| Current File : //scripts/tls.sh_bk |
#!/bin/bash
#hostip=$(hostname -i);
#echo $hostip;
removemaincf()
{
if [ "$pos_status" == 0 ]
then
main_file_detail="/etc/postfix/main.cf";
r=$(( $RANDOM ));
n_file_detail=$main_file_detail$r;
back_main_file_detail="/etc/postfix/main.cf_back_g";
if [ -f "$back_main_file_detail" ];
then
yes | cp -avr $main_file_detail $back_main_file_detail;
else
cp -avr $main_file_detail $back_main_file_detail;
fi
cp -avr $main_file_detail $n_file_detail >> $log_file_detail;
echo "we removed tls data from /etc/postfix/main.cf" >> $log_file_detail;
sed -i "/smtp_use_tls/d" $main_file_detail
sed -i "/smtpd_use_tls/d" $main_file_detail
sed -i '/smtpd_tls_auth_only/d' $main_file_detail
sed -i '/smtpd_tls_received_header/d' $main_file_detail
sed -i '/smtpd_tls_session_cache_timeout/d' $main_file_detail
sed -i '/tls_random_source/d' $main_file_detail
sed -i '/smtpd_tls_key_file/d' $main_file_detail
sed -i '/smtpd_tls_loglevel/d' $main_file_detail
sed -i '/smtpd_tls_cert_file/d' $main_file_detail
sed -i '/smtpd_tls_CAfile/d' $main_file_detail
sed -i '/smtpd_tls_key_file/d' $main_file_detail
echo "smtp_use_tls = no" >> $main_file_detail;
echo "smtpd_use_tls = no" >> $main_file_detail;
rm -rf $n_file_detail;
echo "------------------------------postfix restarted --------------------------" >>$log_file_detail;
if [ "$ver_d" == 7 ]
then
systemctl restart postfix ;
else
service postfix restart ;
fi
echo "0" >/etc/sentora/panel/modules/mail_admin/code/tls_detail
else
echo "Postfix is not install ">> $log_file_detail;
fi
}
checkmaincf()
{
#if service --status-all | grep -Fq 'apache2';
#then
echo "$1 ...... $#";
n_mail_path=$1;
pem_status=0;
cert_file=$n_mail_path"/cert.pem";
chain_file=$n_mail_path"/chain.pem";
privkey_file=$n_mail_path"/privkey.pem";
if [ "$pos_status" == 0 ]
then
if [ -f "$cert_file" ]
then
echo
else
pem_status=1;
fi
if [ -f "$chain_file" ]
then
echo
else
pem_status=1;
fi
if [ -f "$privkey_file" ]
then
echo
else
pem_status=1;
fi
if [ "$pem_status" == 0 ]
then
main_file_detail="/etc/postfix/main.cf";
r=$(( $RANDOM ));
n_file_detail=$main_file_detail$r;
back_main_file_detail="/etc/postfix/main.cf_back_g";
if [ -f "$back_main_file_detail" ];
then
yes | cp -avr $main_file_detail $back_main_file_detail;
else
cp -avr $main_file_detail $back_main_file_detail;
fi
cp -avr $main_file_detail $n_file_detail >> $log_file_detail;
echo "we removed tls data from /etc/postfix/main.cf" >> $log_file_detail;
sed -i "/smtp_use_tls/d" $main_file_detail
sed -i "/smtpd_use_tls/d" $main_file_detail
sed -i '/smtpd_tls_auth_only/d' $main_file_detail
sed -i '/smtpd_tls_received_header/d' $main_file_detail
sed -i '/smtpd_tls_session_cache_timeout/d' $main_file_detail
sed -i '/tls_random_source/d' $main_file_detail
sed -i '/smtpd_tls_key_file/d' $main_file_detail
sed -i '/smtpd_tls_loglevel/d' $main_file_detail
sed -i '/smtpd_tls_cert_file/d' $main_file_detail
sed -i '/smtpd_tls_CAfile/d' $main_file_detail
sed -i '/smtpd_tls_key_file/d' $main_file_detail
echo "smtp_use_tls = yes" >> $main_file_detail;
echo "smtpd_use_tls = yes" >> $main_file_detail;
echo "smtpd_tls_auth_only = no" >> $main_file_detail;
echo "smtpd_tls_received_header = yes" >> $main_file_detail;
echo "smtpd_tls_session_cache_timeout = 3600s" >> $main_file_detail;
echo "#tls_random_source = dev:/dev/urandom" >> $main_file_detail;
echo "smtpd_tls_loglevel = 1" >> $main_file_detail;
echo -e "smtpd_tls_cert_file=$n_mail_path/cert.pem" >> $main_file_detail;
