mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
4616894fbf
* Allow manual domains for dkim generator * Document the DKIM manual mode * Remove unnecessary quotes * updating default value usage and "" in [[ ]] * Change parameter expansion * Add test for manual dkim domains * Remove obsolete script * Add manual dkim mode to usage * Move manual dkim guide into quickstart section * Cover case that key for domain already exists * Set default dkim key size to 4096 Co-authored-by: Frederic Werner <20406381+wernerfred@users.noreply.github.com> Co-authored-by: Georg Lauterbach <44545919+aendeavor@users.noreply.github.com>
97 lines
3.1 KiB
Bash
Executable file
97 lines
3.1 KiB
Bash
Executable file
#! /bin/bash
|
|
|
|
touch /tmp/vhost.tmp
|
|
|
|
# if no keysize is provided, 2048 is default.
|
|
KEYSIZE=${1:-4096}
|
|
# optional domain names
|
|
DOMAINS=${2:-}
|
|
|
|
if [[ -z ${DOMAINS} ]]
|
|
then
|
|
# getting domains FROM mail accounts
|
|
if [[ -f /tmp/docker-mailserver/postfix-accounts.cf ]]
|
|
then
|
|
# shellcheck disable=SC2034
|
|
while IFS=$'|' read -r LOGIN PASS
|
|
do
|
|
DOMAIN=$(echo "${LOGIN}" | cut -d @ -f2)
|
|
echo "${DOMAIN}" >>/tmp/vhost.tmp
|
|
done < <(grep -v "^\s*$\|^\s*\#" /tmp/docker-mailserver/postfix-accounts.cf || true)
|
|
fi
|
|
|
|
# Getting domains FROM mail aliases
|
|
if [[ -f /tmp/docker-mailserver/postfix-virtual.cf ]]
|
|
then
|
|
# shellcheck disable=SC2034
|
|
while read -r FROM TO
|
|
do
|
|
UNAME=$(echo "${FROM}" | cut -d @ -f1)
|
|
DOMAIN=$(echo "${FROM}" | cut -d @ -f2)
|
|
|
|
test "${UNAME}" != "${DOMAIN}" && echo "${DOMAIN}" >>/tmp/vhost.tmp
|
|
done < <(grep -v "^\s*$\|^\s*\#" /tmp/docker-mailserver/postfix-virtual.cf || true)
|
|
fi
|
|
else
|
|
tr ',' '\n' <<<"${DOMAINS}" > /tmp/vhost.tmp
|
|
fi
|
|
|
|
# keeping unique entries
|
|
if [[ -f /tmp/vhost.tmp ]]
|
|
then
|
|
sort < /tmp/vhost.tmp | uniq >/tmp/vhost && rm /tmp/vhost.tmp
|
|
fi
|
|
|
|
# exit if no entries found
|
|
if [[ ! -f /tmp/vhost ]]
|
|
then
|
|
echo "No entries found, no keys to make"
|
|
exit 0
|
|
fi
|
|
|
|
while read -r DOMAINNAME
|
|
do
|
|
mkdir -p "/tmp/docker-mailserver/opendkim/keys/${DOMAINNAME}"
|
|
|
|
if [[ ! -f "/tmp/docker-mailserver/opendkim/keys/${DOMAINNAME}/mail.private" ]]
|
|
then
|
|
echo "Creating DKIM private key /tmp/docker-mailserver/opendkim/keys/${DOMAINNAME}/mail.private"
|
|
|
|
opendkim-genkey --bits="${KEYSIZE}" --subdomains --DOMAIN="${DOMAINNAME}" --selector=mail -D "/tmp/docker-mailserver/opendkim/keys/${DOMAINNAME}"
|
|
fi
|
|
|
|
# write to KeyTable if necessary
|
|
KEYTABLEENTRY="mail._domainkey.${DOMAINNAME} ${DOMAINNAME}:mail:/etc/opendkim/keys/${DOMAINNAME}/mail.private"
|
|
if [[ ! -f "/tmp/docker-mailserver/opendkim/KeyTable" ]]
|
|
then
|
|
echo "Creating DKIM KeyTable"
|
|
echo "${KEYTABLEENTRY}" > /tmp/docker-mailserver/opendkim/KeyTable
|
|
else
|
|
if ! grep -q "${KEYTABLEENTRY}" "/tmp/docker-mailserver/opendkim/KeyTable"
|
|
then
|
|
echo "${KEYTABLEENTRY}" >>/tmp/docker-mailserver/opendkim/KeyTable
|
|
fi
|
|
fi
|
|
|
|
# write to SigningTable if necessary
|
|
SIGNINGTABLEENTRY="*@${DOMAINNAME} mail._domainkey.${DOMAINNAME}"
|
|
if [[ ! -f /tmp/docker-mailserver/opendkim/SigningTable ]]
|
|
then
|
|
echo "Creating DKIM SigningTable"
|
|
echo "*@${DOMAINNAME} mail._domainkey.${DOMAINNAME}" >/tmp/docker-mailserver/opendkim/SigningTable
|
|
else
|
|
if ! grep -q "${SIGNINGTABLEENTRY}" /tmp/docker-mailserver/opendkim/SigningTable
|
|
then
|
|
echo "${SIGNINGTABLEENTRY}" >> /tmp/docker-mailserver/opendkim/SigningTable
|
|
fi
|
|
fi
|
|
done < <(grep -vE '^(\s*$|#)' /tmp/vhost)
|
|
|
|
# creates TrustedHosts if missing
|
|
if [[ -d /tmp/docker-mailserver/opendkim ]] && [[ ! -f /tmp/docker-mailserver/opendkim/TrustedHosts ]]
|
|
then
|
|
echo "Creating DKIM TrustedHosts"
|
|
echo "127.0.0.1" >/tmp/docker-mailserver/opendkim/TrustedHosts
|
|
echo "localhost" >>/tmp/docker-mailserver/opendkim/TrustedHosts
|
|
fi
|