diff --git a/delete_opendkim_configuration.sh b/delete_opendkim_configuration.sh new file mode 100755 index 0000000..9eb4e09 --- /dev/null +++ b/delete_opendkim_configuration.sh @@ -0,0 +1,620 @@ +#!/usr/bin/env bash + +script_name="$(basename $(realpath $0))" +working_dir="$(dirname $(realpath $0))" + +conf_file="${working_dir}/conf/${script_name%%.*}.conf" + +LOCK_DIR="/tmp/$(basename $0).$$.LOCK" +log_file="${LOCK_DIR}/${script_name%%.*}.log" + +backup_date="$(date +%Y-%m-%d-%H%M)" + + +# ------------- +# - Default values +# ------------- + +# - Give your default values here +# - +BATCH_MODE=false + +opendkim_dir="/etc/opendkim" +opendkim_backup_dir="${opendkim_dir}/BACKUP" +opendkim_deleted_dir="${opendkim_dir}/DELETED" + +signing_table_file="${opendkim_dir}/signing.table" +key_table_file="${opendkim_dir}/key.table" +key_base_dir=${opendkim_dir}/keys + +signing_table_file_changed=false +key_table_file_changed=false + + + +# ------------- +# --- Functions +# ------------- + +usage() { + + [[ -n "$1" ]] && error "$1" + + [[ -z "${dkim_domain}" ]] && dkim_domain='' + [[ -z "${update_zone}" ]] && update_zone='' + + + [[ $terminal ]] && echo -e " +\033[1mUsage:\033[m + + $(basename $0) [-b] [-d ] [-h] + +\033[1mDescription\033[m + + Thr script deletes OpenDKIM configuration including key. + + \033[1mNote\033[m + Script does not remove any DNS records/entries or other changes on zone files!! + + +\033[1mOptions\033[m + + -b + Script will run in batch mode, no user interaction is made. Flag \033[1m-n\033[m is + ignored, or in other words: running in batch mode implies updating DNS DKIM record. + Useful for cronjob. + + -d + The domain for which DKIM support will be stooped. If not give, the domain will be + requested interactivly. + + -h + Prints this help. + +\033[1mFiles\033[m + + $conf_file: Configuration file + +\033[1mExample:\033[m + + Delete OpenDKIM Configuration for domain \033[1moopen.de\033[m + + $(basename $0) -d oopen.de +" + clean_up 1 + +} + +clean_up() { + + # Perform program exit housekeeping + rm -rf "$LOCK_DIR" + blank_line + exit $1 +} + +echononl(){ + if $terminal ; then + echo X\\c > /tmp/shprompt$$ + if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then + echo -e -n " $*\\c" 1>&2 + else + echo -e -n " $*" 1>&2 + fi + rm /tmp/shprompt$$ + fi +} + + +fatal(){ + echo "" + if $terminal ; then + echo -e " [ \033[31m\033[1mFatal\033[m ] $*" + else + echo -e " [ Fatal ] $*" + fi + echo "" + if $terminal ; then + echo -e " \033[1mScript terminated\033[m.." + else + echo -e " Script terminated.." + fi + echo "" + rm -rf $LOCK_DIR + exit 1 +} + +error (){ + echo "" + if $terminal ; then + echo -e " [ \033[31m\033[1mError\033[m ] $*" + else + echo " [ Error ] $*" + fi + echo "" +} + +warn (){ + echo "" + if $terminal ; then + echo -e " [ \033[33m\033[1mWarning\033[m ] $*" + else + echo " [ Warn ] $*" + fi + echo "" +} + +todo (){ + echo "" + if $terminal ; then + echo -e " [ \033[33m\033[1mToDo\033[m ] $*" + else + echo " [ ToDo ] $*" + fi + echo "" +} + + +info (){ + echo "" + if $terminal ; then + echo -e " [ \033[32m\033[1mInfo\033[m ] $*" + else + echo " [ Info ] $*" + fi + echo "" +} + +echo_done() { + if $terminal ; then + echo -e "\033[80G[ \033[32mdone\033[m ]" + fi +} +echo_ok() { + if $terminal ; then + echo -e "\033[80G[ \033[32mok\033[m ] " + fi +} +echo_failed(){ + if $terminal ; then + echo -e "\033[80G[ \033[1;31mfailed\033[m ]" + fi +} +echo_skipped() { + if $terminal ; then + echo -e "\033[80G[ \033[90m\033[1mskipped\033[m ]" + fi +} +echo_warn() { + if $terminal ; then + echo -e "\033[80G[ \033[33m\033[1mwarning\033[m ]" + fi +} +echo_wait(){ + if $terminal ; then + echo -en "\033[80G[ \033[5m\033[1m...