From 1b8bb66a16702bf3488ccddb27db8f2001c4b865 Mon Sep 17 00:00:00 2001
From: Christian Heller <c.heller@plomlompom.de>
Date: Wed, 28 Nov 2018 01:34:16 +0100
Subject: [PATCH] WIP.

---
 all_new_2018/letsencrypt_local_set.sh         |  9 ++++----
 .../mail/etc/postfix/main.cf                  |  4 ++--
 all_new_2018/setup_mail.sh                    | 23 +++++++++++++------
 3 files changed, 23 insertions(+), 13 deletions(-)

diff --git a/all_new_2018/letsencrypt_local_set.sh b/all_new_2018/letsencrypt_local_set.sh
index a7ec6e5..d4ca0d1 100755
--- a/all_new_2018/letsencrypt_local_set.sh
+++ b/all_new_2018/letsencrypt_local_set.sh
@@ -2,11 +2,12 @@
 set -e
 
 # Ensure we have a mail address as argument.
-if [ $# -lt 1 ]; then
-    echo "Need mail address as argument."
+if [ $# -lt 2 ]; then
+    echo "Need target domain and mail address as argument."
     false
 fi
-mail_address="$1"
+domain="$1"
+mail_address="$2"
 
 # If port 80 blocked by iptables, open it.
 set +e
@@ -18,7 +19,7 @@ if [ "${open_iptables}" -eq "1" ]; then
 fi
 
 # Create new certificate and copy it to /etc/letsencrypt.
-certbot certonly --standalone --agree-tos -m "${mail}" -d "$(hostname -f)"
+certbot certonly --standalone --agree-tos -m "${mail_address}" -d "${domain}"
 
 # Remove iptables rule to open port 80 if we added it.
 if [ "${open_iptables}" -eq "1" ]; then
diff --git a/all_new_2018/linkable_etc_files/mail/etc/postfix/main.cf b/all_new_2018/linkable_etc_files/mail/etc/postfix/main.cf
index dbb2b5d..39d3720 100644
--- a/all_new_2018/linkable_etc_files/mail/etc/postfix/main.cf
+++ b/all_new_2018/linkable_etc_files/mail/etc/postfix/main.cf
@@ -31,10 +31,10 @@ smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
 
 smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
 myorigin = /etc/mailname
-myhostname = $myorigin
+myhostname = REPLACE_myhostname_ECALPER
 alias_maps = hash:/etc/aliases
 alias_database = hash:/etc/aliases
-mydestination = $myhostname, localhost.plomlompom.com, localhost
+mydestination = $myhostname localhost.$mydomain localhost REPLACE_mydomain_if_domainwide_ECALPER
 relayhost = 
 mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
 mailbox_size_limit = 0
diff --git a/all_new_2018/setup_mail.sh b/all_new_2018/setup_mail.sh
index c6a0e63..d65f0a7 100755
--- a/all_new_2018/setup_mail.sh
+++ b/all_new_2018/setup_mail.sh
@@ -1,11 +1,14 @@
 #/bin/sh
 set -e
 
-dkim_selector=$1
-if [ ! -n "${dkim_selector}" ]; then
-    echo "Give DKIM selector argument."
+if [ $# -lt 2 ]; then
+    echo "Give arguments of mail domain and DKIM selector."
+    echo "Also, if hosting mail for entire domain, give third argument 'domainwide'."
     false
 fi
+mail_domain="$1"
+dkim_selector="$2"
+domainwide="$3"
 
 # Set up DKIM key if necessary.
 mkdir -p /etc/dkimkeys/
@@ -28,8 +31,14 @@ fi
 
 # Link and adapt mail-server-specific /etc/ files.
 ./hardlink_etc.sh mail
-sed -i "s/REPLACE_Domain_ECALPER/$(hostname -f)/g" /etc/opendkim.conf
+sed -i "s/REPLACE_Domain_ECALPER/${mail_domain}/g" /etc/opendkim.conf
 sed -i "s/REPLACE_Selector_ECALPER/${dkim_selector}/g" /etc/opendkim.conf
+sed -i "s/REPLACE_myhostname_ECALPER/$(hostname -f)/g" /etc/postfix/main.cf
+if [ "${domainwide}" = "domainwide" ]; then
+    sed -i 's/REPLACE_mydomain_if_domainwide_ECALPER/$mydomain/g' /etc/postfix/main.cf
+else
+    sed -i 's/REPLACE_mydomain_if_domainwide_ECALPER//g' /etc/postfix/main.cf
+fi
 
 # Some useful debconf selections.
 echo "postfix postfix/main_mailer_type string 'Internet Site'" | debconf-set-selections
@@ -39,13 +48,13 @@ echo "ssl_key = </etc/letsencrypt/live/$(hostname -f)/privkey.pem" >> /etc/dovec
 # The second line should not be necessary due to the first line, but for
 # some reason the installation forgets to set up /etc/mailname early
 # enough to not (when running newaliases) stumble over its absence.
-echo "postfix postfix/mailname string $(hostname -f)" | debconf-set-selections
-echo "$(hostname -f)" > /etc/mailname
+echo "postfix postfix/mailname string ${mail_domain}" | debconf-set-selections
+echo "${mail_domain}" > /etc/mailname
 
 # Everything should now be ready for installations.
 apt install -y -o Dpkg::Options::=--force-confold postfix dovecot-imapd opendkim
 echo "TODO: Ensure MX entry for your system in your DNS configuration."
-echo "TODO: Ensure a proper SPF entry for this system in your DNS configuration; something like 'v=spf1 a mx -all' mapped to your host."
+echo "TODO: Ensure a proper SPF entry for this system in your DNS configuration; something like 'v=spf1 mx -all' mapped to your host."
 if [ "${add_dkim_record}" -eq "1" ]; then
     echo "TODO: Add the following DKIM entry to your DNS configuration (possibly with slightly changed host entry – if your mail domain includes a subdomain, append that with a dot):"
     cat "${dkim_selector}.txt"
-- 
2.30.2