Nodarx/action-stalwart-install
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Activity

Compare commits

base: Nodarx:c16dcc80c88e2271cb7af3ccc2b799a440ef3383
Branches Tags
Nodarx:main
..
compare: Nodarx:913fa5398e36725154234b987a44b4cd86b49c5d
Branches Tags
Nodarx:main

1 Commits
c16dcc80c8 ... 913fa5398e

Author SHA1 Message Date
Sebastian Krupinski
913fa5398e feat: initial version
Some checks failed
Test Stalwart Installation Action / Error Handling Tests (pull_request) Successful in 19s
Details
Test Stalwart Installation Action / Full Configuration (Domains + Users) (pull_request) Failing after 24s
Details
Test Stalwart Installation Action / Basic Installation (No Config) (pull_request) Successful in 48s
Details
Test Stalwart Installation Action / Installation with Admin Password (pull_request) Failing after 51s
Details
Test Stalwart Installation Action / Test on Ubuntu ubuntu-20.04 (pull_request) Has been cancelled
Details
Test Stalwart Installation Action / Test on Ubuntu ubuntu-22.04 (pull_request) Has been cancelled
Details
Test Stalwart Installation Action / Test on Ubuntu ubuntu-24.04 (pull_request) Has been cancelled
Details
Test Stalwart Installation Action / Test Summary (pull_request) Has been cancelled
Details 
Signed-off-by: Sebastian Krupinski <krupinski01@gmail.com>
 2026-02-15 00:11:50 -05:00
1 changed files with 65 additions and 24 deletions
Expand all files Collapse all files

