First commit

build/run/bin/add-user

@@ -0,0 +1,96 @@
+#!/usr/bin/env bash
+# Exit if any errors pop up
+set -e
+
+# Array of available domains
+domains=(${MYVEMAIL_DOMAIN})
+domains+=(${MYVEMAIL_ADDMX//,/ })
+
+# Check if postfixadmin db has been installed
+if [ ! -d /var/lib/mysql/${MYVEMAIL_POSTFIXADMIN_DBNAME}/ ]
+then
+    echo "Run setup script before proceeding"
+    exit 1
+fi
+
+# Check if mariadb is active
+if ! ps aux | grep -q mariadb
+then
+    mariadbd --user=root --datadir=/var/lib/mysql/ &
+    until mariadb --user=root --database=mysql -e "show tables;" >/dev/null
+    do
+        sleep 1
+    done
+fi
+
+# Proceed only if postfixadmin db is installed
+if mariadb --user=root --database=${MYVEMAIL_POSTFIXADMIN_DBNAME} -e "select * from domain;" | grep -q ${MYVEMAIL_DOMAIN}
+then
+    # Mail account domain
+    echo -e "\e[1;34mChoose an available domain from the following: ${domains[@]}\e[0m"
+    until [ ${MYVEMAIL_ADDUSER_DOMAIN} ] && [[ ${domains[@]} =~ ${MYVEMAIL_ADDUSER_DOMAIN} ]]
+    do
+        read -r -p 'Domain: ' MYVEMAIL_ADDUSER_DOMAIN
+        if [ -z "${MYVEMAIL_ADDUSER_DOMAIN}" ]
+        then
+            echo -e '\n\e[1;31mField cannot be empty, try again\e[0m'
+        elif ! [[ ${domains[@]} =~ ${MYVEMAIL_ADDUSER_DOMAIN} ]]
+        then
+            echo -e '\n\e[1;31mChoose a valid domain\e[0m'
+        fi
+    done
+
+    # Mail username
+    if [ -z ${MYVEMAIL_MAIL_USER} ]
+    then
+        echo -e '\n\e[1;34mType in your email username\e[0m'
+        until [ ${MYVEMAIL_MAIL_USER} ]
+        do
+            read -r -p 'Username: ' MYVEMAIL_MAIL_USER
+            [ ${MYVEMAIL_MAIL_USER} ] || echo -e '\n\e[1;31mUsername cannot be empty, try again\e[0m'
+        done
+        echo -e '\n\e[1;32mMail user '${MYVEMAIL_MAIL_USER}'@'${MYVEMAIL_ADDUSER_DOMAIN}' has been saved\e[0m\n'
+    fi
+
+    # Mail account password
+    echo -e '\e[1;34mCreate a password for your mail account\e[0m'
+    until [ "${MYVEMAIL_MAIL_PASS}" = "${MYVEMAIL_MAIL_PASS2}" -a "${MYVEMAIL_MAIL_PASS}" ]
+    do
+        read -s -r -p 'Mail password: ' MYVEMAIL_MAIL_PASS
+        read -s -r -p $'\nVerify mail password: ' MYVEMAIL_MAIL_PASS2
+        if [ -z "${MYVEMAIL_MAIL_PASS}" ]
+        then
+            echo -e '\n\n\e[1;31mPassword field cannot be empty, try again\e[0m'
+        elif [ "${MYVEMAIL_MAIL_PASS}" != "${MYVEMAIL_MAIL_PASS2}" ]
+            echo -e '\n\n\e[1;31mPasswords did not match, try again\e[0m'
+        then
+        fi
+    done
+    echo -e '\n\n\e[1;32mMail password has been saved\e[0m\n'
+
+    # Catch-all alias
+    until [[ ${MYVEMAIL_USER_CATCHALL} = [yYnN] ]]
+    do
+        echo -n -e '\e[1;34mWill the user use a catch-all alias?\e[0m '
+        read -n 1 -r MYVEMAIL_USER_CATCHALL
+        echo
+        echo
+        if ! [[ ${MYVEMAIL_USER_CATCHALL} = [yYnN] ]]
+        then
+            echo -e '\e[1;31mNot a valid answer, type "y" or "n"\e[0m'
+        fi
+    done
+
+    # Create Postfixadmin mail users
+    bash /usr/share/webapps/postfixadmin/scripts/postfixadmin-cli mailbox add "${MYVEMAIL_MAIL_USER}@${MYVEMAIL_ADDUSER_DOMAIN}" --active --password "${MYVEMAIL_MAIL_PASS}" --password2 "${MYVEMAIL_MAIL_PASS}" -q
+
+    # Create Postfixadmin mail catch-all alias
+    if [[ ${MYVEMAIL_USER_CATCHALL} = [yY] ]]
+    then
+        bash /usr/share/webapps/postfixadmin/scripts/postfixadmin-cli alias add "*@${MYVEMAIL_ADDUSER_DOMAIN}" --goto "${MYVEMAIL_MAIL_USER}@${MYVEMAIL_ADDUSER_DOMAIN}" --active -q
+    fi
+else
+    echo "Postfixadmin database does not seem to be installed"
+    echo "Run setup script before proceeding"
+    exit 1
+fi

