gardient / mailserver Goto Github PK

View Code? Open in Web Editor NEW

0.0 0.0 0.0 45 KB

postfix, dovecot, roundqube, postfixadmin setup backed by MariaDB on Ubuntu 20.04

License: MIT License

Shell 100.00%

mailserver's Issues

Generate passwords for MariaDB service account

sa-postfix-ro
sa-dovecot-ro
sa-roundcube-rw
sa-rc-pass-rw
sa-postfixadm-rw

Install apt packages

postfix postfix-mysql

debconf-set-selections <<< "postfix postfix/mailname string your.hostname.com"
debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'"

apache2
libapache2-mod-php php-imagick php-curl php-fpm php-gd php-imap php-intl php-ldap php-mbstring php-mysql php-xml php-zip php
rspamd
swaks
mutt
dovecot-mysql dovecot-pop3d dovecot-imapd dovecot-managesieved dovecot-lmtpd
adminer
ca-certificates

Configure postfix for postfixadmin DB

use the config generator from postfixadmin doc https://github.com/postfixadmin/postfixadmin/blob/master/DOCUMENTS/POSTFIX_CONF.txt

Script to collect info needed

info needed:

get hostname of machine (fqdn that goes into MX)
- detect default from current hostname
get the domain the mailserver will serve for (the domain the MX is created for)
- detect default from current hostname (drop the first part of the above)
get mariadb superadmin password
get webmaster password
get postfixadmin setup password

acquisition methods:

get above from environment ($MAILSRV_*)
get above from cli
offer to auto generate passwords

Save data got from user or generated to disk

Depends on #2 and #3

save to $INSTALLER_DATA/$store.dat mode 0600

where $store is one of:

hosting
passw

set up DKIM

Set up postfixadmin

Create base install script

install base dependencies (git, jq, curl, wget, pwgen)
can detect whether it's piped to bash or properly executed
can get any branch of the repo
can find latest tag based on GH release (and get that one)

generate DNS records to add

separate install bootstrapper from actual install script

Set up Roundcube

Set up dovecot

first thing's first
https://github.com/postfixadmin/postfixadmin/blob/master/DOCUMENTS/DOVECOT.txt

ensure /var/vmail exists

create vmail user and group (id 5000)

groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /var/vmail -m

chown -R vmail:vmail /var/vmail
update dovecot configuration
- 10-auth.conf: set auth_mechanisms = plain login; enable auth-sql.conf.ext
- auth-sql.conf.ext: set userdb { driver = sql; args = /etc/dovecot/dovecot-sql.conf.ext; }
- 10-mail.conf: set mail_location = maildir:~/Maildir
  add auto = subscribe to mailboxes in namespace
- 10-master.conf: set
```
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
  mode = 0660
  user = postfix
  group = postfix
}

# and the lmtp service
service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    group = postfix
    user = postfix
    mode = 0600
  }
}
```
- 10-ssl.conf: set ssl = required
```
ssl_cert = </etc/letsencrypt/live/webmail.example.org/fullchain.pem
ssl_key = </etc/letsencrypt/live/webmail.example.org/privkey.pem
```
- 20-lmtp.conf: mail_plugins = $mail_plugins sieve
- /etc/dovecot/dovecot-sql.conf.ext: as described in the postfixadmin documentation
- fix permissions on /etc/dovecot/dovecot-sql.conf.ext owner root mode 0600

Prepare the DB

create databases:
postfix
roundcube
create mariadb users: (CREATE USER '<user>'@'127.0.0.1' IDENTIFIED BY '<password>';)
superadmin
sa-postfix-ro
sa-dovecot-ro
sa-roundcube-rw
sa-rc-pass-rw
sa-postfixadm-rw
give permissions: (GRANT <priv_lvl> ON <db>.* TO '<user>'@'127.0.0.1';)
superadmin: priv_lvl=ALL; db=*
sa-postfix-ro: priv_lvl=SELECT; db=postfixadmin
sa-dovecot-ro: priv_lvl=SELECT; db=postfixadmin
sa-roundcube-rw: priv_lvl=ALL; db=roundcubedb
sa-rc-pass-rw: priv_lvl=SELECT, UPDATE; db=postfixadmin
sa-postfixadm-rw: priv_lvl=ALL; db=postfixadmin

gardient / mailserver Goto Github PK

mailserver's People

Contributors

Watchers

mailserver's Issues

Recommend Projects

Recommend Topics

Recommend Org