Introduce DOVECOT_INET_PROTOCOLS env (#2358)

This commit is contained in:
Casper 2022-01-06 00:53:18 +01:00 committed by GitHub
parent 9d5a9a16a0
commit 0c31f71358
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 102 additions and 8 deletions

View file

@ -230,11 +230,19 @@ This option has been added in November 2019. Using other format than Maildir is
##### POSTFIX_INET_PROTOCOLS ##### POSTFIX_INET_PROTOCOLS
- **all** => All possible protocols. - **all** => Listen on all interfaces.
- ipv4 => Use only IPv4 traffic. Most likely you want this behind Docker. - ipv4 => Listen only on IPv4 interfaces. Most likely you want this behind Docker.
- ipv6 => Use only IPv6 traffic. - ipv6 => Listen only on IPv6 interfaces.
Note: More details in <http://www.postfix.org/postconf.5.html#inet_protocols> Note: More details at <http://www.postfix.org/postconf.5.html#inet_protocols>
##### DOVECOT_INET_PROTOCOLS
- **all** => Listen on all interfaces
- ipv4 => Listen only on IPv4 interfaces. Most likely you want this behind Docker.
- ipv6 => Listen only on IPv6 interfaces.
Note: More information at <https://dovecot.org/doc/dovecot-example.conf>
#### Reports #### Reports

View file

@ -226,14 +226,22 @@ REPORT_SENDER=
# Note: This Variable actually controls logrotate inside the container and rotates the log depending on this setting. The main log output is still available in its entirety via `docker logs mail` (Or your respective container name). If you want to control logrotation for the docker generated logfile see: [Docker Logging Drivers](https://docs.docker.com/config/containers/logging/configure/) # Note: This Variable actually controls logrotate inside the container and rotates the log depending on this setting. The main log output is still available in its entirety via `docker logs mail` (Or your respective container name). If you want to control logrotation for the docker generated logfile see: [Docker Logging Drivers](https://docs.docker.com/config/containers/logging/configure/)
REPORT_INTERVAL=daily REPORT_INTERVAL=daily
# Choose TCP/IP protocols to use # Choose TCP/IP protocols for postfix to use
# **all** => All possible protocols. # **all** => All possible protocols.
# ipv4 => Use only IPv4 traffic. Most likely you want this behind Docker. # ipv4 => Use only IPv4 traffic. Most likely you want this behind Docker.
# ipv6 => Use only IPv6 traffic. # ipv6 => Use only IPv6 traffic.
# #
# Note: More details in http://www.postfix.org/postconf.5.html#inet_protocols # Note: More details at http://www.postfix.org/postconf.5.html#inet_protocols
POSTFIX_INET_PROTOCOLS=all POSTFIX_INET_PROTOCOLS=all
# Choose TCP/IP protocols for dovecot to use
# **all** => Listen on all interfaces
# ipv4 => Listen only on IPv4 interfaces. Most likely you want this behind Docker.
# ipv6 => Listen only on IPv6 interfaces.
#
# Note: More information at https://dovecot.org/doc/dovecot-example.conf
DOVECOT_INET_PROTOCOLS=all
# ----------------------------------------------- # -----------------------------------------------
# --- SpamAssassin Section ---------------------- # --- SpamAssassin Section ----------------------
# ----------------------------------------------- # -----------------------------------------------

View file

@ -19,6 +19,7 @@ declare -a FUNCS_SETUP FUNCS_FIX FUNCS_CHECK FUNCS_MISC DAEMONS_START
VARS[AMAVIS_LOGLEVEL]="${AMAVIS_LOGLEVEL:=0}" VARS[AMAVIS_LOGLEVEL]="${AMAVIS_LOGLEVEL:=0}"
VARS[DEFAULT_RELAY_HOST]="${DEFAULT_RELAY_HOST:=}" VARS[DEFAULT_RELAY_HOST]="${DEFAULT_RELAY_HOST:=}"
VARS[DMS_DEBUG]="${DMS_DEBUG:=0}" VARS[DMS_DEBUG]="${DMS_DEBUG:=0}"
VARS[DOVECOT_INET_PROTOCOLS]="${DOVECOT_INET_PROTOCOLS:=all}"
VARS[DOVECOT_MAILBOX_FORMAT]="${DOVECOT_MAILBOX_FORMAT:=maildir}" VARS[DOVECOT_MAILBOX_FORMAT]="${DOVECOT_MAILBOX_FORMAT:=maildir}"
VARS[DOVECOT_TLS]="${DOVECOT_TLS:=no}" VARS[DOVECOT_TLS]="${DOVECOT_TLS:=no}"
VARS[ENABLE_AMAVIS]="${ENABLE_AMAVIS:=1}" VARS[ENABLE_AMAVIS]="${ENABLE_AMAVIS:=1}"
@ -68,6 +69,7 @@ VARS[SSL_TYPE]="${SSL_TYPE:=}"
VARS[SUPERVISOR_LOGLEVEL]="${SUPERVISOR_LOGLEVEL:=warn}" VARS[SUPERVISOR_LOGLEVEL]="${SUPERVISOR_LOGLEVEL:=warn}"
VARS[TLS_LEVEL]="${TLS_LEVEL:=modern}" VARS[TLS_LEVEL]="${TLS_LEVEL:=modern}"
VARS[UPDATE_CHECK_INTERVAL]="${UPDATE_CHECK_INTERVAL:=1d}" VARS[UPDATE_CHECK_INTERVAL]="${UPDATE_CHECK_INTERVAL:=1d}"
# shellcheck disable=SC2034
VARS[VIRUSMAILS_DELETE_DELAY]="${VIRUSMAILS_DELETE_DELAY:=7}" VARS[VIRUSMAILS_DELETE_DELAY]="${VIRUSMAILS_DELETE_DELAY:=7}"
export HOSTNAME DOMAINNAME CHKSUM_FILE export HOSTNAME DOMAINNAME CHKSUM_FILE
@ -108,7 +110,8 @@ function register_functions
[[ ${ENABLE_LDAP} -eq 1 ]] && _register_setup_function '_setup_ldap' [[ ${ENABLE_LDAP} -eq 1 ]] && _register_setup_function '_setup_ldap'
[[ ${ENABLE_POSTGREY} -eq 1 ]] && _register_setup_function '_setup_postgrey' [[ ${ENABLE_POSTGREY} -eq 1 ]] && _register_setup_function '_setup_postgrey'
[[ ${ENABLE_SASLAUTHD} -eq 1 ]] && _register_setup_function '_setup_saslauthd' [[ ${ENABLE_SASLAUTHD} -eq 1 ]] && _register_setup_function '_setup_saslauthd'
[[ ${POSTFIX_INET_PROTOCOLS} != 'all' ]] && _register_setup_function '_setup_inet_protocols' [[ ${POSTFIX_INET_PROTOCOLS} != 'all' ]] && _register_setup_function '_setup_postfix_inet_protocols'
[[ ${DOVECOT_INET_PROTOCOLS} != 'all' ]] && _register_setup_function '_setup_dovecot_inet_protocols'
[[ ${ENABLE_FAIL2BAN} -eq 1 ]] && _register_setup_function '_setup_fail2ban' [[ ${ENABLE_FAIL2BAN} -eq 1 ]] && _register_setup_function '_setup_fail2ban'
[[ ${ENABLE_DNSBL} -eq 0 ]] && _register_setup_function '_setup_dnsbl_disable' [[ ${ENABLE_DNSBL} -eq 0 ]] && _register_setup_function '_setup_dnsbl_disable'

