dépôts / lhc / ateliers.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Correction : résilience des sauvegardes MySQL et PostgreSQL.
[lhc/ateliers.git] / local / dovecot-user-add
1 #!/bin/sh -eu
2 tool=$(readlink -e "${0%/*}/..")
3 first_valid_uid=30000
4 first_valid_gid=30000
5 . "$tool"/local/lib.sh
6 # SYNTAX: user@domain
7 # ENVIRONMENT:
8 # extra_fields
9 # gid
10 # home
11 # mail_access_groups
12 # password
13 # uid
14 # DESCRIPTION: outil de création de compte dovecot
15
16 IFS=@ read -r user domain <<-EOF
17 $1
18 EOF
19 test "${user:+set"}"
20 test "${domain:+set"}"
21 shift
22
23 # setup_nss
24 domain_group=mail-"$(sed -e 's/[^0-9a-z-]/_/g' <<-EOF
25 $domain
26 EOF
27 )"
28 "$tool"/local/addgroup "$domain_group" --system
29 # setup_dirs
30 for dir in \
31 /etc/dovecot \
32 ~mail/acl \
33 ~mail/data \
34 ~mail/log \
35 /var/lib/dovecot-control \
36 /var/lib/dovecot-index
37 do
38 # NOTE: postfix est configuré pour transporter "dovecot.$domain" via le LMTP de dovecot.
39 # mais du coup le domaine récupéré par dovecot comporte le préfixe "dovecot."
40 sudo install -d -o mail -g "$domain_group" -m 1770 \
41 "$dir"/dovecot."$domain"
42 sudo ln -fns \
43 dovecot."$domain" \
44 "$dir"/"$domain"
45 done
46 sudo chmod -t ~mail/acl/dovecot."$domain"
47 # NOTE: permet les mv shared.db{.lock,} effectués par dovecot
48
49 sudo install -d -o mail -g php_roundcube -m 1770 \
50 /etc/dovecot/dovecot."$domain"
51 sudo install -d -o mail -g postfix -m 750 \
52 /etc/mail/dovecot
53 # setup_postfix
54 dir_virtual_alias=/etc/mail/dovecot
55 old_virtual_alias="$dir_virtual_alias"/virtual_alias
56 virtual_alias_entry="$user@$domain $user@dovecot.$domain"
57 virtual_alias=$(sudo cat "$old_virtual_alias")
58 if ! grep -Fqx "$virtual_alias_entry" <<-EOF
59 $virtual_alias
60 EOF
61 then
62 new_virtual_alias=$(sudo TMPDIR= mktemp --tmpdir="$dir_virtual_alias" -t "virtual_alias.XXXXXXXX.tmp")
63 sort -k 1,1 <<-EOF |
64 $virtual_alias_entry${virtual_alias:+$(printf '\n%s' "$virtual_alias")}
65 EOF
66 sudo install -o root -g postfix -m 640 /dev/stdin \
67 "$new_virtual_alias"
68 sudo mv -f "$new_virtual_alias" "$old_virtual_alias"
69 sudo postmap hash:/etc/mail/dovecot/virtual_alias
70 sudo postfix reload
71 fi
72 # setup_passwd
73 dir_passwd=/etc/dovecot/"$domain"
74 old_passwd="$dir_passwd"/passwd
75 new_passwd=$(sudo TMPDIR= mktemp --tmpdir="$dir_passwd" -t "passwd.XXXXXXXX.tmp")
76 has_done_user=:
77 while IFS=: read <&4 -r \
78 passwd_user \
79 passwd_password \
80 passwd_uid \
81 passwd_gid \
82 passwd_gecos \
83 passwd_home \
84 passwd_shell \
85 passwd_extra_fields
86 do
87 case "$passwd_user" in
88 ("$user"|"!")
