aknuth/email-amazon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

moving

Browse Source
This commit is contained in:
Andreas Knuth
2026-05-21 14:37:33 -05:00
parent 649a55eecd
commit 4422fba707
8 changed files with 158 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

127
basic_setup/legacy/awsiam.sh Executable file
View File

@@ -0,0 +1,127 @@
#!/bin/bash
# awsiam.sh - Erstellt einen IAM-Benutzer für Amazon SES mit SMTP-Zugangsdaten
# Überprüfen, ob die Domain-Variable gesetzt ist
if [ -z "$DOMAIN_NAME" ]; then
echo "Fehler: DOMAIN_NAME ist nicht gesetzt."
echo "Bitte setzen Sie die Variable mit: export DOMAIN_NAME='IhreDomain.de'"
exit 1
fi
# Konfiguration
AWS_REGION=${AWS_REGION:-"us-east-2"}
USER_NAME="${DOMAIN_NAME//./-}-ses-user" # Ersetzt Punkte durch Bindestriche für validen IAM-Username
NODE_SCRIPT_PATH="./generate_ses_smtp_password.js"
OUTPUT_FILE="${DOMAIN_NAME//./_}_ses_credentials.txt" # Sichere Dateibenennung
# Prüfen, ob das Node.js-Script existiert
if [ ! -f "$NODE_SCRIPT_PATH" ]; then
echo "Fehler: Das Node.js-Script '$NODE_SCRIPT_PATH' wurde nicht gefunden."
echo "Bitte stelle sicher, dass das Script im angegebenen Pfad existiert."
exit 1
fi
echo "=== IAM-Benutzer für SES SMTP-Zugang erstellen ==="
echo "Domain: $DOMAIN_NAME"
echo "Region: $AWS_REGION"
echo "IAM-Benutzername: $USER_NAME"
# --------------------------
# IAM-User erstellen
# --------------------------
echo "Erstelle IAM-User: $USER_NAME"
aws iam create-user --user-name $USER_NAME
# Benutzerdefinierte Policy für SES-Sendeberechtigungen erstellen
POLICY_NAME="${USER_NAME}-SendRawEmailPolicy"
POLICY_DOCUMENT='{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "ses:SendRawEmail",
"Resource": "*"
}
]
}'
echo "Erstelle benutzerdefinierte Policy für SES SendRawEmail"
POLICY_ARN=$(aws iam create-policy \
--policy-name $POLICY_NAME \
--policy-document "$POLICY_DOCUMENT" \
--query 'Policy.Arn' \
--output text)
echo "Hänge Policy an: $POLICY_ARN"
aws iam attach-user-policy \
--user-name $USER_NAME \
--policy-arn $POLICY_ARN
# Access Key und Secret Key für den User erstellen
echo "Erstelle Access Key für den User: $USER_NAME"
KEY_OUTPUT=$(aws iam create-access-key --user-name $USER_NAME)
# Keys ausgeben und in Variablen speichern
echo "Zugriffsschlüssel wurden erstellt. Bitte sicher aufbewahren:"
echo "$KEY_OUTPUT" | jq .
ACCESS_KEY=$(echo "$KEY_OUTPUT" | jq -r .AccessKey.AccessKeyId)
SECRET_KEY=$(echo "$KEY_OUTPUT" | jq -r .AccessKey.SecretAccessKey)
echo "ACCESS_KEY: $ACCESS_KEY"
echo "SECRET_KEY: $SECRET_KEY"
echo "WICHTIG: Speichere den Secret Key jetzt, da er später nicht mehr abgerufen werden kann!"
# --------------------------
# SMTP Passwort generieren
# --------------------------
echo -e "\nGeneriere SMTP-Passwort für Region $AWS_REGION..."
# Führe das Node.js-Script aus, um das SMTP-Passwort zu generieren
SMTP_PASSWORD=$(node "$NODE_SCRIPT_PATH" "$SECRET_KEY" "$AWS_REGION")
# Prüfen, ob die Ausführung erfolgreich war
if [ $? -ne 0 ]; then
echo "Fehler bei der Generierung des SMTP-Passworts. Bitte überprüfe das Node.js-Script."
exit 1
fi
# SMTP-Benutzername ist der Access Key
SMTP_USERNAME="$ACCESS_KEY"
# Ausgabe der SMTP-Anmeldeinformationen
echo -e "\nSMTP-Anmeldeinformationen für Amazon SES in Region $AWS_REGION:"
echo "--------------------------------------------------------------"
echo "SMTP-Server: email-smtp.$AWS_REGION.amazonaws.com"
echo "SMTP-Port: 587 (TLS) oder 465 (SSL)"
echo "SMTP-Benutzername: $SMTP_USERNAME"
echo "SMTP-Passwort: $SMTP_PASSWORD"
# Speichere die Anmeldeinformationen in einer Datei
echo -e "\nSpeichere SMTP-Anmeldeinformationen in $OUTPUT_FILE"
cat > "$OUTPUT_FILE" << EOF
DOMAIN_NAME: $DOMAIN_NAME
SMTP-Server: email-smtp.$AWS_REGION.amazonaws.com
SMTP-Port: 587 (TLS) oder 465 (SSL)
SMTP-Benutzername: $SMTP_USERNAME
SMTP-Passwort: $SMTP_PASSWORD
IAM-Benutzer: $USER_NAME
Access Key ID: $ACCESS_KEY
Secret Access Key: $SECRET_KEY
EOF
chmod 600 "$OUTPUT_FILE" # Nur für den Besitzer lesbar machen
# Format für .env-Datei
echo -e "\nFür .env-Datei:"
echo "AWS_SES_SMTP_USERNAME=$SMTP_USERNAME"
echo "AWS_SES_SMTP_PASSWORD=$SMTP_PASSWORD"
echo "AWS_SES_SMTP_HOST=email-smtp.$AWS_REGION.amazonaws.com"
echo "AWS_SES_SMTP_PORT=587"
echo -e "\nHinweise:"
echo "1. Die SMTP-Anmeldeinformationen wurden in $OUTPUT_FILE gespeichert."
echo "2. Verwenden Sie diese SMTP-Anmeldeinformationen in Ihrer E-Mail-Anwendung oder Ihrem E-Mail-Server."
echo "3. Der IAM-Benutzer hat nur die Berechtigung, E-Mails über SES zu senden."

