X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;f=mail-setup;h=2f4a726b273604200501dcd817a680ff9030ae9b;hb=af37f71b1c4e1dfa9ebe9a270f4b839cd742cad5;hp=9e867c85b38085bc90ac03470b52452ee360e632;hpb=2d3ce30754a3f24d922635647bab4990b60f5c27;p=distro-setup diff --git a/mail-setup b/mail-setup index 9e867c8..2f4a726 100755 --- a/mail-setup +++ b/mail-setup @@ -15,6 +15,8 @@ set -x # See the License for the specific language governing permissions and # limitations under the License. +# todo: make quick backups of maildir, or deliver to multiple hosts. + set -eE -o pipefail trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR @@ -307,7 +309,9 @@ else # begin exim. has debian specific stuff for now # we check that a valid cert is there already. # to put the hostname in the known hosts if ! ssh -o StrictHostKeyChecking=no root@li.iankelling.org :; then - openssl x509 -checkend $(( 60 * 60 * 24 * 3 )) -noout -in /etc/openvpn/mail.crt + # This just causes failure if our cert is going to expire in the next 30 days. + # Certs I generate last 10 years. + openssl x509 -checkend $(( 60 * 60 * 24 * 30 )) -noout -in /etc/openvpn/mail.crt else # note, man openvpn implies we could just call mail-route on vpn startup/shutdown with # systemd, buuut it can remake the tun device unexpectedly, i got this in the log @@ -370,8 +374,7 @@ exim4-config exim4/use_split_config boolean true EOF source /a/bin/bash_unpublished/source-semi-priv - exim_main_dir=/etc/exim4/conf.d/main - mkdir -p $exim_main_dir + mkdir -p /etc/exim4/conf.d/main @@ -552,8 +555,8 @@ EOF # MAIN_HARDCODE_PRIMARY_HOSTNAME might mess up the # smarthost config type, not sure. all other settings # would be unused in that config type. - cat >$exim_main_dir/000_localmacros </etc/exim4/conf.d/main/000_localmacros <