utils/add_mailbox

+#!/bin/bash
+set -e
+set -u
+set -x
+
+source /etc/environment
+
+email=$1
+email_password=$2
+
+local_part=`echo $email | cut -d@ -f1`
+email_domain=`echo $email | cut -d@ -f2`
+
+curl --data "username=${mail_username}&password=${mail_password}&login=Log+In&rememberme=0" -c /tmp/cookie.txt https://${mail_hostname}/auth/login
+domain_id=`curl -b /tmp/cookie.txt https://${mail_hostname}/domain | grep $email_domain | grep purge-domain | grep -o 'purge-domain-[0-9]*' | grep -o '[0-9]*'`
+curl --data "local_part=${local_part}&domain=${domain_id}&password=${email_password}" -b /tmp/cookie.txt https://${mail_hostname}/mailbox/add
+
+rm /tmp/cookie.txt

utils/add_to_group

+#!/bin/bash -eux
+
+source /etc/environment
+
+user=$1
+group=$2
+
+curl -X POST -H "OCS-APIRequest:true" --user ${cloud_admin}:${cloud_pass} https://${cloud_hostname}/ocs/v1.php/cloud/users/${1}/groups -d groupid="${2}"

utils/add_user

+#!/bin/bash -eux
+
+source /etc/environment
+
+email=$1
+cc_welcome_email=$2
+quota=$3
+
+password=`tr -dc A-Za-z0-9_ < /dev/urandom | head -c 10 | xargs`
+local_part=`echo $email | cut -d@ -f1`
+email_domain=`echo $email | cut -d@ -f2`
+
+curl --data "username=${mail_username}&password=${mail_password}&login=Log+In&rememberme=0" -c /tmp/cookie.txt https://${mail_hostname}/auth/login
+
+if ! curl -b /tmp/cookie.txt https://${mail_hostname}/domain | grep $email_domain | grep purge-domain | grep -o 'purge-domain-[0-9]*' | grep -o '[0-9]*' ; then
+  curl --data "backupmx=0&active=1&max_aliases=0&max_mailboxes=0&max_quota=0&quota=0&transport=virtual&domain=${email_domain}" -b /tmp/cookie.txt https://${mail_hostname}/domain/add
+fi
+
+domain_id=`curl -b /tmp/cookie.txt https://${mail_hostname}/domain | grep $email_domain | grep purge-domain | grep -o 'purge-domain-[0-9]*' | grep -o '[0-9]*'`
+curl --data "local_part=${local_part}&domain=${domain_id}&password=${password}&welcome_email=1&cc_welcome_email=${cc_welcome_email}" -b /tmp/cookie.txt https://${mail_hostname}/mailbox/add
+
+rm /tmp/cookie.txt
+
+curl -X PUT --user ${cloud_admin}:${cloud_pass} https://${cloud_hostname}/ocs/v1.php/cloud/users/${email} -d key="quota" -d value="${quota}"
+
+#docker exec -it --user www-data `echo ${cloud_hostname}_app_1 |sed 's/-//g' | sed 's/\.//g'` bash -c "\
+  #  php occ mail:account:create ${email} ${email} ${email} ${mail_hostname} 993 ssl ${email} ${password} ${mail_hostname} 587 tls ${email} ${password}"