171
basic_setup/legacy/cloudflareDns.sh Executable file
View File

@@ -0,0 +1,171 @@
#!/bin/bash
# ==========================================
# KONFIGURATION
# ==========================================
AWS_REGION="us-east-2"
# CADDY_SERVER_IP="DEINE_CADDY_IP_HIER" # WICHTIG: IP deines Caddy Servers eintragen
# MAIL_SERVER_HOSTNAME="mail.email-srvr.com" # Der Server, mit dem sich Outlook/iPhone verbinden
if [ -z "$DOMAIN_NAME" ]; then
echo "Fehler: DOMAIN_NAME ist nicht gesetzt (z.B. export DOMAIN_NAME='bayarea-cc.com')."
exit 1
fi
if [ -z "$CF_API_TOKEN" ]; then
echo "Fehler: CF_API_TOKEN fehlt."
exit 1
fi
if [ -z "$CADDY_SERVER_IP" ]; then
echo "Fehler: CADDY_SERVER_IP fehlt. Bitte im Skript eintragen."
exit 1
fi
# Fallback für Mailserver Variable
if [ -z "$MAIL_SERVER_HOSTNAME" ]; then
MAIL_SERVER_HOSTNAME="mail.email-srvr.com"
fi
# ==========================================
# ZONE ID ERMITTELN
# ==========================================
echo "Zone ID für $DOMAIN_NAME abrufen..."
ZONE_RESPONSE=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones?name=$DOMAIN_NAME" \
-H "Authorization: Bearer $CF_API_TOKEN" \
-H "Content-Type: application/json")
if [ "$(echo $ZONE_RESPONSE | jq -r '.success')" != "true" ]; then
echo "Fehler beim Abrufen der Zone ID:"
echo $ZONE_RESPONSE | jq .
exit 1
fi
CF_ZONE_ID=$(echo $ZONE_RESPONSE | jq -r '.result[0].id')
echo "Zone ID: $CF_ZONE_ID"
# ==========================================
# FUNKTIONEN
# ==========================================
create_dns_record() {
local TYPE=$1
local NAME=$2
local CONTENT=$3
local PROXIED=$4
local TTL=$5
local PRIORITY=$6
if [ -z "$PROXIED" ]; then PROXIED="false"; fi
if [ -z "$TTL" ]; then TTL=3600; fi
echo "Erstelle $TYPE-Eintrag für $NAME..."
local JSON_DATA=""
if [ "$TYPE" = "MX" ]; then
if [ -z "$PRIORITY" ]; then PRIORITY=10; fi
JSON_DATA="{
\"type\": \"$TYPE\", \"name\": \"$NAME\", \"content\": \"$CONTENT\",
\"ttl\": $TTL, \"priority\": $PRIORITY, \"proxied\": $PROXIED
}"
elif [ "$TYPE" = "TXT" ]; then
CONTENT=$(echo "$CONTENT" | sed 's/"//g')
JSON_DATA="{
\"type\": \"$TYPE\", \"name\": \"$NAME\", \"content\": \"\\\"$CONTENT\\\"\",
\"ttl\": $TTL, \"proxied\": $PROXIED
}"
else
JSON_DATA="{
\"type\": \"$TYPE\", \"name\": \"$NAME\", \"content\": \"$CONTENT\",
\"ttl\": $TTL, \"proxied\": $PROXIED
}"
fi
curl -s -X POST "https://api.cloudflare.com/client/v4/zones/$CF_ZONE_ID/dns_records" \
-H "Authorization: Bearer $CF_API_TOKEN" \
-H "Content-Type: application/json" \
--data "$JSON_DATA" | jq -r '.success'
}
create_srv_record() {
local SERVICE=$1 # z.B. _imap
local PROTO=$2 # z.B. _tcp
local PORT=$3 # z.B. 993
local TARGET=$4 # z.B. mail.email-srvr.com
local NAME="${SERVICE}.${PROTO}.${DOMAIN_NAME}"
echo "Erstelle SRV-Eintrag für $NAME -> $TARGET:$PORT..."
local JSON_DATA="{
\"type\": \"SRV\",
\"name\": \"$NAME\",
\"data\": {
\"service\": \"$SERVICE\",
\"proto\": \"$PROTO\",
\"name\": \"$DOMAIN_NAME\",
\"priority\": 0,
\"weight\": 1,
\"port\": $PORT,
\"target\": \"$TARGET\"
},
\"ttl\": 3600
}"
curl -s -X POST "https://api.cloudflare.com/client/v4/zones/$CF_ZONE_ID/dns_records" \
-H "Authorization: Bearer $CF_API_TOKEN" \
-H "Content-Type: application/json" \
--data "$JSON_DATA" | jq -r '.success'
}
# ==========================================
# 1. AWS SES Setup (DKIM & Verifizierung)
# ==========================================
echo "--- AWS SES Konfiguration ---"
DKIM_TOKENS=$(aws ses get-identity-dkim-attributes \
--identities ${DOMAIN_NAME} --region ${AWS_REGION} \
--query "DkimAttributes.\"${DOMAIN_NAME}\".DkimTokens" --output text)
VERIFICATION_TOKEN=$(aws ses get-identity-verification-attributes \
--identities ${DOMAIN_NAME} --region ${AWS_REGION} \
--query "VerificationAttributes.\"${DOMAIN_NAME}\".VerificationToken" --output text)
if [ -n "$DKIM_TOKENS" ]; then
for TOKEN in ${DKIM_TOKENS}; do
create_dns_record "CNAME" "${TOKEN}._domainkey.${DOMAIN_NAME}" "${TOKEN}.dkim.amazonses.com" "false"
done
fi
if [ -n "$VERIFICATION_TOKEN" ]; then
create_dns_record "TXT" "_amazonses.${DOMAIN_NAME}" "${VERIFICATION_TOKEN}" "false"
fi
# ==========================================
# 2. MX Records (AWS SES Ingest)
# ==========================================
echo "--- MX Records (AWS SES) ---"
# Hier leiten wir eingehende Mails an Amazon S3/SQS Pipeline
create_dns_record "MX" "${DOMAIN_NAME}" "inbound-smtp.${AWS_REGION}.amazonaws.com" "false" 3600 10
# ==========================================
# 3. Autodiscover & Caddy (Client Access)
# ==========================================
echo "--- Autodiscover & Caddy Konfiguration ---"
# A-Records: Autodiscover Domains zeigen auf deinen Caddy
create_dns_record "A" "autodiscover.${DOMAIN_NAME}" "$CADDY_SERVER_IP" "false"
create_dns_record "A" "autoconfig.${DOMAIN_NAME}" "$CADDY_SERVER_IP" "false"
# ==========================================
# 4. SPF & DMARC
# ==========================================
echo "--- E-Mail Sicherheit (SPF & DMARC) ---"
# SPF: Nur Amazon SES erlaubt (Versand läuft darüber)
create_dns_record "TXT" "${DOMAIN_NAME}" "v=spf1 include:amazonses.com ~all" "false"
create_dns_record "TXT" "mail.${DOMAIN_NAME}" "v=spf1 include:amazonses.com ~all" "false"
# DMARC: Standard Policy
create_dns_record "TXT" "_dmarc.${DOMAIN_NAME}" "v=DMARC1; p=none; pct=100; rua=mailto:postmaster@${DOMAIN_NAME}" "false"
echo "Fertig. Konfiguration für $DOMAIN_NAME abgeschlossen."

