diff --git a/conf/convert_dovecot_pfa_password.conf.sample b/conf/convert_dovecot_pfa_password.conf.sample new file mode 100644 index 0000000..27b9d77 --- /dev/null +++ b/conf/convert_dovecot_pfa_password.conf.sample @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# - Configuration for password convertion script 'convert_dovecot_pfa_password.' +# ------------------------------------------------------------------------------ + +# - DOVECOT_ENC_METHOD_CUR +# - +# - The password scheme which should be used to generate the hashed +# - passwords of EXISTING users. +# - +# - Possible values are: +# - +# - See output of 'doveadm pw -l' +# - +# - DEFAULTS to: DOVECOT_ENC_METHOD_CUR="CRAM-MD5" +# - +#DOVECOT_ENC_METHOD_CUR="" +#DOVECOT_ENC_METHOD_CUR="SHA512-CRYPT" + +# - DOVECOT_ENC_METHOD_NEW +# - +# - The password scheme which should be used to generate the hashed +# - passwords for NEW users. +# - +# - Possible values are: +# - +# - See output of 'doveadm pw -l' +# - +# - DEFAULTS to: DOVECOT_ENC_METHOD_NEW="SHA512-CRYPT" +# - +#DOVECOT_ENC_METHOD_NEW="" + +# - DOCROOT_ROUNDCUBE +# - +# - DocumentRoot directory of the roundcube installation +# - +# - Example: +# - +# - DOCROOT_ROUNDCUBE="/var/www/webmail.oopen.de/htdocs" +# - +DOCROOT_ROUNDCUBE="" + +# - DOCROOT_PFA +# - +# - DocumentRoot directory of the postfixadmin installation +# - +# - Example: +# - +# - DOCROOT_PFA="/var/www/adm.oopen.de/htdocs" +# - +DOCROOT_PFA="" + +# - POSTFIX_DB_NAME +# - +# - Name of the postfix database +# - +# - Defaults to POSTFIX_DB_NAME='postfix' +# - +#POSTFIX_DB_NAME='' + +# - POSTFIX_DB_TYPE +# - +# - Type of Postfix database +# - +# - Possible values are 'pgsql' (PostgeSQL) or 'mysql' (MySQL) +# - +# - Defaults to POSTFIX_DB_TYPE='pgsql' +# - +#POSTFIX_DB_TYPE="" + +# - MYSQL_DEBIAN_INSTALLATION +# - +# - Is MySQL installed from debian package system? +# - +# - Only needed, if DB_TYPE is set to 'mysql' +# - +# - Defaults to 'false' +# - +#MYSQL_DEBIAN_INSTALLATION="" + +# - MYSQL_CREDENTIALS +# - +# - +# - Example +# - MYSQL_CREDENTIALS="--login-path=local" +# - MYSQL_CREDENTIALS="--defaults-file=/etc/mysql/debian.cnf" (Debian default) +# - MYSQL_CREDENTIALS="--defaults-file=/usr/local/mysql/sys-maint.cnf" +# - +# - Defaults to: +# - '/etc/mysql/debian.cnf' if MySQL is installed from debian package system +# - '/usr/local/mysql/sys-maint.cnf' otherwise +# - +#MYSQL_CREDENTIALS="" + +# - LOG_DIR +# - +# - Defaults to: LOG_DIR="/var/log/convert_dovecot_password" +# - +#LOG_DIR="" diff --git a/convert_dovecot_pfa_password.sh b/convert_dovecot_pfa_password.sh new file mode 100755 index 0000000..11914f4 --- /dev/null +++ b/convert_dovecot_pfa_password.sh @@ -0,0 +1,599 @@ +#!