commit dd03f0590cc9006c5636a2812fed657f2b6b3754 parent cb1e27daaf675230563399ec447f322704f2afd4 Author: Hayden Hamilton <hayden@hhvn.uk> Date: Sun, 24 May 2026 20:07:28 +0100 Add dkim/mkcert to generate DKIM certificates Diffstat:
| A | dkim/mkcert | | | 51 | +++++++++++++++++++++++++++++++++++++++++++++++++++ |
1 file changed, 51 insertions(+), 0 deletions(-)
diff --git a/dkim/mkcert b/dkim/mkcert @@ -0,0 +1,51 @@ +#!/bin/rc + +# This script generates and stores DKIM keypair, using the correct user + +dir = /etc/mail/dkim +user =_dkimsign_ +selector = $1 +privkey = $dir/$selector.priv.key +pubkey = $dir/$selector.pub.key +txt = $dir/$selector.txt + +if (!~ $#* 1) { + echo 'usage: mkcert <selector>' + exit 2 +} + +fn die { + echo fatal error: $* >[1=2] + exit 1 +} + +fn mustsucceed { + if (!$*) { + echo fatal error: essential command failed >[1=2] + cleanupfailed + exit 1 + } +} + +fn cleanupfailed { + as rm $privkey + as rm $pubkey + as rm $txt +} + +fn as { + doas -u _dkimsign $* +} + +as test -e $privkey && die $privkey already exists +as test -e $pubkey && die $pubkey already exists +as test -e $txt && die $txt already exists + +mustsucceed as mkdir -p $dir + +mustsucceed as openssl genrsa -out $privkey +mustsucceed as openssl rsa -in $privkey -pubout | \ + mustsucceed as tee $pubkey >/dev/null +mustsucceed as cat $pubkey | \ + mustsucceed as sed '1s/.*/v=DKIM1;p=/;:nl;${s/-----.*//;q;};N;s/\n//g;b nl;' | \ + mustsucceed as tee $txt >/dev/null