Commits

Zhang Huangbin committed 7ee521f

Better support for installing iRedMail with remote MySQL server.

  • Participants
  • Parent commits 31625dc

Comments (0)

Files changed (9)

File iRedMail/ChangeLog

 iRedMail-0.8.6:
+    * Better support for installing iRedMail with remote MySQL server.
     * Enable 'innodb_file_per_table' in MySQL by default.
     * Enable Opportunistic TLS support in Postfix when sending mail to remote
       SMTP server (smtp_tls_security_level=may).

File iRedMail/conf/global

 # Usually it's 127.0.0.1, but not in FreeBSD Jail.
 export LOCAL_ADDRESS="${LOCAL_ADDRESS:=127.0.0.1}"
 
-# Hostname used in MySQL GRANT command.
+# Hostname or IP address used in MySQL GRANT command (allow remote access from
+# this hostname/IP).
 # Usually it's 'localhost', but not in FreeBSD Jail (use ${LOCAL_ADDRESS} or
 # hostname of Jail instead).
 if [ X"${LOCAL_ADDRESS}" == X'127.0.0.1' ]; then
-    export SQL_HOSTNAME='localhost'
+    # Pre-define MYSQL_GRANT_HOST while running iRedMail to use a remote MySQL
+    # server. For example:
+    # MYSQL_GRANT_HOST='192.168.1.2' bash iRedMail.sh
+    export MYSQL_GRANT_HOST="${MYSQL_GRANT_HOST:=localhost}"
 else
-    export SQL_HOSTNAME="${LOCAL_ADDRESS}"
+    export MYSQL_GRANT_HOST="${LOCAL_ADDRESS}"
 fi
 
 # LDAP server
-export LDAP_SERVER_HOST="${LOCAL_ADDRESS}"
-export LDAP_SERVER_PORT='389'
+export LDAP_SERVER_HOST="${LDAP_SERVER_HOST:=${LOCAL_ADDRESS}}"
+export LDAP_SERVER_PORT="${LDAP_SERVER_PORT:=389}"
 # MySQL server
-export MYSQL_SERVER="${LOCAL_ADDRESS}"
-export MYSQL_SERVER_PORT='3306'
-export MYSQL_ROOT_USER='root'
+export MYSQL_SERVER="${MYSQL_SERVER:=${LOCAL_ADDRESS}}"
+export MYSQL_SERVER_PORT="${MYSQL_SERVER_PORT:=3306}"
+export MYSQL_ROOT_USER="${MYSQL_ROOT_USER:=root}"
 # PGSQL server
-export PGSQL_SERVER="${LOCAL_ADDRESS}"
-export PGSQL_SERVER_PORT='5432'
+export PGSQL_SERVER="${PGSQL_SERVER:=${LOCAL_ADDRESS}}"
+export PGSQL_SERVER_PORT="${PGSQL_SERVER_PORT:=5432}"
 # Dovecot: POP3, IMAP, managesieve
 export IMAP_SERVER="${LOCAL_ADDRESS}"
 export MANAGESIEVE_BIND_HOST="${LOCAL_ADDRESS}"

File iRedMail/functions/amavisd.sh

 CREATE DATABASE ${AMAVISD_DB_NAME} DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
 
 -- Grant privileges
-GRANT SELECT,INSERT,UPDATE,DELETE ON ${AMAVISD_DB_NAME}.* TO "${AMAVISD_DB_USER}"@"${SQL_HOSTNAME}" IDENTIFIED BY '${AMAVISD_DB_PASSWD}';
+GRANT SELECT,INSERT,UPDATE,DELETE ON ${AMAVISD_DB_NAME}.* TO "${AMAVISD_DB_USER}"@"${MYSQL_GRANT_HOST}" IDENTIFIED BY '${AMAVISD_DB_PASSWD}';
 
 -- Import Amavisd SQL template
 USE ${AMAVISD_DB_NAME};

File iRedMail/functions/cluebringer.sh

 SOURCE ${DB_SAMPLE_FILE};
 