/usr/bin/env bash + +_src_base_dir="$(realpath $(dirname $0))" +conf_file="${_src_base_dir}/conf/convert_dovecot_pfa_password.conf" + + +# ============= +# --- Some functions +# ============= + +echononl(){ + echo X\\c > /tmp/shprompt$$ + if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then + echo -e -n "$*\\c" 1>&2 + else + echo -e -n "$*" 1>&2 + fi + rm /tmp/shprompt$$ +} + +fatal(){ + echo "" + echo -e "[ \033[31m\033[1mError\033[m ]: $*" + echo "" + echo -e "\t\033[31m\033[1mInstalllation is canceled\033[m\033[m" + echo "" + exit 1 +} + +warn (){ + echo "" + echo -e " [ \033[33m\033[1mWarning\033[m ]: $*" + echo "" +} + +info (){ + echo "" + echo -e " [ \033[32m\033[1mInfo\033[m ]: $*" + echo "" +} + +ok (){ + echo "" + echo -e " [ \033[36m\033[1mOk\033[m ]: $*" + echo "" +} + +error(){ + echo "" + echo -e " [ \033[31m\033[1mFehler\033[m ]: $*" + echo "" +} + +echo_ok() { + echo -e "\033[75G[ \033[32mok\033[m ]" +} +echo_failed(){ + echo -e "\033[75G[ \033[1;31mfailed\033[m ]" +} +echo_skipped() { + echo -e "\033[75G[ \033[33m\033[1mskipped\033[m ]" +} + + +# --- +# - Default values +# --- + +DEFAULT_DOVECOT_ENC_METHOD_CUR="CRAM-MD5" +DEFAULT_DOVECOT_ENC_METHOD_NEW="SHA512-CRYPT" +DEFAULT_POSTFIX_DB_NAME="postfix" +DEFAULT_POSTFIX_DB_TYPE="pgsql" +DEFAULT_MYSQL_DEBIAN_INSTALLATION=false +DEFAULT_DEBIAN_MYSQL_CREDENTIALS="--defaults-file=/etc/mysql/debian.cnf" +DEFAULT_MYSQL_CREDENTIALS="--defaults-file=/usr/local/mysql/sys-maint.cnf" +DEFAULT_LOG_DIR="/var/log/convert_dovecot_password" + + + + +# - Read configuration file +# - +echo +echononl "\tInclude Configuration file.." +if [[ ! -f $conf_file ]]; then + echo_failed + fatal "Missing configuration file '$conf_file'" +else + source $conf_file + echo_ok +fi + +ADJUST_ROUNDCUBE_CONFIG=true +if [[ -n "$DOCROOT_ROUNDCUBE" ]]; then + if [[ ! -d "$(realpath "$DOCROOT_ROUNDCUBE" 2> /dev/null)" ]]; then + ADJUST_ROUNDCUBE_CONFIG=false + fi +else + ADJUST_ROUNDCUBE_CONFIG=false +fi +ADJUST_PFA_CONFIG=true +if [[ -n "$DOCROOT_PFA" ]]; then + if [[ ! -d "$(realpath "$DOCROOT_PFA" 2> /dev/null )" ]]; then + ADJUST_PFA_CONFIG=false + fi +else + ADJUST_PFA_CONFIG=false +fi + +[[ -n "$DOVECOT_ENC_METHOD_CUR" ]] || DOVECOT_ENC_METHOD_CUR="$DEFAULT_DOVECOT_ENC_METHOD_CUR" +[[ -n "$DOVECOT_ENC_METHOD_NEW" ]] || DOVECOT_ENC_METHOD_NEW="$DEFAULT_DOVECOT_ENC_METHOD_NEW" +[[ -n "$POSTFIX_DB_NAME" ]] || POSTFIX_DB_NAME="$DEFAULT_POSTFIX_DB_NAME" + +[[ -n "$POSTFIX_DB_TYPE" ]] || POSTFIX_DB_TYPE="$DEFAULT_POSTFIX_DB_TYPE" +[[ -n "$MYSQL_DEBIAN_INSTALLATION" ]] || MYSQL_DEBIAN_INSTALLATION="$DEFAULT_MYSQL_DEBIAN_INSTALLATION" + +if [[ "$POSTFIX_DB_TYPE" = "mysql" ]]; then + if $MYSQL_DEBIAN_INSTALLATION ; then + [[ -n "$MYSQL_CREDENTIALS" ]] || MYSQL_CREDENTIALS="$DEFAULT_DEBIAN_MYSQL_CREDENTIALS" + else + [[ -n "$MYSQL_CREDENTIALS" ]] || MYSQL_CREDENTIALS="$DEFAULT_MYSQL_CREDENTIALS" + fi +else + [[ "$POSTFIX_DB_TYPE" = "pgsql" ]] || fatal "Unknown Database Type '$POSTFIX_DB_TYPE' (POSTFIX_DB_TYPE)" +fi + +if [[ "$POSTFIX_DB_TYPE" = "mysql" ]] ; then + if ! mysql $MYSQL_CREDENTIALS -N -s -e \ + "SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = '$POSTFIX_DB_NAME'" 2> /dev/null \ + | grep $POSTFIX_DB_NAME > /dev/null 2>&1 ; then + fatal "MySQL Database '$POSTFIX_DB_NAME' not found or not accessable!" + fi +elif [[ "$POSTFIX_DB_TYPE" = "pgsql" ]]; then + count=$(su - postgres -c "psql -q -A -t -l" | grep -c -e "^$POSTFIX_DB_NAME") + if [[ $count -eq 0 ]];then + fatal "PostgreSQL Database '$POSTFIX_DB_NAME' not found or not accessable!" + fi +else + fatal "Cannot detect database type (value of POSTFIX_DB_TYPE is neither 'mysql' nor 'pgsql')" +fi + +[[ -n "$LOG_DIR" ]] || LOG_DIR="$DEFAULT_LOG_DIR" + +log_file_pfa="${LOG_DIR}/convert_password_postfixadmin.log" +log_file_pfa_error="${LOG_DIR}/convert_password_postfixadmin.err" +log_file_mailbox="${LOG_DIR}/convert_password_mailbox.log" +log_file_mailbox_error="${LOG_DIR}/convert_password_mailbox.err" +log_file_mailbox_csv="${LOG_DIR}/convert_password_mailbox.csv" +log_file_backup_database="${LOG_DIR}/backup-${POSTFIX_DB_NAME}.log" +log_file_backup_database_error="${LOG_DIR}/backup-${POSTFIX_DB_NAME}.err" +err_msg="${LOG_DIR}/error.log" + +date=$(date +%Y-%m-%d-%H%M) + +echo "" +echo "" +echo -e "\033[1;32mSettings for convertion script \033[1;37m$(basename "$0")\033[m" +echo "" +echo -e " Password encryption method (current users)....: $DOVECOT_ENC_METHOD_CUR" +echo -e " Password encryption method (new users)........: $DOVECOT_ENC_METHOD_NEW" +echo "" +echo -e " DocumentRoot roundcube installation...........: $DOCROOT_ROUNDCUBE" +echo -e " DocumentRoot postfixadmin installation........: $DOCROOT_PFA" +echo "" +echo -e " Database name.................................: $POSTFIX_DB_NAME" +if [[ "$POSTFIX_DB_TYPE" = "mysql" ]]; then + echo -e " Database type of Postfix Database.............: MySQL" + echo -e " MySQL from Debian Package System..............: $MYSQL_DEBIAN_INSTALLATION" + echo -e " MySQL credential args.........................: $MYSQL_CREDENTIALS" +else + echo -e " Database type of Postfix Database.............: PostgreSQL" +fi +echo "" +echo -e " Log directory.................................: $LOG_DIR" + +if ! $ADJUST_PFA_CONFIG ; then + warn "DocumentRoot directory of Postfixadmin installation not given or not found. + + \033[1mPostfixadmin configuration will NOT be adjusted!\033[m" +fi +if ! $ADJUST_ROUNDCUBE_CONFIG ; then + warn "DocumentRoot directory of Roundcube installation not given or not found. + + \033[1mRoundcube configuration will NOT be adjusted!\033[m" +fi + +echo "" +echo -n "Type upper case 'YES' to continue executing with this parameters: " +read OK +if [[ "$OK" = "YES" ]] ; then + echo "" +else + fatal "Abort by user request - Answer as not 'YES'" +fi + + +cd /tmp +declare -a mailbox_pw_failed_arr + +echo -e "\n \033[1mSome Pre-convertion tasks\033[m\n" + +echononl " Create log directory '$LOG_DIR'.." +if [[ ! -d "$LOG_DIR" ]] ; then + mkdir -p $LOG_DIR > /dev/null 2>&1 + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + fatal "Cannot create log directory '$LOG_DIR'" + fi +else + echo_skipped +fi + +echononl " Backup existing log files.." +_failed=false +if [[ -f "$log_file_pfa" ]] ;then + mv $log_file_pfa ${log_file_pfa}.BAK.${date} > $err_msg 2>&1 +fi +if [[ -f "$log_file_pfa_error" ]] ;then + mv $log_file_pfa_error ${log_file_pfa_error}.BAK.