482
basic_setup/legacy/email-rule.sh Executable file
View File

@@ -0,0 +1,482 @@
#!/bin/bash
# AWS Region
REGION="us-east-2"
TABLE_NAME="email-rules"
# Farben für Output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
# Logging-Funktionen
info() { echo -e "${GREEN}${NC} $1"; }
warn() { echo -e "${YELLOW}${NC} $1"; }
error() { echo -e "${RED}${NC} $1"; exit 1; }
# Hilfe-Funktion
show_help() {
cat << EOF
Usage: $0 <command> [options]
Commands:
set-ooo <email> <message> [--html]
Setzt Out-of-Office Nachricht
--html: Nachricht ist HTML-formatiert (default: text)
set-forward <email> <address1>[,address2,...]
Setzt Forward-Adressen (überschreibt bestehende)
add-forward <email> <address1>[,address2,...]
Fügt Forward-Adressen hinzu (behält bestehende)
remove-ooo <email>
Entfernt Out-of-Office Regel
remove-forward <email>
Entfernt alle Forward-Adressen
remove-all <email>
Löscht komplette Regel (OOO + Forwards)
show <email>
Zeigt aktuelle Regel
list
Listet alle Regeln auf
Examples:
$0 set-ooo john@example.com "I'm on vacation until Monday"
$0 set-ooo john@example.com "<p>Out of office</p>" --html
$0 set-forward john@example.com alice@example.com,bob@example.com
$0 add-forward john@example.com charlie@example.com
$0 show john@example.com
$0 remove-all john@example.com
EOF
}
# Prüft ob Regel existiert
rule_exists() {
local email=$1
local result=$(aws dynamodb get-item \
--table-name "$TABLE_NAME" \
--key '{"email_address": {"S": "'"$email"'"}}' \
--region "$REGION" \
--output json 2>/dev/null)
if echo "$result" | jq -e '.Item' > /dev/null 2>&1; then
return 0 # Existiert
else
return 1 # Existiert nicht
fi
}
# Holt aktuelle Regel
get_rule() {
local email=$1
aws dynamodb get-item \
--table-name "$TABLE_NAME" \
--key '{"email_address": {"S": "'"$email"'"}}' \
--region "$REGION" \
--output json 2>/dev/null | jq -r '.Item'
}
# Validiert E-Mail-Adresse (basic)
validate_email() {
local email=$1
if [[ ! "$email" =~ ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ ]]; then
error "Ungültige E-Mail-Adresse: $email"
fi
}
# ==============================================
# COMMAND: set-ooo
# ==============================================
cmd_set_ooo() {
local email=$1
local message=$2
local content_type="text"
if [ "$3" = "--html" ]; then
content_type="html"
fi
if [ -z "$email" ] || [ -z "$message" ]; then
error "Usage: $0 set-ooo <email> <message> [--html]"
fi
validate_email "$email"
# Hole bestehende Forwards (falls vorhanden)
local forwards_json='[]'
if rule_exists "$email"; then
local existing_rule=$(get_rule "$email")
# Prüfe ob existing_rule nicht null ist
if [ "$existing_rule" != "null" ] && [ -n "$existing_rule" ]; then
# Extrahiere forwards, fallback auf leeres Array
local existing_forwards=$(echo "$existing_rule" | jq -r '.forwards.L // []')
if [ "$existing_forwards" != "[]" ] && [ "$existing_forwards" != "null" ]; then
forwards_json="$existing_forwards"
warn "Regel existiert bereits, behalte bestehende Forwards bei"
fi
fi
fi
# Escape JSON-String korrekt
local escaped_message=$(echo "$message" | jq -Rs .)
# Setze Regel
aws dynamodb put-item \
--table-name "$TABLE_NAME" \
--item '{
"email_address": {"S": "'"$email"'"},
"ooo_active": {"BOOL": true},
"ooo_message": {"S": '"$escaped_message"'},
"ooo_content_type": {"S": "'"$content_type"'"},
"forwards": {"L": '"$forwards_json"'},
"last_updated": {"S": "'$(date -u +"%Y-%m-%dT%H:%M:%SZ")'"}
}' \
--region "$REGION" 2>&1
if [ $? -eq 0 ]; then
info "Out-of-Office aktiviert für $email ($content_type)"
else
error "Fehler beim Setzen der OOO-Regel"
fi
}
# ==============================================
# COMMAND: set-forward
# ==============================================
cmd_set_forward() {
local email=$1
local forward_addresses=$2
if [ -z "$email" ] || [ -z "$forward_addresses" ]; then
error "Usage: $0 set-forward <email> <address1>[,address2,...]"
fi
validate_email "$email"
