#!/usr/bin/env bash script_name="$(basename $(realpath $0))" working_dir="$(dirname $(realpath $0))" conf_file="${working_dir}/conf/${script_name%%.*}.conf" LOCK_DIR="/tmp/$(basename $0).$$.LOCK" log_file="${LOCK_DIR}/${script_name%%.*}.log" backup_date="$(date +%Y-%m-%d-%H%M)" # ------------- # - Default values # ------------- # - Give your default values here # - BATCH_MODE=false opendkim_dir="/etc/opendkim" opendkim_backup_dir="${opendkim_dir}/BACKUP" opendkim_deleted_dir="${opendkim_dir}/DELETED" signing_table_file="${opendkim_dir}/signing.table" key_table_file="${opendkim_dir}/key.table" key_base_dir=${opendkim_dir}/keys signing_table_file_changed=false key_table_file_changed=false # ------------- # --- Functions # ------------- usage() { [[ -n "$1" ]] && error "$1" [[ -z "${dkim_domain}" ]] && dkim_domain='' [[ -z "${update_zone}" ]] && update_zone='' [[ $terminal ]] && echo -e " \033[1mUsage:\033[m $(basename $0) [-b] [-d ] [-h] \033[1mDescription\033[m Thr script deletes OpenDKIM configuration including key. \033[1mNote\033[m Script does not remove any DNS records/entries or other changes on zone files!! \033[1mOptions\033[m -b Script will run in batch mode, no user interaction is made. Flag \033[1m-n\033[m is ignored, or in other words: running in batch mode implies updating DNS DKIM record. Useful for cronjob. -d The domain for which DKIM support will be stooped. If not give, the domain will be requested interactivly. -h Prints this help. \033[1mFiles\033[m $conf_file: Configuration file \033[1mExample:\033[m Delete OpenDKIM Configuration for domain \033[1moopen.de\033[m $(basename $0) -d oopen.de " clean_up 1 } clean_up() { # Perform program exit housekeeping rm -rf "$LOCK_DIR" blank_line exit $1 } echononl(){ if $terminal ; then echo X\\c > /tmp/shprompt$$ if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then echo -e -n " $*\\c" 1>&2 else echo -e -n " $*" 1>&2 fi rm /tmp/shprompt$$ fi } fatal(){ echo "" if $terminal ; then echo -e " [ \033[31m\033[1mFatal\033[m ] $*" else echo -e " [ Fatal ] $*" fi echo "" if $terminal ; then echo -e " \033[1mScript terminated\033[m.." else echo -e " Script terminated.." fi echo "" rm -rf $LOCK_DIR exit 1 } error (){ echo "" if $terminal ; then echo -e " [ \033[31m\033[1mError\033[m ] $*" else echo " [ Error ] $*" fi echo "" } warn (){ echo "" if $terminal ; then echo -e " [ \033[33m\033[1mWarning\033[m ] $*" else echo " [ Warn ] $*" fi echo "" } todo (){ echo "" if $terminal ; then echo -e " [ \033[33m\033[1mToDo\033[m ] $*" else echo " [ ToDo ] $*" fi echo "" } info (){ echo "" if $terminal ; then echo -e " [ \033[32m\033[1mInfo\033[m ] $*" else echo " [ Info ] $*" fi echo "" } echo_done() { if $terminal ; then echo -e "\033[80G[ \033[32mdone\033[m ]" fi } echo_ok() { if $terminal ; then echo -e "\033[80G[ \033[32mok\033[m ] " fi } echo_failed(){ if $terminal ; then echo -e "\033[80G[ \033[1;31mfailed\033[m ]" fi } echo_skipped() { if $terminal ; then echo -e "\033[80G[ \033[90m\033[1mskipped\033[m ]" fi } echo_warn() { if $terminal ; then echo -e "\033[80G[ \033[33m\033[1mwarning\033[m ]" fi } echo_wait(){ if $terminal ; then echo -en "\033[80G[ \033[5m\033[1m...