boban
/
mailwolt-installer
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Laudende Default seite entfernen

boksbc 2025-10-17 21:36:54 +02:00
parent 77bcb27108
commit 8fab1b626b
3 changed files with 236 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

244
scripts/60-rspamd-opendkim.sh
View File

@ -12,14 +12,14 @@ set +u
set -u set -u
BASE_DOMAIN="${BASE_DOMAIN:-example.com}" BASE_DOMAIN="${BASE_DOMAIN:-example.com}"
SYSMAIL_DOMAIN="${SYSMAIL_DOMAIN:-sysmail.${BASE_DOMAIN}}" SYSMAIL_DOMAIN="${SYSMAIL_DOMAIN:-sysmail.${BASE_DOMAIN}}" # z.B. sysmail.example.com
DKIM_ENABLE="${DKIM_ENABLE:-1}" DKIM_ENABLE="${DKIM_ENABLE:-1}" # 1=OpenDKIM aktiv
DKIM_SELECTOR="${DKIM_SELECTOR:-mwl1}" DKIM_SELECTOR="${DKIM_SELECTOR:-mwl1}" # z.B. mwl1
DKIM_GENERATE="${DKIM_GENERATE:-1}" DKIM_GENERATE="${DKIM_GENERATE:-1}" # 1=Key generieren, falls fehlt
RSPAMD_CONTROLLER_PASSWORD="${RSPAMD_CONTROLLER_PASSWORD:-admin}" RSPAMD_CONTROLLER_PASSWORD="${RSPAMD_CONTROLLER_PASSWORD:-admin}"
# ────────────────────────────────────────────────────────────── # ──────────────────────────────────────────────────────────────
# Rspamd # Rspamd (Controller + Milter)
# ────────────────────────────────────────────────────────────── # ──────────────────────────────────────────────────────────────
install -d -m 0755 /etc/rspamd/local.d install -d -m 0755 /etc/rspamd/local.d
@ -50,7 +50,6 @@ systemctl enable --now rspamd || true
# ────────────────────────────────────────────────────────────── # ──────────────────────────────────────────────────────────────
if [[ "${DKIM_ENABLE}" != "1" ]]; then if [[ "${DKIM_ENABLE}" != "1" ]]; then
log "DKIM_ENABLE=0 → OpenDKIM wird übersprungen." log "DKIM_ENABLE=0 → OpenDKIM wird übersprungen."
# Stelle sicher, dass Postfix nur Rspamd nutzt:
/usr/sbin/postconf -e "smtpd_milters = inet:127.0.0.1:11332" /usr/sbin/postconf -e "smtpd_milters = inet:127.0.0.1:11332"
/usr/sbin/postconf -e "non_smtpd_milters = inet:127.0.0.1:11332" /usr/sbin/postconf -e "non_smtpd_milters = inet:127.0.0.1:11332"
systemctl reload postfix || true systemctl reload postfix || true
@ -77,18 +76,16 @@ KEY_DNSTXT="${KEY_DIR}/${DKIM_SELECTOR}.txt"
install -d -m 0750 -o opendkim -g opendkim "${KEY_DIR}" install -d -m 0750 -o opendkim -g opendkim "${KEY_DIR}"
# Key erzeugen, wenn gewünscht/fehlend # Falls kein Key da: optional generieren (auf SYSMAIL_DOMAIN)
if [[ ! -s "${KEY_PRIV}" ]]; then if [[ ! -s "${KEY_PRIV}" && "${DKIM_GENERATE}" = "1" ]]; then
if [[ "${DKIM_GENERATE}" = "1" ]]; then
if command -v opendkim-genkey >/dev/null 2>&1; then if command -v opendkim-genkey >/dev/null 2>&1; then
opendkim-genkey -b 2048 -s "${DKIM_SELECTOR}" -d "${SYSMAIL_DOMAIN}" -D "${KEY_DIR}" opendkim-genkey -b 2048 -s "${DKIM_SELECTOR}" -d "${SYSMAIL_DOMAIN}" -D "${KEY_DIR}"
chown opendkim:opendkim "${KEY_PRIV}" || true chown opendkim:opendkim "${KEY_DIR}/${DKIM_SELECTOR}.private" || true
chmod 600 "${KEY_PRIV}" || true chmod 600 "${KEY_DIR}/${DKIM_SELECTOR}.private" || true
else else
echo "[!] opendkim-genkey fehlt kann DKIM-Key nicht generieren." echo "[!] opendkim-genkey fehlt kann DKIM-Key nicht generieren."
fi fi
fi fi
fi
# Tabellen schreiben (zeigen auf SYSMAIL_DOMAIN) # Tabellen schreiben (zeigen auf SYSMAIL_DOMAIN)
cat >/etc/opendkim/KeyTable <<CONF cat >/etc/opendkim/KeyTable <<CONF
@ -132,16 +129,16 @@ DNSTimeout 5
SignatureAlgorithm rsa-sha256 SignatureAlgorithm rsa-sha256
CONF CONF
# --- Root-Helper zum Einhängen von DKIM-Keys in OpenDKIM --- # Root-Helper zum nachträglichen Installieren von DKIM-Keys (aus der App)
install -d -m 0750 /usr/local/sbin install -d -m 0750 /usr/local/sbin
cat > /usr/local/sbin/mailwolt-install-dkim <<'EOSH' cat > /usr/local/sbin/mailwolt-install-dkim <<'EOSH'
#!/usr/bin/env bash #!/usr/bin/env bash
set -euo pipefail set -euo pipefail
DOMAIN="$1" # z.B. thinkidoo.at DOMAIN="$1" # z.B. sysmail.example.com ODER kunden.tld
SELECTOR="$2" # z.B. dkim / mwl1 SELECTOR="$2" # z.B. dkim / mwl1
TMP_PRIV="$3" # Pfad: Private-Key PEM (von der App erzeugt) TMP_PRIV="$3" # private PEM (von App)
TMP_PUBTXT="${4:-}" # optional: Datei mit fertigem DNS-TXT TMP_PUBTXT="${4:-}" # optional: fertiger TXT-String-Dateipfad
OKDIR="/etc/opendkim" OKDIR="/etc/opendkim"
KEYDIR="${OKDIR}/keys/${DOMAIN}" KEYDIR="${OKDIR}/keys/${DOMAIN}"
@ -167,38 +164,237 @@ if [[ -n "${TMP_PUBTXT}" && -s "${TMP_PUBTXT}" ]]; then
cp -f "${TMP_PUBTXT}" "/etc/mailwolt/dns/dkim-${DOMAIN}.txt" cp -f "${TMP_PUBTXT}" "/etc/mailwolt/dns/dkim-${DOMAIN}.txt"
fi fi
systemctl restart opendkim if systemctl is-active --quiet opendkim; then
systemctl reload opendkim || true
fi
echo "OK" echo "OK"
EOSH EOSH
chown root:root /usr/local/sbin/mailwolt-install-dkim chown root:root /usr/local/sbin/mailwolt-install-dkim
chmod 0750 /usr/local/sbin/mailwolt-install-dkim chmod 0750 /usr/local/sbin/mailwolt-install-dkim
# Nur starten, wenn der Private Key existiert # OpenDKIM nur starten, wenn Key vorhanden sonst nur Rspamd aktiv lassen
if [[ -s "${KEY_PRIV}" ]]; then if [[ -s "${KEY_PRIV}" ]]; then
systemctl enable --now opendkim || true systemctl enable --now opendkim || true
systemctl restart opendkim || true systemctl restart opendkim || true
# Postfix an beide Milters hängen
/usr/sbin/postconf -e "smtpd_milters = inet:127.0.0.1:11332, inet:127.0.0.1:8891" /usr/sbin/postconf -e "smtpd_milters = inet:127.0.0.1:11332, inet:127.0.0.1:8891"
/usr/sbin/postconf -e "non_smtpd_milters = inet:127.0.0.1:11332, inet:127.0.0.1:8891" /usr/sbin/postconf -e "non_smtpd_milters = inet:127.0.0.1:11332, inet:127.0.0.1:8891"
systemctl reload postfix || true systemctl reload postfix || true
# DNS-Export ablegen (für UI/Hinweis)
install -d -m 0755 /etc/mailwolt/dns install -d -m 0755 /etc/mailwolt/dns
[[ -s "${KEY_DNSTXT}" ]] && cp -f "${KEY_DNSTXT}" "/etc/mailwolt/dns/dkim-${SYSMAIL_DOMAIN}.txt" || true [[ -s "${KEY_DNSTXT}" ]] && cp -f "${KEY_DNSTXT}" "/etc/mailwolt/dns/dkim-${SYSMAIL_DOMAIN}.txt" || true
echo "[✓] OpenDKIM aktiv für ${SYSMAIL_DOMAIN} (Selector: ${DKIM_SELECTOR})" echo "[✓] OpenDKIM aktiv für ${SYSMAIL_DOMAIN} (Selector: ${DKIM_SELECTOR})"
echo " DNS: ${DKIM_SELECTOR}._domainkey.${SYSMAIL_DOMAIN} (siehe ${KEY_DNSTXT})" echo " DNS: ${DKIM_SELECTOR}._domainkey.${SYSMAIL_DOMAIN} (siehe ${KEY_DNSTXT})"
else else
echo "[!] Kein Private Key: ${KEY_PRIV}" echo "[i] Noch kein Private Key unter ${KEY_PRIV} OpenDKIM bleibt aus."
