2022-10-17 08:40:09 +00:00
|
|
|
#!/bin/bash
|
2022-08-22 06:31:32 +00:00
|
|
|
|
|
|
|
# shellcheck disable=SC2034
|
|
|
|
declare -A VARS
|
|
|
|
|
2023-05-25 23:01:41 +00:00
|
|
|
function _early_variables_setup() {
|
2023-02-26 10:42:14 +00:00
|
|
|
_obtain_hostname_and_domainname
|
2023-02-28 09:25:23 +00:00
|
|
|
__environment_variables_backwards_compatibility
|
|
|
|
__environment_variables_general_setup
|
2023-02-26 10:42:14 +00:00
|
|
|
}
|
2022-08-22 06:31:32 +00:00
|
|
|
|
|
|
|
# This function handles variables that are deprecated. This allows a
|
|
|
|
# smooth transition period, without the need of removing a variable
|
|
|
|
# completely with a single version.
|
2023-05-25 23:01:41 +00:00
|
|
|
function __environment_variables_backwards_compatibility() {
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ ${ENABLE_LDAP:-0} -eq 1 ]]; then
|
2022-08-22 06:31:32 +00:00
|
|
|
_log 'warn' "'ENABLE_LDAP=1' is deprecated (and will be removed in v13.0.0) => use 'ACCOUNT_PROVISIONER=LDAP' instead"
|
|
|
|
ACCOUNT_PROVISIONER='LDAP'
|
|
|
|
fi
|
|
|
|
|
|
|
|
# TODO this can be uncommented in a PR handling the HOSTNAME/DOMAINNAME issue
|
|
|
|
# TODO see check_for_changes.sh and dns.sh
|
|
|
|
# if [[ -n ${OVERRIDE_HOSTNAME:-} ]]
|
|
|
|
# then
|
|
|
|
# _log 'warn' "'OVERRIDE_HOSTNAME' is deprecated (and will be removed in v13.0.0) => use 'DMS_FQDN' instead"
|
|
|
|
# [[ -z ${DMS_FQDN} ]] && DMS_FQDN=${OVERRIDE_HOSTNAME}
|
|
|
|
# fi
|
|
|
|
}
|
|
|
|
|
|
|
|
# This function sets almost all environment variables. This involves setting
|
|
|
|
# a default if no value was provided and writing the variable and its value
|
|
|
|
# to the VARS map.
|
2023-05-25 23:01:41 +00:00
|
|
|
function __environment_variables_general_setup() {
|
2022-08-22 06:31:32 +00:00
|
|
|
_log 'debug' 'Handling general environment variable setup'
|
|
|
|
|
|
|
|
# these variables must be defined first
|
|
|
|
# they are used as default values for other variables
|
|
|
|
|
|
|
|
VARS[POSTMASTER_ADDRESS]="${POSTMASTER_ADDRESS:=postmaster@${DOMAINNAME}}"
|
|
|
|
VARS[REPORT_RECIPIENT]="${REPORT_RECIPIENT:=${POSTMASTER_ADDRESS}}"
|
|
|
|
VARS[REPORT_SENDER]="${REPORT_SENDER:=mailserver-report@${HOSTNAME}}"
|
|
|
|
|
|
|
|
_log 'trace' 'Setting anti-spam & anti-virus environment variables'
|
|
|
|
|
|
|
|
VARS[AMAVIS_LOGLEVEL]="${AMAVIS_LOGLEVEL:=0}"
|
|
|
|
VARS[CLAMAV_MESSAGE_SIZE_LIMIT]="${CLAMAV_MESSAGE_SIZE_LIMIT:=25M}"
|
|
|
|
VARS[FAIL2BAN_BLOCKTYPE]="${FAIL2BAN_BLOCKTYPE:=drop}"
