X-Git-Url: https://git.cyclocoop.org/?p=lhc%2Fateliers.git;a=blobdiff_plain;f=local%2Fdovecot-user-add;fp=local%2Fdovecot-user-add;h=017faaf2ef02da509733fbe925aa0fdd25e516a9;hp=0000000000000000000000000000000000000000;hb=b75d4503ef9c919231c0c02daf5a1ed1e57c73af;hpb=4c57b350e0265cfadb9bbf95cd55ae491ee66820 diff --git a/local/dovecot-user-add b/local/dovecot-user-add new file mode 100755 index 0000000..017faaf --- /dev/null +++ b/local/dovecot-user-add @@ -0,0 +1,205 @@ +#!/bin/sh -eu +tool=$(readlink -e "${0%/*}/..") +first_valid_uid=30000 +first_valid_gid=30000 +. "$tool"/local/lib.sh +# SYNTAX: user@domain +# ENVIRONMENT: +# extra_fields +# gid +# home +# mail_access_groups +# password +# uid +# DESCRIPTION: outil de création de compte dovecot + +IFS=@ read -r user domain <<-EOF + $1 + EOF +test "${user:+set"}" +test "${domain:+set"}" +shift + +# setup_nss + domain_group=mail-"$(sed -e 's/[^0-9a-z-]/_/g' <<-EOF + $domain + EOF + )" + "$tool"/local/addgroup "$domain_group" --system +# setup_dirs + for dir in \ + /etc/dovecot \ + ~mail/acl \ + ~mail/data \ + ~mail/log \ + /var/lib/dovecot-control \ + /var/lib/dovecot-index + do + # NOTE: postfix est configuré pour transporter "dovecot.$domain" via le LMTP de dovecot. + # mais du coup le domaine récupéré par dovecot comporte le préfixe "dovecot." + sudo install -d -o mail -g "$domain_group" -m 1770 \ + "$dir"/dovecot."$domain" + sudo ln -fns \ + dovecot."$domain" \ + "$dir"/"$domain" + done + sudo chmod -t ~mail/acl/dovecot."$domain" + # NOTE: permet les mv shared.db{.lock,} effectués par dovecot + + sudo install -d -o mail -g php5_roundcube -m 1770 \ + /etc/dovecot/dovecot."$domain" + sudo install -d -o mail -g postfix -m 750 \ + /etc/mail/dovecot +# setup_postfix + dir_virtual_alias=/etc/mail/dovecot + old_virtual_alias="$dir_virtual_alias"/virtual_alias + virtual_alias_entry="$user@$domain $user@dovecot.$domain" + virtual_alias=$(sudo cat "$old_virtual_alias") + if ! grep -Fqx "$virtual_alias_entry" <<-EOF + $virtual_alias + EOF + then + new_virtual_alias=$(sudo TMPDIR= mktemp --tmpdir="$dir_virtual_alias" -t "virtual_alias.XXXXXXXX.tmp") + sort -k 1,1 <<-EOF | + $virtual_alias_entry${virtual_alias:+$(printf '\n%s' "$virtual_alias")} + EOF + sudo install -o root -g postfix -m 640 /dev/stdin \ + "$new_virtual_alias" + sudo mv -f "$new_virtual_alias" "$old_virtual_alias" + sudo postmap hash:/etc/mail/dovecot/virtual_alias + sudo postfix reload + fi +# setup_passwd + dir_passwd=/etc/dovecot/"$domain" + old_passwd="$dir_passwd"/passwd + new_passwd=$(sudo TMPDIR= mktemp --tmpdir="$dir_passwd" -t "passwd.XXXXXXXX.tmp") + has_done_user=: + while IFS=: read <&4 -r \ + passwd_user \ + passwd_password \ + passwd_uid \ + passwd_gid \ + passwd_gecos \ + passwd_home \ + passwd_shell \ + passwd_extra_fields + do + case "$passwd_user" in + ("$user"|"!") + $has_done_user + has_done_user=continue + if test "${password:+set}" + then + password=$(/usr/bin/doveadm pw -s SHA512-CRYPT -p "$password") + else + if test "${password+defined}" -o -z "${passwd_password-}" + then + IFS= read -r password <<-EOF + $(/usr/bin/doveadm pw -s SHA512-CRYPT) + EOF + else + password=$passwd_password + fi + fi + home=${home:-~mail/data/"$domain/$user"} + uid=${uid:-$passwd_uid} + gid=${gid:-$passwd_gid} + if test "$domain" = "$local_domainname" && + getent passwd "$user" + then + uid=${uid:-$(id -u "$user")} + gid=${gid:-$(id -g "$user")} + sudo adduser "$user" "$domain_group" + else + if sudo test -e "$home" + then + uid=${uid:-$(sudo stat -c '%u' "$home")} + gid=${gid:-$(sudo stat -c '%g' "$home")} + fi + sudo touch /etc/dovecot/passwd + if test ! "${uid:+set}" + then uid=$first_valid_uid; while sudo find /etc/dovecot/ \ + -mindepth 1 -maxdepth 2 -type f -name passwd -exec \ + grep -q -x "^[^:]*:[^:]*:$uid:.*" {} + + do uid=$((uid + 1)) + done + fi + if test ! "${gid:+set}" + then gid=$first_valid_gid; while sudo find /etc/dovecot/ \ + -mindepth 1 -maxdepth 2 -type f -name passwd -exec \ + grep -q -x "^[^:]*:[^:]*:[^:]*:$gid:.*" {} + + do gid=$((gid + 1)) + done + fi + fi + gecos=${gecos:-${passwd_gecos:-}} + shell=${shell:-${passwd_shell:-/bin/false}} + while IFS='=' read -r name value + do case $name in + ("userdb_gid") : ;; + ("userdb_home") : ;; + ("userdb_mail_access_groups") mail_access_groups=${mail_access_groups-$value};; + ("userdb_uid") : ;; + ('') : ;; + (*) extra_fields="${extra_fields:+$extra_fields }$name=$value";; + esac + done <<-EOF + $(tr ' ' '\n' <<-EOF + $passwd_extra_fields + EOF + ) + EOF + extra_fields="${extra_fields:+$extra_fields }userdb_uid=$uid" + extra_fields="${extra_fields:+$extra_fields }userdb_gid=$gid" + extra_fields="${extra_fields:+$extra_fields }userdb_home=$home" + extra_fields="${extra_fields:+$extra_fields }userdb_mail_access_groups=${mail_access_groups-$domain_group}" + cat >&3 <<-EOF + $user:$password:$uid:$gid:$gecos:$home:$shell:$extra_fields + EOF + # setup_maildir + welcome_mail=$(sudo test -e "$home" || echo send) + sudo install -d -o "$uid" -g "$gid" -m 2770 \ + "$home" \ + "$home"/Maildir + sudo install -d -o "$uid" -g "$gid" -m 0700 \ + "$home"/acl.d \ + "$home"/sieve.d + sudo install -o "$uid" -g "$gid" -m 0600 \ + "$tool"/etc/dovecot/sieve/user.sieve \ + "$home"/sieve.d/main.sieve + sudo touch "$home"/sieve.d/roundcube.sieve + if sudo test ! -e "$home"/sieve + then sudo ln -s sieve.d/main.sieve "$home"/sieve + fi + ;; + ('') : ;; + ('!!') + if test "${welcome_mail:+set}" + then + mail \ + -S from=postmaster@"$local_domainname" \ + -s "Bienvenue $user@$domain" \ + "$user"@"$domain" <<-EOF + Bienvenue $user@$domain, + + pour tout support technique : postmaster@$domain . + + -- + Le support technique de $domain. + EOF + fi + ;; + (*) + cat >&3 <<-EOF + $passwd_user:$passwd_password:$passwd_uid:$passwd_gid:$passwd_gecos:$passwd_home:$passwd_shell:$passwd_extra_fields + EOF + ;; + esac + done 4<<-EOF 3>&1 >&2 | + $(sudo test ! -e "$old_passwd" || sudo cat "$old_passwd") + ! + !! + EOF + sort -k 1,1 -t : | + sudo install -o php5_roundcube -g php5_roundcube -m 0640 /dev/stdin "$new_passwd" + sudo mv -f "$new_passwd" "$old_passwd"