docker-mailserver/target/bin/generate-dkim-config
Georg Lauterbach da8171388f
Complete Refactor for target/bin (#1654)
* documentation and script updates trying to fix #1647
* preparations for refactoring target/bin/
* complete refactor for target/bin/
* changing script output slightly
* outsourcing functions in `bin-helper.sh`
* re-wrote linting to allow for proper shellcheck -x execution
* show explanation for shellcheck ignore
* adding some more information
2020-10-21 18:16:32 +02:00

90 lines
2.8 KiB
Bash
Executable file

#! /bin/bash
touch /tmp/vhost.tmp
# if no keysize is provided, 2048 is default.
KEYSIZE=${1:-2048}
# Getting domains FROM mail accounts
if [[ -f /tmp/docker-mailserver/postfix-accounts.cf ]]
then
# shellcheck disable=SC2034
while IFS=$'|' read -r LOGIN PASS
do
DOMAIN=$(echo "${LOGIN}" | cut -d @ -f2)
echo "${DOMAIN}" >>/tmp/vhost.tmp
done < <(grep -v "^\s*$\|^\s*\#" /tmp/docker-mailserver/postfix-accounts.cf || true)
fi
# Getting domains FROM mail aliases
if [[ -f /tmp/docker-mailserver/postfix-virtual.cf ]]
then
# shellcheck disable=SC2034
while read -r FROM TO
do
UNAME=$(echo "${FROM}" | cut -d @ -f1)
DOMAIN=$(echo "${FROM}" | cut -d @ -f2)
test "${UNAME}" != "${DOMAIN}" && echo "${DOMAIN}" >>/tmp/vhost.tmp
done < <(grep -v "^\s*$\|^\s*\#" /tmp/docker-mailserver/postfix-virtual.cf || true)
fi
# keeping unique entries
if [[ -f /tmp/vhost.tmp ]]
then
sort < /tmp/vhost.tmp | uniq >/tmp/vhost && rm /tmp/vhost.tmp
fi
# exit if no entries found
if [[ ! -f /tmp/vhost ]]
then
echo "No entries found, no keys to make"
exit 0
fi
while read -r DOMAINNAME
do
mkdir -p "/tmp/docker-mailserver/opendkim/keys/${DOMAINNAME}"
if [[ ! -f "/tmp/docker-mailserver/opendkim/keys/${DOMAINNAME}/mail.private" ]]
then
echo "Creating DKIM private key /tmp/docker-mailserver/opendkim/keys/${DOMAINNAME}/mail.private"
opendkim-genkey --bits="${KEYSIZE}" --subdomains --DOMAIN="${DOMAINNAME}" --selector=mail -D "/tmp/docker-mailserver/opendkim/keys/${DOMAINNAME}"
fi
# write to KeyTable if necessary
KEYTABLEENTRY="mail._domainkey.${DOMAINNAME} ${DOMAINNAME}:mail:/etc/opendkim/keys/${DOMAINNAME}/mail.private"
if [[ ! -f "/tmp/docker-mailserver/opendkim/KeyTable" ]]
then
echo "Creating DKIM KeyTable"
echo "${KEYTABLEENTRY}" > /tmp/docker-mailserver/opendkim/KeyTable
else
if ! grep -q "${KEYTABLEENTRY}" "/tmp/docker-mailserver/opendkim/KeyTable"
then
echo "${KEYTABLEENTRY}" >>/tmp/docker-mailserver/opendkim/KeyTable
fi
fi
# write to SigningTable if necessary
SIGNINGTABLEENTRY="*@${DOMAINNAME} mail._domainkey.${DOMAINNAME}"
if [[ ! -f /tmp/docker-mailserver/opendkim/SigningTable ]]
then
echo "Creating DKIM SigningTable"
echo "*@${DOMAINNAME} mail._domainkey.${DOMAINNAME}" >/tmp/docker-mailserver/opendkim/SigningTable
else
if ! grep -q "${SIGNINGTABLEENTRY}" /tmp/docker-mailserver/opendkim/SigningTable
then
echo "${SIGNINGTABLEENTRY}" >> /tmp/docker-mailserver/opendkim/SigningTable
fi
fi
done < <(grep -vE '^(\s*$|#)' /tmp/vhost)
# creates TrustedHosts if missing
if [[ -d /tmp/docker-mailserver/opendkim ]] && [[ ! -f /tmp/docker-mailserver/opendkim/TrustedHosts ]]
then
echo "Creating DKIM TrustedHosts"
echo "127.0.0.1" >/tmp/docker-mailserver/opendkim/TrustedHosts
echo "localhost" >>/tmp/docker-mailserver/opendkim/TrustedHosts
fi