scripts

2026-05-07 10:40:26 +02:00
parent 6b076b9585
commit bf62af7438
4 changed files with 223 additions and 1 deletions
--- a/script/dkim/01-generate-keys.sh
+++ b/script/dkim/01-generate-keys.sh
@@ -0,0 +1,62 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+# Prosess 1:
+# Genererer DKIM private/public key-filer for ett eller flere domener.
+#
+# Filer lages under:
+#   private/dkim/<domene>.<selector>.private.pem
+#   private/dkim/<domene>.<selector>.public.pem
+#
+# Dette scriptet er trygt å publisere.
+# Selve nøklene ligger i private/, som skal være i .gitignore.
+
+selector="${DKIM_SELECTOR:-mail}"
+
+usage() {
+  cat <<EOF
+Bruk:
+  $0 <domene> [domene...]
+
+Eksempel:
+  $0 tvheggland.no privix.no
+
+Valgfritt:
+  DKIM_SELECTOR=mail $0 tvheggland.no
+EOF
+}
+
+if [[ $# -lt 1 ]]; then
+  usage
+  exit 1
+fi
+
+mkdir -p private/dkim
+chmod 700 private private/dkim
+
+for domain in "$@"; do
+  private_key="private/dkim/${domain}.${selector}.private.pem"
+  public_key="private/dkim/${domain}.${selector}.public.pem"
+
+  if [[ -e "$private_key" || -e "$public_key" ]]; then
+    echo "SKIP: DKIM-filer finnes allerede for ${domain}"
+    echo "  $private_key"
+    echo "  $public_key"
+    echo
+    continue
+  fi
+
+  openssl genrsa -out "$private_key" 2048
+
+  openssl rsa \
+    -in "$private_key" \
+    -pubout \
+    -out "$public_key" >/dev/null 2>&1
+
+  chmod 600 "$private_key" "$public_key"
+
+  echo "OK: Genererte DKIM-nøkler for ${domain}"
+  echo "  Privat nøkkel:   $private_key"
+  echo "  Offentlig nøkkel: $public_key"
+  echo
+done