From f92368748addaac6c5eb916e746a9a8af581921a Mon Sep 17 00:00:00 2001
From: Thomas Maurice <thomas@maurice.fr>
Date: Sun, 11 Feb 2024 19:59:34 +0100
Subject: [PATCH] feat(init): First commit
---
.env | 5 +
.gitignore | 1 +
README.md | 69 ++++++
docker-compose.yml | 15 ++
go.mod | 39 ++++
go.sum | 144 ++++++++++++
mailout.yml.sample | 13 ++
main.go | 14 ++
pkg/cmd/dkimkey.go | 417 +++++++++++++++++++++++++++++++++++
pkg/cmd/initdb.go | 25 +++
pkg/cmd/root.go | 48 ++++
pkg/cmd/user.go | 193 ++++++++++++++++
pkg/cmd/utils.go | 45 ++++
pkg/config/config.go | 45 ++++
pkg/crypto/key.go | 31 +++
pkg/database/db.go | 74 +++++++
pkg/models/dkimkey.go | 23 ++
pkg/models/user.go | 24 ++
pkg/providers/configs/ovh.go | 8 +
pkg/providers/ovh/ovh.go | 35 +++
pkg/providers/provider.go | 1 +
pkg/utils/domain.go | 29 +++
22 files changed, 1298 insertions(+)
create mode 100644 .env
create mode 100644 .gitignore
create mode 100644 README.md
create mode 100644 docker-compose.yml
create mode 100644 go.mod
create mode 100644 go.sum
create mode 100644 mailout.yml.sample
create mode 100644 main.go
create mode 100644 pkg/cmd/dkimkey.go
create mode 100644 pkg/cmd/initdb.go
create mode 100644 pkg/cmd/root.go
create mode 100644 pkg/cmd/user.go
create mode 100644 pkg/cmd/utils.go
create mode 100644 pkg/config/config.go
create mode 100644 pkg/crypto/key.go
create mode 100644 pkg/database/db.go
create mode 100644 pkg/models/dkimkey.go
create mode 100644 pkg/models/user.go
create mode 100644 pkg/providers/configs/ovh.go
create mode 100644 pkg/providers/ovh/ovh.go
create mode 100644 pkg/providers/provider.go
create mode 100644 pkg/utils/domain.go
diff --git a/.env b/.env
new file mode 100644
index 0000000..55d691c
--- /dev/null
+++ b/.env
@@ -0,0 +1,5 @@
+export PGHOST=localhost
+export PGPORT=5432
+export PGDATABASE=vmail
+export PGUSER=postgres
+export PGPASSWORD=postgres123
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..c564ff6
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+mailout.yml
\ No newline at end of file
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..0f77ce0
--- /dev/null
+++ b/README.md
@@ -0,0 +1,69 @@
+# mailout
+
+This is a simple binary to handle your self hosted mail notification-sending machines.
+
+**this is not intended for human users**
+
+The premise is as follow:
+
+* you authenticate users with dovecot
+* you sign emails with opendkim
+* you use postfix (might work in other cases but havent tried)
+
+The plan is basically:
+* you have one table to handle your users and their passwords
+* you have one for the DKIM keys you use
+* you have a view to expose the relevant key to use for opendkim
+
+## Warning
+I halfed assed that shit on an afternoon to suit my own needs, improvements will follow.
+
+## Features
+
+* Create mail users
+* Deletes them
+* Update passwords
+
+* Create DKIM keys
+* Delete them
+* Publish them to a DNS provider (currently only OVH)
+* Unpublish them to a DNS provider (currently only OVH)
+
+## Requirements
+* Postgres with a user
+* Optionally an OVH account
+
+### Dovecot
+For authentication, you want to change your `/etc/dovecot/dovecot-sql.conf.ext` to
+```
+driver = pgsql
+connect = host=YOURHOST port=5432 user=YOURUSER password=APASSWORD dbname=DBNAME
+password_query = SELECT password, username AS user FROM users WHERE username = '%n' AND domain = '%d'
+user_query = SELECT maildir, 1000 AS uid, 1000 AS gid FROM users WHERE username = '%n' AND domain = '%d' AND active = '1'
+```
+
+### OpenDKIM
+You want to change the `SigningTable` and `KeyTable` settings in `opendkim.conf` to
+```
+SigningTable dsn:pgsql://USER:PASSWORD@HOST/DATABASE/table=signing_table?keycol=domain_name?datacol=id
+KeyTable dsn:pgsql://USER:PASSWORD@HOST/DATABASE/table=dkimkeys?keycol=id?datacol=domain_name,selector,private_key
+```
+
+Then you should be good to go, fill yourself a config file like that
+```yaml
+postgres:
+ hostname: localhost
+ port: 5432
+ database: vmail
+ user: postgres
+ password: postgres123
+ sslmode: disable
+providers:
+ ovh:
+ application_key: <CHANGEME>
+ application_secret: <CHANGEME>
+ consumer_key: <CHANGEME>
+ endpoint: ovh-eu
+```
+
+pointing to your DB and you're good
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..a4628df
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,15 @@
+version: "3"
+services:
+ postgres:
+ image: postgres:15
+ restart: unless-stopped
+ ports:
+ - 5432:5432/tcp
+ environment:
+ - POSTGRES_USER=postgres
+ - POSTGRES_PASSWORD=postgres123
+ - POSTGRES_DB=vmail
+ volumes:
+ - postgres:/var/lib/postgresql/15/main
+volumes:
+ postgres: {}
\ No newline at end of file
diff --git a/go.mod b/go.mod
new file mode 100644
index 0000000..40d47c5
--- /dev/null
+++ b/go.mod
@@ -0,0 +1,39 @@
+module git.maurice.fr/thomas/mailout
+
+go 1.22.0
+
+require (
+ github.com/google/uuid v1.6.0
+ github.com/pkg/errors v0.9.1
+ github.com/pterm/pterm v0.12.79
+ github.com/sirupsen/logrus v1.9.3
+ github.com/spf13/cobra v1.8.0
+ golang.org/x/crypto v0.14.0
+ gopkg.in/yaml.v3 v3.0.1
