From 05dc3cd62b3bb610217f250375e7042ae71b475e Mon Sep 17 00:00:00 2001 From: Philipp Holzer Date: Sun, 2 Dec 2018 12:52:01 +0100 Subject: [PATCH 1/6] Simplifying setup.sh --- setup.sh | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/setup.sh b/setup.sh index 52a8cc7..7793a98 100755 --- a/setup.sh +++ b/setup.sh @@ -2,6 +2,10 @@ set -e +fqdn_to_dn() { + printf 'dc=%s' "$1" | sed -r 's/\./,dc=/g' +} + if [ ! -e ./docker-compose.yml ]; then echo "copying example compose file" cp docker-compose.yml-example docker-compose.yml @@ -24,15 +28,12 @@ if [ ! -e ./.env ]; then value_default="kopano.demo" read -p "FQDN to be used (for reverse proxy) [$value_default]: " new_value FQDN=${new_value:-$value_default} + LDAP_BASE_DN=$(fqdn_to_dn $FQDN) value_default="self_signed" read -p "Email address to use for Lets Encrypt. Use 'self_signed' as your email to create self signed certificates [$value_default]: " new_value EMAIL=${new_value:-$value_default} - value_default="dc=kopano,dc=demo" - read -p "Name of the BASE DN for LDAP [$value_default]: " new_value - LDAP_BASE_DN=${new_value:-$value_default} - value_default="kopano123" read -p "Password of the admin user (in bundled LDAP) [$value_default]: " new_value LDAP_ADMIN_PASSWORD=${new_value:-$value_default} @@ -41,11 +42,11 @@ if [ ! -e ./.env ]; then read -p "LDAP server to be used (defaults to the bundled OpenLDAP) [$value_default]: " new_value LDAP_SERVER=${new_value:-$value_default} - value_default="DC=kopano,DC=demo" + value_default="$LDAP_BASE_DN" read -p "LDAP search base [$value_default]: " new_value LDAP_SEARCH_BASE=${new_value:-$value_default} - value_default="CN=readonly,DC=kopano,DC=demo" + value_default="CN=readonly,$LDAP_BASE_DN" read -p "LDAP bind user (needs only read permissions) [$value_default]: " new_value LDAP_BIND_DN=${new_value:-$value_default} @@ -57,7 +58,7 @@ if [ ! -e ./.env ]; then read -p "Timezone to be used [$value_default]: " new_value TZ=${new_value:-$value_default} - value_default="postmaster@kopano.demo" + value_default="postmaster@$FQDN" read -p "E-Mail Address displayed for the 'postmaster' [$value_default]: " new_value POSTMASTER_ADDRESS=${new_value:-$value_default} From c062ff5c1f24143f666d6527ce281dbcbb87e007 Mon Sep 17 00:00:00 2001 From: Philipp Holzer Date: Sun, 2 Dec 2018 12:54:06 +0100 Subject: [PATCH 2/6] Restore LDAP_BASE_DN question (in case it differs from the FQDN) --- setup.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/setup.sh b/setup.sh index 7793a98..7be2be5 100755 --- a/setup.sh +++ b/setup.sh @@ -34,6 +34,10 @@ if [ ! -e ./.env ]; then read -p "Email address to use for Lets Encrypt. Use 'self_signed' as your email to create self signed certificates [$value_default]: " new_value EMAIL=${new_value:-$value_default} + value_default="$LDAP_BASE_DN" + read -p "Name of the BASE DN for LDAP [$value_default]: " new_value + LDAP_BASE_DN=${new_value:-$value_default} + value_default="kopano123" read -p "Password of the admin user (in bundled LDAP) [$value_default]: " new_value LDAP_ADMIN_PASSWORD=${new_value:-$value_default} From 036a83f9a823ec9b88d8402f236ff6243984938b Mon Sep 17 00:00:00 2001 From: Philipp Holzer Date: Sun, 2 Dec 2018 12:54:37 +0100 Subject: [PATCH 3/6] fix intent --- setup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.sh b/setup.sh index 7be2be5..e14826d 100755 --- a/setup.sh +++ b/setup.sh @@ -34,7 +34,7 @@ if [ ! -e ./.env ]; then read -p "Email address to use for Lets Encrypt. Use 'self_signed' as your email to create self signed certificates [$value_default]: " new_value EMAIL=${new_value:-$value_default} - value_default="$LDAP_BASE_DN" + value_default="$LDAP_BASE_DN" read -p "Name of the BASE DN for LDAP [$value_default]: " new_value LDAP_BASE_DN=${new_value:-$value_default} From 779af26b80855dd9b0462c95cb17f2fb8e2e4de3 Mon Sep 17 00:00:00 2001 From: Philipp Holzer Date: Sun, 2 Dec 2018 13:04:54 +0100 Subject: [PATCH 4/6] Adding timezone guess --- setup.sh | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/setup.sh b/setup.sh index e14826d..f2622cb 100755 --- a/setup.sh +++ b/setup.sh @@ -58,7 +58,16 @@ if [ ! -e ./.env ]; then read -p "LDAP server to be used (default bundled openldap) [$value_default]: " new_value LDAP_BIND_PW=${new_value:-$value_default} - value_default="Europe/Berlin" + if [ -f /etc/timezone ]; then + value_default=$(cat /etc/timezone) + elif [ -f /etc/localtime ]; then + value_default=$(readlink /etc/localtime|sed -n 's|^.