--- /dev/null
+#!/bin/sh -eu
+tool=$(readlink -e "${0%/*}/..")
+first_valid_uid=30000
+first_valid_gid=30000
+. "$tool"/local/lib.sh
+# SYNTAX: user@domain
+# ENVIRONMENT:
+# extra_fields
+# gid
+# home
+# mail_access_groups
+# password
+# uid
+# DESCRIPTION: outil de création de compte dovecot
+
+IFS=@ read -r user domain <<-EOF
+ $1
+ EOF
+test "${user:+set"}"
+test "${domain:+set"}"
+shift
+
+# setup_nss
+ domain_group=mail-"$(sed -e 's/[^0-9a-z-]/_/g' <<-EOF
+ $domain
+ EOF
+ )"
+ "$tool"/local/addgroup "$domain_group" --system
+# setup_dirs
+ for dir in \
+ /etc/dovecot \
+ ~mail/acl \
+ ~mail/data \
+ ~mail/log \
+ /var/lib/dovecot-control \
+ /var/lib/dovecot-index
+ do
+ # NOTE: postfix est configuré pour transporter "dovecot.$domain" via le LMTP de dovecot.
+ # mais du coup le domaine récupéré par dovecot comporte le préfixe "dovecot."
+ sudo install -d -o mail -g "$domain_group" -m 1770 \
+ "$dir"/dovecot."$domain"
+ sudo ln -fns \
+ dovecot."$domain" \
+ "$dir"/"$domain"
+ done
+ sudo chmod -t ~mail/acl/dovecot."$domain"
+ # NOTE: permet les mv shared.db{.lock,} effectués par dovecot
+
+ sudo install -d -o mail -g php5_roundcube -m 1770 \
+ /etc/dovecot/dovecot."$domain"
+ sudo install -d -o mail -g postfix -m 750 \
+ /etc/mail/dovecot
+# setup_postfix
+ dir_virtual_alias=/etc/mail/dovecot
+ old_virtual_alias="$dir_virtual_alias"/virtual_alias
+ virtual_alias_entry="$user@$domain $user@dovecot.$domain"
+ virtual_alias=$(sudo cat "$old_virtual_alias")
+ if ! grep -Fqx "$virtual_alias_entry" <<-EOF
+ $virtual_alias
+ EOF
+ then
+ new_virtual_alias=$(sudo TMPDIR= mktemp --tmpdir="$dir_virtual_alias" -t "virtual_alias.XXXXXXXX.tmp")
+ sort -k 1,1 <<-EOF |
+ $virtual_alias_entry${virtual_alias:+$(printf '\n%s' "$virtual_alias")}
+ EOF
+ sudo install -o root -g postfix -m 640 /dev/stdin \
+ "$new_virtual_alias"
+ sudo mv -f "$new_virtual_alias" "$old_virtual_alias"
+ sudo postmap hash:/etc/mail/dovecot/virtual_alias
+ sudo postfix reload
+ fi
+# setup_passwd
+ dir_passwd=/etc/dovecot/"$domain"
+ old_passwd="$dir_passwd"/passwd
+ new_passwd=$(sudo TMPDIR= mktemp --tmpdir="$dir_passwd" -t "passwd.XXXXXXXX.tmp")
+ has_done_user=:
+ while IFS=: read <&4 -r \
+ passwd_user \
+ passwd_password \
+ passwd_uid \
+ passwd_gid \
+ passwd_gecos \
+ passwd_home \
+ passwd_shell \
+ passwd_extra_fields
+ do
+ case "$passwd_user" in
+ ("$user"|"!")
