Net-FullAuto
view release on metacpan or search on metacpan
lib/Net/FullAuto/ISets/Local/EmailServer_is.pm view on Meta::CPAN
#cleanup;
my $do=1;
if ($do==1) {
unless ($^O eq 'cygwin') {
} else {
# https://www.digitalocean.com/community/questions/how-to-change-port-80-into-8080-on-my-emailserver
# https://opensource.com/article/18/9/linux-iptables-firewalld
# https://www.digitalocean.com/community/tutorials/iptables-essentials-common-firewall-rules-and-commands - for JavaPipe
my $cygcheck=`/bin/cygcheck -c` || die $!;
my $uname=`/bin/uname` || die $!;
my $uname_all=`/bin/uname -a` || die $!;
$uname_all.=$uname;
my %need_packages=();
my $srvout='';
($srvout,$stderr)=$handle->cmd("cygrunsrv -L",'__display__');
if ($srvout=~/exim/) {
($stdout,$stderr)=$handle->cmd("cygrunsrv --stop exim",'__display__');
($stdout,$stderr)=$handle->cmd("cygrunsrv -R exim");
}
if ($srvout=~/nginx_first_time/) {
($stdout,$stderr)=$handle->cmd(
"cygrunsrv --stop nginx_first_time",'__display__');
($stdout,$stderr)=$handle->cmd("cygrunsrv -R nginx_first_time");
($stdout,$stderr)=$handle->cmd(
"rm -rvf /opt/source/nginx*",
'__display__');
}
if ($srvout=~/memcached/) {
($stdout,$stderr)=$handle->cmd("cygrunsrv --stop memcached",
'__display__');
($stdout,$stderr)=$handle->cmd("cygrunsrv -R memcached");
($stdout,$stderr)=$handle->cmd(
"/opt/source/memcached*",
'__display__');
}
if ($uname_all=~/x86_64/) {
foreach my $package ('libxml2','libxml2-devel','libtool',
'autoconf','autobuild','automake','pkg-config',
'libuuid-devel','wget','git','httpd',
'httpd-mod_ssl','httpd-tools','exim','zip') {
unless (-1<index $cygcheck, "$package ") {
$need_packages{$package}='';
}
}
} else {
foreach my $package ('libxml2','libxml2-devel','libtool',
'autoconf','autobuild','automake','pkg-config',
'libuuid-devel','wget','git','httpd','httpd-mod_ssl',
'httpd-tools','exim','zip') {
unless (-1<index $cygcheck, "$package ") {
$need_packages{$package}='';
}
}
}
# http://www.fjakkarin.com/2015/11/cygwin-cygserver-and-apache-httpd/
($stdout,$stderr)=$handle->cmd($sudo.
"wget --random-wait --progress=dot ".
"https://github.com/transcode-open/apt-cyg/archive/master.zip",
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -v $username:$username master.zip','__display__')
if $^O ne 'cygwin';
($stdout,$stderr)=$handle->cmd("unzip -o master.zip",'__display__');
($stdout,$stderr)=$handle->cmd("rm -rvf master.zip",'__display__');
($stdout,$stderr)=$handle->cmd("mv apt-cyg-master/apt-cyg /usr/bin");
($stdout,$stderr)=$handle->cmd("chmod -v 755 /usr/bin/apt-cyg",
'__display__');
($stdout,$stderr)=$handle->cmd("rm -rvf apt-cyg-master",'__display__');
my $packs='';$|=1;
foreach my $pack (sort keys %need_packages) {
($stdout,$stderr)=$handle->cmd("apt-cyg install $pack",
'__display__');
}
if ($^O eq 'cygwin') {
($stdout,$stderr)=$handle->cwd('~');
# http://blogostuffivelearnt.blogspot.com/2012/07/
# smtp-mail-server-with-windows.html
($stdout,$stderr)=$handle->cmd(
"chmod -v 755 /usr/bin/exim*",'__display__');
$handle->print('/bin/exim-config');
$prompt=$handle->prompt();
while (1) {
my $output.=fetch($handle);
last if $output=~/$prompt/;
print $output;
if (-1<index $output,'local postmaster') {
$handle->print();
$output='';
next;
} elsif (-1<index $output,'Is it') {
$handle->print('yes');
$output='';
next;
} elsif (-1<index $output,'change that setting') {
$handle->print('no');
$output='';
next;
} elsif (-1<index $output,'standard values') {
$handle->print('yes');
$output='';
next;
} elsif (-1<index $output,'be links to') {
$handle->print('yes');
$output='';
next;
} elsif (-1<index $output,'some CPAN') {
$handle->print('no');
$output='';
next;
} elsif (-1<index $output,'install the exim') {
$handle->print('yes');
$output='';
next;
} elsif (-1<index $output,'in minutes') {
$handle->print();
$output='';
next;
} elsif (-1<index $output,'CYGWIN for the daemon') {
$handle->print('default');
$output='';
next;
lib/Net/FullAuto/ISets/Local/EmailServer_is.pm view on Meta::CPAN
($stdout,$stderr)=$handle->cwd('/opt/source');
($stdout,$stderr)=$handle->cmd($sudo.
'wget -qO- https://www.sourceware.org/bzip2/');
$stdout=~s/^.*?stable version is bzip2 ([\d\.]*\d)\..*$/$1/s;
($stdout,$stderr)=$handle->cmd($sudo.
"ls -1 /usr/local/lib | grep libbz2.so.$stdout");
unless ($stdout) {
($stdout,$stderr)=$handle->cmd($sudo.
'ls -1 | grep bzip2');
if ($stdout=~/^\s*bzip2\s*$/s) {
($stdout,$stderr)=$handle->cmd($sudo.
'rm -rvf bzip2-old','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'mv -v bzip2 bzip-old','__display__');
}
my $done=0;my $gittry=0;
while ($done==0) {
($stdout,$stderr)=$handle->cmd($sudo.
'git clone git://sourceware.org/git/bzip2.git',
'__display__');
if (++$gittry>5) {
print "\n\n FATAL ERROR: $stderr\n\n";
cleanup();
}
my $gittest='Connection reset by peer|'.
'Could not read from remote repository';
$done=1 if $stderr!~/$gittest/s;
last if $done;
sleep 30;
}
($stdout,$stderr)=$handle->cwd('bzip2');
($stdout,$stderr)=$handle->cmd($sudo.
'make -f Makefile-libbz2_so','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'cp -v libbz2.so* /usr/local/lib','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'make','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'make install','__display__');
$build_php=1;
} else {
print "bzip2 is up to date.\n";
}
($stdout,$stderr)=$handle->cwd('/opt/source');
# https://bipulkkuri.medium.com/install-latest-gcc-on-centos-linux-release-7-6-a704a11d943d
($stdout,$stderr)=$handle->cmd($sudo.
'wget -qO- http://mirrors.concertpass.com/gcc/releases/');
$stdout=~s/^.*href=["]([^"]+?)["].*$/$1/s;
chop $stdout;
$stdout=~s/gcc-//;
my $verss=$stdout;
($stdout,$stderr)=$handle->cmd($sudo.'gcc --version');
$stdout=~s/^.*?GCC[)]\s+?([^\s]+)\s+Copyright.*$/$1/s;
if ($stdout ne $verss) {
($stdout,$stderr)=$handle->cwd('/opt/source');
($stdout,$stderr)=$handle->cmd($sudo.
'wget --random-wait --progress=dot '.
'http://ftp.gnu.org/gnu/autoconf/autoconf-latest.tar.gz',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"chown -v $username:$username autoconf-latest.tar.gz",'__display__')
if $^O ne 'cygwin';
($stdout,$stderr)=$handle->cmd($sudo.'tar zxvf autoconf-latest.tar.gz',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.'rm -rvf autoconf-latest.tar.gz',
'__display__');
($stdout,$stderr)=$handle->cwd("autoconf-*");
($stdout,$stderr)=$handle->cmd($sudo.'./configure','__display__');
($stdout,$stderr)=$handle->cmd($sudo.'make','__display__');
($stdout,$stderr)=$handle->cmd($sudo.'make install','__display__');
($stdout,$stderr)=$handle->cwd('/opt/source');
($stdout,$stderr)=$handle->cmd($sudo.
'wget -qO- https://git.savannah.gnu.org/cgit/automake.git');
$stdout=~s#^.*?Download.*?href.*?href=['](.*?snapshot.*?)['].*$#$1#s;
my $atarfile=$stdout;
$atarfile=~s/^.*\/(.*)$/$1/;
($stdout,$stderr)=$handle->cmd($sudo.
'wget --random-wait --progress=dot '.
'https://git.savannah.gnu.org'.$stdout,
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"tar xvf $atarfile",'__display__');
$atarfile=~s/.tar.gz$//;
($stdout,$stderr)=$handle->cwd($atarfile);
($stdout,$stderr)=$handle->cmd($sudo.
'./bootstrap','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'./configure','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'make install','__display__');
($stdout,$stderr)=$handle->cwd('/opt/source');
($stdout,$stderr)=$handle->cmd($sudo.
'wget --random-wait --progress=dot '.
"http://mirrors.concertpass.com/gcc/releases/gcc-$verss/gcc-$verss.tar.xz",
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"tar xvf gcc-$verss.tar.xz",'__display__');
($stdout,$stderr)=$handle->cwd("gcc-$verss");
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp build','__display__');
($stdout,$stderr)=$handle->cwd('build');
($stdout,$stderr)=$handle->cmd($sudo.
'../configure --enable-languages=c,c++ --disable-multilib',
'3600','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'make bootstrap','3600','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'make install','3600','__display__');
($stdout,$stderr)=$handle->cwd('..');
($stdout,$stderr)=$handle->cmd($sudo.
