Topic: Testing: Generate passwords with `openssl` on FreeBSD-iRedMail v1.3.2
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): Unreleased v1.3.2 from Github, commit 2eee21f
- Deployed with iRedMail Easy or the downloadable installer? Download from Github
- Linux/BSD distribution name and version: FreeBSD 12.1
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): PGSQL 12.x
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Testing the generation of passwords with `openssl` on FreeBSD.
Testing the above to address `iRedMail.sh` freeze when configuring the databases during the post-config phase of the installation.
NOTE.1: Just started. Will update the entry when it reaches the impacted step.
NOTE.2: FreeBSD `12.1-RELEASE` has `openssl 1.1.1d` builtin (from LibreSSL). iRedMail will compile a new version. The point being is that `openssl` is available at all times to generate passwords.
# = = = = = = = = = =
# edit: ./conf/global
# Generate password with `openssl`. Does openssl works the same across *IXes?
#
# Command used to generate a random string.
# Usage: str="$(${RANDOM_STRING})"
if [ X"${KERNEL_NAME}" == X'OPENBSD' ]; then
export RANDOM_STRING='eval </dev/random tr -cd [:alnum:] | fold -w 32 | head -1'
elif [ X"${KERNEL_NAME}" == X'FREEBSD' ]; then
export RANDOM_STRING='openssl rand -base64 32'
else
# Linux
export RANDOM_STRING='eval </dev/urandom tr -dc A-Za-z0-9 | (head -c $1 &>/dev/null || head -c 32)'
fi
+++ '[' XFREEBSD == XOPENBSD ']'
+++ '[' XFREEBSD == XFREEBSD ']'
+++ export 'RANDOM_STRING=openssl rand -base64 32'
+++ RANDOM_STRING='openssl rand -base64 32'
# = = = = = = = = = =
root@server:~/iRedMail-1.3.2 # cat config
export STORAGE_BASE_DIR='/var/vmail'
export WEB_SERVER='NGINX'
export BACKEND_ORIG='PGSQL'
export BACKEND='PGSQL'
export VMAIL_DB_BIND_PASSWD='/EUG+YffwrJpy2JqZjEPQlHzMdTl7wIZWfGc6iKKW6Q='
export VMAIL_DB_ADMIN_PASSWD='/lUsWpq14akWjZUkUL7EjRhdW3cubk1P98mELSy04ZA='
export MLMMJADMIN_API_AUTH_TOKEN='p2HCGXLl/dpYiH9Lrq0DyK9rQFWWbXkMMpYImslQVjo='
export NETDATA_DB_PASSWD='gu+qh5/lqYHN3pO7C3nWYuHiQ9zjw4Z5E3UVNK1aWhE='
export PGSQL_ROOT_PASSWD='pass'
export FIRST_DOMAIN='katra.local'
export DOMAIN_ADMIN_PASSWD_PLAIN='pass'
export USE_IREDADMIN='YES'
export USE_ROUNDCUBE='YES'
export USE_FAIL2BAN='YES'
export AMAVISD_DB_PASSWD='nAbq5v4d1iQtMsmF/M8sBnronw8ca4eqbVaozMUqzwo='
export IREDADMIN_DB_PASSWD='QYdc6vdZq60TDqTlitcnKywLuHuYLkTA8v86wC/Vjlk='
export RCM_DB_PASSWD='u39AU+CAyS8AER5Sk1aljM5ZW+oQBbAAUNTo0jSVZyg='
export SOGO_DB_PASSWD='lzoZ97wgI+v8Bw/jCrWYNkjvGJ8dEt7jDpZlJMA39xc='
export SOGO_SIEVE_MASTER_PASSWD='29IgxCNxtqgVkUnRyG8hxWkWsp9puafU/qAklh35rUQ='
export IREDAPD_DB_PASSWD='4y4IOuKqaxWb1AbfQswH3Eg8VhwC1eFG0/GaW1VE2j0='
export FAIL2BAN_DB_PASSWD='1gnnsjnyYgs+0CIY0D5Z1pi6kSiWwmYa5ntxISFJ950='
#EOFBTW: Having some fun with code. The fresh v7.73.0 of `curl` does not build with certain flags. Happens that iRedMail is (un)setting such flags. There is an upstrem fix in the `curl` code and it will be propagated to FreeBSD ports soon. The build problem affects all platforms.
In short:
# ./functions/packages_freebsd.sh
# Curl. DEPENDENCE.
cat > /var/db/ports/ftp_curl/options <<EOF
OPTIONS_FILE_UNSET+=ALTSVC # new experimental flag, default is ON
# Not present in iRedMail, added and forced to OFF
OPTIONS_FILE_SET+=TLS_SRP # offending flag IF UNSET, changing to SET for now
# iRedMail default is UNSET
References:
- https://www.freshports.org/ftp/curl/
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=250384
- https://github.com/curl/curl/pull/6094----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.
