#!/bin/bash # filepath: verify-postfixadmin-config.sh # Verify PostfixAdmin configuration and supported encryption methods # This script checks the current configuration and provides recommendations set -euo pipefail # Colors for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # No Color info() { echo -e "${BLUE}INFO: $1${NC}" } success() { echo -e "${GREEN}SUCCESS: $1${NC}" } warning() { echo -e "${YELLOW}WARNING: $1${NC}" } error() { echo -e "${RED}ERROR: $1${NC}" >&2 } WEBROOT="/var/www/postfixadmin" CONFIG_FILE="$WEBROOT/config.local.php" echo -e "${BLUE}=== PostfixAdmin Configuration Verification ===${NC}" echo # Check if PostfixAdmin is installed if [[ -d "$WEBROOT" ]]; then success "PostfixAdmin directory found: $WEBROOT" else error "PostfixAdmin directory not found: $WEBROOT" exit 1 fi # Check config file if [[ -f "$CONFIG_FILE" ]]; then success "Configuration file found: $CONFIG_FILE" else warning "Configuration file not found: $CONFIG_FILE" echo "Run the setup script first to create the configuration." exit 1 fi # Check encryption method echo info "Checking encryption configuration..." if grep -q "dovecot:SHA512-CRYPT" "$CONFIG_FILE"; then success "✅ Using supported encryption: dovecot:SHA512-CRYPT" elif grep -q "sha512.crypt" "$CONFIG_FILE"; then error "❌ Using unsupported encryption: sha512.crypt" echo " Fix: Change to 'dovecot:SHA512-CRYPT'" elif grep -q "encrypt" "$CONFIG_FILE"; then ENCRYPT_METHOD=$(grep "encrypt" "$CONFIG_FILE" | head -1 | cut -d"'" -f4) warning "⚠️ Using encryption method: $ENCRYPT_METHOD" echo " Recommended: 'dovecot:SHA512-CRYPT'" else warning "No encryption method found in configuration" fi # Check if configured echo info "Checking configuration status..." if grep -q "configured.*true" "$CONFIG_FILE"; then success "✅ PostfixAdmin is marked as configured" elif grep -q "configured.*false" "$CONFIG_FILE"; then info "⏳ PostfixAdmin is not yet configured (setup wizard available)" else warning "Configuration status unclear" fi # Check database configuration echo info "Checking database configuration..." if grep -q "database_type.*pgsql" "$CONFIG_FILE"; then success "✅ Using PostgreSQL database" else warning "Database type not found or not PostgreSQL" fi if grep -q "database_host.*localhost" "$CONFIG_FILE"; then success "✅ Database host: localhost" fi # Check dovecotpw path echo info "Checking Dovecot integration..." if grep -q "dovecotpw.*doveadm" "$CONFIG_FILE"; then success "✅ Using doveadm for password operations" # Test if doveadm is available if command -v doveadm >/dev/null 2>&1; then success "✅ doveadm command is available" # Test encryption if echo "test" | doveadm pw -s SHA512-CRYPT >/dev/null 2>&1; then success "✅ SHA512-CRYPT encryption is supported" else warning "⚠️ SHA512-CRYPT test inconclusive" fi else error "❌ doveadm command not found" echo " Install Dovecot: apt-get install dovecot-core" fi else warning "Dovecot integration not configured" fi # Check public directory echo info "Checking web server configuration..." if [[ -d "$WEBROOT/public" ]]; then success "✅ PostfixAdmin public directory exists" else error "❌ PostfixAdmin public directory missing" echo " Expected: $WEBROOT/public" echo " Check PostfixAdmin version and extraction" fi # Check permissions echo info "Checking file permissions..." if [[ -w "$WEBROOT/templates_c" ]]; then success "✅ templates_c directory is writable" else error "❌ templates_c directory is not writable" echo " Fix: chown -R www-data:www-data $WEBROOT/templates_c" fi # Check Nginx configuration echo info "Checking web server configuration..." if [[ -f "/etc/nginx/sites-enabled/postfixadmin.conf" ]]; then success "✅ Nginx PostfixAdmin site is enabled" if grep -q "root.*public" "/etc/nginx/sites-enabled/postfixadmin.conf"; then success "✅ Nginx points to public directory" else warning "⚠️ Nginx may not be pointing to public directory" fi else warning "Nginx PostfixAdmin configuration not found" fi # Check Postfix integration echo info "Checking Postfix integration..." POSTFIX_CONFIGS=( "/etc/postfix/pgsql-virtual-mailbox-domains.cf" "/etc/postfix/pgsql-virtual-mailbox-maps.cf" "/etc/postfix/pgsql-virtual-alias-maps.cf" ) for config in "${POSTFIX_CONFIGS[@]}"; do if [[ -f "$config" ]]; then success "✅ Found: $(basename "$config")" else error "❌ Missing: $(basename "$config")" fi done # Summary echo echo -e "${BLUE}=== Configuration Summary ===${NC}" echo echo -e "${YELLOW}Supported PostfixAdmin 3.3.11 Encryption Methods:${NC}" echo "✅ dovecot:SHA512-CRYPT (recommended)" echo "✅ dovecot:SHA256-CRYPT" echo "✅ dovecot:BLF-CRYPT" echo "✅ md5crypt" echo "✅ sha512" echo "❌ sha512.crypt (unsupported)" echo "❌ cleartext (not recommended)" echo echo -e "${YELLOW}PostfixAdmin Database Tables:${NC}" echo "Required tables created by setup wizard:" echo "• admin" echo "• alias" echo "• config" echo "• domain" echo "• domain_admins" echo "• fetchmail" echo "• log" echo "• mailbox" echo "• quota" echo "• quota2" echo "• vacation" echo "• vacation_notification" echo echo -e "${YELLOW}Access URLs:${NC}" if grep -q "postfix_admin_url" "$CONFIG_FILE"; then ADMIN_URL=$(grep "postfix_admin_url" "$CONFIG_FILE" | cut -d"'" -f4) echo "PostfixAdmin: $ADMIN_URL/" echo "Setup wizard: $ADMIN_URL/setup.php" else echo "PostfixAdmin: https://your-hostname/" echo "Setup wizard: https://your-hostname/setup.php" fi echo echo -e "${GREEN}Configuration verification completed!${NC}"