From 24b3e2f5b95cfac1b2e8650a8c23568005e898eb Mon Sep 17 00:00:00 2001 From: juvilius Date: Fri, 7 Apr 2023 17:59:31 +0200 Subject: [PATCH] dh.pem in /etc/dovecot/ --- emailwiz.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/emailwiz.sh b/emailwiz.sh index dbf1e20..9a8022d 100644 --- a/emailwiz.sh +++ b/emailwiz.sh @@ -150,7 +150,7 @@ mv /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.backup.conf echo "Creating Dovecot config..." -openssl dhparam -out /etc/dovecot/dh.pem 4096 +[ -f "/etc/dovecot/dh.pem" ] || openssl dhparam -out /etc/dovecot/dh.pem 4096 echo "# Dovecot config # Note that in the dovecot conf, you can use: @@ -165,7 +165,7 @@ ssl_key = <$certdir/privkey.pem ssl_min_protocol = TLSv1.2 ssl_cipher_list = "'EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA256:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EDH+aRSA+AESGCM:EDH+aRSA+SHA256:EDH+aRSA:EECDH:!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED'" ssl_prefer_server_ciphers = yes -ssl_dh = /dev/null || 10.1.0.0/16' >> /etc/postfix/dkim/trustedhosts # ...and source it from opendkim.conf -grep -q '^KeyTable' /etc/opendkim.conf 2>/dev/null || echo 'KeyTable file:/etc/postfix/dkim/keytable +grep -q '^KeyTable' /etc/opendkim/opendkim.conf 2>/dev/null || echo 'KeyTable file:/etc/postfix/dkim/keytable SigningTable refile:/etc/postfix/dkim/signingtable -InternalHosts refile:/etc/postfix/dkim/trustedhosts' >> /etc/opendkim.conf +InternalHosts refile:/etc/postfix/dkim/trustedhosts' >> /etc/opendkim/opendkim.conf -sed -i '/^#Canonicalization/s/simple/relaxed\/simple/' /etc/opendkim.conf -sed -i '/^#Canonicalization/s/^#//' /etc/opendkim.conf +sed -i '/^#Canonicalization/s/simple/relaxed\/simple/' /etc/opendkim/opendkim.conf +sed -i '/^#Canonicalization/s/^#//' /etc/opendkim/opendkim.conf -sed -i '/Socket/s/^#*/#/' /etc/opendkim.conf -grep -q '^Socket\s*inet:12301@localhost' /etc/opendkim.conf || echo 'Socket inet:12301@localhost' >> /etc/opendkim.conf +sed -i '/Socket/s/^#*/#/' /etc/opendkim/opendkim.conf +grep -q '^Socket\s*inet:12301@localhost' /etc/opendkim/opendkim.conf || echo 'Socket inet:12301@localhost' >> /etc/opendkim/opendkim.conf # OpenDKIM daemon settings, removing previously activated socket. sed -i '/^SOCKET/d' /etc/default/opendkim && echo "SOCKET=\"inet:12301@localhost\"" >> /etc/default/opendkim