Created
October 3, 2024 03:48
-
-
Save iniznet/ea1dcf122e4623195959a06106ae8157 to your computer and use it in GitHub Desktop.
hestiacp install mail server only after installing during first time
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # ======================================================== # | |
| # | |
| # Hestia Control Panel Installer for Ubuntu | |
| # https://www.hestiacp.com/ | |
| # | |
| # Currently Supported Versions: | |
| # Ubuntu 20.04, 22.04 LTS | |
| # | |
| # ======================================================== # | |
| #----------------------------------------------------------# | |
| # Variables&Functions # | |
| #----------------------------------------------------------# | |
| export PATH=$PATH:/sbin | |
| export DEBIAN_FRONTEND=noninteractive | |
| RHOST='apt.hestiacp.com' | |
| VERSION='ubuntu' | |
| HESTIA='/usr/local/hestia' | |
| LOG="/root/hst_install_backups/hst_install-$(date +%d%m%Y%H%M).log" | |
| memory=$(grep 'MemTotal' /proc/meminfo | tr ' ' '\n' | grep [0-9]) | |
| hst_backups="/root/hst_install_backups/$(date +%d%m%Y%H%M)" | |
| spinner="/-\|" | |
| os='ubuntu' | |
| release="$(lsb_release -s -r)" | |
| codename="$(lsb_release -s -c)" | |
| architecture="$(arch)" | |
| HESTIA_INSTALL_DIR="$HESTIA/install/deb" | |
| HESTIA_COMMON_DIR="$HESTIA/install/common" | |
| VERBOSE='no' | |
| # Define software versions | |
| HESTIA_INSTALL_VER='1.8.12' | |
| # Defining software pack for all distros | |
| software="clamav-daemon dovecot-imapd dovecot-managesieved dovecot-pop3d exim4 exim4-daemon-heavy spamassassin" | |
| installer_dependencies="apt-transport-https ca-certificates curl dirmngr gnupg openssl software-properties-common wget" | |
| # Defining help function | |
| help() { | |
| echo "Usage: $0 [OPTIONS] | |
| -x, --exim Install Exim [yes|no] default: yes | |
| -z, --dovecot Install Dovecot [yes|no] default: yes | |
| -c, --clamav Install ClamAV [yes|no] default: yes | |
| -t, --spamassassin Install SpamAssassin [yes|no] default: yes | |
| Example: bash $0 -e [email protected] -p p4ssw0rd --multiphp yes" | |
| exit 1 | |
| } | |
| # Defining file download function | |
| download_file() { | |
| wget $1 -q --show-progress --progress=bar:force | |
| } | |
| # Defining password-gen function | |
| gen_pass() { | |
| matrix=$1 | |
| length=$2 | |
| if [ -z "$matrix" ]; then | |
| matrix="A-Za-z0-9" | |
| fi | |
| if [ -z "$length" ]; then | |
| length=16 | |
| fi | |
| head /dev/urandom | tr -dc $matrix | head -c$length | |
| } | |
| # Defining return code check function | |
| check_result() { | |
| if [ $1 -ne 0 ]; then | |
| echo "Error: $2" | |
| exit $1 | |
| fi | |
| } | |
| # Source conf in installer | |
| source_conf() { | |
| while IFS='= ' read -r lhs rhs; do | |
| if [[ ! $lhs =~ ^\ *# && -n $lhs ]]; then | |
| rhs="${rhs%%^\#*}" # Del in line right comments | |
| rhs="${rhs%%*( )}" # Del trailing spaces | |
| rhs="${rhs%\'*}" # Del opening string quotes | |
| rhs="${rhs#\'*}" # Del closing string quotes | |
| declare -g $lhs="$rhs" | |
| fi | |
| done < $1 | |
| } | |
| # Defining function to set default value | |
| set_default_value() { | |
| eval variable=\$$1 | |
| if [ -z "$variable" ]; then | |
| eval $1=$2 | |
| fi | |
| if [ "$variable" != 'yes' ] && [ "$variable" != 'no' ]; then | |
| eval $1=$2 | |
| fi | |
| } | |
| # Defining function to set default language value | |
