boban
/
mailwolt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rechtebechebung für User mit Sudorechte

main
boban 2025-10-19 23:10:59 +02:00
parent d37ef8ffee
commit 127497b5cf
2 changed files with 66 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
app/Observers/DomainObserver.php
View File

@ -66,32 +66,53 @@ class DomainObserver
/** /**
* Beim Löschen alle DKIM-Selector dieser Domain aus OpenDKIM entfernen. * Beim Löschen alle DKIM-Selector dieser Domain aus OpenDKIM entfernen.
*/ */
public function deleted(Domain $domain): void public function deleted(Domain $domain): void
{ {
try { try {
/** @var \App\Services\DkimService $svc */
$svc = app(\App\Services\DkimService::class); $svc = app(\App\Services\DkimService::class);
// Entferne DKIM aus OpenDKIM Config foreach ($domain->dkimKeys as $key) {
$svc->removeForDomain($domain); $svc->removeForDomain($domain, $key->selector);
}
// Optionale lokale Dateien löschen // Local storage wegräumen (kein Root nötig)
$path = storage_path("app/private/dkim/{$domain->domain}"); $path = storage_path("app/private/dkim/{$domain->domain}");
if (is_dir($path)) { if (is_dir($path)) {
\Illuminate\Support\Facades\File::deleteDirectory($path); \Illuminate\Support\Facades\File::deleteDirectory($path);
} }
// Reload OpenDKIM
\Illuminate\Support\Facades\Process::run(['sudo','-n','/usr/bin/systemctl','reload','opendkim']);
Log::info("Domain deleted + DKIM cleaned", ['domain' => $domain->domain]); Log::info("Domain deleted + DKIM cleaned", ['domain' => $domain->domain]);
} catch (\Throwable $e) { } catch (\Throwable $e) {
Log::error("Domain delete cleanup failed", [ Log::error("Domain delete cleanup failed", ['domain'=>$domain->domain,'error'=>$e->getMessage()]);
'domain' => $domain->domain,
'error' => $e->getMessage(),
]);
} }
} }
// public function deleted(Domain $domain): void
// {
// try {
// /** @var \App\Services\DkimService $svc */
// $svc = app(\App\Services\DkimService::class);
//
// // Entferne DKIM aus OpenDKIM Config
// $svc->removeForDomain($domain);
//
// // Optionale lokale Dateien löschen
// $path = storage_path("app/private/dkim/{$domain->domain}");
// if (is_dir($path)) {
// \Illuminate\Support\Facades\File::deleteDirectory($path);
// }
//
// // Reload OpenDKIM
// \Illuminate\Support\Facades\Process::run(['sudo','-n','/usr/bin/systemctl','reload','opendkim']);
//
// Log::info("Domain deleted + DKIM cleaned", ['domain' => $domain->domain]);
// } catch (\Throwable $e) {
// Log::error("Domain delete cleanup failed", [
// 'domain' => $domain->domain,
// 'error' => $e->getMessage(),
// ]);
// }
// }
public function forceDeleted(Domain $domain): void public function forceDeleted(Domain $domain): void
{ {

50
app/Services/DkimService.php
View File

@ -159,28 +159,46 @@ class DkimService
return $san; return $san;
} }
public function removeForDomain(Domain|string $domain): void public function removeForDomain(Domain|string $domain, ?string $selector = null): void
{ {
$domainName = $domain instanceof Domain ? $domain->domain : $domain; $name = $domain instanceof \App\Models\Domain ? $domain->domain : $domain;
$keyTable = '/etc/opendkim/KeyTable'; $selector = $selector ?: (string) config('mailpool.defaults.dkim_selector', 'mwl1');
$signTable = '/etc/opendkim/SigningTable';
$keyDir = "/etc/opendkim/keys/{$domainName}";
// Tabellen bereinigen // Root-Helper ausführen
foreach ([$keyTable, $signTable] as $file) { $p = Process::run([
if (is_file($file)) { 'sudo','-n','/usr/local/sbin/mailwolt-remove-dkim',
$lines = file($file, FILE_IGNORE_NEW_LINES); $name, $selector
$filtered = array_filter($lines, fn($l) => !str_contains($l, $domainName)); ]);
file_put_contents($file, implode(PHP_EOL, $filtered) . PHP_EOL); if (!$p->successful()) {
} throw new \RuntimeException('mailwolt-remove-dkim failed: '.$p->errorOutput());
} }
// Key-Verzeichnis löschen // OpenDKIM neu laden
if (is_dir($keyDir)) { Process::run(['sudo','-n','/usr/bin/systemctl','reload','opendkim']);
\Illuminate\Support\Facades\File::deleteDirectory($keyDir);
}
} }
// public function removeForDomain(Domain|string $domain): void
// {
// $domainName = $domain instanceof Domain ? $domain->domain : $domain;
// $keyTable = '/etc/opendkim/KeyTable';
// $signTable = '/etc/opendkim/SigningTable';
// $keyDir = "/etc/opendkim/keys/{$domainName}";
//
// // Tabellen bereinigen
// foreach ([$keyTable, $signTable] as $file) {
// if (is_file($file)) {
// $lines = file($file, FILE_IGNORE_NEW_LINES);
// $filtered = array_filter($lines, fn($l) => !str_contains($l, $domainName));
// file_put_contents($file, implode(PHP_EOL, $filtered) . PHP_EOL);
// }
// }
//
// // Key-Verzeichnis löschen
// if (is_dir($keyDir)) {
// \Illuminate\Support\Facades\File::deleteDirectory($keyDir);
// }
// }
// protected function safeKey($value, int $max = 64): string // protected function safeKey($value, int $max = 64): string
// { // {
// if (is_object($value)) { // if (is_object($value)) {