free
/
freedombone
關註 1
收藏 0
複製 0
程式碼 問題管理 0 合併請求 0 版本發佈 0 Wiki Activity
5138 Commit
5 分支
目錄樹: 8b3fcc8699
分支列表 標籤列表
${ item.name }
Create branch ${ searchTerm }
from '8b3fcc8699'
${ noResults }
freedombone/src/freedombone-app-mailpile

freedombone-app-mailpile 11KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299 
  1. #!/bin/bash

  2. #

  3. # .---.                  .              .

  4. # |                      |              |

  5. # |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.

  6. # |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'

  7. # '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'

  8. #

  9. #                    Freedom in the Cloud

  10. #

  11. # mailpile app

  12. #

  13. # License

  14. # =======

  15. #

  16. # Copyright (C) 2016 Bob Mottram <bob@freedombone.net>

  17. #

  18. # This program is free software: you can redistribute it and/or modify

  19. # it under the terms of the GNU Affero General Public License as published by

  20. # the Free Software Foundation, either version 3 of the License, or

  21. # (at your option) any later version.

  22. #

  23. # This program is distributed in the hope that it will be useful,

  24. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  25. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  26. # GNU Affero General Public License for more details.

  27. #

  28. # You should have received a copy of the GNU Affero General Public License

  29. # along with this program.  If not, see <http://www.gnu.org/licenses/>.

  30. 

  31. VARIANTS="full full-vim writer"

  32. 

  33. IN_DEFAULT_INSTALL=0

  34. SHOW_ON_ABOUT=1

  35. 

  36. MAILPILE_DOMAIN_NAME=

  37. MAILPILE_CODE=

  38. MAILPILE_ONION_PORT=8103

  39. MAILPILE_REPO="https://github.com/mailpile/Mailpile"

  40. MAILPILE_COMMIT='352ca27a29f7d9525298264c04bc5c7d55887276'

  41. MAILPILE_PORT=33411

  42. 

  43. mailpile_variables=(MAILPILE_REPO

  44.                     MAILPILE_COMMIT

  45.                     MAILPILE_DOMAIN_NAME

  46.                     MAILPILE_CODE

  47.                     ONION_ONLY

  48.                     DDNS_PROVIDER

  49.                     MY_USERNAME)

  50. 

  51. function remove_user_mailpile {

  52.     remove_username="$1"

  53. }

  54. 

  55. function add_user_mailpile {

  56.     echo '0'

  57. }

  58. 

  59. function install_interactive_mailpile {

  60.     if [ ! $ONION_ONLY ]; then

  61.         ONION_ONLY='no'

  62.     fi

  63. 

  64.     if [[ $ONION_ONLY != "no" ]]; then

  65.         MAILPILE_DOMAIN_NAME='mailpile.local'

  66.         write_config_param "MAILPILE_DOMAIN_NAME" "$MAILPILE_DOMAIN_NAME"

  67.     else

  68.         function_check interactive_site_details

  69.         interactive_site_details "mailpile" "MAILPILE_DOMAIN_NAME" "MAILPILE_CODE"

  70.     fi

  71.     APP_INSTALLED=1

  72. }

  73. 

  74. function change_password_mailpile {

  75.     echo -n ''

  76. }

  77. 

  78. function reconfigure_mailpile {

  79.     echo -n ''

  80. }

  81. 

  82. function upgrade_mailpile {

  83.     read_config_param "MAILPILE_DOMAIN_NAME"

  84. 

  85.     function_check set_repo_commit

  86.     set_repo_commit /var/www/$MAILPILE_DOMAIN_NAME/mail "mailpile commit" "$MAILPILE_COMMIT" $MAILPILE_REPO

  87. }

  88. 

  89. function backup_local_mailpile {

  90.     echo -n ''

  91. }

  92. 

  93. function restore_local_mailpile {

  94.     echo -n ''

  95. }

  96. 

  97. function backup_remote_mailpile {

  98.     echo -n ''

  99. }

  100. 