| set_default_lang() { | |
| if [ -z "$lang" ]; then | |
| eval lang=$1 | |
| fi | |
| lang_list="ar az bg bn bs ca cs da de el en es fa fi fr hr hu id it ja ka ku ko nl no pl pt pt-br ro ru sk sq sr sv th tr uk ur vi zh-cn zh-tw" | |
| if ! (echo $lang_list | grep -w $lang > /dev/null 2>&1); then | |
| eval lang=$1 | |
| fi | |
| } | |
| # Define the default backend port | |
| set_default_port() { | |
| if [ -z "$port" ]; then | |
| eval port=$1 | |
| fi | |
| } | |
| # Write configuration KEY/VALUE pair to $HESTIA/conf/hestia.conf | |
| write_config_value() { | |
| local key="$1" | |
| local value="$2" | |
| echo "$key='$value'" >> $HESTIA/conf/hestia.conf | |
| } | |
| # Sort configuration file values | |
| # Write final copy to $HESTIA/conf/hestia.conf for active usage | |
| # Duplicate file to $HESTIA/conf/defaults/hestia.conf to restore known good installation values | |
| sort_config_file() { | |
| sort $HESTIA/conf/hestia.conf -o /tmp/updconf | |
| mv $HESTIA/conf/hestia.conf $HESTIA/conf/hestia.conf.bak | |
| mv /tmp/updconf $HESTIA/conf/hestia.conf | |
| rm -f $HESTIA/conf/hestia.conf.bak | |
| if [ ! -d "$HESTIA/conf/defaults/" ]; then | |
| mkdir -p "$HESTIA/conf/defaults/" | |
| fi | |
| cp $HESTIA/conf/hestia.conf $HESTIA/conf/defaults/hestia.conf | |
| } | |
| # Validate hostname according to RFC1178 | |
| validate_hostname() { | |
| # remove extra . | |
| servername=$(echo "$servername" | sed -e "s/[.]*$//g") | |
| servername=$(echo "$servername" | sed -e "s/^[.]*//") | |
| if [[ $(echo "$servername" | grep -o "\." | wc -l) -gt 1 ]] && [[ ! $servername =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then | |
| # Hostname valid | |
| return 1 | |
| else | |
| # Hostname invalid | |
| return 0 | |
| fi | |
| } | |
| validate_email() { | |
| if [[ ! "$email" =~ ^[A-Za-z0-9._%+-]+@[[:alnum:].-]+\.[A-Za-z]{2,63}$ ]]; then | |
| # Email invalid | |
| return 0 | |
| else | |
| # Email valid | |
| return 1 | |
| fi | |
| } | |
| version_ge() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1" -o -n "$1" -a "$1" = "$2"; } | |
| #----------------------------------------------------------# | |
| # Verifications # | |
| #----------------------------------------------------------# | |
| # Creating temporary file | |
| tmpfile=$(mktemp -p /tmp) | |
| # Translating argument to --gnu-long-options | |
| for arg; do | |
| delim="" | |
| case "$arg" in | |
| --exim) args="${args}-x " ;; | |
| --dovecot) args="${args}-z " ;; | |
| --clamav) args="${args}-c " ;; | |
| --spamassassin) args="${args}-t " ;; | |
| esac | |
| done | |
| eval set -- "$args" | |
| # Parsing arguments | |
| while getopts "a:w:v:j:k:m:M:g:d:x:z:Z:c:t:i:b:r:o:q:l:y:s:e:p:D:fh" Option; do | |
| case $Option in | |
| x) exim=$OPTARG ;; # Exim | |
| z) dovecot=$OPTARG ;; # Dovecot | |
| c) clamd=$OPTARG ;; # ClamAV | |
| t) spamd=$OPTARG ;; # SpamAssassin | |
| esac | |
| done | |
| # Defining default software stack | |
| set_default_value 'exim' 'yes' | |
| set_default_value 'dovecot' 'yes' | |
| if [ $memory -lt 1500000 ]; then | |
| set_default_value 'clamd' 'no' | |
| set_default_value 'spamd' 'no' | |
| elif [ $memory -lt 3000000 ]; then | |
| set_default_value 'clamd' 'no' | |
| set_default_value 'spamd' 'yes' | |
| else | |
| set_default_value 'clamd' 'yes' | |
| set_default_value 'spamd' 'yes' | |
| fi | |
| # Checking software conflicts | |