View file

@ -1100,12 +1100,33 @@ function _setup_postfix_vhost
_create_postfix_vhost _create_postfix_vhost
} }
function _setup_inet_protocols function _setup_postfix_inet_protocols
{ {
_notify 'task' 'Setting up POSTFIX_INET_PROTOCOLS option' _notify 'task' 'Setting up POSTFIX_INET_PROTOCOLS option'
postconf -e "inet_protocols = ${POSTFIX_INET_PROTOCOLS}" postconf -e "inet_protocols = ${POSTFIX_INET_PROTOCOLS}"
} }
function _setup_dovecot_inet_protocols
{
local PROTOCOL
_notify 'task' 'Setting up DOVECOT_INET_PROTOCOLS option'
# https://dovecot.org/doc/dovecot-example.conf
if [[ ${DOVECOT_INET_PROTOCOLS} == "ipv4" ]]
then
PROTOCOL='*' # IPv4 only
elif [[ ${DOVECOT_INET_PROTOCOLS} == "ipv6" ]]
then
PROTOCOL='[::]' # IPv6 only
else
# Unknown value, panic.
dms_panic__invalid_value 'DOVECOT_INET_PROTOCOLS' "${DOVECOT_INET_PROTOCOLS}"
fi
sedfile -i "s|^#listen =.*|listen = ${PROTOCOL}|g" /etc/dovecot/dovecot.conf
}
function _setup_docker_permit function _setup_docker_permit
{ {
_notify 'task' 'Setting up PERMIT_DOCKER Option' _notify 'task' 'Setting up PERMIT_DOCKER Option'

View file

@ -0,0 +1,54 @@
load 'test_helper/common'
function setup_file() {
local PRIVATE_CONFIG
export ALL IPV4 IPV6
PRIVATE_CONFIG="$(duplicate_config_for_container . "${IPV4}")"
ALL="mail_dovecot_all_protocols"
IPV4="mail_dovecot_ipv4"
IPV6="mail_dovecot_ipv6"
docker run --rm -d --name "${ALL}" \
-v "${PRIVATE_CONFIG}":/tmp/docker-mailserver \
-e DOVECOT_INET_PROTOCOLS= \
-h mail.my-domain.com \
-t "${NAME}"
docker run --rm -d --name "${IPV4}" \
-v "${PRIVATE_CONFIG}":/tmp/docker-mailserver \
-e DOVECOT_INET_PROTOCOLS=ipv4 \
-h mail.my-domain.com \
-t "${NAME}"
docker run --rm -d --name "${IPV6}" \
-v "${PRIVATE_CONFIG}":/tmp/docker-mailserver \
-e DOVECOT_INET_PROTOCOLS=ipv6 \
-h mail.my-domain.com \
-t "${NAME}"
}
@test 'checking dovecot IP configuration' {
wait_for_finished_setup_in_container "${ALL}"
run docker exec "${ALL}" grep '^#listen = \*, ::' /etc/dovecot/dovecot.conf
assert_success
assert_output '#listen = *, ::'
}
@test 'checking dovecot IPv4 configuration' {
wait_for_finished_setup_in_container "${IPV4}"
run docker exec "${IPV4}" grep '^listen = \*$' /etc/dovecot/dovecot.conf
assert_success
assert_output 'listen = *'
}
@test 'checking dovecot IPv6 configuration' {
wait_for_finished_setup_in_container "${IPV6}"
run docker exec "${IPV6}" grep '^listen = \[::\]$' /etc/dovecot/dovecot.conf
assert_success
assert_output 'listen = [::]'
}
function teardown_file {
docker rm -f "${ALL}" "${IPV4}" "${IPV6}"
}