|
|
|
|
VARS[MOVE_SPAM_TO_JUNK]="${MOVE_SPAM_TO_JUNK:=1}"
|
|
|
|
VARS[POSTGREY_AUTO_WHITELIST_CLIENTS]="${POSTGREY_AUTO_WHITELIST_CLIENTS:=5}"
|
|
|
|
VARS[POSTGREY_DELAY]="${POSTGREY_DELAY:=300}"
|
|
|
|
VARS[POSTGREY_MAX_AGE]="${POSTGREY_MAX_AGE:=35}"
|
|
|
|
VARS[POSTGREY_TEXT]="${POSTGREY_TEXT:=Delayed by Postgrey}"
|
|
|
|
VARS[POSTSCREEN_ACTION]="${POSTSCREEN_ACTION:=enforce}"
|
2023-04-11 07:16:57 +00:00
|
|
|
VARS[RSPAMD_GREYLISTING]="${RSPAMD_GREYLISTING:=0}"
|
2023-04-11 16:51:23 +00:00
|
|
|
VARS[RSPAMD_HFILTER]="${RSPAMD_HFILTER:=1}"
|
|
|
|
VARS[RSPAMD_HFILTER_HOSTNAME_UNKNOWN_SCORE]="${RSPAMD_HFILTER_HOSTNAME_UNKNOWN_SCORE:=6}"
|
2023-03-18 15:32:48 +00:00
|
|
|
VARS[RSPAMD_LEARN]="${RSPAMD_LEARN:=0}"
|
2023-03-26 23:59:43 +00:00
|
|
|
VARS[SA_KILL]=${SA_KILL:="10.0"}
|
2022-08-22 06:31:32 +00:00
|
|
|
VARS[SA_SPAM_SUBJECT]=${SA_SPAM_SUBJECT:="***SPAM*** "}
|
|
|
|
VARS[SA_TAG]=${SA_TAG:="2.0"}
|
|
|
|
VARS[SA_TAG2]=${SA_TAG2:="6.31"}
|
|
|
|
VARS[SPAMASSASSIN_SPAM_TO_INBOX]="${SPAMASSASSIN_SPAM_TO_INBOX:=1}"
|
|
|
|
VARS[SPOOF_PROTECTION]="${SPOOF_PROTECTION:=0}"
|
|
|
|
VARS[VIRUSMAILS_DELETE_DELAY]="${VIRUSMAILS_DELETE_DELAY:=7}"
|
|
|
|
|
|
|
|
_log 'trace' 'Setting service-enabling environment variables'
|
|
|
|
|
|
|
|
VARS[ENABLE_AMAVIS]="${ENABLE_AMAVIS:=1}"
|
|
|
|
VARS[ENABLE_CLAMAV]="${ENABLE_CLAMAV:=0}"
|
|
|
|
VARS[ENABLE_DNSBL]="${ENABLE_DNSBL:=0}"
|
|
|
|
VARS[ENABLE_FAIL2BAN]="${ENABLE_FAIL2BAN:=0}"
|
|
|
|
VARS[ENABLE_FETCHMAIL]="${ENABLE_FETCHMAIL:=0}"
|
2023-05-23 15:25:08 +00:00
|
|
|
VARS[ENABLE_GETMAIL]="${ENABLE_GETMAIL:=0}"
|
2022-08-22 06:31:32 +00:00
|
|
|
VARS[ENABLE_MANAGESIEVE]="${ENABLE_MANAGESIEVE:=0}"
|
2023-01-25 09:28:59 +00:00
|
|
|
VARS[ENABLE_OPENDKIM]="${ENABLE_OPENDKIM:=1}"
|
|
|
|
VARS[ENABLE_OPENDMARC]="${ENABLE_OPENDMARC:=1}"
|
2023-04-11 06:52:43 +00:00
|
|
|
VARS[ENABLE_POLICYD_SPF]="${ENABLE_POLICYD_SPF:=1}"
|
2022-08-22 06:31:32 +00:00
|
|
|
VARS[ENABLE_POP3]="${ENABLE_POP3:=0}"
|
|
|
|
VARS[ENABLE_POSTGREY]="${ENABLE_POSTGREY:=0}"
|
|
|
|
VARS[ENABLE_QUOTAS]="${ENABLE_QUOTAS:=1}"
|
2023-01-05 07:39:00 +00:00
|
|
|
VARS[ENABLE_RSPAMD]="${ENABLE_RSPAMD:=0}"
|
2023-03-04 09:45:43 +00:00
|
|
|
VARS[ENABLE_RSPAMD_REDIS]="${ENABLE_RSPAMD_REDIS:=${ENABLE_RSPAMD}}"
|
2022-08-22 06:31:32 +00:00
|
|
|
VARS[ENABLE_SASLAUTHD]="${ENABLE_SASLAUTHD:=0}"
|
|
|
|
VARS[ENABLE_SPAMASSASSIN]="${ENABLE_SPAMASSASSIN:=0}"
|
|
|
|
VARS[ENABLE_SPAMASSASSIN_KAM]="${ENABLE_SPAMASSASSIN_KAM:=0}"