\033[m ]" fi } blank_line() { if $terminal ; then echo "" fi } containsElement () { local e for e in "${@:2}"; do [[ "$e" == "$1" ]] && return 0; done return 1 } # - Remove leading/trailling whitespaces # - trim() { local var="$*" var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters echo -n "$var" } delete_generated_files() { for _file in ${generated_files_arr[@]} ; do echononl " Delete file \033[1m$_file\033[m .." rm "$_file" > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" fi done } # ---------- # - Jobhandling # ---------- # - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM # - trap clean_up SIGHUP SIGINT SIGTERM # - Create lock directory '$LOCK_DIR" # mkdir "$LOCK_DIR" # ------------- # - Some checks .. # ------------- # - Running in a terminal? # - if [[ -t 1 ]] ; then terminal=true else terminal=false fi # - Is 'systemd' supported on this system # - # -Is systemd supported on this system? # - systemd_supported=false systemd=$(which systemd) systemctl=$(which systemctl) if [[ -n "$systemd" ]] && [[ -n "$systemctl" ]] ; then systemd_supported=true fi # ========== # - Begin Main Script # ========== # ---------- # - Headline # ---------- if $terminal ; then echo "" echo -e "\033[1m----------\033[m" echo -e "\033[32m\033[1mRunning script \033[m\033[1m$script_name\033[32m .. \033[m" echo -e "\033[1m----------\033[m" fi # ---------- # Read Configurations from $conf_file # ---------- domain="" update_zone="" if [[ -f "$conf_file" ]]; then source "$conf_file" else warn "No configuration file '$conf_file' present." fi # ------------- # - Read in Commandline arguments # ------------- while getopts d:h opt ; do case $opt in d) dkim_domain=$OPTARG ;; h) usage ;; \?) usage esac done if [[ -z "$dkim_domain" ]] ; then echo "" echo -e "\033[32m--\033[m" echo "" echo " Insert the domain name for which DKIM support should be stopped." echo "" echo "" echononl " DKIM domain: " read dkim_domain while [ "X$dkim_domain" = "X" ] ; do echo -e "\n\t\033[33m\033[1mEingabe erforderlich.\033[m\n" echononl " DKIM domain: " read dkim_domain done elif $terminal ; then echo -e "\033[32m--\033[m" info "\033[32mDelete DKIM key/configuration for domain \033[37m\033[1m$dkim_domain\033[m" fi if [[ -z "$dkim_domain" ]] ; then fatal "Running in batch mode, but no domain was given!" fi blank_line if $terminal ; then echo "" echo -e " \033[1m----------\033[m" echo " DKIM Domain......................: $dkim_domain" echo "" echo " OpenDKIM's etc-directory.........: $opendkim_dir" echo " Key directory....................: ${key_base_dir}/${dkim_domain}" echo " Signing table file...............: $signing_table_file" echo " Key table file...................: $key_table_file" echo -e " \033[1m----------\033[m" echo "" fi # ============= # - Start Configuration # ============= if $terminal ; then echo echo -n " Type upper case 'YES' to start: " read OK if [[ "$OK" != "YES" ]] ; then fatal "Abort by user request - Answer as not 'YES'" fi echo "" else declare -i _count=0 declare -i _stop=${#dkim_domain}+2 echo "" echo "*${dkim_domain}*" while [[ $_count -lt $_stop ]] ; do echo -n "=" ((_count++)) done echo "" echo "" fi # Get all Dkim Domains # echononl "Get list of configured OpenDKIM Domians.." cat $key_table_file | awk '{print$2}' | cut -d':' -f1 | sort > ${LOCK_DIR}/opendikim-domains.txt 2> $log_file if [[ $? -gt 0 ]] ; then echo_failed fatal "$(cat $log_file)" fi dkim_domain_arr=() while IFS='' read -r line || [[ -n "$line" ]] ; do dkim_domain_arr+=("$line") done < "${LOCK_DIR}/opendikim-domains.txt" if [[ ${#dkim_domain_arr[@]} -gt 0 ]]; then echo_ok else echo_warn warn "No configured OpenDKIM Domian found. Exiting script.." clean_up 1 fi #for _domain in ${dkim_domain_arr[@]} ; do # echo " $_domain" #done # Check if DKIM Configuration for given Domain exist.. # echononl "Check if DKIM Configuration for given Domain exist.." if ! containsElement "$dkim_domain" "${dkim_domain_arr[@]}" ; then echo_failed fatal "No DKIM configuration for domain '$dkim_domain' found!" else echo_ok fi blank_line echononl "Create Backup Directory '$opendkim_backup_dir'.." if [[ ! -d "$opendkim_backup_dir" ]] ; then mkdir "$opendkim_backup_dir" > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed fatal "$(cat $log_file)" fi else echo_skipped fi echononl "Create Deleted Directory '$opendkim_deleted_dir'.." if [[ ! -d "$opendkim_deleted_dir" ]] ; then mkdir "$opendkim_deleted_dir" > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed fatal "$(cat $log_file)" fi else echo_skipped fi blank_line echononl "Backup 'Signing Table File'.." cp -a "$signing_table_file" ""${opendkim_backup_dir}/$(basename "${signing_table_file}").