[enh] Dovecot and postgrey regen conf script

2024-09-03 20:06:31 +02:00 · 2015-09-29 19:04:16 -04:00 · 2015-09-29 19:04:16 -04:00 · 44bdeeb292
commit 44bdeeb292
parent d19fc96fdf
6 changed files with 106 additions and 81 deletions
--- a/data/hooks/conf_regen/22-postgrey
+++ b/data/hooks/conf_regen/22-postgrey
@ -0,0 +1,23 @@
+#!/bin/bash
+set -e 
+
+force=$1
+
+function safe_copy () {
+    if [[ "$force" == "True" ]]; then
+        sudo yunohost service safecopy \
+          -s postgrey \
+          $1 $2 \
+          --force
+    else
+        sudo yunohost service safecopy \
+          -s postgrey \
+          $1 $2
+    fi
+}
+
+cd /usr/share/yunohost/templates/postgrey
+
+if [[ "$(safe_copy postgrey.default /etc/default/postgrey)" == "True" ]]; then
+    sudo service nslcd restart
+fi
--- a/data/hooks/conf_regen/25-dovecot
+++ b/data/hooks/conf_regen/25-dovecot
@ -0,0 +1,52 @@
+#!/bin/bash
+set -e 
+
+force=$1
+
+function safe_copy () {
+    if [[ "$force" == "True" ]]; then
+        sudo yunohost service safecopy \
+          -s dovecot $1 $2 --force
+    else
+        sudo yunohost service safecopy \
+          -s dovecot $1 $2
+    fi
+}
+
+cd /usr/share/yunohost/templates/dovecot
+
+# Create vmail user
+sudo id vmail > /dev/null 2>&1 \
+  || sudo adduser --system --ingroup mail --uid 500 vmail
+
+
+# Replace main domain in the main configuration file
+main_domain=$(cat /etc/yunohost/current_host)
+cat dovecot.conf.sed \
+  | sed "s/{{ main_domain }}/$main_domain/g" \
+  | sudo tee dovecot.conf
+
+
+# Handle IPv4 only systems
+if [ ! -f /proc/net/if_inet6 ];
+then
+  sudo sed -i 's/^listen.*/listen = \*/' dovecot.conf
+fi
+
+
+safe_copy dovecot.conf /etc/dovecot/dovecot.conf
+safe_copy dovecot-ldap.conf /etc/dovecot/dovecot-ldap.conf
+
+
+# Setup Sieve
+sudo rm -rf /etc/dovecot/global_script
+sudo mkdir -p -m 0770 /etc/dovecot/global_script
+safe_copy sa-learn-pipe.sh /usr/bin/sa-learn-pipe.sh
+sudo chmod 755 /usr/bin/sa-learn-pipe.sh
+safe_copy dovecot.sieve /etc/dovecot/global_script/dovecot.sieve
+sudo chmod 660 /etc/dovecot/global_script/dovecot.sieve
+sudo sievec /etc/dovecot/global_script/dovecot.sieve
+sudo chmod 660 /etc/dovecot/global_script/dovecot.svbin
+
+
+service dovecot reload
--- a/data/templates/dovecot/dovecot-ipv4.conf.j2
+++ b/data/templates/dovecot/dovecot-ipv4.conf.j2
@ -1,71 +0,0 @@
-# 2.1.7: /etc/dovecot/dovecot.conf
-# OS: Linux 3.2.0-3-686-pae i686 Debian wheezy/sid ext4
-listen = *
-auth_mechanisms = plain login
-login_greeting = Dovecot ready!!
