Add script 'delete_opendkim_configuration.sh'.

2020-07-20 17:45:58 +02:00 · 2020-07-20 17:45:58 +02:00 · d3aaa46508
commit d3aaa46508
parent d6c25f0a9b
1 changed files with 620 additions and 0 deletions
--- a/delete_opendkim_configuration.sh
+++ b/delete_opendkim_configuration.sh
@ -0,0 +1,620 @@
+#!/usr/bin/env bash
+
+script_name="$(basename $(realpath $0))"
+working_dir="$(dirname $(realpath $0))"
+
+conf_file="${working_dir}/conf/${script_name%%.*}.conf"
+
+LOCK_DIR="/tmp/$(basename $0).$$.LOCK"
+log_file="${LOCK_DIR}/${script_name%%.*}.log"
+
+backup_date="$(date +%Y-%m-%d-%H%M)"
+
+
+# -------------
+# - Default values
+# -------------
+
+# - Give your default values here
+# -
+BATCH_MODE=false
+
+opendkim_dir="/etc/opendkim"
+opendkim_backup_dir="${opendkim_dir}/BACKUP"
+opendkim_deleted_dir="${opendkim_dir}/DELETED"
+
+signing_table_file="${opendkim_dir}/signing.table"
+key_table_file="${opendkim_dir}/key.table"
+key_base_dir=${opendkim_dir}/keys
+
+signing_table_file_changed=false
+key_table_file_changed=false
+
+
+
+# -------------
+# --- Functions
+# -------------
+
+usage() {
+
+	[[ -n  "$1" ]] && error "$1"
+
+   [[ -z "${dkim_domain}" ]] && dkim_domain='<dkim-domain-name>'
+   [[ -z "${update_zone}" ]] && update_zone='<update-zone>'
+
+
+	[[ $terminal ]] && echo -e "
+\033[1mUsage:\033[m
+
+   $(basename $0) [-b] [-d <dkim-domain-name> ] [-h] 
+
+\033[1mDescription\033[m
+
+   Thr script deletes OpenDKIM configuration including key.
+
+   \033[1mNote\033[m
+   Script does not remove any DNS records/entries or other changes on zone files!!
+
+
+\033[1mOptions\033[m
+
+      -b
+         Script will run in batch mode, no user interaction is made. Flag \033[1m-n\033[m is
+         ignored, or in other words: running in batch mode implies updating DNS DKIM record.
+         Useful for cronjob.
+			
+      -d <dkim-domain-name>
+         The domain for which DKIM support will be stooped. If not give, the domain will be
+         requested interactivly.
+
+      -h
+         Prints this help.
+
+\033[1mFiles\033[m
+
+   $conf_file: Configuration file
+
+\033[1mExample:\033[m
+   
+   Delete OpenDKIM Configuration for domain \033[1moopen.de\033[m
+
+      $(basename $0) -d oopen.de
+"
+	clean_up 1
+
+}
+
+clean_up() {
+
+   # Perform program exit housekeeping
+   rm -rf "$LOCK_DIR"
+   blank_line
+   exit $1
+}
+
+echononl(){
+   if $terminal ; then
+      echo X\\c > /tmp/shprompt$$
+      if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then
+         echo -e -n "   $*\\c" 1>&2
+      else
+         echo -e -n "   $*" 1>&2
+      fi
+      rm /tmp/shprompt$$
+   fi
+}
+
+
+fatal(){
+   echo ""
+   if $terminal ; then
+      echo -e "   [ \033[31m\033[1mFatal\033[m ] $*"
+   else
+      echo -e "   [ Fatal ] $*"
+   fi
+   echo ""
+   if $terminal ; then
+      echo -e "             \033[1mScript terminated\033[m.."
+   else
+      echo -e "             Script terminated.."