+ gorm.io/driver/postgres v1.5.6
+ gorm.io/gorm v1.25.7-0.20240204074919-46816ad31dde
+)
+
+require (
+ atomicgo.dev/cursor v0.2.0 // indirect
+ atomicgo.dev/keyboard v0.2.9 // indirect
+ atomicgo.dev/schedule v0.1.0 // indirect
+ github.com/containerd/console v1.0.3 // indirect
+ github.com/gookit/color v1.5.4 // indirect
+ github.com/inconshreveable/mousetrap v1.1.0 // indirect
+ github.com/jackc/pgpassfile v1.0.0 // indirect
+ github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a // indirect
+ github.com/jackc/pgx/v5 v5.4.3 // indirect
+ github.com/jinzhu/inflection v1.0.0 // indirect
+ github.com/jinzhu/now v1.1.5 // indirect
+ github.com/lithammer/fuzzysearch v1.1.8 // indirect
+ github.com/mattn/go-runewidth v0.0.15 // indirect
+ github.com/ovh/go-ovh v1.4.3 // indirect
+ github.com/rivo/uniseg v0.4.4 // indirect
+ github.com/spf13/pflag v1.0.5 // indirect
+ github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
+ golang.org/x/sys v0.17.0 // indirect
+ golang.org/x/term v0.16.0 // indirect
+ golang.org/x/text v0.14.0 // indirect
+ gopkg.in/ini.v1 v1.67.0 // indirect
+)
diff --git a/go.sum b/go.sum
new file mode 100644
index 0000000..7386b25
--- /dev/null
+++ b/go.sum
@@ -0,0 +1,144 @@
+atomicgo.dev/cursor v0.2.0 h1:H6XN5alUJ52FZZUkI7AlJbUc1aW38GWZalpYRPpoPOw=
+atomicgo.dev/cursor v0.2.0/go.mod h1:Lr4ZJB3U7DfPPOkbH7/6TOtJ4vFGHlgj1nc+n900IpU=
+atomicgo.dev/keyboard v0.2.9 h1:tOsIid3nlPLZ3lwgG8KZMp/SFmr7P0ssEN5JUsm78K8=
+atomicgo.dev/keyboard v0.2.9/go.mod h1:BC4w9g00XkxH/f1HXhW2sXmJFOCWbKn9xrOunSFtExQ=
+atomicgo.dev/schedule v0.1.0 h1:nTthAbhZS5YZmgYbb2+DH8uQIZcTlIrd4eYr3UQxEjs=
+atomicgo.dev/schedule v0.1.0/go.mod h1:xeUa3oAkiuHYh8bKiQBRojqAMq3PXXbJujjb0hw8pEU=
+github.com/MarvinJWendt/testza v0.1.0/go.mod h1:7AxNvlfeHP7Z/hDQ5JtE3OKYT3XFUeLCDE2DQninSqs=
+github.com/MarvinJWendt/testza v0.2.1/go.mod h1:God7bhG8n6uQxwdScay+gjm9/LnO4D3kkcZX4hv9Rp8=
+github.com/MarvinJWendt/testza v0.2.8/go.mod h1:nwIcjmr0Zz+Rcwfh3/4UhBp7ePKVhuBExvZqnKYWlII=
+github.com/MarvinJWendt/testza v0.2.10/go.mod h1:pd+VWsoGUiFtq+hRKSU1Bktnn+DMCSrDrXDpX2bG66k=
+github.com/MarvinJWendt/testza v0.2.12/go.mod h1:JOIegYyV7rX+7VZ9r77L/eH6CfJHHzXjB69adAhzZkI=
+github.com/MarvinJWendt/testza v0.3.0/go.mod h1:eFcL4I0idjtIx8P9C6KkAuLgATNKpX4/2oUqKc6bF2c=
+github.com/MarvinJWendt/testza v0.4.2/go.mod h1:mSdhXiKH8sg/gQehJ63bINcCKp7RtYewEjXsvsVUPbE=
+github.com/atomicgo/cursor v0.0.1/go.mod h1:cBON2QmmrysudxNBFthvMtN32r3jxVRIvzkUiF/RuIk=
+github.com/containerd/console v1.0.3 h1:lIr7SlA5PxZyMV30bDW0MGbiOPXwc63yRuCP0ARubLw=
+github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U=
+github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/gookit/color v1.4.2/go.mod h1:fqRyamkC1W8uxl+lxCQxOT09l/vYfZ+QeiX3rKQHCoQ=
+github.com/gookit/color v1.5.0/go.mod h1:43aQb+Zerm/BWh2GnrgOQm7ffz7tvQXEKV6BFMl7wAo=
+github.com/gookit/color v1.5.4 h1:FZmqs7XOyGgCAxmWyPslpiok1k05wmY3SJTytgvYFs0=
+github.com/gookit/color v1.5.4/go.mod h1:pZJOeOS8DM43rXbp4AZo1n9zCU2qjpcRko0b6/QJi9w=
+github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
+github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
+github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
+github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
+github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a h1:bbPeKD0xmW/Y25WS6cokEszi5g+S0QxI/d45PkRi7Nk=
+github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
+github.com/jackc/pgx/v5 v5.4.3 h1:cxFyXhxlvAifxnkKKdlxv8XqUf59tDlYjnV5YYfsJJY=
+github.com/jackc/pgx/v5 v5.4.3/go.mod h1:Ig06C2Vu0t5qXC60W8sqIthScaEnFvojjj9dSljmHRA=
+github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
+github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
+github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
+github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
+github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
+github.com/klauspost/cpuid/v2 v2.0.10/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c=
+github.com/klauspost/cpuid/v2 v2.0.12/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/lithammer/fuzzysearch v1.1.8 h1:/HIuJnjHuXS8bKaiTMeeDlW2/AyIWk2brx1V8LFgLN4=
+github.com/lithammer/fuzzysearch v1.1.8/go.mod h1:IdqeyBClc3FFqSzYq/MXESsS4S0FsZ5ajtkr5xPLts4=
+github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
+github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U=
+github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
+github.com/ovh/go-ovh v1.4.3 h1:Gs3V823zwTFpzgGLZNI6ILS4rmxZgJwJCz54Er9LwD0=
+github.com/ovh/go-ovh v1.4.3/go.mod h1:AkPXVtgwB6xlKblMjRKJJmjRp+ogrE7fz2lVgcQY8SY=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/pterm/pterm v0.12.27/go.mod h1:PhQ89w4i95rhgE+xedAoqous6K9X+r6aSOI2eFF7DZI=
+github.com/pterm/pterm v0.12.29/go.mod h1:WI3qxgvoQFFGKGjGnJR849gU0TsEOvKn5Q8LlY1U7lg=
+github.com/pterm/pterm v0.12.30/go.mod h1:MOqLIyMOgmTDz9yorcYbcw+HsgoZo3BQfg2wtl3HEFE=
+github.com/pterm/pterm v0.12.31/go.mod h1:32ZAWZVXD7ZfG0s8qqHXePte42kdz8ECtRyEejaWgXU=