| if [ "$exim" = 'no' ]; then | |
| clamd='no' | |
| spamd='no' | |
| dovecot='no' | |
| fi | |
| if [ "$dovecot" = 'no' ]; then | |
| sieve='no' | |
| fi | |
| # Checking root permissions | |
| if [ "x$(id -u)" != 'x0' ]; then | |
| check_result 1 "Script can be run executed only by root" | |
| fi | |
| # Clear the screen once launch permissions have been verified | |
| clear | |
| # Configure apt to retry downloading on error | |
| if [ ! -f /etc/apt/apt.conf.d/80-retries ]; then | |
| echo "APT::Acquire::Retries \"3\";" > /etc/apt/apt.conf.d/80-retries | |
| fi | |
| # Welcome message | |
| echo "Welcome to the Hestia Control Panel installer!" | |
| echo | |
| echo "Please wait, the installer is now checking for missing dependencies..." | |
| echo | |
| # Update apt repository | |
| apt-get -qq update | |
| # Creating backup directory | |
| mkdir -p "$hst_backups" | |
| # Pre-install packages | |
| echo "[ * ] Installing dependencies..." | |
| apt-get -y install $installer_dependencies >> $LOG | |
| check_result $? "Package installation failed, check log file for more details." | |
| # Check repository availability | |
| wget --quiet "https://$RHOST" -O /dev/null | |
| check_result $? "Unable to connect to the Hestia APT repository" | |
| # Check network configuration | |
| if [ -d /etc/netplan ] && [ -z "$force" ]; then | |
| if [ -z "$(ls -A /etc/netplan)" ]; then | |
| echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!' | |
| echo | |
| echo 'WARNING: Your network configuration may not be set up correctly.' | |
| echo 'Details: The netplan configuration directory is empty.' | |
| echo '' | |
| echo 'You may have a network configuration file that was created using' | |
| echo 'systemd-networkd.' | |
| echo '' | |
| echo 'It is strongly recommended to migrate to netplan, which is now the' | |
| echo 'default network configuration system in newer releases of Ubuntu.' | |
| echo '' | |
| echo 'While you can leave your configuration as-is, please note that you' | |
| echo 'will not be able to use additional IPs properly.' | |
| echo '' | |
| echo 'If you wish to continue and force the installation,' | |
| echo 'run this script with -f option:' | |
| echo "Example: bash $0 --force" | |
| echo | |
| echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!' | |
| echo | |
| check_result 1 "Unable to detect netplan configuration." | |
| fi | |
| fi | |
| case $architecture in | |
| x86_64) | |
| ARCH="amd64" | |
| ;; | |
| aarch64) | |
| ARCH="arm64" | |
| ;; | |
| *) | |
| echo | |
| echo -e "\e[91mInstallation aborted\e[0m" | |
| echo "====================================================================" | |
| echo -e "\e[33mERROR: $architecture is currently not supported!\e[0m" | |
| echo -e "\e[33mPlease verify the achitecture used is currenlty supported\e[0m" | |
| echo "" | |
| echo -e "\e[33mhttps://github.com/hestiacp/hestiacp/blob/main/README.md\e[0m" | |
| echo "" | |
| check_result 1 "Installation aborted" | |
| ;; | |
| esac | |
| #----------------------------------------------------------# | |
| # Brief Info # | |
| #----------------------------------------------------------# | |
| install_welcome_message() { | |
| DISPLAY_VER=$(echo $HESTIA_INSTALL_VER | sed "s|~alpha||g" | sed "s|~beta||g") | |
| echo | |
| echo ' _ _ _ _ ____ ____ ' | |
| echo ' | | | | ___ ___| |_(_) __ _ / ___| _ \ ' | |