\033[m ]" + fi +} + +blank_line() { + if $terminal ; then + echo "" + fi +} + +containsElement () { + local e + for e in "${@:2}"; do [[ "$e" == "$1" ]] && return 0; done + return 1 +} + +# - Remove leading/trailling whitespaces +# - +trim() { + local var="$*" + var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters + var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters + echo -n "$var" +} + +delete_generated_files() { + + for _file in ${generated_files_arr[@]} ; do + + echononl " Delete file \033[1m$_file\033[m .." + + rm "$_file" > $log_file 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + fi + + done + +} + + + +# ---------- +# - Jobhandling +# ---------- + +# - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM +# - +trap clean_up SIGHUP SIGINT SIGTERM + +# - Create lock directory '$LOCK_DIR" +# +mkdir "$LOCK_DIR" + + + +# ------------- +# - Some checks .. +# ------------- + +# - Running in a terminal? +# - +if [[ -t 1 ]] ; then + terminal=true +else + terminal=false +fi + +# - Is 'systemd' supported on this system +# - +# -Is systemd supported on this system? +# - +systemd_supported=false +systemd=$(which systemd) +systemctl=$(which systemctl) + +if [[ -n "$systemd" ]] && [[ -n "$systemctl" ]] ; then + systemd_supported=true +fi + + + +# ========== +# - Begin Main Script +# ========== + +# ---------- +# - Headline +# ---------- + +if $terminal ; then + echo "" + echo -e "\033[1m----------\033[m" + echo -e "\033[32m\033[1mRunning script \033[m\033[1m$script_name\033[32m .. \033[m" + echo -e "\033[1m----------\033[m" +fi + + +# ---------- +# Read Configurations from $conf_file +# ---------- + +domain="" +update_zone="" +if [[ -f "$conf_file" ]]; then + source "$conf_file" +else + warn "No configuration file '$conf_file' present." +fi + + +# ------------- +# - Read in Commandline arguments +# ------------- +while getopts d:h opt ; do + case $opt in + d) dkim_domain=$OPTARG ;; + h) usage ;; + \?) usage + esac +done + + +if [[ -z "$dkim_domain" ]] ; then + echo "" + echo -e "\033[32m--\033[m" + echo "" + echo " Insert the domain name for which DKIM support should be stopped." + echo "" + echo "" + echononl " DKIM domain: " + read dkim_domain + while [ "X$dkim_domain" = "X" ] ; do + echo -e "\n\t\033[33m\033[1mEingabe erforderlich.\033[m\n" + echononl " DKIM domain: " + read dkim_domain + done +elif $terminal ; then + echo -e "\033[32m--\033[m" + info "\033[32mDelete DKIM key/configuration for domain \033[37m\033[1m$dkim_domain\033[m" +fi + +if [[ -z "$dkim_domain" ]] ; then + fatal "Running in batch mode, but no domain was given!" +fi + +blank_line + + +if $terminal ; then + echo "" + echo -e " \033[1m----------\033[m" + echo " DKIM Domain......................: $dkim_domain" + echo "" + echo " OpenDKIM's etc-directory.........: $opendkim_dir" + echo " Key directory....................: ${key_base_dir}/${dkim_domain}" + echo " Signing table file...............: $signing_table_file" + echo " Key table file...................: $key_table_file" + echo -e " \033[1m----------\033[m" + echo "" +fi + + +# ============= +# - Start Configuration +# ============= + +if $terminal ; then + echo + echo -n " Type upper case 'YES' to start: " + read OK + if [[ "$OK" != "YES" ]] ; then + fatal "Abort by user request - Answer as not 'YES'" + fi + echo "" +else + declare -i _count=0 + declare -i _stop=${#dkim_domain}+2 + echo "" + echo "*${dkim_domain}*" + while [[ $_count -lt $_stop ]] ; do + echo -n "=" + ((_count++)) + done + echo "" + echo "" +fi + + + +# Get all Dkim Domains +# +echononl "Get list of configured OpenDKIM Domians.." +cat $key_table_file | awk '{print$2}' | cut -d':' -f1 | sort > ${LOCK_DIR}/opendikim-domains.txt 2> $log_file +if [[ $? -gt 0 ]] ; then + echo_failed + fatal "$(cat $log_file)" +fi + +dkim_domain_arr=() +while IFS='' read -r line || [[ -n "$line" ]] ; do + dkim_domain_arr+=("$line") +done < "${LOCK_DIR}/opendikim-domains.txt" + +if [[ ${#dkim_domain_arr[@]} -gt 0 ]]; then + echo_ok +else + echo_warn + warn "No configured OpenDKIM Domian found. Exiting script.." + clean_up 1 +fi + +#for _domain in ${dkim_domain_arr[@]} ; do +# echo " $_domain" +#done + +# Check if DKIM Configuration for given Domain exist.. +# +echononl "Check if DKIM Configuration for given Domain exist.." +if ! containsElement "$dkim_domain" "${dkim_domain_arr[@]}" ; then + echo_failed + fatal "No DKIM configuration for domain '$dkim_domain' found!" +else + echo_ok +fi + +blank_line + +echononl "Create Backup Directory '$opendkim_backup_dir'.." +if [[ ! -d "$opendkim_backup_dir" ]] ; then + mkdir "$opendkim_backup_dir" > $log_file 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + fatal "$(cat $log_file)" + fi +else + echo_skipped +fi + +echononl "Create Deleted Directory '$opendkim_deleted_dir'.." +if [[ ! -d "$opendkim_deleted_dir" ]] ; then + mkdir "$opendkim_deleted_dir" > $log_file 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + fatal "$(cat $log_file)" + fi +else + echo_skipped +fi + +blank_line + +echononl "Backup 'Signing Table File'.." +cp -a "$signing_table_file" ""${opendkim_backup_dir}/$(basename "${signing_table_file}").