+   fi
+   echo ""
+   rm -rf $LOCK_DIR
+   exit 1
+}
+
+error (){
+   echo ""
+   if $terminal ; then
+      echo -e "   [ \033[31m\033[1mError\033[m ] $*"
+   else
+      echo "   [ Error ] $*"
+   fi
+   echo ""
+}
+
+warn (){
+   echo ""
+   if $terminal ; then
+      echo -e "   [ \033[33m\033[1mWarning\033[m ]  $*"
+   else
+      echo "   [ Warn ]  $*"
+   fi
+   echo ""
+}
+
+todo (){
+   echo ""
+   if $terminal ; then
+      echo -e "   [ \033[33m\033[1mToDo\033[m ]  $*"
+   else
+      echo "   [ ToDo ]  $*"
+   fi
+   echo ""
+}
+
+
+info (){
+   echo ""
+   if $terminal ; then
+      echo -e "   [ \033[32m\033[1mInfo\033[m ]  $*"
+   else
+      echo "   [ Info ]  $*"
+   fi
+   echo ""
+}
+
+echo_done() {
+   if $terminal ; then
+      echo -e "\033[80G[ \033[32mdone\033[m ]"
+   fi
+}
+echo_ok() {
+   if $terminal ; then
+      echo -e "\033[80G[ \033[32mok\033[m ] "
+   fi
+}
+echo_failed(){
+   if $terminal ; then
+      echo -e "\033[80G[ \033[1;31mfailed\033[m ]"
+   fi
+}
+echo_skipped() {
+   if $terminal ; then
+      echo -e "\033[80G[ \033[90m\033[1mskipped\033[m ]"
+   fi
+}
+echo_warn() {
+   if $terminal ; then
+      echo -e "\033[80G[ \033[33m\033[1mwarning\033[m ]"
+   fi
+}
+echo_wait(){
+   if $terminal ; then
+      echo -en "\033[80G[ \033[5m\033[1m...\033[m ]"
+   fi
+}
+
+blank_line() {
+   if $terminal ; then
+      echo ""
+   fi
+}
+
+containsElement () {
+   local e
+   for e in "${@:2}"; do [[ "$e" == "$1" ]] && return 0; done
+   return 1
+}
+
+# - Remove leading/trailling whitespaces
+# -
+trim() {
+    local var="$*"
+    var="${var#"${var%%[![:space:]]*}"}"   # remove leading whitespace characters
+    var="${var%"${var##*[![:space:]]}"}"   # remove trailing whitespace characters
+    echo -n "$var"
+}
+
+delete_generated_files() {
+
+   for _file in ${generated_files_arr[@]} ; do
+
+      echononl "   Delete file \033[1m$_file\033[m .."
+
+      rm "$_file" > $log_file 2>&1
+      if [[ $? -eq 0 ]] ; then
+         echo_ok
+      else
+         echo_failed
+         error "$(cat $log_file)"
+      fi
+
+   done
+   
+}
+
+
+
+# ----------
+# - Jobhandling 
+# ----------
+
+# - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM
+# -
+trap clean_up SIGHUP SIGINT SIGTERM
+
+# - Create lock directory '$LOCK_DIR"
+#
+mkdir "$LOCK_DIR"
+
+
+
+# -------------
+# - Some checks ..
+# -------------
+
+# - Running in a terminal?
+# -
+if [[ -t 1 ]] ; then
+   terminal=true
+else
+   terminal=false
+fi
+
+# - Is 'systemd' supported on this system
+# -
+# -Is systemd supported on this system?
+# -
+systemd_supported=false
+systemd=$(which systemd)
+systemctl=$(which systemctl)
+
+if [[ -n "$systemd" ]] && [[ -n "$systemctl" ]] ; then
+   systemd_supported=true
+fi
+
+
+
+# ==========
+# - Begin Main Script
+# ==========
+
+# ----------
+# - Headline
+# ----------
+
+if $terminal ; then
+   echo ""
+   echo -e "\033[1m----------\033[m"
+   echo -e "\033[32m\033[1mRunning script \033[m\033[1m$script_name\033[32m .. \033[m"
+   echo -e "\033[1m----------\033[m"
+fi
+
+
+# ----------
+#  Read Configurations from $conf_file
+# ----------
+
+domain=""
+update_zone=""
+if [[ -f "$conf_file" ]]; then
+   source "$conf_file"
+else
+   warn "No configuration file '$conf_file' present."
+fi
+
+
+# -------------
+# - Read in Commandline arguments
+# -------------
+while getopts d:h opt ; do
+   case $opt in
+      d) dkim_domain=$OPTARG ;;
+      h) usage ;;
+      \?) usage
+   esac
+done
+
+
+if [[ -z "$dkim_domain" ]] ; then
+	echo ""
+	echo -e "\033[32m--\033[m"
+	echo ""
+   echo "   Insert the domain name for which DKIM support should be stopped."
+   echo ""
+   echo ""
+   echononl "   DKIM domain: "
+   read dkim_domain
+   while [ "X$dkim_domain" = "X" ] ; do
+      echo -e "\n\t\033[33m\033[1mEingabe erforderlich.\033[m\n"
+      echononl "   DKIM domain: "
+      read dkim_domain
+   done
+elif $terminal ; then
+	echo -e "\033[32m--\033[m"
+	info "\033[32mDelete DKIM key/configuration for domain \033[37m\033[1m$dkim_domain\033[m"
+fi
+
+if [[ -z "$dkim_domain" ]] ; then
+	fatal "Running in batch mode, but no domain was given!"