# Validiere alle Forward-Adressen
IFS=',' read -ra ADDRS <<< "$forward_addresses"
for addr in "${ADDRS[@]}"; do
addr=$(echo "$addr" | xargs) # xargs trimmt whitespace
if [ -n "$addr" ]; then
validate_email "$addr"
fi
done
# Konvertiere zu JSON-Array
local forwards_list=$(echo "$forward_addresses" | jq -R 'split(",") | map(gsub("^\\s+|\\s+$";"")) | map(select(length > 0)) | map({"S": .})')
# Hole bestehende OOO-Einstellungen (falls vorhanden)
local ooo_active="false"
local ooo_message=""
local ooo_content_type="text"
if rule_exists "$email"; then
local existing_rule=$(get_rule "$email")
if [ "$existing_rule" != "null" ] && [ -n "$existing_rule" ]; then
ooo_active=$(echo "$existing_rule" | jq -r '.ooo_active.BOOL // false')
ooo_message=$(echo "$existing_rule" | jq -r '.ooo_message.S // ""')
ooo_content_type=$(echo "$existing_rule" | jq -r '.ooo_content_type.S // "text"')
warn "Regel existiert bereits, behalte bestehende OOO-Einstellungen bei"
fi
fi
# Escape message für JSON
local escaped_ooo_message=$(echo "$ooo_message" | jq -Rs .)
# Setze Regel
aws dynamodb put-item \
--table-name "$TABLE_NAME" \
--item '{
"email_address": {"S": "'"$email"'"},
"ooo_active": {"BOOL": '"$ooo_active"'},
"ooo_message": {"S": '"$escaped_ooo_message"'},
"ooo_content_type": {"S": "'"$ooo_content_type"'"},
"forwards": {"L": '"$forwards_list"'},
"last_updated": {"S": "'$(date -u +"%Y-%m-%dT%H:%M:%SZ")'"}
}' \
--region "$REGION" 2>&1
if [ $? -eq 0 ]; then
info "Forwards gesetzt für $email: ${ADDRS[*]}"
else
error "Fehler beim Setzen der Forward-Regel"
fi
}
# ==============================================
# COMMAND: add-forward
# ==============================================
cmd_add_forward() {
local email=$1
local new_addresses=$2
if [ -z "$email" ] || [ -z "$new_addresses" ]; then
error "Usage: $0 add-forward <email> <address1>[,address2,...]"
fi
validate_email "$email"
if ! rule_exists "$email"; then
error "Keine Regel für $email gefunden. Nutze 'set-forward' stattdessen."
fi
# Hole bestehende Forwards
local existing_rule=$(get_rule "$email")
local existing_forwards=""
if [ "$existing_rule" != "null" ] && [ -n "$existing_rule" ]; then
existing_forwards=$(echo "$existing_rule" | jq -r '.forwards.L // [] | map(.S) | join(",")')
fi
# Kombiniere und dedupliziere
local combined="$existing_forwards,$new_addresses"
IFS=',' read -ra ALL_ADDRS <<< "$combined"
# Dedupliziere und validiere
declare -A seen
local unique_addrs=()
for addr in "${ALL_ADDRS[@]}"; do
addr=$(echo "$addr" | xargs) # Trim whitespace
if [ -n "$addr" ] && [ -z "${seen[$addr]}" ]; then
validate_email "$addr"
seen[$addr]=1
unique_addrs+=("$addr")
fi
done
# Konvertiere zu Komma-separiertem String
local final_list=$(IFS=','; echo "${unique_addrs[*]}")
# Nutze set-forward mit kombinierter Liste
cmd_set_forward "$email" "$final_list"
info "Forwards hinzugefügt (insgesamt ${#unique_addrs[@]} Adressen)"
}
# ==============================================
# COMMAND: remove-ooo
# ==============================================
cmd_remove_ooo() {
local email=$1
if [ -z "$email" ]; then
error "Usage: $0 remove-ooo <email>"
fi
validate_email "$email"
if ! rule_exists "$email"; then
warn "Keine Regel für $email gefunden"
return 0
fi
# Update: OOO deaktivieren, Message-Felder entfernen
aws dynamodb update-item \
--table-name "$TABLE_NAME" \
--key '{"email_address": {"S": "'"$email"'"}}' \
--update-expression "SET ooo_active = :false, last_updated = :timestamp REMOVE ooo_message, ooo_content_type" \
--expression-attribute-values '{
":false": {"BOOL": false},
":timestamp": {"S": "'$(date -u +"%Y-%m-%dT%H:%M:%SZ")'"}
}' \
--region "$REGION" 2>&1 >/dev/null
if [ $? -eq 0 ]; then
info "Out-of-Office entfernt für $email"
else
error "Fehler beim Entfernen der OOO-Regel"
fi
}
# ==============================================
# COMMAND: remove-forward
# ==============================================
cmd_remove_forward() {
