aknuth
/
docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
docker/dovecot/awsdomain.sh

108 lines
2.9 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
if [ -z "$DOMAIN_NAME" ]; then
echo "Fehler: DOMAIN_NAME ist nicht gesetzt."
echo "Bitte setzen Sie die Variable mit: export DOMAIN_NAME='IhreDomain.de'"
exit 1 # Skript mit Fehlercode beenden
fi
AWS_REGION="us-east-2"
EMAIL_PREFIX="emails/"
S3_BUCKET_NAME=$(echo "$DOMAIN_NAME" | tr '.' '-' | awk '{print $0 "-emails"}')
# Ersetzen Sie alle Punkte durch Bindestriche und erstellen Sie den RULE_NAME
RULE_NAME="store-$(echo "$DOMAIN_NAME" | tr '.' '-')-to-s3"
# ------------------------
# 1. S3 Bucket erstellen
# ------------------------
echo "S3 Bucket erstellen..."
aws s3api create-bucket \
--bucket ${S3_BUCKET_NAME} \
--region ${AWS_REGION} \
--create-bucket-configuration LocationConstraint=${AWS_REGION}
# Öffentlichen Zugriff blockieren
aws s3api put-public-access-block \
--bucket ${S3_BUCKET_NAME} \
--public-access-block-configuration "BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true"
# Lebenszyklus-Konfiguration hinzufügen
aws s3api put-bucket-lifecycle-configuration \
--bucket ${S3_BUCKET_NAME} \
--lifecycle-configuration '{
"Rules": [
{
"ID": "DeleteOldEmails",
"Status": "Enabled",
"Expiration": {
"Days": 90
},
"Filter": {
"Prefix": ""
}
}
]
}'
echo "S3 Bucket Policy hinzufügen..."
aws s3api put-bucket-policy \
--bucket ${S3_BUCKET_NAME} \
--policy '{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ses.amazonaws.com"
},
"Action": [
"s3:PutObject",
"s3:GetBucketLocation",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::'${S3_BUCKET_NAME}'",
"arn:aws:s3:::'${S3_BUCKET_NAME}'/*"
]
}
]
}'
# ------------------------
# 2. SES Domain-Identität erstellen
# ------------------------
echo "SES Domain-Identität erstellen..."
aws sesv2 create-email-identity \
--email-identity ${DOMAIN_NAME} \
--region ${AWS_REGION}
# DKIM-Signierung aktivieren
aws sesv2 put-email-identity-dkim-attributes \
--email-identity ${DOMAIN_NAME} \
--signing-enabled \
--region ${AWS_REGION}
# Mail-From-Domain konfigurieren
aws sesv2 put-email-identity-mail-from-attributes \
--email-identity ${DOMAIN_NAME} \
--mail-from-domain "mail.${DOMAIN_NAME}" \
--behavior-on-mx-failure USE_DEFAULT_VALUE \
--region ${AWS_REGION}
# --------------------------
# Receive Emails
# -------------------------
# 3. Receipt Rule Set erstellen
echo "Receipt Rule for bizmatch ruleset erstellen..."
aws ses create-receipt-rule --rule-set-name "bizmatch-ruleset" --rule '{
"Name": "'"${RULE_NAME}"'",
"Enabled": true,
"ScanEnabled": true,
"Actions": [{
"S3Action": {
"BucketName": "'"${S3_BUCKET_NAME}"'",
"ObjectKeyPrefix": "emails/"
}
}],
"TlsPolicy": "Require"
}'
Reference in New Issue View Git Blame Copy Permalink