-#!/bin/bash
+#!/bin/bash -l
# Copyright (C) 2016 Ian Kelling
# Licensed under the Apache License, Version 2.0 (the "License");
####### begin perstent password instructions ######
# # exim passwords:
# # for hosts which have all private files I just use the same user
-# # for other hosts, each one get's their own password.
+# # for other hosts, each one get\'s their own password.
# # for generating secure pass, and storing for server too:
# # user=USUALLY_SAME_AS_HOSTNAME
# user=li
# echo "mail.iankelling.org:$user:$(<$f)" >> /p/c/machine_specific/$user/filesystem/etc/mailpass
# # then run this script, or part of it which uses /etc/mailpass
-# # dovecot password, i just need 1 as I'm the only user
+# # dovecot password, i just need 1 as I\'m the only user
# mkdir /p/c/filesystem/etc/dovecot
# echo "ian:$(doveadm pw -s ssha256)::::::" >/p/c/filesystem/etc/dovecot/users
# conflink
# # I dun do that, so just use a static one: li
# echo "txt record name: li._domainkey.$domain"
# # Debadmin page does not have v=, fastmail does, and this
-# # says it's recommended in 3.6.1, default is DKIM1 anyways.
+# # says it\'s recommended in 3.6.1, default is DKIM1 anyways.
# # https://www.ietf.org/rfc/rfc6376.txt
# # Join and print all but first and last line.
# # last line: swap hold & pattern, remove newlines, print.
# # 2017-02 spf policies:
# # google ~all, hotmail -all, yahoo: ?all, fastmail ?all
-# # i include fastmail's settings, per their instructions,
+# # i include fastmail\'s settings, per their instructions,
# # and follow their policy. In mail in a box, or similar instructions,
-# # I've seen recommended to not use a restrictive policy.
+# # I\'ve seen recommended to not use a restrictive policy.
# echo "spf dns: name is empty, value: v=spf1 a include:spf.messagingengine.com ?all"
# # to check if dns has updated, you do
forward=ian@$local_mx
-# background: This also works instead of ~/.forward
-# s sed -i --follow-symlinks '/^root/d' /etc/aliases ||:
-#echo "root: $HOSTNAME@$SOME_DOMAIN" | s tee -a /etc/aliases
-# this can't be a symlink and has permission restrictions
-# it might work in /etc/aliases, but this seems more proper.
-e $forward > ~/.forward
-e $forward | s tee /root/.forward
-# exim log complains about 664 permissions.
-s chmod 644 ~/.forward /root/.forward
+if [[ $HOSTNAME == $MAIL_HOST ]]; then
+ # if we are MAIL_HOST, exim config sets up an /etc/alias from
+ # root to the postmaster, which i config to ian, as long as there
+ # exists an entry for root, or there was no preexisting aliases file.
+ # based on the postinst file.
+ s rm -f /etc/aliases
+else
+ # linode image has a root alias, I think it might override our .forward
+ sudo sed -i '/^root:/d' /etc/aliases
+ s newaliases
+ # background: This also works instead of ~/.forward
+ # s sed -i --follow-symlinks '/^root/d' /etc/aliases ||:
+ #echo "root: $HOSTNAME@$SOME_DOMAIN" | s tee -a /etc/aliases
+ # this can\'t be a symlink and has permission restrictions
+ # it might work in /etc/aliases, but this seems more proper.
+ e $forward > ~/.forward
+ e $forward | s tee /root/.forward
+ # 644 is required. shouldn\'t need changing, but set it just in case.
+ s chmod 644 ~/.forward /root/.forward
+fi
# offlineimap uses this too, it is much easier to use one location than to
-# condition it's config and postfix's config
+# condition it\'s config and postfix\'s config
case $distro in
fedora) s lnf -T ca-certificates.crt /etc/ssl/ca-bundle.trust.crt ;;
*) :
s systemctl enable postfix
s systemctl start postfix
fi
- # i'm assuming mail just won't work on systems without the sasl_passwd.
+ # i\'m assuming mail just won\'t work on systems without the sasl_passwd.
postconfin <<'EOF'
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
# Thus, if a mail address on the local host is foo@example.org, the correct value for
# this option would be example.org.
-# This name won't appear on From: lines of outgoing messages if rewriting is enabled.
+# This name won\'t appear on From: lines of outgoing messages if rewriting is enabled.