 -- Grant privileges.
-GRANT SELECT,INSERT,UPDATE,DELETE ON ${CLUEBRINGER_DB_NAME}.* TO "${CLUEBRINGER_DB_USER}"@"${SQL_HOSTNAME}" IDENTIFIED BY "${CLUEBRINGER_DB_PASSWD}";
+GRANT SELECT,INSERT,UPDATE,DELETE ON ${CLUEBRINGER_DB_NAME}.* TO "${CLUEBRINGER_DB_USER}"@"${MYSQL_GRANT_HOST}" IDENTIFIED BY "${CLUEBRINGER_DB_PASSWD}";
 FLUSH PRIVILEGES;
 USE ${CLUEBRINGER_DB_NAME};
 EOF
         if [ X"${BACKEND}" == X"OPENLDAP" -o X"${BACKEND}" == X"MYSQL" ]; then
             cat >> ${tmp_sql} <<EOF
 CREATE DATABASE ${CLUEBRINGER_DB_NAME};
-GRANT SELECT,INSERT,UPDATE,DELETE ON ${CLUEBRINGER_DB_NAME}.* TO "${CLUEBRINGER_DB_USER}"@"${SQL_HOSTNAME}" IDENTIFIED BY "${CLUEBRINGER_DB_PASSWD}";
+GRANT SELECT,INSERT,UPDATE,DELETE ON ${CLUEBRINGER_DB_NAME}.* TO "${CLUEBRINGER_DB_USER}"@"${MYSQL_GRANT_HOST}" IDENTIFIED BY "${CLUEBRINGER_DB_PASSWD}";
 USE ${CLUEBRINGER_DB_NAME};
 EOF
 
             policyd_sql_type='mysql'
             cat >> ${tmp_sql} <<EOF
 CREATE DATABASE ${CLUEBRINGER_DB_NAME};
-GRANT SELECT,INSERT,UPDATE,DELETE ON ${CLUEBRINGER_DB_NAME}.* TO "${CLUEBRINGER_DB_USER}"@"${SQL_HOSTNAME}" IDENTIFIED BY "${CLUEBRINGER_DB_PASSWD}";
+GRANT SELECT,INSERT,UPDATE,DELETE ON ${CLUEBRINGER_DB_NAME}.* TO "${CLUEBRINGER_DB_USER}"@"${MYSQL_GRANT_HOST}" IDENTIFIED BY "${CLUEBRINGER_DB_PASSWD}";
 USE ${CLUEBRINGER_DB_NAME};
 EOF
         elif [ X"${BACKEND}" == X"PGSQL" ]; then

File iRedMail/functions/dovecot2.sh

 # Import SQL template.
 USE ${IREDADMIN_DB_NAME};
 SOURCE ${SAMPLE_DIR}/dovecot/used_quota.mysql;
-GRANT SELECT,INSERT,UPDATE,DELETE ON ${IREDADMIN_DB_NAME}.* TO "${IREDADMIN_DB_USER}"@"${SQL_HOSTNAME}" IDENTIFIED BY "${IREDADMIN_DB_PASSWD}";
+GRANT SELECT,INSERT,UPDATE,DELETE ON ${IREDADMIN_DB_NAME}.* TO "${IREDADMIN_DB_USER}"@"${MYSQL_GRANT_HOST}" IDENTIFIED BY "${IREDADMIN_DB_PASSWD}";
 
 FLUSH PRIVILEGES;
 EOF
 # Import SQL template.
 USE ${IREDADMIN_DB_NAME};
 SOURCE ${SAMPLE_DIR}/dovecot/imap_share_folder.sql;
-GRANT SELECT,INSERT,UPDATE,DELETE ON ${IREDADMIN_DB_NAME}.* TO "${IREDADMIN_DB_USER}"@"${SQL_HOSTNAME}" IDENTIFIED BY "${IREDADMIN_DB_PASSWD}";
+GRANT SELECT,INSERT,UPDATE,DELETE ON ${IREDADMIN_DB_NAME}.* TO "${IREDADMIN_DB_USER}"@"${MYSQL_GRANT_HOST}" IDENTIFIED BY "${IREDADMIN_DB_PASSWD}";
 
 FLUSH PRIVILEGES;
 EOF

File iRedMail/functions/iredadmin.sh

 # Import SQL template.
 USE ${IREDADMIN_DB_NAME};
 SOURCE ${IREDADMIN_HTTPD_ROOT}/docs/samples/iredadmin.sql;
-GRANT SELECT,INSERT,UPDATE,DELETE ON ${IREDADMIN_DB_NAME}.* TO "${IREDADMIN_DB_USER}"@"${SQL_HOSTNAME}" IDENTIFIED BY "${IREDADMIN_DB_PASSWD}";
+GRANT SELECT,INSERT,UPDATE,DELETE ON ${IREDADMIN_DB_NAME}.* TO "${IREDADMIN_DB_USER}"@"${MYSQL_GRANT_HOST}" IDENTIFIED BY "${IREDADMIN_DB_PASSWD}";
 FLUSH PRIVILEGES;
 EOF
 

