pavel.muhortov/zimbra-management
1
0
Fork 0
generated from pavel.muhortov/template-bash
Code Issues Pull Requests Projects Releases Wiki Activity
master
zimbra-management/zimbra-man.sh

303 lines
7.6 KiB
Bash
Raw Permalink Blame History

#!/usr/bin/env bash
# DESCRIPTION:
# print length of all zimbra queues
# or
# print number of stopped services
# or
# letsencrypt update certificate procedure
#
# DEPENDENCIES:
# - privileged rights
# - zimbra zmcontrol, zmqstat, zmcertmgr
# - cerbot
# - cert-info.sh
# - Python 3
# - sendmail.py
#
# PARAMETERS:
# 1: "qn" - execution without pauses
# 2: "que" - print length of all zimbra queues
# 2: "svc" - print number of stopped services
# 2: "ssl" - letsencrypt certificate update procedure
# 3: custom configuration file path
#
# FUNCTIONS:
#
#######################################
# Print message and add to log.
# Globals:
# logs
# Arguments:
# 1: message to print and logging
#######################################
addtologs() {
printf "%s\n" "$(date +'%Y.%m.%d-%H:%M:%S') ${1}" | tee -a "${logs}"
}
#######################################
# Waiting for press [ENTER].
# Globals:
# None
# Arguments:
# None
#######################################
execpause() {
read -r -p "Press [ENTER] to continue... "
}
#######################################
# Exit procedure.
# Globals:
# show
# time
# Arguments:
# 1: exit code
#######################################
execquite() {
addtologs "execution time is $(( $(date +%s)-time )) seconds, exit"
if [ "${show}" != "qn" ]; then
execpause
fi
exit "${1}"
}
#######################################
# Error exit procedure
# Globals:
# None
# Arguments:
# 1: message to print and logging
#######################################
execerror() {
addtologs "error: $1"
execquite 1
}
#######################################
# Parsing config file and creating global vars.
# Globals:
# conf
# Arguments:
# None
#######################################
getconfig() {
logs=$(grep "logs=" "${conf}" | cut -d= -f2)
python3=$(grep "python3=" "${conf}" | cut -d= -f2)
sendemail=$(grep "sendemail=" "${conf}" | cut -d= -f2)
confemail=$(grep "confemail=" "${conf}" | cut -d= -f2)
certcheck=$(grep "certcheck=" "${conf}" | cut -d= -f2)
certemail=$(grep "certemail=" "${conf}" | cut -d= -f2)
certfirst=$(grep "certfirst=" "${conf}" | cut -d= -f2)
IFS=" " read -r -a certalias <<< \
"$(grep "certalias=" "${conf}" | cut -d= -f2)"
}
#######################################
# Checking user rights.
# Globals:
# None
# Arguments:
# None
# return:
# 0 - if privileged rights, 1 - if not privileged rights
#######################################
checkroot() {
if [ "${EUID}" -ne 0 ]; then
return 1 # false
else
return 0 # true
fi
}
#######################################
# Counting zimbra queues.
# Globals:
# None
# Arguments:
# None
# return:
# length of all queues
#######################################
calcqueue(){
object=0
while read -r QUE; do
object=$(( object + $(printf "%s" "${QUE}" | cut -d= -f2) ))
done <<< "$(/opt/zimbra/libexec/zmqstat)"
printf "%s\n" "${object}"
return "${object}"
