boban
/
mailwolt-installer
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Dovecot Systax Problem

main
boksbc 2025-10-25 12:58:40 +02:00
parent 060d2c4dd2
commit eed0199bfa
1 changed files with 40 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
scripts/88-update-wrapper.sh
View File

@ -9,6 +9,7 @@ LOGFILE="/var/log/mailwolt-update.log"
STATEDIR="/var/lib/mailwolt/update" STATEDIR="/var/lib/mailwolt/update"
SUDOERS="/etc/sudoers.d/mailwolt-update" SUDOERS="/etc/sudoers.d/mailwolt-update"
VERSION_FILE="/var/lib/mailwolt/version" VERSION_FILE="/var/lib/mailwolt/version"
SUDOERS_SERVICES="/etc/sudoers.d/mailwolt-services"
# Kandidaten: wo liegt update.sh? # Kandidaten: wo liegt update.sh?
CANDIDATES=( CANDIDATES=(
@ -73,11 +74,16 @@ echo "running" > "$STATE_DIR/state"
# Version schreiben (Git-Tag oder Commit) # Version schreiben (Git-Tag oder Commit)
if command -v git >/dev/null 2>&1; then if command -v git >/dev/null 2>&1; then
cd /opt/mailwolt-installer >/dev/null 2>&1 || true cd /opt/mailwolt-installer >/dev/null 2>&1 || true
ver=$(git describe --tags --always --dirty 2>/dev/null || echo "unknown") raw=$(git describe --tags --always --dirty 2>/dev/null || echo "unknown")
echo "$ver" > "$VERSION_FILE" norm=$(printf '%s' "$raw" | sed -E 's/^v//; s/-.*$//')
echo "[i] Version aktualisiert: $ver"
echo "$raw" > /var/lib/mailwolt/version_raw
echo "$norm" > /var/lib/mailwolt/version
echo "[i] Version aktualisiert: raw=$raw norm=$norm"
else else
echo "unknown" > "$VERSION_FILE" echo "unknown" > /var/lib/mailwolt/version_raw
echo "0.0.0" > /var/lib/mailwolt/version
fi fi
echo "$rc" > "$STATE_DIR/rc" echo "$rc" > "$STATE_DIR/rc"
@ -104,6 +110,35 @@ if ! visudo -c -f "$SUDOERS" >/dev/null 2>&1; then
rm -f "$SUDOERS" rm -f "$SUDOERS"
fi fi
cat > "$SUDOERS_SERVICES" <<'EOF'
Defaults!/usr/bin/systemctl !requiretty
Cmnd_Alias MW_SERVICES = \
/usr/bin/systemctl reload nginx.service, \
/usr/bin/systemctl try-reload-or-restart nginx.service, \
/usr/bin/systemctl restart php8.3-fpm.service, \
/usr/bin/systemctl try-reload-or-restart postfix.service, \
/usr/bin/systemctl try-reload-or-restart dovecot.service, \
/usr/bin/systemctl try-reload-or-restart rspamd.service, \
/usr/bin/systemctl try-reload-or-restart opendkim.service, \
/usr/bin/systemctl try-reload-or-restart opendmarc.service, \
/usr/bin/systemctl try-reload-or-restart clamav-daemon.service, \
/usr/bin/systemctl try-reload-or-restart redis-server.service
www-data ALL=(root) NOPASSWD: MW_SERVICES
EOF
chmod 440 "$SUDOERS_SERVICES"
chown root:root "$SUDOERS_SERVICES"
# Prüfen, ob Syntax gültig ist
if ! visudo -c -f "$SUDOERS_SERVICES" >/dev/null 2>&1; then
echo "[!] Ungültiger sudoers-Eintrag in $SUDOERS_SERVICES entferne Datei."