utils/configure_dkim_dns

+#!/bin/bash -eux
+
+source /etc/environment
+
+function provision_dkim () {
+  docker exec mailindiehost_postfix_1 /add_domain.sh ${arg_u}
+}
+
+
+function configure_dns () {
+  domain_key=`cat /data/domains/mail.indie.host/opendkim/keys/${arg_u}/mail.txt | cut -d\" -f2 | sed 'N;s/\n//g' | sed 's/ //g' | sed 's/+/%2B/g' | sed 's/\//%2F/g'`
+  info "Configuring DNS."
+  arguments="&Command=namecheap.domains.dns.setHosts\
+&DomainName=${arg_u}\
+&SLD=$(SLD)\
+&TLD=$(TLD)\
+&HostName1=@\
+&RecordType1=A\
+&Address1=${IP}\
+&HostName2=www\
+&RecordType2=CNAME\
+&Address2=${arg_u}\
+&HostName3=@\
+&RecordType3=MX\
+&Address3=${mail_hostname}\
+&MXPref3=10\
+&HostName4=@\
+&RecordType4=TXT\
+&Address4=v=spf1%20include:${mail_hostname}\
+&Hostname5=_dmarc\
+&RecordType5=TXT\
+&Address5=v=DMARC1;%20p=none;%20rua=mailto:support@indie.host\
+&HostName6=mail._domainkey\
+&RecordType6=TXT\
+&Address6=${domain_key}\
+&HostName7=autoconfig\
+&RecordType7=CNAME\
+&Address7=autoconfig.`echo $mail_hostname | cut -d. -f2,3`\
+&EmailType=mx"
+  call_API ${arguments}
+
+}
+

utils/dump_all.sh

+#!/bin/bash -eux
+
+export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin
+
+echo BEGIN > /tmp/dump-logs
+date > /tmp/dump-logs
+
+for domain in `ls /data/domains`; do
+  echo $domain >> /tmp/dump-logs
+  cd /data/domains/${domain}/
+  if [[ -f ./scripts/pre-backup ]]; then
+    cat ./scripts/pre-backup >> /tmp/dump-logs
+    ./scripts/pre-backup >> /tmp/dump-logs
+  fi
+done
+
+date > /tmp/dump
+echo END >> /tmp/dump-logs
+date >> /tmp/dump-logs

utils/helpers

+function contains () {
+  local n=$#
+  local value=${!n}
+  for ((i=1;i < $#;i++)) {
+    if [ "${!i}" == "${value}" ]; then
+      echo "y"
+      return 0
+    fi
+  }
+  echo "n"
+  return 1
+}
+
+function TLD () {
+  echo ${arg_u} | cut -d. -f2,3
+}
+
+function SLD () {
+  echo ${arg_u} | cut -d. -f1
+}
+
+function call_API () {
+  url="https://api.$NAMECHEAP_URL/xml.response\?ApiUser=${NAMECHEAP_API_USER}&ApiKey=${NAMECHEAP_API_KEY}&UserName=${NAMECHEAP_API_USER}&ClientIp=${IP}$1"
+  output=$(curl -s ${url})
+
+  if [ $(echo ${output} | grep -c 'Status="OK"') -eq 0 ]; then
+    error "API call failed. Please read the output"
+    echo ${output}
+    exit 1
+  else
+    info "API call is a success."
+  fi
+}
+
+function _fmt ()      {
+  local color_ok="\x1b[32m"
+  local color_bad="\x1b[31m"
+
+  local color="${color_bad}"
+  if [ "${1}" = "debug" ] || [ "${1}" = "info" ] || [ "${1}" = "notice" ]; then
+    color="${color_ok}"
+  fi
+
+  local color_reset="\x1b[0m"
+  if [[ "${TERM}" != "xterm"* ]] || [ -t 1 ]; then
+    # Don't use colors on pipes or non-recognized terminals
+    color=""; color_reset=""
+  fi
+  echo -e "$(date -u +"%Y-%m-%d %H:%M:%S UTC") ${color}$(printf "[%9s]" ${1})${color_reset}";
+}
+function emergency () {                             echo "$(_fmt emergency) ${@}" 1>&2 || true; exit 1; }
+function alert ()     { [ "${LOG_LEVEL}" -ge 1 ] && echo "$(_fmt alert) ${@}" 1>&2 || true; }
+function critical ()  { [ "${LOG_LEVEL}" -ge 2 ] && echo "$(_fmt critical) ${@}" 1>&2 || true; }
+function error ()     { [ "${LOG_LEVEL}" -ge 3 ] && echo "$(_fmt error) ${@}" 1>&2 || true; }
+function warning ()   { [ "${LOG_LEVEL}" -ge 4 ] && echo "$(_fmt warning) ${@}" 1>&2 || true; }
+function notice ()    { [ "${LOG_LEVEL}" -ge 5 ] && echo "$(_fmt notice) ${@}" 1>&2 || true; }
+function info ()      { [ "${LOG_LEVEL}" -ge 6 ] && echo "$(_fmt info) ${@}" 1>&2 || true; }
+function debug ()     { [ "${LOG_LEVEL}" -ge 7 ] && echo "$(_fmt debug) ${@}" 1>&2 || true; }
+
+function help () {
+  echo "" 1>&2
+  echo " ${@}" 1>&2
+  echo "" 1>&2
+  echo "  ${usage}" 1>&2
+  echo "" 1>&2
+  exit 1
+}