}
#######################################
# Counting zimbra stopped services.
# Globals:
# None
# Arguments:
# None
# return:
# number of stopped services
#######################################
isrunning(){
counter=0
while read -r service; do
if ! grep -q "$(cat /etc/hostname)" <<< "${service}"; then
if grep -q "Stopped" <<< "${service}"; then
(( counter++ ))
fi
fi
done <<< "$(su - zimbra -c '/opt/zimbra/bin/zmcontrol status')"
printf "%s\n" "${counter}"
return "${counter}"
}
#######################################
# Renew and deploy certificate
# Globals:
# certfirst
# certalias
# certemail
# Arguments:
# None
#######################################
certrenew() {
# letsencrypt request
su - zimbra -c "/opt/zimbra/bin/zmcontrol stop"
certarray="-d ${certfirst}"
if [ ${#certalias[@]} -ne 0 ]; then
for domain in "${certalias[@]}"; do
certarray+=" -d ${domain}"
done
fi
certbot certonly --standalone --email "${certemail}" \
--key-type rsa --rsa-key-size 2048 \
--preferred-chain "ISRG Root X1" ${certarray}
wget -O - https://letsencrypt.org/certs/isrgrootx1.pem.txt \
--no-check-certificate >> "/etc/letsencrypt/live/${certfirst}/chain.pem"
su - zimbra -c "/opt/zimbra/bin/zmcontrol start"
# zimbra cert deploy
cp "/etc/letsencrypt/live/${certfirst}/privkey.pem" \
/opt/zimbra/ssl/zimbra/commercial/commercial.key
cp "/etc/letsencrypt/live/${certfirst}/chain.pem" \
/opt/zimbra/ssl/zimbra/commercial/chain.pem
cp "/etc/letsencrypt/live/${certfirst}/cert.pem" \
/opt/zimbra/ssl/zimbra/commercial/cert.pem
chown -R zimbra:zimbra /opt/zimbra/ssl/zimbra/commercial/
su - zimbra -c "/opt/zimbra/bin/zmcertmgr verifycrt comm \
/opt/zimbra/ssl/zimbra/commercial/commercial.key \
/opt/zimbra/ssl/zimbra/commercial/cert.pem \
/opt/zimbra/ssl/zimbra/commercial/chain.pem"
su - zimbra -c "/opt/zimbra/bin/zmcertmgr deploycrt comm \
/opt/zimbra/ssl/zimbra/commercial/cert.pem \
/opt/zimbra/ssl/zimbra/commercial/chain.pem"
su - zimbra -c "/opt/zimbra/bin/zmcontrol restart"
}
#######################################
# Send email information about deployed certificate
# Globals:
# python3
# sendemail
# confemail
# certfirst
# Arguments:
# None
#######################################
startsendmail() {
subj="[SSL Status] $(cat /etc/hostname): certificates renewed"
(
"${python3}" "${sendemail}" \
-u "$(grep "from=" "${confemail}" | cut -d= -f2)" \
-p "$(grep "pass=" "${confemail}" | cut -d= -f2)" \
-d "$(grep "dest=" "${confemail}" | cut -d= -f2)" \
--smtp "$(grep "smtp=" "${confemail}" | cut -d= -f2)" \
--port "$(grep "port=" "${confemail}" | cut -d= -f2)" \
--stls "True" \
--subj "${subj}" \
--text "$("${certcheck}" "/opt/zimbra/ssl/zimbra/commercial/cert.pem")" \
>> /dev/null 2>&1 &
)
addtologs "sent mail with subject '${subj}'"
}
#
# VARIABLES:
#
show=$1
does=$2
conf=$3
if [ -z "${conf}" ] || [ "${conf}" == "-" ]; then
conf="$(dirname "$(realpath "$0")")/$(basename -s .sh "$0").conf"
fi
time=$(date +%s)
cd "$(dirname "$(realpath "$0")")" || execerror
if [ ! -e "${conf}" ]; then
:
else
getconfig
fi
if [ -z "${logs}" ]; then
logs=/dev/null
elif [ ! -e "${logs}" ]; then
touch "${logs}"
fi
if ! command -v certbot &> /dev/null || \
! command -v /opt/zimbra/bin/zmcontrol &> /dev/null || \
! command -v /opt/zimbra/bin/zmcertmgr &> /dev/null || \
! command -v /opt/zimbra/libexec/zmqstat &> /dev/null || \
! command -v "${sendemail}" &> /dev/null || \
! command -v "${certcheck}" &> /dev/null || \
! command -v "${python3}" &> /dev/null; then
execerror "Not found dependencies"
fi
#
# MAIN:
#
if checkroot; then
if [ "${does}" = "ssl" ]; then
expired=$("${certcheck}" "/opt/zimbra/ssl/zimbra/commercial/cert.pem" -e)
humaned=$(date -d "1970-01-01 UTC ${expired} seconds" +"%Y.%m.%d %T")
targets=$(( expired - 2592000 ))
if [[ "${time}" -le "${targets}" ]]; then
addtologs "${certfirst} expired ${humaned}"
addtologs "${certfirst} certificates renew delayed"
else
certrenew && addtologs "${certfirst} certificates renewed"
startsendmail
fi
elif [ "${does}" = "que" ]; then
result=$(calcqueue)
addtologs "Zimbra queue has ${result} objects" > /dev/null
printf "%s\n" "${result}"
execquite 0 > /dev/null
elif [ "${does}" = "svc" ]; then
result=$(isrunning)
addtologs "Zimbra has ${result} stopped services" > /dev/null
printf "%s\n" "${result}"
execquite 0 > /dev/null
else
printf "%s\n" "Usage example: $0 qn ssl"
printf "%s\n" "Usage example: $0 - que"
fi
execquite 0
else
execerror "Restart this as root!"
fi
Reference in New Issue View Git Blame Copy Permalink