|
|
|
|
VARS[ENABLE_SRS]="${ENABLE_SRS:=0}"
|
|
|
|
VARS[ENABLE_UPDATE_CHECK]="${ENABLE_UPDATE_CHECK:=1}"
|
|
|
|
|
|
|
|
_log 'trace' 'Setting IP, DNS and SSL environment variables'
|
|
|
|
|
|
|
|
VARS[DEFAULT_RELAY_HOST]="${DEFAULT_RELAY_HOST:=}"
|
|
|
|
# VARS[DMS_FQDN]="${DMS_FQDN:=}"
|
|
|
|
# VARS[DMS_DOMAINNAME]="${DMS_DOMAINNAME:=}"
|
|
|
|
# VARS[DMS_HOSTNAME]="${DMS_HOSTNAME:=}"
|
|
|
|
VARS[NETWORK_INTERFACE]="${NETWORK_INTERFACE:=eth0}"
|
|
|
|
VARS[OVERRIDE_HOSTNAME]="${OVERRIDE_HOSTNAME:-}"
|
|
|
|
VARS[RELAY_HOST]="${RELAY_HOST:=}"
|
|
|
|
VARS[SSL_TYPE]="${SSL_TYPE:=}"
|
|
|
|
VARS[TLS_LEVEL]="${TLS_LEVEL:=modern}"
|
|
|
|
|
|
|
|
_log 'trace' 'Setting Dovecot- and Postfix-specific environment variables'
|
|
|
|
|
|
|
|
VARS[DOVECOT_INET_PROTOCOLS]="${DOVECOT_INET_PROTOCOLS:=all}"
|
|
|
|
VARS[DOVECOT_MAILBOX_FORMAT]="${DOVECOT_MAILBOX_FORMAT:=maildir}"
|
|
|
|
VARS[DOVECOT_TLS]="${DOVECOT_TLS:=no}"
|
|
|
|
|
2023-04-16 12:09:00 +00:00
|
|
|
VARS[POSTFIX_DAGENT]="${POSTFIX_DAGENT:=}"
|
2022-08-22 06:31:32 +00:00
|
|
|
VARS[POSTFIX_INET_PROTOCOLS]="${POSTFIX_INET_PROTOCOLS:=all}"
|
|
|
|
VARS[POSTFIX_MAILBOX_SIZE_LIMIT]="${POSTFIX_MAILBOX_SIZE_LIMIT:=0}"
|
|
|
|
VARS[POSTFIX_MESSAGE_SIZE_LIMIT]="${POSTFIX_MESSAGE_SIZE_LIMIT:=10240000}" # ~10 MB
|
2023-04-16 12:09:00 +00:00
|
|
|
VARS[POSTFIX_REJECT_UNKNOWN_CLIENT_HOSTNAME]="${POSTFIX_REJECT_UNKNOWN_CLIENT_HOSTNAME:=0}"
|
2022-08-22 06:31:32 +00:00
|
|
|
|
2023-03-02 16:44:01 +00:00
|
|
|
_log 'trace' 'Setting SRS specific environment variables'
|
|
|
|
|
|
|
|
VARS[SRS_DOMAINNAME]="${SRS_DOMAINNAME:=${DOMAINNAME}}"
|
|
|
|
VARS[SRS_EXCLUDE_DOMAINS]="${SRS_EXCLUDE_DOMAINS:=}"
|
|
|
|
VARS[SRS_SECRET]="${SRS_SECRET:=}"
|
|
|
|
VARS[SRS_SENDER_CLASSES]="${SRS_SENDER_CLASSES:=envelope_sender}"
|
|
|
|
|
2022-08-22 06:31:32 +00:00
|
|
|
_log 'trace' 'Setting miscellaneous environment variables'
|
|
|
|
|
|
|
|
VARS[ACCOUNT_PROVISIONER]="${ACCOUNT_PROVISIONER:=FILE}"
|
|
|
|
VARS[FETCHMAIL_PARALLEL]="${FETCHMAIL_PARALLEL:=0}"
|
|
|
|
VARS[FETCHMAIL_POLL]="${FETCHMAIL_POLL:=300}"
|
2023-05-23 15:25:08 +00:00
|
|
|
VARS[GETMAIL_POLL]="${GETMAIL_POLL:=5}"
|
2022-08-22 06:31:32 +00:00
|
|
|
VARS[LOG_LEVEL]="${LOG_LEVEL:=info}"
|
|
|
|
VARS[LOGROTATE_INTERVAL]="${LOGROTATE_INTERVAL:=weekly}"
|
|
|
|
VARS[LOGWATCH_INTERVAL]="${LOGWATCH_INTERVAL:=none}"
|
|
|
|
VARS[LOGWATCH_RECIPIENT]="${LOGWATCH_RECIPIENT:=${REPORT_RECIPIENT}}"
|
|
|
|
VARS[LOGWATCH_SENDER]="${LOGWATCH_SENDER:=${REPORT_SENDER}}"
