Dovecot Systax Problem

scripts/10-provision.sh

@@ -2,6 +2,12 @@
 set -euo pipefail
 source ./lib.sh
 
+if [ -r /etc/mailwolt/installer.env ]; then
+  . /etc/mailwolt/installer.env
+fi
+
+REDIS_PASS="${REDIS_PASS:-}"
+
 SCRIPTS_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 find "$SCRIPTS_DIR/.." -type f -name "*.sh" -exec sed -i 's/\r$//' {} \; || true
 
@@ -111,11 +117,6 @@ printf '\nrequirepass %s\n' "${REDIS_PASS}" >> "$REDIS_CONF"
 systemctl enable --now redis-server
 systemctl restart redis-server || true
 
-# Passwort für spätere Steps persistieren (damit 80-app.sh es hat)
-install -d -m 0755 /etc/mailwolt
-echo "REDIS_PASS=${REDIS_PASS}" > /etc/mailwolt/installer.env
-chmod 600 /etc/mailwolt/installer.env
-
 # Sanity-Check (kein harter Exit, nur Log)
 if redis-cli -a "${REDIS_PASS}" ping 2>/dev/null | grep -q PONG; then
   log "Redis mit Passwort OK."

scripts/21-le-deploy-hook.sh

@@ -14,7 +14,6 @@ set -eu
 
 # Installer-ENV laden (liefert UI_HOST/WEBMAIL_HOST/MAIL_HOSTNAME etc.)
 if [ -r /etc/mailwolt/installer.env ]; then
-  # shellcheck disable=SC1091
   . /etc/mailwolt/installer.env
 fi
 

scripts/95-woltguard.sh

@@ -72,11 +72,33 @@ chmod 0755 /usr/local/sbin/mailwolt-redis-ping.sh
 cat >/usr/local/sbin/mailwolt-rspamd-heal.sh <<'EOSH'
 #!/usr/bin/env bash
 set -euo pipefail
+
+INSTALLER_ENV="/etc/mailwolt/installer.env"
+APP_ENV="/var/www/mailwolt/.env"
+
+REDIS_HOST="${REDIS_HOST:-127.0.0.1}"
+REDIS_PORT="${REDIS_PORT:-6379}"
+REDIS_PASS="${REDIS_PASS:-}"
+
+[[ -r "$INSTALLER_ENV" ]] && . "$INSTALLER_ENV"
+if [[ -z "${REDIS_PASS}" && -r "$APP_ENV" ]]; then
+  REDIS_PASS="$(grep -E '^REDIS_PASS=' "$APP_ENV" | head -n1 | cut -d= -f2- || true)"
+fi
+
+# Rspamd Runtime fixen
 install -d -m 0755 -o _rspamd -g _rspamd /run/rspamd || true
 [[ -S /var/lib/rspamd/rspamd.sock ]] && rm -f /var/lib/rspamd/rspamd.sock || true
+
+echo "$(date '+%F %T') heal run" >> /var/log/rspamd-heal.log
+
+# Neustart
 systemctl restart rspamd
+
+# Mini-Healthcheck
 sleep 2
 ss -tln | grep -q ':11334' || echo "[WARN] Rspamd Controller Port 11334 nicht sichtbar"
+
+exit 0
 EOSH
 chmod 0755 /usr/local/sbin/mailwolt-rspamd-heal.sh
 
@@ -95,7 +117,7 @@ EOF
 
 # 20 – Rspamd (robust via process-matching + Heal)
 cat >/etc/monit/monitrc.d/20-rspamd.conf <<'EOF'
-check process rspamd matching "/usr/bin/rspamd"
+check process rspamd matching "rspamd: main process"
   start program = "/bin/systemctl start rspamd" with timeout 120 seconds
   stop  program  = "/bin/systemctl stop rspamd"
   depends on redis
@@ -110,9 +132,9 @@ cat >/etc/monit/monitrc.d/30-postfix.conf <<'EOF'
 check process postfix with pidfile /var/spool/postfix/pid/master.pid
   start program = "/bin/systemctl start postfix"
   stop  program = "/bin/systemctl stop postfix"
-  if failed port 25  protocol smtp  then restart
+  if failed port 25 protocol smtp with timeout 20 seconds for 2 cycles then restart
-  if failed port 465 type tcpssl    then restart
+  if failed port 465 type tcpssl with timeout 10 seconds then restart
-  if failed port 587 type tcp       then restart
+  if failed port 587 type tcp with timeout 10 seconds then restart
   if 5 restarts within 5 cycles then alert
 EOF