echo -e "smtpd_tls_CAfile=$n_mail_path/chain.pem" >> $main_file_detail;
echo -e "smtpd_tls_key_file=$n_mail_path/privkey.pem" >> $main_file_detail;
rm -rf $n_file_detail;
echo "------------------------------postfix restarted --------------------------" >>$log_file_detail;
if [ "$ver_d" == 7 ]
then
systemctl restart postfix ;
else
service postfix restart ;
fi
echo "1" >/etc/sentora/panel/modules/mail_admin/code/tls_detail
else
echo "0" >/etc/sentora/panel/modules/mail_admin/code/tls_detail
echo ".pem file not exist " >> $log_file_detail;
fi
else
echo "0" >/etc/sentora/panel/modules/mail_admin/code/tls_detail
echo "Postfix is not install ">> $log_file_detail;
fi
}
log_file_detail="/var/log/tls_log";
echo "Log details are store in this file $log_file_detail";
if [ "$#" -lt 2 ]
then
echo "Provide all argument like script_file domain_name " >>$log_file_detail;
else
public_ip=`dig +short myip.opendns.com @resolver1.opendns.com`
dom_arr=${@:2}
echo "...............$public_ip................";
my_domain="";
for i in $dom_arr
do
n_st_dom="mail."$i;
dig_ip=`dig $n_st_dom +short`;
for a in $dig_ip
do
if [ "$a" == "$public_ip" ]
then
my_domain=$i;
fi
done
done
pos_status=0
ver_d=`rpm -qa \*-release | grep -Ei "oracle|redhat|centos" | cut -d"-" -f3`
if yum list installed |grep -F 'postfix'
then
echo
else
pos_status=1;
fi
if [ -z "$my_domain" ]
then
removemaincf
echo "0" >/etc/sentora/panel/modules/mail_admin/code/tls_detail
echo "Enter a valid domain which mail record point to current server" >>$log_file_detail;
else
serv_code=$1;
check_mail_host="/etc/letsencrypt";
if [ -d "$check_mail_host" ]
then
mail_host_path="/etc/letsencrypt/live/";
mail_ext="mail.";
domain_name_detail=$my_domain;
new_mail_domain=$mail_ext$domain_name_detail;
echo "mail domain --------- $new_mail_domain " >>$log_file_detail;
mail_host_path+=$new_mail_domain;
case $serv_code in
start)
if [ -d "$mail_host_path" ]
then
echo "Mail host is exist";
echo "Mail host is exist , lets check /etc/postfix/main.cf file" >>$log_file_detail;
checkmaincf $mail_host_path $new_mail_domain
else
lets_encrypt="/usr/local/letsencrypt/";
status_bit=0;
if [ -d "$lets_encrypt" ]
then
echo "letsencrypt directory is exist">>$log_file_detail;
else
echo "letsencrypt directory is not exist">>$log_file_detail;
status_bit=1;
exit;
fi
if [ -r "$lets_encrypt" ]; then
echo "File with read permission";
else
echo "Folder has no read access" >>$log_file_detail;
status_bit=1;
fi
if [ -w "$lets_encrypt" ]; then
echo
#echo "File with write permission " >>;
else
echo "Folder with no write permission" >>$log_file_detail;
status_bit=1;
fi
if [ -x "$lets_encrypt" ]
then
echo
else
status_bit=1;
echo "Folder with no executable permission" >>$log_file_detail;
fi
if [ "$status_bit" == 0 ]
then
cd $lets_encrypt;
newpath=$lets_encrypt;
newpath+="letsencrypt-auto";
echo $newpath;
#/usr/local/letsencrypt/letsencrypt-auto --apache --non-interactive -d mail.oody.in
sh $newpath --apache --non-interactive -d $new_mail_domain
#sh $newpath --apache -d $new_mail_domain
echo "Proceed ">>$log_file_detail;
checkmaincf $mail_host_path $new_mail_domain
else
echo "Not encrypt (some file problem)" >>$log_file_detail;
echo "0" >/etc/sentora/panel/modules/mail_admin/code/tls_detail
exit;
fi
fi
break
;;
stop)
removemaincf
;;
*)
echo "Enter all data" >>$log_file_detail;
;;
esac
else
removemaincf
echo "Install SSL certificate " >>$log_file_detail;
fi
fi
fi