# ==================== # - Install via debian packagesystem # ==================== # - Install dependencies # - apt-get install ruby-dev gnupg2 libgpgme-dev libsqlite3-dev libssl-dev build-essential apt-get install haveged # - Install schleuder 3 from stretch-backports # - apt-get install -t stretch-backports schleuder # - You will get the following output # - # - Type 'J' # - Paketlisten werden gelesen... Fertig Abhängigkeitsbaum wird aufgebaut. Statusinformationen werden eingelesen.... Fertig The following additional packages will be installed: fonts-lato libgpgme11 libruby2.3 libyaml-0-2 rake ruby ruby-activemodel ruby-activerecord ruby-activesupport ruby-arel ruby-atomic ruby-backports ruby-blankslate ruby-builder ruby-daemons ruby-did-you-mean ruby-eventmachine ruby-gpgme ruby-i18n ruby-json ruby-mail ruby-mail-gpg ruby-mime-types ruby-minitest ruby-multi-json ruby-net-telnet ruby-oj ruby-power-assert ruby-rack ruby-rack-protection ruby-rack-test ruby-sinatra ruby-sinatra-contrib ruby-sqlite3 ruby-test-unit ruby-thor ruby-thread-safe ruby-tilt ruby-tzinfo ruby2.3 rubygems-integration schleuder-cli sqlite3 thin Vorgeschlagene Pakete: gpgsm ri ruby-dev ruby-builder-doc bundler sqlite3-doc Die folgenden NEUEN Pakete werden installiert: fonts-lato libgpgme11 libruby2.3 libyaml-0-2 rake ruby ruby-activemodel ruby-activerecord ruby-activesupport ruby-arel ruby-atomic ruby-backports ruby-blankslate ruby-builder ruby-daemons ruby-did-you-mean ruby-eventmachine ruby-gpgme ruby-i18n ruby-json ruby-mail ruby-mail-gpg ruby-mime-types ruby-minitest ruby-multi-json ruby-net-telnet ruby-oj ruby-power-assert ruby-rack ruby-rack-protection ruby-rack-test ruby-sinatra ruby-sinatra-contrib ruby-sqlite3 ruby-test-unit ruby-thor ruby-thread-safe ruby-tilt ruby-tzinfo ruby2.3 rubygems-integration schleuder schleuder-cli sqlite3 thin 0 aktualisiert, 45 neu installiert, 0 zu entfernen und 47 nicht aktualisiert. Es müssen 9.420 kB an Archiven heruntergeladen werden. Nach dieser Operation werden 42,1 MB Plattenplatz zusätzlich benutzt. Möchten Sie fortfahren? [J/n] # --- # - Enable user schleuder for managing lists # --- backup_date="$(date +%Y-%m-%d-%H%M)" schleuder_config="/etc/schleuder/schleuder.yml" user_schleuder_config="/var/lib/schleuder/.schleuder-cli/schleuder-cli.yml" # - Create API Key for user schleuder # - api_key="$(schleuder new_api_key)" # - Add the generated API Key to the list of valid api keys at # - configuration file $schleuder_config # - if ! grep -q "$api_key" 2> /dev/null $schleuder_config ; then perl -i.$backup_date -n -p \ -e "s/(^(\s*)valid_api_keys:.*)/\1\n\2 - ${api_key}/" \ $schleuder_config fi # - Add generated API Key to schleuder's configuration file # - '${user_schleuder_config}' # - # - If no configuration file present, create a new default one. # - have_dot_schleuder_cli_yml=true if [[ ! -d "~schleuder/.schleuder-cli" ]] ; then have_dot_schleuder_cli_yml=false elif [[ ! -f "~schleuder/.schleuder-cli/schleuder-cli.yml" ]] ; then # - If the directory is present, no default configuration file (see below) # - will be written # - mv "~schleuder/.schleuder-cli" "~schleuder/.schleuder-cli.${backup_date}" have_dot_schleuder_cli_yml=false fi if ! $have_dot_schleuder_cli_yml ; then # Creates a default configuration file '${user_schleuder_config}' # su - schleuder -s /bin/bash -c "/usr//bin/schleuder-cli lists list > /dev/null 2>&1" fi # - Now, add the API Key.. # - perl -i.$backup_date -n -p \ -e "s/^(\s*api_key:).*/\1 ${api_key}/" \ ${user_schleuder_config} # - Get tls fingerprint of configured certificate # - cert_fingerprint="$(schleuder cert fingerprint | awk '{print$4}')" # - Add the fingerprint to schleuder users private configuration file # - if ! grep -q "$cert_fingerprint" 2> /dev/null ${user_schleuder_config} ; then perl -i.$backup_date -n -p \ -e "s/^(\s*tls_fingerprint:).