mirror of
https://github.com/freedombox/FreedomBox.git
synced 2026-02-18 08:33:41 +00:00
e43e144040
- Use LetsEncrypt component to perform TLS certificate copying instead of custom implementation. - Use two components to copy the certificates to dovecot and postfix separately. - Add support for multiple domains using SNI. Provide all the certificates. Use primary domain's certificate as the fallback certificate. - Drop the diagnose/repair approach due to its complexity. Tests: - Installing the app works. After installation, all TLS parameters are show as expected by 'postconf' command and 'doveconf' command. - A default domain is selected by default. This will reflect as primary domain in TLS certificate configuration. - When primary domain is changed, the configuration is updated to reflect the default certificate path but SNI configuration is unchanged in dovecot and postfix. - Postfix and dovecot are restarted after setup. - There are no configuration error shows in postfix/dovecot logs. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
64 lines
2.2 KiB
Python
64 lines
2.2 KiB
Python
"""Configure email domains"""
|
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
|
|
import pathlib
|
|
import re
|
|
import subprocess
|
|
|
|
from plinth.actions import superuser_run
|
|
from plinth.modules import config
|
|
from plinth.modules.email_server import postconf
|
|
from plinth.modules.names.components import DomainName
|
|
|
|
from . import tls
|
|
|
|
|
|
def get_domains():
|
|
"""Return the current domain configuration."""
|
|
conf = postconf.get_many(['mydomain', 'mydestination'])
|
|
domains = set(postconf.parse_maps(conf['mydestination']))
|
|
defaults = {'$myhostname', 'localhost.$mydomain', 'localhost'}
|
|
domains.difference_update(defaults)
|
|
return {'primary_domain': conf['mydomain'], 'all_domains': domains}
|
|
|
|
|
|
def set_domains(primary_domain=None):
|
|
"""Set the primary domain and all the domains for postfix. """
|
|
all_domains = DomainName.list_names()
|
|
if not primary_domain:
|
|
primary_domain = get_domains()['primary_domain']
|
|
if primary_domain not in all_domains:
|
|
primary_domain = config.get_domainname() or list(all_domains)[0]
|
|
|
|
superuser_run(
|
|
'email_server',
|
|
['domain', 'set_domains', primary_domain, ','.join(all_domains)])
|
|
|
|
|
|
def action_set_domains(primary_domain, all_domains):
|
|
"""Set the primary domain and all the domains for postfix. """
|
|
all_domains = [_clean_domain(domain) for domain in all_domains.split(',')]
|
|
primary_domain = _clean_domain(primary_domain)
|
|
|
|
defaults = {'$myhostname', 'localhost.$mydomain', 'localhost'}
|
|
my_destination = ', '.join(set(all_domains).union(defaults))
|
|
conf = {
|
|
'myhostname': primary_domain,
|
|
'mydomain': primary_domain,
|
|
'mydestination': my_destination
|
|
}
|
|
postconf.set_many(conf)
|
|
pathlib.Path('/etc/mailname').write_text(primary_domain + '\n')
|
|
tls.set_postfix_config(primary_domain, all_domains)
|
|
tls.set_dovecot_config(primary_domain, all_domains)
|
|
subprocess.run(['systemctl', 'try-reload-or-restart', 'postfix'],
|
|
check=True)
|
|
subprocess.run(['systemctl', 'try-reload-or-restart', 'dovecot'],
|
|
check=True)
|
|
|
|
|
|
def _clean_domain(domain):
|
|
domain = domain.lower().strip()
|
|
assert re.match('^[a-z0-9-\\.]+$', domain)
|
|
return domain
|