local email=$1
if [ -z "$email" ]; then
error "Usage: $0 remove-forward <email>"
fi
validate_email "$email"
if ! rule_exists "$email"; then
warn "Keine Regel für $email gefunden"
return 0
fi
# Update: Forwards leeren
aws dynamodb update-item \
--table-name "$TABLE_NAME" \
--key '{"email_address": {"S": "'"$email"'"}}' \
--update-expression "SET forwards = :empty, last_updated = :timestamp" \
--expression-attribute-values '{
":empty": {"L": []},
":timestamp": {"S": "'$(date -u +"%Y-%m-%dT%H:%M:%SZ")'"}
}' \
--region "$REGION" 2>&1 >/dev/null
if [ $? -eq 0 ]; then
info "Forwards entfernt für $email"
else
error "Fehler beim Entfernen der Forwards"
fi
}
# ==============================================
# COMMAND: remove-all
# ==============================================
cmd_remove_all() {
local email=$1
if [ -z "$email" ]; then
error "Usage: $0 remove-all <email>"
fi
validate_email "$email"
if ! rule_exists "$email"; then
warn "Keine Regel für $email gefunden"
return 0
fi
aws dynamodb delete-item \
--table-name "$TABLE_NAME" \
--key '{"email_address": {"S": "'"$email"'"}}' \
--region "$REGION" 2>&1 >/dev/null
if [ $? -eq 0 ]; then
info "Regel komplett gelöscht für $email"
else
error "Fehler beim Löschen der Regel"
fi
}
# ==============================================
# COMMAND: show
# ==============================================
cmd_show() {
local email=$1
if [ -z "$email" ]; then
error "Usage: $0 show <email>"
fi
validate_email "$email"
if ! rule_exists "$email"; then
warn "Keine Regel für $email gefunden"
return 0
fi
local rule=$(get_rule "$email")
echo ""
echo "Regel für: $email"
echo "─────────────────────────────────────────"
# OOO Status
local ooo_active=$(echo "$rule" | jq -r '.ooo_active.BOOL // false')
if [ "$ooo_active" = "true" ]; then
local ooo_msg=$(echo "$rule" | jq -r '.ooo_message.S // ""')
local ooo_type=$(echo "$rule" | jq -r '.ooo_content_type.S // "text"')
echo -e "Out-of-Office: ${GREEN}AKTIV${NC} ($ooo_type)"
echo "Nachricht: $ooo_msg"
else
echo -e "Out-of-Office: ${RED}INAKTIV${NC}"
fi
# Forwards
local forwards=$(echo "$rule" | jq -r '.forwards.L // [] | map(.S) | join(", ")')
if [ -n "$forwards" ]; then
echo "Forwards: $forwards"
else
echo -e "Forwards: ${RED}KEINE${NC}"
fi
# Letztes Update
local updated=$(echo "$rule" | jq -r '.last_updated.S // "unbekannt"')
echo "Letzte Änderung: $updated"
echo ""
}
# ==============================================
# COMMAND: list
# ==============================================
cmd_list() {
echo ""
echo "Alle E-Mail-Regeln:"
echo "═════════════════════════════════════════════════════════════════"
local result=$(aws dynamodb scan \
--table-name "$TABLE_NAME" \
--region "$REGION" \
--output json 2>/dev/null)
local items=$(echo "$result" | jq -r '.Items // []')
local count=$(echo "$items" | jq 'length')
if [ "$count" -eq 0 ]; then
warn "Keine Regeln gefunden"
echo ""
return 0
fi
echo "$items" | jq -r '.[] |
"\(.email_address.S)\n" +
" OOO: \(if .ooo_active.BOOL then "✓ AKTIV (\(.ooo_content_type.S // "text"))" else "✗ INAKTIV" end)\n" +
" Forwards: \(if (.forwards.L | length) > 0 then (.forwards.L | map(.S) | join(", ")) else "KEINE" end)\n" +
" Updated: \(.last_updated.S // "unbekannt")\n"'
echo "─────────────────────────────────────────────────────────────────"
echo "Gesamt: $count Regel(n)"
echo ""
}
# ==============================================
# MAIN
# ==============================================
COMMAND=$1
shift
case "$COMMAND" in
set-ooo)
cmd_set_ooo "$@"
;;
set-forward)
cmd_set_forward "$@"
;;
add-forward)
cmd_add_forward "$@"
;;
remove-ooo)
cmd_remove_ooo "$@"
;;
remove-forward)
cmd_remove_forward "$@"
;;
remove-all)
cmd_remove_all "$@"
;;
show)
cmd_show "$@"
;;
list)
cmd_list
;;
help|--help|-h|"")
show_help
;;
*)
error "Unbekannter Befehl: $COMMAND\n\nNutze '$0 help' für Hilfe"
;;
esac