  101. function restore_remote_mailpile {

  102.     echo -n ''

  103. }

  104. 

  105. function remove_mailpile {

  106.     if [ ${#MAILPILE_DOMAIN_NAME} -eq 0 ]; then

  107.         return

  108.     fi

  109. 

  110.     systemctl stop mailpile

  111.     systemctl disable mailpile

  112.     rm /etc/systemd/system/mailpile.service

  113. 

  114.     read_config_param "MAILPILE_DOMAIN_NAME"

  115.     nginx_dissite $MAILPILE_DOMAIN_NAME

  116.     remove_certs ${MAILPILE_DOMAIN_NAME}

  117.     if [ -f /etc/nginx/sites-available/$MAILPILE_DOMAIN_NAME ]; then

  118.         rm -f /etc/nginx/sites-available/$MAILPILE_DOMAIN_NAME

  119.     fi

  120.     if [ -d /var/www/$MAILPILE_DOMAIN_NAME ]; then

  121.         rm -rf /var/www/$MAILPILE_DOMAIN_NAME

  122.     fi

  123.     function_check remove_ddns_domain

  124.     remove_ddns_domain $MAILPILE_DOMAIN_NAME

  125.     deluser --remove-all-files mailpile

  126. 

  127.     remove_config_param MAILPILE_DOMAIN_NAME

  128.     remove_config_param MAILPILE_CODE

  129.     function_check remove_onion_service

  130.     remove_onion_service mailpile ${MAILPILE_ONION_PORT}

  131.     remove_completion_param "install_mailpile"

  132. 

  133.     enable_email_encryption_at_rest

  134. 

  135.     sed -i '/Mailpile/d' $COMPLETION_FILE

  136.     sed -i '/mailpile/d' $COMPLETION_FILE

  137.     sed -i '/mailpile/d' /home/$MY_USERNAME/README

  138.     sed -i '/Mailpile/d' /home/$MY_USERNAME/README

  139. }

  140. 

  141. function install_mailpile {

  142.     if [ ! $ONION_ONLY ]; then

  143.         ONION_ONLY='no'

  144.     fi

  145. 

  146.     if [ ! $MAILPILE_DOMAIN_NAME ]; then

  147.         echo $'The mailpile domain name was not specified'

  148.         exit 63824

  149.     fi

  150. 

  151.     apt-get -yq install python-pip python-lxml python-dev libjpeg-dev

  152. 

  153.     if [ ! -d /var/www/$MAILPILE_DOMAIN_NAME ]; then

  154.         mkdir /var/www/$MAILPILE_DOMAIN_NAME

  155.     fi

  156. 

  157.     cd /var/www/$MAILPILE_DOMAIN_NAME

  158.     if [ -d /var/www/$MAILPILE_DOMAIN_NAME/mail ]; then

  159.         rm -rf /var/www/$MAILPILE_DOMAIN_NAME/mail

  160.     fi

  161.     git_clone $MAILPILE_REPO mail

  162.     cd mail

  163.     git checkout $MAILPILE_COMMIT -b $MAILPILE_COMMIT

  164.     set_completion_param "mailpile commit" "$MAILPILE_COMMIT"

  165. 

  166.     if [ ! -f requirements-dev.txt ]; then

  167.         echo $'No python requirements file found'

  168.         exit 62382

  169.     fi

  170.     pip install -r requirements.txt

  171. 

  172.     adduser --system --home=/var/www/$MAILPILE_DOMAIN_NAME/mail/ --group mailpile

  173.     chown -R mailpile: /var/www/$MAILPILE_DOMAIN_NAME/mail/

  174. 

  175.     # create folders and tags

  176.     su -c "cd /var/www/$MAILPILE_DOMAIN_NAME/mail && ./mp --setup" - mailpile

  177. 