'rm -rfv build','__display__');
}
($stdout,$stderr)=$handle->cwd('/opt/source');
my $done=0;my $gittry=0;
while ($done==0) {
($stdout,$stderr)=$handle->cmd($sudo.
'git clone --recursive https://github.com/madler/zlib.git',
'__display__');
if (++$gittry>5) {
print "\n\n FATAL ERROR: $stderr\n\n";
cleanup();
lib/Net/FullAuto/ISets/Local/EmailServer_is.pm view on Meta::CPAN
'mv -v libxml2 libxml2-old','__display__');
}
my $done=0;my $gittry=0;
while ($done==0) {
($stdout,$stderr)=$handle->cmd($sudo.
'git clone https://gitlab.gnome.org/GNOME/libxml2.git',
'__display__');
if (++$gittry>5) {
print "\n\n FATAL ERROR: $stderr\n\n";
cleanup();
}
my $gittest='Connection reset by peer|'.
'Could not read from remote repository';
$done=1 if $stderr!~/$gittest/s;
last if $done;
sleep 30;
}
($stdout,$stderr)=$handle->cwd('libxml2');
($stdout,$stderr)=$handle->cmd($sudo.
"git checkout v$lxmlver",'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'"ACLOCAL_PATH=/usr/share/aclocal" '.
'./autogen.sh','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'make','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'make install','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'cp -v libxml-2.0.pc /usr/lib64/pkgconfig','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'ldconfig -v','__display__');
$build_php=1;
} else {
print "libxml2 is up to date.\n";
}
($stdout,$stderr)=$handle->cwd('/opt/source');
($stdout,$stderr)=$handle->cmd($sudo.
'wget --random-wait --progress=dot '.
'https://www.sqlite.org/src/tarball/sqlite.tar.gz',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'tar zxvf sqlite.tar.gz','__display__');
($stdout,$stderr)=$handle->cwd('sqlite');
($stdout,$stderr)=$handle->cmd($sudo.
'CFLAGS="-DSQLITE_ENABLE_COLUMN_METADATA=1" '.
'./configure','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'make','3600','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'make install','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'cp -v sqlite3.pc /usr/lib64/pkgconfig','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'ldconfig -v','__display__');
($stdout,$stderr)=$handle->cwd('/opt/source');
($stdout,$stderr)=$handle->cmd($sudo.
'wget --random-wait --progress=dot '.
'http://ftp.gnu.org/gnu/autoconf/autoconf-latest.tar.gz',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"chown -v $username:$username autoconf-latest.tar.gz",'__display__')
if $^O ne 'cygwin';
($stdout,$stderr)=$handle->cmd($sudo.'tar zxvf autoconf-latest.tar.gz',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.'rm -rvf autoconf-latest.tar.gz',
'__display__');
($stdout,$stderr)=$handle->cwd("autoconf-*");
($stdout,$stderr)=$handle->cmd($sudo.'./configure','__display__');
($stdout,$stderr)=$handle->cmd($sudo.'make','__display__');
($stdout,$stderr)=$handle->cmd($sudo.'make install','__display__');
($stdout,$stderr)=$handle->cwd('/opt/source');
($stdout,$stderr)=$handle->cmd($sudo.
'wget -qO- https://en.wikipedia.org/wiki/OpenSSL');
$stdout=~s/^.*?Stable release.*?-data["][>](.*?) *[(].*$/$1/s;
my $sslv=$stdout;
($stdout,$stderr)=$handle->cmd($sudo.
'ls -1 | grep openssl');
my $ssldir=0;
$ssldir=1 if $stdout=~/^\s*openssl\s*$/s;
($stdout,$stderr)=$handle->cmd($sudo.
'strings /usr/local/lib64/libssl.so | grep OpenSSL');
my $ssllib=$stdout;
if ($ssllib!~/$sslv/s || !$ssldir) {
if ($ssldir) {
($stdout,$stderr)=$handle->cmd($sudo.
'rm -rvf openssl-old','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'mv -v openssl openssl-old','__display__');
}
my $done=0;my $gittry=0;
while ($done==0) {
($stdout,$stderr)=$handle->cmd($sudo.
'git clone --recursive https://github.com/openssl/openssl.git',
'__display__');
if (++$gittry>5) {
print "\n\n FATAL ERROR: $stderr\n\n";
cleanup();
}
my $gittest='Connection reset by peer|'.
'Could not read from remote repository';
$done=1 if $stderr!~/$gittest/s;
last if $done;
sleep 30;
}
($stdout,$stderr)=$handle->cwd('openssl');
# https://www.thegeekstuff.com/2015/02/rpm-build-package-example/
($stdout,$stderr)=$handle->cmd($sudo.
'wget --random-wait --progress=dot '.
'https://git.sailfishos.org/mer-core/'.
'openssl/raw/master/rpm/openssl.spec',
'__display__');
my $sslr=$sslv;
$sslr=~s/\./_/g;
($stdout,$stderr)=$handle->cmd($sudo.
"git checkout OpenSSL_$sslr",'__display__');
if ($ssllib!~/$sslv/s) {
($stdout,$stderr)=$handle->cmd($sudo.
'./config LDFLAGS="-Wl,-rpath /usr/local/lib -Wl,'.
'-rpath /usr/local/lib64"','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'make install','__display__');
lib/Net/FullAuto/ISets/Local/EmailServer_is.pm view on Meta::CPAN
'yum list installed | grep "[Mm]aria\|[Mm][Yy][Ss][Qq][Ll]"',
'__display__');
my @pkgs=split "\n", $stdout;
foreach my $pkg (@pkgs) {
$pkg=~s/^(.*?)\s+.*$/$1/;
($stdout,$stderr)=$handle->cmd($sudo.
"yum -y erase $pkg",'__display__');
}
($stdout,$stderr)=$handle->cwd('/opt/source');
($stdout,$stderr)=$handle->cmd($sudo.
'ls -1 /opt','__display__');
if ($stdout!~/mariadb/i) {
my $done=0;my $gittry=0;
while ($done==0) {
($stdout,$stderr)=$handle->cmd($sudo.
'git clone https://github.com/MariaDB/server.git '.
'mariadb','__display__');
if (++$gittry>5) {
print "\n\n FATAL ERROR: $stderr\n\n";
cleanup();
}
my $gittest='Connection reset by peer|'.
'Could not read from remote repository';
$done=1 if $stderr!~/$gittest/s;
last if $done;
sleep 30;
}
($stdout,$stderr)=$handle->cwd('mariadb');
($stdout,$stderr)=$handle->cmd($sudo.
'yum-builddep -y mariadb-server',
'__display__');
# https://www.linuxfromscratch.org/blfs/view/cvs/server/mariadb.html
($stdout,$stderr)=$handle->cmd($sudo.
'/usr/local/bin/cmake -DWITH_SSL=yes '.
'-DSKIP_TESTS=ON '.
'-DMYSQL_DATADIR=/var/lib/mysql '.
'-DCMAKE_INSTALL_PREFIX=/usr/local/mysql '.
'-DMYSQL_UNIX_ADDR=/run/mysqld/mysqld.sock '.
'-DWITH_EXTRA_CHARSETS=complex '.
'-DINSTALL_SYSTEMD_UNITDIR=/etc/systemd/system '.
'-DOPENSSL_INCLUDE_DIR=/usr/local/include/openssl '.
'-DOPENSSL_SSL_LIBRARY=/usr/local/lib64/libssl.so '.
'-DOPENSSL_CRYPTO_LIBRARY='.
'/usr/local/lib64/libcrypto.so',
'3600','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'make install','3600','__display__');
} else {
($stdout,$stderr)=$handle->cmd($sudo.
'mv -fv /opt/mariadb /opt/source/mariadb',
'__display__');
($stdout,$stderr)=$handle->cwd('mariadb');
}
($stdout,$stderr)=$handle->cmd($sudo.
'groupadd mysql');
($stdout,$stderr)=$handle->cmd($sudo.
'useradd -r -g mysql mysql');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /run/mysqld','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -Rv mysql:root /var/run/mysqld',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'yum -y install galera perl-DBI','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'service mysql stop','__display__');
#($stdout,$stderr)=$handle->cmd($sudo.
# 'chmod -v 1777 /tmp','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'rm -rvf /var/lib/mysql','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /var/lib/mysql','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -v mysql:root /var/lib/mysql','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chmod -v 700 /var/lib/mysql','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'scripts/mysql_install_db --user=mysql '.
'--datadir=/var/lib/mysql','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'ln -s /usr/local/mysql/bin/mariadb /bin/mysql');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /etc/mysql/my.cnf.d','__display__');
#
# echo-ing/streaming files over ssh can be tricky. Use echo -e
# and replace these characters with thier HEX
# equivalents (use an external editor for quick
# search and replace - and paste back results.
# use copy/paste or cat file and copy/paste results.):
#
# ! - \\x21 ` - \\x60 * - \\x2A
# " - \\x22 \ - \\x5C
# $ - \\x24 % - \\x25
#
my $my_cnf=<<END;
# Begin /etc/mysql/my.cnf
# The following options will be passed to all MySQL clients
[client]
#password = your_password
port = 3306
socket = /run/mysqld/mysqld.sock
# The MySQL server
[mysqld]
port = 3306
socket = /run/mysqld/mysqld.sock
datadir = /var/lib/mysql
skip-external-locking
key_buffer_size = 16M
max_allowed_packet = 1M
sort_buffer_size = 512K
net_buffer_length = 16K
myisam_sort_buffer_size = 8M
# Don't listen on a TCP/IP port at all.
skip-networking
# required unique id between 1 and 2^32 - 1
server-id = 1
# Uncomment the following if you are using BDB tables
#bdb_cache_size = 4M
#bdb_max_lock = 10000
# InnoDB tables are now used by default
innodb_data_home_dir = /var/lib/mysql
innodb_log_group_home_dir = /var/lib/mysql
# All the innodb_xxx values below are the default ones:
innodb_data_file_path = ibdata1:12M:autoextend
# You can set .._buffer_pool_size up to 50 - 80 %
# of RAM but beware of setting memory usage too high
innodb_buffer_pool_size = 128M
innodb_log_file_size = 48M
lib/Net/FullAuto/ISets/Local/EmailServer_is.pm view on Meta::CPAN
"${home_dir}mysql_virtual_alias_mailbox_maps.cf");
($stdout,$stderr)=$handle->cmd($sudo.