*zoneinfo/||p') + fi + + if [ -z "${value_default}" ]; then + value_default="Europe/Berlin". + fi + read -p "Timezone to be used [$value_default]: " new_value TZ=${new_value:-$value_default} From 89450d8b34b6b7a229a57343a0b0e2c014493ca2 Mon Sep 17 00:00:00 2001 From: Philipp Holzer Date: Sun, 2 Dec 2018 13:24:39 +0100 Subject: [PATCH 5/6] Auto setup for bundled environment --- setup.sh | 71 +++++++++++++++++++++++++++++++++++--------------------- 1 file changed, 44 insertions(+), 27 deletions(-) diff --git a/setup.sh b/setup.sh index f2622cb..822a803 100755 --- a/setup.sh +++ b/setup.sh @@ -3,7 +3,11 @@ set -e fqdn_to_dn() { - printf 'dc=%s' "$1" | sed -r 's/\./,dc=/g' + printf 'dc=%s' "$1" | sed -r 's/\./,dc=/g' +} + +random_string() { + hexdump -n 16 -v -e '/1 "%02X"' /dev/urandom } if [ ! -e ./docker-compose.yml ]; then @@ -38,25 +42,32 @@ if [ ! -e ./.env ]; then read -p "Name of the BASE DN for LDAP [$value_default]: " new_value LDAP_BASE_DN=${new_value:-$value_default} - value_default="kopano123" - read -p "Password of the admin user (in bundled LDAP) [$value_default]: " new_value - LDAP_ADMIN_PASSWORD=${new_value:-$value_default} - value_default="ldap://ldap:389" read -p "LDAP server to be used (defaults to the bundled OpenLDAP) [$value_default]: " new_value LDAP_SERVER=${new_value:-$value_default} - value_default="$LDAP_BASE_DN" - read -p "LDAP search base [$value_default]: " new_value - LDAP_SEARCH_BASE=${new_value:-$value_default} + if [ "$LDAP_SERVER" != "$value_default" ]; then + value_default="kopano123" + read -p "Password of the admin user [$value_default]: " new_value + LDAP_ADMIN_PASSWORD=${new_value:-$value_default} - value_default="CN=readonly,$LDAP_BASE_DN" - read -p "LDAP bind user (needs only read permissions) [$value_default]: " new_value - LDAP_BIND_DN=${new_value:-$value_default} + value_default="$LDAP_BASE_DN" + read -p "LDAP search base [$value_default]: " new_value + LDAP_SEARCH_BASE=${new_value:-$value_default} - value_default="kopano123" - read -p "LDAP server to be used (default bundled openldap) [$value_default]: " new_value - LDAP_BIND_PW=${new_value:-$value_default} + value_default="CN=readonly,$LDAP_BASE_DN" + read -p "LDAP bind user (needs only read permissions) [$value_default]: " new_value + LDAP_BIND_DN=${new_value:-$value_default} + + value_default="kopano123" + read -p "LDAP bind password to be used [$value_default]: " new_value + LDAP_BIND_PW=${new_value:-$value_default} + else + LDAP_ADMIN_PASSWORD=$(random_string) + LDAP_SEARCH_BASE="$LDAP_BIND_DN" + LDAP_BIND_DN="CN=readonly,$LDAP_BASE_DN" + LDAP_BIND_PW=$(random_string) + fi if [ -f /etc/timezone ]; then value_default=$(cat /etc/timezone) @@ -79,22 +90,28 @@ if [ ! -e ./.env ]; then read -p "Name/Address of Database server (defaults to the bundled one) [$value_default]: " new_value MYSQL_HOST=${new_value:-$value_default} - value_default="kopano123" - read -p "Password for the MySQL root user [$value_default]: " new_value - MYSQL_ROOT_PASSWORD=${new_value:-$value_default} + if [ "$MYSQL_HOST" != "$value_default" ]; then + value_default="kopano123" + read -p "Password for the MySQL root user [$value_default]: " new_value + MYSQL_ROOT_PASSWORD=${new_value:-$value_default} - value_default="kopanoDbUser" - read -p "Username to connect to the database [$value_default]: " new_value - MYSQL_USER=${new_value:-$value_default} + value_default="kopanoDbUser" + read -p "Username to connect to the database [$value_default]: " new_value + MYSQL_USER=${new_value:-$value_default} - value_default="kopanoDbPw" - read -p "Password to connect to the database [$value_default]: " new_value - MYSQL_PASSWORD=${new_value:-$value_default} - - value_default="kopano" - read -p "Datebase to use for Kopano [$value_default]: " new_value - MYSQL_DATABASE=${new_value:-$value_default} + value_default="kopanoDbPw" + read -p "Password to connect to the database [$value_default]: " new_value + MYSQL_PASSWORD=${new_value:-$value_default} + value_default="kopano" + read -p "Datebase to use for Kopano [$value_default]: " new_value + MYSQL_DATABASE=${new_value:-$value_default} + else + MYSQL_USER="kopano" + MYSQL_DATABASE="kopano" + MYSQL_ROOT_PASSWORD=$(random_string) + MYSQL_PASSWORD=$(random_string) + fi cat <<-EOF >"./.env" # please consult https://github.com/zokradonh/kopano-docker From 1d556156e9062c490e14acc4ed0c8f92bf287c72 Mon Sep 17 00:00:00 2001 From: Philipp Holzer Date: Mon, 10 Dec 2018 20:28:34 +0100 Subject: [PATCH 6/6] Improving setup.sh - Bugfixing $LDAP_BIND_DN - Removing ADMIN-PWs for DB/LDAP in case of alternative server - Warning message in case of not using the bundled DB/LDAP --- setup.sh | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/setup.sh b/setup.sh index 822a803..53498d5 100755 --- a/setup.sh +++ b/setup.sh @@ -16,6 +16,8 @@ if [ ! -e ./docker-compose.yml ]; then fi if [ ! -e ./.env ]; then + PRINT_SETUP_SUCCESS="" + echo "Creating an .env file for you" value_default=latest read -p "Which tag do you want to use for Kopano Core components? [$value_default]: " new_value @@ -32,12 +34,12 @@ if [ ! -e ./.env ]; then value_default="kopano.demo" read -p "FQDN to be used (for reverse proxy) [$value_default]: " new_value FQDN=${new_value:-$value_default} - LDAP_BASE_DN=$(fqdn_to_dn $FQDN) value_default="self_signed" read -p "Email address to use for Lets Encrypt. Use 'self_signed' as your email to create self signed certificates [$value_default]: " new_value EMAIL=${new_value:-$value_default} + LDAP_BASE_DN=$(fqdn_to_dn $FQDN) value_default="$LDAP_BASE_DN" read -p "Name of the BASE DN for LDAP [$value_default]: " new_value LDAP_BASE_DN=${new_value:-$value_default} @@ -47,24 +49,25 @@ if [ ! -e ./.env ]; then LDAP_SERVER=${new_value:-$value_default} if [ "$LDAP_SERVER" != "$value_default" ]; then - value_default="kopano123" - read -p "Password of the admin user [$value_default]: " new_value - LDAP_ADMIN_PASSWORD=${new_value:-$value_default} + # We don't need an admin password in case we don't use the bundled LDAP server + LDAP_ADMIN_PASSWORD="" value_default="$LDAP_BASE_DN" read -p "LDAP search base [$value_default]: " new_value LDAP_SEARCH_BASE=${new_value:-$value_default} value_default="CN=readonly,$LDAP_BASE_DN" - read -p "LDAP bind user (needs only read permissions) [$value_default]: " new_value + read -p "LDAP bind user (needs read permissions) [$value_default]: " new_value LDAP_BIND_DN=${new_value:-$value_default} value_default="kopano123" read -p "LDAP bind password to be used [$value_default]: " new_value LDAP_BIND_PW=${new_value:-$value_default} + + PRINT_SETUP_SUCCESS="$PRINT_SETUP_SUCCESS \n!! You have specified the LDAP server '${LDAP_SERVER}', don't forget to remove the bundled ldap and ldap-admin services in docker-compose.yml\n" else LDAP_ADMIN_PASSWORD=$(random_string) - LDAP_SEARCH_BASE="$LDAP_BIND_DN" + LDAP_SEARCH_BASE="$LDAP_BASE_DN" LDAP_BIND_DN="CN=readonly,$LDAP_BASE_DN" LDAP_BIND_PW=$(random_string) fi @@ -91,9 +94,8 @@ if [ ! -e ./.env ]; then MYSQL_HOST=${new_value:-$value_default} if [ "$MYSQL_HOST" != "$value_default" ]; then - value_default="kopano123" - read -p "Password for the MySQL root user [$value_default]: " new_value - MYSQL_ROOT_PASSWORD=${new_value:-$value_default} + # We don't need an admin password in case we don't use the bundled DB server + MYSQL_ROOT_PASSWORD="" value_default="kopanoDbUser" read -p "Username to connect to the database [$value_default]: " new_value @@ -104,8 +106,10 @@ if [ ! -e ./.env ]; then MYSQL_PASSWORD=${new_value:-$value_default} value_default="kopano" - read -p "Datebase to use for Kopano [$value_default]: " new_value + read -p "Database to use for Kopano [$value_default]: " new_value MYSQL_DATABASE=${new_value:-$value_default} + + PRINT_SETUP_SUCCESS="$PRINT_SETUP_SUCCESS \n!! You have specified the DB server '${MYSQL_HOST}', don't forget to remove the bundled db service in docker-compose.yml\n" else MYSQL_USER="kopano" MYSQL_DATABASE="kopano" @@ -113,6 +117,8 @@ if [ ! -e ./.env ]; then MYSQL_PASSWORD=$(random_string) fi + echo ${PRINT_SETUP_SUCCESS} + cat <<-EOF >"./.env" # please consult https://github.com/zokradonh/kopano-docker # for possible configuration values and their impact