89
scripts/configure.sh
View File

@@ -46,9 +46,10 @@ main() {
# Set current password (start with generated one) # Set current password (start with generated one)
local current_password="$DEFAULT_ADMIN_PASSWORD" local current_password="$DEFAULT_ADMIN_PASSWORD"
# Test authentication with generated password # Get OAuth token with generated password
log_info "Verifying API access with generated password..." log_info "Authenticating with generated password..."
if ! test_auth "$current_password"; then local auth_token
if ! auth_token=$(get_oauth_token "$current_password"); then
log_error "Failed to authenticate with generated password" log_error "Failed to authenticate with generated password"
return 1 return 1
fi fi
@@ -58,9 +59,14 @@ main() {
# Update admin password if provided and different from generated one # Update admin password if provided and different from generated one
if [ -n "$ADMIN_PASSWORD" ] && [ "$ADMIN_PASSWORD" != "$current_password" ]; then if [ -n "$ADMIN_PASSWORD" ] && [ "$ADMIN_PASSWORD" != "$current_password" ]; then
log_info "Updating admin password..." log_info "Updating admin password..."
if update_admin_password "$current_password" "$ADMIN_PASSWORD"; then if update_admin_password "$auth_token" "$ADMIN_PASSWORD"; then
log_success "Admin password updated successfully" log_success "Admin password updated successfully"
current_password="$ADMIN_PASSWORD" current_password="$ADMIN_PASSWORD"
# Get new token with new password
if ! auth_token=$(get_oauth_token "$current_password"); then
log_error "Failed to re-authenticate with new password"
return 1
fi
else else
log_error "Failed to update admin password" log_error "Failed to update admin password"
return 1 return 1
@@ -74,7 +80,7 @@ main() {
if [ -n "$DOMAINS_JSON" ]; then if [ -n "$DOMAINS_JSON" ]; then
log_info "Creating domains..." log_info "Creating domains..."
if validate_json "$DOMAINS_JSON"; then if validate_json "$DOMAINS_JSON"; then
create_domains "$current_password" "$DOMAINS_JSON" create_domains "$auth_token" "$DOMAINS_JSON"
else else
log_error "Invalid domains JSON format" log_error "Invalid domains JSON format"
return 1 return 1
@@ -87,7 +93,7 @@ main() {
if [ -n "$USERS_JSON" ]; then if [ -n "$USERS_JSON" ]; then
log_info "Creating users..." log_info "Creating users..."
if validate_json "$USERS_JSON"; then if validate_json "$USERS_JSON"; then
create_users "$current_password" "$USERS_JSON" create_users "$auth_token" "$USERS_JSON"
else else
log_error "Invalid users JSON format" log_error "Invalid users JSON format"
return 1 return 1
@@ -121,38 +127,73 @@ wait_for_stalwart_api() {
return 1 return 1
} }
# Get OAuth Bearer token using Stalwart's OAuth flow
# Args: $1 = password
# Returns: Bearer token on stdout
get_oauth_token() {
local password="$1"
local nonce="STALWART_$(date +%s)"
# Step 1: Request OAuth authorization code
local oauth_response
oauth_response=$(curl -s -X POST "${API_URL}/oauth" \
-u "admin:${password}" \
-H "Content-Type: application/json" \
-d "{\"type\":\"code\",\"client_id\":\"webadmin\",\"redirect_uri\":\"stalwart://auth\",\"nonce\":\"${nonce}\"}")
local code
code=$(echo "$oauth_response" | jq -r '.data.code // empty' 2>/dev/null)
if [ -z "$code" ]; then
log_error "Failed to get OAuth code"
log_error "Response: $oauth_response"
return 1
fi
# Step 2: Exchange code for access token
local token_response
token_response=$(curl -s -X POST "${API_URL%/api}/auth/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=authorization_code&client_id=webadmin&code=${code}&redirect_uri=stalwart%3A%2F%2Fauth")
local access_token
access_token=$(echo "$token_response" | jq -r '.access_token // empty' 2>/dev/null)
if [ -z "$access_token" ]; then
log_error "Failed to get access token"
log_error "Response: $token_response"
return 1
fi
echo "$access_token"
return 0
}
# Test authentication with Stalwart API # Test authentication with Stalwart API
# Args: $1 = password # Args: $1 = password
# Returns: 0 if auth works, 1 otherwise # Returns: 0 if auth works, 1 otherwise
test_auth() { test_auth() {
local password="$1" local password="$1"
local http_code # Try to get OAuth token
if get_oauth_token "$password" >/dev/null 2>&1; then
# Test with a simple API call to get account info
http_code=$(curl -s -o /dev/null -w "%{http_code}" \
-u "admin:${password}" \
"${API_URL}/accounts")
if [ "$http_code" = "200" ]; then
return 0 return 0
else else
log_error "API test failed with HTTP $http_code"
return 1 return 1
fi fi
} }
# Update admin password # Update admin password
# Args: $1 = current password, $2 = new password # Args: $1 = bearer token, $2 = new password
update_admin_password() { update_admin_password() {
local current_password="$1" local token="$1"
local new_password="$2" local new_password="$2"
local http_code local http_code
local response local response
response=$(curl -s -w "\n%{http_code}" -X PUT "${API_URL}/account/admin" \ response=$(curl -s -w "\n%{http_code}" -X PUT "${API_URL}/account/admin" \
-u "admin:${current_password}" \ -H "Authorization: Bearer ${token}" \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-d "{\"password\":\"${new_password}\"}" 2>&1) -d "{\"password\":\"${new_password}\"}" 2>&1)
@@ -169,9 +210,9 @@ update_admin_password() {
} }
# Create domains from JSON array # Create domains from JSON array
# Args: $1 = password, $2 = domains JSON array # Args: $1 = bearer token, $2 = domains JSON array
create_domains() { create_domains() {
local password="$1" local token="$1"
local domains_json="$2" local domains_json="$2"
local domain_count local domain_count
@@ -211,7 +252,7 @@ create_domains() {
# Create domain via API # Create domain via API
if curl -sf -X POST "${API_URL}/domain" \ if curl -sf -X POST "${API_URL}/domain" \
-u "admin:${password}" \ -H "Authorization: Bearer ${token}" \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-d "$domain" >/dev/null 2>&1; then -d "$domain" >/dev/null 2>&1; then
log_success "✓ Created domain: $domain_name" log_success "✓ Created domain: $domain_name"
@@ -229,9 +270,9 @@ create_domains() {
} }
# Create users from JSON array # Create users from JSON array
# Args: $1 = password, $2 = users JSON array # Args: $1 = bearer token, $2 = users JSON array
create_users() { create_users() {
local password="$1" local token="$1"
local users_json="$2" local users_json="$2"
local user_count local user_count
@@ -280,7 +321,7 @@ create_users() {
# Create user via API # Create user via API
if curl -sf -X POST "${API_URL}/account" \ if curl -sf -X POST "${API_URL}/account" \
-u "admin:${password}" \ -H "Authorization: Bearer ${token}" \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-d "$payload" >/dev/null 2>&1; then -d "$payload" >/dev/null 2>&1; then
log_success "✓ Created user: $email" log_success "✓ Created user: $email"