utils/libre

+#!/bin/bash -eu
+
+
+function error_path {
+  >&2 echo "Error: you must be in either /data/domains/*/ or /system/*/ to execute these commands"
+  exit 1
+}
+
+function systemctl_param {
+  first_level_path=`pwd | cut -d'/' -f2`
+  second_level_path=`pwd | cut -d'/' -f3`
+
+  if [ "$first_level_path" == "system" ]; then
+    module=`pwd | cut -d'/' -f3`
+    if [ -n "$module" ]; then
+      echo s@$module
+    else
+      error_path
+    fi
+  elif [ "$first_level_path" == "data" ] && [ "$second_level_path" == "domains" ]; then
+    domain=`pwd | cut -d'/' -f4`
+    if [ -n "$domain" ]; then
+      echo u@$domain
+    else
+      error_path
+    fi
+  else
+    error_path
+  fi
+}
+
+function show_usage {
+  echo "Usage:"
+  echo " - provision -a <app_repo_url> -u <domainname> -s : install and start a libre.sh service."
+  echo " - start|status|enable|disable|restart|stop: command sent to systemctl."
+  echo " - ps|exec|logs: command sent to docker compose."
+  echo " - update: to update the current folder."
+  echo " - stats: show docker stats with names."
+  echo " - delete <domainname>: remove a libre.sh service."
+  echo " - getsize <domainname>: give you the size of the installed application"
+  exit 1
+}
+
+if [ $# -eq 0 ]; then
+  show_usage
+fi
+
+case "$1" in
+  start|status|enable|disable|restart|stop)
+    if [ -n "$(systemctl_param)" ]; then
+      echo "systemctl $1 $(systemctl_param)"
+      systemctl $1 $(systemctl_param)
+    fi;;
+  journal)
+    if [ -n "$(systemctl_param)" ]; then
+      journalctl -fu $(systemctl_param)
+    fi;;
+  ps|exec|logs)
+    if [ -f ./env ]; then
+      env $(cat ./env | xargs) docker-compose $1 ${@:2}
+    else
+      docker-compose $1 ${@:2}
+    fi;;
+  update)
+    if [ "$(pwd)" == "/libre.sh" ]; then
+      git pull
+      cp /libre.sh/unit-files/* /etc/systemd/system && systemctl daemon-reload
+      cp /libre.sh/utils/* /opt/bin/
+    elif [ -n "$(systemctl_param)" ]; then
+      git pull
+      docker-compose pull
+      docker-compose build
+      /opt/bin/libre restart
+    fi;;
+  provision)
+    provision ${@:2};;
+  stats)
+    docker stats $(docker ps|grep -v "NAMES"|awk '{ print $NF }'|tr "\n" " ");;
+  delete)
+    if [ $# -ne 2 ]; then
+      echo "delete requires a domainname argument."
+      exit 1
+    fi
+
+    read -p "Are you sure you want to delete ${2}? (yN)" -n 1 -r
+    echo    # (optional) move to a new line
+    if [[ $REPLY =~ ^[Yy]$ ]]
+    then
+      cd /data/domains/${2}
+      libre stop
+      libre disable
+      cd /data/domains
+      tar cvzf ${2}.tgz ./${2}
+      if [ -f ./${2}.tgz ]; then
+	if [ ! -d /data/trash/ ]; then
+	  mkdir /data/trash/
+	fi
+        mv ${2}.tgz /data/trash/
+        rm -rf /data/domains/${2}
+        rm -rf /system/haproxy/certs/${2}
+        rm /system/haproxy/haproxy/certs/${2}.pem
+      fi
+    fi;;
+  getsize)
+    # check the current size
+    if [ $# -ne 2 ]; then
+      echo "getsize requires a domainname argument."
+      exit 1
+    fi
+    echo $(du -hs /data/domains/${2}) |cut -d ' ' -f 1;;
+  *)
+    show_usage
+esac