| echo ' | |_| |/ _ \/ __| __| |/ _` | | | |_) | ' | |
| echo ' | _ | __/\__ \ |_| | (_| | |___| __/ ' | |
| echo ' |_| |_|\___||___/\__|_|\__,_|\____|_| ' | |
| echo " " | |
| echo " Hestia Control Panel " | |
| if [[ "$HESTIA_INSTALL_VER" =~ "beta" ]]; then | |
| echo " BETA RELEASE " | |
| fi | |
| if [[ "$HESTIA_INSTALL_VER" =~ "alpha" ]]; then | |
| echo " DEVELOPMENT SNAPSHOT " | |
| echo " NOT INTENDED FOR PRODUCTION USE " | |
| echo " USE AT YOUR OWN RISK " | |
| fi | |
| echo " ${DISPLAY_VER} " | |
| echo " www.hestiacp.com " | |
| echo | |
| echo "========================================================================" | |
| echo | |
| echo "Thank you for downloading Hestia Control Panel! In a few moments," | |
| echo "we will begin installing the following components on your server:" | |
| echo | |
| } | |
| # Printing nice ASCII logo | |
| clear | |
| install_welcome_message | |
| # Mail stack | |
| if [ "$exim" = 'yes' ]; then | |
| echo -n ' - Exim Mail Server' | |
| if [ "$clamd" = 'yes' ] || [ "$spamd" = 'yes' ]; then | |
| echo -n ' + ' | |
| if [ "$clamd" = 'yes' ]; then | |
| echo -n 'ClamAV ' | |
| fi | |
| if [ "$spamd" = 'yes' ]; then | |
| if [ "$clamd" = 'yes' ]; then | |
| echo -n '+ ' | |
| fi | |
| echo -n 'SpamAssassin' | |
| fi | |
| fi | |
| echo | |
| if [ "$dovecot" = 'yes' ]; then | |
| echo -n ' - Dovecot POP3/IMAP Server' | |
| if [ "$sieve" = 'yes' ]; then | |
| echo -n '+ Sieve' | |
| fi | |
| fi | |
| fi | |
| echo | |
| # Asking for confirmation to proceed | |
| if [ "$interactive" = 'yes' ]; then | |
| read -p 'Would you like to continue with the installation? [Y/N]: ' answer | |
| if [ "$answer" != 'y' ] && [ "$answer" != 'Y' ]; then | |
| echo 'Goodbye' | |
| exit 1 | |
| fi | |
| fi | |
| # Asking to set FQDN hostname | |
| if [ -z "$servername" ]; then | |
| # Ask and validate FQDN hostname. | |
| read -p "Please enter FQDN hostname [$(hostname -f)]: " servername | |
| # Set hostname if it wasn't set | |
| if [ -z "$servername" ]; then | |
| servername=$(hostname -f) | |
| fi | |
| # Validate Hostname, go to loop if the validation fails. | |
| while validate_hostname; do | |
| echo -e "\nPlease use a valid hostname according to RFC1178 (ex. hostname.domain.tld)." | |
| read -p "Please enter FQDN hostname [$(hostname -f)]: " servername | |
| done | |
| else | |
| # Validate FQDN hostname if it is preset | |
| if validate_hostname; then | |
| echo "Please use a valid hostname according to RFC1178 (ex. hostname.domain.tld)." | |
| exit 1 | |
| fi | |
| fi | |
| # Generating admin password if it wasn't set | |
| displaypass="The password you chose during installation." | |
| if [ -z "$vpass" ]; then | |
| vpass=$(gen_pass) | |
| displaypass=$vpass | |
| fi | |
| # Set FQDN if it wasn't set | |
| mask1='(([[:alnum:]](-?[[:alnum:]])*)\.)' | |
| mask2='*[[:alnum:]](-?[[:alnum:]])+\.[[:alnum:]]{2,}' | |
| if ! [[ "$servername" =~ ^${mask1}${mask2}$ ]]; then | |
| if [[ -n "$servername" ]]; then | |
| servername="$servername.example.com" | |
| else | |
| servername="example.com" | |
| fi | |
| echo "127.0.0.1 $servername" >> /etc/hosts | |
| fi | |
| if [[ -z $(grep -i "$servername" /etc/hosts) ]]; then | |
| echo "127.0.0.1 $servername" >> /etc/hosts | |
| fi | |
| # Set email if it wasn't set | |
| if [[ -z "$email" ]]; then | |
| email="admin@$servername" | |
| fi | |
| # Defining backup directory | |