111
basic_setup/legacy/requeue_email.sh Executable file
View File

@@ -0,0 +1,111 @@
#!/bin/bash
# requeue_email.sh
# Nimmt eine existierende Email aus S3 und stellt ein Event in die SQS Queue,
# um eine erneute Verarbeitung durch den Worker auszulösen.
set -e
# --- Parameter ---
DOMAIN="$1"
RECIPIENT="$2"
MESSAGE_ID="$3" # Das ist der S3 Key (die lange Zeichenkette aus dem Log)
AWS_REGION=${AWS_REGION:-"us-east-2"}
if [ -z "$DOMAIN" ] || [ -z "$RECIPIENT" ] || [ -z "$MESSAGE_ID" ]; then
echo "Usage: $0 <domain> <recipient> <s3-message-id>"
echo "Example: $0 buddelectric.net Tyler@buddelectric.net cn8j6j970atkh7n3fstdhgqr9imgrivegnm70jg1"
exit 1
fi
# --- Variablen ableiten ---
BUCKET_NAME=$(echo "$DOMAIN" | tr '.' '-')"-emails"
QUEUE_NAME=$(echo "$DOMAIN" | tr '.' '-')"-queue"
TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
echo "============================================================"
echo " Requeue S3 Email"
echo "============================================================"
echo " Domain: $DOMAIN"
echo " Recipient: $RECIPIENT"
echo " Bucket: $BUCKET_NAME"
echo " Key (ID): $MESSAGE_ID"
echo ""
# --- Schritt 1: Prüfen ob S3 Objekt existiert ---
echo "[1/2] Checking S3 object: s3://${BUCKET_NAME}/${MESSAGE_ID} ..."
if aws s3 ls "s3://${BUCKET_NAME}/${MESSAGE_ID}" --region "$AWS_REGION" > /dev/null 2>&1; then
echo " ✓ Object found."
else
echo " ❌ ERROR: Object s3://${BUCKET_NAME}/${MESSAGE_ID} does not exist!"
exit 1
fi
# --- Schritt 2: Nachricht in SQS stellen ---
echo "[2/2] Placing message in SQS queue..."
QUEUE_URL=$(aws sqs get-queue-url \
--queue-name "$QUEUE_NAME" \
--region "$AWS_REGION" \
--output text \
--query 'QueueUrl')
if [ -z "$QUEUE_URL" ]; then
echo " ❌ ERROR: Queue $QUEUE_NAME not found!"
exit 1
fi
# SES event payload (Simuliert die Lambda-Ausgabe)
# Wir nutzen "requeue@admin" als Source, da der Worker den echten Absender
# ohnehin aus den Email-Headern im S3-File parst.
SES_DATA=$(jq -n \
--arg msgId "$MESSAGE_ID" \
--arg source "requeue-admin@${DOMAIN}" \
--arg recipient "$RECIPIENT" \
--arg ts "$TIMESTAMP" \
--arg bucket "$BUCKET_NAME" \
'{
mail: {
messageId: $msgId,
source: $source,
timestamp: $ts,
destination: [$recipient]
},
receipt: {
recipients: [$recipient],
timestamp: $ts,
action: {
type: "S3",
bucketName: $bucket,
objectKey: $msgId
}
}
}')
# Fake SNS wrapper (Gleiches Format wie Lambda Shim)
SQS_BODY=$(jq -n \
--arg sesData "$SES_DATA" \
--arg ts "$TIMESTAMP" \
'{
Type: "Notification",
MessageId: "requeue-\(now | tostring)",
TopicArn: "arn:aws:sns:ses-shim:global-topic",
Subject: "Amazon SES Email Receipt Notification",
Message: $sesData,
Timestamp: $ts
}')
# Senden
SQS_MSG_ID=$(aws sqs send-message \
--queue-url "$QUEUE_URL" \
--region "$AWS_REGION" \
--message-body "$SQS_BODY" \
--output text \
--query 'MessageId')
echo " ✓ Done (SQS MessageId: ${SQS_MSG_ID})"
echo ""
echo "============================================================"
echo " Email successfully requeued!"
echo " Worker should pick it up immediately."
echo "============================================================"