"mv -v ${home_dir}mysql_virtual_alias_mailbox_maps.cf /etc/postfix/sql",
'__display__');
my $mysql_virtual_alias_maps=<<END;
user = postfixadmin
password = $service_and_cert_password
dbname = postfixadmin
query = SELECT goto FROM alias WHERE address='\\x25s' AND active = '1'
#expansion_limit = 100
hosts = unix:/var/run/mysqld/mysqld.sock
END
($stdout,$stderr)=$handle->cmd("echo -e \"$mysql_virtual_alias_maps\" > ".
"${home_dir}mysql_virtual_alias_maps.cf");
($stdout,$stderr)=$handle->cmd($sudo.
"mv -v ${home_dir}mysql_virtual_alias_maps.cf /etc/postfix/sql",
'__display__');
my $mysql_virtual_alias_domain_maps=<<END;
user = postfixadmin
password = $service_and_cert_password
dbname = postfixadmin
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '\\x25d' and alias.address = CONCAT('\\x25u', '\@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
hosts = unix:/var/run/mysqld/mysqld.sock
END
($stdout,$stderr)=$handle->cmd(
"echo -e \"$mysql_virtual_alias_domain_maps\" > ".
"${home_dir}mysql_virtual_alias_domain_maps.cf");
($stdout,$stderr)=$handle->cmd($sudo.
"mv -v ${home_dir}mysql_virtual_alias_domain_maps.cf /etc/postfix/sql",
'__display__');
my $mysql_virtual_alias_domain_mailbox_maps=<<END;
user = postfixadmin
password = $service_and_cert_password
dbname = postfixadmin
query = SELECT maildir FROM mailbox,alias_domain WHERE alias_domain.alias_domain = '\\x25d' and mailbox.username = CONCAT('\\x25u', '\@', alias_domain.target_domain) AND mailbox.active = 1 AND alias_domain.active='1'
hosts = unix:/var/run/mysqld/mysqld.sock
END
($stdout,$stderr)=$handle->cmd(
"echo -e \"$mysql_virtual_alias_domain_mailbox_maps\" > ".
"${home_dir}mysql_virtual_alias_domain_mailbox_maps.cf");
($stdout,$stderr)=$handle->cmd($sudo.
"mv -v ${home_dir}mysql_virtual_alias_domain_mailbox_maps.cf ".
"/etc/postfix/sql",'__display__');
my $mysql_virtual_alias_domain_catchall_maps=<<END;
# handles catch-all settings of target-domain
user = postfixadmin
password = $service_and_cert_password
dbname = postfixadmin
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '\\x25d' and alias.address = CONCAT('\@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
hosts = unix:/var/run/mysqld/mysqld.sock
END
($stdout,$stderr)=$handle->cmd(
"echo -e \"$mysql_virtual_alias_domain_catchall_maps\" > ".
"${home_dir}mysql_virtual_alias_domain_catchall_maps.cf");
($stdout,$stderr)=$handle->cmd($sudo.
"mv -v ${home_dir}mysql_virtual_alias_domain_catchall_maps.cf ".
"/etc/postfix/sql",'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chmod -v 0640 /etc/postfix/sql/*','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -v root:root /etc/postfix/sql/*','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'setfacl -R -m u:postfix:rx /etc/postfix/sql/','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'useradd dovenull --system --uid 4099 -s /usr/bin/nologin '.
'--user-group --no-create-home');
($stdout,$stderr)=$handle->cmd($sudo.
'useradd dovecot --system --uid 5000 -s /usr/bin/nologin '.
'--user-group --no-create-home');
($stdout,$stderr)=$handle->cmd($sudo.
'gpasswd -a dovecot mail','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'useradd vmail --system --uid 2000 -s /usr/bin/nologin '.
'--user-group --no-create-home');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -v /var/mail/vmail','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -Rv vmail:vmail /var/mail/vmail/','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chcon -Rv -t mail_spool_t /var/mail/vmail/','__display__');
#($stdout,$stderr)=$handle->cmd($sudo.
# 'openssl req -new -outform PEM -out /etc/postfix/smtpd.cert '.
# '-newkey rsa:2048 -nodes -keyout /etc/postfix/smtpd.key '.
# '-keyform PEM -days 3650 -x509','__display__');
#($stdout,$stderr)=$handle->cmd($sudo.
# 'chmod -v 640 /etc/postfix/smtpd.key','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postfix start','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postfix reload','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postfix status','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e "inet_interfaces = all"','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'mydestination = $myhostname, localhost.$mydomain, '.
'localhost, $mydomain\'','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e "mydestination = mail.'.$domain_url.', \$myhostname, '.
'localhost.\$mydomain, localhost"',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e "myhostname = mail.'.$domain_url.'"','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e "mydomain = mail.'.$domain_url.'"','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e "myorigin = mail.'.$domain_url.'"','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e "virtual_mailbox_base = /var/mail/vmail"','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e "virtual_minimum_uid = 2000"','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e "virtual_uid_maps = static:2000"','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e "virtual_gid_maps = static:2000"','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_sasl_auth_enable = yes\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_helo_required = yes\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'broken_sasl_auth_clients = yes\'',
'__display__');
#($stdout,$stderr)=$handle->cmd($sudo.
# 'postconf -e \'smtpd_sender_restrictions '.
# '= permit_mynetworks, permit_sasl_authenticated, '.
# 'reject_unknown_sender_domain, '.
# 'reject_unknown_reverse_client_hostname, '.
# 'reject_unknown_client_hostname\'',
# '__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_recipient_restrictions '.
'= permit_mynetworks, permit_sasl_authenticated, '.
'reject_unauth_destination\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_relay_restrictions '.
lib/Net/FullAuto/ISets/Local/EmailServer_is.pm view on Meta::CPAN
# https://serverfault.com/questions/803920/postfix-configure-to-use-tlsv1-2
# https://www.howtoforge.com/howto_postfix_smtp_auth_tls_howto
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_use_tls = yes\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"postconf -e \'smtpd_tls_cert_file = ".
"/etc/letsencrypt/live/mail.$domain_url/fullchain.pem\'",
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"postconf -e \'smtpd_tls_key_file = ".
"/etc/letsencrypt/live/mail.$domain_url/privkey.pem\'",
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'strict_rfc821_envelopes = yes\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'disable_vrfy_command = yes\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'mailbox_size_limit = 0\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'message_size_limit = 0\'',
'__display__');
#($stdout,$stderr)=$handle->cmd($sudo.
# 'postconf -e \'proxy_read_maps = $local_recipient_maps '.
# '$mydestination $virtual_alias_maps $virtual_alias_domains '.
# '$virtual_mailbox_maps $virtual_mailbox_domains '.
# '$relay_recipient_maps $relay_domains $canonical_maps '.
# '$sender_canonical_maps $recipient_canonical_maps '.
# '$relocated_maps $transport_maps $mynetworks '.
# '$virtual_mailbox_limit_maps\'',
# '__display__');
$ad=<<END;
mailbox_transport = lmtp:unix:private/dovecot-lmtp
smtputf8_enable = no
virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_mailbox_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf,
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
virtual_alias_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf,
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf,
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
END
($stdout,$stderr)=$handle->cmd($sudo.
'cp -v /etc/postfix/main.cf ~',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chmod -v 777 ~/main.cf','__display__');
($stdout,$stderr)=$handle->cmd("echo -e \"$ad\" >> ".
"~/main.cf");
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i \'$d\' ~/main.cf');
($stdout,$stderr)=$handle->cmd($sudo.
'mv -fv ~/main.cf /etc/postfix/main.cf',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -v root:root /etc/postfix/main.cf',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chmod -v 644 /etc/postfix/main.cf',
'__display__');
if (ref $main::aws eq 'HASH') {
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e '.
'\'relayhost = [email-smtp.us-west-2.amazonaws.com]:587\' ',
'\'smtp_sasl_auth_enable = yes\' '.
'\'smtp_sasl_security_options = noanonymous\' '.
'\'smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd\' '.
'\'smtp_use_tls = yes\' '.
'\'smtp_tls_security_level = encrypt\' '.
'\'smtp_tls_note_starttls_offer = yes\' '.
'\'smtpd_tls_received_header = yes\'',
'__display__');
#
# echo-ing/streaming files over ssh can be tricky. Use echo -e
# and replace these characters with thier HEX
# equivalents (use an external editor for quick
# search and replace - and paste back results.
# use copy/paste or cat file and copy/paste results.):
#
# ! - \\x21 ` - \\x60 * - \\x2A
# " - \\x22 \ - \\x5C
# $ - \\x24 % - \\x25
#
my ($hash,$output,$error)=('','','');
my $c="aws iam list-access-keys --user-name ses_postfix_email";
($hash,$output,$error)=run_aws_cmd($c);
$hash||={};
foreach my $hash (@{$hash->{AccessKeyMetadata}}) {
my $c="aws iam delete-access-key ".
