ยง2024-11-01

# mongodb connection string for the main database
mongo="mongodb://127.0.0.1:27017/wildduck"
# mongo="mongodb://siteRootAdmin:b23258585@redisMongo03.yushei.com.tw:27017,redisMongo04.yushei.com.tw:27017,redisMongo05.yushei.com.tw:27017/YuSheiWildduck?authSource=admin&replicaSet=ys20220318"
#! /bin/bash

OURNAME=07_install_wildduck.sh

echo -e "\n-- Executing ${ORANGE}${OURNAME}${NC} subscript --"

####### WILD DUCK #######

# clear previous install
if [ -f "/etc/systemd/system/wildduck.service" ]
then
    $SYSTEMCTL_PATH stop wildduck || true
    $SYSTEMCTL_PATH disable wildduck || true
    rm -rf /etc/systemd/system/wildduck.service
fi

# 
# directories used
#
rm -rf /var/opt/wildduck.git
rm -rf /opt/wildduck
rm -rf /etc/wildduck

# fresh install
cd /var/opt
git clone --bare https://github.com/nodemailer/wildduck.git

# git init --bare, this is used to create a hosted repository that developers will not edit directly.


# create update hook so we can later deploy to this location
hook_script wildduck

# allow deploy user to restart wildduck service
echo "deploy ALL = (root) NOPASSWD: $SYSTEMCTL_PATH restart wildduck" >> /etc/sudoers.d/wildduck

# checkout files from git to working directory
mkdir -p /opt/wildduck
git --git-dir=/var/opt/wildduck.git --work-tree=/opt/wildduck checkout "$WILDDUCK_COMMIT"

# WILDDUCK_COMMIT="783ee16b732afb93cc4d58514e946b01720070bb" defined in `01_install_commits.sh`

# Breakdown of the Command
# git: This is the command-line interface for Git.
#
# --git-dir=/var/opt/wildduck.git: This option specifies the location of the Git directory. 
# Normally, the Git directory is where Git stores  all the metadata and object data for the repository. 
# By using --git-dir, you're telling Git to look for the repository metadata in 
# the specified path (/var/opt/wildduck.git).

# --work-tree=/opt/wildduck: This option sets the working directory (where the files will be checked out). 
# By default, Git uses the current directory as the working tree, but here you're directing it to use
# /opt/wildduck as the location where files should be checked out.

# checkout "$WILDDUCK_COMMIT": This part of the command checks out a specific commit. The variable 
# $WILDDUCK_COMMIT should contain the SHA-1 hash of the commit you want to check out. When you run 
# this command, Git will place the files from that commit into the specified working tree (/opt/wildduck).


cp -r /opt/wildduck/config /etc/wildduck
mv /etc/wildduck/default.toml /etc/wildduck/wildduck.toml

# modify dbs.toml to use replicationSet

sed -i -r 's|mongo="mongodb://127.0.0.1:27017/wildduck"|mongo="mongodb://siteRootAdmin:b23258585@redisMongo03.yushei.com.tw:27017,redisMongo04.yushei.com.tw:27017,redisMongo05.yushei.com.tw:27017/YuSheiWildduck?authSource=admin&replicaSet=ys20220318"|g' dbs.toml


# enable example message
sed -i -e 's/"disabled": true/"disabled": false/g' /opt/wildduck/emails/00-example.json

# update ports
sed -i -e "s/999/99/g;s/localhost/$HOSTNAME/g" /etc/wildduck/imap.toml
sed -i -e "s/999/99/g;s/localhost/$HOSTNAME/g" /etc/wildduck/pop3.toml

echo "enabled=true
port=24
disableSTARTTLS=true" > /etc/wildduck/lmtp.toml

# make sure that DKIM keys are not stored to database as cleartext
echo "secret=\"$DKIM_SECRET\"" >> /etc/wildduck/dkim.toml

echo "user=\"wildduck\"
group=\"wildduck\"
emailDomain=\"$MAILDOMAIN\"" | cat - /etc/wildduck/wildduck.toml > temp && mv temp /etc/wildduck/wildduck.toml

sed -i -e "s/localhost:3000/$HOSTNAME/g;s/localhost/$HOSTNAME/g;s/2587/587/g" /etc/wildduck/wildduck.toml
sed -i -e "s/secret value/$SRS_SECRET/g;s/#loopSecret/loopSecret/g" /etc/wildduck/sender.toml

cd /opt/wildduck
npm install --production --unsafe-perm --no-optional --no-package-lock --no-audit --ignore-scripts --no-shrinkwrap

chown -R deploy:deploy /var/opt/wildduck.git
chown -R deploy:deploy /opt/wildduck

echo "d /opt/wildduck 0755 deploy deploy
d /etc/wildduck 0755 wildduck wildduck" > /etc/tmpfiles.d/zone-mta.conf
log_script "wildduck-server"

echo "[Unit]
Description=WildDuck Mail Server
Conflicts=cyrus.service dovecot.service
After=mongod.service redis.service

[Service]
Environment=\"NODE_ENV=production\"
WorkingDirectory=/opt/wildduck
ExecStart=$NODE_PATH server.js --config=\"/etc/wildduck/wildduck.toml\"
ExecReload=/bin/kill -HUP \$MAINPID
Type=simple
Restart=always
SyslogIdentifier=wildduck-server

[Install]
WantedBy=multi-user.target" > /etc/systemd/system/wildduck.service

$SYSTEMCTL_PATH enable wildduck.service