poffice-admin 1.0.0

package/README.md

@@ -0,0 +1,78 @@
+# Poffice Admin Skill
+
+Administration and automation suite for the **Poffice** ecosystem (Mailcow, Seafile, Paperless-ngx, SOGo).
+
+## 🚀 Overview
+
+The `poffice-admin` skill provides a comprehensive set of Python scripts and documentation to manage a self-hosted office stack. It enables automation of user provisioning, mail management, document generation, and calendar orchestration.
+
+---
+
+## 🛠 Features & Functions
+
+### 1. Mail & User Management (`poffice_mail.py`)
+- **List Domains**: Retrieve all domains managed by the Mailcow instance.
+- **Create Mailbox**: Provision new email accounts with specific quotas and settings.
+- **Send Email**: Send plain text emails via SMTP with TLS support.
+
+### 2. Cloud Storage Management (`poffice_docs.py`)
+- **User Provisioning**: Create, list, and delete Seafile users.
+- **Library Management**: Create and list Seafile libraries (repositories).
+- **File Operations**: Programmatic upload and download of files to/from the cloud.
+
+### 3. Document Archiving (`poffice_paperless.py`)
+- **List Documents**: Query the Paperless-ngx archive for stored documents.
+- **Upload Document**: Direct ingestion of files into the Paperless-ngx processing pipeline.
+
+### 4. Calendar Orchestration (`poffice_calendar.py`)
+- **CRUD Operations**: Add, List, Update, and Delete events via CalDAV.
+- **Meeting Invites**: Generate and send official `.ics` meeting invitations to participants.
+- **SOGo Integration**: Fully compatible with the SOGo groupware suite.
+
+### 5. Document Generation (`poffice_gen.py`)
+- **Word (.docx)**: Create and update Word documents with headings and paragraphs.
+- **Excel (.xlsx)**: Generate spreadsheets from python data structures.
+- **PDF**: Create professional PDF reports programmatically.
+
+### 6. Email Interaction (`poffice_imap.py`)
+- **Read Mail**: List and fetch recent emails from any IMAP folder (e.g., INBOX).
+- **Header Parsing**: Extracts Subject, From, and Date for automation triggers.
+
+### 7. Master Admin Sync (`poffice_master_admin.py`)
+- **Neon Integration**: Interfaces with Neon PostgreSQL to check "Master Admin" status.
+- **Cross-App Sync**: Automatically provisions a user across Mail and Seafile once they are verified as an admin in the central Neon database.
+
+---
+
+## 📂 Repository Structure
+
+```text
+poffice-admin/
+├── SKILL.md             # Core skill description and triggers
+├── scripts/             # Python automation scripts
+│   ├── poffice_mail.py
+│   ├── poffice_docs.py
+│   ├── poffice_calendar.py
+│   └── ...
+└── references/          # API references and credential templates
+```
+
+## 📋 Usage
+
+Most scripts can be run directly via CLI:
+
+```bash
+# Example: Create a mailbox
+python3 scripts/poffice_mail.py create-mailbox example.com user "John Doe" "password123"
+
+# Example: Create a PDF report
+python3 scripts/poffice_gen.py create-pdf report.pdf "Monthly Summary" "All systems operational."
+```
+
+## 🔐 Configuration
+
+Credentials should be managed via environment variables or the `references/credentials.md` template.
+- `MAILCOW_API_KEY`
+- `SEAFILE_ADMIN_EMAIL` / `SEAFILE_ADMIN_PASSWORD`
+- `PAPERLESS_TOKEN`
+- `DATABASE_URL` (Neon PostgreSQL)

