Setup fixes

1. Autodetect encryption-at-rest and run the correct setup in boostrap and /usr/local/bin/mailinabox
2. Fix bug where directories in the local mod folder are improperly executed causing setup to fail
3. Add a remote_nextcloud.sh setup mod cleanup function for cleaner removal of the mod

README.md

@@ -20,17 +20,15 @@ Upstream changes are merged as they become available, and releases are numbered
 
 ## How to install
 
-Decide what features you want to enable and add the corresponding values to bash:
+Decide what features to enable and add the corresponding values to bash:
 
 ### Encryption-at-rest: add `ENCRYPTION_AT_REST=true`.
 
-Enable encryption-at-rest the very first time setup is run on a fresh system, because it will create a new user-data area on an encrypted drive. To move existing user-data files to an encrypted drive, a manual step is required that involves renaming /home/user-data, running ehdd/create_hdd.sh, ehdd/mount.sh, and then copying everything into the newly created encrypted disk mounted at /home/user-data.
+Enable encryption-at-rest the very first time setup is run on a new system to create a fresh user-data area (where mail is stored) on an encrypted drive. To enable encryption-at-rest for an existing server and retain the current user-data, manually create an encrypted drive with ehdd/create_hdd.sh, rename the old user-data directory so it won't conflict with the mounted encrypted drive at /home/user-data, then mount it with ehdd/mount.sh, and finally copy everything into it.
-
-Once encryption-at-rest is enabled, ENCRYPTION_AT_REST=true must be added every time bootstrap setup is run.
 
 ### Remote Nextcloud: add `REMOTE_NEXTCLOUD=true`.
 
-This enables remote Nextcloud support and only needs to be done once. Once enabled, it will remain enabled until the symbolic link to the local setup mod (in the `local` directory), is manually removed or REMOTE_NEXTCLOUD=flase is given to boostrap setup. See the instructions below for more detail on using a remote Nextcloud.
+This enables remote Nextcloud support. See the instructions below for more detail on using a remote Nextcloud.
 
 ### Some examples:
 

setup/bootstrap.sh

@@ -28,6 +28,9 @@
 #     setup/mods.available/connect-nextcloud-to-miab.sh to the remote
 #     Nextcloud system, then run it as root.
 #
+# REMOTE_NEXTCLOUD and/or ENCRYPTION_AT_REST only need to be specified
+# once as future bootstrap setup runs will automatically detect the
+# setup options already installed.
 #
 #########################################################
 
@@ -108,8 +111,9 @@ if [ "$TAG" != $(git describe) ]; then
 	echo
 fi
 
-# Enable the remote Nextcloud setup mod
+# Remote Nextcloud.
-if [ "${REMOTE_NEXTCLOUD:-false}" = "true" ]; then
+if [ "${REMOTE_NEXTCLOUD:-}" = "true" ]; then
+    # Enable the remote Nextcloud setup mod
     mkdir -p local
     if ! ln -sf ../setup/mods.available/remote-nextcloud.sh local/remote-nextcloud.sh; then
         echo "Unable to create the symbolic link required to enable the remote Nextcloud setup mod"
@@ -117,9 +121,22 @@ if [ "${REMOTE_NEXTCLOUD:-false}" = "true" ]; then
     fi
 elif [ -e local/remote-nextcloud.sh -a "${REMOTE_NEXTCLOUD:-}" = "false" ]; then
     # Disable remote Nextcloud support - go back to the local Nextcloud
+    local/remote-nextcloud.sh cleanup
     rm -f local/remote-nextcloud.sh
 fi
 
+# Encryption-at-rest.
+if [ -z "${ENCRYPTION_AT_REST:-}" ]; then
+    source ehdd/ehdd_funcs.sh || exit 1
+    hdd_exists && ENCRYPTION_AT_REST=true
+elif [ "${ENCRYPTION_AT_REST:-}" = "false" ]; then 
+    source ehdd/ehdd_funcs.sh || exit 1
+    if hdd_exists; then
+        echo "Encryption-at-rest must be disabled manually"
+        exit 1
+    fi
+fi
+
 # Start setup script.
 if [ "${ENCRYPTION_AT_REST:-false}" = "true" ]; then
     ehdd/start-encrypted.sh </dev/tty

setup/functions.sh

@@ -327,3 +327,16 @@ install_hook_handler() {
 	# let the daemon know there's a new hook handler
 	tools/hooks_update >/dev/null
 }
+
+remove_hook_handler() {
+	local hook_py=$(basename "$1")
+	local dst="${LOCAL_MODS_DIR:-local}/management_hooks_d/$hook_py"
+	if [ -e "$dst" ]; then
+		rm -f "$dst"
+		# let the daemon know installed hooks have been updated
+		if systemctl is-active --quiet mailinabox; then
+			tools/hooks_update >/dev/null
+		fi
+	fi
+}
+

setup/mods.available/remote-nextcloud.sh

@@ -253,5 +253,15 @@ remote_nextcloud_handler() {
     tools/web_update
 }
 
-remote_nextcloud_handler
+if [ $# -gt 0 ]; then
-
+    if [ "$1" = "cleanup" ]; then
+        [ -e /etc/mailinabox_mods.conf ] && \
+            tools/editconf.py /etc/mailinabox_mods.conf "NC_HOST="
+        remove_hook_handler "remote-nextcloud-mgmt-hooks.py"
+    else
+        echo "Unknown argument: $1"
+        exit 1
+    fi
+else
+    remote_nextcloud_handler
+fi

setup/start.sh

@@ -59,7 +59,7 @@ fi
 cat > /usr/local/bin/mailinabox << EOF;
 #!/bin/bash
 cd $(pwd)
-source setup/start.sh
+source $(source ehdd/ehdd_funcs.sh; if hdd_exists; then echo 'ehdd/start-encrypted.sh'; else echo 'setup/start.sh'; fi)
 EOF
 chmod +x /usr/local/bin/mailinabox
 
@@ -176,10 +176,11 @@ fi
 #
 if [ -d "${LOCAL_MODS_DIR:-local}" ]; then
     for mod in $(ls "${LOCAL_MODS_DIR:-local}" | grep -v '~$'); do
-        if [ -x ${LOCAL_MODS_DIR:-local}/$mod ]; then
+        mod_path="${LOCAL_MODS_DIR:-local}/$mod"
+        if [ -f "$mod_path" -a -x "$mod_path" ]; then
             echo ""
-            echo "Running mod: ${LOCAL_MODS_DIR:-local}/$mod"
+            echo "Running mod: $mod_path"
-            ${LOCAL_MODS_DIR:-local}/$mod
+            "$mod_path"
         fi
     done
 fi