File debian.postinst of Package egroupware-mail
#! /bin/sh
#export DEBCONF_DEBUG=developer
set -e
#set -x
# das hier muss ganz oben stehen (man debconf-devel)
. /usr/share/debconf/confmodule
db_version 2.0
# check if docker compose is available (Ubuntu 24.04 stalls on docker-compose!)
COMPOSE="docker compose"
docker help compose >/dev/null || {
COMPOSE="docker-compose"
}
if [ "$1" = configure -o "$1" = upgrade ]
then
cd /etc/egroupware-mail
# If upgrading, $2 contains the release currently installed, otherwise it's empty
if [ -z "$2" ]
then
# new install
# generate a self-signed certificate the user can replace later
openssl req -x509 -newkey rsa:2048 -keyout /etc/egroupware-mail/certificate.key -out /etc/egroupware-mail/certificate.pem -days 3650 -nodes -subj '/CN=localhost'
chmod 600 /etc/egroupware-mail/certificate.key
# generate/download new dhparms (if that fails the distributed ones are used)
curl https://ssl-config.mozilla.org/ffdhe2048.txt > dh.pem && cp dh.pem dovecot/ && cp dh.pem postfix/ || true
# create docker-compose.override.yml from latest-docker-compose.override.yml
cp latest-docker-compose.override.yml docker-compose.override.yml
# patch bearer token for push into dovecot/conf.d/14-egroupware-push.conf
token=$(docker exec egroupware-push cat /var/www/config.inc.php | grep bearer_token | cut -d"'" -f2)
sed -i "s/Bearer:token/Bearer:$token/" dovecot/conf.d/14-egroupware-push.conf
# mysql can be on host or in 20.1+ in a container ('db_host' => 'db')
MYSQL=mysql
test -f /etc/egroupware-docker/.env &&
grep "'db_host' => 'db'" /var/lib/egroupware/header.inc.php && {
. /etc/egroupware-docker/.env
MYSQL="docker exec -i egroupware-db mysql -uroot -p$EGW_DB_ROOT_PW"
} || {
# change MariaDB or MySQL to bind on docker0 address
[ -f /etc/mysql/mariadb.conf.d/50-server.cnf ] && {
sed -i "s/bind-address.*/bind-address = 172.17.0.1/g" -i /etc/mysql/mariadb.conf.d/50-server.cnf
systemctl restart mysqld
} || [ -f /etc/mysql/mysql.conf.d/mysqld.cnf ] && {
sed -i "s/bind-address.*/bind-address = 172.17.0.1/g" -i /etc/mysql/mysql.conf.d/mysqld.cnf
systemctl restart mysql
} || echo "No EGroupware MariaDB container, nor able to change MariaDB or MySQL to bind on docker0 addresss (172.17.0.1)!"
# add extra_hosts for db to docker-compose.override.yml
sed -e 's/^#\(services:\)/\1/g' \
-e 's/^#\( mail:\)/\1/g' \
-e 's/^#\( smtp:\)/\1/g' \
-e 's/^#\( extra_hosts:\)/\1/g' \
-e 's/^#\( - "db:172.17.0.1"\)/\1/g' \
-i docker-compose.override.yml
}
# check EGroupware database is accessible
$MYSQL egroupware --execute "SELECT config_value FROM egw_config WHERE config_name='install_id'" &&
{
# create and patch DB credentials
password=$(openssl rand --hex 16)
da_password=$(openssl rand --hex 16)
da_hash=$(htpasswd -nb -B dovecot $da_password|cut -d: -f2)
for f in dovecot/my.cnf postfix/sql-*.cf; do
sed -i "s/^user =.*/user = mail/g" $f
sed -i "s/^password =.*/password = $password/g" $f
done
$MYSQL --execute "GRANT SELECT on egroupware.* TO mail@\`%\` IDENTIFIED BY '$password'"
cat <<EOF | $MYSQL --force egroupware || true
# create dovecot user (as member of Default group account_id=1)
REPLACE INTO egw_accounts (account_id, account_lid, account_pwd, account_status, account_expires, account_type, account_primary_group)
VALUES (NULL, 'dovecot', '{crypt}$da_hash', 'A', -1, 'u', -1);
REPLACE INTO egw_acl (acl_appname,acl_location,acl_account,acl_rights)
SELECT 'phpgw_group','-1',account_id,1 FROM egw_accounts WHERE account_lid='dovecot';
REPLACE INTO egw_addressbook (account_id,contact_owner,n_given,n_family,n_fn,contact_creator,contact_created,contact_modified)
