mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
Change 'function' style (#3364)
This commit is contained in:
parent
cf74127f78
commit
37ca0f9ba9
18
setup.sh
18
setup.sh
|
@ -27,8 +27,7 @@ RESET=$(echo -ne '\e[0m')
|
||||||
set -euEo pipefail
|
set -euEo pipefail
|
||||||
shopt -s inherit_errexit 2>/dev/null || true
|
shopt -s inherit_errexit 2>/dev/null || true
|
||||||
|
|
||||||
function _show_local_usage
|
function _show_local_usage() {
|
||||||
{
|
|
||||||
# shellcheck disable=SC2059
|
# shellcheck disable=SC2059
|
||||||
printf '%s' "${ORANGE}OPTIONS${RESET}
|
printf '%s' "${ORANGE}OPTIONS${RESET}
|
||||||
${LBLUE}Config path, container or image adjustments${RESET}
|
${LBLUE}Config path, container or image adjustments${RESET}
|
||||||
|
@ -69,8 +68,7 @@ function _show_local_usage
|
||||||
"
|
"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _get_absolute_script_directory
|
function _get_absolute_script_directory() {
|
||||||
{
|
|
||||||
if dirname "$(readlink -f "${0}")" &>/dev/null; then
|
if dirname "$(readlink -f "${0}")" &>/dev/null; then
|
||||||
DIR=$(dirname "$(readlink -f "${0}")")
|
DIR=$(dirname "$(readlink -f "${0}")")
|
||||||
elif realpath -e -L "${0}" &>/dev/null; then
|
elif realpath -e -L "${0}" &>/dev/null; then
|
||||||
|
@ -79,8 +77,7 @@ function _get_absolute_script_directory
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _set_default_config_path
|
function _set_default_config_path() {
|
||||||
{
|
|
||||||
if [[ -d "${DIR}/config" ]]; then
|
if [[ -d "${DIR}/config" ]]; then
|
||||||
# legacy path (pre v10.2.0)
|
# legacy path (pre v10.2.0)
|
||||||
DEFAULT_CONFIG_PATH="${DIR}/config"
|
DEFAULT_CONFIG_PATH="${DIR}/config"
|
||||||
|
@ -89,8 +86,7 @@ function _set_default_config_path
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _handle_config_path
|
function _handle_config_path() {
|
||||||
{
|
|
||||||
if [[ -z ${DESIRED_CONFIG_PATH} ]]; then
|
if [[ -z ${DESIRED_CONFIG_PATH} ]]; then
|
||||||
# no desired config path
|
# no desired config path
|
||||||
if [[ -n ${CONTAINER_NAME} ]]; then
|
if [[ -n ${CONTAINER_NAME} ]]; then
|
||||||
|
@ -111,8 +107,7 @@ function _handle_config_path
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _run_in_new_container
|
function _run_in_new_container() {
|
||||||
{
|
|
||||||
# start temporary container with specified image
|
# start temporary container with specified image
|
||||||
if ! ${CRI} history -q "${IMAGE_NAME}" &>/dev/null; then
|
if ! ${CRI} history -q "${IMAGE_NAME}" &>/dev/null; then
|
||||||
echo "Image '${IMAGE_NAME}' not found. Pulling ..."
|
echo "Image '${IMAGE_NAME}' not found. Pulling ..."
|
||||||
|
@ -124,8 +119,7 @@ function _run_in_new_container
|
||||||
"${IMAGE_NAME}" "${@}"
|
"${IMAGE_NAME}" "${@}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
_get_absolute_script_directory
|
_get_absolute_script_directory
|
||||||
_set_default_config_path
|
_set_default_config_path
|
||||||
|
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
_require_n_parameters_or_print_usage 2 "${@}"
|
_require_n_parameters_or_print_usage 2 "${@}"
|
||||||
|
|
||||||
local MAIL_ALIAS="${1}"
|
local MAIL_ALIAS="${1}"
|
||||||
|
@ -14,8 +13,7 @@ function _main
|
||||||
|| _exit_with_error "'${MAIL_ALIAS}' is already an alias for recipient: '${RECIPIENT}'"
|
|| _exit_with_error "'${MAIL_ALIAS}' is already an alias for recipient: '${RECIPIENT}'"
|
||||||
}
|
}
|
||||||
|
|
||||||
function __usage
|
function __usage() {
|
||||||
{
|
|
||||||
printf '%s' "${PURPLE}addalias${RED}(${YELLOW}8${RED})
|
printf '%s' "${PURPLE}addalias${RED}(${YELLOW}8${RED})
|
||||||
|
|
||||||
${ORANGE}USAGE${RESET}
|
${ORANGE}USAGE${RESET}
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
_require_n_parameters_or_print_usage 1 "${@}"
|
_require_n_parameters_or_print_usage 1 "${@}"
|
||||||
|
|
||||||
local MAIL_ACCOUNT="${1}"
|
local MAIL_ACCOUNT="${1}"
|
||||||
|
@ -14,8 +13,7 @@ function _main
|
||||||
_manage_accounts_dovecotmaster_create "${MAIL_ACCOUNT}" "${PASSWD}"
|
_manage_accounts_dovecotmaster_create "${MAIL_ACCOUNT}" "${PASSWD}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function __usage
|
function __usage() {
|
||||||
{
|
|
||||||
printf '%s' "${PURPLE}adddovecotmasteruser${RED}(${YELLOW}8${RED})
|
printf '%s' "${PURPLE}adddovecotmasteruser${RED}(${YELLOW}8${RED})
|
||||||
|
|
||||||
${ORANGE}USAGE${RESET}
|
${ORANGE}USAGE${RESET}
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
_require_n_parameters_or_print_usage 1 "${@}"
|
_require_n_parameters_or_print_usage 1 "${@}"
|
||||||
|
|
||||||
local MAIL_ACCOUNT="${1}"
|
local MAIL_ACCOUNT="${1}"
|
||||||
|
@ -18,8 +17,7 @@ function _main
|
||||||
# where the actual account is created in Dovecot. Expect a delay.
|
# where the actual account is created in Dovecot. Expect a delay.
|
||||||
}
|
}
|
||||||
|
|
||||||
function __usage
|
function __usage() {
|
||||||
{
|
|
||||||
printf '%s' "${PURPLE}addmailuser${RED}(${YELLOW}8${RED})
|
printf '%s' "${PURPLE}addmailuser${RED}(${YELLOW}8${RED})
|
||||||
|
|
||||||
${ORANGE}USAGE${RESET}
|
${ORANGE}USAGE${RESET}
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
_require_n_parameters_or_print_usage 2 "${@}"
|
_require_n_parameters_or_print_usage 2 "${@}"
|
||||||
|
|
||||||
local DOMAIN="${1}"
|
local DOMAIN="${1}"
|
||||||
|
@ -15,8 +14,7 @@ function _main
|
||||||
_add_relayhost
|
_add_relayhost
|
||||||
}
|
}
|
||||||
|
|
||||||
function __usage
|
function __usage() {
|
||||||
{
|
|
||||||
printf '%s' "${PURPLE}addrelayhost${RED}(${YELLOW}8${RED})
|
printf '%s' "${PURPLE}addrelayhost${RED}(${YELLOW}8${RED})
|
||||||
|
|
||||||
${ORANGE}USAGE${RESET}
|
${ORANGE}USAGE${RESET}
|
||||||
|
@ -47,8 +45,7 @@ ${ORANGE}EXIT STATUS${RESET}
|
||||||
"
