Templating dovecot+Postifx + Bugfix

.gitattributes

@@ -394,6 +394,7 @@ debian/po/fr.po -text
 debian/po/templates.pot -text
 debian/rules -text
 debian/templates -text
+etc/alternc/alternc-sudoers -text
 etc/alternc/alternc.ini -text
 etc/alternc/apache2-ssl.conf -text
 etc/alternc/apache2.conf -text
@@ -416,6 +417,7 @@ etc/alternc/templates/bind/templates/named.template -text
 etc/alternc/templates/bind/templates/slave.template -text
 etc/alternc/templates/bind/templates/zone.template -text
 etc/alternc/templates/default/saslauthd -text
+etc/alternc/templates/dovecot/dovecot-dict-quota.conf -text
 etc/alternc/templates/dovecot/dovecot-sql.conf -text
 etc/alternc/templates/dovecot/dovecot.conf -text
 etc/alternc/templates/postfix/ca.der -text

debian/alternc.dirs

@@ -8,6 +8,7 @@ etc/cron.d
 etc/phpmyadmin
 etc/postfix
 etc/squirrelmail
+/etc/sudoers.d
 usr/bin
 usr/lib/alternc
 usr/sbin

debian/alternc.postinst

@@ -225,6 +225,15 @@ EOF
     # Update l18n files
     /usr/share/alternc/install/dopo.sh
 		
+		#sudo stuff allowing alterncpanel to use quota
+		if [ -d /etc/sudoers.d ]; then
+			cp /etc/alternc/alternc-sudoers /etc/sudoers.d/alternc-sudoers
+			chmod 0440 /etc/sudoers.d/alternc-sudoers
+		else
+			echo "running an older version of sudo"
+			echo "copy content of /usr/share/doc/aegir-provision/examples/example.sudoers into /etc/sudoers for aegir to run properly"
+	  fi
+
     # important: postinst gele sans ca
     db_stop
 

debian/alternc.preinst

@@ -5,10 +5,13 @@ set -e
 . /usr/share/debconf/confmodule
 
 # Create AlternC Panel user for web server
+if ! getent group alterncpanel ; then
 	addgroup --system --gid 1999 alterncpanel
+fi
+if ! getent passwd alterncpanel ; then
 adduser --system --home "/etc/alternc/.alterncpanel" \
   --disabled-password --uid 1999 --ingroup alterncpanel alterncpanel
-
+fi
 case "$1" in
   install)
     ;;

debian/changelog

@@ -1,3 +1,12 @@
+alternc (1.1+nmu2) stable; urgency=low
+
+  * Templating of dovecot and postfix
+	adding a view for dovecot usage (dovecot_view)
+	adding of user vmail dedicated to the mail system
+  * Bugfixes
+
+ -- root <root@debian-prime.in.nnx.com>  Sat, 03 Mar 2012 13:09:06 +0100
+
 alternc (1.1+nmu1) stable; urgency=low
 
   * Dev in progres.

debian/control

@@ -10,7 +10,7 @@ Standards-Version: 3.9.1
 Package: alternc
 Architecture: all
 Pre-depends: debconf (>= 0.5.00) | debconf-2.0
-Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, squirrelmail, squirrelmail-locales, bind9, wget, rsync, quota, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, fam | gamin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), adduser, mysql-client, dnsutils, bash, acl, dovecot-common (>= 1:1.2.15), dovecot-imapd, dovecot-pop3d
+Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, squirrelmail, squirrelmail-locales, bind9, wget, rsync, quota, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, fam | gamin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), sudo, adduser, mysql-client, dnsutils, bash, acl, dovecot-common (>= 1:1.2.15), dovecot-imapd, dovecot-pop3d
 Recommends: mysql-server, dovecot-managesieved, dovecot-sieve, dovecot-mysql
 Conflicts: alternc-admintools, alternc-awstats (< 1.0), alternc-webalizer (<= 0.9.4), alternc-mailman (< 2.0), courier-authdaemon
 Provides: alternc-admintools