89 $has_done_user
90 has_done_user=continue
91 if test "${password:+set}"
92 then
93 password=$(/usr/bin/doveadm pw -s SHA512-CRYPT -p "$password")
94 else
95 if test "${password+defined}" -o -z "${passwd_password-}"
96 then
97 IFS= read -r password <<-EOF
98 $(/usr/bin/doveadm pw -s SHA512-CRYPT)
99 EOF
100 else
101 password=$passwd_password
102 fi
103 fi
104 home=${home:-~mail/data/"$domain/$user"}
105 uid=${uid:-$passwd_uid}
106 gid=${gid:-$passwd_gid}
107 if test "$domain" = "$local_domainname" &&
108 getent passwd "$user"
109 then
110 uid=${uid:-$(id -u "$user")}
111 gid=${gid:-$(id -g "$user")}
112 sudo adduser "$user" "$domain_group"
113 else
114 if sudo test -e "$home"
115 then
116 uid=${uid:-$(sudo stat -c '%u' "$home")}
117 gid=${gid:-$(sudo stat -c '%g' "$home")}
118 fi
119 sudo touch /etc/dovecot/passwd
120 if test ! "${uid:+set}"
121 then uid=$first_valid_uid; while sudo find /etc/dovecot/ \
122 -mindepth 1 -maxdepth 2 -type f -name passwd -exec \
123 grep -q -x "^[^:]*:[^:]*:$uid:.*" {} +
124 do uid=$((uid + 1))
125 done
126 fi
127 if test ! "${gid:+set}"
128 then gid=$first_valid_gid; while sudo find /etc/dovecot/ \
129 -mindepth 1 -maxdepth 2 -type f -name passwd -exec \
130 grep -q -x "^[^:]*:[^:]*:[^:]*:$gid:.*" {} +
131 do gid=$((gid + 1))
132 done
133 fi
134 fi
135 gecos=${gecos:-${passwd_gecos:-}}
136 shell=${shell:-${passwd_shell:-/bin/false}}
137 while IFS='=' read -r name value
138 do case $name in
139 ("userdb_gid") : ;;
140 ("userdb_home") : ;;
141 ("userdb_mail_access_groups") mail_access_groups=${mail_access_groups-$value};;
142 ("userdb_uid") : ;;
143 ('') : ;;
144 (*) extra_fields="${extra_fields:+$extra_fields }$name=$value";;
145 esac
146 done <<-EOF
147 $(tr ' ' '\n' <<-EOF
148 $passwd_extra_fields
149 EOF
150 )
151 EOF
152 extra_fields="${extra_fields:+$extra_fields }userdb_uid=$uid"
153 extra_fields="${extra_fields:+$extra_fields }userdb_gid=$gid"
154 extra_fields="${extra_fields:+$extra_fields }userdb_home=$home"
155 extra_fields="${extra_fields:+$extra_fields }userdb_mail_access_groups=${mail_access_groups-$domain_group,amavis}"
156 cat >&3 <<-EOF
157 $user:$password:$uid:$gid:$gecos:$home:$shell:$extra_fields
158 EOF
159 # setup_maildir
160 welcome_mail=$(sudo test -e "$home" || echo send)
161 sudo install -d -o "$uid" -g "$gid" -m 2770 \
162 "$home" \
163 "$home"/Maildir
164 sudo install -d -o "$uid" -g "$gid" -m 0700 \
165 "$home"/acl.d \
166 "$home"/sieve.d
167 sudo install -o "$uid" -g "$gid" -m 0600 \
168 "$tool"/etc/dovecot/sieve/user.sieve \
169 "$home"/sieve.d/main.sieve
170 sudo touch "$home"/sieve.d/roundcube.sieve
171 if sudo test ! -e "$home"/sieve
172 then sudo ln -s sieve.d/main.sieve "$home"/sieve
173 fi
174 ;;
175 ('') : ;;
176 ('!!')
177 if test "${welcome_mail:+set}"
178 then
179 mail \
180 -S from=postmaster@"$local_domainname" \
181 -s "Bienvenue $user@$domain" \
182 "$user"@"$domain" <<-EOF
183 Bienvenue $user@$domain,
184
185 pour tout support technique : postmaster@$domain .
186
187 --
188 Le support technique de $domain.
189 EOF
190 fi
191 ;;
192 (*)
193 cat >&3 <<-EOF
194 $passwd_user:$passwd_password:$passwd_uid:$passwd_gid:$passwd_gecos:$passwd_home:$passwd_shell:$passwd_extra_fields
195 EOF
196 ;;
197 esac
198 done 4<<-EOF 3>&1 >&2 |
199 $(sudo test ! -e "$old_passwd" || sudo cat "$old_passwd")
200 !
201 !!
202 EOF
203 sort -k 1,1 -t : |
204 sudo install -o php_roundcube -g php_roundcube -m 0640 /dev/stdin "$new_passwd"
205 sudo mv -f "$new_passwd" "$old_passwd"
outils d'administration d'ateliers.heureux-cyclage.org