Compare commits
1 Commits
0014789f68
...
c16dcc80c8
| Author | SHA1 | Date | |
|---|---|---|---|
| c16dcc80c8 |
@@ -43,50 +43,38 @@ main() {
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Authenticate with default password first
|
||||
log_info "Authenticating with Stalwart API..."
|
||||
local auth_token
|
||||
if ! auth_token=$(authenticate "$DEFAULT_ADMIN_PASSWORD"); then
|
||||
log_error "Failed to authenticate with default admin password"
|
||||
log_info "This might mean Stalwart has already been configured"
|
||||
|
||||
# Try with provided password if different
|
||||
if [ -n "$ADMIN_PASSWORD" ] && [ "$ADMIN_PASSWORD" != "$DEFAULT_ADMIN_PASSWORD" ]; then
|
||||
log_info "Trying with provided admin password..."
|
||||
if ! auth_token=$(authenticate "$ADMIN_PASSWORD"); then
|
||||
log_error "Failed to authenticate with provided password"
|
||||
return 1
|
||||
fi
|
||||
else
|
||||
return 1
|
||||
fi
|
||||
# Set current password (start with generated one)
|
||||
local current_password="$DEFAULT_ADMIN_PASSWORD"
|
||||
|
||||
# Test authentication with generated password
|
||||
log_info "Verifying API access with generated password..."
|
||||
if ! test_auth "$current_password"; then
|
||||
log_error "Failed to authenticate with generated password"
|
||||
return 1
|
||||
fi
|
||||
|
||||
log_success "Authentication successful"
|
||||
log_success "API authentication verified"
|
||||
|
||||
# Update admin password if provided and different from default
|
||||
if [ -n "$ADMIN_PASSWORD" ] && [ "$ADMIN_PASSWORD" != "$DEFAULT_ADMIN_PASSWORD" ]; then
|
||||
# Update admin password if provided and different from generated one
|
||||
if [ -n "$ADMIN_PASSWORD" ] && [ "$ADMIN_PASSWORD" != "$current_password" ]; then
|
||||
log_info "Updating admin password..."
|
||||
if update_admin_password "$auth_token" "$ADMIN_PASSWORD"; then
|
||||
if update_admin_password "$current_password" "$ADMIN_PASSWORD"; then
|
||||
log_success "Admin password updated successfully"
|
||||
# Re-authenticate with new password
|
||||
if ! auth_token=$(authenticate "$ADMIN_PASSWORD"); then
|
||||
log_error "Failed to re-authenticate with new password"
|
||||
return 1
|
||||
fi
|
||||
current_password="$ADMIN_PASSWORD"
|
||||
else
|
||||
log_warning "Failed to update admin password, continuing with default"
|
||||
log_error "Failed to update admin password"
|
||||
return 1
|
||||
fi
|
||||
else
|
||||
log_info "No admin password provided, keeping default (changeme)"
|
||||
log_warning "⚠️ Remember to change the default password!"
|
||||
log_info "No custom admin password provided"
|
||||
log_warning "⚠️ Using generated password. Save it securely!"
|
||||
fi
|
||||
|
||||
# Create domains if provided
|
||||
if [ -n "$DOMAINS_JSON" ]; then
|
||||
log_info "Creating domains..."
|
||||
if validate_json "$DOMAINS_JSON"; then
|
||||
create_domains "$auth_token" "$DOMAINS_JSON"
|
||||
create_domains "$current_password" "$DOMAINS_JSON"
|
||||
else
|
||||
log_error "Invalid domains JSON format"
|
||||
return 1
|
||||
@@ -99,7 +87,7 @@ main() {
|
||||
if [ -n "$USERS_JSON" ]; then
|
||||
log_info "Creating users..."