|
|
|
|
VARS[ONE_DIR]="${ONE_DIR:=1}"
|
|
|
|
VARS[PERMIT_DOCKER]="${PERMIT_DOCKER:=none}"
|
|
|
|
VARS[PFLOGSUMM_RECIPIENT]="${PFLOGSUMM_RECIPIENT:=${REPORT_RECIPIENT}}"
|
|
|
|
VARS[PFLOGSUMM_SENDER]="${PFLOGSUMM_SENDER:=${REPORT_SENDER}}"
|
|
|
|
VARS[PFLOGSUMM_TRIGGER]="${PFLOGSUMM_TRIGGER:=none}"
|
|
|
|
VARS[SMTP_ONLY]="${SMTP_ONLY:=0}"
|
|
|
|
VARS[SUPERVISOR_LOGLEVEL]="${SUPERVISOR_LOGLEVEL:=warn}"
|
|
|
|
VARS[TZ]="${TZ:=}"
|
|
|
|
VARS[UPDATE_CHECK_INTERVAL]="${UPDATE_CHECK_INTERVAL:=1d}"
|
|
|
|
}
|
|
|
|
|
|
|
|
# This function handles environment variables related to LDAP.
|
2023-05-25 23:01:41 +00:00
|
|
|
function _environment_variables_ldap() {
|
2022-08-22 06:31:32 +00:00
|
|
|
_log 'debug' 'Setting LDAP-related environment variables now'
|
|
|
|
|
|
|
|
VARS[LDAP_BIND_DN]="${LDAP_BIND_DN:=}"
|
|
|
|
VARS[LDAP_BIND_PW]="${LDAP_BIND_PW:=}"
|
|
|
|
VARS[LDAP_SEARCH_BASE]="${LDAP_SEARCH_BASE:=}"
|
|
|
|
VARS[LDAP_SERVER_HOST]="${LDAP_SERVER_HOST:=}"
|
|
|
|
VARS[LDAP_START_TLS]="${LDAP_START_TLS:=no}"
|
|
|
|
}
|
|
|
|
|
|
|
|
# This function handles environment variables related to SASLAUTHD
|
|
|
|
# and, if activated, variables related to SASLAUTHD and LDAP.
|
2023-05-25 23:01:41 +00:00
|
|
|
function _environment_variables_saslauthd() {
|
2022-08-22 06:31:32 +00:00
|
|
|
_log 'debug' 'Setting SASLAUTHD-related environment variables now'
|
|
|
|
|
|
|
|
VARS[SASLAUTHD_MECHANISMS]="${SASLAUTHD_MECHANISMS:=pam}"
|
|
|
|
|
|
|
|
# SASL ENV for configuring an LDAP specific
|
|
|
|
# `saslauthd.conf` via `setup-stack.sh:_setup_sasulauthd()`
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ ${ACCOUNT_PROVISIONER} == 'LDAP' ]]; then
|
2022-08-22 06:31:32 +00:00
|
|
|
_log 'trace' 'Setting SASLSAUTH-LDAP variables nnow'
|
|
|
|
|
|
|
|
VARS[SASLAUTHD_LDAP_AUTH_METHOD]="${SASLAUTHD_LDAP_AUTH_METHOD:=bind}"
|
|
|
|
VARS[SASLAUTHD_LDAP_BIND_DN]="${SASLAUTHD_LDAP_BIND_DN:=${LDAP_BIND_DN}}"
|
|
|
|
VARS[SASLAUTHD_LDAP_FILTER]="${SASLAUTHD_LDAP_FILTER:=(&(uniqueIdentifier=%u)(mailEnabled=TRUE))}"
|
|
|
|
VARS[SASLAUTHD_LDAP_PASSWORD]="${SASLAUTHD_LDAP_PASSWORD:=${LDAP_BIND_PW}}"
|
|
|
|
VARS[SASLAUTHD_LDAP_SEARCH_BASE]="${SASLAUTHD_LDAP_SEARCH_BASE:=${LDAP_SEARCH_BASE}}"
|
|
|
|
VARS[SASLAUTHD_LDAP_SERVER]="${SASLAUTHD_LDAP_SERVER:=${LDAP_SERVER_HOST}}"
|
|
|
|
[[ ${SASLAUTHD_LDAP_SERVER} != *'://'* ]] && SASLAUTHD_LDAP_SERVER="ldap://${SASLAUTHD_LDAP_SERVER}"
|
|
|
|
VARS[SASLAUTHD_LDAP_START_TLS]="${SASLAUTHD_LDAP_START_TLS:=no}"