"--access-key-id $hash->{AccessKeyId} ".
"--user-name ses_postfix_email";
($hash,$output,$error)=run_aws_cmd($c);
}
sleep 1;
$c="aws iam delete-user --user-name ses_postfix_email";
($hash,$output,$error)=run_aws_cmd($c);
$c="aws iam create-user --user-name ses_postfix_email";
($hash,$output,$error)=run_aws_cmd($c);
$c="aws iam create-access-key --user-name ses_postfix_email";
($hash,$output,$error)=run_aws_cmd($c);
$hash||={};
my $access_id=$hash->{AccessKey}{AccessKeyId};
my $secret_access_key=$hash->{AccessKey}{SecretAccessKey};
my $python_smtp_generator=<<END;
#\\x21/usr/bin/env python3
import hmac
import hashlib
import base64
import argparse
SMTP_REGIONS = [
'us-east-2', # US East (Ohio)
'us-east-1', # US East (N. Virginia)
'us-west-2', # US West (Oregon)
'ap-south-1', # Asia Pacific (Mumbai)
lib/Net/FullAuto/ISets/Local/EmailServer_is.pm view on Meta::CPAN
'sa-east-1', # South America (Sao Paulo)
'us-gov-west-1', # AWS GovCloud (US)
]
# These values are required to calculate the signature. Do not change them.
DATE = \\x2211111111\\x22
SERVICE = \\x22ses\\x22
MESSAGE = \\x22SendRawEmail\\x22
TERMINAL = \\x22aws4_request\\x22
VERSION = 0x04
def sign(key, msg):
return hmac.new(key, msg.encode('utf-8'), hashlib.sha256).digest()
def calculate_key(secret_access_key, region):
if region not in SMTP_REGIONS:
raise ValueError(f\\x22The {region} Region doesn't have an SMTP endpoint.\\x22)
signature = sign((\\x22AWS4\\x22 + secret_access_key).encode('utf-8'), DATE)
signature = sign(signature, region)
signature = sign(signature, SERVICE)
signature = sign(signature, TERMINAL)
signature = sign(signature, MESSAGE)
signature_and_version = bytes([VERSION]) + signature
smtp_password = base64.b64encode(signature_and_version)
return smtp_password.decode('utf-8')
def main():
parser = argparse.ArgumentParser(
description='Convert a Secret Access Key for an IAM user to an SMTP password.')
parser.add_argument(
'secret', help='The Secret Access Key to convert.')
parser.add_argument(
'region',
help='The AWS Region where the SMTP password will be used.',
choices=SMTP_REGIONS)
args = parser.parse_args()
print(calculate_key(args.secret, args.region))
if __name__ == '__main__':
main()
END
($stdout,$stderr)=$handle->cmd(
"echo -e \"$python_smtp_generator\" > ~/smtp_credentials_generate.py");
($stdout,$stderr)=$handle->cwd('~');
my $smtppass='';
($smtppass,$stderr)=$handle->cmd(
"python smtp_credentials_generate.py $secret_access_key us-west-2");
my $sasl_password=<<"END";
[email-smtp.us-west-2.amazonaws.com]:587 $access_id:$smtppass
END
($stdout,$stderr)=$handle->cmd("echo -e \"$sasl_password\" > ".
"sasl_passwd");
($stdout,$stderr)=$handle->cmd($sudo.
'mv -v sasl_passwd /etc/postfix','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -v root:root /etc/postfix/sasl_passwd','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'rm -vf ~/smtp_credentials_generate.py','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postmap hash:/etc/postfix/sasl_passwd');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -v root:root /etc/postfix/sasl_passwd.db','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chmod -v 0600 /etc/postfix/sasl_passwd '.
'/etc/postfix/sasl_passwd.db','__display__');
my $sespolicy=<<END;
{
\\x22Version\\x22:\\x222012-10-17\\x22,
\\x22Statement\\x22: [{
\\x22Effect\\x22:\\x22Allow\\x22,
\\x22Action\\x22:\\x22ses:SendRawEmail\\x22,
\\x22Resource\\x22:\\x22*\\x22
}]}
END
chop $sespolicy;
($stdout,$stderr)=$handle->cmd(
"echo -e \"$sespolicy\" > ./sespolicy");
$c="aws iam list-policies";
($hash,$output,$error)=run_aws_cmd($c);
$hash||={};
foreach my $policy (@{$hash->{Policies}}) {
if ($policy->{PolicyName} eq 'sespolicy') {
$c="aws iam detach-user-policy --user-name ses_postfix_email ".
"--policy-arn $policy->{Arn}";
($hash,$output,$error)=run_aws_cmd($c);
$c="aws iam delete-policy --policy-arn $policy->{Arn}";
($hash,$output,$error)=run_aws_cmd($c);
last;
}
}
$c="aws iam create-policy --policy-name sespolicy --policy-document ".
"file://sespolicy";
($hash,$output,$error)=run_aws_cmd($c);
my $policy_arn=$hash->{Policy}->{Arn};
$c="aws iam attach-user-policy --user-name ses_postfix_email ".
"--policy-arn $policy_arn";
($hash,$output,$error)=run_aws_cmd($c);
($stdout,$stderr)=$handle->cmd($sudo.
'rm -rfv ./sespolicy','__display__');
} else {
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_sasl_type = dovecot\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_sasl_path = private/auth\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_sasl_local_domain = $mydomain\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_sasl_security_options = noanonymous\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_sasl_auth_enable = yes\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_tls_security_level = may\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_sasl_auth_enable = yes\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_tls_received_headers = yes\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_tls_auth_only = no\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_tls_log_level = 1\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_tls_note_starttls_offer = yes\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtpd_tls_session_cache_timeout = 3600s\'',
'__display__');
}
# TROUBLESHOOTING THE CONNECTION
# http://orcorc.blogspot.com/2010/04/running-down-stray-errors.html
# openssl s_client -connect localhost:25 -starttls smtp
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'postscreen_access_list = '.
'permit_mynetworks cidr:/etc/postfix/postscreen_access.cidr\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e \'postscreen_blacklist_action = drop\'',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.'ifconfig');
$stdout=~s/^.*?inet (.*?) .*$/$1/s;
$ad=<<END;
#permit my own IP addresses.
$public_ip/32 permit
$stdout/32 permit
END
($stdout,$stderr)=$handle->cmd("echo -e \"$ad\" > ".
"~/postscreen_access.cidr");
($stdout,$stderr)=$handle->cmd($sudo.
'mv -fv ~/postscreen_access.cidr /etc/postfix',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -v root:root /etc/postfix/postscreen_access.cidr',
'__display__');
$ad='submission inet n - - - - smtpd%NL%'.
' -o syslog_name=postfix/submission%NL%'.
' -o smtpd_tls_security_level=encrypt%NL%'.
' -o smtpd_sasl_auth_enable=yes%NL%'.
' -o smtpd_sasl_type=dovecot%NL%'.
' -o smtpd_sasl_path=private/auth%NL%'.
' -o smtpd_reject_unlisted_recipient=no%NL%'.
' -o smtpd_client_restrictions=permit_sasl_authenticated,reject%NL%'.
' -o milter_macro_daemon_name=ORIGINATING%NL%'.
'smtps inet n - - - - smtpd%NL%'.
' -o syslog_name=postfix/smtps%NL%'.
' -o smtpd_tls_wrappermode=yes%NL%'.
' -o smtpd_sasl_auth_enable=yes%NL%'.
' -o smtpd_sasl_type=dovecot%NL%'.
' -o smtpd_sasl_path=private/auth%NL%'.
' -o smtpd_client_restrictions=permit_sasl_authenticated,reject%NL%'.
' -o milter_macro_daemon_name=ORIGINATING';
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \'/tlsproxy/a$ad\' /etc/postfix/master.cf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \'s/%NL%/\'\"`echo \\\\\\n`/g\" ".
"/etc/postfix/master.cf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \'s/^smtp inet/Xsmtp inet/\' ".
"/etc/postfix/master.cf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \'s/#smtp inet/smtp inet/\' ".
"/etc/postfix/master.cf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \'s/#smtpd/smtpd/\' /etc/postfix/master.cf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \'s/#dnsblog/dnsblog/\' /etc/postfix/master.cf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \'s/#tlsproxy/tlsproxy/\' /etc/postfix/master.cf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \'s/Xsmtp/#smtp/\' /etc/postfix/master.cf");
# https://www.linode.com/community/questions/11498/postfix-does-not-start-correctly-on-linode-reboot-not-always
#
# echo-ing/streaming files over ssh can be tricky. Use echo -e
# and replace these characters with thier HEX
# equivalents (use an external editor for quick
# search and replace - and paste back results.
# use copy/paste or cat file and copy/paste results.):
#
# ! - \\x21 ` - \\x60 * - \\x2A
# " - \\x22 \ - \\x5C
# $ - \\x24 % - \\x25
#
$ad=<<'END';
[Unit]
Description=Postfix Mail Transport Agent
After=syslog.target network-online.target
Wants=network-online.target
Conflicts=sendmail.service exim.service
[Service]
Type=forking
PIDFile=/var/spool/postfix/pid/master.pid
EnvironmentFile=-/etc/sysconfig/network
lib/Net/FullAuto/ISets/Local/EmailServer_is.pm view on Meta::CPAN
($stdout,$stderr)=$handle->cmd($sudo.
'service postfix start','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'service postfix status -l','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'yum -y install nmap','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'yum -y install telnet','__display__');
#https://github.com/postfixadmin/postfixadmin/releases/latest
my $install_postfixadmin=<<'END';
o o o .oPYo. ooooo .oo o o o o o .oPYo.