+fi
+
+blank_line
+
+
+if $terminal ; then
+	echo ""
+	echo -e "   \033[1m----------\033[m"
+	echo "   DKIM Domain......................: $dkim_domain"
+	echo ""
+   echo "   OpenDKIM's etc-directory.........: $opendkim_dir"
+   echo "   Key directory....................: ${key_base_dir}/${dkim_domain}"
+   echo "   Signing table file...............: $signing_table_file"
+   echo "   Key table file...................: $key_table_file"
+	echo -e "   \033[1m----------\033[m"
+	echo ""
+fi
+
+
+# =============
+# - Start Configuration
+# =============
+
+if $terminal ; then
+	echo
+	echo -n "   Type upper case 'YES' to start: "
+	read OK
+	if [[ "$OK" != "YES" ]] ; then
+		fatal "Abort by user request - Answer as not 'YES'"
+	fi
+   echo ""
+else
+   declare -i _count=0
+   declare -i _stop=${#dkim_domain}+2
+   echo ""
+   echo "*${dkim_domain}*"
+    while [[ $_count -lt $_stop ]] ; do 
+      echo -n "=" 
+      ((_count++))
+   done
+   echo ""
+   echo "" 
+fi
+
+
+
+# Get all Dkim Domains
+#
+echononl "Get list of configured OpenDKIM Domians.."
+cat $key_table_file | awk '{print$2}' | cut -d':' -f1 | sort > ${LOCK_DIR}/opendikim-domains.txt 2> $log_file
+if [[ $? -gt 0 ]] ; then
+   echo_failed
+   fatal "$(cat $log_file)"
+fi
+
+dkim_domain_arr=()
+while IFS='' read -r line || [[ -n "$line" ]] ; do
+   dkim_domain_arr+=("$line")
+done < "${LOCK_DIR}/opendikim-domains.txt"
+
+if [[ ${#dkim_domain_arr[@]} -gt 0 ]]; then
+   echo_ok
+else
+   echo_warn
+   warn "No configured OpenDKIM Domian found. Exiting script.."
+   clean_up 1
+fi
+
+#for _domain in ${dkim_domain_arr[@]} ; do
+#   echo "   $_domain"
+#done
+
+# Check if DKIM Configuration for given Domain exist..
+#
+echononl "Check if DKIM Configuration for given Domain exist.."
+if ! containsElement "$dkim_domain"  "${dkim_domain_arr[@]}" ; then
+   echo_failed
+   fatal "No DKIM configuration for domain '$dkim_domain' found!"
+else
+   echo_ok
+fi
+
+blank_line
+
+echononl "Create Backup Directory '$opendkim_backup_dir'.."
+if [[ ! -d "$opendkim_backup_dir" ]] ; then
+   mkdir "$opendkim_backup_dir" > $log_file 2>&1
+   if [[ $? -eq 0 ]] ; then
+      echo_ok
+   else
+      echo_failed
+      fatal "$(cat $log_file)"
+   fi
+else
+   echo_skipped
+fi
+
+echononl "Create Deleted Directory '$opendkim_deleted_dir'.."
+if [[ ! -d "$opendkim_deleted_dir" ]] ; then
+   mkdir "$opendkim_deleted_dir" > $log_file 2>&1
+   if [[ $? -eq 0 ]] ; then
+      echo_ok
+   else
+      echo_failed
+      fatal "$(cat $log_file)"
+   fi
+else
+   echo_skipped
+fi
+
+blank_line
+
+echononl "Backup 'Signing Table File'.."
+cp -a "$signing_table_file" ""${opendkim_backup_dir}/$(basename "${signing_table_file}").$backup_date > $log_file 2>&1
+if [[ $? -eq 0 ]] ; then
+   echo_ok
+else
+   echo_failed
+   fatal "$(cat $log_file)"
+fi
+
+echononl "Backup 'Key Table File'.."
+cp -a "$key_table_file" "${opendkim_backup_dir}/$(basename "${key_table_file}").$backup_date" > $log_file 2>&1
+if [[ $? -eq 0 ]] ; then
+   echo_ok
+else
+   echo_failed
+   fatal "$(cat $log_file)"
+fi
+
+_error=false
+echononl "Remove entry for domain "$dkim_domain" from file '$signing_table_file'.."
+if grep -q -E "$dkim_domain" "$signing_table_file" > $log_file 2>&1 ; then
+   signing_table_file_changed=true
+
+   sed -i "/$dkim_domain/d" "$signing_table_file" > $log_file 2>&1 
+   if [[ $? -eq 0 ]] ; then
+      echo_ok
+   else
+      echo_failed
+      error "$(cat $log_file)"
+      _error=true
+   fi
+else
+   echo_skipped
+   error "No entry in file '$signing_table_file' for domain '' found!"
