Nodarx/action-stalwart-install
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Activity

Compare commits

base: Nodarx:a8fb815103c292860cd72d259bf06e9c356cb1f2
Branches Tags
Nodarx:main
..
compare: Nodarx:a8c7dc74c1ec0671355002687473b52276da1705
Branches Tags
Nodarx:main

1 Commits
a8fb815103 ... a8c7dc74c1

Author SHA1 Message Date
Sebastian Krupinski
a8c7dc74c1 feat: initial version
Some checks failed
Test Stalwart Installation Action / Error Handling Tests (pull_request) Successful in 31s
Details
Test Stalwart Installation Action / Full Configuration (Domains + Users) (pull_request) Failing after 35s
Details
Test Stalwart Installation Action / Basic Installation (No Config) (pull_request) Successful in 51s
Details
Test Stalwart Installation Action / Installation with Admin Password (pull_request) Failing after 1m56s
Details
Test Stalwart Installation Action / Test on Ubuntu ubuntu-20.04 (pull_request) Has been cancelled
Details
Test Stalwart Installation Action / Test on Ubuntu ubuntu-22.04 (pull_request) Has been cancelled
Details
Test Stalwart Installation Action / Test on Ubuntu ubuntu-24.04 (pull_request) Has been cancelled
Details
Test Stalwart Installation Action / Test Summary (pull_request) Has been cancelled
Details 
Signed-off-by: Sebastian Krupinski <krupinski01@gmail.com>
 2026-02-15 00:58:36 -05:00
2 changed files with 3 additions and 76 deletions
Expand all files Collapse all files

12
action.yml
View File

@@ -7,11 +7,6 @@ branding:
color: 'blue' color: 'blue'
inputs: inputs:
admin_password:
description: 'Admin password for Stalwart web interface (use GitHub Secrets). If not provided, defaults to "changeme"'
required: false
default: ''
domains: domains:
description: 'JSON array of domains to create. Example: [{"name":"example.com","description":"Primary domain"}]' description: 'JSON array of domains to create. Example: [{"name":"example.com","description":"Primary domain"}]'
required: false required: false
@@ -59,17 +54,12 @@ runs:
- name: Configure Stalwart - name: Configure Stalwart
shell: bash shell: bash
if: ${{ inputs.admin_password != '' || inputs.domains != '' || inputs.users != '' }} if: ${{ inputs.domains != '' || inputs.users != '' }}
env: env:
STALWART_ADMIN_PASSWORD: ${{ inputs.admin_password }}
STALWART_DOMAINS: ${{ inputs.domains }} STALWART_DOMAINS: ${{ inputs.domains }}
STALWART_USERS: ${{ inputs.users }} STALWART_USERS: ${{ inputs.users }}
STALWART_INSTALL_PATH: '/opt/stalwart' STALWART_INSTALL_PATH: '/opt/stalwart'
run: | run: |
# Mask sensitive data
if [ -n "$STALWART_ADMIN_PASSWORD" ]; then
echo "::add-mask::$STALWART_ADMIN_PASSWORD"
fi
# Mask user passwords from JSON # Mask user passwords from JSON
if [ -n "$STALWART_USERS" ]; then if [ -n "$STALWART_USERS" ]; then

67
scripts/configure.sh
View File

@@ -29,7 +29,6 @@ fi
readonly DEFAULT_ADMIN_PASSWORD readonly DEFAULT_ADMIN_PASSWORD
# Environment variables (passed from action.yml) # Environment variables (passed from action.yml)
ADMIN_PASSWORD="${STALWART_ADMIN_PASSWORD:-}"
DOMAINS_JSON="${STALWART_DOMAINS:-}" DOMAINS_JSON="${STALWART_DOMAINS:-}"
USERS_JSON="${STALWART_USERS:-}" USERS_JSON="${STALWART_USERS:-}"
@@ -54,32 +53,8 @@ main() {
fi fi
log_success "API authentication verified" log_success "API authentication verified"
log_info "📝 Generated admin password: ${current_password}"
# Update admin password if provided and different from generated one log_warning "⚠️ Save this password securely - it won't be shown again!"
if [ -n "$ADMIN_PASSWORD" ] && [ "$ADMIN_PASSWORD" != "$current_password" ]; then
log_info "Updating admin password..."
if update_admin_password "$current_password" "$ADMIN_PASSWORD"; then
log_success "Admin password updated successfully"
# Give Stalwart a moment to apply the change
sleep 2
# Verify the new password works
if test_auth "$ADMIN_PASSWORD"; then
log_success "New password verified"
current_password="$ADMIN_PASSWORD"
else
log_error "New password verification failed"
return 1
fi
else
log_error "Failed to update admin password"
return 1
fi
else
log_info "No custom admin password provided"
log_warning "⚠️ Using generated password. Save it securely!"
fi
# Create domains if provided # Create domains if provided
if [ -n "$DOMAINS_JSON" ]; then if [ -n "$DOMAINS_JSON" ]; then
@@ -158,44 +133,6 @@ test_auth() {
fi fi
} }
# Update admin password
# Args: $1 = current password, $2 = new password
update_admin_password() {
local current_password="$1"
local new_password="$2"
local http_code
local response
# Stalwart requires password to be hashed with SHA-512 crypt
local hashed_password
if command -v mkpasswd >/dev/null 2>&1; then
hashed_password=$(mkpasswd -m sha-512 "$new_password")
elif command -v openssl >/dev/null 2>&1; then
hashed_password=$(openssl passwd -6 "$new_password")
else
log_error "Neither mkpasswd nor openssl available for password hashing"
return 1
fi
# Stalwart uses /api/account/auth with array format
response=$(curl -s -w "\n%{http_code}" -X POST "${API_URL}/account/auth" \
-u "admin:${current_password}" \
-H "Content-Type: application/json" \
-d "[{\"type\":\"setPassword\",\"password\":\"${hashed_password}\"}]" 2>&1)
http_code=$(echo "$response" | tail -n 1)
response=$(echo "$response" | sed '$d')
if [ "$http_code" = "200" ] || [ "$http_code" = "204" ]; then
return 0
else
log_error "Password update failed with HTTP $http_code"
log_error "Response: $response"
return 1
fi
}
# Create domains from JSON array # Create domains from JSON array
# Args: $1 = password, $2 = domains JSON array # Args: $1 = password, $2 = domains JSON array
create_domains() { create_domains() {