utils/mail-mon.sh

+#!/bin/bash -eux
+
+/usr/bin/journalctl --since '1 hour ago' | grep postfix/cleanup | grep "from=" | sed -n 's/.*from=<\(.*\)> to=<\(.*\)> pro.*/\1/p' | sort |uniq -c | sort | awk 'BEGIN {FS=" ";} {printf "mail_sent{domain_name=\"%s\"} %s\n", $2, $1}' > /system/metrics-collection/textfiles/mail.prom

utils/migrate

+#!/bin/bash -eux
+#!/bin/bash -eux
+
+hash=$1
+domain=$2
+
+cd /data/domains/
+wget https://wader.indie.host/migrate/$hash
+unzip $hash
+rm $hash
+
+cd $domain
+
+cp TLS/$domain.pem /system/haproxy/haproxy/certs
+
+systemctl start u@$domain
+systemctl enable u@$domain

utils/provision

+#!/usr/bin/env bash
+# Provision an application for a user for LibrePaaS
+#
+# This file:
+#  - Registers the domain name to NameCheap
+#  - Configures the DNS
+#
+# Version 0.0.3
+#
+# Authors:
+#  - Pierre Ozoux (pierre-o.fr)
+#
+# Usage:
+#  LOG_LEVEL=7 ./provision -a github.com/indiehosters/known -u example.org -g -b -c
+#
+# Licensed under AGPLv3
+
+
+### Configuration
+#####################################################################
+
+# Environment variables and their defaults
+LOG_LEVEL="${LOG_LEVEL:-6}" # 7 = debug -> 0 = emergency
+
+# Commandline options. This defines the usage page, and is used to parse cli
+# opts & defaults from. The parsing is unforgiving so be precise in your syntax
+read -r -d '' usage <<-'EOF'
+  -u   [arg] URL to process. Required.
+  -a   [arg] Application to install. (in the form github.com/indiehosters/wordpress or wordpress in REPO_MODE)
+  -t   [arg] Checkout a specific tag or branch from the application repo. default to master
+  -e   [arg] Specify the email of the application admin 
+  -s         Start the application right away.
+  -b         Buys the associated domain name.
+  -i         Configure OpenDKIM.
+  -c         Configures DNS if possible.
+  -d         Enables debug mode
+  -h         This page
+EOF
+
+### Functions
+#####################################################################
+
+source /etc/environment
+source /opt/bin/helpers
+source /opt/bin/configure_dkim_dns
+
+function buy_domain_name () {
+
+  not_supported_extensions=( "us" "eu" "nu" "asia" "ca" "co.uk" "me.uk" "org.uk" "com.au" "net.au" "org.au" "es" "nom.es" "com.es" "org.es" "de" "fr" )
+  if [ $(contains "${not_supported_extensions[@]}" "$(TLD)") == "y" ]; then
+    error "Extension .$(TLD) is not yet supported.."
+    exit 1
+  fi 
+
+  info "Buying Domain name."
+  arguments="&Command=namecheap.domains.create\
+&DomainName=${arg_u}\
+&Years=1\
+&AuxBillingFirstName=${FirstName}\
+&AuxBillingLastName=${LastName}\
+&AuxBillingAddress1=${Address}\
+&AuxBillingCity=${City}\
+&AuxBillingPostalCode=${PostalCode}\
+&AuxBillingCountry=${Country}\
+&AuxBillingPhone=${Phone}\
+&AuxBillingEmailAddress=${EmailAddress}\
+&AuxBillingStateProvince=${City}\
+&TechFirstName=${FirstName}\
+&TechLastName=${LastName}\
+&TechAddress1=${Address}\
+&TechCity=${City}\
+&TechPostalCode=${PostalCode}\