+   _error=true
+fi
+
+if $_error ; then
+   if $signing_table_file_changed ; then
+      echononl "Restore file Signing Table File '$(basename "${signing_table_file}")'.."
+      mv -f "${opendkim_backup_dir}/$(basename "${signing_table_file}").$backup_date " \
+         "$signing_table_file" > $log_file 2>&1
+      if [[ $? -eq 0 ]] ; then
+         echo_ok
+      else
+         echo_failed
+         error "$(cat $log_file)"
+      fi
+   else
+      echononl "Remove previos backuped Signing Table File '$(basename "${signing_table_file}")'.."
+      rm "${opendkim_backup_dir}/$(basename "${signing_table_file}").$backup_date" > $log_file 2>&1
+      if [[ $? -eq 0 ]] ; then
+         echo_ok
+      else
+         echo_failed
+         error "$(cat $log_file)"
+      fi
+   fi
+
+   echononl "Remove previos backuped Key Table File"
+   rm "${opendkim_backup_dir}/$(basename "${key_table_file}").$backup_date" > $log_file 2>&1
+   if [[ $? -eq 0 ]] ; then
+      echo_ok
+   else
+      echo_failed
+      error "$(cat $log_file)"
+   fi
+
+   clean_up 1
+fi
+
+echononl "Remove entry for domain "$dkim_domain" in file '$key_table_file'.."
+if grep -q -E "$dkim_domain" "$key_table_file" > $log_file 2>&1 ; then
+   key_table_file_changed=true
+
+   sed -i "/$dkim_domain/d" "$key_table_file" > $log_file 2>&1 
+   if [[ $? -eq 0 ]] ; then
+      echo_ok
+   else
+      echo_failed
+      error "$(cat $log_file)"
+      _error=true
+   fi
+else
+   echo_skipped
+   warn "No entry in file '$key_table_file' for domain '' found!"
+fi
+
+if $_error ; then
+   echononl "Restore file Signing Table File '$(basename "${signing_table_file}")'.."
+   mv -f "${opendkim_backup_dir}/$(basename "${signing_table_file}").$backup_date " \
+      "$signing_table_file" > $log_file 2>&1
+   if [[ $? -eq 0 ]] ; then
+      echo_ok
+   else
+      echo_failed
+      error "$(cat $log_file)"
+   fi
+
+   if $key_table_file_changed ; then
+      echononl "Restore file Key Table File '$(basename "${key_table_file}")'.."
+      mv -f "${opendkim_backup_dir}/$(basename "${key_table_file}").$backup_date " \
+         "$key_table_file" > $log_file 2>&1
+      if [[ $? -eq 0 ]] ; then
+         echo_ok
+      else
+         echo_failed
+         error "$(cat $log_file)"
+      fi
+   else
+      echononl "Remove previos backuped Key Table File"
+      rm "${opendkim_backup_dir}/$(basename "${key_table_file}").$backup_date" > $log_file 2>&1
+      if [[ $? -eq 0 ]] ; then
+         echo_ok
+      else
+         echo_failed
+         error "$(cat $log_file)"
+      fi
+   fi
+
+
+   clean_up 1
+fi
+
+echononl "Move Key Diretory '$dkim_domain' to Directory '$opendkim_deleted_dir'.."
+if [[ -d "${key_base_dir}/$dkim_domain" ]] ; then
+   mv "${key_base_dir}/$dkim_domain" "${opendkim_deleted_dir}/${dkim_domain}.$backup_date" > $log_file 2>&1
+   if [[ $? -eq 0 ]] ; then
+      echo_ok
+   else
+      echo_failed
+      error "$(cat $log_file)"
+   fi
+else
+   echo_skipped
+   warn "No Key Directory for DKIM domsin '$dkim_domain' found."
+fi
+
+blank_line
+
+echononl "Restart OpenDKIM.."
+echo_wait
+if $systemd_supported ; then
+   systemctl reload opendkim > $log_file 2>&1
+   if [[ $? -eq 0 ]] ; then
+      echo_ok
+   else
+      echo_failed
+      error "$(cat $log_file)"
+   fi
+else
+   /etc/init.d/opendkim reload > $log_file 2>&1
+   if [[ $? -eq 0 ]] ; then
+      echo_ok
+   else
+      echo_failed
+      error "$(cat $log_file)"
+   fi
+fi
+
+
+fatal "Not YET finished!"
+clean_up 0
+
+
+#key_dir=${key_base_dir}/${dkim_domain}
+#dkim_domain_shortname="${dkim_domain%.*}"