package/SKILL.md

@@ -0,0 +1,65 @@
+---
+name: poffice-admin
+description: "Administration and automation for the Poffice suite (Mailcow, Seafile, Paperless-ngx). Use for: (1) Creating and managing mail accounts, (2) Sending and receiving emails, (3) Managing calendars and invites (via SOGo), (4) managing documents (Seafile/Paperless), (5) Creating and updating Word, Excel, and PDF documents, (6) Creating and sending calendar events and invites, (7) Automating office workflows."
+---
+
+# Poffice Admin Skill
+
+This skill provides the necessary tools and workflows to manage the Poffice infrastructure.
+
+## Core Capabilities
+
+1. **User & Mail Management**: Create mailboxes, manage domains, and send/receive emails.
+2. **Document Management**: Sync files via Seafile and archive documents via Paperless-ngx.
+3. **Calendar Management**: Full CRUD management of events (List, Add, Update, Delete) in SOGo (attached to Mailcow) and sending email invites with .ics attachments.
+4. **Document Creation**: Generate and update Word (.docx), Excel (.xlsx), and PDF documents programmatically.
+
+## Quick Reference Scripts
+
+The following scripts are available in the `scripts/` directory:
+
+- `poffice_mail.py`: Mailbox creation and email sending.
+- `poffice_docs.py`: Seafile user and repo management.
+- `poffice_paperless.py`: Document ingestion and listing.
+- `poffice_gen.py`: Document creation and update (Word, Excel, PDF).
+- `poffice_calendar.py`: Calendar event creation and email invites.
+
+### Typical Workflows
+
+#### Creating a New Office User
+To create a fully provisioned user (Mail + Cloud storage):
+1. Run `python3 scripts/poffice_mail.py create-mailbox domain.com user_name "Full Name" password`
+2. Run `python3 scripts/poffice_docs.py create-user user@domain.com password`
+
+#### Creating and Archiving a Report
+1. Use `poffice_gen.py` to create a PDF or Excel report.
+2. Use `poffice_paperless.py` to upload the generated file for long-term archiving.
+3. Use `poffice_mail.py` to email the report to the team.
+
+#### Scheduling a Meeting and Sending Invites
+1. Use `poffice_calendar.py add` to put the event on your own calendar.
+2. Use `poffice_calendar.py invite` to send the official invitation to participants.
+3. Optionally, use `poffice_gen.py` to create a meeting agenda PDF and attach it to an email using `poffice_mail.py`.
+
+#### Managing Existing Events
+1. Use `poffice_calendar.py list` to see upcoming events.
+2. Use `poffice_calendar.py delete [UID]` to remove an event.
+3. Update events using the `update_event` method in `poffice_calendar.py`.
+
+#### Sending a System Invite
+Use `poffice_mail.py send-email` to notify users about account creation or meetings.
+
+## Service Access & Credentials
+
+See [references/credentials.md](references/credentials.md) for API keys and endpoint information.
+
+## Calendar (SOGo)
+Calendar management is handled through SOGo. 
+- **URL**: `https://mail.poffice.online/SOGo`
+- **CalDAV**: `https://mail.poffice.online/SOGo/dav/`
+To send invites programmatically, use standard `ics` generation and send via `poffice_mail.py`.
+
+## Documentation
+- **Mailcow API**: [references/mailcow_api.md](references/mailcow_api.md)
+- **Seafile API**: [references/seafile_api.md](references/seafile_api.md)
+- **Paperless API**: [references/paperless_api.md](references/paperless_api.md)

package/package.json

@@ -0,0 +1,28 @@
+{
+    "name": "poffice-admin",
+    "version": "1.0.0",
+    "description": "Administration and automation skill for the Poffice suite (Mailcow, Seafile, Paperless-ngx, SOGo).",
+    "main": "SKILL.md",
+    "scripts": {
+        "test": "echo \"Error: no test specified\" && exit 1"
+    },
+    "keywords": [
+        "poffice",
+        "admin",
+        "skill",
+        "automation",
+        "mailcow",
+        "seafile",
+        "paperless-ngx"
+    ],
+    "author": "Thierry Teisseire",
+    "license": "MIT",
+    "repository": {
+        "type": "git",
+        "url": "git+https://github.com/thierryteisseire/poffice-workspace.git"
+    },
+    "bugs": {
+        "url": "https://github.com/thierryteisseire/poffice-workspace/issues"
+    },
+    "homepage": "https://github.com/thierryteisseire/poffice-workspace#readme"
+}

package/references/credentials.md

@@ -0,0 +1 @@
+# Credentials Template\n\nFill this with your API keys.