|
"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _validate_parameters
|
function _validate_parameters() {
|
||||||
{
|
|
||||||
[[ -z ${DOMAIN} ]] && { __usage ; _exit_with_error 'No domain specified' ; }
|
[[ -z ${DOMAIN} ]] && { __usage ; _exit_with_error 'No domain specified' ; }
|
||||||
[[ -z ${HOST} ]] && { __usage ; _exit_with_error 'No relay host specified' ; }
|
[[ -z ${HOST} ]] && { __usage ; _exit_with_error 'No relay host specified' ; }
|
||||||
[[ -z ${PORT} ]] && PORT=25
|
[[ -z ${PORT} ]] && PORT=25
|
||||||
|
@ -56,8 +53,7 @@ function _validate_parameters
|
||||||
|
|
||||||
# Config is for sender dependent relay-host mapping,
|
# Config is for sender dependent relay-host mapping,
|
||||||
# current support restricts senders to domain scope (port is also enforced).
|
# current support restricts senders to domain scope (port is also enforced).
|
||||||
function _add_relayhost
|
function _add_relayhost() {
|
||||||
{
|
|
||||||
local SENDER="@${DOMAIN}"
|
local SENDER="@${DOMAIN}"
|
||||||
local RELAY_HOST_ENTRY="[${HOST}]:${PORT}"
|
local RELAY_HOST_ENTRY="[${HOST}]:${PORT}"
|
||||||
local DATABASE_RELAY='/tmp/docker-mailserver/postfix-relaymap.cf'
|
local DATABASE_RELAY='/tmp/docker-mailserver/postfix-relaymap.cf'
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
_require_n_parameters_or_print_usage 2 "${@}"
|
_require_n_parameters_or_print_usage 2 "${@}"
|
||||||
|
|
||||||
local DOMAIN="${1}"
|
local DOMAIN="${1}"
|
||||||
|
@ -16,8 +15,7 @@ function _main
|
||||||
_add_relayhost_credentials
|
_add_relayhost_credentials
|
||||||
}
|
}
|
||||||
|
|
||||||
function __usage
|
function __usage() {
|
||||||
{
|
|
||||||
printf '%s' "${PURPLE}addsaslpassword${RED}(${YELLOW}8${RED})
|
printf '%s' "${PURPLE}addsaslpassword${RED}(${YELLOW}8${RED})
|
||||||
|
|
||||||
${ORANGE}USAGE${RESET}
|
${ORANGE}USAGE${RESET}
|
||||||
|
@ -46,8 +44,7 @@ ${ORANGE}EXIT STATUS${RESET}
|
||||||
"
|
"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _validate_parameters
|
function _validate_parameters() {
|
||||||
{
|
|
||||||
[[ -z ${DOMAIN} ]] && { __usage ; _exit_with_error 'No domain specified' ; }
|
[[ -z ${DOMAIN} ]] && { __usage ; _exit_with_error 'No domain specified' ; }
|
||||||
[[ -z ${RELAY_ACCOUNT} ]] && { __usage ; _exit_with_error 'No relay account specified' ; }
|
[[ -z ${RELAY_ACCOUNT} ]] && { __usage ; _exit_with_error 'No relay account specified' ; }
|
||||||
_password_request_if_missing
|
_password_request_if_missing
|
||||||
|
@ -58,8 +55,7 @@ function _validate_parameters
|
||||||
#
|
#
|
||||||
# NOTE: This command does not support providing a relay-host
|
# NOTE: This command does not support providing a relay-host
|
||||||
# as the lookup key, it only supports a lookup via sender domain.
|
# as the lookup key, it only supports a lookup via sender domain.
|
||||||
function _add_relayhost_credentials
|
function _add_relayhost_credentials() {
|
||||||
{
|
|
||||||
local SENDER="@${DOMAIN}"
|
local SENDER="@${DOMAIN}"
|
||||||
local RELAY_HOST_ENTRY_AUTH="${RELAY_ACCOUNT}:${PASSWD}"
|
local RELAY_HOST_ENTRY_AUTH="${RELAY_ACCOUNT}:${PASSWD}"
|
||||||
local DATABASE_PASSWD='/tmp/docker-mailserver/postfix-sasl-password.cf'
|
local DATABASE_PASSWD='/tmp/docker-mailserver/postfix-sasl-password.cf'
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
_require_n_parameters_or_print_usage 2 "${@}"
|
_require_n_parameters_or_print_usage 2 "${@}"
|
||||||
|
|
||||||
local MAIL_ALIAS="${1}"
|
local MAIL_ALIAS="${1}"
|
||||||
|
@ -13,8 +12,7 @@ function _main
|
||||||
_manage_virtual_aliases_delete "${MAIL_ALIAS}" "${RECIPIENT}"
|
_manage_virtual_aliases_delete "${MAIL_ALIAS}" "${RECIPIENT}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function __usage
|
function __usage() {
|
||||||
{
|
|
||||||
printf '%s' "${PURPLE}delalias${RED}(${YELLOW}8${RED})
|
printf '%s' "${PURPLE}delalias${RED}(${YELLOW}8${RED})
|
||||||
|
|
||||||
${ORANGE}USAGE${RESET}
|
${ORANGE}USAGE${RESET}
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
_require_n_parameters_or_print_usage 1 "${@}"
|
_require_n_parameters_or_print_usage 1 "${@}"
|
||||||
|
|
||||||
# Actual command to perform:
|
# Actual command to perform:
|
||||||
|
@ -15,8 +14,7 @@ function _main
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
function __usage
|
function __usage() {
|
||||||
{
|
|
||||||
printf '%s' "${PURPLE}deldovecotmasteruser${RED}(${YELLOW}8${RED})
|
printf '%s' "${PURPLE}deldovecotmasteruser${RED}(${YELLOW}8${RED})
|
||||||
|
|
||||||
${ORANGE}USAGE${RESET}
|
${ORANGE}USAGE${RESET}
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
_require_n_parameters_or_print_usage 1 "${@}"
|
_require_n_parameters_or_print_usage 1 "${@}"
|
||||||
|
|
||||||
# Tests expect early exit without error if no DB exists:
|
# Tests expect early exit without error if no DB exists:
|
||||||
|
@ -37,8 +36,7 @@ function _main
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
function __usage
|
function __usage() {
|
||||||
{
|
|
||||||
printf '%s' "${PURPLE}delmailuser${RED}(${YELLOW}8${RED})
|
printf '%s' "${PURPLE}delmailuser${RED}(${YELLOW}8${RED})
|
||||||
|
|
||||||
${ORANGE}USAGE${RESET}
|
${ORANGE}USAGE${RESET}
|
||||||
|
@ -71,8 +69,7 @@ ${ORANGE}EXIT STATUS${RESET}
|
||||||
"
|
"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _parse_options
|
function _parse_options() {
|
||||||
{
|
|
||||||
while getopts ":yY" OPT
|
while getopts ":yY" OPT
|
||||||
do
|
do
|
||||||
case "${OPT}" in
|
case "${OPT}" in
|
||||||
|
@ -89,8 +86,7 @@ function _parse_options
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
function _maildel_request_if_missing
|
function _maildel_request_if_missing() {
|
||||||
{
|
|
||||||
if [[ ${MAILDEL} -eq 0 ]]; then
|
if [[ ${MAILDEL} -eq 0 ]]; then
|
||||||
local MAILDEL_CHOSEN
|
local MAILDEL_CHOSEN
|
||||||
read -r -p "Do you want to delete the mailbox as well (removing all mails)? [Y/n] " MAILDEL_CHOSEN
|
read -r -p "Do you want to delete the mailbox as well (removing all mails)? [Y/n] " MAILDEL_CHOSEN
|
||||||
|
@ -102,8 +98,7 @@ function _maildel_request_if_missing
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _remove_maildir
|
function _remove_maildir() {
|
||||||
{
|
|
||||||
local MAIL_ACCOUNT=${1}
|
local MAIL_ACCOUNT=${1}
|
||||||
|
|
||||||
local LOCAL_PART="${MAIL_ACCOUNT%@*}"
|
local LOCAL_PART="${MAIL_ACCOUNT%@*}"
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
_require_n_parameters_or_print_usage 1 "${@}"
|
_require_n_parameters_or_print_usage 1 "${@}"
|
||||||
|
|
||||||
local MAIL_ACCOUNT="${1}"
|
local MAIL_ACCOUNT="${1}"
|
||||||
|
@ -13,8 +12,7 @@ function _main
|
||||||
_manage_dovecot_quota_delete "${MAIL_ACCOUNT}"
|
_manage_dovecot_quota_delete "${MAIL_ACCOUNT}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function __usage
|
function __usage() {
|
||||||
{
|
|
||||||
printf '%s' "${PURPLE}delquota${RED}(${YELLOW}8${RED})
|
printf '%s' "${PURPLE}delquota${RED}(${YELLOW}8${RED})
|
||||||
|
|
||||||
${ORANGE}USAGE${RESET}
|
${ORANGE}USAGE${RESET}
|
||||||
|
@ -37,8 +35,7 @@ ${ORANGE}EXIT STATUS${RESET}
|
||||||
"
|
"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _validate_parameters
|
function _validate_parameters() {
|
||||||
{
|
|
||||||
_arg_expect_mail_account
|
_arg_expect_mail_account
|
||||||
_account_should_already_exist
|
_account_should_already_exist
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
_require_n_parameters_or_print_usage 1 "${@}"
|
_require_n_parameters_or_print_usage 1 "${@}"
|
||||||
|
|
||||||
local DOMAIN="${1}"
|
local DOMAIN="${1}"
|
||||||
|
@ -12,8 +11,7 @@ function _main
|
||||||
_exclude_domain_from_relayhosts
|
_exclude_domain_from_relayhosts
|
||||||
}
|
}
|
||||||
|
|
||||||
function __usage
|
function __usage() {
|
||||||
{
|
|
||||||
printf '%s' "${PURPLE}excluderelayhost${RED}(${YELLOW}8${RED})
|
printf '%s' "${PURPLE}excluderelayhost${RED}(${YELLOW}8${RED})
