openwrt-mirror/packages
1
0
Fork 0
mirror of https://github.com/openwrt/packages.git synced 2025-12-21 23:34:31 +04:00
Code Issues Packages Projects Releases Wiki Activity
Files
7383eb093b5e038574c04514a624e4a46740a1bc
packages/mail/emailrelay/files/emailrelay.init
Sergey Ponomarev 7383eb093b emailrelay: conf: TLS split cert and private key 
Since v2.3.1 --server-tls-certificate and --client-tls-certificate may be comma separated list of privkey and fullchain so users don't need to merge the both files.
The privkey must be firts, the cert second.
Reflect this in config samples.

Alternatively instead of comma separated the emailrelay allows just pass two --server-tls-certificate options: one for a privkey and second time for a cert.

So the server_tls_certificate option may be a list. But instead to make it easier to configure from UCI let's add a separate option server-tls-key which is dedicated for a privkey.

Similarly, the client-tls-key is a private key part for the --client-tls-certificate

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
2025-05-21 11:08:36 +02:00

91 lines
3.5 KiB
Bash
Raw Blame History

#!/bin/sh /etc/rc.common
START=90
USE_PROCD=1
PROG=/usr/bin/emailrelay
NAME=emailrelay
emailrelay_instance()
{
local enabled mode port remote_clients \
server_auth server_tls server_tls_required server_tls_key server_tls_certificate server_tls_verify \
client_auth client_tls client_tls_required client_tls_key client_tls_certificate client_tls_verify \
anonymous domain smarthost address_verifier \
extra_cmdline
config_get_bool enabled "$1" enabled
[ "$enabled" = 0 ] && return 1
config_get mode "$1" mode
config_get port "$1" port
config_get_bool remote_clients "$1" remote_clients
config_get_bool server_tls "$1" server_tls
config_get_bool server_tls_required "$1" server_tls_required
config_get server_tls_key "$1" server_tls_key
config_get server_tls_certificate "$1" server_tls_certificate
config_get server_tls_verify "$1" server_tls_verify
config_get server_auth "$1" server_auth
config_get extra_cmdline "$1" extra_cmdline
config_get smarthost "$1" smarthost
config_get_bool client_tls "$1" client_tls
config_get_bool client_tls_required "$1" client_tls_required
config_get client_tls_key "$1" client_tls_key
config_get client_tls_certificate "$1" client_tls_certificate
config_get client_tls_verify "$1" client_tls_verify
config_get client_auth "$1" client_auth
config_get address_verifier "$1" address_verifier
config_get domain "$1" domain
config_get_bool anonymous "$1" anonymous
procd_open_instance
procd_set_param command "$PROG" --no-daemon
case "$mode" in
"server"|\
"proxy")
procd_append_param command "--as-${mode}"
[ -n "$smarthost" ] && procd_append_param command "$smarthost"
[ -n "$port" ] && procd_append_param command --port "$port"
[ "$remote_clients" = 1 ] && procd_append_param command --remote-clients
[ "$server_tls" = 1 ] && procd_append_param command --server-tls
[ "$server_tls_required" = 1 ] && procd_append_param command --server-tls-required
[ -n "$server_tls_key" ] && procd_append_param command --server-tls-certificate "$server_tls_key"
[ -n "$server_tls_certificate" ] && procd_append_param command --server-tls-certificate "$server_tls_certificate"
[ -n "$server_tls_verify" ] && procd_append_param command --server-tls-verify "$server_tls_verify"
[ -n "$server_auth" ] && procd_append_param command --server-auth "$server_auth"
[ "$client_tls" = 1 ] && procd_append_param command --client-tls
[ "$client_tls_required" = 1 ] && procd_append_param command --client-tls-required
[ -n "$client_tls_key" ] && procd_append_param command --client-tls-certificate "$client_tls_key"
[ -n "$client_tls_certificate" ] && procd_append_param command --client-tls-certificate "$client_tls_certificate"
[ -n "$client_tls_verify" ] && procd_append_param command --client-tls-verify "$client_tls_verify"
[ -n "$client_auth" ] && procd_append_param command --client-auth "$client_auth"
[ -n "$address_verifier" ] && procd_append_param command --address-verifier "$address_verifier"
[ -n "$domain" ] && procd_append_param command --domain "$domain"
[ "$anonymous" = 1 ] && procd_append_param command --anonymous
;;
"cmdline")
# empty by intention (just append extra_cmdline)
;;
*)
echo "no mode specified"
return 1
;;
esac
[ -n "$extra_cmdline" ] && procd_append_param command $extra_cmdline
procd_set_param respawn
procd_close_instance
}
start_service()
{
[ ! -d /var/spool/emailrelay ] && mkdir -p /var/spool/emailrelay
config_load "${NAME}"
config_foreach emailrelay_instance emailrelay
}
Reference in New Issue View Git Blame Copy Permalink