32
basic_setup/legacy/s3-retention.sh Executable file
View File

@@ -0,0 +1,32 @@
#!/bin/bash
echo "Aktualisiere Lifecycle-Regeln (7 Tage) für alle E-Mail-Buckets..."
for BUCKET in $(aws s3api list-buckets --query 'Buckets[].Name' --output text); do
# Prüfen, ob der Name auf '-emails' endet
if [[ "$BUCKET" == *-emails ]]; then
echo "⚙️ Setze 7-Tage-Regel für: $BUCKET"
aws s3api put-bucket-lifecycle-configuration \
--bucket "$BUCKET" \
--lifecycle-configuration '{
"Rules": [
{
"ID": "DeleteOldEmails",
"Status": "Enabled",
"Expiration": {
"Days": 7
},
"Filter": {
"Prefix": ""
}
}
]
}'
else
echo "⏭️ Überspringe (kein E-Mail-Bucket): $BUCKET"
fi
done
echo "Fertig! Alle E-Mail-Buckets löschen jetzt Objekte nach 7 Tagen."

31
basic_setup/legacy/sync-s3-tags.sh Executable file
View File

@@ -0,0 +1,31 @@
#!/bin/bash
# sync-s3-tags.sh - Synchronisiert Bucket Tags welche fuer die Abrechung verwendet werden
echo "Passe Bucket-Tags an..."
for BUCKET in $(aws s3api list-buckets --query 'Buckets[].Name' --output text); do
# Aktuellen Tag abfragen (Fehler unterdrücken)
TAG=$(aws s3api get-bucket-tagging --bucket "$BUCKET" --query 'TagSet[?Key==`BucketName`].Value' --output text 2>/dev/null)
# Prüfen, ob der Name auf '-emails' endet
if [[ "$BUCKET" == *-emails ]]; then
# Soll getaggt sein
if [ -z "$TAG" ] || [ "$TAG" == "None" ]; then
echo " Setze fehlendes Tag für: $BUCKET"
aws s3api put-bucket-tagging \
--bucket "$BUCKET" \
--tagging "TagSet=[{Key=BucketName,Value=$BUCKET}]"
else
echo "✅ OK (bereits getaggt): $BUCKET"
fi
else
# Soll NICHT getaggt sein
if [ -n "$TAG" ] && [ "$TAG" != "None" ]; then
echo "🗑️ Entferne Tag von: $BUCKET"
aws s3api delete-bucket-tagging --bucket "$BUCKET"
else
echo "✅ OK (ohne Tag): $BUCKET"
fi
fi
done
echo "Fertig! Alle '-emails' Buckets sind getaggt, bei allen anderen wurden die Tags entfernt."

168
basic_setup/legacy/test_migration_email.sh Executable file
View File

@@ -0,0 +1,168 @@
#!/bin/bash
# test_migration_email.sh - Places a test email into S3 + SQS
#
# Simulates the complete SES inbound flow: Mail goes to S3, metadata to SQS.
# The worker picks it up and processes it (Delivery or Forward).
#
# Usage:
# ./test_migration_email.sh cielectrical.com carlosr@cielectrical.com
# ./test_migration_email.sh buddelectric.net service@buddelectric.net
#
# Optional sender address:
# ./test_migration_email.sh cielectrical.com carlosr@cielectrical.com sender@example.com
set -e
# --- Parameters ---
DOMAIN="$1"
RECIPIENT="$2"
FROM_ADDR="${3:-support@bayarea-cc.com}"
AWS_REGION=${AWS_REGION:-"us-east-2"}
if [ -z "$DOMAIN" ] || [ -z "$RECIPIENT" ]; then
echo "Usage: $0 <domain> <recipient> [from-address]"
echo "Example: $0 cielectrical.com carlosr@cielectrical.com"
exit 1
fi
# --- Derived variables ---
BUCKET_NAME=$(echo "$DOMAIN" | tr '.' '-')"-emails"
QUEUE_NAME=$(echo "$DOMAIN" | tr '.' '-')"-queue"
MESSAGE_ID="test-migration-$(date +%s)-$$"
TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
DATE_RFC2822=$(date -R)
echo "============================================================"
echo " Migration Test Email"
echo "============================================================"
echo " Domain: $DOMAIN"
echo " Recipient: $RECIPIENT"
echo " Sender: $FROM_ADDR"
echo " Bucket: $BUCKET_NAME"
echo " Queue: $QUEUE_NAME"
echo " Key: $MESSAGE_ID"
echo ""
# --- Step 1: Create RFC822 email ---
echo "[1/3] Creating test email..."
TMP_FILE=$(mktemp /tmp/test-mail-XXXXXX.eml)
cat > "$TMP_FILE" << EOF
From: Migration Test <${FROM_ADDR}>
To: ${RECIPIENT}
Subject: Migration Test $(date '+%Y-%m-%d %H:%M:%S')
Date: ${DATE_RFC2822}
Message-ID: <${MESSAGE_ID}@test.email-srvr.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Hello!
This is a test email to validate the email migration pipeline.
Sent: $(date)
Domain: ${DOMAIN}
Recipient: ${RECIPIENT}
Message-ID: ${MESSAGE_ID}
If you see this email in your inbox, the complete path is working:
S3 -> SQS -> Worker -> Forward/Delivery
--
Bay Area Affiliates - Migration Test
EOF
echo " Done ($(wc -c < "$TMP_FILE") bytes)"
# --- Step 2: Upload to S3 ---
echo "[2/3] Uploading to S3: s3://${BUCKET_NAME}/${MESSAGE_ID} ..."
aws s3 cp "$TMP_FILE" "s3://${BUCKET_NAME}/${MESSAGE_ID}" \
--region "$AWS_REGION" \
--quiet
echo " Done"
# --- Step 3: Place SQS message in fake-SNS format ---
echo "[3/3] Placing message in SQS queue..."
QUEUE_URL=$(aws sqs get-queue-url \
--queue-name "$QUEUE_NAME" \
--region "$AWS_REGION" \
--output text \
--query 'QueueUrl')
if [ -z "$QUEUE_URL" ]; then
echo " ERROR: Queue $QUEUE_NAME not found!"
rm -f "$TMP_FILE"
exit 1
fi
# SES event payload (what the Lambda normally produces)
SES_DATA=$(jq -n \
--arg msgId "$MESSAGE_ID" \
--arg source "$FROM_ADDR" \
--arg recipient "$RECIPIENT" \
--arg ts "$TIMESTAMP" \
'{
mail: {
messageId: $msgId,
source: $source,
timestamp: $ts,
destination: [$recipient]
},
receipt: {
recipients: [$recipient],
timestamp: $ts,
action: {
type: "S3",
bucketName: "test",
objectKey: $msgId
}
}
}')
# Fake SNS wrapper (same format as ses_sns_shim_global.py)
SQS_BODY=$(jq -n \
--arg sesData "$SES_DATA" \
--arg ts "$TIMESTAMP" \
'{
Type: "Notification",
MessageId: "test-\(now | tostring)",
TopicArn: "arn:aws:sns:ses-shim:global-topic",
Subject: "Amazon SES Email Receipt Notification",
Message: $sesData,
Timestamp: $ts
}')
SQS_MSG_ID=$(aws sqs send-message \
--queue-url "$QUEUE_URL" \
--region "$AWS_REGION" \
--message-body "$SQS_BODY" \
--output text \
--query 'MessageId')
echo " Done (SQS MessageId: ${SQS_MSG_ID})"
# --- Cleanup ---
rm -f "$TMP_FILE"
echo ""
echo "============================================================"
echo " Test email placed successfully!"
echo "============================================================"
echo ""
echo " Watch worker logs:"
echo " docker logs -f email-worker --tail 50"
echo ""
echo " Expected output:"
echo " Processing: ${MESSAGE_ID:0:20}... -> ${RECIPIENT}"
echo " Forwarded via legacy SMTP ... (if forward rule exists)"
echo " OR"
echo " Delivered to ${RECIPIENT} (if DMS mailbox exists)"
echo ""
echo " Check S3 object:"
echo " aws s3 ls s3://${BUCKET_NAME}/${MESSAGE_ID} --region ${AWS_REGION}"
echo "============================================================"