Nodarx/action-stalwart-install
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Activity

Compare commits

base: Nodarx:913fa5398e36725154234b987a44b4cd86b49c5d
Branches Tags
Nodarx:main
..
compare: Nodarx:14b4abf21c4c3ad5932c90ba94c6188472c5c153
Branches Tags
Nodarx:main

1 Commits
913fa5398e ... 14b4abf21c

Author SHA1 Message Date
Sebastian Krupinski
14b4abf21c feat: initial version
Some checks failed
Test Stalwart Installation Action / Error Handling Tests (pull_request) Successful in 20s
Details
Test Stalwart Installation Action / Basic Installation (No Config) (pull_request) Successful in 47s
Details
Test Stalwart Installation Action / Installation with Admin Password (pull_request) Failing after 51s
Details
Test Stalwart Installation Action / Full Configuration (Domains + Users) (pull_request) Failing after 55s
Details
Test Stalwart Installation Action / Test on Ubuntu ubuntu-20.04 (pull_request) Has been cancelled
Details
Test Stalwart Installation Action / Test on Ubuntu ubuntu-22.04 (pull_request) Has been cancelled
Details
Test Stalwart Installation Action / Test on Ubuntu ubuntu-24.04 (pull_request) Has been cancelled
Details
Test Stalwart Installation Action / Test Summary (pull_request) Has been cancelled
Details 
Signed-off-by: Sebastian Krupinski <krupinski01@gmail.com>
 2026-02-15 00:29:02 -05:00
1 changed files with 33 additions and 68 deletions
Expand all files Collapse all files