8 8b 8 8 8 .P 8 8 8 8 8b 8 8 8
8 8`b 8 `Yooo. 8 .P 8 8 8 8 8`b 8 8
8 8 `b 8 `8 8 oPooo8 8 8 8 8 `b 8 8 oo
8 8 `b8 8 8 .P 8 8 8 8 8 `b8 8 8
8 8 `8 `YooP' 8 .P 8 8oooo 8oooo 8 8 `8 `YooP8
........................................................
::::::::::::::::::::::::::::::::::::::::::::::::::::::::
_ __ _ _ _
_ __ ___ ___| |_ / _(_)_ __ __ _ __| |_ __ ___ (_)_ __
| '_ \ / _ \/ __| __| |_| \ \/ / / _` |/ _` | '_ ` _ \| | '_ \
| |_) | (_) \__ \ |_| _| |> < | (_| | (_| | | | | | | | | | |
| .__/ \___/|___/\__|_| |_/_/\_(_)__,_|\__,_|_| |_| |_|_|_| |_|
|_|
(postfix.admin is **NOT** a sponsor of the FullAuto© Project.)
END
($stdout,$stderr)=$handle->cwd('/opt/source');
print $install_postfixadmin;
sleep 5;
($stdout,$stderr)=$handle->cmd($sudo.
'wget -qO- https://github.com/postfixadmin/'.
'postfixadmin/releases/latest');
$stdout=~s/^.*?return_to.*?(postfixadmin-.*?)["].*$/$1/s;
my $pfix=$stdout;
($stdout,$stderr)=$handle->cmd($sudo.
'wget --random-wait --progress=dot '.
'https://github.com/postfixadmin/postfixadmin'.
"/archive/$pfix.tar.gz",'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"tar xvf $pfix.tar.gz",'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"mv -v *$pfix /var/www/html/postfixadmin",
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /var/www/html/postfixadmin/templates_c',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -R www-data:www-data /var/www','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'find /var/www -type f');
foreach my $file (split /\n/, $stdout) {
($stdout,$stderr)=$handle->cmd($sudo.
'chmod -v 644 '.$file,'__display__');
}
($stdout,$stderr)=$handle->cmd($sudo.
'find /var/www -type d');
foreach my $dir (split /\n/, $stdout) {
($stdout,$stderr)=$handle->cmd($sudo.
'chmod -v 755 '.$dir,'__display__');
}
($stdout,$stderr)=$handle->cmd($sudo.
'setfacl -R -m u:www-data:rwx /var/www/html/postfixadmin/templates_c/',
'__display__');
#($stdout,$stderr)=$handle->cmd($sudo.
# 'chcon -t httpd_sys_rw_content_t '.
# '/var/www/html/postfixadmin/templates_c/ -R',
# '__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'setsebool -P httpd_can_network_connect 1',
'__display__');
# sudo setfacl -R -m u:nginx:rwx /var/lib/php/opcache/
# /var/lib/php/session/ /var/lib/php/wsdlcache/
($stdout,$stderr)=$handle->cmd($sudo.
'setfacl -R -m u:www-data:rx /etc/letsencrypt/live/ '.
'/etc/letsencrypt/archive/','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'php -r \'echo password_hash("'.$service_and_cert_password.
'", PASSWORD_DEFAULT);\'');
my $pfapassword=$stdout;
#
# echo-ing/streaming files over ssh can be tricky. Use echo -e
# and replace these characters with thier HEX
# equivalents (use an external editor for quick
# search and replace - and paste back results.
# use copy/paste or cat file and copy/paste results.):
#
# ! - \\x21 ` - \\x60 * - \\x2A
# " - \\x22 \ - \\x5C
# $ - \\x24 % - \\x25
#
$ad=<<END;
<?php
\\x24CONF['configured'] = true;
\\x24CONF['database_type'] = 'mysqli';
\\x24CONF['database_host'] = 'localhost';
\\x24CONF['database_port'] = '3306';
\\x24CONF['database_user'] = 'postfixadmin';
\\x24CONF['database_password'] = \'$service_and_cert_password\';
\\x24CONF['database_socket'] = '/var/run/mysqld/mysqld.sock';
\\x24CONF['database_name'] = 'postfixadmin';
\\x24CONF['encrypt'] = 'dovecot:SHA512';
\\x24CONF['dovecotpw'] = \\x22/usr/local/bin/doveadm pw -r 12\\x22;
\\x24CONF['setup_password'] = \'$pfapassword\';
\\x24CONF['default_aliases'] = array (
'abuse' => \'abuse\@$domain_url\',
'hostmaster' => \'hostmaster\@$domain_url\',
'postmaster' => \'postmaster\@$domain_url\',
'webmaster' => \'webmaster\@$domain_url\'
);
\\x24CONF['fetchmail'] = 'NO';
\\x24CONF['show_footer_text'] = 'NO';
\\x24CONF['quota'] = 'YES';
\\x24CONF['domain_quota'] = 'YES';
\\x24CONF['quota_multiplier'] = '1024000';
\\x24CONF['used_quotas'] = 'YES';
\\x24CONF['new_quota_table'] = 'YES';
\\x24CONF['aliases'] = '0';
\\x24CONF['mailboxes'] = '0';
\\x24CONF['maxquota'] = '0';
\\x24CONF['domain_quota_default'] = '0';
END
($stdout,$stderr)=$handle->cmd("echo -e \"$ad\" > ".
"~/pfa_config");
($stdout,$stderr)=$handle->cmd($sudo.
'mv -fv ~/pfa_config '.
'/var/www/html/postfixadmin/config.local.php',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -R www-data:www-data /var/www/html/postfixadmin',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'bash /var/www/postfixadmin/scripts/postfixadmin-cli '.
'admin add superadmin@'.$domain_url.' --superadmin 1 '.
'--active 1 --password '.$service_and_cert_password.' --password2 '.
$service_and_cert_password,'__display__');
$ad=<<END;
server {
listen 80;
listen [::]:80;
server_name postfixadmin.$domain_url;
root /var/www/html/postfixadmin/public/;
index index.php index.html;
access_log /var/log/nginx/postfixadmin_access.log;
error_log /var/log/nginx/postfixadmin_error.log;
location / {
try_files \\x24uri \\x24uri/ /index.php;
}
location ~ ^/(.+\\x5C.php)\\x24 {
try_files \\x24uri =404;
fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME \\x24document_root\\x24fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
}
}
END
($stdout,$stderr)=$handle->cmd(
"cp -v /etc/nginx/nginx.conf ~/nginx.conf",
'__display__');
($stdout,$stderr)=$handle->cmd(
'sed -i "s/^}}/}/" ~/nginx.conf');
($stdout,$stderr)=$handle->cmd("echo -e \"$ad\" >> ".
"~/nginx.conf");
($stdout,$stderr)=$handle->cmd($sudo.
'mv -v ~/nginx.conf /etc/nginx/nginx.conf',
'__display__');
sleep 2;
($stdout,$stderr)=$handle->cmd($sudo.
'service nginx restart','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'service nginx status -l','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'certbot -n --nginx --debug --agree-tos --email '.
"$email_address -d postfixadmin.$domain_url",
'__display__');
my $install_dovecot=<<'END';
o o o .oPYo. ooooo .oo o o o o o .oPYo.
8 8b 8 8 8 .P 8 8 8 8 8b 8 8 8
8 8`b 8 `Yooo. 8 .P 8 8 8 8 8`b 8 8
8 8 `b 8 `8 8 oPooo8 8 8 8 8 `b 8 8 oo
8 8 `b8 8 8 .P 8 8 8 8 8 `b8 8 8
lib/Net/FullAuto/ISets/Local/EmailServer_is.pm view on Meta::CPAN
"sed -i \'s/auth_mechanisms = plain/$ad/\' ".
"/usr/local/etc/dovecot/conf.d/10-auth.conf");
$ad='auth_username_format = %u';
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \'s/#auth_username_format = %Lu/$ad\' ".
"/usr/local/etc/dovecot/conf.d/10-auth.conf");
$ad='!include auth-sql.conf.ext';
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \'s/#!include auth-sql.conf.ext/$ad/\' ".
"/usr/local/etc/dovecot/conf.d/10-auth.conf");
$ad='#!include auth-system.conf.ext';
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \'s/!include auth-system.conf.ext/$ad/\' ".
"/usr/local/etc/dovecot/conf.d/10-auth.conf");
($stdout,$stderr)=$handle->cmd($sudo.
'cp -v /usr/local/etc/dovecot/conf.d/10-auth.conf ~',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chmod -v 777 ~/10-auth.conf','__display__');
$ad=<<END;
auth_debug = yes
auth_debug_passwords = yes
END
($stdout,$stderr)=$handle->cmd(
"echo -e \"$ad\" >> ~/10-auth.conf");
($stdout,$stderr)=$handle->cmd($sudo.
'mv -v ~/10-auth.conf /usr/local/etc/dovecot/conf.d/10-auth.conf',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'cp -v conf.d/auth-sql.conf.ext '.
'/usr/local/etc/dovecot/conf.d',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \'s#args = /etc#args = /usr/local/etc#\' ".
"/usr/local/etc/dovecot/conf.d/auth-sql.conf.ext");
($stdout,$stderr)=$handle->cmd($sudo.
'cp -v dovecot-sql.conf.ext /usr/local/etc/dovecot',
'__display__');
$ad='%NL%'.
'driver = mysql%NL%'.
'connect = host=/var/run/mysqld/mysqld.sock dbname=postfixadmin '.
"user=postfixadmin password=$service_and_cert_password%NL%".
'default_pass_scheme = SHA512-CRYPT%NL%'.