echo " - Setze DKIM_GENERATE=1 ODER lege Key-Datei manuell ab (opendkim:opendkim, 600)."
echo " - Postfix bleibt bis dahin nur mit Rspamd-Milter verbunden."
/usr/sbin/postconf -e "smtpd_milters = inet:127.0.0.1:11332" /usr/sbin/postconf -e "smtpd_milters = inet:127.0.0.1:11332"
/usr/sbin/postconf -e "non_smtpd_milters = inet:127.0.0.1:11332" /usr/sbin/postconf -e "non_smtpd_milters = inet:127.0.0.1:11332"
systemctl reload postfix || true systemctl reload postfix || true
fi fi
##!/usr/bin/env bash
#set -euo pipefail
#source ./lib.sh
#
#log "Rspamd + OpenDKIM einrichten …"
#
## ──────────────────────────────────────────────────────────────
## ENV laden
## ──────────────────────────────────────────────────────────────
#set +u
#[ -r /etc/mailwolt/installer.env ] && . /etc/mailwolt/installer.env
#set -u
#
#BASE_DOMAIN="${BASE_DOMAIN:-example.com}"
#SYSMAIL_DOMAIN="${SYSMAIL_DOMAIN:-sysmail.${BASE_DOMAIN}}"
#DKIM_ENABLE="${DKIM_ENABLE:-1}"
#DKIM_SELECTOR="${DKIM_SELECTOR:-mwl1}"
#DKIM_GENERATE="${DKIM_GENERATE:-1}"
#RSPAMD_CONTROLLER_PASSWORD="${RSPAMD_CONTROLLER_PASSWORD:-admin}"
#
## ──────────────────────────────────────────────────────────────
## Rspamd
## ──────────────────────────────────────────────────────────────
#install -d -m 0755 /etc/rspamd/local.d
#
#if command -v rspamadm >/dev/null 2>&1; then
# RSPAMD_HASH="$(rspamadm pw -p "${RSPAMD_CONTROLLER_PASSWORD}")"
#else
# RSPAMD_HASH="${RSPAMD_CONTROLLER_PASSWORD}"
#fi
#
#cat >/etc/rspamd/local.d/worker-controller.inc <<CONF
#password = "${RSPAMD_HASH}";
#bind_socket = "127.0.0.1:11334";
#CONF
#
#cat >/etc/rspamd/local.d/worker-normal.inc <<'CONF'
#bind_socket = "127.0.0.1:11332";
#CONF
#
#cat >/etc/rspamd/local.d/milter_headers.conf <<'CONF'
#use = ["authentication-results"];
#header = "Authentication-Results";