package/references/mailcow_api.md

@@ -0,0 +1,23 @@
+# Mailcow API Reference (v1)
+
+Documentation available at: `https://mail.poffice.online/api/` (if enabled)
+
+### Common Endpoints
+
+#### GET /api/v1/get/mailbox/all
+Returns list of all mailboxes.
+
+#### POST /api/v1/add/mailbox
+Body:
+```json
+{
+  "address": "user@domain.com",
+  "name": "Full Name",
+  "domain": "domain.com",
+  "local_part": "user",
+  "password": "password",
+  "password2": "password",
+  "quota": 3072,
+  "active": 1
+}
+```

package/scripts/poffice_calendar.py

@@ -0,0 +1,149 @@
+import caldav
+from icalendar import Calendar, Event, vText
+from datetime import datetime, timedelta
+import pytz
+import uuid
+import smtplib
+from email.mime.text import MIMEText
+from email.mime.multipart import MIMEMultipart
+
+class PofficeCalendar:
+    def __init__(self, username, password, base_url="https://mail.poffice.online/SOGo/dav/"):
+        self.username = username
+        self.password = password
+        self.base_url = base_url
+
+    def _get_calendar(self):
+        client = caldav.DAVClient(url=self.base_url, username=self.username, password=self.password)
+        principal = client.principal()
+        calendars = principal.calendars()
+        if not calendars:
+            raise Exception("No calendars found")
+        return calendars[0]
+
+    def add_event(self, summary, description, start_time, duration_minutes=60, location=None):
+        try:
+            calendar = self._get_calendar()
+            cal = Calendar()
+            cal.add('prodid', '-//Poffice Automation//poffice.online//')
+            cal.add('version', '2.0')
+            
+            event = Event()
+            event.add('summary', summary)
+            event.add('description', description)
+            if location:
+                event.add('location', location)
+            event.add('dtstart', start_time)
+            event.add('dtend', start_time + timedelta(minutes=duration_minutes))
+            event.add('dtstamp', datetime.now(pytz.utc))
+            event.add('uid', str(uuid.uuid4()))
+            
+            cal.add_component(event)
+            calendar.save_event(cal.to_ical())
+            return {"status": "success", "message": f"Event '{summary}' added"}
+        except Exception as e:
+            return {"status": "error", "message": str(e)}
+
+    def list_events(self, start=None, end=None):
+        try:
+            calendar = self._get_calendar()
+            if not start:
+                start = datetime.now(pytz.utc)
+            if not end:
+                end = start + timedelta(days=7)
+            
+            events = calendar.date_search(start, end)
+            results = []
+            for event in events:
+                ical = Calendar.from_ical(event.data)
+                for component in ical.walk():
+                    if component.name == "VEVENT":
+                        results.append({
+                            "uid": str(component.get('uid')),
+                            "summary": str(component.get('summary')),
+                            "start": component.get('dtstart').dt.isoformat(),
+                            "end": component.get('dtend').dt.isoformat() if component.get('dtend') else None,
+                            "description": str(component.get('description'))
+                        })
+            return {"status": "success", "events": results}
+        except Exception as e:
+            return {"status": "error", "message": str(e)}
+
+    def delete_event(self, uid):
+        try:
+            calendar = self._get_calendar()
+            event = calendar.event_by_uid(uid)
+            event.delete()
+            return {"status": "success", "message": f"Event {uid} deleted"}
+        except Exception as e:
+            return {"status": "error", "message": str(e)}
+