+&TechCountry=${Country}\
+&TechPhone=${Phone}\
+&TechEmailAddress=${EmailAddress}\
+&TechStateProvince=${City}\
+&AdminFirstName=${FirstName}\
+&AdminLastName=${LastName}\
+&AdminAddress1=${Address}\
+&AdminCity=${City}\
+&AdminPostalCode=${PostalCode}\
+&AdminCountry=${Country}\
+&AdminPhone=${Phone}\
+&AdminEmailAddress=${EmailAddress}\
+&AdminStateProvince=${City}\
+&RegistrantFirstName=${FirstName}\
+&RegistrantLastName=${LastName}\
+&RegistrantAddress1=${Address}\
+&RegistrantCity=${City}\
+&RegistrantPostalCode=${PostalCode}\
+&RegistrantCountry=${Country}\
+&RegistrantPhone=${Phone}\
+&RegistrantEmailAddress=${EmailAddress}\
+&RegistrantStateProvince=${City}"
+
+  call_API ${arguments}
+
+  info "Changing email forwarding."
+  arguments="&Command=namecheap.domains.dns.setEmailForwarding\
+&DomainName=${arg_u}\
+&mailbox1=hostmaster\
+&ForwardTo1=${EmailAddress}"
+
+  call_API ${arguments}
+}
+
+function application () {
+
+  #We check if a APP_REPO_URL was specified
+
+  if [ -z ${APP_REPO_URL:-} ]; then
+    warning "NO repo URL specified, using argument as full URL"
+    git_url=https://${arg_a}.git
+  else
+    warning "REPO specified, using argument as app name"
+    git_url=https://${APP_REPO_URL}/${arg_a}.git
+  fi
+  
+  #Define the tag/branch 
+  
+  git clone ${git_url} -b ${arg_t} /data/domains/${arg_u} 
+
+  cd /data/domains/${arg_u}
+  
+  if [ -f ./scripts/install ]; then
+    #domain
+    export URL=${arg_u} 
+    #admin email
+    if [ -z "${arg_e}" ]; then
+      warning "No admin_email specified with -e , using default hoster email"
+    else
+      export ADMIN_EMAIL=${arg_e}
+      debug " admin email is ${ADMIN_EMAIL} "
+    fi
+
+    if [ -z ${MAIL_DOMAIN:-} ]; then
+      warning "you have no email server setup, we'll print a random configuration in your application. Make sure to check the parameters for your app to send proper emails."
+      warning "To stop having this warning, please configure your libre.sh to be abble to create email accounts."
+      warning "You can also contact support@indie.host to setup an email account for you"
+      export MAIL_PASS="randompass"
+      export MAIL_USER="example@indie.host"
+      export MAIL_DOMAIN="indie.host"
+      export MAIL_HOST="mail.indie.host"
+      export MAIL_PORT="587"
+    else
+      echo "using MAIL_DOMAIN from server env"
+      #export MAIL_PASS=`tr -dc A-Za-z0-9_ < /dev/urandom | head -c 20 | xargs`
+      #export MAIL_USER="noreply.${arg_u}@${MAIL_DOMAIN}"
+      #/opt/bin/add_mailbox ${MAIL_USER} ${MAIL_PASS}
+    fi
+    ./scripts/install
+  fi
+}
+
+
+function start () {
+  systemctl start u@${arg_u}
+  systemctl enable u@${arg_u}
+}
+
+### Parse commandline options
+#####################################################################
+
+# Translate usage string -> getopts arguments, and set $arg_<flag> defaults
+while read line; do
+  opt="$(echo "${line}" |awk '{print $1}' |sed -e 's#^-##')"