$backup_date > $log_file 2>&1 +if [[ $? -eq 0 ]] ; then + echo_ok +else + echo_failed + fatal "$(cat $log_file)" +fi + +echononl "Backup 'Key Table File'.." +cp -a "$key_table_file" "${opendkim_backup_dir}/$(basename "${key_table_file}").$backup_date" > $log_file 2>&1 +if [[ $? -eq 0 ]] ; then + echo_ok +else + echo_failed + fatal "$(cat $log_file)" +fi + +_error=false +echononl "Remove entry for domain "$dkim_domain" from file '$signing_table_file'.." +if grep -q -E "$dkim_domain" "$signing_table_file" > $log_file 2>&1 ; then + signing_table_file_changed=true + + sed -i "/$dkim_domain/d" "$signing_table_file" > $log_file 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + _error=true + fi +else + echo_skipped + error "No entry in file '$signing_table_file' for domain '' found!" + _error=true +fi + +if $_error ; then + if $signing_table_file_changed ; then + echononl "Restore file Signing Table File '$(basename "${signing_table_file}")'.." + mv -f "${opendkim_backup_dir}/$(basename "${signing_table_file}").$backup_date " \ + "$signing_table_file" > $log_file 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + fi + else + echononl "Remove previos backuped Signing Table File '$(basename "${signing_table_file}")'.." + rm "${opendkim_backup_dir}/$(basename "${signing_table_file}").$backup_date" > $log_file 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + fi + fi + + echononl "Remove previos backuped Key Table File" + rm "${opendkim_backup_dir}/$(basename "${key_table_file}").$backup_date" > $log_file 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + fi + + clean_up 1 +fi + +echononl "Remove entry for domain "$dkim_domain" in file '$key_table_file'.." +if grep -q -E "$dkim_domain" "$key_table_file" > $log_file 2>&1 ; then + key_table_file_changed=true + + sed -i "/$dkim_domain/d" "$key_table_file" > $log_file 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + _error=true + fi +else + echo_skipped + warn "No entry in file '$key_table_file' for domain '' found!" +fi + +if $_error ; then + echononl "Restore file Signing Table File '$(basename "${signing_table_file}")'.." + mv -f "${opendkim_backup_dir}/$(basename "${signing_table_file}").$backup_date " \ + "$signing_table_file" > $log_file 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + fi + + if $key_table_file_changed ; then + echononl "Restore file Key Table File '$(basename "${key_table_file}")'.." + mv -f "${opendkim_backup_dir}/$(basename "${key_table_file}").$backup_date " \ + "$key_table_file" > $log_file 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + fi + else + echononl "Remove previos backuped Key Table File" + rm "${opendkim_backup_dir}/$(basename "${key_table_file}").$backup_date" > $log_file 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + fi + fi + + + clean_up 1 +fi + +echononl "Move Key Diretory '$dkim_domain' to Directory '$opendkim_deleted_dir'.." +if [[ -d "${key_base_dir}/$dkim_domain" ]] ; then + mv "${key_base_dir}/$dkim_domain" "${opendkim_deleted_dir}/${dkim_domain}.$backup_date" > $log_file 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + fi +else + echo_skipped + warn "No Key Directory for DKIM domsin '$dkim_domain' found." +fi + +blank_line + +echononl "Restart OpenDKIM.." +echo_wait +if $systemd_supported ; then + systemctl reload opendkim > $log_file 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + fi +else + /etc/init.d/opendkim reload > $log_file 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + fi +fi + + +fatal "Not YET finished!" +clean_up 0 + + +#key_dir=${key_base_dir}/${dkim_domain} +#dkim_domain_shortname="${dkim_domain%.*}"