| echo -e "Installation backup directory: $hst_backups" | |
| # Print Log File Path | |
| echo "Installation log file: $LOG" | |
| # Print new line | |
| echo | |
| #----------------------------------------------------------# | |
| # Checking swap # | |
| #----------------------------------------------------------# | |
| # Checking swap on small instances | |
| if [ -z "$(swapon -s)" ] && [ "$memory" -lt 1000000 ]; then | |
| fallocate -l 1G /swapfile | |
| chmod 600 /swapfile | |
| mkswap /swapfile | |
| swapon /swapfile | |
| echo "/swapfile none swap sw 0 0" >> /etc/fstab | |
| fi | |
| #----------------------------------------------------------# | |
| # Install repository # | |
| #----------------------------------------------------------# | |
| # Define apt conf location | |
| apt=/etc/apt/sources.list.d | |
| # Create new folder if not all-ready exists | |
| mkdir -p /root/.gnupg/ && chmod 700 /root/.gnupg/ | |
| # Updating system | |
| echo "Adding required repositories to proceed with installation:" | |
| echo | |
| # Installing Nginx repo | |
| echo "[ * ] NGINX" | |
| echo "deb [arch=$ARCH signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://nginx.org/packages/mainline/$VERSION/ $codename nginx" > $apt/nginx.list | |
| curl -s https://nginx.org/keys/nginx_signing.key | gpg --dearmor | tee /usr/share/keyrings/nginx-keyring.gpg > /dev/null 2>&1 | |
| # Installing sury PHP repo | |
| # add-apt-repository does not yet support signed-by see: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1862764 | |
| echo "[ * ] PHP" | |
| LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php > /dev/null 2>&1 | |
| # Installing HestiaCP repo | |
| echo "[ * ] Hestia Control Panel" | |
| echo "deb [arch=$ARCH signed-by=/usr/share/keyrings/hestia-keyring.gpg] https://$RHOST/ $codename main" > $apt/hestia.list | |
| gpg --no-default-keyring --keyring /usr/share/keyrings/hestia-keyring.gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys A189E93654F0B0E5 > /dev/null 2>&1 | |
| # Echo for a new line | |
| echo | |
| # Updating system | |
| echo -ne "Updating currently installed packages, please wait... " | |
| apt-get -qq update | |
| apt-get -y upgrade >> $LOG & | |
| BACK_PID=$! | |
| # Check if package installation is done, print a spinner | |
| spin_i=1 | |
| while kill -0 $BACK_PID > /dev/null 2>&1; do | |
| printf "\b${spinner:spin_i++%${#spinner}:1}" | |
| sleep 0.5 | |
| done | |
| # Do a blank echo to get the \n back | |
| echo | |
| # Check Installation result | |
| wait $BACK_PID | |
| check_result $? 'apt-get upgrade failed' | |
| #----------------------------------------------------------# | |
| # Backup # | |
| #----------------------------------------------------------# | |
| # Creating backup directory tree | |
| mkdir -p $hst_backups | |
| cd $hst_backups | |
| mkdir exim4 dovecot clamd spamassassin | |
| # Backup OpenSSL configuration | |
| cp /etc/ssl/openssl.cnf $hst_backups/openssl > /dev/null 2>&1 | |
| # Backup Exim configuration | |
| systemctl stop exim4 > /dev/null 2>&1 | |
| cp -r /etc/exim4/* $hst_backups/exim4 > /dev/null 2>&1 | |
| # Backup ClamAV configuration | |
| systemctl stop clamav-daemon > /dev/null 2>&1 | |
| cp -r /etc/clamav/* $hst_backups/clamav > /dev/null 2>&1 | |
| # Backup SpamAssassin configuration | |
| systemctl stop spamassassin > /dev/null 2>&1 | |
