github-com-docker-mailserver/docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2024-01-19 02:48:50 +00:00
Code Issues Projects Releases Wiki Activity
docker-mailserver/target/helper_functions.sh

56 lines
2 KiB
Bash
Raw Normal View History

WIP: actually test PERMIT_DOCKER=connected-networks also showcase timeouts and makefile integration
2019-08-07 00:24:56 +00:00
#!/bin/bash
# expects mask prefix length and the digit
function _mask_ip_digit() {
certificates from acme.json Will extract certificates from acme.json as written by traefik for usage in dovecot and postfix. Also watches acme.json for changes. For this to work the file has to be mounted/present at `/etc/letsencrypt/acme.json`
2020-06-30 20:43:22 +00:00
if [[ $1 -ge 8 ]]; then
MASK=255
else
if [[ $1 -le 0 ]]; then
MASK=0
else
VALUES=('0' '128' '192' '224' '240' '248' '252' '254' '255')
MASK=${VALUES[$1]}
fi
fi
echo $(($2 & $MASK))
WIP: actually test PERMIT_DOCKER=connected-networks also showcase timeouts and makefile integration
2019-08-07 00:24:56 +00:00
}
# transforms a specific ip with CIDR suffix like 1.2.3.4/16
# to subnet with cidr suffix like 1.2.0.0/16
function _sanitize_ipv4_to_subnet_cidr() {
certificates from acme.json Will extract certificates from acme.json as written by traefik for usage in dovecot and postfix. Also watches acme.json for changes. For this to work the file has to be mounted/present at `/etc/letsencrypt/acme.json`
2020-06-30 20:43:22 +00:00
IP=${1%%/*}
PREFIX_LENGTH=${1#*/}
WIP: actually test PERMIT_DOCKER=connected-networks also showcase timeouts and makefile integration
2019-08-07 00:24:56 +00:00
certificates from acme.json Will extract certificates from acme.json as written by traefik for usage in dovecot and postfix. Also watches acme.json for changes. For this to work the file has to be mounted/present at `/etc/letsencrypt/acme.json`
2020-06-30 20:43:22 +00:00
# split IP by . into digits
DIGITS=(${IP//./ })
WIP: actually test PERMIT_DOCKER=connected-networks also showcase timeouts and makefile integration
2019-08-07 00:24:56 +00:00
certificates from acme.json Will extract certificates from acme.json as written by traefik for usage in dovecot and postfix. Also watches acme.json for changes. For this to work the file has to be mounted/present at `/etc/letsencrypt/acme.json`
2020-06-30 20:43:22 +00:00
# mask digits according to prefix length
MASKED_DIGITS=()
DIGIT_PREFIX_LENGTH="$PREFIX_LENGTH"
for DIGIT in "${DIGITS[@]}"; do
MASKED_DIGITS+=($(_mask_ip_digit $DIGIT_PREFIX_LENGTH $DIGIT))
DIGIT_PREFIX_LENGTH=$(($DIGIT_PREFIX_LENGTH - 8))
done
WIP: actually test PERMIT_DOCKER=connected-networks also showcase timeouts and makefile integration
2019-08-07 00:24:56 +00:00
certificates from acme.json Will extract certificates from acme.json as written by traefik for usage in dovecot and postfix. Also watches acme.json for changes. For this to work the file has to be mounted/present at `/etc/letsencrypt/acme.json`
2020-06-30 20:43:22 +00:00
# output masked ip plus prefix length
echo ${MASKED_DIGITS[0]}.${MASKED_DIGITS[1]}.${MASKED_DIGITS[2]}.${MASKED_DIGITS[3]}/$PREFIX_LENGTH
}
# extracts certificates from acme.json and returns 0 if found
function extractCertsFromAcmeJson() {
WHAT=$1
# sorry for the code-golf :(
KEY=$(cat /etc/letsencrypt/acme.json | python -c "import sys,json,itertools; print map(lambda c: c[\"key\"] if (c[\"domain\"][\"main\"]==\"$WHAT\" or \"$WHAT\" in c[\"domain\"][\"sans\"]) else \"\", list(itertools.chain.from_iterable(map(lambda x: x[\"Certificates\"], json.load(sys.stdin).values()))))[0]")
CERT=$(cat /etc/letsencrypt/acme.json | python -c "import sys,json,itertools; print map(lambda c: c[\"certificate\"] if (c[\"domain\"][\"main\"]==\"$WHAT\" or \"$WHAT\" in c[\"domain\"][\"sans\"]) else \"\", list(itertools.chain.from_iterable(map(lambda x: x[\"Certificates\"], json.load(sys.stdin).values()))))[0]")
if [[ -n "${KEY}${CERT}" ]]; then
mkdir -p /etc/letsencrypt/live/"$HOSTNAME"/
echo $KEY | base64 -d >/etc/letsencrypt/live/"$HOSTNAME"/key.pem || exit 1
echo $CERT | base64 -d >/etc/letsencrypt/live/"$HOSTNAME"/fullchain.pem || exit 1
echo "Cert found in /etc/letsencrypt/acme.json for $WHAT"
return 0
else
return 1
fi
}
Reference in a new issue Copy permalink