'password_query = SELECT username as user, '.
'password FROM mailbox WHERE username=%SQ%%u%SQ% AND '.
'active=%SQ%1%SQ%%NL%'.
'user_query = SELECT maildir, 2000 AS uid, 2000 AS gid '.
'FROM mailbox WHERE username = %SQ%%u%SQ% and '.
'active=%SQ%1%SQ%%NL%'.
'iterate_query = SELECT username AS user FROM mailbox';
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \'/iterate_query/a$ad\' ".
"/usr/local/etc/dovecot/dovecot-sql.conf.ext");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \'s/%NL%/\'\"`echo \\\\\\n`/g\" ".
"/usr/local/etc/dovecot/dovecot-sql.conf.ext");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"s/%SQ%/\'/g\" ".
"/usr/local/etc/dovecot/dovecot-sql.conf.ext");
($stdout,$stderr)=$handle->cmd($sudo.
"chown -Rv vmail:dovecot /usr/local/etc/dovecot",
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"chmod -R o-rwx /usr/local/etc/dovecot",
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"cp -v conf.d/10-master.conf ".
"/usr/local/etc/dovecot/conf.d",
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"s/#ssl =/ssl =/g\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"s/#port = 143/port = 0/\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"s/#port = 993/port = 993/\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"s/#port = 995/port = 995/\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"s/#port = 110/port = 0/\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
$ad='unix_listener /var/spool/postfix/private/dovecot-lmtp';
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"s*unix_listener lmtp*$ad*\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"0,/#mode = 0666/{s/#mode = 0666/mode = 0600X/}\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"0,/#mode = 0666/{s/#mode = 0666/mode = 0660/}\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"0,/#user = /{s/#user =/user = postfix/}\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"0,/#group = /{s/#group =/group = postfix/}\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"/mode = 0600/a%SP%%SP%%SP%%SP%group = postfix\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"s/%SP%/ /g\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"/mode = 0600/a%SP%%SP%%SP%%SP%user = postfix\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"s/# mode = 0666/ mode = 0600X/\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"0,/#}/ s/#}/X}/\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"0,/#}/ s/#}/}/\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"s/X}/#}/\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
lib/Net/FullAuto/ISets/Local/EmailServer_is.pm view on Meta::CPAN
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"s/#port = 587/port = 8587/\" ".
"/usr/local/etc/dovecot/conf.d/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"cp -v conf.d/auth-system.conf.ext ".
"/usr/local/etc/dovecot/conf.d",
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"cp -v conf.d/10-ssl.conf ".
"/usr/local/etc/dovecot/conf.d",
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"s/#ssl = yes/ssl = required/\" ".
"/usr/local/etc/dovecot/conf.d/10-ssl.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"s*ssl/certs/dovecot.pem*".
"letsencrypt/live/mail.$domain_url/fullchain.pem*\" ".
"/usr/local/etc/dovecot/conf.d/10-ssl.conf");
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"s*ssl/private/dovecot.pem*".
"letsencrypt/live/mail.$domain_url/privkey.pem*\" ".
"/usr/local/etc/dovecot/conf.d/10-ssl.conf");
$ad=<<END;
service stats {
unix_listener stats-reader {
user = www-data
group = www-data
mode = 0660
}
unix_listener stats-writer {
user = www-data
group = www-data
mode = 0660
}
}
END
($stdout,$stderr)=$handle->cmd($sudo.
'cp -v /usr/local/etc/dovecot/conf.d/10-master.conf ~',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chmod -v 777 ~/10-master.conf','__display__');
($stdout,$stderr)=$handle->cmd(
"echo -e \"$ad\" >> ~/10-master.conf");
($stdout,$stderr)=$handle->cmd($sudo.
'mv -v ~/10-master.conf /usr/local/etc/dovecot/conf.d/10-master.conf',
'__display__');
my $name=getpwuid($<);
($stdout,$stderr)=$handle->cmd($sudo.
"gpasswd -a $name dovecot",'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"ls -1 /usr/local/etc/dovecot/conf.d");
foreach my $file (split /\n/, $stdout) {
next if $file=~/\.+$/;
($stdout,$stderr)=$handle->cmd($sudo.
"chmod -v 660 /usr/local/etc/dovecot/conf.d/$file",
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"chown -v vmail:dovecot /usr/local/etc/dovecot/conf.d/$file",
'__display__');
}
($stdout,$stderr)=$handle->cmd($sudo.
"gpasswd -d $name dovecot",'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'gpasswd -a www-data dovecot','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'gpasswd -a www-data vmail','__display__');
($stdout,$stderr)=$handle->cwd("/opt/source/$gtarfile");
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /var/run/dovecot','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'cp -v dovecot.service.in /etc/systemd/system/dovecot.service',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "s#PIDFile=/usr/local#PIDFile=#" '.
'/etc/systemd/system/dovecot.service');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "s*.sbindir.*/usr/local/sbin*" '.
'/etc/systemd/system/dovecot.service');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "s/#ProtectSystem/ProtectSystem/" '.
'/etc/systemd/system/dovecot.service');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "s*.bindir.*/usr/local/bin*" '.
'/etc/systemd/system/dovecot.service');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "s*.rundir.*/var/run/dovecot*" '.
'/etc/systemd/system/dovecot.service');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "s*@systemdservicetype@*simple*" '.
'/etc/systemd/system/dovecot.service');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "/ExecStop/iKillMode=none" '.
'/etc/systemd/system/dovecot.service');
($stdout,$stderr)=$handle->cmd($sudo.
'systemctl daemon-reload');
($stdout,$stderr)=$handle->cmd($sudo.
'systemctl enable saslauthd.service','__display__');
sleep 2;
($stdout,$stderr)=$handle->cmd($sudo.
'service saslauthd restart','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'service saslauthd status -l','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'systemctl enable dovecot.service'.'__display__');
sleep 2;
($stdout,$stderr)=$handle->cmd($sudo.
'service dovecot restart','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'service dovecot status -l','__display__');
($stdout,$stderr)=$handle->cwd('/opt/source');
my $install_roundcube=<<'END';
o o o .oPYo. ooooo .oo o o o o o .oPYo.
8 8b 8 8 8 .P 8 8 8 8 8b 8 8 8
8 8`b 8 `Yooo. 8 .P 8 8 8 8 8`b 8 8
8 8 `b 8 `8 8 oPooo8 8 8 8 8 `b 8 8 oo
8 8 `b8 8 8 .P 8 8 8 8 8 `b8 8 8
lib/Net/FullAuto/ISets/Local/EmailServer_is.pm view on Meta::CPAN
888 "Y88P" "Y88888888 888 "Y88888 "Y8888P "Y8888888888P" "Y8888
(roundcube is **NOT** a sponsor of the FullAuto© Project.)
END
# http://charmingwebdesign.com/setup-roundcube-use-amazon-ses-send-email/
# https://astroman.org/blog/2017/04/e-mail-server-hosting-on-amazon-ec2/
# https://speedkills.io/email-server-aws/
# https://www.linode.com/community/questions/10148/postfix-dovecot-mysql-amazon-ses
($stdout,$stderr)=$handle->cwd('/opt/source');
print $install_roundcube;
sleep 5;
($stdout,$stderr)=$handle->cmd($sudo.
'wget -qO- https://roundcube.net/download/');
$stdout=~s/^.*?Stable version.*?href=["](https[^"]+)?["].*$/$1/s;
$gtarfile=$stdout;
($stdout,$stderr)=$handle->cmd($sudo.
"wget --random-wait --progress=dot ".$stdout,
'__display__');
$gtarfile=~s/^.*\///;
($stdout,$stderr)=$handle->cmd($sudo.
"tar xvf $gtarfile",'__display__');
$gtarfile=~s/.tar.gz$//;
($stdout,$stderr)=$handle->cwd($gtarfile);
# https://copypaste.guru/WhereIsMyPHPpackage/how-to-install-the-php-package-tecnickcom-tcpdf-with-composer
# composer require tecnickcom/tcpdf
# composer require setasign/fpdi
($stdout,$stderr)=$handle->cmd($sudo.
"wget --random-wait --progress=dot ".
"https://getcomposer.org/composer-stable.phar",
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'cp -v composer.json-dist composer.json','__display__');
$handle->print($sudo.'php composer-stable.phar install --no-dev');
$prompt=$handle->prompt();
while (1) {
my $output.=fetch($handle);
last if $output=~/$prompt/;
print $output;
if (-1<index $output,'user') {
$handle->print('yes');
$output='';
} sleep 1;
}
($stdout,$stderr)=$handle->cmd($sudo.
'bin/install-jsdeps.sh','__display__');
my $rcfile='./SQL/mysql.initial.sql';
($stdout,$stderr)=$handle->cmd($sudo.
'mysql --verbose --force -u roundcube -p'.
"'".$service_and_cert_password."' roundcube < $rcfile",
'__display__');
($stdout,$stderr)=$handle->cwd('/opt/source');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /var/www/html/roundcube','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"cp -Rv $gtarfile/* /var/www/html/roundcube",
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -R www-data:www-data /var/www/html/roundcube',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'find /var/www/html/roundcube -type f');
foreach my $file (split /\n/, $stdout) {
($stdout,$stderr)=$handle->cmd($sudo.
'chmod -v 644 '.$file,'__display__');
}
($stdout,$stderr)=$handle->cmd($sudo.
'find /var/www -type d');
foreach my $dir (split /\n/, $stdout) {
($stdout,$stderr)=$handle->cmd($sudo.
'chmod -v 755 '.$dir,'__display__');
}
($stdout,$stderr)=$handle->cmd($sudo.
