forked from hestiacp/hestiacp
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathv-add-mail-domain-ssl
More file actions
executable file
·135 lines (112 loc) · 3.99 KB
/
v-add-mail-domain-ssl
File metadata and controls
executable file
·135 lines (112 loc) · 3.99 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
#!/bin/bash
# info: add mail SSL for $domain
# options: USER DOMAIN SSL_DIR [RESTART]
# labels: hestia
#
# The function turns on SSL support for a mail domain. Parameter ssl_dir
# is a path to a directory where 2 or 3 ssl files can be found. Certificate file
# mail.domain.tld.crt and its key mail.domain.tld.key are mandatory. Certificate
# authority mail.domain.tld.ca file is optional.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
ssl_dir=$3
restart="$3"
# Additional argument formatting
if [[ "$domain" =~ [[:upper:]] ]]; then
domain=$(echo "$domain" |tr '[:upper:]' '[:lower:]')
fi
if [[ "$domain" =~ ^www\..* ]]; then
domain=$(echo "$domain" |sed -e "s/^www.//")
fi
if [[ "$domain" =~ .*\.$ ]]; then
domain=$(echo "$domain" |sed -e "s/\.$//")
fi
domain_idn=$(idn -t --quiet -a "$domain")
# Includes
# shellcheck source=/usr/local/hestia/func/main.sh
source $HESTIA/func/main.sh
# shellcheck source=/usr/local/hestia/func/domain.sh
source $HESTIA/func/domain.sh
# shellcheck source=/usr/local/hestia/func/ip.sh
source $HESTIA/func/ip.sh
# shellcheck source=/usr/local/hestia/conf/hestia.conf
source $HESTIA/conf/hestia.conf
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN SSL_DIR [RESTART]'
is_format_valid 'user' 'domain' 'ssl_dir'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'mail' 'DOMAIN' "$domain"
is_object_unsuspended 'mail' 'DOMAIN' "$domain"
is_object_value_empty 'mail' 'DOMAIN' "$domain" '$SSL'
is_web_domain_cert_valid
# Perform verification if read-only mode is enabled
check_hestia_demo_mode
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Inherit web domain local ip address
domain_ip=$(get_object_value 'web' 'DOMAIN' "$domain" '$IP')
if [ ! -z "$domain_ip" ]; then
local_ip=$(get_real_ip "$domain_ip")
is_ip_valid "$local_ip" "$user"
else
get_user_ip
fi
# Call routine to add SSL configuration to mail domain
add_mail_ssl_config
if [ "$WEBMAIL" == "roundcube" ]; then
WEBMAIL_TEMPLATE="default"
if [ ! -z "$PROXY_SYSTEM" ]; then
PROXY_TEMPLATE="default"
fi
# Add webmail configuration to mail domain
WEBMAIL_TEMPLATE="default"
if [ "$WEB_SYSTEM" = "nginx" ]; then
WEBMAIL_TEMPLATE="web_system"
fi
elif [ "$WEBMAIL" == "rainloop" ]; then
WEBMAIL_TEMPLATE="rainloop"
if [ ! -z "$PROXY_SYSTEM" ]; then
PROXY_TEMPLATE="default_rainloop"
fi
else
WEBMAIL_TEMPLATE="disabled"
if [ ! -z "$PROXY_SYSTEM" ]; then
PROXY_TEMPLATE="default_disabled"
fi
fi
add_webmail_config "$WEB_SYSTEM" "${WEBMAIL_TEMPLATE}.stpl"
if [ ! -z "$PROXY_SYSTEM" ]; then
add_webmail_config "$PROXY_SYSTEM" "${PROXY_TEMPLATE}.stpl"
fi
# Increase value for domain
increase_user_value "$user" '$U_MAIL_SSL'
# Set SSL as enabled in configuration
update_object_value 'mail' 'DOMAIN' "$domain" '$SSL' "yes"
#----------------------------------------------------------#
# Hestia #
#----------------------------------------------------------#
# Restarting mail server
$BIN/v-restart-mail $restart
check_result $? "Mail restart failed" >/dev/null
# Restarting web server
$BIN/v-restart-web $restart
check_result $? "Web restart failed" >/dev/null
# Restarting proxy server
$BIN/v-restart-proxy $restart
check_result $? "Proxy restart failed" >/dev/null
# Logging
$BIN/v-log-action "$user" "Info" "Mail" "SSL enabled (Domain: $domain)."
log_event "$OK" "$ARGUMENTS"
exit