rm -f "$SUDOERS_SERVICES"
else
echo "[✓] Sudoers für Dienststeuerung angelegt: $SUDOERS_SERVICES"
fi
# Version-File initial anlegen, falls nicht existiert # Version-File initial anlegen, falls nicht existiert
if [[ ! -f "$VERSION_FILE" ]]; then if [[ ! -f "$VERSION_FILE" ]]; then
echo "unknown" > "$VERSION_FILE" echo "unknown" > "$VERSION_FILE"
@ -111,100 +146,4 @@ if [[ ! -f "$VERSION_FILE" ]]; then
fi fi
log "[✓] Update-Wrapper bereit: $WRAPPER" log "[✓] Update-Wrapper bereit: $WRAPPER"
log "[✓] Version wird unter $VERSION_FILE gespeichert" log "[✓] Version wird unter $VERSION_FILE gespeichert"
##!/usr/bin/env bash
#set -euo pipefail
#source ./lib.sh
#
#log "Update-Wrapper & Sudoers …"
#
#WRAPPER="/usr/local/sbin/mw-update"
#LOGFILE="/var/log/mailwolt-update.log"
#STATEDIR="/var/lib/mailwolt/update"
#SUDOERS="/etc/sudoers.d/mailwolt-update"
#
## Kandidaten: wo liegt update.sh?
#CANDIDATES=(
# /opt/mailwolt-installer/scripts/update.sh
# /mailwolt-installer/scripts/update.sh
# /usr/local/lib/mailwolt/update.sh
#)
#
## State/Log vorbereiten
#install -d -m 0755 "$(dirname "$LOGFILE")"
#install -d -m 0755 "$STATEDIR"
#: > "$LOGFILE" || true
#chmod 0644 "$LOGFILE"
#
## Wrapper erzeugen
#cat > "$WRAPPER" <<'EOF'
##!/usr/bin/env bash
#set -euo pipefail
#
#LOG="/var/log/mailwolt-update.log"
#STATE_DIR="/var/lib/mailwolt/update"
#
#CANDIDATES=(
# /opt/mailwolt-installer/scripts/update.sh
# /mailwolt-installer/scripts/update.sh
# /usr/local/lib/mailwolt/update.sh
#)
#
## Beste vorhandene update.sh finden
#SCRIPT=""
#for p in "${CANDIDATES[@]}"; do
# if [[ -x "$p" ]]; then SCRIPT="$p"; break; fi
# if [[ -f "$p" && -r "$p" ]]; then SCRIPT="$p"; break; fi
#done
#
#install -d -m 0755 "$STATE_DIR"
#echo "running" > "$STATE_DIR/state"
#
#{
# echo "===== $(date -Is) :: Update gestartet ====="
# if [[ -z "$SCRIPT" ]]; then
# echo "[!] update.sh nicht gefunden oder nicht ausführbar (versucht: ${CANDIDATES[*]})"
# rc=127
# else
# echo "[i] benutze: $SCRIPT"
# if [[ "$(id -u)" -ne 0 ]]; then
# echo "[!] Bitte als root ausführen"
# rc=1
# else
# # Dirty-Working-Tree zulassen, damit UI-Commits/Änderungen kein Blocker sind
# if [[ -x "$SCRIPT" ]]; then
# ALLOW_DIRTY=1 "$SCRIPT"
# else
# ALLOW_DIRTY=1 bash "$SCRIPT"
# fi
# rc=$?
# fi
# fi
# echo "===== $(date -Is) :: Update beendet (rc=$rc) ====="
# echo "$rc" > "$STATE_DIR/rc"
# echo "done" > "$STATE_DIR/state"
# exit "$rc"
#} | tee -a "$LOG"
#EOF
#
#chmod 0755 "$WRAPPER"
#chown root:root "$WRAPPER"
#
## Sudoers: www-data (Laravel) & mailwolt dürfen den Wrapper laufen lassen
#cat > "$SUDOERS" <<'EOF'
#Defaults!/usr/local/sbin/mw-update !requiretty
#www-data ALL=(root) NOPASSWD: /usr/local/sbin/mw-update
#mailwolt ALL=(root) NOPASSWD: /usr/local/sbin/mw-update
#EOF
#
#chown root:root "$SUDOERS"
#chmod 440 "$SUDOERS"
#
#if ! visudo -c -f "$SUDOERS" >/dev/null 2>&1; then
# echo "[!] Ungültiger sudoers-Eintrag in $SUDOERS entferne Datei."
# rm -f "$SUDOERS"
#fi
#
#log "[✓] Update-Wrapper bereit: $WRAPPER"