'gpasswd -a www-data mysql','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"setfacl -R -m u:www-data:rwx /var/www/html/roundcube/temp/ ".
"/var/www/html/roundcube/logs/",'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'cp -vp /var/www/html/roundcube/config/config.inc.php.sample '.
'/var/www/html/roundcube/config/config.inc.php','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'cp -vp /var/www/html/roundcube/plugins/managesieve/config.inc.php.dist '.
'/var/www/html/roundcube/plugins/managesieve/config.inc.php',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "s/_vacation\'\] = 0/_vacation\'\] = 1/" '.
'/var/www/html/roundcube/plugins/managesieve/config.inc.php');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "s/_forward\'\] = 0/_forward\'\] = 1/" '.
'/var/www/html/roundcube/plugins/managesieve/config.inc.php');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /var/mail/vmail/pgp-keys','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -v vmail:vmail /var/mail/vmail/pgp-keys',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chmod -v 775 /var/mail/vmail/pgp-keys',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'cp -vp /var/www/html/roundcube/plugins/enigma/config.inc.php.dist '.
'/var/www/html/roundcube/plugins/enigma/config.inc.php',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'cp -vp /var/www/html/roundcube/plugins/markasjunk/config.inc.php.dist '.
'/var/www/html/roundcube/plugins/markasjunk/config.inc.php',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "s#_pgp_homedir\'\] = null;#_pgp_homedir\'\]'.
' = \'/var/mail/vmail/pgp-keys\';#" '.
'/var/www/html/roundcube/plugins/enigma/config.inc.php');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "/zipdownload/a%SP%%SP%%SP%%SP%\'managesieve\'," '.
'/var/www/html/roundcube/config/config.inc.php');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "/managesieve/a%SP%%SP%%SP%%SP%\'enigma\'," '.
'/var/www/html/roundcube/config/config.inc.php');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "/enigma/a%SP%%SP%%SP%%SP%\'markasjunk\'," '.
'/var/www/html/roundcube/config/config.inc.php');
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i \"s/%SP%/ /g\" ".
'/var/www/html/roundcube/config/config.inc.php');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "s#roundcube:pass#roundcube:'.$service_and_cert_password.
'#" /var/www/html/roundcube/config/config.inc.php');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "s#roundcubemail#roundcube#" '.
'/var/www/html/roundcube/config/config.inc.php');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "s#localhost\'#ssl://mail.'.$domain_url.'\'#" '.
'/var/www/html/roundcube/config/config.inc.php');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "s#= 587# = 465#" '.
'/var/www/html/roundcube/config/config.inc.php');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "s#Roundcube Webmail#GetWisdom Webmail#" '.
'/var/www/html/roundcube/config/config.inc.php');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "s#\'\'#\'https://www.getwisdom.com/contact-us\'#" '.
'/var/www/html/roundcube/config/config.inc.php');
my $p_wrd=
$Net::FullAuto::ISets::Local::EmailServer_is::create_strong_password->(24);
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i "s#rcmail-\!24ByteDESkey\*Str#'.$p_wrd.'#" '.
'/var/www/html/roundcube/config/config.inc.php');
($stdout,$stderr)=$handle->cmd($sudo.
'/usr/local/php'.$vn.'/bin/pear channel-update pear.php.net',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'/usr/local/php'.$vn.'/bin/pear install Mail_Mime',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'/usr/local/php'.$vn.'/bin/pear install Net_SMTP',
'__display__');
lib/Net/FullAuto/ISets/Local/EmailServer_is.pm view on Meta::CPAN
END
($stdout,$stderr)=$handle->cwd('/opt/source');
print $install_redis;
sleep 5;
my $done=0;my $gittry=0;
while ($done==0) {
($stdout,$stderr)=$handle->cmd($sudo.
'git clone --recursive https://github.com/redis/redis.git',
'__display__');
if (++$gittry>5) {
print "\n\n FATAL ERROR: $stderr\n\n";
cleanup();
}
my $gittest='Connection reset by peer|'.
'Could not read from remote repository';
$done=1 if $stderr!~/$gittest/s;
last if $done;
sleep 30;
}
($stdout,$stderr)=$handle->cwd('redis');
($stdout,$stderr)=$handle->cmd($sudo.
'git tag --list');
$stdout=~s/^.*[^v](\d+\.\d+\.\d+)\s.*$/$1/s;
($stdout,$stderr)=$handle->cmd($sudo.
"git checkout $stdout");
($stdout,$stderr)=$handle->cmd($sudo.
"git status",'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'make CFLAGS="-I/usr/local/include/openssl" '.
'LDFLAGS="-L/usr/local/lib64" '.
'BUILD_TLS=yes USE_SYSTEMD=yes','__display__');
($stdout,$stderr)=$handle->cwd('src');
($stdout,$stderr)=$handle->cmd($sudo.
'/usr/local/bin/gcc -pedantic -DREDIS_STATIC= -std=c11 -Wall -W '.
'-Wno-missing-field-initializers -O2 -g -ggdb '.
'-I../deps/lua/src -I../deps/hiredis '.
'-I/usr/local/include/openssl -MMD -o '.
'sentinel.o -c sentinel.c',
'__display__');
($stdout,$stderr)=$handle->cwd('/opt/source/redis');
($stdout,$stderr)=$handle->cmd($sudo.
'make CFLAGS="-I/usr/local/include/openssl" '.
'LDFLAGS="-L/usr/local/lib64" '.
'BUILD_TLS=yes USE_SYSTEMD=yes','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"make install",'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i '/information/avm.overcommit_memory = 1' /etc/sysctl.conf");
($stdout,$stderr)=$handle->cmd($sudo.
'sysctl vm.overcommit_memory=1');
($stdout,$stderr)=$handle->cmd($sudo.
"sed -i '/overcommit/anet.core.somaxconn=65535' /etc/sysctl.conf");
($stdout,$stderr)=$handle->cmd($sudo.
'sysctl net.core.somaxconn=65535');
($stdout,$stderr)=$handle->cmd($sudo.
'useradd redis --system --uid 5002 -s /usr/bin/nologin '.
'--user-group --no-create-home');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /usr/local/var/lib/redis','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -v redis:redis /usr/local/var/lib/redis','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /usr/local/var/log/redis','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -v redis:redis /usr/local/var/log/redis','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /usr/local/var/run/redis','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -v redis:redis /usr/local/var/run/redis','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /usr/local/etc/redis','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -v redis:redis /usr/local/etc/redis','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'cp -v redis.conf /usr/local/etc/redis','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /var/run/redis','__display__');
#
# echo-ing/streaming files over ssh can be tricky. Use echo -e
# and replace these characters with thier HEX
# equivalents (use an external editor for quick
# search and replace - and paste back results.
# use copy/paste or cat file and copy/paste results.):
#
# ! - \\x21 ` - \\x60 * - \\x2A
# " - \\x22 \ - \\x5C
# $ - \\x24 % - \\x25
#
my $redis_service=<<'END';
# example systemd service unit file for redis-server
#
# In order to use this as a template for providing a redis service in your
# environment, _at the very least_ make sure to adapt the redis configuration
# file you intend to use as needed (make sure to set \\x22supervised systemd\\x22), and
# to set sane TimeoutStartSec and TimeoutStopSec property values in the unit's
# \\x22[Service]\\x22 section to fit your needs.
#
# Some properties, such as User= and Group=, are highly desirable for virtually
# all deployments of redis, but cannot be provided in a manner that fits all
# expectable environments. Some of these properties have been commented out in
# this example service unit file, but you are highly encouraged to set them to
# fit your needs.
#
# Please refer to systemd.unit(5), systemd.service(5), and systemd.exec(5) for
# more information.
[Unit]
Description=Redis data structure server
Wants=network-online.target
After=network-online.target
Documentation=http://redis.io/documentation, man:redis-server(1)
[Service]
Type=notify
ExecStart=/usr/local/bin/redis-server /usr/local/etc/redis/redis.conf --supervised systemd --daemonize no
ExecStop=/bin/kill -s TERM \\x24MAINPID
PIDFile=/var/run/redis/redis.pid
Restart=always
User=redis
Group=redis
RuntimeDirectory=redis
RuntimeDirectoryMode=2755
TimeoutStopSec=90
TimeoutStartSec=90
UMask=0077
PrivateTmp=yes
NoNewPrivileges=yes
LimitNOFILE=65535
PrivateDevices=yes
ProtectHome=yes
ReadOnlyDirectories=/
WorkingDirectory=/usr/local/var/lib/redis
lib/Net/FullAuto/ISets/Local/EmailServer_is.pm view on Meta::CPAN
($stdout,$stderr)=$handle->cmd($sudo.
'make','3600','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'make install','__display__');
#($stdout,$stderr)=$handle->cwd('/opt/source');
#($stdout,$stderr)=$handle->cmd($sudo.
# 'wget -qO- http://site.icu-project.org/download');
#$stdout=~s/^.*[<]i[>]ICU (.*?) is now available.*$/$1/s;
#$stdout=~s/\./-/g;
#($stdout,$stderr)=$handle->cmd($sudo.
# 'git clone https://github.com/unicode-org/icu.git '.
# "--depth=1 --branch=release-$stdout",'__display__');
($stdout,$stderr)=$handle->cwd('/opt/source');
($stdout,$stderr)=$handle->cwd('rspamd');
($stdout,$stderr)=$handle->cmd($sudo.'git -P tag -l');
$stdout=~s/^.*\n(.*)$/$1/s;
($stdout,$stderr)=$handle->cmd($sudo.
"git checkout $stdout",'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -v rspamd.build','__display__');
($stdout,$stderr)=$handle->cwd('rspamd.build');
($stdout,$stderr)=$handle->cmd($sudo.