+github.com/pterm/pterm v0.12.33/go.mod h1:x+h2uL+n7CP/rel9+bImHD5lF3nM9vJj80k9ybiiTTE=
+github.com/pterm/pterm v0.12.36/go.mod h1:NjiL09hFhT/vWjQHSj1athJpx6H8cjpHXNAK5bUw8T8=
+github.com/pterm/pterm v0.12.40/go.mod h1:ffwPLwlbXxP+rxT0GsgDTzS3y3rmpAO1NMjUkGTYf8s=
+github.com/pterm/pterm v0.12.79 h1:lH3yrYMhdpeqX9y5Ep1u7DejyHy7NSQg9qrBjF9dFT4=
+github.com/pterm/pterm v0.12.79/go.mod h1:1v/gzOF1N0FsjbgTHZ1wVycRkKiatFvJSJC4IGaQAAo=
+github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
+github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis=
+github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
+github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
+github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
+github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
+github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0=
+github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho=
+github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
+github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/xo/terminfo v0.0.0-20210125001918-ca9a967f8778/go.mod h1:2MuV+tbUrU1zIOPMxZ5EncGwgmMJsa+9ucAQZXxsObs=
+github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no=
+github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e/go.mod h1:RbqR21r5mrJuqunuUZ/Dhy/avygyECGrLceyNeo4LiM=
+github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
+golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
+golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
+golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
+golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20211013075003-97ac67df715c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 h1:0A+M6Uqn+Eje4kHMK80dtF3JCXC4ykBgQG4Fe06QRhQ=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
+golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
+golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE=
+golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
+golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
+golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
+golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
+gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gorm.io/driver/postgres v1.5.6 h1:ydr9xEd5YAM0vxVDY0X139dyzNz10spDiDlC7+ibLeU=
+gorm.io/driver/postgres v1.5.6/go.mod h1:3e019WlBaYI5o5LIdNV+LyxCMNtLOQETBXL2h4chKpA=
+gorm.io/gorm v1.25.7-0.20240204074919-46816ad31dde h1:9DShaph9qhkIYw7QF91I/ynrr4cOO2PZra2PFD7Mfeg=
+gorm.io/gorm v1.25.7-0.20240204074919-46816ad31dde/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8=
diff --git a/mailout.yml.sample b/mailout.yml.sample
new file mode 100644
index 0000000..ecf81f0
--- /dev/null
+++ b/mailout.yml.sample
@@ -0,0 +1,13 @@
+postgres:
+ hostname: localhost
+ port: 5432
+ database: vmail
+ user: postgres
+ password: postgres123
+ sslmode: disable
+providers:
+ ovh:
+ application_key: <CHANGEME>
+ application_secret: <CHANGEME>
+ consumer_key: <CHANGEME>
+ endpoint: ovh-eu
diff --git a/main.go b/main.go
new file mode 100644
index 0000000..c4c95cc
--- /dev/null
+++ b/main.go
@@ -0,0 +1,14 @@
+package main
+
+import (
+ "github.com/sirupsen/logrus"
+
+ "git.maurice.fr/thomas/mailout/pkg/cmd"
+)
+
+func main() {
+ cmd.InitRootCmd()
+ if err := cmd.RootCmd.Execute(); err != nil {
+ logrus.Fatal(err)
+ }
+}
diff --git a/pkg/cmd/dkimkey.go b/pkg/cmd/dkimkey.go
new file mode 100644
index 0000000..949a7e1
--- /dev/null
+++ b/pkg/cmd/dkimkey.go
@@ -0,0 +1,417 @@
+package cmd
+
+import (
+ "crypto/rand"
+ "encoding/hex"
+ "fmt"
+
+ "git.maurice.fr/thomas/mailout/pkg/crypto"
+ "git.maurice.fr/thomas/mailout/pkg/database"
+ "git.maurice.fr/thomas/mailout/pkg/models"
+ "git.maurice.fr/thomas/mailout/pkg/providers/ovh"
+ "git.maurice.fr/thomas/mailout/pkg/utils"
+ "github.com/google/uuid"
+ "github.com/pterm/pterm"
+ "github.com/sirupsen/logrus"
+ "github.com/spf13/cobra"
+)
+
+var (
+ flagDKIMKeyActive bool
+ flagSelector string
+ flagKeyBits int
+)
+
+var DKIMKeyCmd = &cobra.Command{
+ Use: "dkimkey",
+ Short: "manages DKIM keys",
+}
+
+var DKIMKeyAddCmd = &cobra.Command{
+ Use: "add [domain]",
+ Short: "adds a DKIM signing key",
+ Args: cobra.ExactArgs(1),
+ Run: func(cmd *cobra.Command, args []string) {
+ db, err := database.NewDB(cfg)
+ if err != nil {
+ logrus.WithError(err).Fatal("could not connect to the database")
+ }
+
+ priv, pub, err := crypto.GenerateKeyPair(flagKeyBits)
+ if err != nil {
+ panic(err)
+ }
+
+ selector := flagSelector
+ if selector == "" {
+ b := make([]byte, 8)
+ _, err := rand.Read(b)
+ if err != nil {
+ logrus.Fatal("entropy generator is kill")
+ }
+
+ selector = hex.EncodeToString(b)
+ }
+
+ dkimkey := models.DKIMKey{
+ DomainName: args[0],
+ PublicKey: pub,
+ PrivateKey: priv,
+ Active: flagUserActive,
+ Selector: selector,
+ Record: fmt.Sprintf("%s._domainkey.%s. IN TXT \"v=DKIM1; k=rsa; p=%s\"", selector, args[0], pub),
+ }
+ err = db.Save(&dkimkey).Error
+
+ if err != nil {
+ logrus.WithError(err).Fatal("could not create DKIM key")
+ }
+
+ logrus.Infof("created DKIM key %s", dkimkey.ID)