*/\1 ${cert_fingerprint}/" \ ${user_schleuder_config} fi # - Restart 'schleuder-api-daemon' # - systemctl restart schleuder-api-daemon # --- # - Add Postfix support # --- schleuder_script="$(which schleuder)" backup_date="$(date +%Y-%m-%d-%H%M)" schleuder_domains="il-schleuder.de cryptolists.interventionistische-linke.org" cp -a "/etc/postfix/main.cf" "/etc/postfix/main.cf.$backup_date" # - # - /etc/postfix/master.cf # - # - Add transport options to file /etc/postfix/master.cf # - if ! grep -q -E "^\s*schleuder" /etc/postfix/master.cf 2>/dev/null ; then # - Backup file /etc/postfix/master.cf # - cp -a "/etc/postfix/master.cf" "/etc/postfix/master.cf.$backup_date" cat <> /etc/postfix/master.cf schleuder unix - n n - - pipe flags=DRhu user=schleuder argv=${schleuder_script} work \${recipient} EOF fi # - # - virtual_schleuder_domains_file # - virtual_schleuder_domains_file="/etc/postfix/schleuder_domains_sqlite.cf" if [[ -f "$virtual_schleuder_domains_file" ]] ; then # - Backup file $virtual_schleuder_domains_file # - cp -a "$virtual_schleuder_domains_file" "${virtual_schleuder_domains_file}.$backup_date" fi # - Create new file '$virtual_schleuder_domains_file' # - cat << EOF > $virtual_schleuder_domains_file dbpath = /var/lib/schleuder/db.sqlite query = select distinct substr(email, instr(email, '@') + 1) from lists where email like '%%%s' EOF # - Add 'sqlite:$virtual_schleuder_domains_file' to virtual_mailbox_domains # - if ! $(grep -q -e "sqlite:$virtual_schleuder_domains_file" "/etc/postfix/main.cf") ; then perl -i -n -p \ -e "s#^\s*(virtual_mailbox_domains\s*=.*$)#\1\n \#\# - Schleuder domains\n sqlite:${virtual_schleuder_domains_file}#" \ /etc/postfix/main.cf > $log_file 2>&1 fi # - Delete backuped file '$virtual_schleuder_domains_file' if nothing changed # - if [[ -f "${virtual_schleuder_domains_file}.$backup_date" ]]; then if $(diff "$virtual_schleuder_domains_file" "${virtual_schleuder_domains_file}.$backup_date" > /dev/null 2>&1); then rm "${virtual_schleuder_domains_file}.$backup_date" fi fi # - # - virtual_schleuder_lists_file # - virtual_schleuder_lists_file="/etc/postfix/schleuder_lists_sqlite.cf" if [[ -f "$virtual_schleuder_lists_file" ]] ; then # - Backup file $virtual_schleuder_lists_file # - cp -a "$virtual_schleuder_lists_file" "${virtual_schleuder_lists_file}.$backup_date" fi # - Create new file '$virtual_schleuder_lists_file' # - cat << EOF > $virtual_schleuder_lists_file # Use this as a table for postfix to select addresses that schleuder # thinks belong to it. This is useful when # smtpd_reject_unlisted_recipient = yes (which is the default for # modern Postfix) # For example, you might dedicate Postfix's "virtual" domains to # schleuder with the following set of configs in main.cf: # # virtual_domains = lists.example.org # virtual_transport = schleuder # virtual_alias_maps = hash:/etc/postfix/virtual_aliases # virtual_mailbox_maps = sqlite:/etc/postfix/schleuder_sqlite.cf # schleuder_destination_recipient_limit = 1 # it is not recommended to use this table for more powerful # configuration options (e.g. transport_maps) because it could give # the schleuder user (which can write the given sqlite database) the # power to change settings for for other mail handled by this Postfix # instance. dbpath = /var/lib/schleuder/db.sqlite query = select 'present' from lists where email = '%s' or email = replace('%s', '-bounce@', '@') or email = replace('%s', '-owner@', '@') or email = replace('%s', '-request@', '@') or email = replace('%s', '-sendkey@', '@') EOF # - Add 'sqlite:$virtual_schleuder_lists_file' to virtual_mailbox_maps # - if ! $(grep -q -e "sqlite:$virtual_schleuder_lists_file" "/etc/postfix/main.cf") ; then perl -i -n -p \ -e "s#^\s*(virtual_mailbox_maps\s*=.*$)#\1\n \#\# - Schleuder lists\n sqlite:${virtual_schleuder_lists_file}#" \ /etc/postfix/main.cf > $log_file 2>&1 fi # - Delete backuped file '$virtual_schleuder_lists_file' if nothing changed # - if [[ -f "${virtual_schleuder_lists_file}.