|
||||||
|
|
||||||
${ORANGE}USAGE${RESET}
|
${ORANGE}USAGE${RESET}
|
||||||
|
@ -44,8 +42,7 @@ ${ORANGE}EXIT STATUS${RESET}
|
||||||
|
|
||||||
# Config is for sender dependent relay-host mapping,
|
# Config is for sender dependent relay-host mapping,
|
||||||
# excludes appending a sender from the real generated mapping in `helpers/relay.sh`.
|
# excludes appending a sender from the real generated mapping in `helpers/relay.sh`.
|
||||||
function _exclude_domain_from_relayhosts
|
function _exclude_domain_from_relayhosts() {
|
||||||
{
|
|
||||||
local SENDER="@${DOMAIN}"
|
local SENDER="@${DOMAIN}"
|
||||||
local DATABASE_RELAY='/tmp/docker-mailserver/postfix-relaymap.cf'
|
local DATABASE_RELAY='/tmp/docker-mailserver/postfix-relaymap.cf'
|
||||||
|
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function __usage
|
function __usage() {
|
||||||
{
|
|
||||||
echo "Usage: ./setup.sh fail2ban [<ban|unban> <IP>]"
|
echo "Usage: ./setup.sh fail2ban [<ban|unban> <IP>]"
|
||||||
echo " ./setup.sh fail2ban log"
|
echo " ./setup.sh fail2ban log"
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,14 +3,12 @@
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
local DATABASE_VIRTUAL='/tmp/docker-mailserver/postfix-virtual.cf'
|
local DATABASE_VIRTUAL='/tmp/docker-mailserver/postfix-virtual.cf'
|
||||||
_list_entries "${DATABASE_VIRTUAL}"
|
_list_entries "${DATABASE_VIRTUAL}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _list_entries
|
function _list_entries() {
|
||||||
{
|
|
||||||
local DATABASE=${1}
|
local DATABASE=${1}
|
||||||
_db_should_exist_with_content "${DATABASE}"
|
_db_should_exist_with_content "${DATABASE}"
|
||||||
|
|
||||||
|
|
|
@ -3,14 +3,12 @@
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
local DATABASE_DOVECOT_MASTERS='/tmp/docker-mailserver/dovecot-masters.cf'
|
local DATABASE_DOVECOT_MASTERS='/tmp/docker-mailserver/dovecot-masters.cf'
|
||||||
_list_entries "${DATABASE_DOVECOT_MASTERS}"
|
_list_entries "${DATABASE_DOVECOT_MASTERS}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _list_entries
|
function _list_entries() {
|
||||||
{
|
|
||||||
local DATABASE=${1}
|
local DATABASE=${1}
|
||||||
_db_should_exist_with_content "${DATABASE}"
|
_db_should_exist_with_content "${DATABASE}"
|
||||||
|
|
||||||
|
|
|
@ -7,16 +7,14 @@ source /usr/local/bin/helpers/index.sh
|
||||||
# shellcheck source=/dev/null
|
# shellcheck source=/dev/null
|
||||||
source /etc/dms-settings 2>/dev/null
|
source /etc/dms-settings 2>/dev/null
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
local DATABASE_ACCOUNTS='/tmp/docker-mailserver/postfix-accounts.cf'
|
local DATABASE_ACCOUNTS='/tmp/docker-mailserver/postfix-accounts.cf'
|
||||||
local DATABASE_VIRTUAL='/tmp/docker-mailserver/postfix-virtual.cf'
|
local DATABASE_VIRTUAL='/tmp/docker-mailserver/postfix-virtual.cf'
|
||||||
|
|
||||||
_list_entries "${DATABASE_ACCOUNTS}"
|
_list_entries "${DATABASE_ACCOUNTS}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _list_entries
|
function _list_entries() {
|
||||||
{
|
|
||||||
local DATABASE=${1}
|
local DATABASE=${1}
|
||||||
_db_should_exist_with_content "${DATABASE}"
|
_db_should_exist_with_content "${DATABASE}"
|
||||||
|
|
||||||
|
@ -29,8 +27,7 @@ function _list_entries
|
||||||
done < <(_get_valid_lines_from_file "${DATABASE}")
|
done < <(_get_valid_lines_from_file "${DATABASE}")
|
||||||
}
|
}
|
||||||
|
|
||||||
function _format_list_item
|
function _format_list_item() {
|
||||||
{
|
|
||||||
local LINE=${1}
|
local LINE=${1}
|
||||||
|
|
||||||
local MAIL_ACCOUNT
|
local MAIL_ACCOUNT
|
||||||
|
@ -49,8 +46,7 @@ function _format_list_item
|
||||||
echo "${ACCOUNT_ENTRY}"
|
echo "${ACCOUNT_ENTRY}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _quota_show_for
|
function _quota_show_for() {
|
||||||
{
|
|
||||||
local MAIL_ACCOUNT=${1}
|
local MAIL_ACCOUNT=${1}
|
||||||
|
|
||||||
[[ ${ENABLE_QUOTAS} -ne 1 ]] && return 0
|
[[ ${ENABLE_QUOTAS} -ne 1 ]] && return 0
|
||||||
|
@ -68,8 +64,7 @@ function _quota_show_for
|
||||||
echo "( ${CURRENT_SIZE} / ${SIZE_LIMIT} ) [${PERCENT_USED}]"
|
echo "( ${CURRENT_SIZE} / ${SIZE_LIMIT} ) [${PERCENT_USED}]"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _bytes_to_human_readable_size
|
function _bytes_to_human_readable_size() {
|
||||||
{
|
|
||||||
# `-` represents a non-applicable value (eg: Like when `SIZE_LIMIT` is not set):
|
# `-` represents a non-applicable value (eg: Like when `SIZE_LIMIT` is not set):
|
||||||
if [[ ${1:-} == '-' ]]; then
|
if [[ ${1:-} == '-' ]]; then
|
||||||
echo '~'
|
echo '~'
|
||||||
|
@ -83,8 +78,7 @@ function _bytes_to_human_readable_size
|
||||||
}
|
}
|
||||||
|
|
||||||
# Returns a comma delimited list of aliases associated to a recipient (ideally the recipient is a mail account):
|
# Returns a comma delimited list of aliases associated to a recipient (ideally the recipient is a mail account):
|