+ $has_done_user
+ has_done_user=continue
+ if test "${password:+set}"
+ then
+ password=$(/usr/bin/doveadm pw -s SHA512-CRYPT -p "$password")
+ else
+ if test "${password+defined}" -o -z "${passwd_password-}"
+ then
+ IFS= read -r password <<-EOF
+ $(/usr/bin/doveadm pw -s SHA512-CRYPT)
+ EOF
+ else
+ password=$passwd_password
+ fi
+ fi
+ home=${home:-~mail/data/"$domain/$user"}
+ uid=${uid:-$passwd_uid}
+ gid=${gid:-$passwd_gid}
+ if test "$domain" = "$local_domainname" &&
+ getent passwd "$user"
+ then
+ uid=${uid:-$(id -u "$user")}
+ gid=${gid:-$(id -g "$user")}
+ sudo adduser "$user" "$domain_group"
+ else
+ if sudo test -e "$home"
+ then
+ uid=${uid:-$(sudo stat -c '%u' "$home")}
+ gid=${gid:-$(sudo stat -c '%g' "$home")}
+ fi
+ sudo touch /etc/dovecot/passwd
+ if test ! "${uid:+set}"
+ then uid=$first_valid_uid; while sudo find /etc/dovecot/ \
+ -mindepth 1 -maxdepth 2 -type f -name passwd -exec \
+ grep -q -x "^[^:]*:[^:]*:$uid:.*" {} +
+ do uid=$((uid + 1))
+ done
+ fi
+ if test ! "${gid:+set}"
+ then gid=$first_valid_gid; while sudo find /etc/dovecot/ \
+ -mindepth 1 -maxdepth 2 -type f -name passwd -exec \
+ grep -q -x "^[^:]*:[^:]*:[^:]*:$gid:.*" {} +
+ do gid=$((gid + 1))
+ done
+ fi
+ fi
+ gecos=${gecos:-${passwd_gecos:-}}
+ shell=${shell:-${passwd_shell:-/bin/false}}
+ while IFS='=' read -r name value
+ do case $name in
+ ("userdb_gid") : ;;
+ ("userdb_home") : ;;
+ ("userdb_mail_access_groups") mail_access_groups=${mail_access_groups-$value};;
+ ("userdb_uid") : ;;
+ ('') : ;;
+ (*) extra_fields="${extra_fields:+$extra_fields }$name=$value";;
+ esac
+ done <<-EOF
+ $(tr ' ' '\n' <<-EOF
+ $passwd_extra_fields
+ EOF
+ )
+ EOF
+ extra_fields="${extra_fields:+$extra_fields }userdb_uid=$uid"
+ extra_fields="${extra_fields:+$extra_fields }userdb_gid=$gid"
+ extra_fields="${extra_fields:+$extra_fields }userdb_home=$home"
+ extra_fields="${extra_fields:+$extra_fields }userdb_mail_access_groups=${mail_access_groups-$domain_group}"
+ cat >&3 <<-EOF
+ $user:$password:$uid:$gid:$gecos:$home:$shell:$extra_fields
+ EOF
+ # setup_maildir
+ welcome_mail=$(sudo test -e "$home" || echo send)
+ sudo install -d -o "$uid" -g "$gid" -m 2770 \
+ "$home" \
+ "$home"/Maildir
+ sudo install -d -o "$uid" -g "$gid" -m 0700 \
+ "$home"/acl.d \
+ "$home"/sieve.d
+ sudo install -o "$uid" -g "$gid" -m 0600 \
+ "$tool"/etc/dovecot/sieve/user.sieve \
+ "$home"/sieve.d/main.sieve
+ sudo touch "$home"/sieve.d/roundcube.sieve
+ if sudo test ! -e "$home"/sieve
+ then sudo ln -s sieve.d/main.sieve "$home"/sieve
+ fi
+ ;;
+ ('') : ;;
+ ('!!')
+ if test "${welcome_mail:+set}"
+ then
+ mail \
+ -S from=postmaster@"$local_domainname" \
+ -s "Bienvenue $user@$domain" \
+ "$user"@"$domain" <<-EOF
+ Bienvenue $user@$domain,
+
+ pour tout support technique : postmaster@$domain .
+
+ --
+ Le support technique de $domain.
+ EOF
+ fi
+ ;;
+ (*)
+ cat >&3 <<-EOF
+ $passwd_user:$passwd_password:$passwd_uid:$passwd_gid:$passwd_gecos:$passwd_home:$passwd_shell:$passwd_extra_fields
+ EOF
+ ;;
+ esac
+ done 4<<-EOF 3>&1 >&2 |
+ $(sudo test ! -e "$old_passwd" || sudo cat "$old_passwd")
+ !
+ !!
+ EOF
+ sort -k 1,1 -t : |
+ sudo install -o php5_roundcube -g php5_roundcube -m 0640 /dev/stdin "$new_passwd"
+ sudo mv -f "$new_passwd" "$old_passwd"