#!/bin/sh set -e if [ "$1" = "configure" ]; then CONFFILES="dovecot.conf \ dovecot-db.conf.ext \ dovecot-dict-sql.conf.ext \ dovecot-sql.conf.ext \ conf.d/10-auth.conf \ conf.d/10-director.conf \ conf.d/10-logging.conf \ conf.d/10-mail.conf \ conf.d/10-master.conf \ conf.d/10-ssl.conf \ conf.d/15-lda.conf \ conf.d/90-acl.conf \ conf.d/90-plugin.conf \ conf.d/90-quota.conf \ conf.d/auth-deny.conf.ext \ conf.d/auth-master.conf.ext \ conf.d/auth-passwdfile.conf.ext \ conf.d/auth-static.conf.ext \ conf.d/auth-system.conf.ext \ conf.d/auth-vpopmail.conf.ext" OLD_CONFFILES="dovecot-ldap.conf \ dovecot-sql.conf \ protocols.conf \ dovecot-ldap.conf.ext \ conf.d/20-imap.conf \ conf.d/20-lmtp.conf \ conf.d/20-managesieve.conf \ conf.d/20-pop3.conf \ conf.d/90-sieve.conf \ conf.d/auth-ldap.conf.ext" for conffile in $OLD_CONFFILES ; do if ucfq "/etc/dovecot/${conffile}" --with-colons | grep -q "^/etc/dovecot/${conffile}:dovecot-common:"; then ucf --purge /etc/dovecot/$conffile ucfr --purge dovecot-common /etc/dovecot/$conffile if [ "$conffile" = "protocols.conf" ]; then rm -f "/etc/dovecot/protocols.conf" fi fi done for conffile in $CONFFILES ; do # Tell ucf that the file in /usr/share/dovecot is the latest # maintainer version, and let it handle how to manage the real # configuration file in /etc/dovecot. ucf --three-way /usr/share/dovecot/$conffile /etc/dovecot/$conffile ucfr dovecot-common /etc/dovecot/$conffile if [ "$conffile" != "dovecot.conf" ] && [ -f "/etc/dovecot/$conffile" ] && [ `echo $conffile | cut -b -7` != "conf.d/" ]; then chmod 0600 /etc/dovecot/$conffile fi done if [ -n "`id -u imapd 2> /dev/null`" ]; then deluser imapd || true delgroup imapd || true fi ## Users # if [ -z "`id -u dovecot 2> /dev/null`" ]; then adduser --system --group --home /usr/lib/dovecot --gecos "Dovecot mail server" \ --no-create-home --disabled-password --quiet dovecot || true fi if [ -z "`id -u dovenull 2> /dev/null`" ]; then adduser --system --home /nonexistent --no-create-home --gecos "Dovecot login user" \ --disabled-password --quiet dovenull || true fi ## SSL Certs # Certs and key file SSL_CERT=$( (grep -m 1 "ssl_cert_file" /etc/dovecot/conf.d/10-ssl.conf || echo '/etc/ssl/certs/dovecot.pem') | cut -d'=' -f2) SSL_KEY=$( (grep -m 1 "ssl_key_file" /etc/dovecot/conf.d/10-ssl.conf || echo '/etc/ssl/private/dovecot.pem') | cut -d'=' -f2) # Generate new certs if needed if [ -e $SSL_CERT ] || [ -e $SSL_KEY ]; then echo "You already have ssl certs for dovecot." else echo "Creating generic self-signed certificate: $SSL_CERT" echo "This certificate will expire in a year." echo "(replace with hand-crafted or authorized one if needed)." cd /etc/ssl/certs PATH=$PATH:/usr/bin/ssl if ! FQDN="$(hostname -f)"; then FQDN="$(hostname)" echo WARNING: Could not get FQDN, using \"$FQDN\". fi MAILNAME="$(cat /etc/mailname 2> /dev/null || echo "$FQDN")" (openssl req -newkey rsa:2048 -x509 -days 3652.5 -nodes \ -rand /dev/urandom -out $SSL_CERT -keyout $SSL_KEY > /dev/null 2>&1 <<+ . . . Dovecot mail server $FQDN $FQDN root@$MAILNAME + ) || echo "Warning : Bad SSL config, can't generate certificate." if [ -e $SSL_CERT ] && [ -e $SSL_KEY ]; then ucfr dovecot-common $SSL_CERT ucfr dovecot-common $SSL_KEY chown root $SSL_CERT || true chgrp dovecot $SSL_CERT || true chmod 0644 $SSL_CERT || true chown root $SSL_KEY || true chgrp dovecot $SSL_KEY || true chmod 0600 $SSL_KEY || true fi fi fi # Automatically added by dh_installinit if [ -e "/etc/init/dovecot.conf" ]; then invoke-rc.d dovecot start || exit $? fi # End automatically added section