||||||
function _alias_list_for_account
|
function _alias_list_for_account() {
|
||||||
{
|
|
||||||
local GREP_OPTIONS
|
local GREP_OPTIONS
|
||||||
local MAIL_ACCOUNT=${1}
|
local MAIL_ACCOUNT=${1}
|
||||||
|
|
||||||
|
|
|
@ -12,8 +12,7 @@ KEYSIZE=4096
|
||||||
SELECTOR=mail
|
SELECTOR=mail
|
||||||
DOMAINS=
|
DOMAINS=
|
||||||
|
|
||||||
function __usage
|
function __usage() {
|
||||||
{
|
|
||||||
printf '%s' "${PURPLE}OPEN-DKIM${RED}(${YELLOW}8${RED})
|
printf '%s' "${PURPLE}OPEN-DKIM${RED}(${YELLOW}8${RED})
|
||||||
|
|
||||||
${ORANGE}NAME${RESET}
|
${ORANGE}NAME${RESET}
|
||||||
|
@ -102,8 +101,7 @@ done
|
||||||
|
|
||||||
DATABASE_VHOST='/tmp/vhost.dkim'
|
DATABASE_VHOST='/tmp/vhost.dkim'
|
||||||
# Prepare a file with one domain per line:
|
# Prepare a file with one domain per line:
|
||||||
function _generate_domains_config
|
function _generate_domains_config() {
|
||||||
{
|
|
||||||
local TMP_VHOST='/tmp/vhost.dkim.tmp'
|
local TMP_VHOST='/tmp/vhost.dkim.tmp'
|
||||||
|
|
||||||
# Generate the default vhost (equivalent to /etc/postfix/vhost),
|
# Generate the default vhost (equivalent to /etc/postfix/vhost),
|
||||||
|
|
|
@ -11,8 +11,7 @@ shopt -s inherit_errexit
|
||||||
# shellcheck source=/dev/null
|
# shellcheck source=/dev/null
|
||||||
source /etc/dms-settings
|
source /etc/dms-settings
|
||||||
|
|
||||||
function __usage
|
function __usage() {
|
||||||
{
|
|
||||||
_log 'trace' 'Showing usage message now'
|
_log 'trace' 'Showing usage message now'
|
||||||
echo -e "${PURPLE}RSPAMD-DKIM${RED}(${YELLOW}8${RED})
|
echo -e "${PURPLE}RSPAMD-DKIM${RED}(${YELLOW}8${RED})
|
||||||
|
|
||||||
|
@ -65,16 +64,14 @@ ${ORANGE}EXIT STATUS${RESET}
|
||||||
"
|
"
|
||||||
}
|
}
|
||||||
|
|
||||||
function __do_as_rspamd_user
|
function __do_as_rspamd_user() {
|
||||||
{
|
|
||||||
local COMMAND=${1:?Command required when using __do_as_rspamd_user}
|
local COMMAND=${1:?Command required when using __do_as_rspamd_user}
|
||||||
_log 'trace' "Running '${*}' as user '_rspamd' now"
|
_log 'trace' "Running '${*}' as user '_rspamd' now"
|
||||||
shift 1
|
shift 1
|
||||||
su -l '_rspamd' -s "$(command -v "${COMMAND}")" -- "${@}"
|
su -l '_rspamd' -s "$(command -v "${COMMAND}")" -- "${@}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _parse_arguments
|
function _parse_arguments() {
|
||||||
{
|
|
||||||
KEYTYPE='rsa'
|
KEYTYPE='rsa'
|
||||||
KEYSIZE='2048'
|
KEYSIZE='2048'
|
||||||
SELECTOR='mail'
|
SELECTOR='mail'
|
||||||
|
@ -152,8 +149,7 @@ function _parse_arguments
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
function _create_keys
|
function _create_keys() {
|
||||||
{
|
|
||||||
# Note: Variables not marked with `local` are used
|
# Note: Variables not marked with `local` are used
|
||||||
# in other functions (after this function was called).
|
# in other functions (after this function was called).
|
||||||
BASE_DIR='/tmp/docker-mailserver/rspamd/dkim'
|
BASE_DIR='/tmp/docker-mailserver/rspamd/dkim'
|
||||||
|
@ -192,8 +188,7 @@ function _create_keys
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _check_permissions
|
function _check_permissions() {
|
||||||
{
|
|
||||||
# shellcheck disable=SC2310
|
# shellcheck disable=SC2310
|
||||||
if ! __do_as_rspamd_user ls "${BASE_DIR}" >/dev/null; then
|
if ! __do_as_rspamd_user ls "${BASE_DIR}" >/dev/null; then
|
||||||
_log 'warn' "The Rspamd user ('_rspamd') seems to be unable to list files in the keys directory ('${BASE_DIR}') - Rspamd may experience permission errors later"
|
_log 'warn' "The Rspamd user ('_rspamd') seems to be unable to list files in the keys directory ('${BASE_DIR}') - Rspamd may experience permission errors later"
|
||||||
|
@ -204,8 +199,7 @@ function _check_permissions
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_default_signing_conf
|
function _setup_default_signing_conf() {
|
||||||
{
|
|
||||||
local DEFAULT_CONFIG_FILE='/etc/rspamd/override.d/dkim_signing.conf'
|
local DEFAULT_CONFIG_FILE='/etc/rspamd/override.d/dkim_signing.conf'
|
||||||
if [[ -f ${DEFAULT_CONFIG_FILE} ]]; then
|
if [[ -f ${DEFAULT_CONFIG_FILE} ]]; then
|
||||||
_log 'debug' "'${DEFAULT_CONFIG_FILE}' exists, not supplying a default"
|
_log 'debug' "'${DEFAULT_CONFIG_FILE}' exists, not supplying a default"
|
||||||
|
@ -237,8 +231,7 @@ EOF
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _transform_public_key_file_to_dns_record_contents
|
function _transform_public_key_file_to_dns_record_contents() {
|
||||||
{
|
|
||||||
_log 'trace' 'Transforming DNS zone format to DNS record content now'
|
_log 'trace' 'Transforming DNS zone format to DNS record content now'
|
||||||
: >"${PUBLIC_KEY_DNS_FILE}"
|
: >"${PUBLIC_KEY_DNS_FILE}"
|
||||||
grep -o '".*"' "${PUBLIC_KEY_FILE}" | tr -d '"\n' >>"${PUBLIC_KEY_DNS_FILE}"
|
grep -o '".*"' "${PUBLIC_KEY_FILE}" | tr -d '"\n' >>"${PUBLIC_KEY_DNS_FILE}"