File iRedMail/functions/mysql.sh

     # Generate temporary file for MySQL client option --defaults-file.
     cat >> ${MYSQL_DEFAULTS_FILE_ROOT} <<EOF
 [client]
-host=${SQL_SERVER}
-port=${SQL_SERVER_PORT}
+host=${MYSQL_SERVER}
+port=${MYSQL_SERVER_PORT}
 user=${MYSQL_ROOT_USER}
 password=${MYSQL_ROOT_PASSWD}
 EOF
 
     if [ X"${LOCAL_ADDRESS}" == X'127.0.0.1' ]; then
-        ECHO_DEBUG "Setting password for MySQL admin (${MYSQL_ROOT_USER})."
-        mysqladmin --user=root password "${MYSQL_ROOT_PASSWD}"
+        # Try to access without password, set a password if it's empty.
+        mysql -u${MYSQL_ROOT_USER} -e "show databases" &>/dev/null
+        if [ X"$?" == X'0' ]; then
+            ECHO_DEBUG "Setting password for MySQL admin (${MYSQL_ROOT_USER})."
+            mysqladmin --user=root password "${MYSQL_ROOT_PASSWD}"
+        fi
     else
         ECHO_DEBUG "Grant access privilege to ${MYSQL_ROOT_USER}@${LOCAL_ADDRESS} ..."
         mysql -u${MYSQL_ROOT_USER} <<EOF
 -- Set root password
 USE mysql;
 UPDATE user SET Password = PASSWORD('${MYSQL_ROOT_PASSWD}') WHERE User = 'root';
--- Allow access from SQL_HOSTNAME with password
-GRANT ALL PRIVILEGES ON *.* TO '${MYSQL_ROOT_USER}'@'${SQL_HOSTNAME}' IDENTIFIED BY '${MYSQL_ROOT_PASSWD}';
+-- Allow access from MYSQL_GRANT_HOST with password
+GRANT ALL PRIVILEGES ON *.* TO '${MYSQL_ROOT_USER}'@'${MYSQL_GRANT_HOST}' IDENTIFIED BY '${MYSQL_ROOT_PASSWD}';
 -- Allow GRANT privilege
-UPDATE user SET Grant_priv='Y' WHERE User='${MYSQL_ROOT_USER}' AND Host='${SQL_HOSTNAME}';
+UPDATE user SET Grant_priv='Y' WHERE User='${MYSQL_ROOT_USER}' AND Host='${MYSQL_GRANT_HOST}';
 EOF
     fi
 
 CREATE DATABASE IF NOT EXISTS ${VMAIL_DB} CHARACTER SET utf8;
 
 /* Permissions. */
-GRANT SELECT ON ${VMAIL_DB}.* TO "${VMAIL_DB_BIND_USER}"@"${SQL_HOSTNAME}" IDENTIFIED BY "${VMAIL_DB_BIND_PASSWD}";
-GRANT SELECT,INSERT,DELETE,UPDATE ON ${VMAIL_DB}.* TO "${VMAIL_DB_ADMIN_USER}"@"${SQL_HOSTNAME}" IDENTIFIED BY "${VMAIL_DB_ADMIN_PASSWD}";
+GRANT SELECT ON ${VMAIL_DB}.* TO "${VMAIL_DB_BIND_USER}"@"${MYSQL_GRANT_HOST}" IDENTIFIED BY "${VMAIL_DB_BIND_PASSWD}";
+GRANT SELECT,INSERT,DELETE,UPDATE ON ${VMAIL_DB}.* TO "${VMAIL_DB_ADMIN_USER}"@"${MYSQL_GRANT_HOST}" IDENTIFIED BY "${VMAIL_DB_ADMIN_PASSWD}";
 
 /* Initialize the database. */
 USE ${VMAIL_DB};

