW="customer5.fangfree.com" +DOMAIN_NEW="federated.sh" EXTERNALIP=`dig @resolver4.opendns.com myip.opendns.com +short 2> /dev/null` [ $? -ne 0 ] && failcheck "Couldn't run dig, dns is not working" check_gluerecords diff --git a/lib/mail.sh b/lib/mail.sh index 7438869..c411d33 100644 --- a/lib/mail.sh +++ b/lib/mail.sh @@ -65,6 +65,8 @@ SPAMASSASSIN_SPAM_TO_INBOX=1 ENABLE_CLAMAV=0 ENABLE_FAIL2BAN=1 ENABLE_POSTGREY=1 +ENABLE_OPENDKIM=1 +ENBALE_OPENDMARC=1 ONE_DIR=1 DMS_DEBUG=0 LOG_LEVEL=debug @@ -157,10 +159,14 @@ start_mail() { # Start service with command to make sure it's up before proceeding start_service "mail" "nc -z $SERVICE_IP 25 &> /dev/null" - # Generate the DKIM DNS key + # Generate the DKIM DNS key and setup + docker exec -it mail setup config dkim docker exec -it mail setup config dkim keysize 2048 domain $DOMAIN &> /dev/null [ $? -ne 0 ] && fail "Couldn't generate DKIM record" + docker exec -it mail bash -c "setup config dkim domain '$DOMAIN'" + [ $? -ne 0 ] && fail "Couldn't setup DKIM domain" + # Insert the DKIM DNS TXT entry into /federated/apps/pdns container DKIM_RECORD_STRIP=`cat /federated/apps/mail/data/tmp/docker-mailserver/opendkim/keys/$DOMAIN/mail.txt | sed 's/.*(//'` DKIM_RECORD=`echo $DKIM_RECORD_STRIP | sed 's/).*//'` diff --git a/lib/nextcloud.sh b/lib/nextcloud.sh index 9560aeb..3badd11 100644 --- a/lib/nextcloud.sh +++ b/lib/nextcloud.sh @@ -212,7 +212,6 @@ PATH=/var/www/html:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/sbin:/bin /var/www/html/occ app:enable spreed /var/www/html/occ app:enable side_menu /var/www/html/occ app:enable richdocuments -/var/www/html/occ mail:account:create admin admin admin@$DOMAIN mail.$DOMAIN 993 ssl admin@$DOMAIN $ADMINPASS mail.$DOMAIN 465 ssl admin@$DOMAIN $ADMINPASS password /var/www/html/occ config:app:set --value https:\/\/collabora.$DOMAIN richdocuments public_wopi_url /var/www/html/occ config:app:set --value https:\/\/collabora.$DOMAIN richdocuments wopi_url /var/www/html/occ config:app:set --value ooxml richdocuments doc_format @@ -243,6 +242,9 @@ start_nextcloud() { docker exec -it -u 33 nextcloud /var/www/html/config.sh &> /dev/null [ $? -ne 0 ] && fail "Couldn't run config.sh inside /federated/apps/nextcloud container" + # Setup admin email account + docker exec -it -u 33 nextcloud bash -c "/var/www/html/occ mail:account:create admin admin admin@$DOMAIN mail.$DOMAIN 993 ssl admin@$DOMAIN $ADMINPASS mail.$DOMAIN 465 ssl admin@$DOMAIN $ADMINPASS password" + kill -9 $SPINPID &> /dev/null echo -ne "done." } diff --git a/lib/traefik.sh b/lib/traefik.sh index 87a7860..b9e9af0 100644 --- a/lib/traefik.sh +++ b/lib/traefik.sh @@ -89,7 +89,7 @@ echo -ne "done." } start_traefik() { - echo -ne "\n* Starting /federated/apps/dns service.." + echo -ne "\n* Starting /federated/apps/traefik service.." spin & SPINPID=$!