$backup_date > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed fatal "$(cat $log_file)" fi echononl "Backup 'Key Table File'.." cp -a "$key_table_file" "${opendkim_backup_dir}/$(basename "${key_table_file}").$backup_date" > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed fatal "$(cat $log_file)" fi _error=false echononl "Remove entry for domain "$dkim_domain" from file '$signing_table_file'.." if grep -q -E "$dkim_domain" "$signing_table_file" > $log_file 2>&1 ; then signing_table_file_changed=true sed -i "/$dkim_domain/d" "$signing_table_file" > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" _error=true fi else echo_skipped error "No entry in file '$signing_table_file' for domain '' found!" _error=true fi if $_error ; then if $signing_table_file_changed ; then echononl "Restore file Signing Table File '$(basename "${signing_table_file}")'.." mv -f "${opendkim_backup_dir}/$(basename "${signing_table_file}").$backup_date " \ "$signing_table_file" > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" fi else echononl "Remove previos backuped Signing Table File '$(basename "${signing_table_file}")'.." rm "${opendkim_backup_dir}/$(basename "${signing_table_file}").$backup_date" > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" fi fi echononl "Remove previos backuped Key Table File" rm "${opendkim_backup_dir}/$(basename "${key_table_file}").$backup_date" > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" fi clean_up 1 fi echononl "Remove entry for domain "$dkim_domain" in file '$key_table_file'.." if grep -q -E "$dkim_domain" "$key_table_file" > $log_file 2>&1 ; then key_table_file_changed=true sed -i "/$dkim_domain/d" "$key_table_file" > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" _error=true fi else echo_skipped warn "No entry in file '$key_table_file' for domain '' found!" fi if $_error ; then echononl "Restore file Signing Table File '$(basename "${signing_table_file}")'.." mv -f "${opendkim_backup_dir}/$(basename "${signing_table_file}").$backup_date " \ "$signing_table_file" > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" fi if $key_table_file_changed ; then echononl "Restore file Key Table File '$(basename "${key_table_file}")'.." mv -f "${opendkim_backup_dir}/$(basename "${key_table_file}").$backup_date " \ "$key_table_file" > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" fi else echononl "Remove previos backuped Key Table File" rm "${opendkim_backup_dir}/$(basename "${key_table_file}").$backup_date" > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" fi fi clean_up 1 fi echononl "Move Key Diretory '$dkim_domain' to Directory '$opendkim_deleted_dir'.." if [[ -d "${key_base_dir}/$dkim_domain" ]] ; then mv "${key_base_dir}/$dkim_domain" "${opendkim_deleted_dir}/${dkim_domain}.$backup_date" > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" fi else echo_skipped warn "No Key Directory for DKIM domsin '$dkim_domain' found." fi blank_line echononl "Restart OpenDKIM.." echo_wait if $systemd_supported ; then systemctl reload opendkim > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" fi else /etc/init.d/opendkim reload > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" fi fi clean_up 0 #key_dir=${key_base_dir}/${dkim_domain} #dkim_domain_shortname="${dkim_domain%.*}"