Automate Dovecot master user setup for webmail SSO in install and upgrade

Adds master passdb config to dovecot.conf templates, setupWebmail() to the installer and upgrade paths to generate credentials and create /etc/dovecot/master-users and /etc/cyberpanel/webmail.conf automatically. The upgrade path is idempotent and patches existing dovecot.conf if needed.
2026-05-09 16:05:36 +02:00 · 2026-03-05 03:30:04 +05:00
parent ed615e25fe
commit 71cf034c8a
4 changed files with 155 additions and 0 deletions
--- a/install/installCyberPanel.py
+++ b/install/installCyberPanel.py
@@ -705,6 +705,50 @@ module cyberpanel_ols {
            logging.InstallLog.writeToFile('[ERROR] ' + str(msg) + " [installSieve]")
            return 0

+    def setupWebmail(self):
+        """Set up Dovecot master user and webmail config for SSO"""
+        try:
+            InstallCyberPanel.stdOut("Setting up webmail master user for SSO...", 1)
+
+            from plogical.randomPassword import generate_pass
+
+            master_password = generate_pass(32)
+
+            # Hash the password using doveadm
+            result = subprocess.run(
+                ['doveadm', 'pw', '-s', 'SHA512-CRYPT', '-p', master_password],
+                capture_output=True, text=True
+            )
+            if result.returncode != 0:
+                logging.InstallLog.writeToFile('[ERROR] doveadm pw failed: ' + result.stderr + " [setupWebmail]")
+                return 0
+
+            password_hash = result.stdout.strip()
+
+            # Write /etc/dovecot/master-users
+            with open('/etc/dovecot/master-users', 'w') as f:
+                f.write('cyberpanel_master:' + password_hash + '\n')
+            os.chmod('/etc/dovecot/master-users', 0o600)
+            subprocess.call(['chown', 'dovecot:dovecot', '/etc/dovecot/master-users'])
+
+            # Write /etc/cyberpanel/webmail.conf
+            import json as json_module
+            webmail_conf = {
+                'master_user': 'cyberpanel_master',
+                'master_password': master_password
+            }
+            with open('/etc/cyberpanel/webmail.conf', 'w') as f:
+                json_module.dump(webmail_conf, f)
+            os.chmod('/etc/cyberpanel/webmail.conf', 0o600)
+            subprocess.call(['chown', 'nobody:nobody', '/etc/cyberpanel/webmail.conf'])
+
+            InstallCyberPanel.stdOut("Webmail master user setup complete!", 1)
+            return 1
+
+        except BaseException as msg:
+            logging.InstallLog.writeToFile('[ERROR] ' + str(msg) + " [setupWebmail]")
+            return 0
+
    def installMySQL(self, mysql):

        ############## Install mariadb ######################
@@ -1320,6 +1364,9 @@ def Main(cwd, mysql, distro, ent, serial=None, port="8090", ftp=None, dns=None,
    logging.InstallLog.writeToFile('Installing Sieve for email filtering..,55')
    installer.installSieve()

+    logging.InstallLog.writeToFile('Setting up webmail master user..,57')
+    installer.setupWebmail()
+
    logging.InstallLog.writeToFile('Installing MySQL,60')
    installer.installMySQL(mysql)
    installer.changeMYSQLRootPassword()