TerribleDev/EmailHostingPlatform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
44db7d06cb2a4221ce2d0a2106224f1729ec5087
EmailHostingPlatform/resume-setup.sh
Tommy Parnell b864394932 add resume script
2025-08-03 13:00:23 -04:00

211 lines
6.0 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# Resume Email Server Setup - Certificate and Final Steps
# Run this after DNS records are configured
set -euo pipefail
# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
# Get configuration from existing files or prompt
get_config() {
# Try to get hostname from existing Postfix config
if [[ -f "/etc/postfix/main.cf" ]]; then
HOSTNAME=$(grep "^myhostname" /etc/postfix/main.cf | cut -d= -f2 | tr -d ' ' || echo "")
DOMAIN=$(grep "^mydomain" /etc/postfix/main.cf | cut -d= -f2 | tr -d ' ' || echo "")
fi
# If not found, prompt user
if [[ -z "${HOSTNAME:-}" ]]; then
read -p "Enter your hostname (e.g., mail.terrible.dev): " HOSTNAME
fi
if [[ -z "${DOMAIN:-}" ]]; then
read -p "Enter your domain (e.g., terrible.dev): " DOMAIN
fi
if [[ -z "${ADMIN_EMAIL:-}" ]]; then
read -p "Enter admin email: " ADMIN_EMAIL
fi
echo "Using:"
echo " Hostname: $HOSTNAME"
echo " Domain: $DOMAIN"
echo " Admin Email: $ADMIN_EMAIL"
echo
}
info() {
echo -e "${BLUE}INFO: $1${NC}"
}
success() {
echo -e "${GREEN}SUCCESS: $1${NC}"
}
warning() {
echo -e "${YELLOW}WARNING: $1${NC}"
}
error() {
echo -e "${RED}ERROR: $1${NC}" >&2
exit 1
}
# Test DNS resolution
test_dns() {
info "Testing DNS resolution for $HOSTNAME..."
if dig +short A "$HOSTNAME" | grep -q .; then
IP=$(dig +short A "$HOSTNAME" | head -1)
success "DNS resolution successful: $HOSTNAME -> $IP"
return 0
else
error "DNS resolution failed for $HOSTNAME. Please check your DNS records."
return 1
fi
}
# Get SSL certificates
get_ssl_certificates() {
info "Obtaining Let's Encrypt certificates..."
# Stop services that might be using port 80
systemctl stop apache2 2>/dev/null || true
systemctl stop nginx 2>/dev/null || true
# Get certificate
if certbot certonly --standalone -d "$HOSTNAME" --email "$ADMIN_EMAIL" --agree-tos --non-interactive; then
success "SSL certificates obtained successfully"
else
error "Failed to obtain SSL certificate. Check DNS and firewall."
fi
# Set up auto-renewal
(crontab -l 2>/dev/null; echo "0 12 * * * /usr/bin/certbot renew --quiet") | crontab -
success "SSL auto-renewal configured"
}
# Update configurations with SSL certificates
update_ssl_configs() {
info "Updating configurations with SSL certificates..."
# Update Dovecot SSL config
if [[ -f "/etc/dovecot/conf.d/10-ssl.conf" ]]; then
cat > /etc/dovecot/conf.d/10-ssl.conf << EOF
ssl = required
ssl_cert = </etc/letsencrypt/live/$HOSTNAME/fullchain.pem
ssl_key = </etc/letsencrypt/live/$HOSTNAME/privkey.pem
ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384
ssl_prefer_server_ciphers = yes
ssl_dh = </etc/dovecot/dh.pem
EOF
fi
# Update Apache SSL config
if [[ -f "/etc/apache2/sites-available/postfixadmin.conf" ]]; then
# Update certificate paths in Apache config
sed -i "s|/etc/letsencrypt/live/.*/fullchain.pem|/etc/letsencrypt/live/$HOSTNAME/fullchain.pem|g" /etc/apache2/sites-available/postfixadmin.conf
sed -i "s|/etc/letsencrypt/live/.*/privkey.pem|/etc/letsencrypt/live/$HOSTNAME/privkey.pem|g" /etc/apache2/sites-available/postfixadmin.conf
fi
success "SSL configurations updated"
}
# Start all services
start_services() {
info "Starting and enabling all services..."
# Reload systemd
systemctl daemon-reload
# Start services in order
services=("postgresql" "postfix" "dovecot" "opendkim" "clamav-daemon" "clamav-freshclam" "amavis" "spamassassin" "apache2")
for service in "${services[@]}"; do
if systemctl enable --now "$service"; then
info "$service started and enabled"
else
warning "✗ Failed to start $service"
fi
sleep 2
done
success "All services started"
}
# Test services
test_services() {
info "Testing service status..."
services=("postgresql" "postfix" "dovecot" "opendkim" "clamav-daemon" "amavis" "spamassassin" "apache2")
for service in "${services[@]}"; do
if systemctl is-active --quiet "$service"; then
success "$service is running"
else
warning "$service is not running"
fi
done
}
# Display final information
display_final_info() {
success "Email server setup resumed and completed!"
echo
echo -e "${BLUE}=== Setup Summary ===${NC}"
echo "Hostname: $HOSTNAME"
echo "Domain: $DOMAIN"
echo "Admin Email: $ADMIN_EMAIL"
echo "PostfixAdmin URL: https://$HOSTNAME/postfixadmin/"
echo
echo -e "${YELLOW}=== DNS Records Still Needed ===${NC}"
echo "MX $DOMAIN $HOSTNAME"
echo "TXT $DOMAIN \"v=spf1 mx ~all\""
echo "TXT _dmarc.$DOMAIN \"v=DMARC1; p=none; rua=mailto:dmarc@$DOMAIN\""
echo
echo -e "${YELLOW}=== DKIM DNS Record ===${NC}"
if [[ -f "/etc/opendkim/keys/$DOMAIN/mail.txt" ]]; then
cat "/etc/opendkim/keys/$DOMAIN/mail.txt"
else
echo "DKIM record not found - may need to regenerate"
fi
echo
echo -e "${YELLOW}=== Next Steps ===${NC}"
echo "1. Add the remaining DNS records shown above"
echo "2. Visit https://$HOSTNAME/postfixadmin/setup.php to complete PostfixAdmin setup"
echo "3. Create your first domain and mailbox"
echo "4. Test email sending and receiving"
echo
echo -e "${GREEN}Setup completed successfully!${NC}"
}
# Main function
main() {
echo -e "${BLUE}Email Server Setup Resume Script${NC}"
echo "================================"
echo
# Check if running as root
if [[ $EUID -ne 0 ]]; then
error "This script must be run as root"
fi
get_config
test_dns
get_ssl_certificates
update_ssl_configs
start_services
test_services
display_final_info
}
main "$@"
Reference in New Issue View Git Blame Copy Permalink