update

PhyreApps · Sep 19, 2024 · 4c5cd16 · 4c5cd16
1 parent 2992ad7
commit 4c5cd16
Show file tree

Hide file tree

Showing 2 changed files with 60 additions and 33 deletions.
diff --git a/web/Modules/Email/resources/views/server/postfix/main.cf b/web/Modules/Email/resources/views/server/postfix/main.cf
@@ -4,6 +4,20 @@
 # https://phyrepanel.com                                                  #
 #=========================================================================#
 
+# Setup
+myhostname = {{$hostName}}
+mydomain =  {{$domain}}
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+myorigin = $mydomain
+mydestination = $myhostname, localhost.$mydomain, localhost
+relayhost =
+mynetworks = 127.0.0.0/8 [::1]/128 [fe80::]/64
+mailbox_size_limit = 0
+recipient_delimiter = +
+inet_interfaces = all
+inet_protocols = ipv4
+
 # Global
 smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
 biff = no
@@ -14,54 +28,50 @@ message_size_limit = 0
 virtual_transport = dovecot
 
 # SMTP
-smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
-smtp_tls_CApath=/etc/ssl/certs
-smtp_tls_security_level=may
-smtp_tls_cert_file=/usr/local/phyre/email/docker/docker-data/acme-companion/certs/allsidepixels.com/fullchain.pem
-smtp_tls_key_file=/usr/local/phyre/email/docker/docker-data/acme-companion/certs/allsidepixels.com/privkey.pem
+@if(!empty($sslPaths))
+smtp_tls_cert_file = {{$sslPaths['certificateChain']}}
+smtp_tls_key_file = {{$sslPaths['privateKey']}}
+@endif
+
+smtp_tls_CApath = /etc/ssl/certs
+smtp_tls_security_level = may
+smtp_use_tls = yes
+smtp_tls_auth_only = yes
 smtp_sasl_type = dovecot
 smtp_sasl_path = private/auth
-smtp_use_tls = yes
-smtp_tls_security_level = may
-smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
+smtp_sasl_auth_enable = yes
 smtp_sasl_security_options = noanonymous
+smtp_sasl_local_domain = $myhostname
+smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
+smtp_sender_restrictions = permit_sasl_authenticated
+smtp_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination
+smtp_milters = inet:127.0.0.1:8891
 
 # SMTPD
-smtpd_tls_cert_file=/usr/local/phyre/email/docker/docker-data/acme-companion/certs/allsidepixels.com/fullchain.pem
-smtpd_tls_key_file=/usr/local/phyre/email/docker/docker-data/acme-companion/certs/allsidepixels.com/privkey.pem
-smtpd_tls_security_level=may
-smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
-smtpd_sasl_path = private/auth
-smtpd_sasl_type = dovecot
-smtpd_use_tls = yes
+@if(!empty($sslPaths))
+smtpd_tls_cert_file = {{$sslPaths['certificateChain']}}
+smtpd_tls_key_file = {{$sslPaths['privateKey']}}
+@endif
+
+smtpd_tls_CApath = /etc/ssl/certs
 smtpd_tls_security_level = may
+smtpd_use_tls = yes
 smtpd_tls_auth_only = yes
-smtpd_sender_restrictions = permit_sasl_authenticated
-smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
+smtpd_sasl_type = dovecot
+smtpd_sasl_path = private/auth
 smtpd_sasl_auth_enable = yes
 smtpd_sasl_security_options = noanonymous
 smtpd_sasl_local_domain = $myhostname
-
-
-# Setup
-myhostname = mail.allsidepixels.com
-mydomain = allsidepixels.com
-alias_maps = hash:/etc/aliases
-alias_database = hash:/etc/aliases
-myorigin = $mydomain
-mydestination = $myhostname, localhost.$mydomain, localhost
-relayhost =
-mynetworks = 127.0.0.0/8 [::1]/128 [fe80::]/64
-mailbox_size_limit = 0
-recipient_delimiter = +
-inet_interfaces = all
-inet_protocols = ipv4
+smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
+smtpd_sender_restrictions = permit_sasl_authenticated
+smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination
+smtpd_milters = inet:127.0.0.1:8891
 
 # DKIM
 milter_default_action = accept
 milter_protocol = 2
-smtpd_milters = inet:127.0.0.1:8891
 non_smtpd_milters = inet:127.0.0.1:8891
+non_smtp_milters = inet:127.0.0.1:8891
 
 # Virtual Domains
 virtual_mailbox_base = 0

diff --git a/web/app/Models/DomainSslCertificate.php b/web/app/Models/DomainSslCertificate.php
@@ -23,4 +23,21 @@ class DomainSslCertificate extends Model
         'renewed_date',
         'renewed_until_date',
     ];
+
+    public function getSSLFiles()
+    {
+        $findDomain = Domain::where('domain', $this->domain)->first();
+        if ($findDomain) {
+            $domainRoot = $findDomain->domain_root;
+            $certPath = $domainRoot . '/certs/' . $this->domain;
+
+            return [
+                'certificate' => $certPath . '/public/cert.pem',
+                'certificateChain' => $certPath . '/public/fullchain.pem',
+                'privateKey' => $certPath . '/private/key.private.pem',
+            ];
+        }
+
+        return null;
+    }
 }