Zimbra Let’s Encrypt SSL Script Rumi, December 28, 2022 #!/bin/bash -x # SSL certificate installation in Zimbra # with SSL certificate provided by Let's Encrypt (letsencrypt.org) # Check if running as root if [ "$(id -u)" != "0" ]; then echo "This script must be run as root" 1>&2 exit 1 fi read -p 'letsencrypt_email [mail@server]: ' letsencrypt_email read -p 'mail_server_url [mail.server]: ' mail_server_url # Check All variable have a value if [ -z $mail_server_url ] || [ -z $letsencrypt_email ] then echo run script again please insert all value. do not miss any value else # Installation start # Stop the jetty or nginx service at Zimbra level su - zimbra -c 'zmproxyctl stop' su - zimbra -c 'zmmailboxdctl stop' # Install git and letsencrypt cd /opt/ apt-get install git git clone https://github.com/letsencrypt/letsencrypt cd letsencrypt # Get SSL certificate ./letsencrypt-auto certonly --standalone --non-interactive --agree-tos --email $letsencrypt_email -d $mail_server_url --hsts cd /etc/letsencrypt/live/$mail_server_url cat <<EOF >>chain.pem -----BEGIN CERTIFICATE----- MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/ MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw 7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69 ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5 JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ -----END CERTIFICATE----- EOF # Verify commercial certificate mkdir /opt/zimbra/ssl/letsencrypt cp /etc/letsencrypt/live/$mail_server_url/* /opt/zimbra/ssl/letsencrypt/ chown zimbra:zimbra /opt/zimbra/ssl/letsencrypt/* ls -la /opt/zimbra/ssl/letsencrypt/ su - zimbra -c 'cd /opt/zimbra/ssl/letsencrypt/ && /opt/zimbra/bin/zmcertmgr verifycrt comm privkey.pem cert.pem chain.pem' # Deploy the new Let's Encrypt SSL certificate cp -a /opt/zimbra/ssl/zimbra /opt/zimbra/ssl/zimbra.$(date "+%Y%m%d") cp /opt/zimbra/ssl/letsencrypt/privkey.pem /opt/zimbra/ssl/zimbra/commercial/commercial.key sudo chown zimbra:zimbra /opt/zimbra/ssl/zimbra/commercial/commercial.key su - zimbra -c 'cd /opt/zimbra/ssl/letsencrypt/ && /opt/zimbra/bin/zmcertmgr deploycrt comm cert.pem chain.pem' # Restart Zimbra su - zimbra -c 'zmcontrol restart' # setting auto https redirect cd /opt && touch https-redirect.sh && chown zimbra:zimbra https-redirect.sh && chmod +x https-redirect.sh cat <<EOF >>/opt/https-redirect.sh zmprov ms $mail_server_url zimbraReverseProxyMailMode redirect EOF su - zimbra -c '/opt/https-redirect.sh' rm /opt/https-redirect.sh fi Related Scripts LetsencryptScriptszimbra
PHPSysinfo CentOS 7 Installer Script January 23, 2024 Intended to to deploy on a barebone fresh CentOS installation with Apache and PHP- !#/bin/sh ################################################# # Server Configuration for Centos 6.8 Final # # Don’t use port 7071 # Updated by Rumi- hasan@servermart.net # ################################################# ## updating packages sudo yum update -y ## installing dependencies sudo yum install unzip… Read More
How to keep a job running in Linux November 13, 2017November 13, 2017 There are many ways to keep a process running on linux but I haven’t seen any that are as easy to implement as the script below. Basically the script does a ps ax and then a grep for your process. If it’s not running it will re-start the process. You install the script into… Read More
MySQLDump Shell script for backup April 21, 2013 You can use the following script to dump mysql database and can add to crontab entry for daily backup! #!/bin/sh DAY=`/bin/date +%Y%m%d` TFILE="/backup/MYDB.$DAY.gz" mysqldump -u root -p'MYPASSWORD' MYDB | gzip > $TFILE echo "cache dump completed, dump script by rumi (hasan.emdad@mango.com.bd)" Related Read More
Quite simple. If you an installed zimbra- save the script using a text editor and then run- bash Reply
Hey Rumi . Thanks forshare . I. Have 2 doamain on a samse server . Can you write a script for this. Reply
Hello Rumi. Thanks for the knowledge you shared. I need your help with my problem. I had 2 domain on same server. Can u write a script install and auto renew for it . I Renew SSL manually through the tutorial : certbot certonly –standalone –preferred-chain “ISRG Root X1” -d mail.domain1.com -d mail.domain2.com Reply
Here’s the trick part- ./letsencrypt-auto certonly –standalone –non-interactive –agree-tos –email $letsencrypt_email -d $mail_server_url –hsts cd /etc/letsencrypt/live/$mail_server_url Reply
letsencrypt_email [mail@server]: admin@xxx.com mail_server_url [mail.server]: mail.xxx.com Stopping proxy…done. Stopping mailboxd…done. LE_Script.sh: line 28: apt-get: command not found Cloning into ‘letsencrypt’… remote: Enumerating objects: 98614, done. remote: Counting objects: 100% (549/549), done. remote: Compressing objects: 100% (287/287), done. remote: Total 98614 (delta 311), reused 455 (delta 256), pack-reused 98065 Receiving objects: 100% (98614/98614), 48.29 MiB | 19.91 MiB/s, done. Resolving deltas: 100% (73285/73285), done. LE_Script.sh: line 33: ./letsencrypt-auto: No such file or directory LE_Script.sh: line 34: cd: /etc/letsencrypt/live/mail.xxx.com: No such file or directory cp: cannot stat ‘/etc/letsencrypt/live/mail.xxx.com/*’: No such file or directory chown: cannot access ‘/opt/zimbra/ssl/letsencrypt/*’: No such file or directory total 8 drwxr-xr-x 2 root root 4096 Jun 4 21:46 . drwxr-xr-x 8 zimbra zimbra 4096 Jun 4 21:46 .. ** Verifying ‘cert.pem’ against ‘privkey.pem’ ERROR: Can’t read file ‘privkey.pem’ ERROR: Can’t read file ‘cert.pem’ cp: cannot stat ‘/opt/zimbra/ssl/letsencrypt/privkey.pem’: No such file or directory chown: cannot access ‘/opt/zimbra/ssl/zimbra/commercial/commercial.key’: No such file or directory ERROR: open input ‘cert.pem’ failed: No such file or directory Reply