+ },
+}
+
+var DKIMKeyListCmd = &cobra.Command{
+ Use: "list",
+ Short: "list DKIM keys",
+ Run: func(cmd *cobra.Command, args []string) {
+ db, err := database.NewDB(cfg)
+ if err != nil {
+ logrus.WithError(err).Fatal("could not connect to the database")
+ }
+
+ qRes := make([]models.DKIMKey, 0)
+
+ err = db.Find(&qRes).Error
+ if err != nil {
+ logrus.WithError(err).Fatal("could not list keys")
+ }
+
+ tData := pterm.TableData{
+ {"id", "selector", "domain", "active", "created_at", "updated_at"},
+ }
+ for _, k := range qRes {
+ tData = append(tData, []string{k.ID.String(), k.Selector, k.DomainName, fmt.Sprintf("%v", k.Active), k.CreatedAt.String(), k.UpdatedAt.String()})
+ }
+
+ pterm.DefaultTable.WithHasHeader().WithData(tData).Render()
+ },
+}
+
+var DKIMKeyRecordCmd = &cobra.Command{
+ Use: "record",
+ Short: "gives the dns record for a key",
+ Run: func(cmd *cobra.Command, args []string) {
+ db, err := database.NewDB(cfg)
+ if err != nil {
+ logrus.WithError(err).Fatal("could not connect to the database")
+ }
+
+ qRes := make([]models.DKIMKey, 0)
+
+ id, err := uuid.Parse(args[0])
+ if err != nil {
+ logrus.WithError(err).Fatal("invalid UUID")
+ }
+
+ err = db.Where(models.DKIMKey{ID: id}).Find(&qRes).Error
+ if err != nil {
+ logrus.WithError(err).Fatal("could not search keys")
+ }
+ if len(qRes) == 0 {
+ logrus.WithError(err).Fatal("No such key")
+ }
+
+ fmt.Println(qRes[0].Record)
+ },
+}
+
+var DKIMKeyDeleteCmd = &cobra.Command{
+ Use: "delete",
+ Short: "delete DKIM keys",
+ Args: cobra.ExactArgs(1),
+ Run: func(cmd *cobra.Command, args []string) {
+ db, err := database.NewDB(cfg)
+ if err != nil {
+ logrus.WithError(err).Fatal("could not connect to the database")
+ }
+
+ id, err := uuid.Parse(args[0])
+ if err != nil {
+ logrus.WithError(err).Fatal("invalid UUID")
+ }
+ err = db.Where(&models.DKIMKey{ID: id}).Delete(&models.DKIMKey{}).Error
+ if err != nil {
+ logrus.WithError(err).Fatal("could not delete DKIM key")
+ }
+
+ logrus.Infof("deleted DKIM key %s if it existed", args[0])
+ },
+}
+
+var DKIMKeyActivateCmd = &cobra.Command{
+ Use: "activate",
+ Short: "activates a DKIM key",
+ Args: cobra.ExactArgs(1),
+ Run: func(cmd *cobra.Command, args []string) {
+ db, err := database.NewDB(cfg)
+ if err != nil {
+ logrus.WithError(err).Fatal("could not connect to the database")
+ }
+
+ id, err := uuid.Parse(args[0])
+ if err != nil {
+ logrus.WithError(err).Fatal("invalid UUID")
+ }
+
+ err = db.Model(&models.DKIMKey{}).Where(&models.DKIMKey{ID: id}).Update("active", true).Error
+ if err != nil {
+ logrus.WithError(err).Fatal("could not activate DKIM key")
+ }
+
+ logrus.Infof("activated DKIM key %s", args[0])
+ },
+}
+
+var DKIMKeyDeactivateCmd = &cobra.Command{
+ Use: "deactivate",
+ Short: "deactivates a DKIM key",
+ Args: cobra.ExactArgs(1),
+ Run: func(cmd *cobra.Command, args []string) {
+ db, err := database.NewDB(cfg)
+ if err != nil {
+ logrus.WithError(err).Fatal("could not connect to the database")
+ }
+
+ id, err := uuid.Parse(args[0])
+ if err != nil {
+ logrus.WithError(err).Fatal("invalid UUID")
+ }
+
+ err = db.Model(&models.DKIMKey{}).Where(&models.DKIMKey{ID: id}).Update("active", false).Error
+ if err != nil {
+ logrus.WithError(err).Fatal("could not deactivate DKIM key")
+ }
+
+ logrus.Infof("deactivated DKIM key %s", args[0])
+ },
+}
+
+var DKIMKeyPublishCmd = &cobra.Command{
+ Use: "publish",
+ Short: "publishes a DKIM key onto a DNS provider",
+ Args: cobra.ExactArgs(1),
+ Run: func(cmd *cobra.Command, args []string) {
+ db, err := database.NewDB(cfg)
+ if err != nil {
+ logrus.WithError(err).Fatal("could not connect to the database")
+ }
+
+ qRes := make([]models.DKIMKey, 0)
+
+ id, err := uuid.Parse(args[0])
+ if err != nil {
+ logrus.WithError(err).Fatal("invalid UUID")
+ }
+
+ err = db.Where(models.DKIMKey{ID: id}).Find(&qRes).Error
+ if err != nil {
+ logrus.WithError(err).Fatal("could not get key")
+ }
+ if len(qRes) == 0 {
+ logrus.WithError(err).Fatal("No such key")
+ }
+
+ dkimkey := qRes[0]
+ logger := logrus.WithFields(logrus.Fields{
+ "dkimkey": dkimkey.ID,
+ "selector": dkimkey.Selector,
+ })
+
+ ovhClient, err := ovh.NewOVHProvider(cfg)
+ if err != nil {
+ logger.WithError(err).Fatal("could not get OVH DNS provider")
+ }
+
+ zone, err := utils.GetZone(dkimkey.DomainName)
+ if err != nil {
+ logger.WithError(err).Fatal("could not determine zone")
+ }
+ subdomain, err := utils.GetSubdomain(dkimkey.DomainName)
+ if err != nil {
+ logger.WithError(err).Fatal("could not determine subdomain")
+ }
+
+ if subdomain == "" {
+ subdomain = zone
+ }
+
+ logger = logger.WithFields(logrus.Fields{
+ "zone": zone,
+ "subdomain": subdomain,
+ })
+
+ dkimSub := fmt.Sprintf("%s._domainkey.%s", dkimkey.Selector, subdomain)
+ result := make([]int, 0)
+
+ err = ovhClient.Client.Get(fmt.Sprintf("/domain/zone/%s/record?fieldType=TXT&subDomain=%s", zone, dkimSub), &result)
+
+ if err != nil {
+ logger.WithError(err).Fatal("could not lookup records")
+ }
+
+ type createParams struct {
+ FieldType string `json:"fieldType"`
+ SubDomain string `json:"subDomain"`
+ Target string `json:"target"`
+ TTL int `json:"ttl"`
+ }
+
+ type updateParams struct {
+ SubDomain string `json:"subDomain"`
+ Target string `json:"target"`
+ TTL int `json:"ttl"`
+ }
+
+ if len(result) == 0 {
+ logger.Info("no DKIM records found, creating a new one")
+
+ c := createParams{
+ FieldType: "TXT",
+ SubDomain: fmt.Sprintf("%s._domainkey.%s", dkimkey.Selector, subdomain),
+ Target: fmt.Sprintf("\"v=DKIM1; k=rsa; p=%s\"", dkimkey.PublicKey),
+ TTL: 60,
+ }
+
+ err = ovhClient.Client.Post(fmt.Sprintf("/domain/zone/%s/record", zone), &c, nil)
+ if err != nil {
+ logger.WithError(err).Fatal("could not create new record")
+ }
+ logger.Info("created new DKIM record")
+
+ err = ovhClient.Client.Post(fmt.Sprintf("/domain/zone/%s/refresh", zone), nil, nil)
+ if err != nil {
+ logger.WithError(err).Fatal("could not refresh the zone")
+ }
+ logger.Info("refreshed zone")
+ } else if len(result) == 1 {
+ logger.Info("found one record, updating it")
+
+ u := updateParams{
+ SubDomain: fmt.Sprintf("%s._domainkey.%s", dkimkey.Selector, subdomain),
+ Target: fmt.Sprintf("\"v=DKIM1; k=foo; p=%s\"", dkimkey.PublicKey),
+ TTL: 60,
+ }
+
+ err = ovhClient.Client.Put(fmt.Sprintf("/domain/zone/%s/record/%d", zone, result[0]), &u, nil)
+ if err != nil {
+ logger.WithError(err).Fatal("could not update record")
+ }
+ logger.Info("updated existing record")
+
+ err = ovhClient.Client.Post(fmt.Sprintf("/domain/zone/%s/refresh", zone), nil, nil)
+ if err != nil {
+ logger.WithError(err).Fatal("could not refresh the zone")
+ }
+ logger.Info("refreshed zone")
+ }
+ },
+}
+
+var DKIMKeyUnpublishCmd = &cobra.Command{
+ Use: "unpublish",
+ Short: "removes a DKIM key onto a DNS provider",
+ Args: cobra.ExactArgs(1),
+ Run: func(cmd *cobra.Command, args []string) {
+ db, err := database.NewDB(cfg)
+ if err != nil {
+ logrus.WithError(err).Fatal("could not connect to the database")
+ }
+
+ qRes := make([]models.DKIMKey, 0)
+
+ id, err := uuid.Parse(args[0])
+ if err != nil {
+ logrus.WithError(err).Fatal("invalid UUID")
+ }
+
+ err = db.Where(models.DKIMKey{ID: id}).Find(&qRes).Error
+ if err != nil {
+ logrus.WithError(err).Fatal("could not get key")
+ }
+ if len(qRes) == 0 {
+ logrus.WithError(err).Fatal("No such key")
+ }
+
+ dkimkey := qRes[0]
+ logger := logrus.WithFields(logrus.Fields{
+ "dkimkey": dkimkey.ID,
+ "selector": dkimkey.Selector,
+ })
+
+ ovhClient, err := ovh.NewOVHProvider(cfg)
+ if err != nil {
+ logger.WithError(err).Fatal("could not get OVH DNS provider")
+ }
+
+ zone, err := utils.GetZone(dkimkey.DomainName)
+ if err != nil {
+ logger.WithError(err).Fatal("could not determine zone")
+ }
+ subdomain, err := utils.GetSubdomain(dkimkey.DomainName)
+ if err != nil {
+ logger.WithError(err).Fatal("could not determine subdomain")
+ }
+
+ if subdomain == "" {
+ subdomain = zone
+ }
+
+ logger = logger.WithFields(logrus.Fields{
+ "zone": zone,
+ "subdomain": subdomain,
+ })
+
+ dkimSub := fmt.Sprintf("%s._domainkey.%s", dkimkey.Selector, subdomain)
+ result := make([]int, 0)
+
+ err = ovhClient.Client.Get(fmt.Sprintf("/domain/zone/%s/record?fieldType=TXT&subDomain=%s", zone, dkimSub), &result)
+
+ if err != nil {
+ logger.WithError(err).Fatal("could not lookup records")
+ }
+
+ if len(result) == 0 {
+ logger.Info("no DKIM records found, no need to do anything")
+ } else if len(result) == 1 {
+ logger.Info("found one record, deleting it")
+
+ err = ovhClient.Client.Delete(fmt.Sprintf("/domain/zone/%s/record/%d", zone, result[0]), nil)
+ if err != nil {
+ logger.WithError(err).Fatal("could not delete record")
+ }
+ logger.Info("deleted existing record")
+
+ err = ovhClient.Client.Post(fmt.Sprintf("/domain/zone/%s/refresh", zone), nil, nil)
+ if err != nil {
+ logger.WithError(err).Fatal("could not refresh the zone")
+ }
+ logger.Info("refreshed zone")
+ }
+ },
+}
+
+func InitDKIMKeyCmd() {
+ DKIMKeyCmd.AddCommand(DKIMKeyAddCmd)
+ DKIMKeyCmd.AddCommand(DKIMKeyListCmd)
+ DKIMKeyCmd.AddCommand(DKIMKeyDeleteCmd)
+ DKIMKeyCmd.AddCommand(DKIMKeyActivateCmd)
+ DKIMKeyCmd.AddCommand(DKIMKeyDeactivateCmd)
+ DKIMKeyCmd.AddCommand(DKIMKeyRecordCmd)
+ DKIMKeyCmd.AddCommand(DKIMKeyPublishCmd)
+ DKIMKeyCmd.AddCommand(DKIMKeyUnpublishCmd)
+
+ DKIMKeyAddCmd.PersistentFlags().BoolVarP(&flagDKIMKeyActive, "active", "a", true, "whether or not the created key is active")
+ DKIMKeyAddCmd.PersistentFlags().StringVarP(&flagSelector, "selector", "s", "", "force a selector for the key")
+ DKIMKeyAddCmd.PersistentFlags().IntVarP(&flagKeyBits, "key-bits", "k", 2048, "force a size for the key")
+}
diff --git a/pkg/cmd/initdb.go b/pkg/cmd/initdb.go
new file mode 100644
index 0000000..f22d1c8
--- /dev/null
+++ b/pkg/cmd/initdb.go
@@ -0,0 +1,25 @@
+package cmd
+
+import (
+ "git.maurice.fr/thomas/mailout/pkg/database"
+ "github.com/sirupsen/logrus"
+ "github.com/spf13/cobra"
+)
+
+var InitDBCmd = &cobra.Command{
+ Use: "initdb",
+ Short: "initialises the database",
+ Run: func(cmd *cobra.Command, args []string) {
+ db, err := database.NewDB(cfg)
+ if err != nil {
+ logrus.WithError(err).Fatal("could not connect to the database")
+ }
+
+ err = database.InitMigrate(db)
+ if err != nil {
+ logrus.WithError(err).Fatal("could not initialise the database")
+ }
+
+ logrus.Info("successfully initialised the database")
+ },
+}
diff --git a/pkg/cmd/root.go b/pkg/cmd/root.go
new file mode 100644
index 0000000..cb7e71e
--- /dev/null
+++ b/pkg/cmd/root.go
@@ -0,0 +1,48 @@
+package cmd
+
+import (
+ "fmt"
+
+ "git.maurice.fr/thomas/mailout/pkg/config"
+ "github.com/spf13/cobra"
+)
+
+var (
+ configFile string
+ cfg *config.Config
+)
+
+var RootCmd = &cobra.Command{
+ Use: "mailoutctl",
+ Short: "mailout management utility",
+ PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
+ var err error
+ cfg, err = config.LoadConfig(configFile)
+ if err != nil {
+ return err
+ }
+
+ return nil
+ },
+}
+
+var VersionCmd = &cobra.Command{
+ Use: "version",
+ Short: "Print the version number",
+ Long: ``,
+ Run: func(cmd *cobra.Command, args []string) {
+ fmt.Println("v0.0.1")
+ },
+}
+
+func InitRootCmd() {
+ InitUserCmd()
+ InitDKIMKeyCmd()
+
+ RootCmd.AddCommand(VersionCmd)
+ RootCmd.AddCommand(InitDBCmd)
+ RootCmd.AddCommand(UserCmd)
+ RootCmd.AddCommand(DKIMKeyCmd)
+
+ RootCmd.PersistentFlags().StringVarP(&configFile, "config", "c", "mailout.yml", "Configuration file")
+}
diff --git a/pkg/cmd/user.go b/pkg/cmd/user.go
new file mode 100644
index 0000000..4cb794e
--- /dev/null
+++ b/pkg/cmd/user.go
@@ -0,0 +1,193 @@
+package cmd
+
+import (
+ "fmt"
+
+ "git.maurice.fr/thomas/mailout/pkg/database"
+ "git.maurice.fr/thomas/mailout/pkg/models"
+ "github.com/pterm/pterm"
+ "github.com/sirupsen/logrus"
+ "github.com/spf13/cobra"
+ "golang.org/x/crypto/bcrypt"
+)
+
+var (
+ flagUserActive bool
+)
+
+var UserCmd = &cobra.Command{
+ Use: "user",
+ Short: "manages users",
+}
+
+var UserAddCmd = &cobra.Command{
+ Use: "add [user_address] [password]",
+ Short: "adds a user",
+ Args: cobra.ExactArgs(2),
+ Run: func(cmd *cobra.Command, args []string) {
+ db, err := database.NewDB(cfg)
+ if err != nil {
+ logrus.WithError(err).Fatal("could not connect to the database")
+ }
+
+ username, domain, err := splitUser(args[0])
+ if err != nil {
+ logrus.WithError(err).Fatal("could not parse user")
+ }
+
+ qRes := make([]models.User, 0)
+ var user models.User
+ userExists := false
+ logger := logrus.WithField("user", args[0])
+
+ err = db.Where(&models.User{Domain: domain, Username: username}).Find(&qRes).Error
+ if err != nil {
+ logger.WithError(err).Fatal("could not check user's existence")
+ }
+
+ if len(qRes) == 0 {
+ userExists = false
+ } else {
+ logger.Warning("user already exists, it's password will be updated")
+ user = qRes[0]
+ userExists = true
+ }
+
+ passwordHash, err := bcrypt.GenerateFromPassword([]byte(args[1]), bcrypt.DefaultCost)
+ if err != nil {
+ logger.WithError(err).Fatal("could not compute user password hash")
+ }
+
+ if userExists {
+ err = db.Model(&models.User{}).Where(&user).Update("password", fmt.Sprintf("{BLF-CRYPT}%s", string(passwordHash))).Error
+ if err != nil {
+ logger.WithError(err).Fatal("could not update user password")
+ }
+ logger.Infof("updated user %s", user.ID)
+ return
+ }
+
+ user = models.User{
+ Username: username,
+ Domain: domain,
+ Active: flagUserActive,
+ Password: fmt.Sprintf("{BLF-CRYPT}%s", string(passwordHash)),
+ }
+ err = db.Save(&user).Error
+
+ if err != nil {
+ logger.WithError(err).Fatal("could not create user")
+ }
+
+ logger.Infof("created user %s", user.ID)
+ },
+}
+
+var UserListCmd = &cobra.Command{
+ Use: "list",
+ Short: "list users",
+ Run: func(cmd *cobra.Command, args []string) {
+ db, err := database.NewDB(cfg)
+ if err != nil {
+ logrus.WithError(err).Fatal("could not connect to the database")
+ }
+
+ qRes := make([]models.User, 0)
+
+ err = db.Find(&qRes).Error
+ if err != nil {
+ logrus.WithError(err).Fatal("could not list users")
+ }
+
+ tData := pterm.TableData{
+ {"id", "username", "domain", "active", "uid", "gid", "created_at", "updated_at"},
+ }
+ for _, u := range qRes {
+ tData = append(tData, []string{u.ID.String(), u.Username, u.Domain, fmt.Sprintf("%v", u.Active), fmt.Sprintf("%d", u.UID), fmt.Sprintf("%d", u.GID), u.CreatedAt.String(), u.UpdatedAt.String()})
+ }
+
+ pterm.DefaultTable.WithHasHeader().WithData(tData).Render()
+ },
+}
+
+var UserDeleteCmd = &cobra.Command{
+ Use: "delete",
+ Short: "delete users",
+ Args: cobra.ExactArgs(1),
+ Run: func(cmd *cobra.Command, args []string) {
+ db, err := database.NewDB(cfg)
+ if err != nil {
+ logrus.WithError(err).Fatal("could not connect to the database")
+ }
+
+ userQuery, err := buildUserQuery(args[0])
+ if err != nil {
+ logrus.WithError(err).Fatal("unable to determine user")
+ }
+
+ err = db.Where(&userQuery).Delete(&models.User{}).Error
+ if err != nil {
+ logrus.WithError(err).Fatal("could not delete user")
+ }
+
+ logrus.Infof("deleted user %s if it existed", args[0])
+ },
+}
+
+var UserActivateCmd = &cobra.Command{
+ Use: "activate",
+ Short: "activates a user",
+ Args: cobra.ExactArgs(1),
+ Run: func(cmd *cobra.Command, args []string) {
+ db, err := database.NewDB(cfg)
+ if err != nil {
+ logrus.WithError(err).Fatal("could not connect to the database")
+ }
+
+ userQuery, err := buildUserQuery(args[0])
+ if err != nil {
+ logrus.WithError(err).Fatal("unable to determine user")
+ }
+
+ err = db.Model(&models.User{}).Where(&userQuery).Update("active", true).Error
+ if err != nil {
+ logrus.WithError(err).Fatal("could not activate user")
+ }
+
+ logrus.Infof("activated user %s", args[0])
+ },
+}
+
+var UserDeactivateCmd = &cobra.Command{
+ Use: "deactivate",
+ Short: "deactivates a user",
+ Args: cobra.ExactArgs(1),
+ Run: func(cmd *cobra.Command, args []string) {
+ db, err := database.NewDB(cfg)
+ if err != nil {
+ logrus.WithError(err).Fatal("could not connect to the database")
+ }
+
+ userQuery, err := buildUserQuery(args[0])
+ if err != nil {
+ logrus.WithError(err).Fatal("unable to determine user")
+ }
+
+ err = db.Model(&models.User{}).Where(&userQuery).Update("active", false).Error
+ if err != nil {
+ logrus.WithError(err).Fatal("could not deactivate user")
+ }
+
+ logrus.Infof("deactivated user %s", args[0])
+ },
+}
+
+func InitUserCmd() {
+ UserCmd.AddCommand(UserAddCmd)
+ UserCmd.AddCommand(UserListCmd)
+ UserCmd.AddCommand(UserDeleteCmd)
+ UserCmd.AddCommand(UserActivateCmd)
+ UserCmd.AddCommand(UserDeactivateCmd)
+
+ UserAddCmd.PersistentFlags().BoolVarP(&flagUserActive, "active", "a", true, "whether or not the created user is active")
+}
diff --git a/pkg/cmd/utils.go b/pkg/cmd/utils.go
new file mode 100644
index 0000000..ed01fe4
--- /dev/null
+++ b/pkg/cmd/utils.go
@@ -0,0 +1,45 @@
+package cmd
+
+import (
+ "fmt"
+ "regexp"
+ "strings"
+
+ "git.maurice.fr/thomas/mailout/pkg/models"
+ "github.com/google/uuid"
+)
+
+var (
+ uuidRegex = regexp.MustCompile("^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$")
+)
+
+func splitUser(user string) (string, string, error) {
+ splt := strings.Split(user, "@")
+ if len(splt) != 2 {
+ return "", "", fmt.Errorf("invalid username: %s", user)
+ }
+
+ if len(splt[0]) == 0 || len(splt[1]) == 0 {
+ return "", "", fmt.Errorf("invalid username: %s", user)
+ }
+
+ return splt[0], splt[1], nil
+}
+
+func buildUserQuery(arg string) (*models.User, error) {
+ var userQuery models.User
+ if uuidRegex.Match([]byte(arg)) {
+ id, err := uuid.Parse(arg)
+ if err != nil {
+ return nil, err
+ }
+ userQuery.ID = id
+ } else {
+ username, domain, err := splitUser(arg)
+ if err != nil {
+ return nil, err
+ }
+ userQuery = models.User{Domain: domain, Username: username}
+ }
+ return &userQuery, nil
+}
diff --git a/pkg/config/config.go b/pkg/config/config.go
new file mode 100644
index 0000000..f8e864a
--- /dev/null
+++ b/pkg/config/config.go
@@ -0,0 +1,45 @@
+package config
+
+import (
+ "os"
+
+ providerConfigs "git.maurice.fr/thomas/mailout/pkg/providers/configs"
+ "gopkg.in/yaml.v3"
+)
+
+type Config struct {
+ Postgres struct {
+ Hostname string `yaml:"hostname"`
+ Port int `yaml:"port"`
+ User string `yaml:"user"`
+ Password string `yaml:"password"`
+ Database string `yaml:"database"`
+ SSLMode string `yaml:"sslmode"`
+ } `yaml:"postgres"`
+ Providers struct {
+ OVH *providerConfigs.OVHConfig `yaml:"ovh"`
+ } `yaml:"providers"`
+}
+
+func LoadConfig(path string) (*Config, error) {
+ b, err := os.ReadFile(path)
+ if err != nil {
+ return nil, err
+ }
+
+ var cfg Config
+ err = yaml.Unmarshal(b, &cfg)
+ if err != nil {
+ return nil, err
+ }
+
+ if cfg.Postgres.SSLMode == "" {
+ cfg.Postgres.SSLMode = "disable"
+ }
+
+ if cfg.Postgres.Port == 0 {
+ cfg.Postgres.Port = 5432
+ }
+
+ return &cfg, err
+}
diff --git a/pkg/crypto/key.go b/pkg/crypto/key.go
new file mode 100644
index 0000000..a23d1e4
--- /dev/null
+++ b/pkg/crypto/key.go
@@ -0,0 +1,31 @@
+package crypto
+
+import (
+ "crypto/rand"
+ "crypto/rsa"
+ "crypto/x509"
+ "encoding/base64"
+ "encoding/pem"
+)
+
+func GenerateKeyPair(bytes int) (string, string, error) {
+ privateKey, err := rsa.GenerateKey(rand.Reader, bytes)
+ if err != nil {
+ return "", "", err
+ }
+
+ err = privateKey.Validate()
+ if err != nil {
+ return "", "", err
+ }
+
+ privBlock := pem.Block{
+ Type: "PRIVATE KEY",
+ Headers: nil,
+ Bytes: x509.MarshalPKCS1PrivateKey(privateKey),
+ }
+
+ privateKeyPEM := pem.EncodeToMemory(&privBlock)
+
+ return string(privateKeyPEM), string(base64.StdEncoding.EncodeToString(x509.MarshalPKCS1PublicKey(&privateKey.PublicKey))), nil
+}
diff --git a/pkg/database/db.go b/pkg/database/db.go
new file mode 100644
index 0000000..394a288
--- /dev/null
+++ b/pkg/database/db.go
@@ -0,0 +1,74 @@
+package database
+
+import (
+ "fmt"
+
+ "git.maurice.fr/thomas/mailout/pkg/config"
+ "git.maurice.fr/thomas/mailout/pkg/models"
+ "gorm.io/driver/postgres"
+ "gorm.io/gorm"
+)
+
+const (
+ createViewRawSQL = `
+/*
+ This view basically returns to you the most recent key for
+ each known domain, so that when opendkim performs a where
+ filter on the result only one result will be returned.
+ Hence avoiding to make it confused and upset
+*/
+CREATE OR REPLACE VIEW signing_table AS
+ SELECT
+ k1.id,
+ k1.domain_name,
+ k1.created_at
+ FROM
+ dkimkeys AS k1
+ INNER JOIN
+ dkimkeys AS k2
+ ON
+ k1.created_at = (
+ SELECT
+ max(created_at)
+ FROM
+ dkimkeys
+ WHERE
+ domain_name = k1.domain_name
+ AND k1.active = true
+ )
+ WHERE k1.domain_name = k2.domain_name
+ AND k1.created_at = k2.created_at;
+`
+)
+
+func NewDB(cfg *config.Config) (*gorm.DB, error) {
+ db, err := gorm.Open(
+ postgres.Open(
+ fmt.Sprintf(
+ "host=%s port=%d user=%s password=%s dbname=%s sslmode=%s",
+ cfg.Postgres.Hostname,
+ cfg.Postgres.Port,
+ cfg.Postgres.User,
+ cfg.Postgres.Password,
+ cfg.Postgres.Database,
+ cfg.Postgres.SSLMode,
+ ),
+ ),
+ &gorm.Config{})
+
+ return db, err
+}
+
+func InitMigrate(db *gorm.DB) error {
+ err := db.AutoMigrate(&models.User{}, &models.DKIMKey{})
+ if err != nil {
+ return fmt.Errorf("could not auto migrate database: %w", err)
+ }
+
+ err = db.Exec(createViewRawSQL).Error
+ if err != nil {
+ return fmt.Errorf("could not create the view: %w", err)
+ }
+
+ return nil
+}
diff --git a/pkg/models/dkimkey.go b/pkg/models/dkimkey.go
new file mode 100644
index 0000000..1cf4a8b
--- /dev/null
+++ b/pkg/models/dkimkey.go
@@ -0,0 +1,23 @@
+package models
+
+import (
+ "time"
+
+ "github.com/google/uuid"
+)
+
+type DKIMKey struct {
+ ID uuid.UUID `gorm:"primaryKey;column:id;type:uuid;default:gen_random_uuid()" yaml:"id"`
+ Selector string `gorm:"column:selector;type:varchar(128);not null" yaml:"selector"`
+ DomainName string `gorm:"column:domain_name;type:varchar(256);not null" yaml:"domain_name"`
+ PublicKey string `gorm:"column:public_key;type:text;not null" yaml:"public_key"`
+ PrivateKey string `gorm:"column:private_key;type:text;not null" yaml:"private_key"`
+ Record string `gorm:"column:record;type:text;not null" yaml:"record"`
+ Active bool `gorm:"column:active;type:boolean;not null;default:true" yaml:"active"`
+ CreatedAt time.Time `gorm:"column:created_at;type:timestamp;not null;autoCreateTime:nano;default:now()" yaml:"created_at"`
+ UpdatedAt time.Time `gorm:"column:udpated_at;type:timestamp;not null;autoUpdateTime:nano;default:now()" yaml:"updated_at"`
+}
+
+func (o *DKIMKey) TableName() string {
+ return "dkimkeys"
+}
diff --git a/pkg/models/user.go b/pkg/models/user.go
new file mode 100644
index 0000000..bcb061f
--- /dev/null
+++ b/pkg/models/user.go
@@ -0,0 +1,24 @@
+package models
+
+import (
+ "time"
+
+ "github.com/google/uuid"
+)
+
+type User struct {
+ ID uuid.UUID `gorm:"column:id;type:uuid;default:gen_random_uuid()" yaml:"id"`
+ Username string `gorm:"primaryKey;column:username;type:varchar(256);not null" yaml:"username"`
+ Domain string `gorm:"primaryKey;column:domain;type:varchar(256);not null" yaml:"domain"`
+ Password string `gorm:"column:password;type:varchar(256);not null" yaml:"password"`
+ Home string `gorm:"column:home;type:varchar(256);not null;default:/var/lib/vmail/null" yaml:"home"`
+ UID int `gorm:"column:uid;type:integer;not null;default:1000" yaml:"uid"`
+ GID int `gorm:"column:gid;type:integer;not null;default:1000" yaml:"gid"`
+ Active bool `gorm:"column:active;type:boolean;not null;default:true" yaml:"active"`
+ CreatedAt time.Time `gorm:"column:created_at;type:timestamp;not null;autoCreateTime:nano;default:now()" yaml:"created_at"`
+ UpdatedAt time.Time `gorm:"column:udpated_at;type:timestamp;not null;autoUpdateTime:nano;default:now()" yaml:"updated_at"`
+}
+
+func (o *User) TableName() string {
+ return "users"
+}
diff --git a/pkg/providers/configs/ovh.go b/pkg/providers/configs/ovh.go
new file mode 100644
index 0000000..311dc4d
--- /dev/null
+++ b/pkg/providers/configs/ovh.go
@@ -0,0 +1,8 @@
+package configs
+
+type OVHConfig struct {
+ Endpoint string `yaml:"endpoint"`
+ ApplicationKey string `yaml:"application_key"`
+ ApplicationSecret string `yaml:"application_secret"`
+ ConsumerKey string `yaml:"consumer_key"`
+}
diff --git a/pkg/providers/ovh/ovh.go b/pkg/providers/ovh/ovh.go
new file mode 100644
index 0000000..1be1689
--- /dev/null
+++ b/pkg/providers/ovh/ovh.go
@@ -0,0 +1,35 @@
+package ovh
+
+import (
+ "fmt"
+
+ "git.maurice.fr/thomas/mailout/pkg/config"
+ ovhgo "github.com/ovh/go-ovh/ovh"
+)
+
+type OVHProvider struct {
+ Client *ovhgo.Client
+}
+
+func NewOVHProvider(cfg *config.Config) (*OVHProvider, error) {
+ config := cfg.Providers.OVH
+
+ if config == nil {
+ return nil, fmt.Errorf("no ovh configuration specified")
+ }
+
+ c, err := ovhgo.NewClient(
+ config.Endpoint,
+ config.ApplicationKey,
+ config.ApplicationSecret,
+ config.ConsumerKey,
+ )
+
+ if err != nil {
+ return nil, err
+ }
+
+ return &OVHProvider{
+ Client: c,
+ }, nil
+}
diff --git a/pkg/providers/provider.go b/pkg/providers/provider.go
new file mode 100644
index 0000000..4f504f6
--- /dev/null
+++ b/pkg/providers/provider.go
@@ -0,0 +1 @@
+package provider
diff --git a/pkg/utils/domain.go b/pkg/utils/domain.go
new file mode 100644
index 0000000..8381634
--- /dev/null
+++ b/pkg/utils/domain.go
@@ -0,0 +1,29 @@
+package utils
+
+import (
+ "fmt"
+ "strings"
+)
+
+func GetZone(domain string) (string, error) {
+ splt := strings.Split(domain, ".")
+ if len(splt) == 1 {
+ return "", fmt.Errorf("invalid domain %s", domain)
+ }
+
+ if len(splt) == 2 {
+ return domain, nil
+ }
+
+ return splt[len(splt)-2] + "." + splt[len(splt)-1], nil
+}
+
+func GetSubdomain(domain string) (string, error) {
+ top, err := GetZone(domain)
+ if err != nil {
+ return "", err
+ }
+
+ sub := strings.TrimSuffix(domain, top)
+ return strings.TrimSuffix(sub, "."), nil
+}