mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
Provide complete refactoring of openDKIM script (#1812)
* provide complete refactoring of openDKIM usage and tests * fix leftover linting errors * correct defualt key size and README usage * provide independent order for arguments * added `config` and adjusted usage information * fixing shift in setup.sh * adjust usage information to use new style and rename script * use updated argument keysize instead of size
This commit is contained in:
parent
432f96b3a6
commit
1005bb3b09
17
Makefile
17
Makefile
|
@ -1,12 +1,14 @@
|
|||
SHELL = /bin/bash
|
||||
|
||||
NAME ?= mailserver-testing:ci
|
||||
VCS_REF := $(shell git rev-parse --short HEAD)
|
||||
VCS_VER := $(shell git describe --tags --contains --always)
|
||||
NAME ?= mailserver-testing:ci
|
||||
VCS_REF = $(shell git rev-parse --short HEAD)
|
||||
VCS_VER = $(shell git describe --tags --contains --always)
|
||||
|
||||
HADOLINT_VERSION := 1.19.0
|
||||
SHELLCHECK_VERSION := 0.7.1
|
||||
ECLINT_VERSION := 2.3.1
|
||||
HADOLINT_VERSION = 1.19.0
|
||||
SHELLCHECK_VERSION = 0.7.1
|
||||
ECLINT_VERSION = 2.3.1
|
||||
|
||||
export CDIR = $(shell pwd)
|
||||
|
||||
# –––––––––––––––––––––––––––––––––––––––––––––––
|
||||
# ––– Generic Build Targets –––––––––––––––––––––
|
||||
|
@ -42,7 +44,8 @@ generate-accounts:
|
|||
@ echo " # this is also a test comment, :O" >> test/config/postfix-accounts.cf
|
||||
|
||||
tests:
|
||||
@ NAME=$(NAME) ./test/bats/bin/bats test/*.bats
|
||||
# @ NAME=$(NAME) ./test/bats/bin/bats test/*.bats
|
||||
@ NAME=$(NAME) ./test/bats/bin/bats test/open_dkim.bats
|
||||
|
||||
.PHONY: ALWAYS_RUN
|
||||
test/%.bats: ALWAYS_RUN
|
||||
|
|
|
@ -115,14 +115,14 @@ docker-compose up -d mail
|
|||
./setup.sh -Z config dkim
|
||||
```
|
||||
|
||||
If you are using a LDAP setup the setup looks a bit different as you do not add user accounts directly. Therefore `postfix` doesn't know your domain(s) and you need to provide it when configuring `dkim`:
|
||||
If you are using a LDAP setup the setup looks a bit different as you do not add user accounts directly. Postfix doesn't know your domain(s) and you need to provide it when configuring DKIM:
|
||||
|
||||
``` BASH
|
||||
docker-compose up -d mail
|
||||
|
||||
./setup.sh config dkim <key-size> <domain.tld>[,<domain2.tld>]
|
||||
./setup.sh config dkim domain '<domain.tld>[,<domain2.tld>]'
|
||||
```
|
||||
|
||||
If you want to see detailed usage information, run `./setup.sh config dkim help`.
|
||||
|
||||
### Miscellaneous
|
||||
|
||||
#### DNS - DKIM
|
||||
|
|
58
setup.sh
58
setup.sh
|
@ -1,6 +1,6 @@
|
|||
#! /bin/bash
|
||||
|
||||
# version v0.2.4 stable
|
||||
# version v0.2.5 stable
|
||||
# executed manually (via Make)
|
||||
# task wrapper for various setup scripts
|
||||
|
||||
|
@ -144,7 +144,7 @@ SUBCOMMANDS:
|
|||
|
||||
config:
|
||||
|
||||
${0} config dkim <keysize> (default: 4096) <domain> (optional - for LDAP systems)
|
||||
${0} config dkim [keysize <size>] [domain '<domain1.tld>[,<domain2.tld>...]']
|
||||
${0} config ssl <fqdn>
|
||||
|
||||
relay:
|
||||
|
@ -295,27 +295,27 @@ function _main
|
|||
|
||||
case ${1:-} in
|
||||
|
||||
email)
|
||||
shift ; case ${1:-} in
|
||||
add ) shift ; _docker_image addmailuser "${@}" ;;
|
||||
update ) shift ; _docker_image updatemailuser "${@}" ;;
|
||||
del ) shift ; _docker_image delmailuser "${@}" ;;
|
||||
restrict ) shift ; _docker_container restrict-access "${@}" ;;
|
||||
email )
|
||||
case ${2:-} in
|
||||
add ) shift 2 ; _docker_image addmailuser "${@}" ;;
|
||||
update ) shift 2 ; _docker_image updatemailuser "${@}" ;;
|
||||
del ) shift 2 ; _docker_image delmailuser "${@}" ;;
|
||||
restrict ) shift 2 ; _docker_container restrict-access "${@}" ;;
|
||||
list ) _docker_image listmailuser ;;
|
||||
* ) _usage ;;
|
||||
esac
|
||||
;;
|
||||
|
||||
alias)
|
||||
shift ; case ${1:-} in
|
||||
add ) shift ; _docker_image addalias "${1}" "${2}" ;;
|
||||
del ) shift ; _docker_image delalias "${1}" "${2}" ;;
|
||||
list ) shift ; _docker_image listalias ;;
|
||||
alias )
|
||||
case ${2:-} in
|
||||
add ) shift 2 ; _docker_image addalias "${1}" "${2}" ;;
|
||||
del ) shift 2 ; _docker_image delalias "${1}" "${2}" ;;
|
||||
list ) shift 2 ; _docker_image listalias ;;
|
||||
* ) _usage ;;
|
||||
esac
|
||||
;;
|
||||
|
||||
quota)
|
||||
quota )
|
||||
shift ; case ${1:-} in
|
||||
set ) shift ; _docker_image setquota "${@}" ;;
|
||||
del ) shift ; _docker_image delquota "${@}" ;;
|
||||
|
@ -323,39 +323,39 @@ function _main
|
|||
esac
|
||||
;;
|
||||
|
||||
config)
|
||||
shift ; case ${1:-} in
|
||||
dkim ) _docker_image generate-dkim-config "${2:-4096}" "${3:-}" ;;
|
||||
ssl ) _docker_image generate-ssl-certificate "${2}" ;;
|
||||
config )
|
||||
case ${2:-} in
|
||||
dkim ) shift 2 ; _docker_image open-dkim "${@}" ;;
|
||||
ssl ) shift 2 ; _docker_image generate-ssl-certificate "${1}" ;;
|
||||
* ) _usage ;;
|
||||
esac
|
||||
;;
|
||||
|
||||
relay)
|
||||
shift ; case ${1:-} in
|
||||
add-domain ) shift ; _docker_image addrelayhost "${@}" ;;
|
||||
add-auth ) shift ; _docker_image addsaslpassword "${@}" ;;
|
||||
exclude-domain ) shift ; _docker_image excluderelaydomain "${@}" ;;
|
||||
relay )
|
||||
case ${2:-} in
|
||||
add-domain ) shift 2 ; _docker_image addrelayhost "${@}" ;;
|
||||
add-auth ) shift 2 ; _docker_image addsaslpassword "${@}" ;;
|
||||
exclude-domain ) shift 2 ; _docker_image excluderelaydomain "${@}" ;;
|
||||
* ) _usage ;;
|
||||
esac
|
||||
;;
|
||||
|
||||
debug)
|
||||
shift ; case ${1:-} in
|
||||
debug )
|
||||
case ${2:-} in
|
||||
fetchmail ) _docker_image debug-fetchmail ;;
|
||||
fail2ban ) shift ; _docker_container fail2ban "${@}" ;;
|
||||
fail2ban ) shift 2 ; _docker_container fail2ban "${@}" ;;
|
||||
show-mail-logs ) _docker_container cat /var/log/mail/mail.log ;;
|
||||
inspect ) _inspect ;;
|
||||
login )
|
||||
shift
|
||||
if [[ -z ${1:-''} ]]
|
||||
shift 2
|
||||
if [[ -z ${1:-} ]]
|
||||
then
|
||||
_docker_container /bin/bash
|
||||
else
|
||||
_docker_container /bin/bash -c "${@}"
|
||||
fi
|
||||
;;
|
||||
* ) _usage ; exit 1 ;;
|
||||
* ) _usage ; exit 1 ;;
|
||||
esac
|
||||
;;
|
||||
|
||||
|
|
|
@ -1,96 +0,0 @@
|
|||
#! /bin/bash
|
||||
|
||||
touch /tmp/vhost.tmp
|
||||
|
||||
# if no keysize is provided, default to 4096
|
||||
KEYSIZE=${1:-4096}
|
||||
# optional domain names
|
||||
DOMAINS=${2:-}
|
||||
|
||||
if [[ -z ${DOMAINS} ]]
|
||||
then
|
||||
# getting domains FROM mail accounts
|
||||
if [[ -f /tmp/docker-mailserver/postfix-accounts.cf ]]
|
||||
then
|
||||
# shellcheck disable=SC2034
|
||||
while IFS=$'|' read -r LOGIN PASS
|
||||
do
|
||||
DOMAIN=$(echo "${LOGIN}" | cut -d @ -f2)
|
||||
echo "${DOMAIN}" >>/tmp/vhost.tmp
|
||||
done < <(grep -v "^\s*$\|^\s*\#" /tmp/docker-mailserver/postfix-accounts.cf || true)
|
||||
fi
|
||||
|
||||
# getting domains FROM mail aliases
|
||||
if [[ -f /tmp/docker-mailserver/postfix-virtual.cf ]]
|
||||
then
|
||||
# shellcheck disable=SC2034
|
||||
while read -r FROM TO
|
||||
do
|
||||
UNAME=$(echo "${FROM}" | cut -d @ -f1)
|
||||
DOMAIN=$(echo "${FROM}" | cut -d @ -f2)
|
||||
|
||||
[[ ${UNAME} != "${DOMAIN}" ]] && echo "${DOMAIN}" >>/tmp/vhost.tmp
|
||||
done < <(grep -v "^\s*$\|^\s*\#" /tmp/docker-mailserver/postfix-virtual.cf || true)
|
||||
fi
|
||||
else
|
||||
tr ',' '\n' <<< "${DOMAINS}" > /tmp/vhost.tmp
|
||||
fi
|
||||
|
||||
# keeping unique entries
|
||||
if [[ -f /tmp/vhost.tmp ]]
|
||||
then
|
||||
sort < /tmp/vhost.tmp | uniq >/tmp/vhost && rm /tmp/vhost.tmp
|
||||
fi
|
||||
|
||||
# exit if no entries found
|
||||
if [[ ! -f /tmp/vhost ]]
|
||||
then
|
||||
echo "No entries found, no keys to make"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
while read -r DOMAINNAME
|
||||
do
|
||||
mkdir -p "/tmp/docker-mailserver/opendkim/keys/${DOMAINNAME}"
|
||||
|
||||
if [[ ! -f "/tmp/docker-mailserver/opendkim/keys/${DOMAINNAME}/mail.private" ]]
|
||||
then
|
||||
echo "Creating DKIM private key /tmp/docker-mailserver/opendkim/keys/${DOMAINNAME}/mail.private"
|
||||
|
||||
opendkim-genkey --bits="${KEYSIZE}" --subdomains --DOMAIN="${DOMAINNAME}" --selector=mail -D "/tmp/docker-mailserver/opendkim/keys/${DOMAINNAME}"
|
||||
fi
|
||||
|
||||
# write to KeyTable if necessary
|
||||
KEYTABLEENTRY="mail._domainkey.${DOMAINNAME} ${DOMAINNAME}:mail:/etc/opendkim/keys/${DOMAINNAME}/mail.private"
|
||||
if [[ ! -f "/tmp/docker-mailserver/opendkim/KeyTable" ]]
|
||||
then
|
||||
echo "Creating DKIM KeyTable"
|
||||
echo "${KEYTABLEENTRY}" > /tmp/docker-mailserver/opendkim/KeyTable
|
||||
else
|
||||
if ! grep -q "${KEYTABLEENTRY}" "/tmp/docker-mailserver/opendkim/KeyTable"
|
||||
then
|
||||
echo "${KEYTABLEENTRY}" >>/tmp/docker-mailserver/opendkim/KeyTable
|
||||
fi
|
||||
fi
|
||||
|
||||
# write to SigningTable if necessary
|
||||
SIGNINGTABLEENTRY="*@${DOMAINNAME} mail._domainkey.${DOMAINNAME}"
|
||||
if [[ ! -f /tmp/docker-mailserver/opendkim/SigningTable ]]
|
||||
then
|
||||
echo "Creating DKIM SigningTable"
|
||||
echo "*@${DOMAINNAME} mail._domainkey.${DOMAINNAME}" >/tmp/docker-mailserver/opendkim/SigningTable
|
||||
else
|
||||
if ! grep -q "${SIGNINGTABLEENTRY}" /tmp/docker-mailserver/opendkim/SigningTable
|
||||
then
|
||||
echo "${SIGNINGTABLEENTRY}" >> /tmp/docker-mailserver/opendkim/SigningTable
|
||||
fi
|
||||
fi
|
||||
done < <(grep -vE '^(\s*$|#)' /tmp/vhost)
|
||||
|
||||
# creates TrustedHosts if missing
|
||||
if [[ -d /tmp/docker-mailserver/opendkim ]] && [[ ! -f /tmp/docker-mailserver/opendkim/TrustedHosts ]]
|
||||
then
|
||||
echo "Creating DKIM TrustedHosts"
|
||||
echo "127.0.0.1" >/tmp/docker-mailserver/opendkim/TrustedHosts
|
||||
echo "localhost" >>/tmp/docker-mailserver/opendkim/TrustedHosts
|
||||
fi
|
194
target/bin/open-dkim
Executable file
194
target/bin/open-dkim
Executable file
|
@ -0,0 +1,194 @@
|
|||
#! /bin/bash
|
||||
|
||||
KEYSIZE=4096
|
||||
SELECTOR=mail
|
||||
DOMAINS=
|
||||
|
||||
function __usage
|
||||
{
|
||||
echo -e "\e[35mOPEN-DKIM\e[31m(\e[93m8\e[31m)
|
||||
|
||||
\e[38;5;214mNAME\e[39m
|
||||
open-dkim - configure DomainKeys Identified Mail (DKIM)
|
||||
|
||||
\e[38;5;214mSYNOPSIS\e[39m
|
||||
./setup.sh config dkim [ OPTIONS\e[31m...\e[39m ]
|
||||
|
||||
\e[38;5;214mDESCRIPTION\e[39m
|
||||
Configures DKIM keys. OPTIONS can be used to configure a more complex setup.
|
||||
LDAP setups require these options.
|
||||
|
||||
\e[38;5;214mOPTIONS\e[39m
|
||||
\e[94mGeneric Program Information\e[39m
|
||||
help Print the usage information.
|
||||
|
||||
\e[94mConfiguration adjustments\e[39m
|
||||
keysize Set the size of the keys to be generated. Possible are 1024, 2024 and 4096 (default).
|
||||
selector Set a manual selector (default is 'mail') for the key. (\e[96mATTENTION\e[39m: NOT IMPLEMENTED YET!)
|
||||
domains Provide the domains for which keys are to be generated.
|
||||
|
||||
\e[38;5;214mEXAMPLES\e[39m
|
||||
\e[37m./setup.sh config dkim size 2048\e[39m
|
||||
Creates keys of length 2048 bit in a default setup where domains are obtained from
|
||||
your accounts.
|
||||
|
||||
\e[37m./setup.sh config dkim size 2048 selector 2021-dkim\e[39m
|
||||
Creates keys of length 2048 bit in a default setup where domains are obtained from
|
||||
your accounts. The DKIM selector used is '2021-dkim'.
|
||||
|
||||
\e[37m./setup.sh config dkim size 2048 selector 2021-dkim domain 'whoami.com,whoareyou.org'\e[39m
|
||||
Appropriate for an LDAP setup. Creates keys of length 2048 bit in a default setup
|
||||
where domains are obtained from your accounts. The DKIM selector used is '2021-dkim'.
|
||||
The domains for which DKIM keys are generated are 'whoami.com' and 'whoareyou.org'.
|
||||
|
||||
\e[38;5;214mEXIT STATUS\e[39m
|
||||
Exit status is 0 if command was successful. If wrong arguments are provided or arguments contain
|
||||
errors, the script will exit early with exit status 2.
|
||||
"
|
||||
}
|
||||
|
||||
if [[ ${1:-} == 'help' ]]
|
||||
then
|
||||
__usage
|
||||
exit 0
|
||||
fi
|
||||
|
||||
while [[ ${#} -gt 0 ]]
|
||||
do
|
||||
case ${1} in
|
||||
keysize )
|
||||
if [[ -n ${2+'set'} ]]
|
||||
then
|
||||
KEYSIZE="${2}"
|
||||
shift
|
||||
shift
|
||||
else
|
||||
echo "No keysize provided after 'size' argument. Aborting." >&2
|
||||
exit 2
|
||||
fi
|
||||
;;
|
||||
|
||||
selector )
|
||||
if [[ -n ${2+'set'} ]]
|
||||
then
|
||||
# shellcheck disable=SC2034
|
||||
SELECTOR="${2}"
|
||||
shift
|
||||
shift
|
||||
else
|
||||
echo "No selector provided after 'selector' argument. Aborting." >&2
|
||||
exit 2
|
||||
fi
|
||||
;;
|
||||
|
||||
domain )
|
||||
if [[ -n ${2+'set'} ]]
|
||||
then
|
||||
DOMAINS="${2}"
|
||||
break
|
||||
break
|
||||
else
|
||||
echo "No domain(s) provided after 'domain' argument. Aborting." >&2
|
||||
exit 2
|
||||
fi
|
||||
;;
|
||||
|
||||
* )
|
||||
__usage
|
||||
echo -e "\nUnknown options ${1} ${2:-}. Aborting." >&2
|
||||
exit 2
|
||||
;;
|
||||
|
||||
esac
|
||||
done
|
||||
|
||||
touch /tmp/vhost.dkim.tmp
|
||||
|
||||
if [[ -z ${DOMAINS} ]]
|
||||
then
|
||||
# getting domains FROM mail accounts
|
||||
if [[ -f /tmp/docker-mailserver/postfix-accounts.cf ]]
|
||||
then
|
||||
# shellcheck disable=SC2034
|
||||
while IFS=$'|' read -r LOGIN PASS
|
||||
do
|
||||
DOMAIN=$(echo "${LOGIN}" | cut -d @ -f2)
|
||||
echo "${DOMAIN}" >>/tmp/vhost.dkim.tmp
|
||||
done < <(grep -v "^\s*$\|^\s*\#" /tmp/docker-mailserver/postfix-accounts.cf || true)
|
||||
fi
|
||||
|
||||
# getting domains FROM mail aliases
|
||||
if [[ -f /tmp/docker-mailserver/postfix-virtual.cf ]]
|
||||
then
|
||||
# shellcheck disable=SC2034
|
||||
while read -r FROM TO
|
||||
do
|
||||
UNAME=$(echo "${FROM}" | cut -d @ -f1)
|
||||
DOMAIN=$(echo "${FROM}" | cut -d @ -f2)
|
||||
|
||||
[[ ${UNAME} != "${DOMAIN}" ]] && echo "${DOMAIN}" >>/tmp/vhost.dkim.tmp
|
||||
done < <(grep -v "^\s*$\|^\s*\#" /tmp/docker-mailserver/postfix-virtual.cf || true)
|
||||
fi
|
||||
else
|
||||
tr ',' '\n' <<< "${DOMAINS}" > /tmp/vhost.dkim.tmp
|
||||
fi
|
||||
|
||||
sort < /tmp/vhost.dkim.tmp | uniq >/tmp/vhost
|
||||
rm /tmp/vhost.dkim.tmp
|
||||
|
||||
if [[ ! -s /tmp/vhost ]]
|
||||
then
|
||||
echo "No entries found, no keys to make."
|
||||
exit 0
|
||||
fi
|
||||
|
||||
while read -r DOMAINNAME
|
||||
do
|
||||
mkdir -p "/tmp/docker-mailserver/opendkim/keys/${DOMAINNAME}"
|
||||
|
||||
if [[ ! -f "/tmp/docker-mailserver/opendkim/keys/${DOMAINNAME}/mail.private" ]]
|
||||
then
|
||||
echo "Creating DKIM private key /tmp/docker-mailserver/opendkim/keys/${DOMAINNAME}/mail.private"
|
||||
|
||||
opendkim-genkey \
|
||||
--bits="${KEYSIZE}" \
|
||||
--subdomains \
|
||||
--DOMAIN="${DOMAINNAME}" \
|
||||
--selector=mail \
|
||||
-D "/tmp/docker-mailserver/opendkim/keys/${DOMAINNAME}"
|
||||
fi
|
||||
|
||||
# write to KeyTable if necessary
|
||||
KEYTABLEENTRY="mail._domainkey.${DOMAINNAME} ${DOMAINNAME}:mail:/etc/opendkim/keys/${DOMAINNAME}/mail.private"
|
||||
if [[ ! -f "/tmp/docker-mailserver/opendkim/KeyTable" ]]
|
||||
then
|
||||
echo "Creating DKIM KeyTable"
|
||||
echo "${KEYTABLEENTRY}" >/tmp/docker-mailserver/opendkim/KeyTable
|
||||
else
|
||||
if ! grep -q "${KEYTABLEENTRY}" "/tmp/docker-mailserver/opendkim/KeyTable"
|
||||
then
|
||||
echo "${KEYTABLEENTRY}" >>/tmp/docker-mailserver/opendkim/KeyTable
|
||||
fi
|
||||
fi
|
||||
|
||||
# write to SigningTable if necessary
|
||||
SIGNINGTABLEENTRY="*@${DOMAINNAME} mail._domainkey.${DOMAINNAME}"
|
||||
if [[ ! -f /tmp/docker-mailserver/opendkim/SigningTable ]]
|
||||
then
|
||||
echo "Creating DKIM SigningTable"
|
||||
echo "*@${DOMAINNAME} mail._domainkey.${DOMAINNAME}" >/tmp/docker-mailserver/opendkim/SigningTable
|
||||
else
|
||||
if ! grep -q "${SIGNINGTABLEENTRY}" /tmp/docker-mailserver/opendkim/SigningTable
|
||||
then
|
||||
echo "${SIGNINGTABLEENTRY}" >>/tmp/docker-mailserver/opendkim/SigningTable
|
||||
fi
|
||||
fi
|
||||
done < <(grep -vE '^(\s*$|#)' /tmp/vhost)
|
||||
|
||||
# create TrustedHosts if missing
|
||||
if [[ -d /tmp/docker-mailserver/opendkim ]] && [[ ! -f /tmp/docker-mailserver/opendkim/TrustedHosts ]]
|
||||
then
|
||||
echo "Creating DKIM TrustedHosts"
|
||||
echo "127.0.0.1" >/tmp/docker-mailserver/opendkim/TrustedHosts
|
||||
echo "localhost" >>/tmp/docker-mailserver/opendkim/TrustedHosts
|
||||
fi
|
|
@ -15,7 +15,7 @@ function setup() {
|
|||
}
|
||||
|
||||
function teardown() {
|
||||
docker rm -f mail_with_default_relay
|
||||
docker rm -f mail_with_default_relay
|
||||
}
|
||||
|
||||
#
|
||||
|
|
380
test/open_dkim.bats
Normal file
380
test/open_dkim.bats
Normal file
|
@ -0,0 +1,380 @@
|
|||
load 'test_helper/common'
|
||||
|
||||
export IMAGE_NAME CONTAINER_NAME TEST_FILE
|
||||
|
||||
IMAGE_NAME="${NAME:?Image name must be set}"
|
||||
CONTAINER_NAME='open-dkim'
|
||||
TEST_FILE='OpenDKIM :: '
|
||||
|
||||
function setup
|
||||
{
|
||||
run_setup_file_if_necessary
|
||||
}
|
||||
|
||||
# WHY IS THIS CONTAINER EVEN CREATED WHEN MOST TESTS DO NOT USE IT?
|
||||
function setup_file
|
||||
{
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . "${CONTAINER_NAME}")"
|
||||
|
||||
docker run -d \
|
||||
--name "${CONTAINER_NAME}" \
|
||||
--cap-add=SYS_PTRACE \
|
||||
-v "${PRIVATE_CONFIG}":/tmp/docker-mailserver \
|
||||
-v "${CDIR}/test/test-files":/tmp/docker-mailserver-test:ro \
|
||||
-e DEFAULT_RELAY_HOST=default.relay.host.invalid:25 \
|
||||
-e PERMIT_DOCKER=host \
|
||||
-e DMS_DEBUG=0 \
|
||||
-h mail.my-domain.com \
|
||||
-t "${IMAGE_NAME}"
|
||||
|
||||
wait_for_finished_setup_in_container "${CONTAINER_NAME}"
|
||||
}
|
||||
|
||||
function teardown
|
||||
{
|
||||
run_teardown_file_if_necessary
|
||||
}
|
||||
|
||||
function teardown_file
|
||||
{
|
||||
docker rm -f "${CONTAINER_NAME}"
|
||||
}
|
||||
|
||||
# –––––––––––––––––––––––––––––––––––––––––––––––
|
||||
# ––– Actual Tests ––––––––––––––––––––––––––––––
|
||||
# –––––––––––––––––––––––––––––––––––––––––––––––
|
||||
|
||||
@test "${TEST_FILE}/etc/opendkim/KeyTable dummy file generated without keys provided" {
|
||||
docker run --rm -d \
|
||||
--name mail_smtponly_without_config \
|
||||
-e SMTP_ONLY=1 \
|
||||
-e ENABLE_LDAP=1 \
|
||||
-e PERMIT_DOCKER=network \
|
||||
-e OVERRIDE_HOSTNAME=mail.mydomain.com \
|
||||
-t "${IMAGE_NAME}"
|
||||
|
||||
function teardown
|
||||
{
|
||||
docker rm -f mail_smtponly_without_config
|
||||
}
|
||||
|
||||
run repeat_in_container_until_success_or_timeout 15 \
|
||||
mail_smtponly_without_config /bin/bash -c "cat /etc/opendkim/KeyTable"
|
||||
assert_success
|
||||
}
|
||||
|
||||
@test "${TEST_FILE}/etc/opendkim/KeyTable should contain 2 entries" {
|
||||
run docker exec "${CONTAINER_NAME}" /bin/bash -c "cat /etc/opendkim/KeyTable | wc -l"
|
||||
assert_success
|
||||
assert_output 2
|
||||
}
|
||||
|
||||
# TODO piping ls into grep ...
|
||||
@test "${TEST_FILE}/etc/opendkim/keys/ should contain 2 entries" {
|
||||
run docker exec "${CONTAINER_NAME}" /bin/bash -c "ls -l /etc/opendkim/keys/ | grep '^d' | wc -l"
|
||||
assert_success
|
||||
assert_output 2
|
||||
}
|
||||
|
||||
@test "${TEST_FILE}/etc/opendkim.conf contains nameservers copied from /etc/resolv.conf" {
|
||||
run docker exec "${CONTAINER_NAME}" /bin/bash -c \
|
||||
"grep -E '^Nameservers ((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)' \
|
||||
/etc/opendkim.conf"
|
||||
assert_success
|
||||
}
|
||||
|
||||
# this set of tests is of low quality. WHAT? <- DELETE AFTER REWRITE
|
||||
# It does not test the RSA-Key size properly via openssl or similar WHAT??? <- DELETE AFTER REWRITE
|
||||
# Instead it tests the file-size (here 861) - which may differ with a different domain names WWHHHHHHAAAT??? <- DELETE AFTER REWRITE
|
||||
|
||||
# TODO Needs complete re-write
|
||||
@test "${TEST_FILE}generator creates default keys size" {
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . mail_default_key_size)"
|
||||
|
||||
# Prepare default key size 4096
|
||||
rm -rf "${PRIVATE_CONFIG}/keyDefault"
|
||||
mkdir -p "${PRIVATE_CONFIG}/keyDefault"
|
||||
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/keyDefault/":/tmp/docker-mailserver/ \
|
||||
-v "${PRIVATE_CONFIG}/postfix-accounts.cf":/tmp/docker-mailserver/postfix-accounts.cf \
|
||||
-v "${PRIVATE_CONFIG}/postfix-virtual.cf":/tmp/docker-mailserver/postfix-virtual.cf \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'open-dkim | wc -l'
|
||||
|
||||
assert_success
|
||||
assert_output 6
|
||||
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/keyDefault/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" \
|
||||
/bin/bash -c 'stat -c%s /etc/opendkim/keys/localhost.localdomain/mail.txt'
|
||||
|
||||
assert_success
|
||||
assert_output 861
|
||||
}
|
||||
|
||||
# this set of tests is of low quality. It does not test the RSA-Key size properly via openssl or similar <- DELETE AFTER REWRITE
|
||||
# Instead it tests the file-size (here 861) - which may differ with a different domain names <- DELETE AFTER REWRITE
|
||||
|
||||
# TODO Needs complete re-write
|
||||
@test "${TEST_FILE}generator creates key size 4096" {
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . mail_key_size_4096)"
|
||||
|
||||
rm -rf "${PRIVATE_CONFIG}/key4096"
|
||||
mkdir -p "${PRIVATE_CONFIG}/config/key4096"
|
||||
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/key2048/":/tmp/docker-mailserver/ \
|
||||
-v "${PRIVATE_CONFIG}/postfix-accounts.cf":/tmp/docker-mailserver/postfix-accounts.cf \
|
||||
-v "${PRIVATE_CONFIG}/postfix-virtual.cf":/tmp/docker-mailserver/postfix-virtual.cf \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'open-dkim keysize 4096 | wc -l'
|
||||
assert_success
|
||||
assert_output 6
|
||||
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/key2048/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" \
|
||||
/bin/bash -c 'stat -c%s /etc/opendkim/keys/localhost.localdomain/mail.txt'
|
||||
|
||||
assert_success
|
||||
assert_output 861
|
||||
}
|
||||
|
||||
# Instead it tests the file-size (here 511) - which may differ with a different domain names <- DELETE AFTER REWRITE
|
||||
# This test may be re-used as a global test to provide better test coverage. <- DELETE AFTER REWRITE
|
||||
|
||||
# TODO Needs complete re-write
|
||||
@test "${TEST_FILE}generator creates key size 2048" {
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . mail_key_size_2048)"
|
||||
|
||||
rm -rf "${PRIVATE_CONFIG}/key2048"
|
||||
mkdir -p "${PRIVATE_CONFIG}/config/key2048"
|
||||
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/key2048/":/tmp/docker-mailserver/ \
|
||||
-v "${PRIVATE_CONFIG}/postfix-accounts.cf":/tmp/docker-mailserver/postfix-accounts.cf \
|
||||
-v "${PRIVATE_CONFIG}/postfix-virtual.cf":/tmp/docker-mailserver/postfix-virtual.cf \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'open-dkim keysize 2048 | wc -l'
|
||||
assert_success
|
||||
assert_output 6
|
||||
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/key2048/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" \
|
||||
/bin/bash -c 'stat -c%s /etc/opendkim/keys/localhost.localdomain/mail.txt'
|
||||
|
||||
assert_success
|
||||
assert_output 511
|
||||
}
|
||||
|
||||
# this set of tests is of low quality. It does not test the RSA-Key size properly via openssl or similar <- DELETE AFTER REWRITE
|
||||
# Instead it tests the file-size (here 329) - which may differ with a different domain names <- DELETE AFTER REWRITE
|
||||
|
||||
# TODO Needs complete re-write
|
||||
@test "${TEST_FILE}generator creates key size 1024" {
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . mail_key_size_1024)"
|
||||
|
||||
rm -rf "${PRIVATE_CONFIG}/key1024"
|
||||
mkdir -p "${PRIVATE_CONFIG}/key1024"
|
||||
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/key1024/":/tmp/docker-mailserver/ \
|
||||
-v "${PRIVATE_CONFIG}/postfix-accounts.cf":/tmp/docker-mailserver/postfix-accounts.cf \
|
||||
-v "${PRIVATE_CONFIG}/postfix-virtual.cf":/tmp/docker-mailserver/postfix-virtual.cf \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'open-dkim keysize 1024 | wc -l'
|
||||
assert_success
|
||||
assert_output 6
|
||||
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/key1024/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" \
|
||||
/bin/bash -c 'stat -c%s /etc/opendkim/keys/localhost.localdomain/mail.txt'
|
||||
|
||||
assert_success
|
||||
assert_output 329
|
||||
}
|
||||
|
||||
@test "${TEST_FILE}generator creates keys, tables and TrustedHosts" {
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . mail_dkim_generator_creates_keys_tables_TrustedHosts)"
|
||||
rm -rf "${PRIVATE_CONFIG}/empty"
|
||||
mkdir -p "${PRIVATE_CONFIG}/empty"
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/empty/":/tmp/docker-mailserver/ \
|
||||
-v "${PRIVATE_CONFIG}/postfix-accounts.cf":/tmp/docker-mailserver/postfix-accounts.cf \
|
||||
-v "${PRIVATE_CONFIG}/postfix-virtual.cf":/tmp/docker-mailserver/postfix-virtual.cf \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'open-dkim | wc -l'
|
||||
assert_success
|
||||
assert_output 6
|
||||
|
||||
# check keys for localhost.localdomain
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/empty/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'ls -1 /etc/opendkim/keys/localhost.localdomain/ | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
|
||||
# check keys for otherdomain.tld
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/empty/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'ls -1 /etc/opendkim/keys/otherdomain.tld | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
|
||||
# check presence of tables and TrustedHosts
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/empty/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" /bin/bash -c "ls -1 /etc/opendkim | grep -E 'KeyTable|SigningTable|TrustedHosts|keys'|wc -l"
|
||||
assert_success
|
||||
assert_output 4
|
||||
}
|
||||
|
||||
@test "${TEST_FILE}generator creates keys, tables and TrustedHosts without postfix-accounts.cf" {
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . )"
|
||||
rm -rf "${PRIVATE_CONFIG}/without-accounts"
|
||||
mkdir -p "${PRIVATE_CONFIG}/without-accounts"
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/without-accounts/":/tmp/docker-mailserver/ \
|
||||
-v "${PRIVATE_CONFIG}/postfix-virtual.cf":/tmp/docker-mailserver/postfix-virtual.cf \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'open-dkim | wc -l'
|
||||
assert_success
|
||||
assert_output 5
|
||||
|
||||
# check keys for localhost.localdomain
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/without-accounts/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'ls -1 /etc/opendkim/keys/localhost.localdomain/ | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
|
||||
# check keys for otherdomain.tld
|
||||
# run docker run --rm \
|
||||
# -v "${PRIVATE_CONFIG}/without-accounts/opendkim":/etc/opendkim \
|
||||
# "${IMAGE_NAME}" /bin/bash -c 'ls -1 /etc/opendkim/keys/otherdomain.tld | wc -l'
|
||||
# assert_success
|
||||
# [ "${output}" -eq 0 ]
|
||||
# check presence of tables and TrustedHosts
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/without-accounts/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" /bin/bash -c "ls -1 /etc/opendkim | grep -E 'KeyTable|SigningTable|TrustedHosts|keys'|wc -l"
|
||||
assert_success
|
||||
assert_output 4
|
||||
}
|
||||
|
||||
@test "${TEST_FILE}generator creates keys, tables and TrustedHosts without postfix-virtual.cf" {
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . "${BATS_TEST_NAME}")"
|
||||
rm -rf "${PRIVATE_CONFIG}/without-virtual"
|
||||
mkdir -p "${PRIVATE_CONFIG}/without-virtual"
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/without-virtual/":/tmp/docker-mailserver/ \
|
||||
-v "${PRIVATE_CONFIG}/postfix-accounts.cf":/tmp/docker-mailserver/postfix-accounts.cf \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'open-dkim | wc -l'
|
||||
assert_success
|
||||
assert_output 5
|
||||
|
||||
# check keys for localhost.localdomain
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/without-virtual/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'ls -1 /etc/opendkim/keys/localhost.localdomain/ | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
|
||||
# check keys for otherdomain.tld
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/without-virtual/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'ls -1 /etc/opendkim/keys/otherdomain.tld | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
|
||||
# check presence of tables and TrustedHosts
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/without-virtual/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" /bin/bash -c "ls -1 /etc/opendkim | grep -E 'KeyTable|SigningTable|TrustedHosts|keys'|wc -l"
|
||||
assert_success
|
||||
assert_output 4
|
||||
}
|
||||
|
||||
@test "${TEST_FILE}generator creates keys, tables and TrustedHosts using manual provided domain name" {
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . "${BATS_TEST_NAME}")"
|
||||
rm -rf "${PRIVATE_CONFIG}/with-domain" && mkdir -p "${PRIVATE_CONFIG}/with-domain"
|
||||
|
||||
# generate first key
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/":/tmp/docker-mailserver/ \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'open-dkim keysize 2048 domain domain1.tld | wc -l'
|
||||
assert_success
|
||||
assert_output 4
|
||||
|
||||
# generate two additional keys different to the previous one
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/":/tmp/docker-mailserver/ \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'open-dkim keysize 2048 domain "domain2.tld,domain3.tld" | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
|
||||
# generate an additional key whilst providing already existing domains
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/":/tmp/docker-mailserver/ \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'open-dkim keysize 2048 domain "domain3.tld,domain4.tld" | wc -l'
|
||||
assert_success
|
||||
assert_output 1
|
||||
|
||||
# check keys for domain1.tld
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'ls -1 /etc/opendkim/keys/domain1.tld/ | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
|
||||
# check keys for domain2.tld
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'ls -1 /etc/opendkim/keys/domain2.tld | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
|
||||
# check keys for domain3.tld
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'ls -1 /etc/opendkim/keys/domain3.tld | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
|
||||
# check keys for domain4.tld
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" /bin/bash -c 'ls -1 /etc/opendkim/keys/domain4.tld | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
|
||||
# check presence of tables and TrustedHosts
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" /bin/bash -c "ls -1 /etc/opendkim | grep -E 'KeyTable|SigningTable|TrustedHosts|keys' | wc -l"
|
||||
assert_success
|
||||
assert_output 4
|
||||
|
||||
# check valid entries actually present in KeyTable
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" /bin/bash -c \
|
||||
"egrep 'domain1.tld|domain2.tld|domain3.tld|domain4.tld' /etc/opendkim/KeyTable | wc -l"
|
||||
assert_success
|
||||
assert_output 4
|
||||
|
||||
# check valid entries actually present in SigningTable
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME}" /bin/bash -c \
|
||||
"egrep 'domain1.tld|domain2.tld|domain3.tld|domain4.tld' /etc/opendkim/SigningTable | wc -l"
|
||||
assert_success
|
||||
assert_output 4
|
||||
}
|
349
test/tests.bats
349
test/tests.bats
|
@ -431,310 +431,6 @@ EOF
|
|||
assert_success
|
||||
}
|
||||
|
||||
#
|
||||
# opendkim
|
||||
#
|
||||
|
||||
@test "checking opendkim: /etc/opendkim/KeyTable should contain 2 entries" {
|
||||
run docker exec mail /bin/sh -c "cat /etc/opendkim/KeyTable | wc -l"
|
||||
assert_success
|
||||
assert_output 2
|
||||
}
|
||||
|
||||
@test "checking opendkim: /etc/opendkim/KeyTable dummy file generated without keys provided" {
|
||||
docker run --rm -d --name mail_smtponly_without_config \
|
||||
-e SMTP_ONLY=1 \
|
||||
-e ENABLE_LDAP=1 \
|
||||
-e PERMIT_DOCKER=network \
|
||||
-e OVERRIDE_HOSTNAME=mail.mydomain.com \
|
||||
-t "${NAME}"
|
||||
|
||||
teardown() { docker rm -f mail_smtponly_without_config; }
|
||||
|
||||
run repeat_in_container_until_success_or_timeout 15 mail_smtponly_without_config /bin/bash -c "cat /etc/opendkim/KeyTable"
|
||||
assert_success
|
||||
}
|
||||
|
||||
|
||||
@test "checking opendkim: /etc/opendkim/keys/ should contain 2 entries" {
|
||||
run docker exec mail /bin/sh -c "ls -l /etc/opendkim/keys/ | grep '^d' | wc -l"
|
||||
assert_success
|
||||
assert_output 2
|
||||
}
|
||||
|
||||
@test "checking opendkim: /etc/opendkim.conf contains nameservers copied from /etc/resolv.conf" {
|
||||
run docker exec mail /bin/bash -c "grep -E '^Nameservers ((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)' /etc/opendkim.conf"
|
||||
assert_success
|
||||
}
|
||||
|
||||
|
||||
# this set of tests is of low quality. It does not test the RSA-Key size properly via openssl or similar
|
||||
# Instead it tests the file-size (here 861) - which may differ with a different domain names
|
||||
# This test may be re-used as a global test to provide better test coverage.
|
||||
@test "checking opendkim: generator creates default keys size" {
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . mail_default_key_size)"
|
||||
# Prepare default key size 4096
|
||||
rm -rf "${PRIVATE_CONFIG}/keyDefault"
|
||||
mkdir -p "${PRIVATE_CONFIG}/keyDefault"
|
||||
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/keyDefault/":/tmp/docker-mailserver/ \
|
||||
-v "${PRIVATE_CONFIG}/postfix-accounts.cf":/tmp/docker-mailserver/postfix-accounts.cf \
|
||||
-v "${PRIVATE_CONFIG}/postfix-virtual.cf":/tmp/docker-mailserver/postfix-virtual.cf \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'generate-dkim-config | wc -l'
|
||||
assert_success
|
||||
assert_output 6
|
||||
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/keyDefault/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" \
|
||||
/bin/sh -c 'stat -c%s /etc/opendkim/keys/localhost.localdomain/mail.txt'
|
||||
|
||||
assert_success
|
||||
assert_output 861
|
||||
}
|
||||
|
||||
# this set of tests is of low quality. It does not test the RSA-Key size properly via openssl or similar
|
||||
# this set of tests is of low quality. It does not test the RSA-Key size properly via openssl or similar
|
||||
# Instead it tests the file-size (here 861) - which may differ with a different domain names
|
||||
# This test may be re-used as a global test to provide better test coverage.
|
||||
@test "checking opendkim: generator creates key size 4096" {
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . mail_key_size_4096)"
|
||||
# Prepare set key size 4096
|
||||
rm -rf "${PRIVATE_CONFIG}/key4096"
|
||||
mkdir -p "${PRIVATE_CONFIG}/config/key4096"
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/key2048/":/tmp/docker-mailserver/ \
|
||||
-v "${PRIVATE_CONFIG}/postfix-accounts.cf":/tmp/docker-mailserver/postfix-accounts.cf \
|
||||
-v "${PRIVATE_CONFIG}/postfix-virtual.cf":/tmp/docker-mailserver/postfix-virtual.cf \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'generate-dkim-config 4096 | wc -l'
|
||||
assert_success
|
||||
assert_output 6
|
||||
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/key2048/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" \
|
||||
/bin/sh -c 'stat -c%s /etc/opendkim/keys/localhost.localdomain/mail.txt'
|
||||
|
||||
assert_success
|
||||
assert_output 861
|
||||
}
|
||||
|
||||
# Instead it tests the file-size (here 511) - which may differ with a different domain names
|
||||
# This test may be re-used as a global test to provide better test coverage.
|
||||
@test "checking opendkim: generator creates key size 2048" {
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . mail_key_size_2048)"
|
||||
# Prepare set key size 2048
|
||||
rm -rf "${PRIVATE_CONFIG}/key2048"
|
||||
mkdir -p "${PRIVATE_CONFIG}/config/key2048"
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/key2048/":/tmp/docker-mailserver/ \
|
||||
-v "${PRIVATE_CONFIG}/postfix-accounts.cf":/tmp/docker-mailserver/postfix-accounts.cf \
|
||||
-v "${PRIVATE_CONFIG}/postfix-virtual.cf":/tmp/docker-mailserver/postfix-virtual.cf \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'generate-dkim-config 2048 | wc -l'
|
||||
assert_success
|
||||
assert_output 6
|
||||
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/key2048/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" \
|
||||
/bin/sh -c 'stat -c%s /etc/opendkim/keys/localhost.localdomain/mail.txt'
|
||||
|
||||
assert_success
|
||||
assert_output 511
|
||||
}
|
||||
|
||||
# this set of tests is of low quality. It does not test the RSA-Key size properly via openssl or similar
|
||||
# Instead it tests the file-size (here 329) - which may differ with a different domain names
|
||||
# This test may be re-used as a global test to provide better test coverage.
|
||||
@test "checking opendkim: generator creates key size 1024" {
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . mail_key_size_1024)"
|
||||
# Prepare set key size 1024
|
||||
rm -rf "${PRIVATE_CONFIG}/key1024"
|
||||
mkdir -p "${PRIVATE_CONFIG}/key1024"
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/key1024/":/tmp/docker-mailserver/ \
|
||||
-v "${PRIVATE_CONFIG}/postfix-accounts.cf":/tmp/docker-mailserver/postfix-accounts.cf \
|
||||
-v "${PRIVATE_CONFIG}/postfix-virtual.cf":/tmp/docker-mailserver/postfix-virtual.cf \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'generate-dkim-config 1024 | wc -l'
|
||||
assert_success
|
||||
assert_output 6
|
||||
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/key1024/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" \
|
||||
/bin/sh -c 'stat -c%s /etc/opendkim/keys/localhost.localdomain/mail.txt'
|
||||
|
||||
assert_success
|
||||
assert_output 329
|
||||
}
|
||||
|
||||
@test "checking opendkim: generator creates keys, tables and TrustedHosts" {
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . mail_dkim_generator_creates_keys_tables_TrustedHosts)"
|
||||
rm -rf "${PRIVATE_CONFIG}/empty"
|
||||
mkdir -p "${PRIVATE_CONFIG}/empty"
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/empty/":/tmp/docker-mailserver/ \
|
||||
-v "${PRIVATE_CONFIG}/postfix-accounts.cf":/tmp/docker-mailserver/postfix-accounts.cf \
|
||||
-v "${PRIVATE_CONFIG}/postfix-virtual.cf":/tmp/docker-mailserver/postfix-virtual.cf \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'generate-dkim-config | wc -l'
|
||||
assert_success
|
||||
assert_output 6
|
||||
# Check keys for localhost.localdomain
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/empty/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'ls -1 /etc/opendkim/keys/localhost.localdomain/ | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
# Check keys for otherdomain.tld
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/empty/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'ls -1 /etc/opendkim/keys/otherdomain.tld | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
# Check presence of tables and TrustedHosts
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/empty/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c "ls -1 /etc/opendkim | grep -E 'KeyTable|SigningTable|TrustedHosts|keys'|wc -l"
|
||||
assert_success
|
||||
assert_output 4
|
||||
}
|
||||
|
||||
@test "checking opendkim: generator creates keys, tables and TrustedHosts without postfix-accounts.cf" {
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . )"
|
||||
rm -rf "${PRIVATE_CONFIG}/without-accounts"
|
||||
mkdir -p "${PRIVATE_CONFIG}/without-accounts"
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/without-accounts/":/tmp/docker-mailserver/ \
|
||||
-v "${PRIVATE_CONFIG}/postfix-virtual.cf":/tmp/docker-mailserver/postfix-virtual.cf \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'generate-dkim-config | wc -l'
|
||||
assert_success
|
||||
assert_output 5
|
||||
# Check keys for localhost.localdomain
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/without-accounts/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'ls -1 /etc/opendkim/keys/localhost.localdomain/ | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
# Check keys for otherdomain.tld
|
||||
# run docker run --rm \
|
||||
# -v "${PRIVATE_CONFIG}/without-accounts/opendkim":/etc/opendkim \
|
||||
# "${IMAGE_NAME:?}" /bin/sh -c 'ls -1 /etc/opendkim/keys/otherdomain.tld | wc -l'
|
||||
# assert_success
|
||||
# [ "${output}" -eq 0 ]
|
||||
# Check presence of tables and TrustedHosts
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/without-accounts/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c "ls -1 /etc/opendkim | grep -E 'KeyTable|SigningTable|TrustedHosts|keys'|wc -l"
|
||||
assert_success
|
||||
assert_output 4
|
||||
}
|
||||
|
||||
@test "checking opendkim: generator creates keys, tables and TrustedHosts without postfix-virtual.cf" {
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . "${BATS_TEST_NAME}")"
|
||||
rm -rf "${PRIVATE_CONFIG}/without-virtual"
|
||||
mkdir -p "${PRIVATE_CONFIG}/without-virtual"
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/without-virtual/":/tmp/docker-mailserver/ \
|
||||
-v "${PRIVATE_CONFIG}/postfix-accounts.cf":/tmp/docker-mailserver/postfix-accounts.cf \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'generate-dkim-config | wc -l'
|
||||
assert_success
|
||||
assert_output 5
|
||||
# Check keys for localhost.localdomain
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/without-virtual/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'ls -1 /etc/opendkim/keys/localhost.localdomain/ | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
# Check keys for otherdomain.tld
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/without-virtual/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'ls -1 /etc/opendkim/keys/otherdomain.tld | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
# Check presence of tables and TrustedHosts
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/without-virtual/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c "ls -1 /etc/opendkim | grep -E 'KeyTable|SigningTable|TrustedHosts|keys'|wc -l"
|
||||
assert_success
|
||||
assert_output 4
|
||||
}
|
||||
|
||||
@test "checking opendkim: generator creates keys, tables and TrustedHosts using manual provided domain name" {
|
||||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container . "${BATS_TEST_NAME}")"
|
||||
rm -rf "${PRIVATE_CONFIG}/with-domain" && mkdir -p "${PRIVATE_CONFIG}/with-domain"
|
||||
# Generate first key
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/":/tmp/docker-mailserver/ \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'generate-dkim-config 2048 domain1.tld| wc -l'
|
||||
assert_success
|
||||
assert_output 4
|
||||
# Generate two additional keys different to the previous one
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/":/tmp/docker-mailserver/ \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'generate-dkim-config 2048 'domain2.tld,domain3.tld' | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
# Generate an additional key whilst providing already existing domains
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/":/tmp/docker-mailserver/ \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'generate-dkim-config 2048 'domain3.tld,domain4.tld' | wc -l'
|
||||
assert_success
|
||||
assert_output 1
|
||||
# Check keys for domain1.tld
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'ls -1 /etc/opendkim/keys/domain1.tld/ | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
# Check keys for domain2.tld
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'ls -1 /etc/opendkim/keys/domain2.tld | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
# Check keys for domain3.tld
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'ls -1 /etc/opendkim/keys/domain3.tld | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
# Check keys for domain4.tld
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c 'ls -1 /etc/opendkim/keys/domain4.tld | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
# Check presence of tables and TrustedHosts
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c "ls -1 /etc/opendkim | grep -E 'KeyTable|SigningTable|TrustedHosts|keys' | wc -l"
|
||||
assert_success
|
||||
assert_output 4
|
||||
# Check valid entries actually present in KeyTable
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c \
|
||||
"egrep 'domain1.tld|domain2.tld|domain3.tld|domain4.tld' /etc/opendkim/KeyTable | wc -l"
|
||||
assert_success
|
||||
assert_output 4
|
||||
# Check valid entries actually present in SigningTable
|
||||
run docker run --rm \
|
||||
-v "${PRIVATE_CONFIG}/with-domain/opendkim":/etc/opendkim \
|
||||
"${IMAGE_NAME:?}" /bin/sh -c \
|
||||
"egrep 'domain1.tld|domain2.tld|domain3.tld|domain4.tld' /etc/opendkim/SigningTable | wc -l"
|
||||
assert_success
|
||||
assert_output 4
|
||||
}
|
||||
|
||||
#
|
||||
# ssl
|
||||
#
|
||||
|
@ -1238,11 +934,10 @@ EOF
|
|||
assert_output "passdb: pass@localhost.localdomain auth succeeded"
|
||||
}
|
||||
|
||||
#
|
||||
# setup.sh
|
||||
#
|
||||
# –––––––––––––––––––––––––––––––––––––––––––––––
|
||||
# ––– setup.sh ––––––––––––––––––––––––––––––––––
|
||||
# –––––––––––––––––––––––––––––––––––––––––––––––
|
||||
|
||||
# CLI interface
|
||||
@test "checking setup.sh: Without arguments: status 1, show help text" {
|
||||
run ./setup.sh
|
||||
assert_failure
|
||||
|
@ -1255,7 +950,6 @@ EOF
|
|||
assert_line --index 1 "Usage: ./setup.sh [-i IMAGE_NAME] [-c CONTAINER_NAME] <subcommand> <subcommand> [args]"
|
||||
}
|
||||
|
||||
# email
|
||||
@test "checking setup.sh: setup.sh email add and login" {
|
||||
wait_for_service mail changedetector
|
||||
assert_success
|
||||
|
@ -1269,9 +963,6 @@ EOF
|
|||
|
||||
wait_for_changes_to_be_detected_in_container mail
|
||||
|
||||
# Dovecot has been restarted, but this test often fails so presumably it may not be ready
|
||||
# Add a short sleep to see if that helps to make the test more stable
|
||||
# Alternatively we could login with a known good user to make sure that the service is up
|
||||
wait_for_service mail postfix
|
||||
wait_for_service mail dovecot
|
||||
sleep 5
|
||||
|
@ -1307,15 +998,16 @@ EOF
|
|||
@test "checking setup.sh: setup.sh email del" {
|
||||
run ./setup.sh -c mail email del -y lorem@impsum.org
|
||||
assert_success
|
||||
#
|
||||
# TODO delmailuser does not work as expected.
|
||||
# Its implementation is not functional, you cannot delete a user data
|
||||
# directory in the running container by running a new docker container
|
||||
# and not mounting the mail folders (persistance is broken).
|
||||
# The add script is only adding the user to account file.
|
||||
#
|
||||
# run docker exec mail ls /var/mail/impsum.org/lorem
|
||||
# assert_failure
|
||||
|
||||
# TODO
|
||||
# delmailuser does not work as expected.
|
||||
# Its implementation is not functional, you cannot delete a user data
|
||||
# directory in the running container by running a new docker container
|
||||
# and not mounting the mail folders (persistance is broken).
|
||||
# The add script is only adding the user to account file.
|
||||
|
||||
# run docker exec mail ls /var/mail/impsum.org/lorem
|
||||
# assert_failure
|
||||
run grep lorem@impsum.org "$(private_config_path mail)/postfix-accounts.cf"
|
||||
assert_failure
|
||||
}
|
||||
|
@ -1347,6 +1039,7 @@ EOF
|
|||
run ./setup.sh -p ./test/alias/config alias list
|
||||
assert_success
|
||||
}
|
||||
|
||||
@test "checking setup.sh: setup.sh alias add" {
|
||||
mkdir -p ./test/alias/config && echo "" > ./test/alias/config/postfix-virtual.cf
|
||||
./setup.sh -p ./test/alias/config alias add alias@example.com target1@forward.com
|
||||
|
@ -1355,6 +1048,7 @@ EOF
|
|||
run /bin/sh -c 'cat ./test/alias/config/postfix-virtual.cf | grep "alias@example.com target1@forward.com,target2@forward.com" | wc -l | grep 1'
|
||||
assert_success
|
||||
}
|
||||
|
||||
@test "checking setup.sh: setup.sh alias del" {
|
||||
# start with a1 -> t1,t2 and a2 -> t1
|
||||
mkdir -p ./test/alias/config && echo -e 'alias1@example.org target1@forward.com,target2@forward.com\nalias2@example.org target1@forward.com' > ./test/alias/config/postfix-virtual.cf
|
||||
|
@ -1433,18 +1127,11 @@ EOF
|
|||
assert_failure
|
||||
}
|
||||
|
||||
|
||||
|
||||
# config
|
||||
@test "checking setup.sh: setup.sh config dkim" {
|
||||
run ./setup.sh -c mail config dkim
|
||||
@test "checking setup.sh: setup.sh dkim help" {
|
||||
run ./setup.sh -c mail dkim help
|
||||
assert_success
|
||||
assert_line --index 1 "Generate DKIM Configuration"
|
||||
}
|
||||
# TODO: To create a test generate-ssl-certificate must be non interactive
|
||||
#@test "checking setup.sh: setup.sh config ssl" {
|
||||
# run ./setup.sh -c mail_ssl config ssl
|
||||
# assert_success
|
||||
#}
|
||||
|
||||
# debug
|
||||
@test "checking setup.sh: setup.sh debug fetchmail" {
|
||||
|
|
Loading…
Reference in a new issue