#CONF
#
#systemctl enable --now rspamd || true
#
## ──────────────────────────────────────────────────────────────
## OpenDKIM nur wenn DKIM_ENABLE=1
## ──────────────────────────────────────────────────────────────
#if [[ "${DKIM_ENABLE}" != "1" ]]; then
# log "DKIM_ENABLE=0 → OpenDKIM wird übersprungen."
# # Stelle sicher, dass Postfix nur Rspamd nutzt:
# /usr/sbin/postconf -e "smtpd_milters = inet:127.0.0.1:11332"
# /usr/sbin/postconf -e "non_smtpd_milters = inet:127.0.0.1:11332"
# systemctl reload postfix || true
# exit 0
#fi
#
#install -d -m 0755 /etc/opendkim
#install -d -m 0750 /etc/opendkim/keys
#chown -R opendkim:opendkim /etc/opendkim
#chmod 750 /etc/opendkim/keys
#
## TrustedHosts
#cat >/etc/opendkim/TrustedHosts <<'CONF'
#127.0.0.1
#::1
#localhost
#CONF
#chown opendkim:opendkim /etc/opendkim/TrustedHosts
#chmod 640 /etc/opendkim/TrustedHosts
#
#KEY_DIR="/etc/opendkim/keys/${SYSMAIL_DOMAIN}"
#KEY_PRIV="${KEY_DIR}/${DKIM_SELECTOR}.private"
#KEY_DNSTXT="${KEY_DIR}/${DKIM_SELECTOR}.txt"
#
#install -d -m 0750 -o opendkim -g opendkim "${KEY_DIR}"
#
## Key erzeugen, wenn gewünscht/fehlend
#if [[ ! -s "${KEY_PRIV}" ]]; then
# if [[ "${DKIM_GENERATE}" = "1" ]]; then
# if command -v opendkim-genkey >/dev/null 2>&1; then
# opendkim-genkey -b 2048 -s "${DKIM_SELECTOR}" -d "${SYSMAIL_DOMAIN}" -D "${KEY_DIR}"
# chown opendkim:opendkim "${KEY_PRIV}" || true
# chmod 600 "${KEY_PRIV}" || true
# else
# echo "[!] opendkim-genkey fehlt kann DKIM-Key nicht generieren."
# fi
# fi
#fi
#
## Tabellen schreiben (zeigen auf SYSMAIL_DOMAIN)
#cat >/etc/opendkim/KeyTable <<CONF
#${DKIM_SELECTOR}._domainkey.${SYSMAIL_DOMAIN} ${SYSMAIL_DOMAIN}:${DKIM_SELECTOR}:${KEY_PRIV}
#CONF
#chown opendkim:opendkim /etc/opendkim/KeyTable
#chmod 640 /etc/opendkim/KeyTable
#
#cat >/etc/opendkim/SigningTable <<CONF
#*@${SYSMAIL_DOMAIN} ${DKIM_SELECTOR}._domainkey.${SYSMAIL_DOMAIN}
#CONF
#chown opendkim:opendkim /etc/opendkim/SigningTable
#chmod 640 /etc/opendkim/SigningTable
#
## Hauptkonfiguration
#cat >/etc/opendkim.conf <<'CONF'
#Syslog yes
#UMask 002
#Mode sv
#Socket inet:8891@127.0.0.1
#Canonicalization relaxed/simple
#
#On-BadSignature accept
#On-Default accept
#On-KeyNotFound accept
#On-NoSignature accept
#
#LogWhy yes
#OversignHeaders From
#
#KeyTable /etc/opendkim/KeyTable
#SigningTable refile:/etc/opendkim/SigningTable
#ExternalIgnoreList /etc/opendkim/TrustedHosts
#InternalHosts /etc/opendkim/TrustedHosts
#
#UserID opendkim:opendkim
#AutoRestart yes
#AutoRestartRate 10/1h
#Background yes
#DNSTimeout 5
#SignatureAlgorithm rsa-sha256
#CONF
#
## --- Root-Helper zum Einhängen von DKIM-Keys in OpenDKIM ---
#install -d -m 0750 /usr/local/sbin
#cat > /usr/local/sbin/mailwolt-install-dkim <<'EOSH'
##!/usr/bin/env bash
#set -euo pipefail
#
#DOMAIN="$1" # z.B. thinkidoo.at
#SELECTOR="$2" # z.B. dkim / mwl1
#TMP_PRIV="$3" # Pfad: Private-Key PEM (von der App erzeugt)
#TMP_PUBTXT="${4:-}" # optional: Datei mit fertigem DNS-TXT
