Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # this tutorial provided without any guarantee!
- # only tested in ubuntu 16.04 64bit
- --- 1st step ---
- open /usr/local/vesta/bin/v-add-email
- navigate to 'Action' and change to this
- # Generating hashed password
- # salt=$(generate_password "$PW_MATRIX" "8")
- # md5="{md5}$($BIN/v-generate-password-hash md5 $salt <<<$password)"
- crammd5="$($BIN/v-generate-password-cram-md5 $password)"
- # Adding account info into password file
- if [[ "$MAIL_SYSTEM" =~ exim ]]; then
- if [ "$quota" = 'unlimited' ]; then
- quota='0'
- fi
- str="$account:$crammd5:$user:mail::$HOMEDIR/$user:$quota"
- echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd
- fi
- --- 2nd step ---
- create new file /usr/local/vesta/bin/v-generate-password-cram-md5
- (important! make sure use same permission and group as others file)
- edit v-generate-password-cram-md5
- -----------------------------------------------------------------
- #!/usr/local/vesta/php/bin/php
- <?php
- //# info: generate cram-md5
- //# options: PASSWORD
- //
- //# The function generates password hash
- // Checking arguments
- if (empty($argv[1])) {
- echo "Error: not enought arguments\n";
- echo "Usage: " . $argv[0] ." PLAIN_PASSWORD \n";
- exit(1);
- }
- $password = $argv[1];
- $hash = rtrim(shell_exec(escapeshellcmd("/usr/bin/doveadm pw -s CRAM-MD5 -p $password")));
- // Printing result
- echo $hash . "\n";
- -----------------------------------------------------------------
- --- 3th step ---
- open /etc/dovecot/conf.d/10-auth.conf
- edit to this
- ----
- disable_plaintext_auth = yes
- auth_verbose = yes
- auth_mechanisms = cram-md5
- ----
- --- 4th step ---
- open /etc/dovecot/conf.d/auth-passwdfile.conf.ext
- edit to this
- ----
- passdb {
- driver = passwd-file
- args = scheme=cram-md5 username_format=%n /etc/exim4/domains/%d/passwd
- }
- ----
- --- 5th step ---
- open /etc/dovecot/conf.d/10-master.conf
- edit to this
- ----
- service imap-login {
- inet_listener imap {
- address = 127.0.0.1
- }
- inet_listener imaps {
- }
- }
- service pop3-login {
- inet_listener pop3 {
- address = 127.0.0.1
- }
- inet_listener pop3s {
- }
- }
- ----
- --- 6th step ---
- open /etc/exim4/exim4.conf.template
- find this section >
- ######################################################################
- # AUTHENTICATION CONFIGURATION #
- ######################################################################
- --
- change the content to this
- ######################################################################
- # AUTHENTICATION CONFIGURATION #
- ######################################################################
- begin authenticators
- cram_md5:
- driver = cram_md5
- public_name = CRAM-MD5
- client_name = ${extract{1}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
- client_secret = ${extract{2}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
- # this returns the matching line from passwd.client and doubles all ^
- PASSWDLINE=${sg{\
- ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}\
- }\
- {\\N[\\^]\\N}\
- {^^}\
- }
- #dovecot_plain:
- # driver = dovecot
- # public_name = PLAIN
- # server_socket = /var/run/dovecot/auth-client
- # server_set_id = $auth1
- #dovecot_login:
- # driver = dovecot
- # public_name = LOGIN
- # server_socket = /var/run/dovecot/auth-client
- # server_set_id = $auth1
- -----------------------------------------
- --- 7th step ---
- rm /usr/local/vesta/ssl/certificate.key
- rm /usr/local/vesta/ssl/certificate.crt
- create new file /usr/local/vesta/bin/v-update-cert
- (important! make sure use same permission and group as others file)
- edit v-update-cert
- -----------------------------------------------------------------
- #!/bin/bash
- # info: update web templates
- # options: [RESTART]
- #
- # The function to copy cert
- #----------------------------------------------------------#
- # Action #
- #----------------------------------------------------------#
- cp -u /home/admin/conf/web/ssl.<youdomain>.<tld>.key /usr/local/vesta/ssl/certificate.key
- cp -u /home/admin/conf/web/ssl.<youdomain>.<tld>.pem /usr/local/vesta/ssl/certificate.crt
- chmod 660 /usr/local/vesta/ssl/certificate.key
- chmod 660 /usr/local/vesta/ssl/certificate.crt
- chown -R mail: /usr/local/vesta/ssl/certificate.key
- chown -R mail: /usr/local/vesta/ssl/certificate.crt
- exit
- -----------------------------------------------------------------
- [Note]
- add this to cron job to ensure its always get latest cert
- --- 7th step ---
- in terminal
- service exim4 restart
- service apache2 restart
- service dovecot restart
- service vesta restart
Add Comment
Please, Sign In to add comment