diff --git a/app/Services/DkimService.php b/app/Services/DkimService.php index 6b85ce6..8c34f99 100644 --- a/app/Services/DkimService.php +++ b/app/Services/DkimService.php @@ -109,69 +109,68 @@ class DkimService // OpenDKIM einhängen (wenn Helper existiert) $helper = '/usr/local/sbin/mailwolt-install-dkim'; -// if (is_executable($helper)) { -// $cmd = [ -// 'sudo','-n', $helper, -// $domain->domain, -// $selKey, -// $privOKAbs, // …/storage/app/private/dkim//.private -// $dnsTxtAbs // …/storage/app/private/dkim//.txt -// ]; -// -// $res = Process::timeout(30)->run($cmd); -// -// if ($res->failed()) { -// Log::error('DKIM install failed', [ -// 'cmd' => implode(' ', $cmd), -// 'exit' => $res->exitCode(), -// 'out' => $res->output(), -// 'err' => $res->errorOutput(), -// ]); -// throw new RuntimeException( -// 'OpenDKIM-Install fehlgeschlagen: '.$res->errorOutput() -// ); -// } -// -// // OpenDKIM neu laden (falls der Helper das nicht selbst tut) -// Process::run(['sudo','-n','systemctl','reload','opendkim']); -// } - - $helper = '/usr/local/sbin/mailwolt-install-dkim'; - Log::debug('DKIM helper call', [ 'as' => trim(Process::run(['whoami'])->output()), 'helper' => $helper, 'exists' => is_file($helper), // KEINE privaten Keys loggen! ]); - - if (is_file($helper)) { - $cmd = [ - 'sudo','-n', $helper, - $domain->domain, - $selKey, - $privOKAbs, - $dnsTxtAbs, - ]; - $res = Process::timeout(30)->run($cmd); + $helper = '/usr/local/sbin/mailwolt-install-dkim'; - Log::info('DKIM install exit', [ - 'cmd' => implode(' ', $cmd), - 'exit' => $res->exitCode(), - 'out' => $res->output(), - 'err' => $res->errorOutput(), - ]); + $proc = Process::timeout(30)->run([ + 'sudo','-n', $helper, + $domain->domain, $selKey, $privOKAbs, $dnsTxtAbs + ]); - if ($res->failed()) { - throw new RuntimeException('OpenDKIM-Install fehlgeschlagen: '.$res->errorOutput()); + Log::info('DKIM install exit', [ + 'cmd' => $helper, + 'exit' => $proc->exitCode(), + 'out' => $proc->output(), + 'err' => $proc->errorOutput(), + ]); + + if (!$proc->successful()) { + // Optionale bessere Fehlermeldung + $err = $proc->errorOutput(); + if (str_contains($err, 'command not found') || str_contains($err, 'No such file')) { + throw new \RuntimeException('Helper fehlt: '.$helper.' (Installer erneut ausführen?)'); } - - Process::run(['sudo','-n','/usr/bin/systemctl','reload','opendkim']); - } else { - Log::warning('DKIM helper not found', ['path' => $helper]); + if (str_contains($err, 'sudo') && str_contains($err, 'a password is required')) { + throw new \RuntimeException('sudo NOPASSWD fehlt für www-data → /etc/sudoers.d/mailwolt-dkim prüfen.'); + } + throw new \RuntimeException("install-dkim failed: ".$err); } + Process::run(['sudo','-n','/usr/bin/systemctl','reload','opendkim']); + +// if (is_file($helper)) { +// $cmd = [ +// 'sudo','-n', $helper, +// $domain->domain, +// $selKey, +// $privOKAbs, +// $dnsTxtAbs, +// ]; +// +// $res = Process::timeout(30)->run($cmd); +// +// Log::info('DKIM install exit', [ +// 'cmd' => implode(' ', $cmd), +// 'exit' => $res->exitCode(), +// 'out' => $res->output(), +// 'err' => $res->errorOutput(), +// ]); +// +// if ($res->failed()) { +// throw new RuntimeException('OpenDKIM-Install fehlgeschlagen: '.$res->errorOutput()); +// } +// +// Process::run(['sudo','-n','/usr/bin/systemctl','reload','opendkim']); +// } else { +// Log::warning('DKIM helper not found', ['path' => $helper]); +// } + return [ 'selector' => $selKey, 'priv_path' => $privOKAbs,