etc/alternc/alternc-sudoers

@@ -0,0 +1 @@
+alterncpanel	ALL = NOPASSWD : /usr/bin/quota, /usr/sbin/setquota

etc/alternc/templates/dovecot/dovecot-dict-quota.conf

@@ -0,0 +1,42 @@
+
+connect host=%%dbhost%% dbname=%%dbname%% user=%%dbuser%% password=%%dbpwd%%
+#connect = host=localhost dbname=mails user=testuser password=pass
+
+# CREATE TABLE quota (
+#   username varchar(100) not null,
+#   bytes bigint not null default 0,
+#   messages integer not null default 0,
+#   primary key (username)
+# );
+
+map {
+  pattern = priv/quota/storage
+  table = dovecot_view
+  username_field = user
+  value_field = quota_dovecot 
+}
+map {
+ pattern = priv/quota/messages
+ table = dovecot_view
+ username_field = user
+ value_field = nb_messages
+}
+
+# CREATE TABLE expires (
+#   username varchar(100) not null,
+#   mailbox varchar(255) not null,
+#   expire_stamp integer not null,
+#   primary key (username, mailbox)
+# );
+
+#map {
+ # pattern = shared/expire/$user/$mailbox
+ # table = expires
+ # value_field = expire_stamp
+
+ # fields {
+ #   username = $user
+ #   mailbox = $mailbox
+ # }
+#}
+

etc/alternc/templates/dovecot/dovecot-sql.conf

@@ -116,16 +116,11 @@ default_pass_scheme = MD5
 #   user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u'
 #   user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u'
 #
-user_query = \
-  SELECT concat(concat(%%ALTERNC_LOC%%, '/'), mailbox.path) AS home, domaines.compte AS uid, domaines.compte AS gid \
-  FROM mailbox JOIN address ON address.id = mailbox.address_id JOIN domaines on domaines.id = address.domain_id WHERE '%u' IN (address.address, replace(address.address, '@', '_'))
+query = SELECT mailbox.path AS home, domaines.compte AS uid, domaines.compte AS gid FROM mailbox JOIN address ON address.id = mailbox.address_id JOIN domaines on domaines.id = address.domain_id WHERE address.address = '%n'
 
 # If you wish to avoid two SQL lookups (passdb + userdb), you can use
 # userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
 # also have to return userdb fields in password_query prefixed with "userdb_"
 # string. For example:
-password_query = \
-  SELECT '%u' AS user, address.password, \
-    concat(concat(%%ALTERNC_LOC%%, '/'), mailbox.path) AS userdb_home, domaines.compte AS userdb_uid, domaines.compte AS userdb_gid \
-  FROM mailbox JOIN address ON address.id = mailbox.address_id JOIN domaines on domaines.id = address.domain_id WHERE '%u' IN (address.address, replace(address.address, '@', '_'))
+password_query = SELECT user, password, userdb_home, userdb_uid, userdb_gid,userdb_quota_rule FROM dovecot_view where user= '%u'; 
 

etc/alternc/templates/dovecot/dovecot.conf

@@ -50,7 +50,7 @@ protocols = imap imaps pop3 pop3s managesieve
 # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
 # matches the local IP (ie. you're connecting from the same computer), the
 # connection is considered secure and plaintext authentication is allowed.
-disable_plaintext_auth = no
+disable_plaintext_auth = yes
 
 # Should all IMAP and POP3 processes be killed when Dovecot master process
 # shuts down. Setting this to "no" means that Dovecot can be upgraded without
@@ -92,15 +92,15 @@ log_timestamp = "%Y-%m-%d %H:%M:%S "
 #ssl_listen =
 
 # SSL/TLS support: yes, no, required. </usr/share/doc/dovecot-common/wiki/SSL.txt>
-#ssl = yes
+ssl = required
 
 # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
 # dropping root privileges, so keep the key file unreadable by anyone but
 # root.
-#ssl_cert_file = /etc/ssl/certs/dovecot.pem
-ssl_cert_file = /etc/alternc/apache.pem
-#ssl_key_file = /etc/ssl/private/dovecot.pem
-ssl_key_file = /etc/alternc/apache.pem
+ssl_cert_file = /etc/ssl/certs/dovecot.pem
+#ssl_cert_file = /etc/alternc/apache.pem
+ssl_key_file = /etc/ssl/private/dovecot.pem
+#ssl_key_file = /etc/alternc/apache.pem
 
 # If key file is password protected, give the password here. Alternatively
 # give it when starting dovecot with -p parameter. Since this file is often
@@ -246,15 +246,15 @@ mail_location = maildir:~/Maildir
 # explicitly, ie. mail_location does nothing unless you have a namespace
 # without a location setting. Default namespace is simply done by having a
 # namespace with empty prefix.
-namespace private {
+#namespace private {
    # Hierarchy separator to use. You should use the same separator for all
    # namespaces or some clients get confused. '/' is usually a good one.
    # The default however depends on the underlying mail storage format.
-   separator = . 
+   # separator = . 
 