-mail_gid = 8
-mail_home = /var/mail/%n
-mail_location = maildir:/var/mail/%n
-mail_uid = 500
-passdb {
-  args = /etc/dovecot/dovecot-ldap.conf
-  driver = ldap
-}
-protocols = imap sieve
-service auth {
-  unix_listener /var/spool/postfix/private/auth {
-    group = postfix
-    mode = 0660
-    user = postfix
-  }
-  unix_listener auth-master {
-    group = mail
-    mode = 0660
-    user = vmail
-  }
-}
-
-protocol sieve {
-}
-
-ssl_ca = </etc/ssl/certs/ca-yunohost_crt.pem
-ssl_cert = </etc/ssl/certs/yunohost_crt.pem
-ssl_key = </etc/ssl/private/yunohost_key.pem
-userdb {
-  args = /etc/dovecot/dovecot-ldap.conf
-  driver = ldap
-}
-protocol imap {
-  imap_client_workarounds =
-  mail_plugins = $mail_plugins antispam autocreate
-}
-protocol lda {
-  auth_socket_path = /var/run/dovecot/auth-master
-  mail_plugins = sieve
-  postmaster_address = postmaster@{{ domain }}
-}
-
-plugin {
-  sieve = /var/mail/sievescript/%n/.dovecot.sieve
-  sieve_dir = /var/mail/sievescript/%n/scripts/
-  sieve_before = /etc/dovecot/global_script/
-}
-
-plugin {
-  antispam_debug_target = syslog
-  antispam_verbose_debug = 0
-  antispam_backend = pipe
-  antispam_trash = Trash
-  antispam_spam = SPAM;Junk
-  antispam_allow_append_to_spam = no
-  antispam_pipe_program = /usr/bin/sa-learn-pipe.sh
-  antispam_pipe_program_spam_arg = --spam
-  antispam_pipe_program_notspam_arg = --ham
-}
-
-plugin {
-  autocreate = Trash
-  autocreate2 = Junk
-  autosubscribe = Trash
-  autosubscribe2 = Junk
-}
--- a/data/templates/dovecot/dovecot-ldap.conf
+++ b/data/templates/dovecot/dovecot-ldap.conf
@ -2,7 +2,7 @@ hosts = 127.0.0.1
 auth_bind = yes
 ldap_version = 3
 base = ou=users,dc=yunohost,dc=org
-user_attrs = uidNumber=500,gidNumber=8
+user_attrs = uidNumber=500,gidNumber=8,mailuserquota=quota_rule=*:bytes=%$
 user_filter = (&(objectClass=inetOrgPerson)(uid=%n))
 pass_filter = (&(objectClass=inetOrgPerson)(uid=%n))
 default_pass_scheme = SSHA
--- a/data/templates/dovecot/dovecot.conf.sed
+++ b/data/templates/dovecot/dovecot.conf.sed
@ -12,6 +12,7 @@ passdb {
  driver = ldap
 }
 protocols = imap sieve
+mail_plugins = $mail_plugins quota
 service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
@ -31,18 +32,19 @@ protocol sieve {
 ssl_ca = </etc/ssl/certs/ca-yunohost_crt.pem
 ssl_cert = </etc/ssl/certs/yunohost_crt.pem
 ssl_key = </etc/ssl/private/yunohost_key.pem
+ssl_protocols = !SSLv2 !SSLv3
 userdb {
  args = /etc/dovecot/dovecot-ldap.conf
  driver = ldap
 }
 protocol imap {
  imap_client_workarounds =
-  mail_plugins = $mail_plugins antispam autocreate
+  mail_plugins = $mail_plugins imap_quota antispam autocreate
 }
 protocol lda {
  auth_socket_path = /var/run/dovecot/auth-master
-  mail_plugins = sieve
-  postmaster_address = postmaster@{{ domain }}
+  mail_plugins = quota sieve
+  postmaster_address = postmaster@{{ main_domain }}
 }

 plugin {
@ -69,3 +71,22 @@ plugin {
  autosubscribe = Trash
  autosubscribe2 = Junk
 }
+
+plugin {
+  quota = maildir:User quota
+  quota_rule2 = SPAM:ignore
+  quota_rule3 = Trash:ignore
+}
+
+plugin {
+  quota_warning = storage=95%% quota-warning 95 %u
+  quota_warning2 = storage=80%% quota-warning 80 %u
+  quota_warning3 = -storage=100%% quota-warning below %u # user is no longer over quota
+}
+
+service quota-warning {
+  executable = script /usr/bin/quota-warning.sh
+  user = vmail
+  unix_listener quota-warning {
+  }
+}
--- a/data/templates/postfix/master.cf
+++ b/data/templates/postfix/master.cf
@ -9,10 +9,10 @@
 #               (yes)   (yes)   (yes)   (never) (100)
 # ==========================================================================
 smtp      inet  n       -       -       -       -       smtpd
-#submission inet n       -       -       -       -       smtpd
-#  -o smtpd_tls_security_level=encrypt
-#  -o smtpd_sasl_auth_enable=yes
-#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+submission inet n       -       -       -       -       smtpd
+  -o smtpd_tls_security_level=encrypt
+  -o smtpd_sasl_auth_enable=yes
+  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
 #  -o milter_macro_daemon_name=ORIGINATING
 smtps     inet  n       -       -       -       -       smtpd
  -o header_checks=pcre:/etc/postfix/header_checks
@ -37,7 +37,7 @@ proxywrite unix -       -       n       -       1       proxymap
 smtp      unix  -       -       -       -       -       smtp
 # When relaying mail as backup MX, disable fallback_relay to avoid MX loops
 relay     unix  -       -       -       -       -       smtp
-        -o smtp_fallback_relay=
+	-o smtp_fallback_relay=
 #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
 showq     unix  n       -       -       -       -       showq
 error     unix  -       -       -       -       -       error
@ -102,7 +102,7 @@ ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
 bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
-scalemail-backend unix  -       n       n       -       2       pipe
+scalemail-backend unix	-	n	n	-	2	pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
 mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py