+    def update_event(self, uid, summary=None, description=None, start_time=None, duration_minutes=None):
+        try:
+            calendar = self._get_calendar()
+            event_obj = calendar.event_by_uid(uid)
+            ical = Calendar.from_ical(event_obj.data)
+            
+            for component in ical.walk():
+                if component.name == "VEVENT":
+                    if summary: component.replace('summary', summary)
+                    if description: component.replace('description', description)
+                    if start_time: 
+                        component.replace('dtstart', start_time)
+                        if duration_minutes:
+                             component.replace('dtend', start_time + timedelta(minutes=duration_minutes))
+                    elif duration_minutes:
+                        old_start = component.get('dtstart').dt
+                        component.replace('dtend', old_start + timedelta(minutes=duration_minutes))
+            
+            event_obj.data = ical.to_ical()
+            event_obj.save()
+            return {"status": "success", "message": f"Event {uid} updated"}
+        except Exception as e:
+            return {"status": "error", "message": str(e)}
+
+    def send_invite(self, smtp_user, smtp_pass, to_email, summary, description, start_time, duration_minutes=60, location=None):
+        msg = MIMEMultipart('mixed')
+        msg['Reply-To'] = smtp_user
+        msg['From'] = smtp_user
+        msg['To'] = to_email
+        msg['Subject'] = f"Invitation: {summary}"
+        cal = Calendar()
+        cal.add('prodid', '-//Poffice Automation//poffice.online//'); cal.add('version', '2.0'); cal.add('method', 'REQUEST')
+        event = Event()
+        event.add('summary', summary); event.add('description', description)
+        if location: event.add('location', location)
+        event.add('dtstart', start_time); event.add('dtend', start_time + timedelta(minutes=duration_minutes))
+        event.add('dtstamp', datetime.now(pytz.utc)); event.add('uid', str(uuid.uuid4())); event.add('priority', 5)
+        event.add('attendee', f"MAILTO:{to_email}", extra_params={'RSVP': 'TRUE'})
+        event.add('organizer', f"MAILTO:{smtp_user}")
+        cal.add_component(event)
+        part_text = MIMEText(f"You are invited to: {summary}\n\nDescription: {description}", 'plain')
+        msg.attach(part_text)
+        part_ics = MIMEText(cal.to_ical().decode("utf-8"), 'calendar; method=REQUEST')
+        part_ics.add_header('Content-class', 'urn:content-classes:calendarmessage')
+        part_ics.add_header('Filename', 'invite.ics'); part_ics.add_header('Content-Disposition', 'attachment; filename=invite.ics')
+        msg.attach(part_ics)
+        try:
+            server = smtplib.SMTP("mail.poffice.online", 587); server.starttls(); server.login(smtp_user, smtp_pass)
+            server.sendmail(smtp_user, to_email, msg.as_string()); server.quit()
+            return {"status": "success"}
+        except Exception as e: return {"status": "error", "message": str(e)}
+
+if __name__ == "__main__":
+    import sys, os
+    USER = os.getenv("POFFICE_EMAIL", "admin@poffice.online")
+    PASS = os.getenv("POFFICE_PASSWORD", "")
+    cal_manager = PofficeCalendar(USER, PASS)
+    if len(sys.argv) > 1:
+        action = sys.argv[1]
+        if action == "add":
+            start_dt = datetime.strptime(sys.argv[4], "%Y-%m-%d %H:%M").replace(tzinfo=pytz.utc)
+            print(cal_manager.add_event(sys.argv[2], sys.argv[3], start_dt))
+        elif action == "list":
+            print(cal_manager.list_events())
+        elif action == "delete":
+            print(cal_manager.delete_event(sys.argv[2]))
+        elif action == "invite":
+            start_dt = datetime.strptime(sys.argv[5], "%Y-%m-%d %H:%M").replace(tzinfo=pytz.utc)
+            print(cal_manager.send_invite(USER, PASS, sys.argv[2], sys.argv[3], sys.argv[4], start_dt))