|
||||
if validate_json "$USERS_JSON"; then
|
||||
create_users "$auth_token" "$USERS_JSON"
|
||||
create_users "$current_password" "$USERS_JSON"
|
||||
else
|
||||
log_error "Invalid users JSON format"
|
||||
return 1
|
||||
@@ -133,62 +121,57 @@ wait_for_stalwart_api() {
|
||||
return 1
|
||||
}
|
||||
|
||||
# Authenticate with Stalwart API
|
||||
# Test authentication with Stalwart API
|
||||
# Args: $1 = password
|
||||
# Returns: JWT token on stdout
|
||||
authenticate() {
|
||||
# Returns: 0 if auth works, 1 otherwise
|
||||
test_auth() {
|
||||
local password="$1"
|
||||
|
||||
local response
|
||||
local token
|
||||
local http_code
|
||||
|
||||
# Stalwart uses Basic Authentication
|
||||
response=$(curl -s -w "\n%{http_code}" -X GET "${API_URL}/authenticate" \
|
||||
-u "admin:${password}" 2>&1)
|
||||
# Test with a simple API call to get account info
|
||||
http_code=$(curl -s -o /dev/null -w "%{http_code}" \
|
||||
-u "admin:${password}" \
|
||||
"${API_URL}/accounts")
|
||||
|
||||
if [ "$http_code" = "200" ]; then
|
||||
return 0
|
||||
else
|
||||
log_error "API test failed with HTTP $http_code"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
# Update admin password
|
||||
# Args: $1 = current password, $2 = new password
|
||||
update_admin_password() {
|
||||
local current_password="$1"
|
||||
local new_password="$2"
|
||||
|
||||
local http_code
|
||||
local response
|
||||
|
||||
response=$(curl -s -w "\n%{http_code}" -X PUT "${API_URL}/account/admin" \
|
||||
-u "admin:${current_password}" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "{\"password\":\"${new_password}\"}" 2>&1)
|
||||
|
||||
http_code=$(echo "$response" | tail -n 1)
|
||||
response=$(echo "$response" | sed '$d')
|
||||
|
||||
if [ "$http_code" != "200" ]; then
|
||||
log_error "Authentication failed with HTTP $http_code"
|
||||
if [ "$http_code" = "200" ] || [ "$http_code" = "204" ]; then
|
||||
return 0
|
||||
else
|
||||
log_error "Password update failed with HTTP $http_code"
|
||||
log_error "Response: $response"
|
||||
return 1
|
||||
fi
|
||||
|
||||
token=$(echo "$response" | jq -r '.data // empty' 2>/dev/null)
|
||||
|
||||
if [ -z "$token" ]; then
|
||||
log_error "No token in response"
|
||||
log_error "Response: $response"
|
||||
return 1
|
||||
fi
|
||||
|
||||
echo "$token"
|
||||
return 0
|
||||
}
|
||||
|
||||
# Update admin password
|
||||
# Args: $1 = auth token, $2 = new password
|
||||
update_admin_password() {
|
||||
local token="$1"
|
||||
local new_password="$2"
|
||||
|
||||
local response
|
||||
response=$(curl -sf -X PUT "${API_URL}/account/admin" \
|
||||
-H "Authorization: Bearer ${token}" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "{\"password\":\"${new_password}\"}" 2>&1) || {
|
||||
return 1
|
||||
}
|
||||
|
||||
return 0
|
||||
}
|
||||
|
||||
# Create domains from JSON array
|
||||
# Args: $1 = auth token, $2 = domains JSON array
|
||||
# Args: $1 = password, $2 = domains JSON array
|
||||
create_domains() {
|
||||
local token="$1"
|
||||
local password="$1"
|
||||
local domains_json="$2"
|
||||
|
||||
local domain_count
|
||||
@@ -228,7 +211,7 @@ create_domains() {
|
||||
|
||||
# Create domain via API
|
||||
if curl -sf -X POST "${API_URL}/domain" \
|
||||
-H "Authorization: Bearer ${token}" \
|
||||
-u "admin:${password}" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "$domain" >/dev/null 2>&1; then
|
||||
log_success "✓ Created domain: $domain_name"
|
||||
@@ -246,9 +229,9 @@ create_domains() {
|
||||
}
|
||||
|
||||
# Create users from JSON array
|
||||
# Args: $1 = auth token, $2 = users JSON array
|
||||
# Args: $1 = password, $2 = users JSON array
|
||||
create_users() {
|
||||
local token="$1"
|
||||
local password="$1"
|
||||
local users_json="$2"
|
||||
|
||||
local user_count
|
||||
@@ -297,7 +280,7 @@ create_users() {
|
||||
|
||||
# Create user via API
|
||||
if curl -sf -X POST "${API_URL}/account" \
|
||||
-H "Authorization: Bearer ${token}" \
|
||||
-u "admin:${password}" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "$payload" >/dev/null 2>&1; then
|
||||
log_success "✓ Created user: $email"
|
||||
|
||||
Reference in New Issue
Block a user