#!/bin/sh -eu tool=$(readlink -e "${0%/*}/..") first_valid_uid=30000 first_valid_gid=30000 . "$tool"/local/lib.sh # SYNTAX: user@domain # ENVIRONMENT: # extra_fields # gid # home # mail_access_groups # password # uid # DESCRIPTION: outil de création de compte dovecot IFS=@ read -r user domain <<-EOF $1 EOF test "${user:+set}" test "${domain:+set}" shift # setup_nss domain_group=mail-"$(sed -e 's/[^0-9a-z-]/_/g' <<-EOF $domain EOF )" "$tool"/local/addgroup "$domain_group" --system # setup_dirs for dir in \ /etc/dovecot \ ~mail/acl \ ~mail/data \ ~mail/log \ /var/lib/dovecot-control \ /var/lib/dovecot-index do # NOTE: postfix est configuré pour transporter "dovecot.$domain" via le LMTP de dovecot. # mais du coup le domaine récupéré par dovecot comporte le préfixe "dovecot." sudo install -d -o mail -g "$domain_group" -m 1770 \ "$dir"/dovecot."$domain" sudo ln -fns \ dovecot."$domain" \ "$dir"/"$domain" done sudo chmod -t ~mail/acl/dovecot."$domain" # NOTE: permet les mv shared.db{.lock,} effectués par dovecot sudo install -d -o mail -g php_roundcube -m 1770 \ /etc/dovecot/dovecot."$domain" sudo install -d -o mail -g postfix -m 750 \ /etc/mail/dovecot # setup_postfix dir_virtual_alias=/etc/mail/dovecot old_virtual_alias="$dir_virtual_alias"/virtual_alias virtual_alias_entry="$user@$domain $user@dovecot.$domain" virtual_alias=$(sudo cat "$old_virtual_alias") if ! grep -Fqx "$virtual_alias_entry" <<-EOF $virtual_alias EOF then new_virtual_alias=$(sudo TMPDIR= mktemp --tmpdir="$dir_virtual_alias" -t "virtual_alias.XXXXXXXX.tmp") sort -k 1,1 <<-EOF | $virtual_alias_entry${virtual_alias:+$(printf '\n%s' "$virtual_alias")} EOF sudo install -o root -g postfix -m 640 /dev/stdin \ "$new_virtual_alias" sudo mv -f "$new_virtual_alias" "$old_virtual_alias" sudo postmap hash:/etc/mail/dovecot/virtual_alias sudo postfix reload fi # setup_passwd dir_passwd=/etc/dovecot/"$domain" old_passwd="$dir_passwd"/passwd new_passwd=$(sudo TMPDIR= mktemp --tmpdir="$dir_passwd" -t "passwd.XXXXXXXX.tmp") has_done_user=: while IFS=: read <&4 -r \ passwd_user \ passwd_password \ passwd_uid \ passwd_gid \ passwd_gecos \ passwd_home \ passwd_shell \ passwd_extra_fields do case "$passwd_user" in ("$user"|"!") $has_done_user has_done_user=continue if test "${password:+set}" then password=$(/usr/bin/doveadm pw -s SHA512-CRYPT -p "$password") else if test "${password+defined}" -o -z "${passwd_password-}" then IFS= read -r password <<-EOF $(/usr/bin/doveadm pw -s SHA512-CRYPT) EOF else password=$passwd_password fi fi home=${home:-~mail/data/"$domain/$user"} uid=${uid:-$passwd_uid} gid=${gid:-$passwd_gid} if test "$domain" = "$local_domainname" && getent passwd "$user" then uid=${uid:-$(id -u "$user")} gid=${gid:-$(id -g "$user")} sudo adduser "$user" "$domain_group" else if sudo test -e "$home" then uid=${uid:-$(sudo stat -c '%u' "$home")} gid=${gid:-$(sudo stat -c '%g' "$home")} fi sudo touch /etc/dovecot/passwd if test ! "${uid:+set}" then uid=$first_valid_uid; while sudo find /etc/dovecot/ \ -mindepth 1 -maxdepth 2 -type f -name passwd -exec \ grep -q -x "^[^:]*:[^:]*:$uid:.*" {} + do uid=$((uid + 1)) done fi if test ! "${gid:+set}" then gid=$first_valid_gid; while sudo find /etc/dovecot/ \ -mindepth 1 -maxdepth 2 -type f -name passwd -exec \ grep -q -x "^[^:]*:[^:]*:[^:]*:$gid:.*" {} + do gid=$((gid + 1)) done fi fi gecos=${gecos:-${passwd_gecos:-}} shell=${shell:-${passwd_shell:-/bin/false}} while IFS='=' read -r name value do case $name in ("userdb_gid") : ;; ("userdb_home") : ;; ("userdb_mail_access_groups") mail_access_groups=${mail_access_groups-$value};; ("userdb_uid") : ;; ('') : ;; (*) extra_fields="${extra_fields:+$extra_fields }$name=$value";; esac done <<-EOF $(tr ' ' '\n' <<-EOF $passwd_extra_fields EOF ) EOF extra_fields="${extra_fields:+$extra_fields }userdb_uid=$uid" extra_fields="${extra_fields:+$extra_fields }userdb_gid=$gid" extra_fields="${extra_fields:+$extra_fields }userdb_home=$home" extra_fields="${extra_fields:+$extra_fields }userdb_mail_access_groups=${mail_access_groups-$domain_group,amavis}" cat >&3 <<-EOF $user:$password:$uid:$gid:$gecos:$home:$shell:$extra_fields EOF # setup_maildir welcome_mail=$(sudo test -e "$home" || echo send) sudo install -d -o "$uid" -g "$gid" -m 2770 \ "$home" \ "$home"/Maildir sudo install -d -o "$uid" -g "$gid" -m 0700 \ "$home"/acl.d \ "$home"/sieve.d sudo install -o "$uid" -g "$gid" -m 0600 \ "$tool"/etc/dovecot/sieve/user.sieve \ "$home"/sieve.d/main.sieve sudo touch "$home"/sieve.d/roundcube.sieve if sudo test ! -e "$home"/sieve then sudo ln -s sieve.d/main.sieve "$home"/sieve fi ;; ('') : ;; ('!!') if test "${welcome_mail:+set}" then mail \ -S from=postmaster@"$local_domainname" \ -s "Bienvenue $user@$domain" \ "$user"@"$domain" <<-EOF Bienvenue $user@$domain, pour tout support technique : postmaster@$domain . -- Le support technique de $domain. EOF fi ;; (*) cat >&3 <<-EOF $passwd_user:$passwd_password:$passwd_uid:$passwd_gid:$passwd_gecos:$passwd_home:$passwd_shell:$passwd_extra_fields EOF ;; esac done 4<<-EOF 3>&1 >&2 | $(sudo test ! -e "$old_passwd" || sudo cat "$old_passwd") ! !! EOF sort -k 1,1 -t : | sudo install -o php_roundcube -g php_roundcube -m 0640 /dev/stdin "$new_passwd" sudo mv -f "$new_passwd" "$old_passwd"