package/scripts/poffice_docs.py

@@ -0,0 +1,121 @@
+import requests
+import json
+import os
+
+class SeafileAdmin:
+    def __init__(self, username, password, base_url="https://cloud.poffice.online"):
+        self.username = username
+        self.password = password
+        self.base_url = base_url
+        self.token = self._get_token()
+        self.headers = {
+            "Authorization": f"Token {self.token}",
+            "Content-Type": "application/json"
+        }
+
+    def _get_token(self):
+        response = requests.post(f"{self.base_url}/api2/auth-token/", data={
+            "username": self.username,
+            "password": self.password
+        }, verify=False)
+        if response.status_code == 200:
+            return response.json()["token"]
+        else:
+            raise Exception(f"Failed to get Seafile token: {response.text}")
+
+    def create_user(self, email, password, is_admin=False):
+        # Admin endpoint to create user
+        data = {
+            "email": email,
+            "password": password,
+            "is_staff": "true" if is_admin else "false"
+        }
+        # Use v2.1 for better admin control
+        response = requests.post(f"{self.base_url}/api/v2.1/admin/users/", headers=self.headers, json=data, verify=False)
+        return response.json()
+
+    def list_users(self):
+        # Use v2.1 admin endpoint
+        response = requests.get(f"{self.base_url}/api/v2.1/admin/users/", headers=self.headers, verify=False)
+        return response.json()
+
+    def delete_user(self, email):
+        # Use v2.1 admin endpoint
+        response = requests.delete(f"{self.base_url}/api/v2.1/admin/users/{email}/", headers=self.headers, verify=False)
+        return response.json() if response.content else {"status": "ok"}
+
+    def list_repos(self):
+        response = requests.get(f"{self.base_url}/api2/repos/", headers=self.headers, verify=False)
+        return response.json()
+
+    def create_repo(self, name):
+        # Note: creates a repo for the current user
+        response = requests.post(f"{self.base_url}/api2/repos/", headers=self.headers, json={"name": name}, verify=False)
+        return response.json()
+
+    def list_files(self, repo_id, path="/"):
+        response = requests.get(f"{self.base_url}/api2/repos/{repo_id}/dir/?p={path}", headers=self.headers, verify=False)
+        return response.json()
+
+    def upload_file(self, repo_id, file_path, target_path="/"):
+        # 1. Get upload link
+        response = requests.get(f"{self.base_url}/api2/repos/{repo_id}/upload-link/", headers=self.headers, verify=False)
+        upload_url = response.json() # This is the direct string of the URL
+        
+        # 2. Upload file
+        filename = os.path.basename(file_path)
+        with open(file_path, 'rb') as f:
+            files = {
+                'file': (filename, f),
+                'parent_dir': (None, target_path)
+            }
+            # Upload doesn't use the standard json headers
+            upload_response = requests.post(upload_url, headers={"Authorization": f"Token {self.token}"}, files=files, verify=False)
+            return upload_response.text
+
+    def download_file(self, repo_id, file_path, save_as):
+        # 1. Get download link
+        response = requests.get(f"{self.base_url}/api2/repos/{repo_id}/file/?p={file_path}", headers=self.headers, verify=False)
+        download_url = response.json() # Direct string
+        
+        # 2. Download content
+        r = requests.get(download_url, verify=False)
+        with open(save_as, 'wb') as f:
+            f.write(r.content)
+        return save_as
+
+if __name__ == "__main__":
+    import sys
+    # Example usage
+    USER = os.getenv("SEAFILE_ADMIN_EMAIL", "")
+    PASS = os.getenv("SEAFILE_ADMIN_PASSWORD", "")
+    
+    admin = SeafileAdmin(USER, PASS)
+    
+    if len(sys.argv) > 1:
+        action = sys.argv[1]
+        if action == "list-users":
+            print(json.dumps(admin.list_users(), indent=4))
+        elif action == "create-user":
+            # python3 poffice_docs.py create-user email pass [is_admin]
+            is_admin = sys.argv[4].lower() == 'true' if len(sys.argv) > 4 else False
+            print(json.dumps(admin.create_user(sys.argv[2], sys.argv[3], is_admin), indent=4))
+        elif action == "delete-user":
+            # python3 poffice_docs.py delete-user email
+            print(json.dumps(admin.delete_user(sys.argv[2]), indent=4))
+        elif action == "list-repos":
+            print(json.dumps(admin.list_repos(), indent=4))
+        elif action == "create-repo":
+            # python3 poffice_docs.py create-repo name
+            print(json.dumps(admin.create_repo(sys.argv[2]), indent=4))
+        elif action == "list-files":
+            # python3 poffice_docs.py list-files repo_id [path]
+            path = sys.argv[3] if len(sys.argv) > 3 else "/"
+            print(json.dumps(admin.list_files(sys.argv[2], path), indent=4))
+        elif action == "upload":
+            # python3 poffice_docs.py upload repo_id file_path [target_path]
+            target = sys.argv[4] if len(sys.argv) > 4 else "/"
+            print(admin.upload_file(sys.argv[2], sys.argv[3], target))
+        elif action == "download":
+            # python3 poffice_docs.py download repo_id file_path save_as
+            print(admin.download_file(sys.argv[2], sys.argv[3], sys.argv[4]))