|
|
|
|
VARS[SASLAUTHD_LDAP_TLS_CHECK_PEER]="${SASLAUTHD_LDAP_TLS_CHECK_PEER:=no}"
|
|
|
|
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ -z ${SASLAUTHD_LDAP_TLS_CACERT_FILE} ]]; then
|
2022-08-22 06:31:32 +00:00
|
|
|
SASLAUTHD_LDAP_TLS_CACERT_FILE=''
|
|
|
|
else
|
|
|
|
SASLAUTHD_LDAP_TLS_CACERT_FILE="ldap_tls_cacert_file: ${SASLAUTHD_LDAP_TLS_CACERT_FILE}"
|
|
|
|
fi
|
|
|
|
VARS[SASLAUTHD_LDAP_TLS_CACERT_FILE]="${SASLAUTHD_LDAP_TLS_CACERT_FILE}"
|
|
|
|
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ -z ${SASLAUTHD_LDAP_TLS_CACERT_DIR} ]]; then
|
2022-08-22 06:31:32 +00:00
|
|
|
SASLAUTHD_LDAP_TLS_CACERT_DIR=''
|
|
|
|
else
|
|
|
|
SASLAUTHD_LDAP_TLS_CACERT_DIR="ldap_tls_cacert_dir: ${SASLAUTHD_LDAP_TLS_CACERT_DIR}"
|
|
|
|
fi
|
|
|
|
VARS[SASLAUTHD_LDAP_TLS_CACERT_DIR]="${SASLAUTHD_LDAP_TLS_CACERT_DIR}"
|
|
|
|
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ -z ${SASLAUTHD_LDAP_PASSWORD_ATTR} ]]; then
|
2022-08-22 06:31:32 +00:00
|
|
|
SASLAUTHD_LDAP_PASSWORD_ATTR=''
|
|
|
|
else
|
|
|
|
SASLAUTHD_LDAP_PASSWORD_ATTR="ldap_password_attr: ${SASLAUTHD_LDAP_PASSWORD_ATTR}"
|
|
|
|
fi
|
|
|
|
VARS[SASLAUTHD_LDAP_PASSWORD_ATTR]="${SASLAUTHD_LDAP_PASSWORD_ATTR}"
|
|
|
|
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ -z ${SASLAUTHD_LDAP_MECH} ]]; then
|
2022-08-22 06:31:32 +00:00
|
|
|
SASLAUTHD_LDAP_MECH=''
|
|
|
|
else
|
|
|
|
SASLAUTHD_LDAP_MECH="ldap_mech: ${SASLAUTHD_LDAP_MECH}"
|
|
|
|
fi
|
|
|
|
VARS[SASLAUTHD_LDAP_MECH]="${SASLAUTHD_LDAP_MECH}"
|
|
|
|
fi
|
|
|
|
}
|
2023-02-28 09:25:23 +00:00
|
|
|
|
|
|
|
# This function Writes the contents of the `VARS` map (associative array)
|
|
|
|
# to locations where they can be sourced from (e.g. `/etc/dms-settings`)
|
|
|
|
# or where they can be used by Bash directly (e.g. `/root/.bashrc`).
|
2023-05-25 23:01:41 +00:00
|
|
|
function _environment_variables_export() {
|
2023-02-28 09:25:23 +00:00
|
|
|
_log 'debug' "Exporting environment variables now (creating '/etc/dms-settings')"
|
|
|
|
|
|
|
|
: >/root/.bashrc # make DMS variables available in login shells and their subprocesses
|
|
|
|
: >/etc/dms-settings # this file can be sourced by other scripts
|
|
|
|
|
|
|
|
local VAR
|
|
|
|
for VAR in "${!VARS[@]}"
|
|
|
|
do
|
|
|
|
echo "export ${VAR}='${VARS[${VAR}]}'" >>/root/.bashrc
|
|
|
|
echo "${VAR}='${VARS[${VAR}]}'" >>/etc/dms-settings
|
|
|
|
done
|
|
|
|
|
|
|
|
sort -o /root/.bashrc /root/.bashrc
|
|
|
|
sort -o /etc/dms-settings /etc/dms-settings
|
|
|
|
}
|