vmail-stack/bin/vmail-dkim-add.sh

64 lines
1.9 KiB
Bash
Raw Permalink Normal View History

2021-02-10 16:16:23 -08:00
#!/bin/bash
#
# vmail-stack
# https://git.stack-source.com/msb/vmail-stack
2022-08-22 13:34:20 -07:00
# Copyright (c) 2022 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
2021-02-10 16:16:23 -08:00
2021-04-02 12:02:50 -07:00
# load include file
source $(dirname $0)/vmail.sh
2021-02-10 16:16:23 -08:00
2021-10-15 15:17:29 -07:00
help()
{
thisfilename=$(basename -- "$0")
echo "$thisfilename"
2022-07-22 12:46:50 -07:00
echo "Add DKIM key for specified domain.."
2021-10-15 15:17:29 -07:00
echo ""
echo "usage: $thisfilename -d <domain> [-h]"
echo ""
echo " -h Print this help."
echo " -d Domain name to add DKIM to."
echo ""
echo " This will create a DKIM key that exim will start using immediately for"
echo " all outgoing messages for the specified domain. A DNS entry needs to"
echo " be created for the domain so that DKIM validation works. The DNS entry"
echo " to add is output on the command line and is stored in the file:"
echo " /etc/ssl/dkim/<domain>.dns"
exit
}
vmail:getoptions "$@"
# check for domain
if [[ -z $domain ]]; then
echo "domain name is required"
exit
2021-02-10 16:16:23 -08:00
fi
# check for existing dkim
2021-10-15 15:17:29 -07:00
if [ -f /etc/ssl/dkim/$domain.dkim ]; then
echo "dkim for $domain already exists"
2021-02-10 16:16:23 -08:00
exit 1
fi
cd /etc/ssl/dkim
2021-10-15 15:17:29 -07:00
date +%Y%m%d > $domain.selector
2023-02-16 09:27:01 -08:00
openssl genrsa -out $domain.pem 2048 2> /dev/null
openssl rsa -in $domain.pem -out $domain.pub -pubout 2> /dev/null
2021-10-15 15:17:29 -07:00
tail -n +2 $domain.pub |head -n -1|tr -d '\n' > $domain.dkim
2022-08-19 09:45:39 -07:00
echo `cat $domain.selector`._domainkey.$domain 3600 IN TXT \""k=rsa; p=`cat $domain.dkim`"\" > $domain.dns
2021-10-15 15:17:29 -07:00
chown Debian-exim:ssl-cert $domain.*
2021-02-10 16:16:23 -08:00
if [[ -f /usr/local/etc/pdns.conf ]]; then
2023-02-16 09:27:01 -08:00
dnsname=`cat /etc/ssl/dkim/$domain.selector`
dnsname="$dnsname._domainkey.$domain"
dnsrecord=`cat /etc/ssl/dkim/$domain.dkim`
dnsrecord="k=rsa; p=$dnsrecord"
echo pdns-rr-rep.sh -z $domain -n $dnsname -t TXT -r \'$dnsrecord\'
exit
else
echo Create this dns record:
echo
2023-02-16 09:27:01 -08:00
cat $domain.dns
fi