build/run/bin/install-mariadb

@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+# Exit if any errors pop up
+set -e
+
+# Install mariadb
+rm -r /var/lib/mysql/* -f
+mariadb-install-db --user=root --datadir=/var/lib/mysql/
+
+# Wait for mariadb start
+mariadbd-safe --user=root --datadir=/var/lib/mysql/ &
+until mariadb --user=root --database=mysql -e "show tables;" >/dev/null
+do
+    sleep 1
+done
+
+# Secure installation
+printf '%s\n' "" "n" "n" "" "" "" "" | mariadb-secure-installation
+
+# Shutdown mariadb
+mariadb --user=root -e "shutdown;"
+until ! mariadb --user=root --database=mysql -e "show tables;" >/dev/null
+do
+    sleep 1
+done

build/run/bin/list-dkim

@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+for domain in /etc/opendkim/keys/*/default.txt
+do
+    # In your DNS manager, create a TXT record, enter default._domainkey in the name field
+    echo -e "\n\e[1;34mUpdate DKIM TXT on DNS registrar and press any key to continue\e[5m...\e[0m"
+    echo -e "\e[3m# Use default._domainkey in the host field"
+    echo -e "# Check with 'opendkim-testkey -d ${domain} -s default'"
+    echo -e "# Or visit https://www.dmarcanalyzer.com/dkim/dkim-checker/\e[0m"
+    cat ${domain} | sed 's/.*( //' | sed 's/ ).*//' | sed 's/"//g' | sed 's/^[ \t]*//g' | sed ':a;N;$!ba;s/\n//g'
+done