package/scripts/poffice_gen.py

@@ -0,0 +1,70 @@
+import os
+from docx import Document
+from openpyxl import Workbook, load_workbook
+from reportlab.pdfgen import canvas
+from reportlab.lib.pagesizes import letter
+
+class PofficeDocumentGenerator:
+    @staticmethod
+    def create_word(path, title, content):
+        doc = Document()
+        doc.add_heading(title, 0)
+        doc.add_paragraph(content)
+        doc.save(path)
+        return path
+
+    @staticmethod
+    def update_word(path, new_paragraph):
+        doc = Document(path)
+        doc.add_paragraph(new_paragraph)
+        doc.save(path)
+        return path
+
+    @staticmethod
+    def create_excel(path, sheet_name, data):
+        """data should be a list of lists: [['Col1', 'Col2'], [1, 2]]"""
+        wb = Workbook()
+        ws = wb.active
+        ws.title = sheet_name
+        for row in data:
+            ws.append(row)
+        wb.save(path)
+        return path
+
+    @staticmethod
+    def update_excel(path, data):
+        wb = load_workbook(path)
+        ws = wb.active
+        for row in data:
+            ws.append(row)
+        wb.save(path)
+        return path
+
+    @staticmethod
+    def create_pdf(path, title, content):
+        c = canvas.Canvas(path, pagesize=letter)
+        width, height = letter
+        c.setFont("Helvetica-Bold", 16)
+        c.drawString(72, height - 72, title)
+        c.setFont("Helvetica", 12)
+        
+        # Simple line splitter for content
+        textobject = c.beginText(72, height - 100)
+        for line in content.split('\n'):
+            textobject.textLine(line)
+        c.drawText(textobject)
+        
+        c.showPage()
+        c.save()
+        return path
+
+if __name__ == "__main__":
+    import sys
+    gen = PofficeDocumentGenerator()
+    if len(sys.argv) > 1:
+        action = sys.argv[1]
+        if action == "create-word":
+            # python3 poffice_gen.py create-word test.docx "My Title" "My Content"
+            print(gen.create_word(sys.argv[2], sys.argv[3], sys.argv[4]))
+        elif action == "create-pdf":
+            print(gen.create_pdf(sys.argv[2], sys.argv[3], sys.argv[4]))

package/scripts/poffice_imap.py

@@ -0,0 +1,65 @@
+import imaplib
+import email
+from email.header import decode_header
+import os
+
+class PofficeImap:
+    def __init__(self, user, password, imap_server="mail.poffice.online", imap_port=993):
+        self.user = user
+        self.password = password
+        self.imap_server = imap_server
+        self.imap_port = imap_port
+
+    def list_emails(self, folder="INBOX", limit=5):
+        try:
+            # Connect to server
+            mail = imaplib.IMAP4_SSL(self.imap_server, self.imap_port)
+            mail.login(self.user, self.password)
+            mail.select(folder)
+
+            # Search for all emails
+            status, messages = mail.search(None, "ALL")
+            if status != "OK":
+                return {"status": "error", "message": "Failed to search emails"}
+
+            # Get the list of email IDs
+            mail_ids = messages[0].split()
+            results = []
+
+            # Fetch the last 'limit' emails
+            for i in mail_ids[-limit:]:
+                status, data = mail.fetch(i, "(RFC822)")
+                if status != "OK":
+                    continue
+
+                for response_part in data:
+                    if isinstance(response_part, tuple):
+                        msg = email.message_from_bytes(response_part[1])
+                        subject, encoding = decode_header(msg["Subject"])[0]
+                        if isinstance(subject, bytes):
+                            subject = subject.decode(encoding if encoding else "utf-8")
+                        
+                        from_ = msg.get("From")
+                        results.append({
+                            "id": i.decode(),
+                            "from": from_,
+                            "subject": subject,
+                            "date": msg.get("Date")
+                        })
+
+            mail.close()
+            mail.logout()
+            return {"status": "success", "emails": results}
+        except Exception as e:
+            return {"status": "error", "message": str(e)}
+
+if __name__ == "__main__":
+    import sys
+    import json
+    if len(sys.argv) > 2:
+        user = sys.argv[1]
+        password = sys.argv[2]
+        imap = PofficeImap(user, password)
+        print(json.dumps(imap.list_emails(), indent=4))
+    else:
+        print("Usage: python3 poffice_imap.py <user> <password>")