# System mail name:
exim4-config exim4/mailname string li.iankelling.org
# Other destinations for which mail is accepted:
# iank.bid is for testing
# mail.iankelling.org is for machines i own
-exim4-config exim4/dc_other_hostnames string mail.iankelling.org;iank.bid;iankelling.org;zroe.org
+exim4-config exim4/dc_other_hostnames string *.iankelling.org;iankelling.org;*iank.bid;iank.bid;*zroe.org;zroe.org
# If this value is left empty, such mail will be saved in /var/mail/mail, which is not
# recommended.
-# Note that postmaster's mail should be read on the system to which it is directed,
+# Note that postmaster\'s mail should be read on the system to which it is directed,
# rather than being forwarded elsewhere, so (at least one of) the users listed here
# should not redirect their mail off this machine. A 'real-' prefix can be used to
# force local delivery.
# when doing mail redelivery to invoke filters
MAIN_TRUSTED_GROUPS = ian
-# disabled, didn't finished configuring
-#LOCAL_DELIVERY = dovecot_lmtp
+LOCAL_DELIVERY = dovecot_lmtp
CHECK_RCPT_LOCAL_ACL_FILE = /etc/exim4/rcpt_local_acl
EOF
#
#
# would only exist because I wrote it i the previous condition,
- # it's not part of exim
+ # it\'s not part of exim
s rm -f $exim_main_dir/000_localmacros
s debconf-set-selections <<EOF
exim4-config exim4/dc_eximconfig_configtype select mail sent by smarthost; no local mail
fi
# if we already have it installed, need to reconfigure, without being prompted
- if ! dpkg -s exim4-config &>/dev/null; then
- s dpkg-reconfigure -u -pcritical exim4-config
+ if dpkg -s exim4-config &>/dev/null; then
+ # gotta remove this, otherwise the set-selections are completely
+ # ignored. It woulda been nice if this was documented somewhere!
+ s rm -f /etc/exim4/update-exim4.conf.conf
+ s dpkg-reconfigure -u -fnoninteractive exim4-config
fi
# light version does not have sasl auth support.
pi exim4-daemon-heavy spamassassin
# packages we need instead of dovecot-common.
#
# dovecot-lmtpd is for exim to deliver to dovecot instead of maildir
- # directly. The reason to do this is to use dovecot's sieve, which
- # has extensions that allow it to be almost equivalent to exim's
+ # directly. The reason to do this is to use dovecot\'s sieve, which
+ # has extensions that allow it to be almost equivalent to exim\'s
# filter capabilities, some ways probably better, some worse, and
# sieve has the benefit of being supported in postfix and
# proprietary/weird environments, so there is more examples on the
pi dovecot-core dovecot-imapd dovecot-sieve dovecot-lmtpd
# if we changed 90-sieve.conf and removed the active part of the
- # sieve option, we wouldn't need this, but I'd rather not modify a
- # default config if not needed. This won't work as a symlink in /a/c
+ # sieve option, we wouldn\'t need this, but I\'d rather not modify a
+ # default config if not needed. This won\'t work as a symlink in /a/c
# unfortunately.
lnf -T sieve/main.sieve ~/.dovecot.sieve
ser restart exim4
- fi
-
+fi
- # linode image has a root alias. completely useless, remove it.
- sudo sed -i '/^root:/d' /etc/aliases
- s newaliases
- # based on http://www.postfix.org/qmgr.8.html and my notes in gnus
- dir=/nocow/$type
- sdir=/var/spool/$type
- if [[ $(readlink -f $sdir) != $dir ]]; then
- ser stop $type
- if [[ ! -e $dir && -d $sdir ]]; then
- s mv $sdir $dir
- fi
- s lnf -T $dir $sdir
+# based on http://www.postfix.org/qmgr.8.html and my notes in gnus
+dir=/nocow/$type
+sdir=/var/spool/$type
+if [[ $(readlink -f $sdir) != $dir ]]; then
+ ser stop $type
+ if [[ ! -e $dir && -d $sdir ]]; then
+ s mv $sdir $dir
fi
+ s lnf -T $dir $sdir
+fi
- sgo $type
+sgo $type
- # if I wanted the from address to be renamed and sent to a different address,
- # echo "sdx@localhost development@localhost" | sudo dd of=/etc/postfix/recipient_canonical
- # sudo postmap hash:/etc/postfix/recipient_canonical
- # sudo service postfix reload
+# if I wanted the from address to be renamed and sent to a different address,
+# echo "sdx@localhost development@localhost" | sudo dd of=/etc/postfix/recipient_canonical
+# sudo postmap hash:/etc/postfix/recipient_canonical
+# sudo service postfix reload
iankelling.org / git / distro-setup / commitdiff