/munetakaJupyterHub/Computer/2024/MailServer/WildDuck-II/10_install_wildduck

§2024-11-01

10_install_wildduck_webmail.sh
WildDuck Webmail for creating accounts and viewing messages

#! /bin/bash

OURNAME=10_install_wildduck_webmail.sh

echo -e "\n-- Executing ${ORANGE}${OURNAME}${NC} subscript --"

#### WWW ####
####
# clear previous install
if [ -f "/etc/systemd/system/wildduck-webmail.service" ]
then
    $SYSTEMCTL_PATH stop wildduck-webmail || true
    $SYSTEMCTL_PATH disable wildduck-webmail || true
    rm -rf /etc/systemd/system/wildduck-webmail.service
fi
rm -rf /var/opt/wildduck-webmail.git
rm -rf /opt/wildduck-webmail

# fresh install
cd /var/opt
git clone --bare https://github.com/nodemailer/wildduck-webmail.git

# create update hook so we can later deploy to this location
hook_script_bower wildduck-webmail
chmod +x /var/opt/wildduck-webmail.git/hooks/update

# allow deploy user to restart zone-mta service
echo "deploy ALL = (root) NOPASSWD: $SYSTEMCTL_PATH restart wildduck-webmail" >> /etc/sudoers.d/wildduck-webmail

# checkout files from git to working directory
mkdir -p /opt/wildduck-webmail
git --git-dir=/var/opt/wildduck-webmail.git --work-tree=/opt/wildduck-webmail checkout "$WEBMAIL_COMMIT"
cp /opt/wildduck-webmail/config/default.toml /etc/wildduck/wildduck-webmail.toml

sed -i -e "s/localhost/$HOSTNAME/g;s/999/99/g;s/2587/587/g;s/proxy=false/proxy=true/g;s/domains=.*/domains=[\"$MAILDOMAIN\"]/g" /etc/wildduck/wildduck-webmail.toml

cd /opt/wildduck-webmail

chown -R deploy:deploy /var/opt/wildduck-webmail.git
chown -R deploy:deploy /opt/wildduck-webmail

# we need to run bower which reject root
# the followings are the same as ` sudo -u deploy -H bash -c "HOME=/home/deploy npm install" `

HOME=/home/deploy sudo -u deploy npm install
HOME=/home/deploy sudo -u deploy npm run bowerdeps


echo "d /opt/wildduck-webmail 0755 deploy deploy" > /etc/tmpfiles.d/zone-mta.conf
log_script "wildduck-www"

# --- create  /etc/systemd/system/wildduck-webmail.service ------------------------
echo '[Unit]
Description=Wildduck Webmail
After=wildduck.service

[Service]
Environment="NODE_ENV=production"
WorkingDirectory=/opt/wildduck-webmail
ExecStart=/usr/bin/node server.js --config="/etc/wildduck/wildduck-webmail.toml"
ExecReload=/bin/kill -HUP $MAINPID
Type=simple
Restart=always
SyslogIdentifier=wildduck-www

[Install]
WantedBy=multi-user.target' > /etc/systemd/system/wildduck-webmail.service

$SYSTEMCTL_PATH enable wildduck-webmail.service

¶ /etc/systemd/system/wildduck-webmail.service

[Unit]
Description=Wildduck Webmail
After=wildduck.service

[Service]
Environment="NODE_ENV=production"
WorkingDirectory=/opt/wildduck-webmail
ExecStart=/usr/bin/node server.js --config="/etc/wildduck/wildduck-webmail.toml"
ExecReload=/bin/kill -HUP $MAINPID
Type=simple
Restart=always
SyslogIdentifier=wildduck-www

[Install]
WantedBy=multi-user.target

/etc/wildduck/wildduck-webmail.toml

name="Wild Duck Mail"

title="wildduck-www"

[service]
    # email domain for new users
    domain="mail.yushei.net"
    # default quotas for new users
    quota=1024
    recipients=2000
    forwards=2000
    identities=10
    allowIdentityEdit=true
    allowJoin=true
    enableSpecial=false # if true the allow creating addresses with special usernames
    # allowed domains for new addresses
    domains=["yushei.net"]
    # allow using addresses with other domains in the "From" field
    allowSendFromOtherDomains=true

    generalNotification="" # static notification to show on top of the page

    [service.sso.http]
        enabled = false
        header = "X-UserName" # value from this header is treated as logged in username
        authRedirect = "http:/127.0.0.1:3000/login" # URL to redirect non-authenticated users
        logoutRedirect = "http:/127.0.0.1:3000/logout"  # URL to redirect when user clicks on "log out"

[api]
    url="http://127.0.0.1:8080"
    accessToken=""

[dbs]
    # redis connection string for Express sessions
    redis="redis://127.0.0.1:6379/5"

[www]
    host=false
    port=3000
    proxy=true
    postsize="5MB"
    log="dev"
    secret="a cat"
    secure=false
    listSize=20

[recaptcha]
    enabled=false
    siteKey=""
    secretKey=""

[totp]
    # Issuer name for TOTP, defaults to config.name
    issuer=false
    # once setup do not change as it would invalidate all existing 2fa sessions
    secret="a secret cat"

[u2f]
    # set to false if not using HTTPS
    enabled=true
    # must be https url or use default
    #appId="https://127.0.0.1:8080"

[log]
    level="silly"
    mail=true

[setup]
    # these values are shown in the configuration help page
    [setup.imap]
        hostname="mail.yushei.net"
        secure=true
        port=993
    [setup.pop3]
        hostname="mail.yushei.net"
        secure=true
        port=995
    [setup.smtp]
        hostname="mail.yushei.net"
        secure=false
        port=587