package/scripts/poffice_mail.py

@@ -0,0 +1,73 @@
+import requests
+import json
+import os
+import smtplib
+from email.mime.text import MIMEText
+from email.mime.multipart import MIMEMultipart
+
+class PofficeMail:
+    def __init__(self, api_key, base_url="https://mail.poffice.online"):
+        self.api_key = api_key
+        self.base_url = base_url
+        self.headers = {
+            "X-API-Key": api_key,
+            "Content-Type": "application/json"
+        }
+
+    def get_domains(self):
+        # We use http to the container IP if on host, but here we use the public URL
+        # For the script to be robust, we allow overriding the base_url
+        response = requests.get(f"{self.base_url}/api/v1/get/domain/all", headers=self.headers, verify=False)
+        return response.json()
+
+    def create_mailbox(self, domain, local_part, name, password, quota=3072):
+        data = {
+            "address": f"{local_part}@{domain}",
+            "name": name,
+            "domain": domain,
+            "local_part": local_part,
+            "password": password,
+            "password2": password,
+            "quota": quota,
+            "active": "1"
+        }
+        response = requests.post(f"{self.base_url}/api/v1/add/mailbox", headers=self.headers, json=data, verify=False)
+        return response.json()
+
+    def send_email(self, smtp_user, smtp_pass, to_email, subject, body, smtp_server="mail.poffice.online", smtp_port=587):
+        msg = MIMEMultipart()
+        msg['From'] = smtp_user
+        msg['To'] = to_email
+        msg['Subject'] = subject
+        msg.attach(MIMEText(body, 'plain'))
+
+        try:
+            server = smtplib.SMTP(smtp_server, smtp_port)
+            server.starttls()
+            server.login(smtp_user, smtp_pass)
+            text = msg.as_string()
+            server.sendmail(smtp_user, to_email, text)
+            server.quit()
+            return {"status": "success"}
+        except Exception as e:
+            return {"status": "error", "message": str(e)}
+
+if __name__ == "__main__":
+    # Example usage
+    import sys
+    # For testing, we can provide the API key as en env var
+    API_KEY = os.getenv("MAILCOW_API_KEY", "")
+    client = PofficeMail(API_KEY)
+    
+    if len(sys.argv) > 1:
+        action = sys.argv[1]
+        if action == "list-domains":
+            print(json.dumps(client.get_domains(), indent=4))
+        elif action == "create-mailbox":
+            # python3 poffice_mail.py create-mailbox domain user name pass [quota]
+            domain = sys.argv[2]
+            user = sys.argv[3]
+            name = sys.argv[4]
+            passwd = sys.argv[5]
+            quota = int(sys.argv[6]) if len(sys.argv) > 6 else 3072
+            print(json.dumps(client.create_mailbox(domain, user, name, passwd, quota), indent=4))

