mailcert

#!/bin/bash
#########################################################################
# Plesk LetsEncrypt Certificate - copy to                               #
# Postfix - Dovecot - Courier - Webmin - Qmail                          #
# Original by Powie . www.powie.de                                      #
# Updated by Brian Aldridge . www.biteoftech.com                        #
# V1.06                                                                 #
# For Plesk / Debian/Ubuntu                                             #
#########################################################################
# Set current version
MailCertVersion="1.06"
PROGNAME=${0##*/}
#Setting colors for display.
red="\033[31m";yellow="\033[33m";green="\033[32m";nocolor="\033[0m"
# Verify config file and create if necessary
runnow=false
#Displays Help
usage()
{ echo -e "Usage: $PROGNAME [${red}-v${nocolor} : Version Check] ${red}-s example.com${nocolor} : Set Hostname [${red}-r${nocolor} : Run Certificate Check] [${red}-h${nocolor}: Display Help]"
}
#Catch options
while getopts ":s:vrh" opt; do
    case $opt in
    (s)
        #Set Hostname
        echo -e "Manually setting hostname."
	export HOSTNAME=$OPTARG
    ;;
    (v)
        #Script version
        echo -e "You are running verion $MailCertVersion"
        MailCertLatest=`curl -s https://raw.githubusercontent.com/BoiseComputer/plesk_mailcert/master/.version`
        if [[ $MailCertLatest > $MailCertVersion ]]; then
        echo -e "${red}NOTICE: ${yellow}A newer version of the Plesk Let's Encrypt Mail Update script is available.${nocolor}"
        read -p "Would you like to upgrade $PROGNAME from v$MailCertVersion to v$MailCertLatest? (y/n):" -n 1 -r
        echo -en "\n"
            if [[ $REPLY =~ ^[Yy]$ ]]; then
                curl https://raw.githubusercontent.com/BoiseComputer/plesk_mailcert/master/mailcert > ./$PROGNAME
                echo -e "${green}$PROGNAME has been updated to the most recent version.${nocolor}"
                exit 0
            fi
        else
        echo -e "You are already running the most recent version of $PROGNAME"
        fi
    ;;
    (r)
	export runnow=true
    ;;
    (h)
        usage
        echo -e "You are running verion $MailCertVersion"
        echo
        echo -e " ${red}-v${nocolor} : ${yellow}Checks if a newer version of this script is available.${nocolor}"
        echo -e " ${red}-s example.com${nocolor} : ${yellow}Sets the hostname via command line.${nocolor}"
        echo -e " ${red}-r${nocolor} : ${yellow}Runs the script. If running in a cron job you will need to run this argument.${nocolor}"
        echo -e " ${red}-h${nocolor} : ${yellow}Displays this help page.${nocolor}"
     ;;
    (:)
        echo -e "Option -$OPTARG requires an argument." >&2
        usage
        exit;;
    (?)
        echo -e "Invalid Option"
        usage
        exit;;
  esac
done

if [ -f "/etc/mailcert/mailcert.cfg" ]; then
    source /etc/mailcert/mailcert.cfg
else
    mkdir -p /etc/mailcert/
    touch /etc/mailcert/mailcert.cfg
    echo '#Set hostname here if custom. Example: HOSTNAME=server1.boisehosting.net' >> /etc/mailcert/mailcert.cfg
    echo 'HOSTNAME=$(hostname)' >> /etc/mailcert/mailcert.cfg
    source /etc/mailcert/mailcert.cfg
fi

