API tools faq
paste
Guest User

Untitled

a guest
Dec 30th, 2017
173
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.50 KB | None | 0 0
raw download clone embed print report
  1. # this tutorial provided without any guarantee!
  2. # only tested in ubuntu 16.04 64bit
  3.  
  4. --- 1st step ---
  5. open /usr/local/vesta/bin/v-add-email
  6. navigate to 'Action' and change to this
  7.  
  8. # Generating hashed password
  9. # salt=$(generate_password "$PW_MATRIX" "8")
  10. # md5="{md5}$($BIN/v-generate-password-hash md5 $salt <<<$password)"
  11. crammd5="$($BIN/v-generate-password-cram-md5 $password)"
  12.  
  13. # Adding account info into password file
  14. if [[ "$MAIL_SYSTEM" =~ exim ]]; then
  15. if [ "$quota" = 'unlimited' ]; then
  16. quota='0'
  17. fi
  18. str="$account:$crammd5:$user:mail::$HOMEDIR/$user:$quota"
  19. echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd
  20. fi
  21.  
  22. --- 2nd step ---
  23.  
  24. create new file /usr/local/vesta/bin/v-generate-password-cram-md5
  25. (important! make sure use same permission and group as others file)
  26.  
  27. edit v-generate-password-cram-md5
  28. -----------------------------------------------------------------
  29. #!/usr/local/vesta/php/bin/php
  30. <?php
  31. //# info: generate cram-md5
  32. //# options: PASSWORD
  33. //
  34. //# The function generates password hash
  35.  
  36. // Checking arguments
  37. if (empty($argv[1])) {
  38. echo "Error: not enought arguments\n";
  39. echo "Usage: " . $argv[0] ." PLAIN_PASSWORD \n";
  40. exit(1);
  41. }
  42.  
  43. $password = $argv[1];
  44.  
  45. $hash = rtrim(shell_exec(escapeshellcmd("/usr/bin/doveadm pw -s CRAM-MD5 -p $password")));
  46.  
  47. // Printing result
  48. echo $hash . "\n";
  49. -----------------------------------------------------------------
  50.  
  51.  
  52. --- 3th step ---
  53.  
  54. open /etc/dovecot/conf.d/10-auth.conf
  55. edit to this
  56. ----
  57. disable_plaintext_auth = yes
  58. auth_verbose = yes
  59. auth_mechanisms = cram-md5
  60. ----
  61.  
  62. --- 4th step ---
  63. open /etc/dovecot/conf.d/auth-passwdfile.conf.ext
  64. edit to this
  65. ----
  66. passdb {
  67. driver = passwd-file
  68. args = scheme=cram-md5 username_format=%n /etc/exim4/domains/%d/passwd
  69. }
  70. ----
  71.  
  72. --- 5th step ---
  73. open /etc/dovecot/conf.d/10-master.conf
  74. edit to this
  75. ----
  76. service imap-login {
  77. inet_listener imap {
  78. address = 127.0.0.1
  79. }
  80. inet_listener imaps {
  81. }
  82. }
  83.  
  84. service pop3-login {
  85. inet_listener pop3 {
  86. address = 127.0.0.1
  87. }
  88. inet_listener pop3s {
  89. }
  90. }
  91. ----
  92.  
  93. --- 6th step ---
  94. open /etc/exim4/exim4.conf.template
  95. find this section >
  96. ######################################################################
  97. # AUTHENTICATION CONFIGURATION #
  98. ######################################################################
  99. --
  100.  
  101. change the content to this
  102.  
  103. ######################################################################
  104. # AUTHENTICATION CONFIGURATION #
  105. ######################################################################
  106. begin authenticators
  107.  
  108. cram_md5:
  109. driver = cram_md5
  110. public_name = CRAM-MD5
  111. client_name = ${extract{1}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
  112. client_secret = ${extract{2}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
  113.  
  114. # this returns the matching line from passwd.client and doubles all ^
  115. PASSWDLINE=${sg{\
  116. ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}\
  117. }\
  118. {\\N[\\^]\\N}\
  119. {^^}\
  120. }
  121.  
  122. #dovecot_plain:
  123. # driver = dovecot
  124. # public_name = PLAIN
  125. # server_socket = /var/run/dovecot/auth-client
  126. # server_set_id = $auth1
  127.  
  128. #dovecot_login:
  129. # driver = dovecot
  130. # public_name = LOGIN
  131. # server_socket = /var/run/dovecot/auth-client
  132. # server_set_id = $auth1
  133.  
  134. -----------------------------------------
  135.  
  136. --- 7th step ---
  137. rm /usr/local/vesta/ssl/certificate.key
  138. rm /usr/local/vesta/ssl/certificate.crt
  139.  
  140. create new file /usr/local/vesta/bin/v-update-cert
  141. (important! make sure use same permission and group as others file)
  142.  
  143. edit v-update-cert
  144. -----------------------------------------------------------------
  145. #!/bin/bash
  146. # info: update web templates
  147. # options: [RESTART]
  148. #
  149. # The function to copy cert
  150. #----------------------------------------------------------#
  151. # Action #
  152. #----------------------------------------------------------#
  153.  
  154. cp -u /home/admin/conf/web/ssl.<youdomain>.<tld>.key /usr/local/vesta/ssl/certificate.key
  155. cp -u /home/admin/conf/web/ssl.<youdomain>.<tld>.pem /usr/local/vesta/ssl/certificate.crt
  156. chmod 660 /usr/local/vesta/ssl/certificate.key
  157. chmod 660 /usr/local/vesta/ssl/certificate.crt
  158. chown -R mail: /usr/local/vesta/ssl/certificate.key
  159. chown -R mail: /usr/local/vesta/ssl/certificate.crt
  160.  
  161. exit
  162. -----------------------------------------------------------------
  163. [Note]
  164. add this to cron job to ensure its always get latest cert
  165.  
  166.  
  167. --- 7th step ---
  168. in terminal
  169.  
  170. service exim4 restart
  171. service apache2 restart
  172. service dovecot restart
  173. service vesta restart
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!