build/run/bin/setup

@@ -0,0 +1,191 @@
+#!/usr/bin/env bash
+# Exit if any errors pop up
+set -e
+
+# Exit if setup has already been run
+if [ -d /var/lib/mysql/${MYVEMAIL_POSTFIXADMIN_DBNAME}/ ]
+then
+    echo "Setup appears to have already been completed, exiting..."
+    exit 1
+fi
+
+# Function to wait for mariadb to be ready
+function wait_for_mariadb_start
+{
+    until mariadb --user=root --database=mysql -e "show tables;" >/dev/null
+    do
+        sleep 1
+    done
+}
+# Function to wait for mariadb to fully exit
+function wait_for_mariadb_stop
+{
+    mariadb --user=root -e "shutdown;"
+    until ! mariadb --user=root --database=mysql -e "show tables;" >/dev/null
+    do
+        sleep 1
+    done
+}
+
+# Install mariadb if it isn't already installed
+if [ ! -d /var/lib/mysql/mysql/ ]
+then
+    /usr/local/bin/install-mariadb
+fi
+
+# Start mariadb server
+mariadbd --user=root --datadir=/var/lib/mysql/ &
+wait_for_mariadb_start
+
+if [ ! -d /var/lib/mysql/${MYVEMAIL_POSTFIXADMIN_DBNAME}/ ]
+then
+	# Postfixadmin database
+	mariadb --user=root <<- POSTFIXADMIN
+	CREATE DATABASE ${MYVEMAIL_POSTFIXADMIN_DBNAME};
+	GRANT ALL PRIVILEGES ON ${MYVEMAIL_POSTFIXADMIN_DBNAME}.* to '${MYVEMAIL_POSTFIXADMIN_DBUSER}'@'localhost' IDENTIFIED BY '${MYVEMAIL_POSTFIXADMIN_DBPASS}';
+	flush privileges;
+	POSTFIXADMIN
+fi
+
+if ! mariadb --user=root --database=${MYVEMAIL_POSTFIXADMIN_DBNAME} -e "select * from domain;" | grep -q ${MYVEMAIL_DOMAIN}
+then
+
+# Mail username
+if [ -z ${MYVEMAIL_MAIL_USER} ]
+then
+    echo -e '\n\e[1;34mType in your email username\e[0m'
+    until [ ${MYVEMAIL_MAIL_USER} ]
+    do
+        read -r -p 'Username: ' MYVEMAIL_MAIL_USER
+        [ ${MYVEMAIL_MAIL_USER} ] || echo -e '\n\e[1;31mUsername cannot be empty, try again\e[0m'
+    done
+    echo -e '\n\e[1;32mMail user '${MYVEMAIL_MAIL_USER}'@'${MYVEMAIL_DOMAIN}' has been saved\e[0m\n'
+fi
+
+# Mail account password
+echo -e '\e[1;34mCreate a password for your mail account\e[0m'
+until [ "${MYVEMAIL_MAIL_PASS}" = "${MYVEMAIL_MAIL_PASS2}" -a "${MYVEMAIL_MAIL_PASS}" ]
+do
+    read -s -r -p 'Mail password: ' MYVEMAIL_MAIL_PASS
+    read -s -r -p $'\nVerify mail password: ' MYVEMAIL_MAIL_PASS2
+    if [ -z "${MYVEMAIL_MAIL_PASS}" ]
+    then
+        echo -e '\n\n\e[1;31mPassword field cannot be empty, try again\e[0m'
+    elif [ "${MYVEMAIL_MAIL_PASS}" != "${MYVEMAIL_MAIL_PASS2}" ]
+    then
+        echo -e '\n\n\e[1;31mPasswords did not match, try again\e[0m'
+    fi
+done
+echo -e '\n\n\e[1;32mMail password has been saved\e[0m\n'
+
+# Postfixadmin password
+echo -e '\e[1;34mCreate a postfixadmin setup password\e[0m'
+until [ "${MYVEMAIL_POSTFIXADMIN_PASS}" = "${MYVEMAIL_POSTFIXADMIN_PASS2}" -a "${MYVEMAIL_POSTFIXADMIN_PASS}" ]
+do
+    read -s -r -p 'Postfixadmin password: ' MYVEMAIL_POSTFIXADMIN_PASS
+    read -s -r -p $'\nVerify Postfixadmin password: ' MYVEMAIL_POSTFIXADMIN_PASS2
+    if [ -z "${MYVEMAIL_POSTFIXADMIN_PASS}" ]
+    then
+        echo -e '\n\n\e[1;31mPassword field cannot be empty, try again\e[0m'
+    elif [ "${MYVEMAIL_POSTFIXADMIN_PASS}" != "${MYVEMAIL_POSTFIXADMIN_PASS2}" ]
