boban
/
mailwolt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rechtebechebung für User mit Sudorechte

main
boban 2025-10-19 23:53:50 +02:00
parent b80ff05a0a
commit 033ae32538
1 changed files with 63 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
app/Observers/DomainObserver.php
View File

@ -2,8 +2,10 @@
namespace App\Observers; namespace App\Observers;
use App\Models\DkimKey;
use App\Models\Domain; use App\Models\Domain;
use Illuminate\Support\Facades\Log; use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Process;
class DomainObserver class DomainObserver
{ {
@ -41,33 +43,87 @@ class DomainObserver
/** /**
* Beim Löschen alle DKIM-Selector dieser Domain aus OpenDKIM entfernen. * Beim Löschen alle DKIM-Selector dieser Domain aus OpenDKIM entfernen.
*/ */
public function deleting(Domain $domain): void
public function deleted(Domain $domain): void
{ {
try { try {
$svc = app(\App\Services\DkimService::class); $svc = app(\App\Services\DkimService::class);
foreach ($domain->dkimKeys as $key) { // Selector VOR dem Delete einsammeln (Relation oder direkte Query)
$svc->removeForDomain($domain, $key->selector); $selectors = DkimKey::where('domain_id', $domain->id)->pluck('selector')->all();
$selectors = $selectors ?: ['mwl1'];
foreach ($selectors as $sel) {
$cmd = ['sudo','-n','/usr/local/sbin/mailwolt-remove-dkim', $domain->domain, $sel];
$res = Process::timeout(30)->run($cmd);
Log::info('DKIM remove exit', [
'domain' => $domain->domain,
'selector' => $sel,
'exit' => $res->exitCode(),
'out' => $res->output(),
'err' => $res->errorOutput(),
]);
if ($res->failed()) {
throw new \RuntimeException('OpenDKIM-Remove fehlgeschlagen: '.$res->errorOutput());
}
} }
// Local storage wegräumen (kein Root nötig) // lokale Backups unter storage/… löschen (App-User, kein sudo nötig)
$path = storage_path("app/private/dkim/{$domain->domain}"); $path = storage_path("app/private/dkim/{$domain->domain}");
if (is_dir($path)) { if (is_dir($path)) {
\Illuminate\Support\Facades\File::deleteDirectory($path); \Illuminate\Support\Facades\File::deleteDirectory($path);
} }
Log::info("Domain deleted + DKIM cleaned", ['domain' => $domain->domain]); // OpenDKIM neu laden (best effort)
Process::run(['sudo','-n','/bin/systemctl','reload','opendkim']);
} catch (\Throwable $e) { } catch (\Throwable $e) {
Log::error("Domain delete cleanup failed", ['domain'=>$domain->domain,'error'=>$e->getMessage()]); Log::error('Domain deleting cleanup failed', [
'domain' => $domain->domain,
'error' => $e->getMessage(),
]);
// Optional: Exception werfen, um das Löschen vollständig abzubrechen
// throw $e;
} }
} }
/** Nur noch Info-Log NACH dem Löschen (kein Cleanup mehr hier) */
public function deleted(Domain $domain): void
{
Log::info('Domain deleted', ['domain' => $domain->domain]);
}
/** Für forceDelete bei SoftDeletes */
public function forceDeleted(Domain $domain): void public function forceDeleted(Domain $domain): void
{ {
$this->deleted($domain); $this->deleted($domain);
} }
// public function deleted(Domain $domain): void
// {
// try {
// $svc = app(\App\Services\DkimService::class);
//
// foreach ($domain->dkimKeys as $key) {
// $svc->removeForDomain($domain, $key->selector);
// }
//
// // Local storage wegräumen (kein Root nötig)
// $path = storage_path("app/private/dkim/{$domain->domain}");
// if (is_dir($path)) {
// \Illuminate\Support\Facades\File::deleteDirectory($path);
// }
//
// Log::info("Domain deleted + DKIM cleaned", ['domain' => $domain->domain]);
// } catch (\Throwable $e) {
// Log::error("Domain delete cleanup failed", ['domain'=>$domain->domain,'error'=>$e->getMessage()]);
// }
// }
//
// public function forceDeleted(Domain $domain): void
// {
// $this->deleted($domain);
// }
// public function created(Domain $domain): void // public function created(Domain $domain): void
// { // {
// if ($domain->is_server) { // if ($domain->is_server) {