${date} >> $err_msg 2>&1 + if [[ $? -ne 0 ]] ; then + _failed=true + fi +fi +if [[ -f "$log_file_mailbox" ]] ;then + mv $log_file_mailbox ${log_file_mailbox}.BAK.${date} >> $err_msg 2>&1 + if [[ $? -ne 0 ]] ; then + _failed=true + fi +fi +if [[ -f "$log_file_mailbox_error" ]] ;then + mv $log_file_mailbox_error ${log_file_mailbox_error}.BAK.${date} >> $err_msg 2>&1 + if [[ $? -ne 0 ]] ; then + _failed=true + fi +fi +if [[ -f "$log_file_mailbox_csv" ]] ;then + mv $log_file_mailbox_csv ${log_file_mailbox_csv}.BAK.${date} >> $err_msg 2>&1 + if [[ $? -ne 0 ]] ; then + _failed=true + fi +fi +if $_failed ; then + echo_failed +else + echo_ok +fi + +log_file="$log_file_backup_database" +log_file_error="$log_file_backup_database_error" +echo "# ---" >> $log_file +echo "# - Backup Database $POSTFIX_DB_NAME" >> $log_file +echo "# ---" >> $log_file +echo "" >> $log_file + +echononl " Backup Postfix Database '$POSTFIX_DB_NAME'" +if [[ "$POSTFIX_DB_TYPE" = "pgsql" ]] ; then + + su - postgres -c "pg_dump -c $POSTFIX_DB_NAME" > ${LOG_DIR}/dump-${POSTFIX_DB_NAME}.${date}.sql 2> $log_file_backup_database_error + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + fatal "$(cat "$log_file_backup_database_error")" + fi + +elif [[ "$POSTFIX_DB_TYPE" = "mysql" ]]; then + + mysqldump $MYSQL_CREDENTIALS --opt "$POSTFIX_DB_NAME" > ${LOG_DIR}/dump-${POSTFIX_DB_NAME}.${date}.sql 2> $log_file_backup_database_error + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + fatal "$(cat "$log_file_backup_database_error")" + fi +else + echo_failed + fatal "Unknown database typ '$POSTFIX_DB_TYPE' (Parameter POSTFIX_DB_TYPE)!" +fi + +echo -e "\n \033[1;32mGoing to convert dovecot passwords..\033[m\n" + +log_file="$log_file_mailbox" +log_file_error="$log_file_mailbox_error" +log_file_csv="$log_file_mailbox_csv" +echo "# ---" >> $log_file +echo "# - Convert Password (Mailbox) from Plain to ${DOVECOT_ENC_METHOD_CUR}" >> $log_file +echo "# ---" >> $log_file +echo "" >> $log_file +if [[ "$POSTFIX_DB_TYPE" = "pgsql" ]] ; then + while IFS='|' read email password ; do + echononl " Convert Passwort (Mailbox) for '\033[37m\033[1m${email}\033[m'.." + if [[ "$password" =~ ^\{.*\} ]]; then + echo_skipped + continue + fi + echo "${email};$password" >> $log_file_csv + sudo -u postgres psql $POSTFIX_DB_NAME --quiet -c "UPDATE mailbox SET password = '$(doveadm pw -s ${DOVECOT_ENC_METHOD_CUR} -p "$password")' WHERE username = '$email'" + if [[ $? -eq 0 ]]; then + echo_ok + echo "[ ok ]: $email $password" >> $log_file + else + echo_failed + mailbox_pw_failed_arr+=("$email - $password") + echo "[ failed ]: $email $password" >> $log_file + echo "[ failed ]: $email $password" >> $log_file_error + fi + done < <(sudo -u postgres psql $POSTFIX_DB_NAME -w -t --quiet --no-align -c "SELECT username,password from mailbox") +elif [[ "$POSTFIX_DB_TYPE" = "mysql" ]]; then + while read email password ; do + echononl " Convert Passwort (Mailbox) for '\033[37m\033[1m${email}\033[m'.." + if [[ "$password" =~ ^\{.*\} ]]; then + echo_skipped + continue + fi + echo "${email};$password" >> $log_file_csv + mysql $MYSQL_CREDENTIALS $POSTFIX_DB_NAME -N -s -e "UPDATE mailbox SET password = '$(doveadm pw -s ${DOVECOT_ENC_METHOD_CUR} -p "$password")' WHERE username = '$email'" + if [[ $? -eq 0 ]]; then + echo_ok + echo "[ ok ]: $email $password" >> $log_file + else + echo_failed + mailbox_pw_failed_arr+=("$email - $password") + error "$(cat "$err_msg")" + echo "[ failed ]: $email $password" >> $log_file + echo "[ failed ]: $email $password" >> $log_file_error + fi + done < <(mysql $MYSQL_CREDENTIALS $POSTFIX_DB_NAME -N -s -e "SELECT username,password from mailbox") +else + fatal "Unknown database typ '$POSTFIX_DB_TYPE' (Parameter POSTFIX_DB_TYPE)!" +fi + + +echo -e "\n \033[1mAdjust configuration of Roundcube's password plugin\033[m\n" + + +echo "# ---" >> $log_file +echo "# - Adjust configuration of roundcube password plugin" >> $log_file +echo "# -" >> $log_file +echo "# - \$config['password_algorithm'] = 'dovecot';" >> $log_file +echo "# - \$config['password_algorithm_prefix'] = '{${DOVECOT_ENC_METHOD_NEW}}';" >> $log_file +echo "# - \$config['password_dovecotpw_method'] = '${DOVECOT_ENC_METHOD_NEW}';" >> $log_file +echo "# - \$config['password_dovecotpw'] = '/usr/local/dovecot/bin/doveadm pw';" >> $log_file +echo "# - \$config['password_dovecotpw_with_method'] = true;" >> $log_file +echo "# -" >> $log_file +echo "# ---" >> $log_file +echo "" >> $log_file + +# - Adjust configuration of roundcube password plugin +# - +# - $config['password_algorithm'] = 'dovecot'; +# - $config['password_algorithm_prefix'] = '{${DOVECOT_ENC_METHOD_NEW}}'; +# - $config['password_dovecotpw'] = '/usr/local/dovecot/bin/doveadm pw'; +# - $config['password_dovecotpw_method'] = $DOVECOT_ENC_METHOD_NEW; +# - $config['password_dovecotpw_with_method'] = true; +# - +_failed=false +_config_file="${DOCROOT_ROUNDCUBE}/plugins/password/config.inc.php" + +echononl " Backup configuration file '$(basename "$_config_file")' from Roundcube's password plugin" +if [[ -f "$_config_file" ]]; then + cp -a "$_config_file" "${_config_file}.BAK.${date}" > $err_msg 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat "$err_msg")" + fi +else + echo_failed + fatal "Configuration file for Postfixadmin not found!" +fi + +echononl " Adjust configuration of roundcube password plugin.." +if [[ -f "${_config_file}" ]]; then + + _key="password_algorithm" + _val="'dovecot'" + if ! grep -q -E "^\s*\\\$config\['$_key'\]\s*=\s*$_val" "${_config_file}" 2> /dev/null ; then + perl -i -n -p -e "s#(^\s*\\\$config\['$_key'\].*)#//\!\1\n\\\$config['$_key'] = $_val;#" \ + ${_config_file} > $log_file 2>&1 + if [[ $? -ne 0 ]] ; then + _failed=true + fi + fi + + _key="password_algorithm_prefix" + _val="'{${DOVECOT_ENC_METHOD_NEW}}'" + if ! grep -q -E "^\s*\\\$config\['$_key'\]\s*=\s*$_val" "${_config_file}" 2> /dev/null ; then + perl -i -n -p -e "s#(^\s*\\\$config\['$_key'\].*)#//\!\1\n\\\$config['$_key'] = $_val;#" \ + ${_config_file} > $log_file 2>&1 + if [[ $? -ne 0 ]] ; then + _failed=true + fi + fi + + _key="password_dovecotpw" + _val="'/usr/local/dovecot/bin/doveadm pw'" + if ! grep -q -E "^\s*\\\$config\['$_key'\]\s*=\s*$_val" "${_config_file}" 2> /dev/null ; then + perl -i -n -p -e "s#(^\s*\\\$config\['$_key'\].