$backup_date" ]]; then if $(diff "$virtual_schleuder_lists_file" "${virtual_schleuder_lists_file}.$backup_date" > /dev/null 2>&1); then rm "${virtual_schleuder_lists_file}.$backup_date" fi fi # - # - transport_schleuder_file # - transport_schleuder_file="/etc/postfix/transport_schleuder" if [[ -f "$transport_schleuder_file" ]] ; then # - Backup file '$transport_schleuder_file' # - cp -a "$transport_schleuder_file" "${transport_schleuder_file}.$backup_date" fi # - Create new file '$transport_schleuder_file' # - > $transport_schleuder_file for _domain in $schleuder_domains ; do cat << EOF >> $transport_schleuder_file $_domain schleuder: EOF done # - Create db-file '${transport_schleuder_file}.db' # - postmap btree:${transport_schleuder_file} # - Add 'btree:${transport_schleuder_file}' to parameter transport_maps in /etc/postfix/main.cf # - if ! $(grep -q "btree:${transport_schleuder_file}" "/etc/postfix/main.cf") ; then perl -i -n -p \ -e "s#^(transport_maps\s+=.*)#\1\n btree:${transport_schleuder_file}#" \ /etc/postfix/main.cf > $log_file 2>&1 fi # - Add 'btree:${transport_schleuder_file}' to parameter transport_maps in /etc/postfix/main.cf # - if ! $(grep -q "btree:${transport_schleuder_file}" "/etc/postfix/main.cf") ; then perl -i -n -p \ -e "s#^(transport_maps\s+=.*)#\1\n btree:${transport_schleuder_file}#" \ /etc/postfix/main.cf > $log_file 2>&1 fi # - Delete backuped file '$transport_schleuder_file' if nothing changed # - if [[ -f "${transport_schleuder_file}.$backup_date" ]]; then if $(diff "$transport_schleuder_file" "${transport_schleuder_file}.$backup_date" > /dev/null 2>&1); then rm "${transport_schleuder_file}.$backup_date" fi fi # - # - virtual_schleuder_aliases_file # - virtual_schleuder_aliases_file="/etc/postfix/virtual_schleuder_aliases" if [[ -f "$virtual_schleuder_aliases_file" ]] ; then # - Backup file '$virtual_schleuder_aliases_file' # - cp -a "$virtual_schleuder_aliases_file" "${virtual_schleuder_aliases_file}.$backup_date" fi # - Create new file '$virtual_schleuder_aliases_file' # - cat << EOF > $virtual_schleuder_aliases_file ## - For schleuder domain, prevent e-mail addresse ## - postmaster@, ## - abuse@, ## - MAILER-DAEMON@, ## - root@ ## - sending to schleuder list manager ## - EOF for _domain in $schleuder_domains ; do cat << EOF >> $virtual_schleuder_aliases_file postmaster@$_domain postmaster@interventionistische-linke.org abuse@$_domain postmaster@interventionistische-linke.org MAILER-DAEMON@$_domain root@localhost root@$_domain root@localhost EOF done # - Create db-file '${virtual_schleuder_aliases_file}.db' # - postmap btree:${virtual_schleuder_aliases_file} # - Add 'btree:${virtual_schleuder_aliases_file}' to parameter virtual_alias_maps in /etc/postfix/main.cf # - if ! $(grep -q "btree:${virtual_schleuder_aliases_file}" "/etc/postfix/main.cf") ; then perl -i -n -p \ -e "s#^(virtual_alias_maps\s+=.*)#\1\n \#\# - Schleuder\n btree:${virtual_schleuder_aliases_file}#" \ /etc/postfix/main.cf > $log_file 2>&1 fi # - Delete backuped file '$virtual_schleuder_aliases_file' if nothing changed # - if [[ -f "${virtual_schleuder_aliases_file}.$backup_date" ]]; then if $(diff "$virtual_schleuder_aliases_file" "${virtual_schleuder_aliases_file}.$backup_date" > /dev/null 2>&1); then rm "${virtual_schleuder_aliases_file}.$backup_date" fi fi # - # - main.cf: new Parameter 'schleuder_destination_recipient_limit' # - # - Add and set parameter 'schleuder_destination_recipient_limit = 1' # - if ! $(grep -q -E "^\s*schleuder_destination_recipient_limit" "/etc/postfix/main.cf") ; then perl -i -n -p \ -e "s#^\s*(virtual_transport\s*=.*$)#schleuder_destination_recipient_limit = 1\n\n\1#" \ /etc/postfix/main.cf > $log_file 2>&1 fi # --- if [[ -f "/etc/postfix/main.cf.$backup_date" ]]; then if $(diff "/etc/postfix/main.cf" "/etc/postfix/main.cf.$backup_date" > /dev/null 2>&1); then rm "/etc/postfix/main.cf.$backup_date" fi fi systemctl restart postfix