| cp -r /etc/spamassassin/* $hst_backups/spamassassin > /dev/null 2>&1 | |
| # Backup Dovecot configuration | |
| systemctl stop dovecot > /dev/null 2>&1 | |
| cp /etc/dovecot.conf $hst_backups/dovecot > /dev/null 2>&1 | |
| cp -r /etc/dovecot/* $hst_backups/dovecot > /dev/null 2>&1 | |
| #----------------------------------------------------------# | |
| # Package Excludes # | |
| #----------------------------------------------------------# | |
| # Excluding packages | |
| software=$(echo "$software" | sed -e "s/apache2.2-common//") | |
| if [ "$exim" = 'no' ]; then | |
| software=$(echo "$software" | sed -e "s/exim4 //") | |
| software=$(echo "$software" | sed -e "s/exim4-daemon-heavy//") | |
| software=$(echo "$software" | sed -e "s/dovecot-imapd//") | |
| software=$(echo "$software" | sed -e "s/dovecot-pop3d//") | |
| software=$(echo "$software" | sed -e "s/clamav-daemon//") | |
| software=$(echo "$software" | sed -e "s/spamassassin//") | |
| software=$(echo "$software" | sed -e "s/dovecot-sieve//") | |
| software=$(echo "$software" | sed -e "s/dovecot-managesieved//") | |
| fi | |
| if [ "$clamd" = 'no' ]; then | |
| software=$(echo "$software" | sed -e "s/clamav-daemon//") | |
| fi | |
| if [ "$spamd" = 'no' ]; then | |
| software=$(echo "$software" | sed -e "s/spamassassin//") | |
| fi | |
| if [ "$dovecot" = 'no' ]; then | |
| software=$(echo "$software" | sed -e "s/dovecot-imapd//") | |
| software=$(echo "$software" | sed -e "s/dovecot-pop3d//") | |
| fi | |
| #----------------------------------------------------------# | |
| # Disable Apparmor on LXC # | |
| #----------------------------------------------------------# | |
| if grep --quiet lxc /proc/1/environ; then | |
| if [ -f /etc/init.d/apparmor ]; then | |
| systemctl stop apparmor > /dev/null 2>&1 | |
| systemctl disable apparmor > /dev/null 2>&1 | |
| fi | |
| fi | |
| #----------------------------------------------------------# | |
| # Install packages # | |
| #----------------------------------------------------------# | |
| # Enable en_US.UTF-8 | |
| sed -i "s/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/g" /etc/locale.gen | |
| locale-gen > /dev/null 2>&1 | |
| # Disabling daemon autostart on apt-get install | |
| echo -e '#!/bin/sh\nexit 101' > /usr/sbin/policy-rc.d | |
| chmod a+x /usr/sbin/policy-rc.d | |
| # Installing apt packages | |
| echo "The installer is now downloading and installing all required packages." | |
| echo -ne "NOTE: This process may take 10 to 15 minutes to complete, please wait... " | |
| echo | |
| apt-get -y install $software > $LOG | |
| BACK_PID=$! | |
| # Check if package installation is done, print a spinner | |
| spin_i=1 | |
| while kill -0 $BACK_PID > /dev/null 2>&1; do | |
| printf "\b${spinner:spin_i++%${#spinner}:1}" | |
| sleep 0.5 | |
| done | |
| # Do a blank echo to get the \n back | |
| echo | |
| # Check Installation result | |
| wait $BACK_PID | |
| check_result $? "apt-get install failed" | |
| echo | |
| echo "========================================================================" | |
| echo | |
| # Restoring autostart policy | |
| rm -f /usr/sbin/policy-rc.d | |
| #----------------------------------------------------------# | |
| # Configure Hestia # | |
| #----------------------------------------------------------# | |
| # Mail stack | |
| if [ "$exim" = 'yes' ]; then | |
| write_config_value "MAIL_SYSTEM" "exim4" | |