|
||||||
|
@ -251,8 +244,7 @@ function _transform_public_key_file_to_dns_record_contents
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _final_steps
|
function _final_steps() {
|
||||||
{
|
|
||||||
# We need to restart Rspamd so the changes take effect immediately.
|
# We need to restart Rspamd so the changes take effect immediately.
|
||||||
if ! supervisorctl restart rspamd; then
|
if ! supervisorctl restart rspamd; then
|
||||||
_log 'warn' 'Could not restart Rspamd via Supervisord'
|
_log 'warn' 'Could not restart Rspamd via Supervisord'
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
_require_n_parameters_or_print_usage 1 "${@}"
|
_require_n_parameters_or_print_usage 1 "${@}"
|
||||||
|
|
||||||
local MAIL_ACCOUNT="${1}"
|
local MAIL_ACCOUNT="${1}"
|
||||||
|
@ -15,8 +14,7 @@ function _main
|
||||||
_manage_dovecot_quota_update "${MAIL_ACCOUNT}" "${QUOTA}"
|
_manage_dovecot_quota_update "${MAIL_ACCOUNT}" "${QUOTA}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function __usage
|
function __usage() {
|
||||||
{
|
|
||||||
printf '%s' "${PURPLE}setquota${RED}(${YELLOW}8${RED})
|
printf '%s' "${PURPLE}setquota${RED}(${YELLOW}8${RED})
|
||||||
|
|
||||||
${ORANGE}USAGE${RESET}
|
${ORANGE}USAGE${RESET}
|
||||||
|
@ -43,8 +41,7 @@ ${ORANGE}EXIT STATUS${RESET}
|
||||||
"
|
"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _validate_parameters
|
function _validate_parameters() {
|
||||||
{
|
|
||||||
# MAIL_ACCOUNT
|
# MAIL_ACCOUNT
|
||||||
_arg_expect_mail_account
|
_arg_expect_mail_account
|
||||||
_account_should_already_exist
|
_account_should_already_exist
|
||||||
|
@ -54,8 +51,7 @@ function _validate_parameters
|
||||||
_quota_unit_is_valid
|
_quota_unit_is_valid
|
||||||
}
|
}
|
||||||
|
|
||||||
function _quota_request_if_missing
|
function _quota_request_if_missing() {
|
||||||
{
|
|
||||||
if [[ -z ${QUOTA} ]]; then
|
if [[ -z ${QUOTA} ]]; then
|
||||||
read -r -p 'Enter quota (e.g. 10M): ' QUOTA
|
read -r -p 'Enter quota (e.g. 10M): ' QUOTA
|
||||||
echo
|
echo
|
||||||
|
@ -63,8 +59,7 @@ function _quota_request_if_missing
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _quota_unit_is_valid
|
function _quota_unit_is_valid() {
|
||||||
{
|
|
||||||
if ! grep -qE "^([0-9]+(B|k|M|G|T)|0)\$" <<< "${QUOTA}"; then
|
if ! grep -qE "^([0-9]+(B|k|M|G|T)|0)\$" <<< "${QUOTA}"; then
|
||||||
__usage
|
__usage
|
||||||
_exit_with_error 'Invalid quota format. e.g. 302M (B (byte), k (kilobyte), M (megabyte), G (gigabyte) or T (terabyte))'
|
_exit_with_error 'Invalid quota format. e.g. 302M (B (byte), k (kilobyte), M (megabyte), G (gigabyte) or T (terabyte))'
|
||||||
|
|
|
@ -5,8 +5,7 @@ set -euE -o pipefail
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function _usage
|
function _usage() {
|
||||||
{
|
|
||||||
# shellcheck disable=SC2059
|
# shellcheck disable=SC2059
|
||||||
printf '%s' "${PURPLE}SETUP${RED}(${YELLOW}1${RED})
|
printf '%s' "${PURPLE}SETUP${RED}(${YELLOW}1${RED})
|
||||||
|
|
||||||
|
@ -82,15 +81,13 @@ ${ORANGE}EXAMPLES${RESET}
|
||||||
|
|
||||||
"
|
"
|
||||||
}
|
}
|
||||||
function _invalid_command
|
function _invalid_command() {
|
||||||
{
|
|
||||||
echo "The command '${*}' is invalid.
|
echo "The command '${*}' is invalid.
|
||||||
Use \`setup help\` to get an overview of all commands." >&2
|
Use \`setup help\` to get an overview of all commands." >&2
|
||||||
exit 2
|
exit 2
|
||||||
}
|
}
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
case ${1:-} in
|
case ${1:-} in
|
||||||
|
|
||||||
( email )
|
( email )
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
_require_n_parameters_or_print_usage 1 "${@}"
|
_require_n_parameters_or_print_usage 1 "${@}"
|
||||||
|
|
||||||
local MAIL_ACCOUNT="${1}"
|
local MAIL_ACCOUNT="${1}"
|
||||||
|
@ -14,8 +13,7 @@ function _main
|
||||||
_manage_accounts_dovecotmaster_update "${MAIL_ACCOUNT}" "${PASSWD}"
|
_manage_accounts_dovecotmaster_update "${MAIL_ACCOUNT}" "${PASSWD}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function __usage
|
function __usage() {
|
||||||
{
|
|
||||||
printf '%s' "${PURPLE}updatedovecotmasteruser${RED}(${YELLOW}8${RED})
|
printf '%s' "${PURPLE}updatedovecotmasteruser${RED}(${YELLOW}8${RED})
|
||||||
|
|
||||||
${ORANGE}USAGE${RESET}
|
${ORANGE}USAGE${RESET}
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# shellcheck source=../scripts/helpers/index.sh
|
# shellcheck source=../scripts/helpers/index.sh
|
||||||
source /usr/local/bin/helpers/index.sh
|
source /usr/local/bin/helpers/index.sh
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
_require_n_parameters_or_print_usage 1 "${@}"
|
_require_n_parameters_or_print_usage 1 "${@}"
|
||||||
|
|
||||||
local MAIL_ACCOUNT="${1}"
|
local MAIL_ACCOUNT="${1}"
|
||||||
|
@ -14,8 +13,7 @@ function _main
|
||||||
_manage_accounts_update "${MAIL_ACCOUNT}" "${PASSWD}"
|
_manage_accounts_update "${MAIL_ACCOUNT}" "${PASSWD}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function __usage
|
function __usage() {
|
||||||
{
|
|
||||||
printf '%s' "${PURPLE}updatemailuser${RED}(${YELLOW}8${RED})
|
printf '%s' "${PURPLE}updatemailuser${RED}(${YELLOW}8${RED})
|
||||||
|
|
||||||
${ORANGE}USAGE${RESET}
|
${ORANGE}USAGE${RESET}
|
||||||
|
|
|
@ -10,8 +10,7 @@ source /usr/local/bin/helpers/log.sh
|
||||||
|
|
||||||
_log_level_is 'trace' && QUIET='-y' || QUIET='-qq'
|
_log_level_is 'trace' && QUIET='-y' || QUIET='-qq'
|
||||||
|
|
||||||
function _pre_installation_steps
|
function _pre_installation_steps() {
|
||||||
{
|
|
||||||
_log 'info' 'Starting package installation'
|
_log 'info' 'Starting package installation'
|
||||||
_log 'debug' 'Running pre-installation steps'
|
_log 'debug' 'Running pre-installation steps'
|
||||||
|
|
||||||
|
@ -25,8 +24,7 @@ function _pre_installation_steps
|
||||||
apt-get "${QUIET}" upgrade
|
apt-get "${QUIET}" upgrade
|
||||||
}
|
}
|
||||||
|
|
||||||
function _install_postfix
|
function _install_postfix() {
|
||||||
{
|
|
||||||
_log 'debug' 'Installing Postfix'
|
_log 'debug' 'Installing Postfix'
|
||||||
|
|
||||||
_log 'warn' 'Applying workaround for Postfix bug (see https://github.com//issues/2023#issuecomment-855326403)'
|
_log 'warn' 'Applying workaround for Postfix bug (see https://github.com//issues/2023#issuecomment-855326403)'
|
||||||
|
@ -42,8 +40,7 @@ function _install_postfix
|
||||||
rm /etc/rsyslog.d/postfix.conf
|
rm /etc/rsyslog.d/postfix.conf
|
||||||
}
|
}
|
||||||
|
|
||||||
function _install_packages
|
function _install_packages() {
|
||||||
{
|
|
||||||
_log 'debug' 'Installing all packages now'
|
_log 'debug' 'Installing all packages now'
|
||||||
|
|
||||||
declare -a ANTI_VIRUS_SPAM_PACKAGES
|
declare -a ANTI_VIRUS_SPAM_PACKAGES
|
||||||
|
@ -93,8 +90,7 @@ function _install_packages
|
||||||
"${MAIL_PROGRAMS_PACKAGES[@]}"
|
"${MAIL_PROGRAMS_PACKAGES[@]}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _install_dovecot
|
function _install_dovecot() {
|
||||||
{
|
|
||||||
declare -a DOVECOT_PACKAGES
|
declare -a DOVECOT_PACKAGES
|
||||||
|
|
||||||
DOVECOT_PACKAGES=(
|
DOVECOT_PACKAGES=(
|
||||||
|
@ -131,8 +127,7 @@ function _install_dovecot
|
||||||
apt-get "${QUIET}" --no-install-recommends install "${DOVECOT_PACKAGES[@]}"
|
apt-get "${QUIET}" --no-install-recommends install "${DOVECOT_PACKAGES[@]}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _install_rspamd
|
function _install_rspamd() {
|
||||||
{
|
|
||||||
_log 'trace' 'Adding Rspamd package signatures'
|
_log 'trace' 'Adding Rspamd package signatures'
|
||||||
local DEB_FILE='/etc/apt/sources.list.d/rspamd.list'
|
local DEB_FILE='/etc/apt/sources.list.d/rspamd.list'
|
||||||
local RSPAMD_PACKAGE_NAME
|
local RSPAMD_PACKAGE_NAME
|
||||||
|
@ -160,8 +155,7 @@ function _install_rspamd
|
||||||
apt-get "${QUIET}" --no-install-recommends install "${RSPAMD_PACKAGE_NAME}" 'redis-server'
|
apt-get "${QUIET}" --no-install-recommends install "${RSPAMD_PACKAGE_NAME}" 'redis-server'
|
||||||
}
|
}
|
||||||
|
|
||||||
function _install_fail2ban
|
function _install_fail2ban() {
|
||||||
{
|
|
||||||
local FAIL2BAN_DEB_URL='https://github.com/fail2ban/fail2ban/releases/download/1.0.2/fail2ban_1.0.2-1.upstream1_all.deb'
|
local FAIL2BAN_DEB_URL='https://github.com/fail2ban/fail2ban/releases/download/1.0.2/fail2ban_1.0.2-1.upstream1_all.deb'
|
||||||
local FAIL2BAN_DEB_ASC_URL="${FAIL2BAN_DEB_URL}.asc"
|
local FAIL2BAN_DEB_ASC_URL="${FAIL2BAN_DEB_URL}.asc"
|
||||||
local FAIL2BAN_GPG_FINGERPRINT='8738 559E 26F6 71DF 9E2C 6D9E 683B F1BE BD0A 882C'
|
local FAIL2BAN_GPG_FINGERPRINT='8738 559E 26F6 71DF 9E2C 6D9E 683B F1BE BD0A 882C'