+  if ! echo "${line}" |egrep '\[.*\]' >/dev/null 2>&1; then
+    init="0" # it's a flag. init with 0
+  else
+    opt="${opt}:" # add : if opt has arg
+    init=""  # it has an arg. init with ""
+  fi
+  opts="${opts}${opt}"
+
+  varname="arg_${opt:0:1}"
+  if ! echo "${line}" |egrep '\. Default=' >/dev/null 2>&1; then
+    eval "${varname}=\"${init}\""
+  else
+    match="$(echo "${line}" |sed 's#^.*Default=\(\)#\1#g')"
+    eval "${varname}=\"${match}\""
+  fi
+done <<< "${usage}"
+
+# Reset in case getopts has been used previously in the shell.
+OPTIND=1
+
+# Overwrite $arg_<flag> defaults with the actual CLI options
+while getopts "${opts}" opt; do
+  line="$(echo "${usage}" |grep "\-${opt}")"
+
+
+  [ "${opt}" = "?" ] && help "Invalid use of script: ${@} "
+  varname="arg_${opt:0:1}"
+  default="${!varname}"
+
+  value="${OPTARG}"
+  if [ -z "${OPTARG}" ] && [ "${default}" = "0" ]; then
+    value="1"
+  fi
+
+  eval "${varname}=\"${value}\""
+  debug "cli arg ${varname} = ($default) -> ${!varname}"
+done
+
+shift $((OPTIND-1))
+
+[ "$1" = "--" ] && shift
+
+
+### Switches (like -d for debugmdoe, -h for showing helppage)
+#####################################################################
+
+# debug mode
+if [ "${arg_d}" = "1" ]; then
+  set -o xtrace
+  LOG_LEVEL="7"
+fi
+
+# help mode
+if [ "${arg_h}" = "1" ]; then
+  # Help exists with code 1
+  help "Help using ${0}"
+fi
+
+
+### Validation (decide what's required for running your script and error out)
+#####################################################################
+
+[ -z "${arg_u}" ]     && help      "URL is required."
+[ -z "${LOG_LEVEL}" ] && emergency "Cannot continue without LOG_LEVEL."
+# tags/branch for modules 
+[ -z "${arg_t}" ]     && arg_t=master
+
+
+### Runtime
+#####################################################################
+
+# Exit on error. Append ||true if you expect an error.
+# set -e is safer than #!/bin/bash -e because that is neutralised if
+# someone runs your script like `bash yourscript`
+set -o errexit
+set -o nounset
+
+# Bash will remember & return the highest exitcode in a chain of pipes.
+# This way you can catch the error in case mysqldump fails in `mysqldump |gzip`
+set -o pipefail
+
+FOLDER=/data/domains/${arg_u}
+TLS_FOLDER=${FOLDER}/TLS
+
+[ ${arg_b} -eq 1 ] && buy_domain_name
+[ ! -z "${arg_a}" ] && application
+[ ${arg_i} -eq 1 ] && provision_dkim
+[ ${arg_c} -eq 1 ] && configure_dns
+[ ${arg_s} -eq 1 ] && start
+
+exit 0

utils/stop_before_migration

+#!/bin/bash -eux
+
+domain=$1
+ip=$2
+cd /data/domains/$domain
+./scripts/backup
+
+systemctl stop u@$domain
+systemctl disable u@$domain
+
+tar cvzf /home/core/${domain}.tgz .

utils/test-domain.sh

+#!/bin/bash
+cd /data/domains
+my_ip=`curl http://ipv4.icanhazip.com/`
+echo "My IP is $my_ip"
+for domain in `ls .`; do
+  domain_ip=`host ${domain} | awk '/has address/ { print $4 }'`
+  if [[ "${domain_ip}" != "${my_ip}" ]]; then
+    echo "$domain has this IP: $domain_ip"
+  fi
+done