From 6e19d1a93826cfce49c9a7471f0b170f8720bc44 Mon Sep 17 00:00:00 2001 From: Christoph Date: Sat, 19 Jul 2025 01:46:06 +0200 Subject: [PATCH] install_update_dovecot-2.4.sh: another intermediate version. --- install_update_dovecot-2.4.sh | 309 ++++++++++++++++++++++++++++++++-- 1 file changed, 298 insertions(+), 11 deletions(-) diff --git a/install_update_dovecot-2.4.sh b/install_update_dovecot-2.4.sh index 7a03bd4..d76cb36 100755 --- a/install_update_dovecot-2.4.sh +++ b/install_update_dovecot-2.4.sh @@ -610,6 +610,8 @@ fi DEFAULT_SSL_CIPHER_LIST="ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305" +DEFAULT_VMAIL_UID=5000 +DEFAULT_VMAIL_GID=5000 # - Detect OS - Set variable # - os_dist @@ -714,6 +716,9 @@ fi [[ -n "$service_limit_nofile" ]] || service_limit_nofile=524280 +[[ -n "${vmail_uid}" ]] || vmail_uid=${DEFAULT_VMAIL_UID} +[[ -n "${vmail_gid}" ]] || vmail_gid=${DEFAULT_VMAIL_GID} + declare -i dovecot_major_version=0 declare -i dovecot_minor_version=0 declare -i dovecot_patch_level=0 @@ -2181,7 +2186,6 @@ if [[ $dovecot_major_version -gt 2 ]] \ _conf_file="/usr/local/dovecot-${_version}/etc/dovecot/conf.d/10-mail.conf" echononl " Create empty file '$(basename "${_conf_file}")'.." if [[ ! -f "${_conf_file}" ]] ; then - _failed=false touch "${_conf_file}" > ${log_file} if [ "$?" = 0 ]; then echo -e "$rc_done" @@ -2193,6 +2197,15 @@ if [[ $dovecot_major_version -gt 2 ]] \ echo -e "$rc_skipped" fi + cat <<'EOF' > "${_conf_file}" 2> "${log_file}" +## +## Mail Location ans Namespace Settigs +## +EOF + if [[ $? -gt 0 ]] ; then + _failed=true + fi + _conf_file="/usr/local/dovecot-${_version}/etc/dovecot/conf.d/10-ssl.conf" echononl " Create empty file '$(basename "${_conf_file}")'.." if [[ ! -f "${_conf_file}" ]] ; then @@ -2208,6 +2221,15 @@ if [[ $dovecot_major_version -gt 2 ]] \ echo -e "$rc_skipped" fi + cat <<'EOF' > "${_conf_file}" 2> "${log_file}" +## +## SSL settings +## +EOF + if [[ $? -gt 0 ]] ; then + _failed=true + fi + blank_line fi @@ -3139,7 +3161,6 @@ if [[ $dovecot_major_version -gt 2 ]] \ "${_conf_file}" >> "${log_file}" 2>&1 || _failed=true else cat <> "${_conf_file}" || _failed=true - # Default value for parameter 'service_process_limit', if not overridden by service-specific configuration. ${_param} = ${_val} EOF @@ -3159,7 +3180,7 @@ EOF fi _param="default_vsz_limit" - _val="512 M" + _val="512M" if grep -qE "^\s*${_param}\s*=" "${_conf_file}"; then perl -i -n -p -e "s#^(\s*)\#?\ ?(${_param}\ ?=.*)#${_param} = ${_val}#g" \ "${_conf_file}" >> "${log_file}" 2>&1 || _failed=true @@ -3936,7 +3957,7 @@ EOF echo -e "$rc_done" else echo -e "$rc_failed" - error "Adjusting file 10-ssl.conf failed" + error "Adjusting '$(basename "${_conf_file}") failed" echo "" echononl "continue anyway [yes/no]: " @@ -3968,22 +3989,288 @@ if [[ $dovecot_major_version -gt 2 ]] \ # mail_uid = vmail # mail_gid = vmail # - # first_valid_uid = 5000 - # last_valid_uid = 5000 + # first_valid_uid = ${vmail_uid} + # last_valid_uid = ${vmail_uid} # - # first_valid_gid = 5000 - # last_valid_gid = 5000 + # first_valid_gid = ${vmail_gid} + # last_valid_gid = ${vmail_gid} # # mail_temp_dir = /var/vmail/tmp # # auth_socket_path = /run/dovecot/auth-userdb # - # mail_plugins = quota acl | mail_plugins = quota acl expire + # mail_plugins = quota acl # # mailbox_list_index # - echononl " Adjusting file '$(basename "${_conf_file}").." - echo -e "$rc_not_yet_implemented" + echononl " Adjusting file '$(basename "${_conf_file}")'.." + :> "${log_file}" + + + if grep -qE '^\s*mail_home\s*=' "${_conf_file}" \ + || grep -qE '^\s*mail_driver\s*=' "${_conf_file}" \ + || grep -qE '^\s*mail_path\s*=' "${_conf_file}" ; then + + replace_variable \ + "mail_home" \ + '/var/vmail/%{user | domain}/%{user | username}' \ + "${_conf_file}" >> "${log_file}" 2>&1 + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + replace_variable \ + "mail_driver" \ + 'Maildir' \ + "${_conf_file}" >> "${log_file}" 2>&1 + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + replace_variable \ + "mail_path" \ + '~/Maildir' \ + "${_conf_file}" >> "${log_file}" 2>&1 + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + else + cat <<'EOF' >> "${_conf_file}" || _failed=true + +mail_home= /var/vmail/%{user | domain}/%{user | username}' +mail_driver = Maildir +mail_path = ~/Maildir +EOF + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + fi + + if grep -qE '^\s*mail_uid\s*=' "${_conf_file}" \ + || grep -qE '^\s*mail_uid\s*=' "${_conf_file}" ; then + + replace_variable \ + "mail_uid" \ + 'vmail' \ + "${_conf_file}" >> "${log_file}" 2>&1 + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + replace_variable \ + "mail_gid" \ + 'vmail' \ + "${_conf_file}" >> "${log_file}" 2>&1 + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + else + cat <<'EOF' >> "${_conf_file}" || _failed=true + +# System user and group used to access mails. +mail_uid = vmail +mail_gid = vmail +EOF + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + fi + + if grep -qE '^\s*first_valid_uid\s*=' "${_conf_file}" \ + || grep -qE '^\s*last_valid_uid\s*=' "${_conf_file}" ; then + + replace_variable \ + "first_valid_uid" \ + "${vmail_uid}" \ + "${_conf_file}" >> "${log_file}" 2>&1 + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + replace_variable \ + "last_valid_uid" \ + "${vmail_uid}" \ + "${_conf_file}" >> "${log_file}" 2>&1 + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + else + cat <> "${_conf_file}" || _failed=true + +# Valid UID range for users allowed to login +first_valid_uid = ${vmail_uid} +last_valid_uid = ${vmail_uid} +EOF + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + fi + + if grep -qE '^\s*first_valid_gid\s*=' "${_conf_file}" \ + || grep -qE '^\s*last_valid_gid\s*=' "${_conf_file}" ; then + + replace_variable \ + "first_valid_gid" \ + "${vmail_gid}" \ + "${_conf_file}" >> "${log_file}" 2>&1 + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + replace_variable \ + "last_valid_gid" \ + "${vmail_gid}" \ + "${_conf_file}" >> "${log_file}" 2>&1 + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + else + cat <> "${_conf_file}" || _failed=true + +# Valid GID range for users allowed to login +first_valid_gid = ${vmail_gid} +last_valid_gid = ${vmail_gid} +EOF + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + fi + + if grep -qE '^\s*mail_temp_dir\s*=' "${_conf_file}" ; then + replace_variable \ + "mail_temp_dir" \ + "/var/vmail/tmp" \ + "${_conf_file}" >> "${log_file}" 2>&1 + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + else + cat <> "${_conf_file}" || _failed=true + +# The directory in which LDA/LMTP will temporarily store incoming message data +# that is above 128kB in size. +mail_temp_dir = /var/vmail/tmp +EOF + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + fi + + if grep -qE '^\s*auth_socket_path\s*=' "${_conf_file}" ; then + replace_variable \ + "auth_socket_path" \ + "/run/dovecot/auth-userdb" \ + "${_conf_file}" >> "${log_file}" 2>&1 + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + else + cat <> "${_conf_file}" || _failed=true + +# The UNIX socket path to the master authentication server for finding users. +auth_socket_path = /run/dovecot/auth-userdb +EOF + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + fi + + if grep -qE '^\s*mail_plugins\s*=' "${_conf_file}" ; then + replace_variable \ + "mail_plugins" \ + "quota acl" \ + "${_conf_file}" >> "${log_file}" 2>&1 + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + else + cat <> "${_conf_file}" || _failed=true + +# A list of mail plugins to load. +mail_plugins = quota acl +EOF + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + fi + + if grep -qE '^\s*mailbox_list_index\s*=' "${_conf_file}" ; then + replace_variable \ + "mailbox_list_index" \ + "yes" \ + "${_conf_file}" >> "${log_file}" 2>&1 + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + else + cat <> "${_conf_file}" || _failed=true + +# Dovecot indexes live at the root of user's mailbox storage, and allows quick lookup +# of mailbox status instead of needing to open all mailbox indexes separately. +# +# Enabling this optimizes the server reply to IMAP STATUS commands, which are commonly +# issued by clients. This also needs to be enabled if you wish to enable the +# IMAP NOTIFY extension. +mailbox_list_index = yes +EOF + + if [[ $? -gt 0 ]] ; then + _failed=true + fi + + fi + + + if ! $_failed ; then + echo -e "$rc_done" + else + echo -e "$rc_failed" + error "Adjusting '$(basename "${_conf_file}") failed" + + echo "" + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/no]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Interupted by user" + fi + else