|
||||||
|
@ -201,8 +195,7 @@ function _install_fail2ban
|
||||||
# v6.18 contains fixes for Google and Microsoft OAuth support.
|
# v6.18 contains fixes for Google and Microsoft OAuth support.
|
||||||
# using pip to install getmail.
|
# using pip to install getmail.
|
||||||
# TODO This can be removed when the base image is updated to Debian 12 (Bookworm)
|
# TODO This can be removed when the base image is updated to Debian 12 (Bookworm)
|
||||||
function _install_getmail
|
function _install_getmail() {
|
||||||
{
|
|
||||||
_log 'debug' 'Installing getmail6'
|
_log 'debug' 'Installing getmail6'
|
||||||
apt-get "${QUIET}" --no-install-recommends install python3-pip
|
apt-get "${QUIET}" --no-install-recommends install python3-pip
|
||||||
pip3 install --no-cache-dir 'getmail6~=6.18.12'
|
pip3 install --no-cache-dir 'getmail6~=6.18.12'
|
||||||
|
@ -212,8 +205,7 @@ function _install_getmail
|
||||||
apt-get "${QUIET}" autoremove
|
apt-get "${QUIET}" autoremove
|
||||||
}
|
}
|
||||||
|
|
||||||
function _remove_data_after_package_installations
|
function _remove_data_after_package_installations() {
|
||||||
{
|
|
||||||
_log 'debug' 'Deleting sensitive files (secrets)'
|
_log 'debug' 'Deleting sensitive files (secrets)'
|
||||||
rm /etc/postsrsd.secret
|
rm /etc/postsrsd.secret
|
||||||
|
|
||||||
|
@ -221,8 +213,7 @@ function _remove_data_after_package_installations
|
||||||
rm /etc/cron.daily/00logwatch
|
rm /etc/cron.daily/00logwatch
|
||||||
}
|
}
|
||||||
|
|
||||||
function _post_installation_steps
|
function _post_installation_steps() {
|
||||||
{
|
|
||||||
_log 'debug' 'Running post-installation steps (cleanup)'
|
_log 'debug' 'Running post-installation steps (cleanup)'
|
||||||
apt-get "${QUIET}" clean
|
apt-get "${QUIET}" clean
|
||||||
rm -rf /var/lib/apt/lists/*
|
rm -rf /var/lib/apt/lists/*
|
||||||
|
|
|
@ -30,8 +30,7 @@ _log_with_date 'trace' "Using postmaster address '${POSTMASTER_ADDRESS}'"
|
||||||
|
|
||||||
_log_with_date 'debug' "Changedetector is ready"
|
_log_with_date 'debug' "Changedetector is ready"
|
||||||
|
|
||||||
function _check_for_changes
|
function _check_for_changes() {
|
||||||
{
|
|
||||||
# get chksum and check it, no need to lock config yet
|
# get chksum and check it, no need to lock config yet
|
||||||
_monitored_files_checksums >"${CHKSUM_FILE}.new"
|
_monitored_files_checksums >"${CHKSUM_FILE}.new"
|
||||||
cmp --silent -- "${CHKSUM_FILE}" "${CHKSUM_FILE}.new"
|
cmp --silent -- "${CHKSUM_FILE}" "${CHKSUM_FILE}.new"
|
||||||
|
@ -65,8 +64,7 @@ function _check_for_changes
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _get_changed_files
|
function _get_changed_files() {
|
||||||
{
|
|
||||||
local CHKSUM_CURRENT=${1}
|
local CHKSUM_CURRENT=${1}
|
||||||
local CHKSUM_NEW=${2}
|
local CHKSUM_NEW=${2}
|
||||||
|
|
||||||
|
@ -81,8 +79,7 @@ function _get_changed_files
|
||||||
grep -Fxvf "${CHKSUM_CURRENT}" "${CHKSUM_NEW}" | sed -r 's/^\S+[[:space:]]+//'
|
grep -Fxvf "${CHKSUM_CURRENT}" "${CHKSUM_NEW}" | sed -r 's/^\S+[[:space:]]+//'
|
||||||
}
|
}
|
||||||
|
|
||||||
function _reload_amavis
|
function _reload_amavis() {
|
||||||
{
|
|
||||||
if [[ ${CHANGED} =~ ${DMS_DIR}/postfix-accounts.cf ]] || [[ ${CHANGED} =~ ${DMS_DIR}/postfix-virtual.cf ]]; then
|
if [[ ${CHANGED} =~ ${DMS_DIR}/postfix-accounts.cf ]] || [[ ${CHANGED} =~ ${DMS_DIR}/postfix-virtual.cf ]]; then
|
||||||
# /etc/postfix/vhost was updated, amavis must refresh it's config by
|
# /etc/postfix/vhost was updated, amavis must refresh it's config by
|
||||||
# reading this file again in case of new domains, otherwise they will be ignored.
|
# reading this file again in case of new domains, otherwise they will be ignored.
|
||||||
|
@ -92,8 +89,7 @@ function _reload_amavis
|
||||||
|
|
||||||
# Also note that changes are performed in place and are not atomic
|
# Also note that changes are performed in place and are not atomic
|
||||||
# We should fix that and write to temporary files, stop, swap and start
|
# We should fix that and write to temporary files, stop, swap and start
|
||||||
function _postfix_dovecot_changes
|
function _postfix_dovecot_changes() {
|
||||||
{
|
|
||||||
local DMS_DIR=/tmp/docker-mailserver
|
local DMS_DIR=/tmp/docker-mailserver
|
||||||
|
|
||||||
# Regenerate accounts via `helpers/accounts.sh`:
|
# Regenerate accounts via `helpers/accounts.sh`:
|
||||||
|
@ -141,8 +137,7 @@ function _postfix_dovecot_changes
|
||||||
_chown_var_mail_if_necessary
|
_chown_var_mail_if_necessary
|
||||||
}
|
}
|
||||||
|
|
||||||
function _ssl_changes
|
function _ssl_changes() {
|
||||||
{
|
|
||||||
local REGEX_NEVER_MATCH='(?\!)'
|
local REGEX_NEVER_MATCH='(?\!)'
