cedricAbonnel
/
notes-techniques
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
notes-techniques/notes/scripts/server-mail/setup_mail.sh

92 lines
2.2 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# Importer les fonctions communes
source "$(dirname "$0")/../common/common_utils.sh"
# Vérifier si le script est exécuté en root
check_root
# Mise à jour du système
update_system
# Installation de Postfix, Dovecot et outils nécessaires
echo "=== Installation de Postfix, Dovecot et outils nécessaires ==="
apt install -y postfix dovecot-core dovecot-imapd dovecot-pop3d dovecot-lmtpd dovecot-sieve certbot curl dnsutils
# Récupérer le FQDN et le domaine
read FQDN DOMAIN <<< $(get_fqdn_and_domain)
echo "🔍 Serveur détecté : $FQDN"
echo "🌐 Domaine géré pour les emails : $DOMAIN"
# Vérification DNS
check_dns "$FQDN"
# Génération du certificat SSL
setup_ssl "$FQDN"
# Configuration de Postfix
echo "=== Configuration de Postfix ==="
cat > /etc/postfix/main.cf <<EOF
smtpd_banner = \$myhostname ESMTP
biff = no
append_dot_mydomain = no
readme_directory = no
myhostname = $FQDN
myorigin = /etc/mailname
mydestination = localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4
# Sécurisation avec TLS
smtpd_tls_cert_file=/etc/letsencrypt/live/$FQDN/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/$FQDN/privkey.pem
smtpd_use_tls=yes
smtpd_tls_auth_only = yes
EOF
# Configuration de Dovecot
echo "=== Configuration de Dovecot ==="
cat > /etc/dovecot/dovecot.conf <<EOF
disable_plaintext_auth = no
ssl = required
ssl_cert = </etc/letsencrypt/live/$FQDN/fullchain.pem
ssl_key = </etc/letsencrypt/live/$FQDN/privkey.pem
mail_location = maildir:/var/mail/vhosts/%d/%n
protocols = imap pop3 lmtp
auth_mechanisms = plain login
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
EOF
# Redémarrer les services
echo "=== Redémarrage des services ==="
systemctl restart postfix dovecot
systemctl enable postfix dovecot
# Ajout d'un cron pour renouveler le certificat
echo "0 3 * * * certbot renew --quiet && systemctl reload postfix dovecot" > /etc/cron.d/letsencrypt-renew
echo "✅ Configuration terminée avec succès !"
Reference in New Issue View Git Blame Copy Permalink