| if [ "$clamd" = 'yes' ]; then | |
| write_config_value "ANTIVIRUS_SYSTEM" "clamav-daemon" | |
| fi | |
| if [ "$spamd" = 'yes' ]; then | |
| write_config_value "ANTISPAM_SYSTEM" "spamassassin" | |
| fi | |
| if [ "$dovecot" = 'yes' ]; then | |
| write_config_value "IMAP_SYSTEM" "dovecot" | |
| fi | |
| fi | |
| if [ "$exim" = "no" ]; then | |
| # Remove SMTP | |
| sed -i "/COMMENT='SMTP'/d" $HESTIA/data/firewall/rules.conf | |
| fi | |
| if [ "$dovecot" = "no" ]; then | |
| # Remove IMAP / Dovecot | |
| sed -i "/COMMENT='IMAP'/d" $HESTIA/data/firewall/rules.conf | |
| sed -i "/COMMENT='POP3'/d" $HESTIA/data/firewall/rules.conf | |
| fi | |
| #----------------------------------------------------------# | |
| # Configure Exim # | |
| #----------------------------------------------------------# | |
| if [ "$exim" = 'yes' ]; then | |
| echo "[ * ] Configuring Exim mail server..." | |
| gpasswd -a Debian-exim mail > /dev/null 2>&1 | |
| exim_version=$(exim4 --version | head -1 | awk '{print $3}' | cut -f -2 -d .) | |
| # if Exim version > 4.9.4 or greater! | |
| if ! version_ge "4.94" "$exim_version"; then | |
| # Ubuntu 22.04 (Jammy) uses Exim 4.95 instead but config works with Exim4.94 | |
| cp -f $HESTIA_INSTALL_DIR/exim/exim4.conf.4.95.template /etc/exim4/exim4.conf.template | |
| else | |
| cp -f $HESTIA_INSTALL_DIR/exim/exim4.conf.template /etc/exim4/ | |
| fi | |
| cp -f $HESTIA_INSTALL_DIR/exim/dnsbl.conf /etc/exim4/ | |
| cp -f $HESTIA_INSTALL_DIR/exim/spam-blocks.conf /etc/exim4/ | |
| cp -f $HESTIA_INSTALL_DIR/exim/limit.conf /etc/exim4/ | |
| cp -f $HESTIA_INSTALL_DIR/exim/system.filter /etc/exim4/ | |
| touch /etc/exim4/white-blocks.conf | |
| if [ "$spamd" = 'yes' ]; then | |
| sed -i "s/#SPAM/SPAM/g" /etc/exim4/exim4.conf.template | |
| fi | |
| if [ "$clamd" = 'yes' ]; then | |
| sed -i "s/#CLAMD/CLAMD/g" /etc/exim4/exim4.conf.template | |
| fi | |
| # Generate SRS KEY If not support just created it will get ignored anyway | |
| srs=$(gen_pass) | |
| echo $srs > /etc/exim4/srs.conf | |
| chmod 640 /etc/exim4/srs.conf | |
| chmod 640 /etc/exim4/exim4.conf.template | |
| chown root:Debian-exim /etc/exim4/srs.conf | |
| rm -rf /etc/exim4/domains | |
| mkdir -p /etc/exim4/domains | |
| rm -f /etc/alternatives/mta | |
| ln -s /usr/sbin/exim4 /etc/alternatives/mta | |
| update-rc.d -f sendmail remove > /dev/null 2>&1 | |
| systemctl stop sendmail > /dev/null 2>&1 | |
| update-rc.d -f postfix remove > /dev/null 2>&1 | |
| systemctl stop postfix > /dev/null 2>&1 | |
| update-rc.d exim4 defaults | |
| systemctl start exim4 >> $LOG | |
| check_result $? "exim4 start failed" | |
| fi | |
| #----------------------------------------------------------# | |
| # Configure Dovecot # | |
| #----------------------------------------------------------# | |
| if [ "$dovecot" = 'yes' ]; then | |
| echo "[ * ] Configuring Dovecot POP/IMAP mail server..." | |
| gpasswd -a dovecot mail > /dev/null 2>&1 | |
| cp -rf $HESTIA_COMMON_DIR/dovecot /etc/ | |
| cp -f $HESTIA_INSTALL_DIR/logrotate/dovecot /etc/logrotate.d/ | |
| rm -f /etc/dovecot/conf.d/15-mailboxes.conf | |
| chown -R root:root /etc/dovecot* | |
| #Alter config for 2.2 | |
| version=$(dovecot --version | cut -f -2 -d .) | |
| if [ "$version" = "2.2" ]; then | |
| echo "[ * ] Downgrade dovecot config to sync with 2.2 settings" | |