101
scripts/configure.sh
View File

@@ -46,10 +46,9 @@ main() {
# Set current password (start with generated one)
local current_password="$DEFAULT_ADMIN_PASSWORD"
# Get OAuth token with generated password
log_info "Authenticating with generated password..."
local auth_token
if ! auth_token=$(get_oauth_token "$current_password"); then
# Test authentication with generated password
log_info "Verifying API access with generated password..."
if ! test_auth "$current_password"; then
log_error "Failed to authenticate with generated password"
return 1
fi
@@ -59,14 +58,9 @@ main() {
# Update admin password if provided and different from generated one
if [ -n "$ADMIN_PASSWORD" ] && [ "$ADMIN_PASSWORD" != "$current_password" ]; then
log_info "Updating admin password..."
if update_admin_password "$auth_token" "$ADMIN_PASSWORD"; then
if update_admin_password "$current_password" "$ADMIN_PASSWORD"; then
log_success "Admin password updated successfully"
current_password="$ADMIN_PASSWORD"
# Get new token with new password
if ! auth_token=$(get_oauth_token "$current_password"); then
log_error "Failed to re-authenticate with new password"
return 1
fi
else
log_error "Failed to update admin password"
return 1
@@ -80,7 +74,7 @@ main() {
if [ -n "$DOMAINS_JSON" ]; then
log_info "Creating domains..."
if validate_json "$DOMAINS_JSON"; then
create_domains "$auth_token" "$DOMAINS_JSON"
create_domains "$current_password" "$DOMAINS_JSON"
else
log_error "Invalid domains JSON format"
return 1
@@ -93,7 +87,7 @@ main() {
if [ -n "$USERS_JSON" ]; then
log_info "Creating users..."
if validate_json "$USERS_JSON"; then
create_users "$auth_token" "$USERS_JSON"
create_users "$current_password" "$USERS_JSON"
else
log_error "Invalid users JSON format"
return 1
@@ -127,75 +121,46 @@ wait_for_stalwart_api() {
return 1
}
# Get OAuth Bearer token using Stalwart's OAuth flow
# Args: $1 = password
# Returns: Bearer token on stdout
get_oauth_token() {
local password="$1"
local nonce="STALWART_$(date +%s)"
# Step 1: Request OAuth authorization code
local oauth_response
oauth_response=$(curl -s -X POST "${API_URL}/oauth" \
-u "admin:${password}" \
-H "Content-Type: application/json" \
-d "{\"type\":\"code\",\"client_id\":\"webadmin\",\"redirect_uri\":\"stalwart://auth\",\"nonce\":\"${nonce}\"}")
local code
code=$(echo "$oauth_response" | jq -r '.data.code // empty' 2>/dev/null)
if [ -z "$code" ]; then
log_error "Failed to get OAuth code"
log_error "Response: $oauth_response"
return 1
fi
# Step 2: Exchange code for access token
local token_response
token_response=$(curl -s -X POST "${API_URL%/api}/auth/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=authorization_code&client_id=webadmin&code=${code}&redirect_uri=stalwart%3A%2F%2Fauth")
local access_token
access_token=$(echo "$token_response" | jq -r '.access_token // empty' 2>/dev/null)
if [ -z "$access_token" ]; then
log_error "Failed to get access token"
log_error "Response: $token_response"
return 1
fi
echo "$access_token"
return 0
}
# Test authentication with Stalwart API
# Test authentication with Stalwart API using Basic Auth
# Args: $1 = password
# Returns: 0 if auth works, 1 otherwise
test_auth() {
local password="$1"
# Try to get OAuth token
if get_oauth_token "$password" >/dev/null 2>&1; then
local http_code
local response
# Test by querying domains endpoint (works on fresh and configured systems)
response=$(curl -s -w "\n%{http_code}" \
-u "admin:${password}" \
"${API_URL}/principal?types=domain&limit=1")
http_code=$(echo "$response" | tail -n 1)
if [ "$http_code" = "200" ]; then
return 0
else
log_error "Authentication test failed with HTTP $http_code"
response=$(echo "$response" | sed '$d')
log_error "Response: $response"
return 1
fi
}
# Update admin password
# Args: $1 = bearer token, $2 = new password
# Args: $1 = current password, $2 = new password
update_admin_password() {
local token="$1"
local current_password="$1"
local new_password="$2"
local http_code
local response
response=$(curl -s -w "\n%{http_code}" -X PUT "${API_URL}/account/admin" \
-H "Authorization: Bearer ${token}" \
# Stalwart uses /api/account/auth with array format
response=$(curl -s -w "\n%{http_code}" -X POST "${API_URL}/account/auth" \
-u "admin:${current_password}" \
-H "Content-Type: application/json" \
-d "{\"password\":\"${new_password}\"}" 2>&1)
-d "[{\"type\":\"setPassword\",\"password\":\"${new_password}\"}]" 2>&1)
http_code=$(echo "$response" | tail -n 1)
response=$(echo "$response" | sed '$d')
@@ -210,9 +175,9 @@ update_admin_password() {
}
# Create domains from JSON array
# Args: $1 = bearer token, $2 = domains JSON array
# Args: $1 = password, $2 = domains JSON array
create_domains() {
local token="$1"
local password="$1"
local domains_json="$2"
local domain_count
@@ -252,7 +217,7 @@ create_domains() {
# Create domain via API
if curl -sf -X POST "${API_URL}/domain" \
-H "Authorization: Bearer ${token}" \
-u "admin:${password}" \
-H "Content-Type: application/json" \
-d "$domain" >/dev/null 2>&1; then
log_success "✓ Created domain: $domain_name"
@@ -270,9 +235,9 @@ create_domains() {
}
# Create users from JSON array
# Args: $1 = bearer token, $2 = users JSON array
# Args: $1 = password, $2 = users JSON array
create_users() {
local token="$1"
local password="$1"
local users_json="$2"
local user_count
@@ -321,7 +286,7 @@ create_users() {
# Create user via API
if curl -sf -X POST "${API_URL}/account" \
-H "Authorization: Bearer ${token}" \
-u "admin:${password}" \
-H "Content-Type: application/json" \
-d "$payload" >/dev/null 2>&1; then
log_success "✓ Created user: $email"