2021-02-11 22:24:49 +08:00
|
|
|
#!/bin/bash
|
|
|
|
set -e
|
|
|
|
|
|
|
|
until dig +short mailcow.email @unbound > /dev/null; do
|
|
|
|
echo "Waiting for DNS..."
|
|
|
|
sleep 1
|
|
|
|
done
|
|
|
|
|
|
|
|
until nc phpfpm 9001 -z; do
|
|
|
|
echo "Waiting for PHP on port 9001..."
|
|
|
|
sleep 3
|
|
|
|
done
|
|
|
|
|
|
|
|
until nc phpfpm 9002 -z; do
|
|
|
|
echo "Waiting for PHP on port 9002..."
|
|
|
|
sleep 3
|
|
|
|
done
|
|
|
|
|
|
|
|
# Wait for MySQL to warm-up
|
|
|
|
while ! mysqladmin status --socket=/var/run/mysqld/mysqld.sock -u${DBUSER} -p${DBPASS} --silent; do
|
|
|
|
echo "Waiting for database to come up..."
|
|
|
|
sleep 2
|
|
|
|
done
|
|
|
|
|
|
|
|
# We dont want to give global write access to ejabberd in this directory
|
|
|
|
chown -R root:root /var/www/authentication
|
|
|
|
|
|
|
|
[ ! -f /sqlite/sqlite.db ] && cp /sqlite/sqlite_template.db /sqlite/sqlite.db
|
|
|
|
|
2021-02-12 04:09:46 +08:00
|
|
|
[ ! -d /ejabberd_ssl ] && mkdir /ejabberd_ssl
|
|
|
|
cp /ssl/cert.pem /ejabberd_ssl/cert.pem
|
|
|
|
cp /ssl/key.pem /ejabberd_ssl/key.pem
|
|
|
|
|
2021-02-11 22:24:49 +08:00
|
|
|
# Write access to upload directory and log file for authenticator
|
|
|
|
touch /var/www/authentication/auth.log
|
|
|
|
chown -R ejabberd:ejabberd /var/www/upload \
|
|
|
|
/var/www/authentication/auth.log \
|
2021-02-12 04:09:46 +08:00
|
|
|
/sqlite \
|
|
|
|
/ejabberd_ssl
|
2021-02-11 22:24:49 +08:00
|
|
|
|
|
|
|
# ACL file for vhosts, hosts file for vhosts
|
|
|
|
touch /ejabberd/ejabberd_acl.yml \
|
|
|
|
/ejabberd/ejabberd_hosts.yml \
|
|
|
|
/ejabberd/ejabberd_macros.yml
|
|
|
|
chmod 644 /ejabberd/ejabberd_acl.yml \
|
|
|
|
/ejabberd/ejabberd_hosts.yml \
|
|
|
|
/ejabberd/ejabberd_macros.yml
|
|
|
|
chown 82:82 /ejabberd/ejabberd_acl.yml \
|
|
|
|
/ejabberd/ejabberd_hosts.yml
|
|
|
|
|
|
|
|
cat <<EOF > /ejabberd/ejabberd_api.yml
|
|
|
|
# Autogenerated by mailcow
|
|
|
|
api_permissions:
|
|
|
|
"Reload by mailcow":
|
|
|
|
who:
|
|
|
|
- ip: "${IPV4_NETWORK}.0/24"
|
|
|
|
what:
|
|
|
|
- "reload_config"
|
|
|
|
- "restart"
|
|
|
|
- "list_certificates"
|
|
|
|
- "list_cluster"
|
|
|
|
- "join_cluster"
|
|
|
|
- "leave_cluster"
|
|
|
|
- "backup"
|
|
|
|
- "status"
|
|
|
|
- "stats"
|
|
|
|
- "muc_online_rooms"
|
|
|
|
EOF
|
|
|
|
|
|
|
|
cat <<EOF > /ejabberd/ejabberd_macros.yml
|
|
|
|
# Autogenerated by mailcow
|
|
|
|
define_macro:
|
|
|
|
'MAILCOW_HOSTNAME': "${MAILCOW_HOSTNAME}"
|
2021-02-13 02:26:49 +08:00
|
|
|
'EJABBERD_HTTPS': ${XMPP_HTTPS_PORT}
|
2021-02-11 22:24:49 +08:00
|
|
|
EOF
|
|
|
|
|
|
|
|
# Set open_basedir
|
|
|
|
sed -i 's/;open_basedir =/open_basedir = \/var\/www\/authentication/g' /etc/php7/php.ini
|
|
|
|
|
|
|
|
sed -i "s/__DBUSER__/${DBUSER}/g" /var/www/authentication/vendor/leesherwood/ejabberd-php-auth/src/CommandExecutors/mailcowCommandExecutor.php
|
|
|
|
sed -i "s/__DBPASS__/${DBPASS}/g" /var/www/authentication/vendor/leesherwood/ejabberd-php-auth/src/CommandExecutors/mailcowCommandExecutor.php
|
|
|
|
sed -i "s/__DBNAME__/${DBNAME}/g" /var/www/authentication/vendor/leesherwood/ejabberd-php-auth/src/CommandExecutors/mailcowCommandExecutor.php
|
|
|
|
|
|
|
|
# Run hooks
|
|
|
|
for file in /hooks/*; do
|
|
|
|
if [ -x "${file}" ]; then
|
|
|
|
echo "Running hook ${file}"
|
|
|
|
"${file}"
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
|
|
|
alias ejabberdctl="su-exec ejabberd /home/ejabberd/bin/ejabberdctl --node ejabberd@${MAILCOW_HOSTNAME}"
|
|
|
|
|
2021-02-12 03:46:13 +08:00
|
|
|
if [[ -z "$(mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} -B -e 'SELECT domain FROM domain WHERE xmpp = 1')" ]]; then
|
|
|
|
echo "No XMPP host configured, sleeping the sleep of the righteous, waiting for someone to wake me up..."
|
|
|
|
exec su-exec ejabberd tini -g -- sleep 365d
|
|
|
|
fi
|
|
|
|
|
2021-02-11 22:24:49 +08:00
|
|
|
exec su-exec ejabberd tini -g -- /home/ejabberd/bin/ejabberdctl --node ejabberd@${MAILCOW_HOSTNAME} foreground
|