hestiacp · 0pc0deFR · Apr 12, 2024 · Jun 7, 2024
diff --git a/bin/v-add-mail-domain b/bin/v-add-mail-domain
@@ -198,6 +198,22 @@ if [ -n "$WEB_SYSTEM" ] || [ -n "$PROXY_SYSTEM" ]; then
 	fi
 fi
 
+# Add domain to Proxmox Mail Gateway
+if [ -n "$SMTP_RELAY_PMG" ]; then
+	pmg_auth=$(curl -s --request POST -d "username=$SMTP_RELAY_PMG_USER&password=$SMTP_RELAY_PMG_PASS" \
+    --url https://$SMTP_RELAY_PMG_HOST:$SMTP_RELAY_PMG_PORT/api2/json/access/ticket)
+	pmg_ticket=$(echo $pmg_auth | jq -r '.data.ticket')
+	pmg_csrf=$(echo $pmg_auth | jq -r '.data.CSRFPreventionToken')
+	if [ -n "$pmg_ticket" ]; then
+		pmg_config_domain=$(curl -s --request POST -d "domain=$domain" \
+		-H "CSRFPreventionToken: $pmg_csrf" -H "Cookie: PMGAuthCookie=$pmg_ticket" \
+		https://$SMTP_RELAY_PMG_HOST:$SMTP_RELAY_PMG_PORT/api2/json/config/domains)
+		pmg_config_transport=$(curl -s --request POST -d "domain=$domain&host=$SMTP_RELAY_PMG_LOCAL_IP" \
+		-H "CSRFPreventionToken: $pmg_csrf" -H "Cookie: PMGAuthCookie=$pmg_ticket" \
+		https://$SMTP_RELAY_PMG_HOST:$SMTP_RELAY_PMG_PORT/api2/json/config/transport)
+	fi
+fi
+
 #----------------------------------------------------------#
 #                       Hestia                             #
 #----------------------------------------------------------#

diff --git a/bin/v-add-sys-smtp-relay-pmg b/bin/v-add-sys-smtp-relay-pmg
@@ -0,0 +1,60 @@
+#!/bin/bash
+# info: add proxmox mail gateway smtp relay support
+# options: HOST USERNAME PASSWORD LOCAL_IP PORT
+#
+# example: v-add-sys-smtp-relay pmg.smtprelay.tld uname123 pass12345 1.2.3.4 8006
+#
+# This function adds system wide proxmox mail gateway smtp relay support.
+
+#----------------------------------------------------------#
+#                Variables & Functions                     #
+#----------------------------------------------------------#
+
+# Argument definition
+host=$1
+username=$2
+password=$3
+local_ip=$4
+port=${5-8006}
+
+# Includes
+# shellcheck source=/etc/hestiacp/hestia.conf
+source /etc/hestiacp/hestia.conf
+# shellcheck source=/usr/local/hestia/func/main.sh
+source $HESTIA/func/main.sh
+# load config file
+source_conf "$HESTIA/conf/hestia.conf"
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'HOST USERNAME PASSWORD LOCAL_IP PORT'
+is_format_valid 'port' 'host' 'password' 'ip'
+is_username_format_valid "$username" 'username'
+format_no_quotes "$password" 'passowrd'
+is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+change_sys_value 'SMTP_RELAY_PMG' 'true'
+change_sys_value 'SMTP_RELAY_PMG_HOST' "$host"
+change_sys_value 'SMTP_RELAY_PMG_PORT' "$port"
+change_sys_value 'SMTP_RELAY_PMG_USER' "$username"
+change_sys_value 'SMTP_RELAY_PMG_PASS' "$password"
+change_sys_value 'SMTP_RELAY_PMG_LOCAL_IP' "$local_ip"
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+# Logging
+$BIN/v-log-action "system" "Info" "Mail" "Server-wide Proxmox Mail Gateway SMTP Relay enabled (Host: $host, Port: $port)."
+log_event "$OK" "$ARGUMENTS"
+
+exit
diff --git a/bin/v-delete-mail-domain b/bin/v-delete-mail-domain
@@ -78,6 +78,22 @@ if [ -n "$WEB_SYSTEM" ] || [ -n "$PROXY_SYSTEM" ]; then
 	fi
 fi
 