  178.     echo '[Unit]' > /etc/systemd/system/mailpile.service

  179.     echo 'Description=Mailpile Email Client' >> /etc/systemd/system/mailpile.service

  180.     echo 'After=syslog.target network.target nginx.target' >> /etc/systemd/system/mailpile.service

  181.     echo '' >> /etc/systemd/system/mailpile.service

  182.     echo '[Service]' >> /etc/systemd/system/mailpile.service

  183.     echo 'User=mailpile' >> /etc/systemd/system/mailpile.service

  184.     echo 'Group=mailpile' >> /etc/systemd/system/mailpile.service

  185.     echo "WorkingDirectory=/var/www/$MAILPILE_DOMAIN_NAME/mail" >> /etc/systemd/system/mailpile.service

  186.     echo "ExecStart=/var/www/$MAILPILE_DOMAIN_NAME/mail/mp --www=0.0.0.0:${MAILPILE_PORT} --wait" >> /etc/systemd/system/mailpile.service

  187.     echo 'Restart=always' >> /etc/systemd/system/mailpile.service

  188.     echo 'RestartSec=10' >> /etc/systemd/system/mailpile.service

  189.     echo '' >> /etc/systemd/system/mailpile.service

  190.     echo '[Install]' >> /etc/systemd/system/mailpile.service

  191.     echo 'WantedBy=multi-user.target' >> /etc/systemd/system/mailpile.service

  192.     chmod +x /etc/systemd/system/mailpile.service

  193. 

  194.     mailpile_nginx_site=/etc/nginx/sites-available/$MAILPILE_DOMAIN_NAME

  195.     if [[ $ONION_ONLY == "no" ]]; then

  196.         function_check nginx_http_redirect

  197.         nginx_http_redirect $MAILPILE_DOMAIN_NAME

  198.         echo 'server {' >> $mailpile_nginx_site

  199.         echo '  listen 443 ssl;' >> $mailpile_nginx_site

  200.         echo "  server_name $MAILPILE_DOMAIN_NAME;" >> $mailpile_nginx_site

  201.         echo '' >> $mailpile_nginx_site

  202.         echo '  # Security' >> $mailpile_nginx_site

  203.         function_check nginx_ssl

  204.         nginx_ssl $MAILPILE_DOMAIN_NAME

  205. 

  206.         function_check nginx_disable_sniffing

  207.         nginx_disable_sniffing $MAILPILE_DOMAIN_NAME

  208. 

  209.         echo '  add_header Strict-Transport-Security max-age=15768000;' >> $mailpile_nginx_site

  210.         echo '' >> $mailpile_nginx_site

  211.         echo '  # Logs' >> $mailpile_nginx_site

  212.         echo '  access_log off;' >> $mailpile_nginx_site

  213.         echo '  error_log off;' >> $mailpile_nginx_site

  214.         echo '' >> $mailpile_nginx_site

  215.         echo '  # Root' >> $mailpile_nginx_site

  216.         echo "  root /var/www/$MAILPILE_DOMAIN_NAME/mail;" >> $mailpile_nginx_site

  217.         echo '' >> $mailpile_nginx_site

  218.         echo '  location / {' >> $mailpile_nginx_site

  219.         function_check nginx_limits

  220.         nginx_limits $MAILPILE_DOMAIN_NAME '15m'

  221.         echo "    proxy_pass        http://localhost:${MAILPILE_PORT}/;" >> $mailpile_nginx_site

  222.         echo '    proxy_set_header X-Forwarded-Host $host;' >> $mailpile_nginx_site

  223.         echo '    proxy_set_header X-Forwarded-Server $host;' >> $mailpile_nginx_site

  224.         echo '    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $mailpile_nginx_site

  225.         echo '  }' >> $mailpile_nginx_site

  226.         echo '}' >> $mailpile_nginx_site

  227.     else

  228.         echo -n '' > $mailpile_nginx_site

  229.     fi

  230.     echo 'server {' >> $mailpile_nginx_site

  231.     echo "    listen 127.0.0.1:$MAILPILE_ONION_PORT default_server;" >> $mailpile_nginx_site

