[External App] MIAB Account Management

Over the past couple weeks, @alento and myself have been working on a script to allow non-admins to manage a domain (example: a company running MIAB can give an HR department access to my script to add or remove users, without the need to give them full access to the MIAB instance). It does not use a traditional database, it uses a custom flat-file database that I have designed myself over the years. So the script can be drag and drop, however the config.php should be properly configured for maximum security.

The GitHub page is located here: https://github.com/mitchellurgero/miab_account_management

The setup is simple:

  1. git clone the repository to a webservers root directory (for Apache / Nginx the default is /var/www/html
  2. copy config.example.php to config.php. Modify this to your config.
  3. The db_location variable should not be anywhere inside, or under the webserver’s root. If you are using a default root, a good play is just /var/www. However anywhere is good as long as the webserver has read/write access.

Some screen shots:

7 Likes

This is a neat idea, would be very handy for someone who manages multiple domains and users. :+1:

1 Like

In my use case … I have a domain which is being serviced by one of my MiaB instances and the owner of this domain demands the ability to add and delete mailboxes himself. This solves that issue without giving away access to the entire box. :slight_smile:

Thanks again @murgero for this script - and dealing with my little fixes. :stuck_out_tongue:

1 Like

I love programming and writing php scripts so it was fun to do! I hope more people find it helpful :slight_smile:

1 Like

Hi everyone,

I just installed fresh droplet and cloned the script. However, it didn’t work for me.

Can you please provide the online demo, that you found working for you ?

How are you installing? make sure to edit config.php properly.

Very cool dude! I love your latest commit *shifty eyes*

I had started something like this a little while ago in Python but didn’t get very far.

I would suggest that the basic email setup info has a place on here too (I didn’t see it after a quick read through the code). And maybe even a link which opens up webmail. Perhaps I’ll try this out and submit a PR at the end of the month.

Do you think if something like this is hosted on the box, it would be possible to use the existing email account password?

1 Like

You can sign in as any registered account (make sure to have a proper and secure path for the flat file db in config.php!) Just configure admin credentials in config.php and go. It can be on any server with PHP7 (should work on PHP5.X as well, but NOT TESTED OR SUPPORTED!)

This kinda goes outside the scope of this webapp. The web app is purely for admins to allow their end users (example: customers, managers, HR, etc etc) to manage email accounts. If you submit a PR and it looks clean and falls in line with my code, I’ll accept it. But otherwise I will not do it myself. But thank you for the suggestion!

Hi @murgero,
Thank you so much for this PHP Script.

I have a running miab, and I want to try your quota setup script. Unfortunately, I couldn’t install the script. What I did as below steps:

  1. Git clone the repository to my MIAB root directory /var/www/html
  2. Copy config.example.php to config.php. Modify this to my proper config.
<?php
$config = array(
	"db_location"	=> "/var/www/databases",
	"db"			=> "miab_accounts",
	"hostname"  	=> "box.example.com",
	"admin"			=> "mail@example.com",
	"pass"			=> "P@SSw0Rd",
	"registration"	=>	false
	);
  1. Create the db_location directory as /var/www/databases
  2. Grant the access for the directory as
sudo chown www-data:www-data /var/www/html/ -R
  1. Open the browser and run install.php as https://box.example.com/install.php
  2. I got the error on the page as 404 Not Found nginx
  3. For testing, I also had the same error with 404 when I tried to create an info.php page as
sudo nano /var/www/html/info.php
<?php phpinfo(); ?>

Would you mind to help me out please? Or someone have been through this with a solution?
Thanks so much.
Kind regards,
Quang

You cannot install this script on your MiaB server. It needs to be hosted elsewhere.

If you need hosting, let me know.

Thanks @alento for your reply. I am exploring MIAB features and keen to learn more about this wonderful Mail server app. It is good to hear that you have a solution. Would you mind to share the steps to achieve this, PLEASE? Much appreciated.
Kind regards,
Quang

Hi @alento and @murgero,
Updated from what I have tried with this script.