+# Delete domain in Proxmox Mail Gateway
+if [ -n "$SMTP_RELAY_PMG" ]; then
+	pmg_auth=$(curl -s --request POST  -d "username=$SMTP_RELAY_PMG_USER&password=$SMTP_RELAY_PMG_PASS" \
+    --url https://$SMTP_RELAY_PMG_HOST:$SMTP_RELAY_PMG_PORT/api2/json/access/ticket)
+	pmg_ticket=$(echo $pmg_auth | jq -r '.data.ticket')
+	pmg_csrf=$(echo $pmg_auth | jq -r '.data.CSRFPreventionToken')
+	if [ -n "$pmg_ticket" ]; then
+		pmg_config_domain=$(curl -s --request DELETE \
+		-H "CSRFPreventionToken: $pmg_csrf" -H "Cookie: PMGAuthCookie=$pmg_ticket" \
+		https://$SMTP_RELAY_PMG_HOST:$SMTP_RELAY_PMG_PORT/api2/json/config/domains/$domain)
+		pmg_config_transport=$(curl -s --request DELETE \
+		-H "CSRFPreventionToken: $pmg_csrf" -H "Cookie: PMGAuthCookie=$pmg_ticket" \
+		https://$SMTP_RELAY_PMG_HOST:$SMTP_RELAY_PMG_PORT/api2/json/config/transport/$domain)
+	fi
+fi
+
 #----------------------------------------------------------#
 #                       Hestia                             #
 #----------------------------------------------------------#

diff --git a/bin/v-delete-sys-smtp-relay-pmg b/bin/v-delete-sys-smtp-relay-pmg
@@ -0,0 +1,47 @@
+#!/bin/bash
+# info: disable system wide smtp relay support
+# options:
+#
+# example: v-delete-sys-smtp-relay
+#
+# This function disables system wide smtp relay support.
+
+#----------------------------------------------------------#
+#                Variables & Functions                     #
+#----------------------------------------------------------#
+
+# Includes
+# shellcheck source=/etc/hestiacp/hestia.conf
+source /etc/hestiacp/hestia.conf
+# shellcheck source=/usr/local/hestia/func/main.sh
+source $HESTIA/func/main.sh
+# load config file
+source_conf "$HESTIA/conf/hestia.conf"
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+change_sys_value "SMTP_RELAY_PMG" "false"
+change_sys_value "SMTP_RELAY_PMG_HOST" ""
+change_sys_value "SMTP_RELAY_PMG_PORT" ""
+change_sys_value "SMTP_RELAY_PMG_USER" ""
+change_sys_value "SMTP_RELAY_PMG_PASS" ""
+change_sys_value "SMTP_RELAY_PMG_LOCAL_IP" ""
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+# Logging
+$BIN/v-log-action "system" "Info" "Mail" "Global Proxmox Mail Gateway SMTP Relay disabled."
+log_event "$OK" "$ARGUMENTS"
+
+exit
diff --git a/bin/v-list-sys-config b/bin/v-list-sys-config
@@ -98,6 +98,12 @@ json_list() {
 			"SMTP_RELAY_HOST": "'$SMTP_RELAY_HOST'",
 			"SMTP_RELAY_PORT": "'$SMTP_RELAY_PORT'",
 			"SMTP_RELAY_USER": "'$SMTP_RELAY_USER'",
+			"SMTP_RELAY_PMG": "'$SMTP_RELAY_PMG'",
+			"SMTP_RELAY_PMG_HOST": "'$SMTP_RELAY_PMG_HOST'",
+			"SMTP_RELAY_PMG_PORT": "'$SMTP_RELAY_PMG_PORT'",
+			"SMTP_RELAY_PMG_USER": "'$SMTP_RELAY_PMG_USER'",
+			"SMTP_RELAY_PMG_PASS": "'$SMTP_RELAY_PMG_PASS'",
+			"SMTP_RELAY_PMG_LOCAL_IP": "'$SMTP_RELAY_PMG_LOCAL_IP'",
 			"STATS_SYSTEM": "'$STATS_SYSTEM'",
 			"SUBJECT_EMAIL": "'$SUBJECT_EMAIL'",
 			"SUPPORT_DNSSEC": "'$SUPPORT_DNSSEC'",

diff --git a/web/edit/server/index.php b/web/edit/server/index.php
@@ -147,6 +147,42 @@
 	$_POST["v_policy_user_view_suspended"] = "false";
 }
 
+// List PMG settings
+exec(HESTIA_CMD . "v-list-sys-ips json", $output, $return_var);
+$sys_ips = json_decode(implode("", $output), true);
+unset($output);
+
+if (!empty($_SESSION["SMTP_RELAY_PMG"])) {
+	$v_smtp_relay_pmg = $_SESSION["SMTP_RELAY_PMG"];
+} else {
+	$v_smtp_relay_pmg = "";
+}
+if (!empty($_SESSION["SMTP_RELAY_PMG_HOST"])) {
+	$v_smtp_relay_pmg_host = $_SESSION["SMTP_RELAY_PMG_HOST"];
+} else {
+	$v_smtp_relay_pmg_host = "";
+}
+if (!empty($_SESSION["SMTP_RELAY_PMG_PORT"])) {
+	$v_smtp_relay_pmg_port = $_SESSION["SMTP_RELAY_PMG_PORT"];
+} else {
+	$v_smtp_relay_pmg_port = "";
+}
+if (!empty($_SESSION["SMTP_RELAY_PMG_USER"])) {
+	$v_smtp_relay_pmg_user = $_SESSION["SMTP_RELAY_PMG_USER"];
+} else {
+	$v_smtp_relay_pmg_user = "";
+}
+if (!empty($_SESSION["SMTP_RELAY_PMG_PASS"])) {
+	$v_smtp_relay_pmg_pass = $_SESSION["SMTP_RELAY_PMG_PASS"];
+} else {
+	$v_smtp_relay_pmg_pass = "";
+}
+if (!empty($_SESSION["SMTP_RELAY_PMG_LOCAL_IP"])) {
+	$v_smtp_relay_pmg_local_ip = $_SESSION["SMTP_RELAY_PMG_LOCAL_IP"];
+} else {
+	$v_smtp_relay_pmg_local_ip = "";
+}
+
 // List Database hosts
 exec(HESTIA_CMD . "v-list-database-hosts json", $output, $return_var);
 $db_hosts = json_decode(implode("", $output), true);
@@ -712,6 +748,60 @@
 		}
 	}
 
+	//Update Proxmox Mail Gateway smtp relay
+	if (empty($_SESSION["error_msg"])) {
+		if (isset($_POST["v_smtp_relay"]) && isset($_POST["v_smtp_relay_pmg"]))
+		{
+
+			if(
+				isset($_POST['v_smtp_relay_pmg_host']) && 
+				isset($_POST['v_smtp_relay_pmg_port']) &&
+				isset($_POST['v_smtp_relay_pmg_user']) &&
+				isset($_POST['v_smtp_relay_pmg_pass']) &&
+				isset($_POST['v_smtp_relay_pmg_local_ip'])
+			) {
+				if(
+					$_POST['v_smtp_relay_pmg_host'] != $v_smtp_relay_pmg_host ||
+					$_POST['v_smtp_relay_pmg_port'] != $v_smtp_relay_pmg_port ||
+					$_POST['v_smtp_relay_pmg_user'] != $v_smtp_relay_pmg_user ||
+					$_POST['v_smtp_relay_pmg_pass'] != $v_smtp_relay_pmg_pass ||
+					$_POST['v_smtp_relay_pmg_local_ip'] != $v_smtp_relay_pmg_local_ip
+				){
+					$v_smtp_relay_pmg = true;
+					$v_smtp_relay_pmg_host = quoteshellarg($_POST['v_smtp_relay_pmg_host']);
+					$v_smtp_relay_pmg_port = quoteshellarg($_POST['v_smtp_relay_pmg_port']);
+					$v_smtp_relay_pmg_user = quoteshellarg($_POST['v_smtp_relay_pmg_user']);
+					$v_smtp_relay_pmg_pass = quoteshellarg($_POST['v_smtp_relay_pmg_pass']);
+					$v_smtp_relay_pmg_local_ip = quoteshellarg($_POST['v_smtp_relay_pmg_local_ip']);
+					exec(
+						HESTIA_CMD .
+							"v-add-sys-smtp-relay-pmg " .
+							$v_smtp_relay_pmg_host .
+							" " .
+							$v_smtp_relay_pmg_user .
+							" " .
+							$v_smtp_relay_pmg_pass .
+							" " .
+							$v_smtp_relay_pmg_local_ip .
+							" " .
+							$v_smtp_relay_pmg_port,
+						$output,
+						$return_var,
+					);
+					check_return_code($return_var, $output);
+					unset($output);
+				}
+			}
+		}
+		if (!isset($_POST["v_smtp_relay_pmg"]) && $v_smtp_relay_pmg == true) {
+			$v_smtp_relay_pmg = false;
+			$v_smtp_relay_pmg_host = $v_smtp_relay_pmg_user = $v_smtp_relay_pmg_pass = $v_smtp_relay_pmg_port = "";
+			exec(HESTIA_CMD . "v-delete-sys-smtp-relay-pmg", $output, $return_var);
+			check_return_code($return_var, $output);
+			unset($output);
+		}
+	}
+
 	// Update phpMyAdmin url
 	if (empty($_SESSION["error_msg"])) {
 		if ($_POST["v_mysql_url"] != $_SESSION["DB_PMA_ALIAS"]) {

diff --git a/web/templates/pages/edit_server.php b/web/templates/pages/edit_server.php
@@ -32,6 +32,7 @@
 			theme: '<?= $_SESSION["THEME"] ?>',
 			language: '<?= $_SESSION["LANGUAGE"] ?>',
 			hasSmtpRelay: <?= $v_smtp_relay == "true" ? "true" : "false" ?>,
+			hasSmtpRelayPmg: <?= $v_smtp_relay_pmg == "true" ? "true" : "false" ?>,
 			remoteBackupEnabled: <?= !empty($v_backup_remote_adv) ? "true" : "false" ?>,
 			backupType: '<?= !empty($v_backup_type) ? trim($v_backup_type, "'") : "" ?>',
 			webmailAlias: '<?= $_SESSION["WEBMAIL_ALIAS"] ?? "" ?>',
@@ -479,6 +480,86 @@ class="form-control js-password-input"
 								</div>
 							</div>
 						</div>
+						<div class="form-check u-mt20">
+							<input
+								x-model="hasSmtpRelayPmg"
+								class="form-check-input"
+								type="checkbox"
+								name="v_smtp_relay_pmg"
+								id="v_smtp_relay_pmg"
+							>
+							<label for="v_smtp_relay_pmg">
+								<?= _("Proxmox Mail Gateway SMTP Relay") ?>
+							</label>
+						</div>
+						<div
+							x-cloak
+							x-show="hasSmtpRelayPmg"
+							class="u-pl30 u-mt20"
+						>
+							<div class="u-mb10">
+								<label for="v_smtp_relay_pmg_host" class="form-label">
+									<?= _("Host") ?>
+								</label>
+								<input
+									type="text"
+									class="form-control"
+									name="v_smtp_relay_pmg_host"
+									id="v_smtp_relay_pmg_host"
+									value="<?= htmlentities(trim($v_smtp_relay_pmg_host, "'")) ?>"
+								>
+							</div>
+							<div class="u-mb10">
+								<label for="v_smtp_relay_pmg_port" class="form-label">
+									<?= _("Port") ?>
+								</label>
+								<input
+									type="text"
+									class="form-control"
+									name="v_smtp_relay_pmg_port"
+									id="v_smtp_relay_pmg_port"
+									value="<?= htmlentities(trim($v_smtp_relay_pmg_port, "'")) ?>"
+								>
+							</div>
+							<div class="u-mb10">
+								<label for="v_smtp_relay_pmg_user" class="form-label">
+									<?= _("Username") ?>
+								</label>
+								<input
+									type="text"
+									class="form-control"
+									name="v_smtp_relay_pmg_user"
+									id="v_smtp_relay_pmg_user"
+									value="<?= htmlentities(trim($v_smtp_relay_pmg_user, "'")) ?>"
+								>
+							</div>
+							<div class="u-mb10">
+								<label for="v_smtp_relay_pmg_pass" class="form-label">
+									<?= _("Password") ?>
+								</label>
+								<div class="u-pos-relative">
+									<input
+										type="text"
+										class="form-control js-password-input"
+										name="v_smtp_relay_pmg_pass"
+										id="v_smtp_relay_pmg_pass"
+										value="<?= htmlentities(trim($v_smtp_relay_pmg_pass, "'")) ?>"
+									>
+								</div>
+							</div>
+							<div class="u-mb20">
+								<label for="v_smtp_relay_pmg_local_ip" class="form-label"><?= _("IP Address") ?></label>
+								<select class="form-select" name="v_smtp_relay_pmg_local_ip" id="v_smtp_relay_pmg_local_ip">
+									<?php
+										foreach ($sys_ips as $ip => $value) {
+											$display_ip = htmlentities(empty($value['NAT']) ? $ip : "{$value['NAT']}");
+											$ip_selected = (!empty($v_smtp_relay_pmg_local_ip) && $ip == $v_smtp_relay_pmg_local_ip) ? 'selected' : '';
+											echo "\t\t\t\t<option value=\"{$ip}\" {$ip_selected}>{$display_ip}</option>\n";
+										}
+									?>
+								</select>
+							</div>
+						</div>
 					</div>
 				</details>
 			<?php } ?>