class PostDB::DKIM

Attributes

key_table_path[R]

The path to the key table file

keys_directory[R]

The path to the directory where DKIM keys are stored

signing_table_path[R]

The path to the signing table file

trusted_hosts_path[R]

The path to the trusted hosts file

Public Class Methods

generate_configuration() click to toggle source

Generate the OpenDKIM configuration files

Example:

>> PostDB::DKIM.generate_configuration
=> nil
# File lib/postdb/dkim.rb, line 68
def generate_configuration
  dump_private_keys
  generate_trusted_hosts_configuration
  generate_key_table_configuration
  generate_signing_table_configuration
  restart_opendkim

  nil
end
setup_with_configuration!() click to toggle source

Setup the DKIM configuration

Example:

>> PostDB::DKIM.setup_with_configuration!
=> nil
# File lib/postdb/dkim.rb, line 26
def setup_with_configuration!
  configuration = PostDB::Configuration[:dkim]

  unless configuration.is_a?(Hash)
    raise PostDB::SetupError.new(:missing_dkim_args)
  end

  unless configuration[:directory]
    raise PostDB::SetupError.new(:missing_dkim_directory)
  end

  unless configuration[:trusted_hosts_path]
    raise PostDB::SetupError.new(:missing_trusted_hosts_path)
  end

  unless configuration[:key_table_path]
    raise PostDB::SetupError.new(:missing_key_table_path)
  end

  unless configuration[:signing_table_path]
    raise PostDB::SetupError.new(:missing_signing_table_path)
  end

  @keys_directory = configuration[:directory]

  unless File.directory?(@keys_directory)
    FileUtils.mkdir_p(@keys_directory)
  end

  @trusted_hosts_path = configuration[:trusted_hosts_path]
  @key_table_path = configuration[:key_table_path]
  @signing_table_path = configuration[:signing_table_path]

  true
end

Private Class Methods

dump_private_keys() click to toggle source

Dump the private keys for each domain

Example:

>> PostDB::DKIM.dump_private_keys
=> nil
# File lib/postdb/dkim.rb, line 101
def dump_private_keys
  domains = PostDB::Domain.all

  dkim_keys = domains.map { |domain| File.basename(domain.dkim_path) }

  keys_directory_glob = File.join(@keys_directory, '**', '*')

  Dir.glob(keys_directory_glob).each do |key|
    next if dkim_keys.include?(File.basename(key))

    FileUtils.rm_f(key)
  end

  domains.each do |domain|
    File.open(domain.dkim_path, 'w') do |file|
      file.write(domain.dkim.to_pem)
    end

    next unless passwd

    File.chown(passwd.uid, passwd.gid, domain.dkim_path)
    File.chmod(0600, domain.dkim_path)
  end

  nil
end
generate_key_table_configuration() click to toggle source

Generate the KeyTable configuration file

Example:

>> PostDB::DKIM.generate_key_table_configuration
=> nil
# File lib/postdb/dkim.rb, line 151
def generate_key_table_configuration
  selector = "mail"

  key_table = Array.new
  key_table += PostDB::Domain.all.map { |domain| selector + "._domainkey." + domain.name + " " + domain.name + ":" + selector + ":" + domain.dkim_path }

  File.open(@key_table_path, 'w') do |file|
    file.write(key_table.join("\n"))
  end

  nil
end
generate_signing_table_configuration() click to toggle source

Generate the SigningTable configuration file

Example:

>> PostDB::DKIM.generate_signing_table_configuration
=> nil
# File lib/postdb/dkim.rb, line 170
def generate_signing_table_configuration
  selector = "mail"

  signing_table = Array.new
  signing_table += PostDB::Domain.all.map { |domain| "*@" + domain.name + " " + selector + "._domainkey." + domain.name }

  File.open(@signing_table_path, 'w') do |file|
    file.write(signing_table.join("\n"))
  end

  nil
end
generate_trusted_hosts_configuration() click to toggle source

Generate the TrustedHosts configuration file

Example:

>> PostDB::DKIM.generate_trusted_hosts_configuration
=> nil
# File lib/postdb/dkim.rb, line 134
def generate_trusted_hosts_configuration
  trusted_hosts = ['127.0.0.1', 'localhost']
  trusted_hosts += PostDB::Domain.all.map { |domain| "*." + domain.name }

  File.open(@trusted_hosts_path, 'w') do |file|
    file.write(trusted_hosts.join("\n"))
  end

  nil
end
passwd() click to toggle source

Get the passwd object for the opendkim user

Example:

>> PostDB::DKIM.passwd
=> #<struct Etc::Passwd name="opendkim", passwd="x", uid=101, gid=101, gecos="", dir="/var/run/opendkim", shell="/bin/false">
# File lib/postdb/dkim.rb, line 85
def passwd
  Etc.passwd do |passwd|
    next unless passwd.name == 'opendkim'

    return passwd
  end

  nil
end
restart_opendkim() click to toggle source

Restart the OpenDKIM daemon

Example:

>> PostDB::DKIM.restart_opendkim
=> true
# File lib/postdb/dkim.rb, line 189
def restart_opendkim
  return false unless system("service opendkim stop > /dev/null 2>&1")
  return false unless system("service opendkim start > /dev/null 2>&1")

  true
end