package/scripts/poffice_master_admin.py

@@ -0,0 +1,80 @@
+import os
+import psycopg2
+from psycopg2.extras import RealDictCursor
+import json
+import subprocess
+
+class PofficeMasterAdmin:
+    def __init__(self, db_url):
+        self.db_url = db_url
+
+    def get_user_from_neon(self, email):
+        conn = psycopg2.connect(self.db_url)
+        cur = conn.cursor(cursor_factory=RealDictCursor)
+        cur.execute('SELECT * FROM "User" WHERE email = %s', (email,))
+        user = cur.fetchone()
+        cur.close()
+        conn.close()
+        return user
+
+    def is_master_admin(self, email):
+        user = self.get_user_from_neon(email)
+        return user and user.get('isAdmin', False)
+
+    def synchronize_admin_access(self, email, password, name):
+        """
+        Ensures the user has administrative access or at least a mailbox 
+        and accounts in all integrated apps.
+        """
+        if not self.is_master_admin(email):
+            return {"status": "error", "message": f"User {email} is not a master admin in Neon."}
+
+        results = {}
+
+        # 1. Sync Mailbox
+        try:
+            # We use the existing poffice_mail.py script
+            # Suppress warnings with -W ignore
+            cmd = ["python3", "-W", "ignore", ".agents/skills/poffice-admin/scripts/poffice_mail.py", "create-mailbox", "poffice.online", email.split('@')[0], name, password, "512"]
+            output = subprocess.check_output(cmd, stderr=subprocess.DEVNULL).decode()
+            results["mail"] = json.loads(output)
+        except Exception as e:
+            results["mail"] = {"status": "error", "message": f"Raw output: {output if 'output' in locals() else 'None'}. Error: {str(e)}"}
+
+        # 2. Sync Seafile
+        try:
+            cmd = ["python3", "-W", "ignore", ".agents/skills/poffice-admin/scripts/poffice_docs.py", "create-user", email, password, "true"]
+            output = subprocess.check_output(cmd, stderr=subprocess.DEVNULL).decode()
+            results["seafile"] = json.loads(output)
+        except Exception as e:
+            results["seafile"] = {"status": "error", "message": f"Raw output: {output if 'output' in locals() else 'None'}. Error: {str(e)}"}
+        
+        # 3. Sync Paperless (Optional: depending on if paperless has per-user admin)
+        # For now we just acknowledge the check
+        results["paperless"] = {"status": "not_implemented", "message": "Manual token management required for Paperless-ngx admin access."}
+
+        return {"status": "success", "results": results}
+
+if __name__ == "__main__":
+    import sys
+    # Load DB URL from .env or provided
+    DB_URL = os.getenv("DATABASE_URL", "")
+    
+    manager = PofficeMasterAdmin(DB_URL)
+    
+    if len(sys.argv) > 1:
+        action = sys.argv[1]
+        if action == "check":
+            # python3 poffice_master_admin.py check email
+            email = sys.argv[2]
+            print(json.dumps({"isAdmin": manager.is_master_admin(email)}, indent=4))
+        elif action == "sync":
+            # python3 poffice_master_admin.py sync email password name
+            email = sys.argv[2]
+            password = sys.argv[3]
+            name = sys.argv[4]
+            print(json.dumps(manager.synchronize_admin_access(email, password, name), indent=4))
+        else:
+            print("Unknown action")
+    else:
+        print("Usage: python3 poffice_master_admin.py <check|sync> <email> [password] [name]")

package/scripts/poffice_paperless.py

@@ -0,0 +1,43 @@
+import requests
+import json
+import os
+
+class PaperlessAdmin:
+    def __init__(self, token, base_url="https://docs.poffice.online"):
+        self.token = token
+        self.base_url = base_url
+        self.headers = {
+            "Authorization": f"Token {self.token}",
+            "Content-Type": "application/json"
+        }
+
+    def list_documents(self):
+        response = requests.get(f"{self.base_url}/api/documents/", headers=self.headers, verify=False)
+        return response.json()
+
+    def upload_document(self, file_path, title=None):
+        with open(file_path, "rb") as f:
+            files = {"document": f}
+            data = {}
+            if title:
+                data["title"] = title
+            response = requests.post(f"{self.base_url}/api/documents/post_document/", headers={"Authorization": f"Token {self.token}"}, files=files, data=data, verify=False)
+            return response.json()
+
+if __name__ == "__main__":
+    import sys
+    # For Paperless, we need an API token. 
+    # Paperless tokens are created in the Django admin or via a POST to /api/token/ (if enabled)
+    # For now, we assume the user provides it or we use a known one.
+    TOKEN = os.getenv("PAPERLESS_TOKEN")
+    if not TOKEN:
+        print("Error: PAPERLESS_TOKEN env var required")
+        sys.exit(1)
+        
+    admin = PaperlessAdmin(TOKEN)
+    if len(sys.argv) > 1:
+        action = sys.argv[1]
+        if action == "list":
+            print(json.dumps(admin.list_documents(), indent=4))
+        elif action == "upload":
+            print(json.dumps(admin.upload_document(sys.argv[2]), indent=4))