File iRedMail/functions/packages.sh

         # MySQL server & client.
         ENABLED_SERVICES="${ENABLED_SERVICES} ${MYSQL_RC_SCRIPT_NAME}"
         if [ X"${DISTRO}" == X"RHEL" ]; then
-            ALL_PKGS="${ALL_PKGS} mysql-server${PKG_ARCH} mysql${PKG_ARCH}"
+            if [ X"${MYSQL_SERVER}" == X"${LOCAL_ADDRESS}" ]; then
+                ALL_PKGS="${ALL_PKGS} mysql-server${PKG_ARCH}"
+            fi
+            ALL_PKGS="${ALL_PKGS} mysql${PKG_ARCH}"
 
             # For Awstats.
             [ X"${USE_AWSTATS}" == X"YES" ] && ALL_PKGS="${ALL_PKGS} mod_auth_mysql${PKG_ARCH}"
 
         elif [ X"${DISTRO}" == X"SUSE" ]; then
-            ALL_PKGS="${ALL_PKGS} mysql-community-server mysql-community-server-client"
+            if [ X"${MYSQL_SERVER}" == X"${LOCAL_ADDRESS}" ]; then
+                ALL_PKGS="${ALL_PKGS} mysql-community-server-client"
+            fi
+            ALL_PKGS="${ALL_PKGS} mysql-community-server-client"
 
             [ X"${USE_AWSTATS}" == X"YES" ] && ALL_PKGS="${ALL_PKGS} postfix-mysql"
 
         elif [ X"${DISTRO}" == X"DEBIAN" -o X"${DISTRO}" == X"UBUNTU" ]; then
             # MySQL server and client.
-            ALL_PKGS="${ALL_PKGS} mysql-server mysql-client postfix-mysql libapache2-mod-auth-mysql"
+            if [ X"${MYSQL_SERVER}" == X"${LOCAL_ADDRESS}" ]; then
+                ALL_PKGS="${ALL_PKGS} mysql-server"
+            fi
+            ALL_PKGS="${ALL_PKGS} mysql-client postfix-mysql libapache2-mod-auth-mysql"
 
         elif [ X"${DISTRO}" == X'OPENBSD' ]; then
-            ALL_PKGS="${ALL_PKGS} mysql-client cyrus-sasl--mysql mysql-server"
-            PKG_SCRIPTS="${PKG_SCRIPTS} ${MYSQL_RC_SCRIPT_NAME}"
-
+            if [ X"${MYSQL_SERVER}" == X"${LOCAL_ADDRESS}" ]; then
+                ALL_PKGS="${ALL_PKGS} mysql-server"
+                PKG_SCRIPTS="${PKG_SCRIPTS} ${MYSQL_RC_SCRIPT_NAME}"
+            fi
+            ALL_PKGS="${ALL_PKGS} mysql-client cyrus-sasl--mysql"
         fi
     elif [ X"${BACKEND}" == X"PGSQL" ]; then
         ENABLED_SERVICES="${ENABLED_SERVICES} ${PGSQL_RC_SCRIPT_NAME}"

File iRedMail/functions/roundcubemail.sh

         ${MYSQL_CLIENT_ROOT} <<EOF
 -- Create database and grant privileges
 CREATE DATABASE ${RCM_DB} DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
-GRANT SELECT,INSERT,UPDATE,DELETE ON ${RCM_DB}.* TO "${RCM_DB_USER}"@"${SQL_HOSTNAME}" IDENTIFIED BY '${RCM_DB_PASSWD}';
+GRANT SELECT,INSERT,UPDATE,DELETE ON ${RCM_DB}.* TO "${RCM_DB_USER}"@"${MYSQL_GRANT_HOST}" IDENTIFIED BY '${RCM_DB_PASSWD}';
 
 -- Import Roundcubemail SQL template
 USE ${RCM_DB};
         ${MYSQL_CLIENT_ROOT} <<EOF
 -- Grant privileges for Roundcubemail, so that user can change
 -- their own password and setting mail forwarding.
-GRANT UPDATE,SELECT ON ${VMAIL_DB}.mailbox TO "${RCM_DB_USER}"@"${SQL_HOSTNAME}";
--- GRANT INSERT,UPDATE,SELECT ON ${VMAIL_DB}.alias TO "${RCM_DB_USER}"@"${SQL_HOSTNAME}";
+GRANT UPDATE,SELECT ON ${VMAIL_DB}.mailbox TO "${RCM_DB_USER}"@"${MYSQL_GRANT_HOST}";
+-- GRANT INSERT,UPDATE,SELECT ON ${VMAIL_DB}.alias TO "${RCM_DB_USER}"@"${MYSQL_GRANT_HOST}";
 
 FLUSH PRIVILEGES;
 EOF