| sed -i 's|#ssl_dh_parameters_length = 4096|ssl_dh_parameters_length = 4096|g' /etc/dovecot/conf.d/10-ssl.conf | |
| sed -i 's|ssl_dh = </etc/ssl/dhparam.pem|#ssl_dh = </etc/ssl/dhparam.pem|g' /etc/dovecot/conf.d/10-ssl.conf | |
| sed -i 's|ssl_min_protocol = TLSv1.2|ssl_protocols = !SSLv3 !TLSv1 !TLSv1.1|g' /etc/dovecot/conf.d/10-ssl.conf | |
| fi | |
| update-rc.d dovecot defaults | |
| systemctl start dovecot >> $LOG | |
| check_result $? "dovecot start failed" | |
| fi | |
| #----------------------------------------------------------# | |
| # Configure ClamAV # | |
| #----------------------------------------------------------# | |
| if [ "$clamd" = 'yes' ]; then | |
| gpasswd -a clamav mail > /dev/null 2>&1 | |
| gpasswd -a clamav Debian-exim > /dev/null 2>&1 | |
| cp -f $HESTIA_INSTALL_DIR/clamav/clamd.conf /etc/clamav/ | |
| update-rc.d clamav-daemon defaults | |
| echo -ne "[ * ] Installing ClamAV anti-virus definitions... " | |
| /usr/bin/freshclam >> $LOG > /dev/null 2>&1 | |
| BACK_PID=$! | |
| spin_i=1 | |
| while kill -0 $BACK_PID > /dev/null 2>&1; do | |
| printf "\b${spinner:spin_i++%${#spinner}:1}" | |
| sleep 0.5 | |
| done | |
| echo | |
| systemctl start clamav-daemon >> $LOG | |
| check_result $? "clamav-daemon start failed" | |
| fi | |
| #----------------------------------------------------------# | |
| # Configure SpamAssassin # | |
| #----------------------------------------------------------# | |
| if [ "$spamd" = 'yes' ]; then | |
| echo "[ * ] Configuring SpamAssassin..." | |
| update-rc.d spamassassin defaults > /dev/null 2>&1 | |
| sed -i "s/ENABLED=0/ENABLED=1/" /etc/default/spamassassin | |
| systemctl start spamassassin >> $LOG | |
| check_result $? "spamassassin start failed" | |
| unit_files="$(systemctl list-unit-files | grep spamassassin)" | |
| if [[ "$unit_files" =~ "disabled" ]]; then | |
| systemctl enable spamassassin > /dev/null 2>&1 | |
| fi | |
| sed -i "s/#CRON=1/CRON=1/" /etc/default/spamassassin | |
| fi | |
| #----------------------------------------------------------# | |
| # Install Roundcube # | |
| #----------------------------------------------------------# | |
| # Min requirements Dovecot + Exim + Mysql | |
| if ([ "$mysql" == 'yes' ] || [ "$mysql8" == 'yes' ]) && [ "$dovecot" == "yes" ]; then | |
| echo "[ * ] Installing Roundcube..." | |
| $HESTIA/bin/v-add-sys-roundcube | |
| write_config_value "WEBMAIL_ALIAS" "webmail" | |
| else | |
| write_config_value "WEBMAIL_ALIAS" "" | |
| write_config_value "WEBMAIL_SYSTEM" "" | |
| fi | |
| #----------------------------------------------------------# | |
| # Configure dependencies # | |
| #----------------------------------------------------------# | |
| echo "[ * ] Configuring PHP dependencies..." | |
| $HESTIA/bin/v-add-sys-dependencies quiet | |
| echo "[ * ] Installing Rclone..." | |
| curl -s https://rclone.org/install.sh | bash > /dev/null 2>&1 | |
| #----------------------------------------------------------# | |
| # Hestia Access Info # | |
| #----------------------------------------------------------# | |
| # Comparing hostname and IP | |
| host_ip=$(host $servername | head -n 1 | awk '{print $NF}') | |
| if [ "$host_ip" = "$ip" ]; then | |
| ip="$servername" | |
| fi | |
| echo -e "\n" | |
| echo "====================================================================" | |
| echo -e "\n" | |
| # EOF |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment