#!/bin/sh -e
# Generate an opendkim.conf(5) file for opendkim(8).

echo "# Managed remotely, manual changes will be lost."

# Used for OS-specific configuration.
os=$(cat "${__global:?}/explorer/os")

# Optional chdir(2)
if [ "$BASEDIR" ];
then
	printf "BaseDirectory %s\n" "$BASEDIR"
fi

# Optional canonicalization settings
if [ "$CANON" ];
then
	case "$CANON" in
		"simple/simple")
			:
			;;
		"simple/relaxed")
			:
			;;
		"relaxed/simple")
			:
			;;
		"relaxed/relaxed")
			:
			;;
		*)
			echo "Invalid Canonicalization setting!" >&2
			exit 1
			;;
	esac
	printf "Canonicalization %s\n" "$CANON"
fi

# Key and Domain tables
echo "KeyTable ${CFG_DIR}/KeyTable"
echo "SigningTable ${CFG_DIR}/SigningTable"

# Required socket to listen on
printf "Socket %s\n" "${SOCKET:?}"

# Optional subdomain signing settings
if [ "$SUBDOMAINS" ];
then
	printf "SubDomains %s\n" "$SUBDOMAINS"
fi

# Optional request logging to syslog
if [ "$SYSLOG" ];
then
	echo "Syslog yes"
fi

# Optional UMask specification
if [ "$UMASK" ];
then
	printf "UMask %s\n" "$UMASK"
fi

# Optional UserID to change to
if [ "$USERID" ];
then
	printf "UserID %s\n" "$USERID"
fi

if [ "$os" = "debian" ]; then
	cat <<- EOF
	# In Debian, opendkim runs as user "opendkim". A umask of 007 is required when
	# using a local socket with MTAs that access the socket as a non-privileged
	# user (for example, Postfix). You may need to add user "postfix" to group
	# "opendkim" in that case.
	UserID			opendkim
	UMask			007

	PidFile			/run/opendkim/opendkim.pid
	EOF
fi