#
#OKDIR="/etc/opendkim"
#KEYDIR="${OKDIR}/keys/${DOMAIN}"
#KEYPRI="${KEYDIR}/${SELECTOR}.private"
#
#install -d -m 0750 -o opendkim -g opendkim "${KEYDIR}"
#install -m 0600 -o opendkim -g opendkim "${TMP_PRIV}" "${KEYPRI}"
#
#kt="${OKDIR}/KeyTable"
#st="${OKDIR}/SigningTable"
#touch "$kt" "$st"
#chown opendkim:opendkim "$kt" "$st"
#chmod 0640 "$kt" "$st"
#
#line_kt="${SELECTOR}._domainkey.${DOMAIN} ${DOMAIN}:${SELECTOR}:${KEYPRI}"
#grep -Fqx "$line_kt" "$kt" || echo "$line_kt" >> "$kt"
#
#line_st="*@${DOMAIN} ${SELECTOR}._domainkey.${DOMAIN}"
#grep -Fqx "$line_st" "$st" || echo "$line_st" >> "$st"
#
#if [[ -n "${TMP_PUBTXT}" && -s "${TMP_PUBTXT}" ]]; then
# install -d -m 0755 /etc/mailwolt/dns
# cp -f "${TMP_PUBTXT}" "/etc/mailwolt/dns/dkim-${DOMAIN}.txt"
#fi
#
#systemctl restart opendkim
#echo "OK"
#EOSH
#chown root:root /usr/local/sbin/mailwolt-install-dkim
#chmod 0750 /usr/local/sbin/mailwolt-install-dkim
#
## Nur starten, wenn der Private Key existiert
#if [[ -s "${KEY_PRIV}" ]]; then
# systemctl enable --now opendkim || true
# systemctl restart opendkim || true
#
# # Postfix an beide Milters hängen
# /usr/sbin/postconf -e "smtpd_milters = inet:127.0.0.1:11332, inet:127.0.0.1:8891"
# /usr/sbin/postconf -e "non_smtpd_milters = inet:127.0.0.1:11332, inet:127.0.0.1:8891"
# systemctl reload postfix || true
#
# # DNS-Export ablegen (für UI/Hinweis)
# install -d -m 0755 /etc/mailwolt/dns
# [[ -s "${KEY_DNSTXT}" ]] && cp -f "${KEY_DNSTXT}" "/etc/mailwolt/dns/dkim-${SYSMAIL_DOMAIN}.txt" || true
#
# echo "[✓] OpenDKIM aktiv für ${SYSMAIL_DOMAIN} (Selector: ${DKIM_SELECTOR})"
# echo " DNS: ${DKIM_SELECTOR}._domainkey.${SYSMAIL_DOMAIN} (siehe ${KEY_DNSTXT})"
#else
# echo "[!] Kein Private Key: ${KEY_PRIV}"
# echo " - Setze DKIM_GENERATE=1 ODER lege Key-Datei manuell ab (opendkim:opendkim, 600)."
# echo " - Postfix bleibt bis dahin nur mit Rspamd-Milter verbunden."
# /usr/sbin/postconf -e "smtpd_milters = inet:127.0.0.1:11332"
# /usr/sbin/postconf -e "non_smtpd_milters = inet:127.0.0.1:11332"
# systemctl reload postfix || true
#fi
##!/usr/bin/env bash ##!/usr/bin/env bash
#set -euo pipefail #set -euo pipefail
#source ./lib.sh #source ./lib.sh

17
scripts/80-app.sh
View File

@ -192,15 +192,19 @@ SYSMAIL_DOMAIN="${SYSMAIL_DOMAIN:-sysmail.${BASE_DOMAIN}}"
if [[ "${DKIM_ENABLE}" = "1" && -n "${SYSMAIL_DOMAIN}" ]]; then if [[ "${DKIM_ENABLE}" = "1" && -n "${SYSMAIL_DOMAIN}" ]]; then
log "Erzeuge/aktualisiere DKIM für ${SYSMAIL_DOMAIN} (Selector: ${DKIM_SELECTOR}) …" log "Erzeuge/aktualisiere DKIM für ${SYSMAIL_DOMAIN} (Selector: ${DKIM_SELECTOR}) …"
TMP_PRIV="$(mktemp -p /tmp dkim_priv_XXXXXX.pem)" # Temp-Pfade ALS APP-USER erzeugen, damit PHP (läuft als APP_USER) reinschreiben darf
TMP_TXT="$(mktemp -p /tmp dkim_txt_XXXXXX.txt)" TMP_PRIV="$(sudo -u "${APP_USER}" mktemp -p /tmp dkim_priv_XXXXXX.pem)"
TMP_TXT="$(sudo -u "${APP_USER}" mktemp -p /tmp dkim_txt_XXXXXX.txt)"