SELECT account_id,0,'Dovecot','Master','Dovecot Master',0,UNIX_TIMESTAMP(),UNIX_TIMESTAMP() FROM egw_accounts WHERE account_lid='dovecot';
# overwrite mail-account created by setup with new "EGroupware Mail" account and dummy domain "egroupware.local"
REPLACE INTO egw_ea_accounts (acc_id, acc_name, ident_id, acc_imap_host, acc_imap_ssl, acc_imap_port, acc_sieve_enabled, acc_sieve_host, acc_sieve_port, acc_folder_sent, acc_folder_trash, acc_folder_draft, acc_folder_template, acc_smtp_host, acc_smtp_ssl, acc_smtp_port, acc_smtp_type, acc_imap_type, acc_imap_logintype, acc_domain, acc_user_editable, acc_sieve_ssl, acc_modified, acc_modifier, acc_smtp_auth_session, acc_folder_junk, acc_imap_default_quota, acc_imap_timeout, acc_user_forward, acc_folder_archive, acc_further_identities, acc_folder_ham, acc_spam_api)
VALUES (1,'EGroupware Mail',1,'mail',2,993,1,'mail',4190,'INBOX/Sent','INBOX/Trash','INBOX/Drafts','INBOX/Templates','mail',1,587,'Smtp\\\\Sql','Imap\\\\Dovecot','standard','egroupware.local',0,1,NOW(),5,1,'INBOX/Junk',NULL,NULL,1,'INBOX/Archive',1,NULL,'');
REPLACE INTO egw_ea_valid (acc_id, account_id)
VALUES (1,0);
REPLACE INTO egw_ea_credentials (acc_id, cred_type, account_id, cred_username, cred_password, cred_pw_enc)
VALUES (1,8,0,'dovecot',TO_BASE64('$da_password'),0);
# set acc_domain from mail_suffix, if not localhost, otherwise set mail_suffix from acc_domain="egroupware.local"
UPDATE egw_ea_accounts JOIN egw_config ON config_name='mail_suffix' AND config_app='phpgwapi'
SET acc_domain=config_value WHERE acc_id=1 AND config_value<>'localhost';
REPLACE INTO egw_config (config_app,config_name,config_value)
SELECT 'phpgwapi','mail_suffix',acc_domain FROM egw_ea_accounts WHERE acc_id=1;
REPLACE INTO egw_config (config_app,config_name,config_value)
VALUES ('mail','imap_hosts_with_push','mail');
# this is an insert statement on purpose, to fail and keep current content / signature
INSERT IGNORE INTO egw_ea_identities (ident_id, acc_id, ident_realname, ident_email, ident_org, ident_signature, account_id, ident_name)
VALUES (1,1,'','','','',0,NULL);
EOF
# restart EGroupware to invalidate cache after updating config in DB
docker exec egroupware kill -s USR2 1
} || echo "Can NOT connect to EGroupware database as user 'root', you need to create and add DB credentials to dovecot/my.cnf postfix/sql-{aliases,mailboxes,domains}.cf"
# some distros (eg. Ubuntu 20.04) remove dashes from names used in docker, we need to fix these to be able to access EGroupware network
[ "$(docker network ls|grep egroupware-docker_default|sed 's/ \+/ /g'|cut -d' ' -f2)" = "egroupware-docker_default" ] || {
sed -e 's/^#\(networks:\)/\1/g' \
-e 's/^#\( egroupware-docker_default:\)/\1/g' \
-e 's/^#\( egroupwaredocker_default:\)/\1/g' \
-e 's/^#\( external:.*\)/\1/g' \
-e 's/^#\(services:\)/\1/g' \
-e 's/^#\( mail:\)/\1/g' \
-e 's/^#\( smtp:\)/\1/g' \
-e 's/^#\( networks:\)/\1/g' \
-e 's/^#\( - egroupwaredocker_default\)/\1/g' \
-i docker-compose.override.yml
}
# fix not set /var/lib/egroupware-mail ownership and permissions from debian.rules
chown 90:101 /var/lib/egroupware-mail
chmod 750 /var/lib/egroupware-mail
#else # update
fi
# (re-)start our containers (do NOT fail package installation on error, as this leaves package in a wirded state!)
$COMPOSE pull && \
echo "y" | $COMPOSE up -d || true
# fix postfix can't find it's (already installed) mysql driver
docker exec egroupware-smtp sh -c "apk del postfix-mysql; apk --update add postfix-mysql; postfix reload" || true
fi
#DEBHELPER#
db_stop