|
||||||
|
|
||||||
# _setup_ssl is required for:
|
# _setup_ssl is required for:
|
||||||
|
|
|
@ -9,8 +9,7 @@
|
||||||
DOVECOT_USERDB_FILE=/etc/dovecot/userdb
|
DOVECOT_USERDB_FILE=/etc/dovecot/userdb
|
||||||
DOVECOT_MASTERDB_FILE=/etc/dovecot/masterdb
|
DOVECOT_MASTERDB_FILE=/etc/dovecot/masterdb
|
||||||
|
|
||||||
function _create_accounts
|
function _create_accounts() {
|
||||||
{
|
|
||||||
: >/etc/postfix/vmailbox
|
: >/etc/postfix/vmailbox
|
||||||
: >"${DOVECOT_USERDB_FILE}"
|
: >"${DOVECOT_USERDB_FILE}"
|
||||||
|
|
||||||
|
@ -98,8 +97,7 @@ function _create_accounts
|
||||||
#
|
#
|
||||||
# see https://github.com/docker-mailserver/docker-mailserver/pull/2248#issuecomment-953313852
|
# see https://github.com/docker-mailserver/docker-mailserver/pull/2248#issuecomment-953313852
|
||||||
# for more details on this method
|
# for more details on this method
|
||||||
function _create_dovecot_alias_dummy_accounts
|
function _create_dovecot_alias_dummy_accounts() {
|
||||||
{
|
|
||||||
local DATABASE_VIRTUAL='/tmp/docker-mailserver/postfix-virtual.cf'
|
local DATABASE_VIRTUAL='/tmp/docker-mailserver/postfix-virtual.cf'
|
||||||
|
|
||||||
if [[ -f ${DATABASE_VIRTUAL} ]] && [[ ${ENABLE_QUOTAS} -eq 1 ]]; then
|
if [[ -f ${DATABASE_VIRTUAL} ]] && [[ ${ENABLE_QUOTAS} -eq 1 ]]; then
|
||||||
|
@ -157,8 +155,7 @@ function _create_dovecot_alias_dummy_accounts
|
||||||
|
|
||||||
# Support Dovecot master user: https://doc.dovecot.org/configuration_manual/authentication/master_users/
|
# Support Dovecot master user: https://doc.dovecot.org/configuration_manual/authentication/master_users/
|
||||||
# Supporting LDAP users requires `auth_bind = yes` in `dovecot-ldap.conf.ext`, see docker-mailserver/docker-mailserver/pull/2535 for details
|
# Supporting LDAP users requires `auth_bind = yes` in `dovecot-ldap.conf.ext`, see docker-mailserver/docker-mailserver/pull/2535 for details
|
||||||
function _create_masters
|
function _create_masters() {
|
||||||
{
|
|
||||||
: >"${DOVECOT_MASTERDB_FILE}"
|
: >"${DOVECOT_MASTERDB_FILE}"
|
||||||
|
|
||||||
local DATABASE_DOVECOT_MASTERS='/tmp/docker-mailserver/dovecot-masters.cf'
|
local DATABASE_DOVECOT_MASTERS='/tmp/docker-mailserver/dovecot-masters.cf'
|
||||||
|
|
|
@ -6,8 +6,7 @@
|
||||||
# `setup-stack.sh:_setup_ldap` does not seem to configure for `/etc/postfix/virtual however.`
|
# `setup-stack.sh:_setup_ldap` does not seem to configure for `/etc/postfix/virtual however.`
|
||||||
|
|
||||||
# NOTE: `accounts.sh` and `relay.sh:_populate_relayhost_map` also process on `postfix-virtual.cf`.
|
# NOTE: `accounts.sh` and `relay.sh:_populate_relayhost_map` also process on `postfix-virtual.cf`.
|
||||||
function _handle_postfix_virtual_config
|
function _handle_postfix_virtual_config() {
|
||||||
{
|
|
||||||
: >/etc/postfix/virtual
|
: >/etc/postfix/virtual
|
||||||
|
|
||||||
local DATABASE_VIRTUAL=/tmp/docker-mailserver/postfix-virtual.cf
|
local DATABASE_VIRTUAL=/tmp/docker-mailserver/postfix-virtual.cf
|
||||||
|
@ -24,8 +23,7 @@ function _handle_postfix_virtual_config
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _handle_postfix_regexp_config
|
function _handle_postfix_regexp_config() {
|
||||||
{
|
|
||||||
: >/etc/postfix/regexp
|
: >/etc/postfix/regexp
|
||||||
|
|
||||||
if [[ -f /tmp/docker-mailserver/postfix-regexp.cf ]]; then
|
if [[ -f /tmp/docker-mailserver/postfix-regexp.cf ]]; then
|
||||||
|
@ -41,8 +39,7 @@ function _handle_postfix_regexp_config
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _handle_postfix_aliases_config
|
function _handle_postfix_aliases_config() {
|
||||||
{
|
|
||||||
_log 'trace' 'Configuring root alias'
|
_log 'trace' 'Configuring root alias'
|
||||||
|
|
||||||
echo "root: ${POSTMASTER_ADDRESS}" >/etc/aliases
|
echo "root: ${POSTMASTER_ADDRESS}" >/etc/aliases
|
||||||
|
@ -55,8 +52,7 @@ function _handle_postfix_aliases_config
|
||||||
}
|
}
|
||||||
|
|
||||||
# Other scripts should call this method, rather than the ones above:
|
# Other scripts should call this method, rather than the ones above:
|
||||||
function _create_aliases
|
function _create_aliases() {
|
||||||
{
|
|
||||||
_handle_postfix_virtual_config
|
_handle_postfix_virtual_config
|
||||||
_handle_postfix_regexp_config
|
_handle_postfix_regexp_config
|
||||||
_handle_postfix_aliases_config
|
_handle_postfix_aliases_config
|
||||||
|
|
|
@ -12,8 +12,7 @@ CHKSUM_FILE=/tmp/docker-mailserver-config-chksum
|
||||||
|
|
||||||
# Once container startup scripts complete, take a snapshot of
|
# Once container startup scripts complete, take a snapshot of
|
||||||
# the config state via storing a list of files content hashes.
|
# the config state via storing a list of files content hashes.
|
||||||
function _prepare_for_change_detection
|
function _prepare_for_change_detection() {
|
||||||
{
|
|
||||||
_log 'debug' 'Setting up configuration checksum file'
|
_log 'debug' 'Setting up configuration checksum file'
|
||||||
|
|
||||||
_log 'trace' "Creating '${CHKSUM_FILE}'"
|
_log 'trace' "Creating '${CHKSUM_FILE}'"