    # Prefix required to access this namespace. This needs to be different for
    # all namespaces. For example "Public/".
-   prefix = INBOX.
+   # prefix = INBOX.
 
    # Physical location of the mailbox. This is in same format as
    # mail_location, which is also the default for it.
@@ -262,7 +262,7 @@ namespace private {
 
    # There can be only one INBOX, and this setting defines which namespace
    # has it.
-   inbox = yes
+   #inbox = yes
 
    # If namespace is hidden, it's not advertised to clients via NAMESPACE
    # extension. You'll most likely also want to set list=no. This is mostly
@@ -279,7 +279,7 @@ namespace private {
    # Namespace handles its own subscriptions. If set to "no", the parent
    # namespace handles them (empty prefix should always have this as "yes")
    #subscriptions = yes
-}
+#}
 
 # Example shared namespace configuration
 #namespace shared {
@@ -384,8 +384,8 @@ mail_privileged_group = mail
 # to make sure that users can't log in as daemons or other system users.
 # Note that denying root logins is hardcoded to dovecot binary and can't
 # be done even if first_valid_uid is set to 0.
-first_valid_uid = 33
-last_valid_uid = 33
+first_valid_uid = 2000
+last_valid_uid = 65000
 
 # Valid GID range for users, defaults to non-root/wheel. Users having
 # non-valid GID as primary group ID aren't allowed to log in. If user
@@ -579,6 +579,7 @@ protocol imap {
   # Support for dynamically loadable plugins. mail_plugins is a space separated
   # list of plugins to load.
   #mail_plugins = 
+  mail_plugins = quota imap_quota 
   #mail_plugin_dir = /usr/lib/dovecot/modules/imap
 
   # IMAP logout format string:
@@ -698,6 +699,7 @@ protocol pop3 {
   # Support for dynamically loadable plugins. mail_plugins is a space separated
   # list of plugins to load.
   #mail_plugins = 
+  mail_plugins = quota 
   #mail_plugin_dir = /usr/lib/dovecot/modules/pop3
 
   # Workarounds for various client bugs:
@@ -721,7 +723,7 @@ protocol managesieve {
 
   # ManageSieve executable location. See IMAP's mail_executable above for
   # examples how this could be changed.
-  #mail_executable = /usr/lib/dovecot/managesieve
+  mail_executable = /usr/lib/dovecot/managesieve
 
   # Maximum ManageSieve command line length in bytes. This setting is
   # directly borrowed from IMAP. But, since long command lines are very
@@ -761,8 +763,8 @@ protocol lda {
 
   # Support for dynamically loadable plugins. mail_plugins is a space separated
   # list of plugins to load.
-  mail_plugins = sieve
-  mail_plugin_dir = /usr/lib/dovecot/modules/lda
+  mail_plugins = quota sieve
+  #mail_plugin_dir = /usr/lib/dovecot/modules/lda
 
   # If user is over quota, return with temporary failure instead of
   # bouncing the mail.
@@ -776,7 +778,7 @@ protocol lda {
   #deliver_log_format = msgid=%m: %$
 
   # Binary to use for sending mails.
-  sendmail_path = /usr/sbin/sendmail
+  #sendmail_path = /usr/sbin/sendmail
 
   # Subject: header to use for rejection mails. You can use the same variables
   # as for rejection_reason below.
@@ -795,7 +797,7 @@ protocol lda {
 ##
 
 # Executable location
-auth_executable = /usr/lib/dovecot/dovecot-auth
+#auth_executable = /usr/lib/dovecot/dovecot-auth
 
 # Set max. process size in megabytes.
 #auth_process_size = 256
@@ -892,7 +894,7 @@ auth default {
   #   plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey
   #   gss-spnego
   # NOTE: See also disable_plaintext_auth setting.
-  mechanisms = plain
+  mechanisms = plain login
 
   #
   # Password database is used to verify user's password (and nothing more).
@@ -1032,8 +1034,8 @@ auth default {
   # This can be made to work with SQL and LDAP databases, see their example
   # configuration files for more information how to do it.
   # </usr/share/doc/dovecot-common/wiki/UserDatabase.Prefetch.txt>
-  #userdb prefetch {
-  #}
+  userdb prefetch {
+  }
 
   # System users (NSS, /etc/passwd, or similiar). In many systems nowadays this
   # uses Name Service Switch, which is configured in /etc/nsswitch.conf.
@@ -1100,7 +1102,7 @@ auth default {
   # authentication with BSDs internally accesses shadow files, which also
   # requires roots. Note that this user is NOT used to access mails.
   # That user is specified by userdb above.
-  user = mail
+  user = vmail
 