Thanks @alento for a hint with

It needs to be hosted elsewhere

  1. I set up a new server at DigitalOcean with LEMP stack on Ubuntu 18.04LTS same region with my MIAB server. This has the DNS as quota.mydomain.com
  2. Git clone the repository to my MIAB root directory /var/www/html
  3. Copy config.example.php to config.php. Modify this to my proper config.
<?php
$config = array(
	"db_location"	=> "/var/www/databases",
	"db"			=> "miab_accounts",
	"hostname"  	=> "box.mydomain.com",
	"admin"			=> "mail@mydomain.com",
	"pass"			=> "P@SSw0Rd",
	"registration"	=>	false
	);
  1. Create the db_location directory as /var/www/databases
  2. Grant the access for the directory as
sudo chown www-data:www-data /var/www/html/ -R
  1. Open the browser and run install.php as https://quota.mydomain.com/install.php
  2. SUCCEED - The screen told me that the default admin and password has been created! Yay!
  3. I logged in with the default admin - password and changed the new password.
  4. I open the site at http://quota.mydomain.com/dashboard.php
  5. I can create a new account. BUT It only shows the default @example.com and It SUCCESSFULLY SYNCED with my MIAB admin account as photo attached

My BIG question is: how do I config the default @example.com and sync with my MIAB Box?

Would you mind guide me further, please? Thank you so much.
Kind regards,
Quang

@quangmai911

I’m sorry but I just don’t understand what you are asking. Could you elaborate please?

Hi @alento,
Thanks so much for the reply.
What I ask is how do I change the @example.com email domain by default? Is there a place I can setup to choose my custom email domain.
It would be great if this script can sync with the main MIAB and listing the email domain for creating new users account.
For example:
I have set up email server for garden societies with their own email address:

  1. @roses.com
  2. @fuchsia.com
  3. @daisy.net

How do I put these email domains show up on the dashboard for users to select and then create their own email address such as: John@roses.com, Mary@fuchsia.com, or Dave@daisy.net?

Hi @quangmai911,

You have missed something somewhere but I cannot remember exactly what.

Ok, I have looked at the code and during the install process you should have been prompted for the name of the domain that you want to manage.

During installation you must set the “registration” field in the config.php file to true. You will then need to register a user to manage each domain. Be sure to go back and edit config.php to change “registration” to false as you will not want it left on.

Each installation of this script, in its present form, can manage only one domain. This was true of the inital version of this script, but it was later updated to handle multiple domains. Let me see if there is a way to change the default domain without reinstallation.

Hi @alento,
Thanks for your quick reply.
I confirm that I did not see any code during the install process you should have been prompted for the name of the domain that you want to manage!
I noticed @murgero mentioned about the php-curl for the installation. I did sudo apt php7.2-curl. But I do not know how to command the curl bash script. This might be the reason which I did not have the installation process run correctly which also lead to my default @example.com!

sudo apt install php7.2-curl would be the correct command to install it. (Assuming that is the correct package name).

I am installing it now on shared hosting as we speak, so that I can see (remember) how the process flows @quangmai911.

@quangmai911

Ok, I am not certain what has gone tilt, but do this …

In the config.php file change

to

`“registration” => true

Then register a new user.

Each user can manage only one domain on your MiaB. I would leave registration disabled on a production install of this script.

1 Like

Hey @alento,

Many thanks for this tip. Finally, it works!!!

Much appreciated for your support.
Cheers,
Quang

Sorry for the late reply! Since I do not use MIAB anymore, my time on the forum is very very limited.

Changing the default domain is just changing the first domain listed in your MIAB instance. As for new users @alento is correct on how to do that. Just remember that user has full access to your instance and can modify the domain they get permission to access. The script, although tested by myself and @alento, has not been audited by a 3rd party to confirm that it is secure (as in no exploits to hack).

That said, I believe it to be safe, if you have any more issues, please let me know!

@alento - Thanks for taking command on this :slight_smile: I’ll hop on Slack again if you need me for anything!