Dovecot Systax Problem
parent
ff2418f21f
commit
15727f935f
|
|
@ -142,6 +142,7 @@ exec /usr/local/sbin/mw-deploy.sh
|
|||
HOOK
|
||||
chmod +x /etc/letsencrypt/renewal-hooks/deploy/50-mailwolt-certs.sh
|
||||
|
||||
|
||||
log "[✓] MailWolt Deploy-Hook eingerichtet"
|
||||
|
||||
##!/usr/bin/env bash
|
||||
|
|
|
|||
|
|
@ -0,0 +1,64 @@
|
|||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
source ./lib.sh
|
||||
|
||||
log "Update-Wrapper & Sudoers …"
|
||||
|
||||
# Pfade
|
||||
WRAPPER="/usr/local/sbin/mw-update"
|
||||
LOGFILE="/var/log/mailwolt-update.log"
|
||||
STATEDIR="/var/lib/mailwolt/update"
|
||||
SUDOERS="/etc/sudoers.d/mailwolt-update"
|
||||
UPDATE_SCRIPT="/mailwolt-installer/scripts/update.sh"
|
||||
|
||||
# State/Log vorbereiten
|
||||
install -d -m 0755 "$(dirname "$LOGFILE")"
|
||||
install -d -m 0755 "$STATEDIR"
|
||||
: > "$LOGFILE" || true
|
||||
chmod 0644 "$LOGFILE"
|
||||
|
||||
# Wrapper erzeugen
|
||||
cat > "$WRAPPER" <<'EOF'
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
LOG="/var/log/mailwolt-update.log"
|
||||
STATE_DIR="/var/lib/mailwolt/update"
|
||||
SCRIPT="/mailwolt-installer/scripts/update.sh"
|
||||
|
||||
install -d -m 0755 "$STATE_DIR"
|
||||
echo "running" > "$STATE_DIR/state"
|
||||
|
||||
{
|
||||
echo "===== $(date -Is) :: Update gestartet ====="
|
||||
if [[ -x "$SCRIPT" ]]; then
|
||||
"$SCRIPT"
|
||||
rc=$?
|
||||
else
|
||||
echo "[!] $SCRIPT nicht gefunden oder nicht ausführbar"
|
||||
rc=127
|
||||
fi
|
||||
echo "===== $(date -Is) :: Update beendet (rc=$rc) ====="
|
||||
echo "$rc" > "$STATE_DIR/rc"
|
||||
echo "done" > "$STATE_DIR/state"
|
||||
exit "$rc"
|
||||
} | tee -a "$LOG"
|
||||
EOF
|
||||
chmod 0755 "$WRAPPER"
|
||||
chown root:root "$WRAPPER"
|
||||
|
||||
# Sudoers erlauben, dass www-data & mailwolt den Wrapper ohne PW starten dürfen
|
||||
cat > "$SUDOERS" <<'EOF'
|
||||
Defaults!/usr/local/sbin/mw-update !requiretty
|
||||
www-data ALL=(root) NOPASSWD: /usr/local/sbin/mw-update
|
||||
mailwolt ALL=(root) NOPASSWD: /usr/local/sbin/mw-update
|
||||
EOF
|
||||
chown root:root "$SUDOERS"
|
||||
chmod 440 "$SUDOERS"
|
||||
|
||||
if ! visudo -c -f "$SUDOERS" >/dev/null 2>&1; then
|
||||
echo "[!] Ungültiger sudoers-Eintrag in $SUDOERS – entferne Datei."
|
||||
rm -f "$SUDOERS"
|
||||
fi
|
||||
|
||||
log "[✓] Update-Wrapper bereit: $WRAPPER"
|
||||
|
|
@ -211,7 +211,7 @@ for STEP in \
|
|||
20-ssl 21-le-deploy-hook 22-dkim-helper \
|
||||
30-db 40-postfix 50-dovecot \
|
||||
60-rspamd-opendkim 61-opendmarc 62-clamav 63-fail2ban \
|
||||
70-nginx 75-le-issue 80-app 90-services 95-woltguard 98-motd 99-summary
|
||||
70-nginx 75-le-issue 80-app 88-update-wrapper 90-services 95-woltguard 98-motd 99-summary
|
||||
do
|
||||
log ">>> Running ${STEP}.sh"
|
||||
bash "./${STEP}.sh"
|
||||
|
|
|
|||
Loading…
Reference in New Issue