boban
/
mailwolt-installer
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Laudende Default seite entfernen

main
boksbc 2025-10-18 10:27:00 +02:00
parent 6f7c035884
commit 4156a0092e
1 changed files with 28 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
scripts/60-rspamd-opendkim.sh
View File

@ -186,13 +186,13 @@ EOSH
chmod 0750 /usr/local/sbin/mailwolt-install-dkim chmod 0750 /usr/local/sbin/mailwolt-install-dkim
chown root:root /usr/local/sbin/mailwolt-install-dkim chown root:root /usr/local/sbin/mailwolt-install-dkim
# --- mailwolt-remove-dkim ------------------------------------- # --- 2) mailwolt-remove-dkim ----------------------------------
cat > /usr/local/sbin/mailwolt-remove-dkim <<'EOSH' cat >/usr/local/sbin/mailwolt-remove-dkim <<'EOSH'
#!/usr/bin/env bash #!/usr/bin/env bash
set -euo pipefail set -euo pipefail
DOMAIN="$1" DOMAIN="$1" # z.B. kunden.tld oder sysmail.example.com
SELECTOR="$2" SELECTOR="$2" # z.B. mwl1
OKDIR="/etc/opendkim" OKDIR="/etc/opendkim"
KEYDIR="${OKDIR}/keys/${DOMAIN}" KEYDIR="${OKDIR}/keys/${DOMAIN}"
@ -200,23 +200,41 @@ KEYPRI="${KEYDIR}/${SELECTOR}.private"
KT="${OKDIR}/KeyTable" KT="${OKDIR}/KeyTable"
ST="${OKDIR}/SigningTable" ST="${OKDIR}/SigningTable"
# Key-Datei löschen (falls vorhanden)
[[ -f "${KEYPRI}" ]] && rm -f "${KEYPRI}" [[ -f "${KEYPRI}" ]] && rm -f "${KEYPRI}"
# Zeilen aus KeyTable und SigningTable entfernen
if [[ -f "$KT" ]]; then if [[ -f "$KT" ]]; then
TMP="$(mktemp)" tmp="$(mktemp)"; grep -v -F "${SELECTOR}._domainkey.${DOMAIN} ${DOMAIN}:${SELECTOR}:" "$KT" >"$tmp" && mv "$tmp" "$KT"
grep -v -F "${SELECTOR}._domainkey.${DOMAIN}" "$KT" > "$TMP" && mv "$TMP" "$KT" chown opendkim:opendkim "$KT"; chmod 0640 "$KT"
fi fi
if [[ -f "$ST" ]]; then if [[ -f "$ST" ]]; then
TMP="$(mktemp)" tmp="$(mktemp)"; grep -v -F "*@${DOMAIN} ${SELECTOR}._domainkey.${DOMAIN}" "$ST" >"$tmp" && mv "$tmp" "$ST"
grep -v -F "*@${DOMAIN} ${SELECTOR}._domainkey.${DOMAIN}" "$ST" > "$TMP" && mv "$TMP" "$ST" chown opendkim:opendkim "$ST"; chmod 0640 "$ST"
fi fi
# Verzeichnis ggf. aufräumen
rmdir "${KEYDIR}" 2>/dev/null || true rmdir "${KEYDIR}" 2>/dev/null || true
systemctl is-active --quiet opendkim && systemctl reload opendkim || true # Dienst neu laden, falls aktiv
if systemctl is-active --quiet opendkim; then
systemctl reload opendkim || true
fi
echo "OK" echo "OK"
EOSH EOSH
chmod 0750 /usr/local/sbin/mailwolt-remove-dkim
chown root:root /usr/local/sbin/mailwolt-remove-dkim chown root:root /usr/local/sbin/mailwolt-remove-dkim
chmod 0750 /usr/local/sbin/mailwolt-remove-dkim
# --- Sudoers für beide Helper sicherstellen -------------------
APP_USER="${APP_USER:-mailwolt}"
cat >/etc/sudoers.d/mailwolt-dkim <<EOF
Defaults! /usr/local/sbin/mailwolt-install-dkim !requiretty
Defaults! /usr/local/sbin/mailwolt-remove-dkim !requiretty
${APP_USER} ALL=(root) NOPASSWD: /usr/local/sbin/mailwolt-install-dkim
${APP_USER} ALL=(root) NOPASSWD: /usr/local/sbin/mailwolt-remove-dkim
EOF
chmod 440 /etc/sudoers.d/mailwolt-dkim
# --- Sudoers-Regel für App-User -------------------------------- # --- Sudoers-Regel für App-User --------------------------------
APP_USER="${APP_USER:-mailwolt}" APP_USER="${APP_USER:-mailwolt}"