# (fallback normalerweise nicht nötig, aber schadet nicht)
chown "${APP_USER}:${APP_GROUP}" "$TMP_PRIV" "$TMP_TXT" || true
chmod 600 "$TMP_PRIV" "$TMP_TXT" || true
# Erzeuge Key via deinem bestehenden DkimService (idempotent in der App)
sudo -u "${APP_USER}" -H bash -lc "cd ${APP_DIR} && php -r ' sudo -u "${APP_USER}" -H bash -lc "cd ${APP_DIR} && php -r '
require \"vendor/autoload.php\"; require \"vendor/autoload.php\";
\$app = require \"bootstrap/app.php\"; \$app = require \"bootstrap/app.php\";
\$kernel = \$app->make(Illuminate\\Contracts\\Console\\Kernel::class); \$kernel->bootstrap(); \$kernel = \$app->make(Illuminate\\Contracts\\Console\\Kernel::class); \$kernel->bootstrap();
\$domain = App\\Models\\Domain::firstOrCreate([\"domain\"=>\"${SYSMAIL_DOMAIN}\"],[\"is_active\"=>1,\"is_system\"=>1]); \$domain = App\\Models\\Domain::firstOrCreate([\"domain\"=>\"${SYSMAIL_FQDN}\"],[\"is_active\"=>1,\"is_system\"=>1]);
\$svc = app(App\\Services\\DkimService::class); \$svc = app(App\\Services\\DkimService::class);
\$res = \$svc->generateForDomain(\$domain, 2048, \"${DKIM_SELECTOR}\"); \$res = \$svc->generateForDomain(\$domain, 2048, \"${DKIM_SELECTOR}\");
file_put_contents(\"${TMP_PRIV}\", \$res[\"private_pem\"]); file_put_contents(\"${TMP_PRIV}\", \$res[\"private_pem\"]);
@ -208,8 +212,9 @@ if [[ "${DKIM_ENABLE}" = "1" && -n "${SYSMAIL_DOMAIN}" ]]; then
echo \"OK\\n\"; echo \"OK\\n\";
'" '"
# Root-Helper legt Key-Datei unter /etc/opendkim/… ab, schreibt Key-/SigningTable und restarts # Root-Helper (kopiert Key nach /etc/opendkim/..., schreibt KeyTable/SigningTable, restartet opendkim)
sudo /usr/local/sbin/mailwolt-install-dkim "${SYSMAIL_DOMAIN}" "${DKIM_SELECTOR}" "${TMP_PRIV}" "${TMP_TXT}" || true sudo /usr/local/sbin/mailwolt-install-dkim "${SYSMAIL_FQDN}" "${DKIM_SELECTOR}" "${TMP_PRIV}" "${TMP_TXT}" || true
rm -f "${TMP_PRIV}" "${TMP_TXT}" || true rm -f "${TMP_PRIV}" "${TMP_TXT}" || true
else else
log "DKIM übersprungen (DKIM_ENABLE=${DKIM_ENABLE}, SYSMAIL_DOMAIN='${SYSMAIL_DOMAIN}')." log "DKIM übersprungen (DKIM_ENABLE=${DKIM_ENABLE}, SYSMAIL_DOMAIN='${SYSMAIL_DOMAIN}')."

2
scripts/bootstrap.sh
View File

@ -96,7 +96,7 @@ export DB_NAME DB_USER DB_PASS
export SERVER_PUBLIC_IPV4 SERVER_PUBLIC_IPV6 APP_TZ APP_LOCALE export SERVER_PUBLIC_IPV4 SERVER_PUBLIC_IPV6 APP_TZ APP_LOCALE
# ── Sequenz ──────────────────────────────────────────────────────────────── # ── Sequenz ────────────────────────────────────────────────────────────────
for STEP in 10-provision 20-ssl 21-le-deploy-hook 30-db 40-postfix 50-dovecot 60-rspamd-opendkim 70-nginx 75-le-issue 80-app 90-services 95-monit 98-motd 99-summary for STEP in 10-provision 20-ssl 21-le-deploy-hook 22-dkim-helper 30-db 40-postfix 50-dovecot 60-rspamd-opendkim 70-nginx 75-le-issue 80-app 90-services 95-monit 98-motd 99-summary
do do
log ">>> Running ${STEP}.sh" log ">>> Running ${STEP}.sh"
bash "./${STEP}.sh" bash "./${STEP}.sh"