  232.     echo "    server_name $MAILPILE_DOMAIN_NAME;" >> $mailpile_nginx_site

  233.     echo '' >> $mailpile_nginx_site

  234.     function_check nginx_disable_sniffing

  235.     nginx_disable_sniffing $MAILPILE_DOMAIN_NAME

  236.     echo '' >> $mailpile_nginx_site

  237.     echo '  # Logs' >> $mailpile_nginx_site

  238.     echo '  access_log off;' >> $mailpile_nginx_site

  239.     echo '  error_log off;' >> $mailpile_nginx_site

  240.     echo '' >> $mailpile_nginx_site

  241.     echo '  # Root' >> $mailpile_nginx_site

  242.     echo "  root /var/www/$MAILPILE_DOMAIN_NAME/mail;" >> $mailpile_nginx_site

  243.     echo '' >> $mailpile_nginx_site

  244.     echo '  location / {' >> $mailpile_nginx_site

  245.     function_check nginx_limits

  246.     nginx_limits $MAILPILE_DOMAIN_NAME '15m'

  247.     echo "    proxy_pass        http://localhost:${MAILPILE_PORT}/;" >> $mailpile_nginx_site

  248.     echo '    proxy_set_header X-Forwarded-Host $host;' >> $mailpile_nginx_site

  249.     echo '    proxy_set_header X-Forwarded-Server $host;' >> $mailpile_nginx_site

  250.     echo '    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $mailpile_nginx_site

  251.     echo '  }' >> $mailpile_nginx_site

  252.     echo '}' >> $mailpile_nginx_site

  253. 

  254.     function_check create_site_certificate

  255.     if [ ! -f /etc/ssl/certs/${MAILPILE_DOMAIN_NAME}.pem ]; then

  256.         create_site_certificate $MAILPILE_DOMAIN_NAME 'yes'

  257.     fi

  258. 

  259.     if [ -f /etc/ssl/certs/${MAILPILE_DOMAIN_NAME}.crt ]; then

  260.         mv /etc/ssl/certs/${MAILPILE_DOMAIN_NAME}.crt /etc/ssl/certs/${MAILPILE_DOMAIN_NAME}.pem

  261.     fi

  262.     if [ -f /etc/ssl/certs/${MAILPILE_DOMAIN_NAME}.pem ]; then

  263.         chown mailpile: /etc/ssl/certs/${MAILPILE_DOMAIN_NAME}.pem

  264.     fi

  265.     if [ -f /etc/ssl/private/${MAILPILE_DOMAIN_NAME}.key ]; then

  266.         chown mailpile: /etc/ssl/private/${MAILPILE_DOMAIN_NAME}.key

  267.     fi

  268. 

  269.     function_check nginx_ensite

  270.     nginx_ensite $MAILPILE_DOMAIN_NAME

  271. 

  272.     MAILPILE_ONION_HOSTNAME=$(add_onion_service mailpile 80 ${MAILPILE_ONION_PORT})

  273. 

  274.     if ! grep -q "Mailpile onion domain" /home/$MY_USERNAME/README; then

  275.         echo $"Mailpile onion domain: ${MAILPILE_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README

  276.         echo '' >> /home/$MY_USERNAME/README

  277.         chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README

  278.         chmod 600 /home/$MY_USERNAME/README

  279.     else

  280.         if [ -f /home/$MY_USERNAME/README ]; then

  281.             sed -i "s|Mailpile onion domain.*|Mailpile onion domain: ${MAILPILE_ONION_HOSTNAME}|g" /home/$MY_USERNAME/README

  282.         fi

  283.     fi

  284. 

  285.     function_check add_ddns_domain

  286.     add_ddns_domain $MAILPILE_DOMAIN_NAME

  287. 

  288.     disable_email_encryption_at_rest

  289. 

  290.     systemctl enable mailpile

  291.     systemctl daemon-reload

  292.     systemctl start mailpile

  293.     systemctl restart nginx

  294. 

  295.     set_completion_param "mailpile domain" "$MAILPILE_DOMAIN_NAME"

  296.     APP_INSTALLED=1

  297. }

  298. 

  299. # NOTE: deliberately no exit 0