+    then
+        echo -e '\n\n\e[1;31mPasswords did not match, try again\e[0m'
+    fi
+done
+echo -e '\n\n\e[1;32mPostfixadmin password has been saved\e[0m\n'
+
+# Install roundcube and postfixadmin if not already installed
+if [ ! -d /usr/share/webapps/roundcube ] || [ ! -d /usr/share/webapps/postfixadmin ]
+then
+    mkdir -p /usr/share/webapps/{roundcube,postfixadmin}
+    wget -q4 https://github.com/postfixadmin/postfixadmin/archive/refs/tags/$(wget -q4O- https://api.github.com/repos/postfixadmin/postfixadmin/releases/latest | grep tag_name | awk '{print $2}' | tr -d '"|,').tar.gz -O postfixadmin.tar.gz
+    wget -q4 $(wget -q4O- https://api.github.com/repos/roundcube/roundcubemail/releases/latest | grep 'complete.tar.gz"$' | awk '{print $2}' | tr -d '"|,') -O roundcubemail.tar.gz
+    tar zxf roundcubemail.tar.gz -C /usr/share/webapps/roundcube --strip-components 1
+    tar zxf postfixadmin.tar.gz -C /usr/share/webapps/postfixadmin --strip-components 1
+
+    # Postfixadmin
+    mkdir /usr/share/webapps/postfixadmin/templates_c/
+
+    # Roundcube password plugin
+    sed -e "/^\$config\['password_query'\]/ s/=.*/= 'UPDATE mailbox SET password=%P,modified=NOW() WHERE username=%u';/" \
+        -e "/^\$config\['password_algorithm'\]/ s/=.*/= 'dovecot';/" \
+        -e "/^\$config\['password_dovecotpw'\]/ s|=.*|= '/usr/bin/doveadm pw -r 5';|" \
+        -e "/^\$config\['password_dovecotpw_method'\]/ s/=.*/= 'ARGON2I';/" \
+        -e "/^\$config\['password_dovecotpw_with_method'\]/ s/=.*/= true;/" \
+        /usr/share/webapps/roundcube/plugins/password/config.inc.php.dist >/usr/share/webapps/roundcube/plugins/password/config.inc.php
+
+    # Cleanup
+    rm *.tar.gz /usr/share/webapps/roundcube/installer/ -r
+fi
+
+# Postfixadmin setup
+echo -e '<?php
+$CONF['\''configured'\''] = true;
+$CONF['\''database_type'\''] = '\''mysqli'\'';
+$CONF['\''database_host'\''] = '\''localhost'\'';
+$CONF['\''database_port'\''] = '\''3306'\'';
+$CONF['\''database_user'\''] = '\'${MYVEMAIL_POSTFIXADMIN_DBUSER}\'';
+$CONF['\''database_password'\''] = '\'${MYVEMAIL_POSTFIXADMIN_DBPASS}\'';
+$CONF['\''database_name'\''] = '\'${MYVEMAIL_POSTFIXADMIN_DBNAME}\'';
+$CONF['\''encrypt'\''] = '\''dovecot:ARGON2I'\'';
+$CONF['\''dovecotpw'\''] = "/usr/bin/doveadm pw -r 5";
+if(@file_exists('\''/usr/bin/doveadm'\'')) { // @ to silence openbase_dir stuff; see https://github.com/postfixadmin/postfixadmin/issues/171
+    $CONF['\''dovecotpw'\''] = "/usr/bin/doveadm pw -r 5"; # debian
+}
+
+$CONF['\''default_aliases'\''] = array (
+    '\''root'\'' => '\''postmaster@'${MYVEMAIL_DOMAIN}''\'',
+    '\''eff'\'' => '\''postmaster@'${MYVEMAIL_DOMAIN}''\'',
+    '\''dmarc'\'' => '\''postmaster@'${MYVEMAIL_DOMAIN}''\'',
+);
+
+$CONF['\''password_validation'\''] = array(
+# #     '\''/regular expression/'\'' => '\''$PALANG key (optional: + parameter)'\'',
+#     '\''/.{5}/'\''                => '\''password_too_short 5'\'',      # minimum length 5 characters
+#     '\''/([a-zA-Z].*){3}/'\''     => '\''password_no_characters 3'\'',  # must contain at least 3 characters