   # Directory where to chroot the process. Most authentication backends don't
   # work if this is set, and there's no point chrooting if auth_user is root.
@@ -1127,7 +1129,7 @@ auth default {
       path = /var/run/dovecot/auth-master
       mode = 0666
       # Default user/group is the one who started dovecot-auth (root)
-      #user = 
+      user = vmail 
       #group = 
     }
     client {
@@ -1166,7 +1168,7 @@ auth default {
 # format "proxy::<name>".
 
 dict {
-  #quota = mysql:/etc/dovecot/dovecot-dict-quota.conf
+  quota = mysql:/etc/dovecot/dovecot-dict-quota.conf
   #expire = db:/var/lib/dovecot/expire.db
 }
 
@@ -1192,6 +1194,7 @@ plugin {
   # Quota limits are set using "quota_rule" parameters, either in here or in
   # userdb. It's also possible to give mailbox-specific limits, for example:
   #   quota_rule = *:storage=1048576
+     quota_rule = *:storage=100M
   #   quota_rule2 = Trash:storage=102400
   # User has now 1GB quota, but when saving to Trash mailbox the user gets
   # additional 100MB.
@@ -1209,8 +1212,11 @@ plugin {
   # exceeded limit is excecuted, so put the highest limit first.
   # Note that % needs to be escaped as %%, otherwise "% " expands to empty.
   #   quota_warning = storage=95%% /usr/local/bin/quota-warning.sh 95
+  #   quota_warning = storage=95%% /usr/local/bin/quota-warning.sh 95
   #   quota_warning2 = storage=80%% /usr/local/bin/quota-warning.sh 80
+     quota_warning = storage=80%% /usr/local/bin/quota-warning.sh 80
   #quota = maildir
+  quota = dict:user:proxy::quotadict
 
   # ACL plugin. vfile backend reads ACLs from "dovecot-acl" file from maildir
   # directory. You can also optionally give a global ACL directory path where

etc/alternc/templates/postfix/myalias.cf

@@ -6,5 +6,8 @@ user = %%dbuser%%
 password = %%dbpwd%%
 hosts =%%dbhost%%
 dbname = %%dbname%%
-query = select concat(if(isnull(mailbox.id), '', concat(address.address, '\n')), recipient.recipient) from recipient join address on address.id = recipient.address_id left outer join mailbox on mailbox.address_id = address.id where address.address='%s';
+query = select concat( if(isnull(mailbox.id), '', concat(concat(address.address,'@',domaines.domaine), '\n')), recipient.recipients ) from recipient join address on address.id = re
+cipient.address_id left outer join mailbox on mailbox.address_id = address.id join domaines on domaines.id = address.domain_id where concat(address.address,'@',domaines.domaine)='%
+s';
+ 
 

etc/alternc/templates/postfix/myvirtual.cf

@@ -6,5 +6,6 @@ user = %%dbuser%%
 password = %%dbpwd%%
 hosts =%%dbhost%%
 dbname = %%dbname%%
-select concat(path, '/Maildir/') from mailbox join address on address.id = mailbox.address_id where address.address='%s'
+query = select concat(path, '/Maildir/') from mailbox join address on address.id = mailbox.address_id join domaines on domaines.id = address.domain_id where concat(address.address,
+'@',domaines.domaine) ='%s';
 

install/mysql.sql

@@ -638,3 +638,23 @@ CREATE TABLE IF NOT EXISTS `cron` (
   PRIMARY KEY (`id`),
   KEY `uid` (`uid`)
 ) ENGINE=MyISAM  DEFAULT CHARSET=latin1;
+
+
+
+--
+-- Structure de la vue `dovecot-view`
+--
+
+CREATE VIEW `dovecot_view` AS
+SELECT concat(`address`.`address`,'@',`domaines`.`domaine`) AS `user`,
+concat('*:storage=',cast(`mailbox`.`quota` as char charset latin1),'M') AS `userdb_quota_rule`,
+`address`.`password` AS `password`,
+`mailbox`.`path` AS `userdb_home`,
+`domaines`.`compte` AS `userdb_uid`,
+`domaines`.`compte` AS `userdb_gid`,
+`mailbox`.`bytes` AS `quota_dovecot`,
+`mailbox`.`messages` AS `nb_messages` 
+from ((`mailbox`
+join `address` on((`address`.`id` = `mailbox`.`address_id`))) 
+join `domaines` on((`domaines`.`id` = `address`.`domain_id`)));
+