*)#//\!\1\n\\\$config['$_key'] = $_val;#" \ + ${_config_file} > $log_file 2>&1 + if [[ $? -ne 0 ]] ; then + _failed=true + fi + fi + + _key="password_dovecotpw_method" + _val="'${DOVECOT_ENC_METHOD_NEW}'" + if ! grep -q -E "^\s*\\\$config\['$_key'\]\s*=\s*$_val" "${_config_file}" 2> /dev/null ; then + perl -i -n -p -e "s#(^\s*\\\$config\['$_key'\].*)#//\!\1\n\\\$config['$_key'] = $_val;#" \ + ${_config_file} > $log_file 2>&1 + if [[ $? -ne 0 ]] ; then + _failed=true + fi + fi + + _key="password_dovecotpw_with_method" + _val="true" + if ! grep -q -E "^\s*\\\$config\['$_key'\]\s*=\s*$_val" "${_config_file}" 2> /dev/null ; then + perl -i -n -p -e "s#(^\s*\\\$config\['$_key'\].*)#//\!\1\n\\\$config['$_key'] = $_val;#" \ + ${_config_file} > $log_file 2>&1 + if [[ $? -ne 0 ]] ; then + _failed=true + fi + fi + + if $_failed ; then + echo_failed + else + echo_ok + fi + +else + echo_skipped + warn "No cofiguration for roundcube plugin 'password' found!" +fi + +if [[ -f "${_config_file}.BAK.${date}" ]]; then + if diff "${_config_file}" "${_config_file}.BAK.${date}" > /dev/null 2>&1 ; then + info "${_config_file} has not changed.\n Removing previos created backup.." + rm "${_config_file}.BAK.${date}" + fi +fi + + + +echo -e "\n \033[1;32mGoing to convert postfixadmin passwords..\033[m\n" + + +log_file="$log_file_pfa" +log_file_error="$log_file_pfa_error" +echo "# ---" >> $log_file +echo "# - Convert Password (PostfixAdmin) from Plain to ${DOVECOT_ENC_METHOD_NEW}" >> $log_file +echo "# ---" >> $log_file +echo "" >> $log_file + +if [[ "$POSTFIX_DB_TYPE" = "pgsql" ]] ; then + while IFS='|' read email password dummy ; do + echononl " Convert Passwort (postfixadmin) for '\033[37m\033[1m${email}\033[m'.." + if [[ "$password" =~ ^\{.*\} ]]; then + echo_skipped + continue + fi + sudo -u postgres psql $POSTFIX_DB_NAME --quiet -c "UPDATE admin SET password = '$(doveadm pw -s ${DOVECOT_ENC_METHOD_NEW} -p $password)' WHERE username = '$email'" + if [[ $? -eq 0 ]]; then + echo_ok + echo "[ ok ]: $email $password" >> $log_file + else + echo_failed + echo "[ failed ]: $email $password" >> $log_file + echo "[ failed ]: $email $password" >> $log_file_error + fi + + done < <(sudo -u postgres psql $POSTFIX_DB_NAME -w -t --quiet --no-align -c "SELECT username,password from admin") +elif [[ "$POSTFIX_DB_TYPE" = "mysql" ]]; then + while read email password ; do + echononl " Convert Passwort (postfixadmin) for '\033[37m\033[1m${email}\033[m'.." + if [[ "$password" =~ ^\{.*\} ]]; then + echo_skipped + continue + fi + echo "${email};$password" >> $log_file_csv + mysql $MYSQL_CREDENTIALS $POSTFIX_DB_NAME -N -s -e "UPDATE admin SET password = '$(doveadm pw -s ${DOVECOT_ENC_METHOD_NEW} -p "$password")' WHERE username = '$email'" + if [[ $? -eq 0 ]]; then + echo_ok + echo "[ ok ]: $email $password" >> $log_file + else + echo_failed + mailbox_pw_failed_arr+=("$email - $password") + error "$(cat "$err_msg")" + echo "[ failed ]: $email $password" >> $log_file + echo "[ failed ]: $email $password" >> $log_file_error + fi + done < <(mysql $MYSQL_CREDENTIALS $POSTFIX_DB_NAME -N -s -e "SELECT username,password from admin") +else + fatal "Unknown database typ '$POSTFIX_DB_TYPE' (Parameter POSTFIX_DB_TYPE)!" +fi + + + +echo -e "\n \033[1mAdjust configuration of Postfixadmin\033[m\n" + + +echo "# ---" >> $log_file +echo "# - Adjust configuration of Postfixadmin" >> $log_file +echo "# -" >> $log_file +echo "# - \$CONF['encrypt'] = 'dovecot:${DOVECOT_ENC_METHOD_NEW}';" >> $log_file +echo "# - \$CONF['dovecotpw'] = '/usr/local/dovecot/bin/doveadm pw';" >> $log_file +echo "# -" >> $log_file +echo "# ---" >> $log_file +echo "" >> $log_file + +# - Adjust configuration of Postfixadmin +# - +# - $CONF['encrypt'] = 'dovecot:${DOVECOT_ENC_METHOD_NEW}'; +# - $CONF['dovecotpw'] = '/usr/local/dovecot/bin/doveadm pw' +# - +_failed=false +if [[ -f "${DOCROOT_PFA}/config.local.php" ]] ; then + _config_file="${DOCROOT_PFA}/config.local.php" +else + _config_file="${DOCROOT_PFA}/config.inc.php" +fi + +echononl " Backup Postfixadmin configuration file '$(basename "$_config_file")'" +if [[ -f "$_config_file" ]]; then + cp -a "$_config_file" "${_config_file}.BAK.${date}" > $err_msg 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat "$err_msg")" + fi +else + echo_failed + fatal "Configuration file for Postfixadmin not found!" +fi + +echononl " Adjust configuration of Postfixadmin.." +if [[ -f "$_config_file" ]]; then + + _key="encrypt" + _val="'dovecot:${DOVECOT_ENC_METHOD_NEW}'" + if ! grep -q -E "^\s*\\\$CONF\['$_key'\]\s*=\s*$_val" "${_config_file}" 2> /dev/null ; then + perl -i -n -p -e "s#(^\s*\\\$CONF\['$_key'\].*)#//\!\1\n\\\$CONF['$_key'] = $_val;#" \ + ${_config_file} > $log_file 2>&1 + if [[ $? -ne 0 ]] ; then + _failed=true + fi + fi + + _key="dovecotpw" + _val="'/usr/local/dovecot/bin/doveadm pw'" + if grep -q -E "^\\\$CONF\['$_key'\]\s*=.*" "${_config_file}" 2> /dev/null ; then + if ! grep -q -E "^\\\$CONF\['$_key'\]\s*=\s*$_val" "${_config_file}" 2> /dev/null ; then + perl -i -n -p -e "s#(^\\\$CONF\['$_key'\].*)#//\!\1\n\\\$CONF['$_key'] = $_val;#" \ + "$_config_file" > $log_file 2>&1 + if [[ $? -ne 0 ]] ; then + _failed=true + fi + fi + else + cat <> $_config_file + +// If you use the dovecot encryption method: where is the dovecotpw binary located? +// for dovecot 1.x +// \$CONF['dovecotpw'] = "/usr/sbin/dovecotpw"; +// for dovecot 2.x (dovecot 2.0.0 - 2.0.7 is not supported!) +\$CONF['dovecotpw'] = "$_val" ; +EOF + if [[ $? -ne 0 ]] ; then + _failed=true + fi + + fi + + if $_failed ; then + echo_failed + else + echo_ok + fi + +else + echo_skipped + warn "No cofiguration for roundcube plugin 'password' found!" +fi + +if [[ -f "${_config_file}.BAK.${date}" ]]; then + if diff "${_config_file}" "${_config_file}.BAK.${date}" > /dev/null 2>&1 ; then + info "${_config_file} has not changed.\n Removing previos created backup.." + rm "${_config_file}.BAK.${date}" + fi +fi + + +warn "Passwords containing a backslash '\\\' are not converted correctly!" + +exit 0