'/usr/local/bin/cmake .. -DENABLE_HYPERSCAN=ON -DENABLE_LUAJIT=ON '.
'-DCMAKE_BUILD_TYPE=RelWithDebuginfo '.
'-DCMAKE_CXX_COMPILER=/usr/local/bin/g++ '.
'-DCMAKE_C_COMPILER=/usr/local/bin/gcc '.
'-DCMAKE_INSTALL_RPATH=/usr/local/lib64 '.
'-DOPENSSL_ROOT_DIR=/usr/local/include/openssl',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'make','3600','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'make install','__display__');
# https://linuxize.com/post/install-and-integrate-rspamd/
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i \'/include/a\/usr/local/lib64\' /etc/ld.so.conf');
($stdout,$stderr)=$handle->cmd($sudo.
'ldconfig -v','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /usr/local/etc/rspamd/local.d','__display__');
$ad='use = ["x-spamd-bar", "x-spam-level", "authentication-results"];';
($stdout,$stderr)=$handle->cmd("echo -e \"$ad\" > ".
"~/milter_headers.conf");
($stdout,$stderr)=$handle->cmd($sudo.
'mv -fv ~/milter_headers.conf /usr/local/etc/rspamd/local.d',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'cp -v ../rspamd.service /etc/systemd/system','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i \'s#/usr/bin#/usr/local/bin#\' '.
'/etc/systemd/system/rspamd.service');
($stdout,$stderr)=$handle->cmd($sudo.
'sed -i \'s#/etc#/usr/local/etc#\' '.
'/etc/systemd/system/rspamd.service');
($stdout,$stderr)=$handle->cmd($sudo.
'useradd _rspamd --system --uid 5004 -s /usr/bin/nologin '.
'--user-group --no-create-home');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /var/log/rspamd','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -v _rspamd:_rspamd /var/log/rspamd','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /var/lib/rspamd','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -v _rspamd:_rspamd /var/lib/rspamd','__display__');
($stdout,$stderr)=$handle->cmd(
'echo -e "bind_socket = \\x22127.0.0.1:11333\\x22;" > ~/wn.inc');
($stdout,$stderr)=$handle->cmd($sudo.
'mv -v ~/wn.inc /usr/local/etc/rspamd/local.d/worker-normal.inc',
'__display__');
my $wp_inc=<<END;
bind_socket = \\x22127.0.0.1:11332\\x22;
milter = yes;
timeout = 120s;
upstream \\x22local\\x22 {
default = yes;
self_scan = yes;
}
END
($stdout,$stderr)=$handle->cmd(
"echo -e \"$wp_inc\" > ~/wp.inc");
($stdout,$stderr)=$handle->cmd($sudo.
'mv -v ~/wp.inc /usr/local/etc/rspamd/local.d/worker-proxy.inc',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
"/usr/local/bin/rspamadm pw --encrypt -p ".
$service_and_cert_password);
$stdout=~s#\$#\\\\x24#g;
($stdout,$stderr)=$handle->cmd(
"echo -e \"password = \\x22$stdout\\x22;\" > ~/wc.inc");
($stdout,$stderr)=$handle->cmd($sudo.
'mv -v ~/wc.inc /usr/local/etc/rspamd/local.d/worker-controller.inc',
'__display__');
my $cb_conf=<<END;
servers = \\x22127.0.0.1\\x22;
backend = \\x22redis\\x22;
END
($stdout,$stderr)=$handle->cmd(
"echo -e \"$cb_conf\" > ~/cb.conf");
($stdout,$stderr)=$handle->cmd($sudo.
'mv -v ~/cb.conf /usr/local/etc/rspamd/local.d/classifier-bayes.conf',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e "milter_protocol = 6"',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e "milter_mail_macros = i {mail_addr} '.
'{client_addr} {client_name} {auth_authen}"',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e "milter_default_action = accept"',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e "smtpd_milters = inet:127.0.0.1:11332"',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e "non_smtpd_milters = inet:127.0.0.1:11332"',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e "default_destination_rate_delay = 2s"',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'postconf -e "default_destination_recipient_limit = 50"',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
lib/Net/FullAuto/ISets/Local/EmailServer_is.pm view on Meta::CPAN
'/usr/local/etc/dovecot/conf.d/90-sieve.conf',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /var/mail/vmail/sieve/global','__display__');
$ad=<<END;
require [\\x22fileinto\\x22,\\x22mailbox\\x22];
if anyof(
header :contains [\\x22X-Spam-Flag\\x22] \\x22YES\\x22,
header :contains [\\x22X-Spam\\x22] \\x22Yes\\x22,
header :contains [\\x22Subject\\x22] \\x22\\x2A\\x2A\\x2A SPAM \\x2A\\x2A\\x2A\\x22
)
{
fileinto :create \\x22Spam\\x22;
stop;
}
END
($stdout,$stderr)=$handle->cmd(
"echo -e \"$ad\" >> ~/spam-global.sieve");
($stdout,$stderr)=$handle->cmd($sudo.
'mv -v ~/spam-global.sieve '.
'/var/mail/vmail/sieve/global/spam-global.sieve',
'__display__');
$ad=<<END;
require [\\x22vnd.dovecot.pipe\\x22, \\x22copy\\x22, \\x22imapsieve\\x22];
pipe :copy \\x22rspamc\\x22 [\\x22learn_spam\\x22];
END
($stdout,$stderr)=$handle->cmd(
"echo -e \"$ad\" >> ~/report-spam.sieve");
($stdout,$stderr)=$handle->cmd($sudo.
'mv -v ~/report-spam.sieve '.
'/var/mail/vmail/sieve/global/report-spam.sieve',
'__display__');
$ad=<<END;
require [\\x22vnd.dovecot.pipe\\x22, \\x22copy\\x22, \\x22imapsieve\\x22];
pipe :copy \\x22rspamc\\x22 [\\x22learn_ham\\x22];
END
($stdout,$stderr)=$handle->cmd(
"echo -e \"$ad\" >> ~/report-ham.sieve");
($stdout,$stderr)=$handle->cmd($sudo.
'mv -v ~/report-ham.sieve '.
'/var/mail/vmail/sieve/global/report-ham.sieve',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'service dovecot restart','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'service dovecot status -l','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'/usr/local/bin/sievec '.
'/var/mail/vmail/sieve/global/spam-global.sieve',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'/usr/local/bin/sievec '.
'/var/mail/vmail/sieve/global/report-spam.sieve',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'/usr/local/bin/sievec '.
'/var/mail/vmail/sieve/global/report-ham.sieve',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -Rv vmail: /var/mail/vmail/sieve/',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'mkdir -vp /var/lib/rspamd/dkim/','__display__');
($stdout,$stderr)=$handle->cmd('sudo '.
'/usr/local/bin/rspamadm dkim_keygen -b 2048 -s mail -k '.
'/var/lib/rspamd/dkim/mail.key | sudo tee -a '.
'/var/lib/rspamd/dkim/mail.pub','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chown -Rv _rspamd: /var/lib/rspamd/dkim',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'chmod -v 440 /var/lib/rspamd/dkim/*','__display__');
$ad=<<END;
selector = \\x22mail\\x22;
path = \\x22/var/lib/rspamd/dkim/\\x24selector.key\\x22;
allow_username_mismatch = true;
END
($stdout,$stderr)=$handle->cmd(
"echo -e \"$ad\" >> ~/dkim_signing.conf");
($stdout,$stderr)=$handle->cmd($sudo.
'mv -v ~/dkim_signing.conf '.
'/usr/local/etc/rspamd/local.d/dkim_signing.conf',
'__display__');
sleep 2;
($stdout,$stderr)=$handle->cmd($sudo.
'cp -v /usr/local/etc/rspamd/local.d/dkim_signing.conf '.
'/usr/local/etc/rspamd/local.d/arc.conf',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'systemctl enable rspamd.service','__display__');
sleep 2;
($stdout,$stderr)=$handle->cmd($sudo.
'service rspamd restart','__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'service rspamd status -l','__display__');
($stdout,$stderr)=$handle->cwd('/opt/source');
$done=0;$gittry=0;
while ($done==0) {
($stdout,$stderr)=$handle->cmd($sudo.
'git clone https://github.com/YJesus/Unhide.git',
'__display__');
if (++$gittry>5) {
print "\n\n FATAL ERROR: $stderr\n\n";
cleanup();
}
my $gittest='Connection reset by peer|'.
'Could not read from remote repository';
$done=1 if $stderr!~/$gittest/s;
last if $done;
sleep 30;
}
($stdout,$stderr)=$handle->cwd('Unhide');
($stdout,$stderr)=$handle->cmd(
'sudo /usr/local/bin/gcc -Wall -O2 -l:libpthread.so '.
'unhide-linux*.c unhide-output.c -o unhide-linux',
'__display__');
($stdout,$stderr)=$handle->cmd(
'sudo /usr/local/bin/gcc -Wall -O2 unhide_rb.c -o unhide_rb',
'__display__');
($stdout,$stderr)=$handle->cmd(
'sudo /usr/local/bin/gcc -Wall -O2 unhide-tcp.c '.
'unhide-tcp-fast.c unhide-output.c -o unhide-tcp',
'__display__');
($stdout,$stderr)=$handle->cmd(
'sudo /usr/local/bin/gcc -Wall -O2 unhide-posix.c -o unhide-posix',
'__display__');
($stdout,$stderr)=$handle->cmd($sudo.
'cp -v unhide-linux unhide_rb unhide-tcp unhide-posix /usr/bin',
'__display__');
( run in 0.567 second using v1.01-cache-2.11-cpan-71847e10f99 )