if [ "$runnow" = true ];then
        # This is our http conf we are looking into it
        CONFFILE=/var/www/vhosts/system/${HOSTNAME}/conf/httpd.conf
        #get the pem file from apache conf, because its written there after changes
        getpemfile(){
            CERT=$(grep -m 1 SSLCertificateFile ${CONFFILE})
            CERTFILE=${CERT:20}
        echo "Plesk certificate located at:${CERTFILE}"
                    }
        #copy pem to dovecot
        certfordovecot () {
        if [ -e /etc/dovecot/private/ssl-cert-and-key.pem ];then
            if diff  /etc/dovecot/private/ssl-cert-and-key.pem $CERTFILE > /dev/null;then
                echo -e "${yellow}Skipped: ${nocolor}Dovecot already up to date."
            else
                cp ${CERTFILE} /etc/dovecot/private/ssl-cert-and-key.pem
                echo -e "${green}SUCCESS: ${nocolor}Dovecot Certificate Updated"
                service dovecot restart
            fi
        fi
                        }
        #copy pem to postfix
        certforpostfix () {
        if [ -e /etc/postfix/postfix_default.pem ];then
            if diff  /etc/postfix/postfix_default.pem $CERTFILE > /dev/null;then
                echo -e "${yellow}Skipped: ${nocolor}Postfix already up to date."
            else
                cp ${CERTFILE} /etc/postfix/postfix_default.pem
                echo -e "${green}SUCCESS: ${nocolor}Postfix Certificate Updated"
                service postfix restart
            fi
        fi
                        }
        #copy pem to courier
        certforcourier () {
        if [ -e /usr/share/imapd.pem ];then
            if diff  /usr/share/imapd.pem $CERTFILE > /dev/null;then
                echo -e "${yellow}Skipped: ${nocolor}Courier-IMAP already up to date."
            else
                cp ${CERTFILE} /usr/share/imapd.pem
                echo -e "${green}SUCCESS: ${nocolor}Courier-IMAP Certificate Updated"
                service xinetd restart
            fi
        fi
        if [ -e /usr/share/pop3d.pem ];then
            if diff  /usr/share/pop3d.pem $CERTFILE > /dev/null;then
                echo -e "${yellow}Skipped: ${nocolor}Courier-POP3 already up to date."
            else
                cp ${CERTFILE} /usr/share/pop3d.pem
                echo -e "${green}SUCCESS: ${nocolor}Courier-POP3 Certificate Updated"
                service xinetd restart
            fi
        fi
                        }
        #copy pem to webmin
        certforwebmin () {
        if [ -e /etc/webmin/miniserv.pem ];then
            if diff  /etc/webmin/miniserv.pem $CERTFILE > /dev/null;then
                echo -e "${yellow}Skipped: ${nocolor}Webmin already up to date."
            else
                cp ${CERTFILE} /etc/webmin/miniserv.pem
                echo -e "${green}SUCCESS: ${nocolor}Webmin Certificate Updated"
                service webmin restart
            fi
        fi
                        }
        #copy pem to qmail
        certforqmail () {
        if [ -e /var/qmail/control/servercert.pem ];then
            if diff /var/qmail/control/servercert.pem $CERTFILE > /dev/null;then
                echo -e "\e[33mSkipped: \e[39mQMail already up to date."
            else
                cp ${CERTFILE} /var/qmail/control/servercert.pem
                echo -e "${green}SUCCESS: ${nocolor}QMail Certificate Updated"
                service qmail restart
            fi
        fi
                        }
        #copy the cert file to the services
        copycerts() {
            certfordovecot
            certforpostfix
            certforcourier
            certforwebmin
            certforqmail
                    }
        #now we start
        if [ -e ${CONFFILE} ];then
            getpemfile
            if [ -e ${CERTFILE} ];then
                copycerts
                exit 0
            else
                echo "cert file doesnt exists"
                exit 1
            fi
        else
            echo "conf file not found"
            exit 1
        fi
fi
    echo -e "${yellow}Server name set to: ${red}$HOSTNAME"
    echo -e "${nocolor}If this is incorrect please set custom hostname in ${yellow}/etc/mailcert/mailcert.cfg or via command variable.${nocolor}"
# Checking for no attribute.
if [ -z "$1" ]
 then
  usage
  exit 1
fi