+#     '\''/([0-9].*){2}/'\''        => '\''password_no_digits 2'\'',      # must contain at least 2 digits
+);
+
+$CONF['\''fetchmail'\''] = '\''NO'\'';
+$CONF['\''show_footer_text'\''] = '\''NO'\'';
+
+$CONF['\''quota'\''] = '\''YES'\'';
+$CONF['\''domain_quota'\''] = '\''YES'\'';
+$CONF['\''quota_multiplier'\''] = '\''1024000'\'';
+$CONF['\''used_quotas'\''] = '\''YES'\'';
+$CONF['\''new_quota_table'\''] = '\''YES'\'';
+
+$CONF['\''aliases'\''] = '\''0'\'';
+$CONF['\''mailboxes'\''] = '\''0'\'';
+$CONF['\''maxquota'\''] = '\''0'\'';
+$CONF['\''domain_quota_default'\''] = '\''0'\'';
+$CONF['\''password_expiration'\''] = '\''NO'\'';
+
+# Postfixadmin hash
+$CONF['\''setup_password'\''] = '\'$(php -r "echo password_hash('${MYVEMAIL_POSTFIXADMIN_PASS}', PASSWORD_DEFAULT);")\'';' | tee /usr/share/webapps/postfixadmin/config.local.php >/dev/null
+
+# Update Postfixadmin databases
+# https://git.banananet.work/banananetwork/postfixadmin/raw/commit/864065cd37ef34b6dab915206eea4bd2ac4ebaed/config.inc.php
+su -s /bin/bash ${MYVEMAIL_NGINX_USERGROUP} -c "php /usr/share/webapps/postfixadmin/public/upgrade.php"
+
+# Create Postfixadmin domain
+bash /usr/share/webapps/postfixadmin/scripts/postfixadmin-cli domain add "${MYVEMAIL_DOMAIN}" --aliases 0 --mailboxes 0 --maxquota 0 --quota 0 --active --default-aliases -q
+
+# Create Postfixadmin admin
+bash /usr/share/webapps/postfixadmin/scripts/postfixadmin-cli admin add "postmaster@${MYVEMAIL_DOMAIN}" --superadmin --active --domains "${MYVEMAIL_DOMAIN}" --password "${MYVEMAIL_POSTFIXADMIN_PASS}" --password2 "${MYVEMAIL_POSTFIXADMIN_PASS}" -q
+
+# Create Postfixadmin mail users
+bash /usr/share/webapps/postfixadmin/scripts/postfixadmin-cli mailbox add "postmaster@${MYVEMAIL_DOMAIN}" --active --password "${MYVEMAIL_POSTFIXADMIN_PASS}" --password2 "${MYVEMAIL_POSTFIXADMIN_PASS}" -q
+bash /usr/share/webapps/postfixadmin/scripts/postfixadmin-cli mailbox add "${MYVEMAIL_MAIL_USER}@${MYVEMAIL_DOMAIN}" --active --password "${MYVEMAIL_MAIL_PASS}" --password2 "${MYVEMAIL_MAIL_PASS}" -q
+
+# Create Postfixadmin mail catch-all alias
+bash /usr/share/webapps/postfixadmin/scripts/postfixadmin-cli alias add "*@${MYVEMAIL_DOMAIN}" --goto "${MYVEMAIL_MAIL_USER}@${MYVEMAIL_DOMAIN}" --active -q
+
+# Add extra domains to Postfixadmin
+domains+=(${MYVEMAIL_ADDMX//,/ })
+for domain in ${domains[@]}
+do
+    bash /usr/share/webapps/postfixadmin/scripts/postfixadmin-cli domain add "${domain}" --aliases 0 --mailboxes 0 --maxquota 0 --quota 0 --active --default-aliases -q >/dev/null
+done
+
+fi

build/run/bin/upgrade-roundcube

@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+# Installer for updating Roundcube
+set -e
+
+# Temporary work directory
+workdir=$(mktemp -d)
+
+# Download and update
+cd ${workdir}
+wget -q4 $(wget -q4O- https://api.github.com/repos/roundcube/roundcubemail/releases/latest | grep 'complete.tar.gz"$' | awk '{print $2}' | tr -d '"|,') -O roundcubemail.tar.gz
+mkdir ./roundcube
+tar zxf roundcubemail.tar.gz -C ./roundcube --strip-components 1
+./roundcube/bin/installto.sh /usr/share/webapps/roundcube/
+cd
+
+# Cleanup
+rm -r ${workdir} -f