Dovecot Systax Problem
parent
2e76d5144f
commit
ff2418f21f
|
|
@ -25,6 +25,25 @@ apt-get -y autoremove >/dev/null 2>&1 || true
|
||||||
log "Systemuser/Dirs …"
|
log "Systemuser/Dirs …"
|
||||||
id vmail >/dev/null 2>&1 || adduser --system --group --home /var/mail vmail
|
id vmail >/dev/null 2>&1 || adduser --system --group --home /var/mail vmail
|
||||||
id "$APP_USER" >/dev/null 2>&1 || adduser --disabled-password --gecos "" "$APP_USER"
|
id "$APP_USER" >/dev/null 2>&1 || adduser --disabled-password --gecos "" "$APP_USER"
|
||||||
|
# Systemuser/Dirs …
|
||||||
|
id vmail >/dev/null 2>&1 || adduser --system --group --home /var/mail vmail
|
||||||
|
id "$APP_USER" >/dev/null 2>&1 || adduser --disabled-password --gecos "" "$APP_USER"
|
||||||
|
|
||||||
|
# --- FIX: Gruppen und Berechtigungen für Maildir und Dovecot-Zugriff ---
|
||||||
|
# vmail soll primär der Gruppe "mail" angehören, zusätzlich dovecot
|
||||||
|
usermod -g mail -a -G dovecot vmail || true
|
||||||
|
|
||||||
|
# App-User in relevante Gruppen
|
||||||
|
usermod -a -G "$APP_GROUP" "$APP_USER" || true
|
||||||
|
usermod -a -G mail,dovecot "$APP_USER" || true
|
||||||
|
|
||||||
|
# Maildir-Baum für Gruppe mail lesbar
|
||||||
|
chgrp -R mail /var/mail/vhosts || true
|
||||||
|
chmod -R g+rx /var/mail/vhosts || true
|
||||||
|
|
||||||
|
# ACLs setzen, damit neue Verzeichnisse automatisch passende Rechte bekommen
|
||||||
|
setfacl -R -m g:mail:rx /var/mail/vhosts || true
|
||||||
|
setfacl -dR -m g:mail:rx /var/mail/vhosts || true
|
||||||
usermod -a -G "$APP_GROUP" "$APP_USER" || true
|
usermod -a -G "$APP_GROUP" "$APP_USER" || true
|
||||||
install -d -m 0755 -o root -g root /var/www
|
install -d -m 0755 -o root -g root /var/www
|
||||||
install -d -m 0775 -o "$APP_USER" -g "$APP_GROUP" "$APP_DIR"
|
install -d -m 0775 -o "$APP_USER" -g "$APP_GROUP" "$APP_DIR"
|
||||||
|
|
@ -54,6 +73,17 @@ if ! visudo -c -f "${SUDOERS_DKIM}" >/dev/null 2>&1; then
|
||||||
rm -f "${SUDOERS_DKIM}"
|
rm -f "${SUDOERS_DKIM}"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
SUDOERS_DOVEADM="/etc/sudoers.d/mailwolt-doveadm"
|
||||||
|
cat > "${SUDOERS_DOVEADM}" <<'EOF'
|
||||||
|
Cmnd_Alias MW_DOVEADM_STATUS = /usr/bin/doveadm -f tab mailbox status -u * messages INBOX, \
|
||||||
|
/usr/bin/doveadm mailbox status -u * messages INBOX
|
||||||
|
www-data ALL=(vmail) NOPASSWD: MW_DOVEADM_STATUS
|
||||||
|
mailwolt ALL=(vmail) NOPASSWD: MW_DOVEADM_STATUS
|
||||||
|
EOF
|
||||||
|
chown root:root "${SUDOERS_DOVEADM}"
|
||||||
|
chmod 440 "${SUDOERS_DOVEADM}"
|
||||||
|
visudo -c -f "${SUDOERS_DOVEADM}" || rm -f "${SUDOERS_DOVEADM}"
|
||||||
|
|
||||||
log "MariaDB include-fix …"
|
log "MariaDB include-fix …"
|
||||||
mkdir -p /etc/mysql/mariadb.conf.d
|
mkdir -p /etc/mysql/mariadb.conf.d
|
||||||
[[ -f /etc/mysql/mariadb.cnf ]] || echo '!include /etc/mysql/mariadb.conf.d/*.cnf' > /etc/mysql/mariadb.cnf
|
[[ -f /etc/mysql/mariadb.cnf ]] || echo '!include /etc/mysql/mariadb.conf.d/*.cnf' > /etc/mysql/mariadb.cnf
|
||||||
|
|
|
||||||
|
|
@ -152,6 +152,30 @@ service pop3-login {
|
||||||
}
|
}
|
||||||
CONF
|
CONF
|
||||||
|
|
||||||
|
# --- Dovecot: doveadm-server für App-Zugriff ---
|
||||||
|
cat >/etc/dovecot/conf.d/99-mailwolt-perms.conf <<'CONF'
|
||||||
|
service auth {
|
||||||
|
unix_listener auth-userdb {
|
||||||
|
mode = 0660
|
||||||
|
user = vmail
|
||||||
|
group = mail
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
service stats {
|
||||||
|
unix_listener stats-reader {
|
||||||
|
mode = 0660
|
||||||
|
user = vmail
|
||||||
|
group = mail
|
||||||
|
}
|
||||||
|
unix_listener stats-writer {
|
||||||
|
mode = 0660
|
||||||
|
user = vmail
|
||||||
|
group = mail
|
||||||
|
}
|
||||||
|
}
|
||||||
|
CONF
|
||||||
|
|
||||||
# SSL – auf stabile Mail-Pfade zeigen
|
# SSL – auf stabile Mail-Pfade zeigen
|
||||||
DOVECOT_SSL_CONF="/etc/dovecot/conf.d/10-ssl.conf"
|
DOVECOT_SSL_CONF="/etc/dovecot/conf.d/10-ssl.conf"
|
||||||
touch "$DOVECOT_SSL_CONF"
|
touch "$DOVECOT_SSL_CONF"
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue