# Install RHEL 8 Beta (https://developers.redhat.com/rhel8/getrhel8/)

# Open ports on firewall
TAB="$(printf '\t')" && GREEN=$(tput setaf 2) && RED=$(tput setaf 1) && NORMAL=$(tput sgr0) && \
systemctl start firewalld && systemctl enable firewalld && \
ports=(20 21 22 25 80 89 110 113 143 443 465 587 993 995 3306) && \
for index in ${!ports[*]}; do echo -n "Opening port: ${ports[$index]} : ";tput setaf 2;firewall-cmd --zone=public --add-port=${ports[$index]}/tcp --permanent;tput sgr0; done && \
firewall-cmd --zone=public --add-port=53/udp --permanent && \
echo -n "Reload firewall settings : " && tput setaf 2 && firewall-cmd --reload && tput sgr0 && \
setenforce 0 && sed -i -e 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config && getenforce

# Set backend SQL Database
DB=mariadb
or
DB=mysql

# Set DNF variables
echo "28" > /etc/yum/vars/freleasever && echo "$DB/" > /etc/yum/vars/db && echo "8" > /etc/yum/vars/releasever

# Add repos
curl -o /etc/yum.repos.d/rh.repo  http://www.qmailtoaster.com/rh.repo && \
curl -o /etc/yum.repos.d/fedora.repo  http://www.qmailtoaster.com/fedora.repo && \
curl -o /etc/yum.repos.d/fedora-updates.repo  http://www.qmailtoaster.com/fedora-updates.repo && \
curl -o /etc/yum.repos.d/qmt.repo  http://www.qmailtoaster.com/qmt-rhel8.repo && cat /etc/yum.repos.d/*.repo

DB=`cat /etc/yum/vars/db | sed 's|/||'` && [[ "$DB" == *mysql* ]] && DBD="${DB}d" || DBD="${DB}" && echo "$DB $DBD"

# Install RHEL 8 packages
# RHEL 8 Beta rh repo above
yum -y install rsync bind-utils bind net-tools zlib-devel ${DB}-server ${DB} ${DB}-devel libev-devel httpd php mrtg \
expect aspell tmpwatch perl-Time-HiRes perl-ExtUtils-MakeMaker perl-Archive-Tar perl-Digest-SHA perl-HTML-Parser perl-IO-Zlib \
perl-Net-DNS perl-NetAddr-IP perl-IO-Socket-SSL perl-Sys-Syslog perl-DB_File bzip2-devel check-devel curl-devel gmp-devel \
ncurses-devel libxml2-devel sqlite-devel postgresql-devel openldap-devel libcap-devel pam-devel expat-devel emacs procmail wget \
logwatch vsftpd acpid at autofs smartmontools mod_ssl perl-Mail-SPF nfs-utils bzip2 pcre-devel annobin cpp gcc python3-systemd \
python36 binutils chrony glibc-devel glibc-headers kernel-headers libxcrypt-devel ntpstat perl telnet yum-utils

# Install Fedora packages
yum-config-manager fedora --set-enabled && \
yum -y install perl-Crypt-OpenSSL-Bignum perl-Digest-SHA1 perl-Encode-Detect perl-Geo-IP perl-Mail-DKIM perl-Razor-Agent \
perl-Net-CIDR-Lite perl-Sys-Hostname-Long quota-devel clucene-core-devel ocaml ntp fail2ban lua-devel json-c-devel spamassassin \
libidn-devel (This downgrades rh8's libidn to fedora's libidn)

*note
sudo yum install python-devel (Wasn't able to install...seems QMT doesn't need this)

# Add vpopmail DB to mysql/mariadb RHEL 8 Beta
MYSQLPW=mysqlpasswd
systemctl start $DBD && systemctl enable $DBD && systemctl status $DBD && \ 
mysqladmin -uroot password $MYSQLPW && \
mysqladmin -uroot -p$MYSQLPW reload && \
mysqladmin -uroot -p$MYSQLPW refresh && \
mysqladmin create vpopmail -uroot -p$MYSQLPW && \
mysqladmin -uroot -p$MYSQLPW reload && \
mysqladmin -uroot -p$MYSQLPW refresh && \
echo "CREATE USER vpopmail@localhost IDENTIFIED BY 'SsEeCcRrEeTt'" | mysql -uroot -p$MYSQLPW && \
echo "GRANT ALL PRIVILEGES ON vpopmail.* TO vpopmail@localhost" | mysql -uroot -p$MYSQLPW && \
mysqladmin -uroot -p$MYSQLPW reload && \
mysqladmin -uroot -p$MYSQLPW refresh

# Install Qmail
yum-config-manager qmt-testing --set-enabled && \
yum -y install daemontools ucspi-tcp libsrs2 libsrs2-devel vpopmail spamdyke simscan qmail autorespond control-panel ezmlm \
ezmlm-cgi qmailadmin qmailmrtg maildrop maildrop-devel isoqlog vqadmin squirrelmail clamav ripmime dovecot

qmailctl start && \
systemctl start clamav-daemon.service clamav-daemon.socket clamav-freshclam dovecot spamassassin httpd ntpd acpid atd autofs smartd && \
systemctl enable clamav-daemon.service clamav-daemon.socket clamav-freshclam dovecot spamassassin httpd ntpd acpid atd autofs smartd && \
wget -O /usr/bin/toaststat http://www.qmailtoaster.com/toaststat.rhel8 && chmod 755 /usr/bin/toaststat && toaststat

# Add domain and run
sh /usr/share/toaster/isoqlog/bin/cron.sh

# My testing: ip1/ip2 - hosts from which to send email (swaks), turn off spf checking, open toaster admin to LAN restart services
echo -e "$ip1\n$ip2" >> /etc/spamdyke/whitelist_ip && cat /etc/spamdyke/whitelist_ip
echo 0 > /var/qmail/control/spfbehavior && cat /var/qmail/control/spfbehavior
qmailctl stop && sleep 2s && qmailctl cdb && qmailctl start && sleep 2s && qmailctl stat
sed -i -e 's/Define aclnet "127.0.0.1"/Define aclnet "192.168.2.0\/24 192.168.9.0\/24 127.0.0.1"/' /etc/httpd/conf/toaster.conf
systemctl reload httpd