|
||||||
|
@ -22,8 +21,7 @@ function _prepare_for_change_detection
|
||||||
|
|
||||||
# Returns a list of changed files, each line is a value pair of:
|
# Returns a list of changed files, each line is a value pair of:
|
||||||
# <SHA-512 content hash> <changed file path>
|
# <SHA-512 content hash> <changed file path>
|
||||||
function _monitored_files_checksums
|
function _monitored_files_checksums() {
|
||||||
{
|
|
||||||
# If a wildcard path pattern (or an empty ENV) would yield an invalid path
|
# If a wildcard path pattern (or an empty ENV) would yield an invalid path
|
||||||
# or no results, `shopt -s nullglob` prevents it from being added.
|
# or no results, `shopt -s nullglob` prevents it from being added.
|
||||||
shopt -s nullglob
|
shopt -s nullglob
|
||||||
|
|
|
@ -18,8 +18,7 @@ DATABASE_PASSWD="${DMS_CONFIG}/postfix-sasl-password.cf"
|
||||||
DATABASE_RELAY="${DMS_CONFIG}/postfix-relaymap.cf"
|
DATABASE_RELAY="${DMS_CONFIG}/postfix-relaymap.cf"
|
||||||
|
|
||||||
# Individual scripts with convenience methods to manage operations easier:
|
# Individual scripts with convenience methods to manage operations easier:
|
||||||
function _db_import_scripts
|
function _db_import_scripts() {
|
||||||
{
|
|
||||||
# This var is stripped by shellcheck from source paths below,
|
# This var is stripped by shellcheck from source paths below,
|
||||||
# like the shellcheck source-path above, it shouold match this scripts
|
# like the shellcheck source-path above, it shouold match this scripts
|
||||||
# parent directory, with the rest of the relative path in the source lines:
|
# parent directory, with the rest of the relative path in the source lines:
|
||||||
|
@ -35,8 +34,7 @@ function _db_entry_add_or_append { _db_operation 'append' "${@}" ; } # Only us
|
||||||
function _db_entry_add_or_replace { _db_operation 'replace' "${@}" ; }
|
function _db_entry_add_or_replace { _db_operation 'replace' "${@}" ; }
|
||||||
function _db_entry_remove { _db_operation 'remove' "${@}" ; }
|
function _db_entry_remove { _db_operation 'remove' "${@}" ; }
|
||||||
|
|
||||||
function _db_operation
|
function _db_operation() {
|
||||||
{
|
|
||||||
local DB_ACTION=${1}
|
local DB_ACTION=${1}
|
||||||
local DATABASE=${2}
|
local DATABASE=${2}
|
||||||
local KEY=${3}
|
local KEY=${3}
|
||||||
|
@ -126,8 +124,7 @@ function _db_operation
|
||||||
}
|
}
|
||||||
|
|
||||||
# Internal method for: _db_operation
|
# Internal method for: _db_operation
|
||||||
function __db_list_already_contains_value
|
function __db_list_already_contains_value() {
|
||||||
{
|
|
||||||
# Avoids accidentally matching a substring (case-insensitive acceptable):
|
# Avoids accidentally matching a substring (case-insensitive acceptable):
|
||||||
# 1. Extract the current value of the entry (`\1`),
|
# 1. Extract the current value of the entry (`\1`),
|
||||||
# 2. Value list support: Split values into separate lines (`\n`+`g`) at V_DELIMITER,
|
# 2. Value list support: Split values into separate lines (`\n`+`g`) at V_DELIMITER,
|
||||||
|
@ -140,8 +137,7 @@ function __db_list_already_contains_value
|
||||||
|
|
||||||
# Internal method for: _db_operation + _db_has_entry_with_key
|
# Internal method for: _db_operation + _db_has_entry_with_key
|
||||||
# References global vars `DATABASE_*`:
|
# References global vars `DATABASE_*`:
|
||||||
function __db_get_delimiter_for
|
function __db_get_delimiter_for() {
|
||||||
{
|
|
||||||
local DATABASE=${1}
|
local DATABASE=${1}
|
||||||
|
|
||||||
case "${DATABASE}" in
|
case "${DATABASE}" in
|
||||||
|
@ -171,8 +167,7 @@ function __db_get_delimiter_for
|
||||||
# `\` can escape these (`/` exists in postfix-account.cf base64 encoded pw hash),
|
# `\` can escape these (`/` exists in postfix-account.cf base64 encoded pw hash),
|
||||||
# But otherwise care should be taken with `\`, which should be forbidden for input here?
|
# But otherwise care should be taken with `\`, which should be forbidden for input here?
|
||||||
# NOTE: Presently only `.` is escaped with `\` via `_escape`.
|
# NOTE: Presently only `.` is escaped with `\` via `_escape`.
|
||||||
function __escape_sed_replacement
|
function __escape_sed_replacement() {
|
||||||
{
|
|
||||||
# Matches any `/` or `&`, and escapes them with `\` (`\\\1`):
|
# Matches any `/` or `&`, and escapes them with `\` (`\\\1`):
|
||||||
sed 's/\([/&]\)/\\\1/g' <<< "${ENTRY}"
|
sed 's/\([/&]\)/\\\1/g' <<< "${ENTRY}"
|
||||||
}
|
}
|
||||||
|
@ -181,8 +176,7 @@ function __escape_sed_replacement
|
||||||
# Validation Methods
|
# Validation Methods
|
||||||
#
|
#
|
||||||
|
|
||||||
function _db_has_entry_with_key
|
function _db_has_entry_with_key() {
|
||||||
{
|
|
||||||
local KEY=${1}
|
local KEY=${1}
|
||||||
local DATABASE=${2}
|
local DATABASE=${2}
|
||||||
|
|
||||||
|
@ -202,8 +196,7 @@ function _db_has_entry_with_key
|
||||||
grep --quiet --no-messages --ignore-case "^${KEY_LOOKUP}" "${DATABASE}"
|
grep --quiet --no-messages --ignore-case "^${KEY_LOOKUP}" "${DATABASE}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _db_should_exist_with_content
|
function _db_should_exist_with_content() {
|
||||||
{
|
|
||||||
local DATABASE=${1}
|
local DATABASE=${1}
|
||||||
|
|
||||||
[[ -f ${DATABASE} ]] || _exit_with_error "'${DATABASE}' does not exist"
|
[[ -f ${DATABASE} ]] || _exit_with_error "'${DATABASE}' does not exist"
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# Manage DB writes for: DATABASE_QUOTA
|
# Manage DB writes for: DATABASE_QUOTA
|
||||||
|
|
||||||
# Logic to perform for requested operations handled here:
|
# Logic to perform for requested operations handled here:
|
||||||
function _manage_dovecot_quota
|
function _manage_dovecot_quota() {
|
||||||
{
|
|
||||||
local ACTION=${1}
|
local ACTION=${1}
|
||||||
local MAIL_ACCOUNT=${2}
|
local MAIL_ACCOUNT=${2}
|
||||||
# Only for ACTION 'update':
|
# Only for ACTION 'update':
|
||||||
|
|
|
@ -5,8 +5,7 @@
|
||||||
# - DATABASE_DOVECOT_MASTERS
|
# - DATABASE_DOVECOT_MASTERS
|
||||||
|
|
||||||
# Logic to perform for requested operations handled here:
|
# Logic to perform for requested operations handled here:
|
||||||
function _manage_accounts
|
function _manage_accounts() {
|
||||||
{
|
|
||||||
local ACTION=${1}
|
local ACTION=${1}
|
||||||
local DATABASE=${2}
|
local DATABASE=${2}
|
||||||
local MAIL_ACCOUNT=${3}
|
local MAIL_ACCOUNT=${3}
|
||||||
|
@ -60,8 +59,7 @@ function _manage_accounts_dovecotmaster_delete { _manage_accounts 'delete' "${DA
|
||||||
# - Calling external method '__usage' as part of error handling.
|
# - Calling external method '__usage' as part of error handling.
|
||||||
|
|
||||||
# Also used by setquota, delquota
|
# Also used by setquota, delquota
|
||||||
function _arg_expect_mail_account
|
function _arg_expect_mail_account() {
|
||||||
{
|
|
||||||
[[ -z ${MAIL_ACCOUNT} ]] && { __usage ; _exit_with_error 'No account specified' ; }
|
[[ -z ${MAIL_ACCOUNT} ]] && { __usage ; _exit_with_error 'No account specified' ; }
|
||||||
|
|
||||||
# Dovecot Master accounts are validated (they are not email addresses):
|
# Dovecot Master accounts are validated (they are not email addresses):
|
||||||
|
@ -71,8 +69,7 @@ function _arg_expect_mail_account
|
||||||
[[ ${MAIL_ACCOUNT} =~ .*\@.* ]] || { __usage ; _exit_with_error "'${MAIL_ACCOUNT}' should include the domain (eg: user@example.com)" ; }
|
[[ ${MAIL_ACCOUNT} =~ .*\@.* ]] || { __usage ; _exit_with_error "'${MAIL_ACCOUNT}' should include the domain (eg: user@example.com)" ; }
|
||||||
}
|
}
|
||||||
|
|
||||||
function _account_should_not_exist_yet
|
function _account_should_not_exist_yet() {
|
||||||
{
|
|
||||||
__account_already_exists && _exit_with_error "'${MAIL_ACCOUNT}' already exists"
|
__account_already_exists && _exit_with_error "'${MAIL_ACCOUNT}' already exists"
|
||||||
if [[ -f ${DATABASE_VIRTUAL} ]] && grep -q "^${MAIL_ACCOUNT}" "${DATABASE_VIRTUAL}"; then
|
if [[ -f ${DATABASE_VIRTUAL} ]] && grep -q "^${MAIL_ACCOUNT}" "${DATABASE_VIRTUAL}"; then
|
||||||
_exit_with_error "'${MAIL_ACCOUNT}' is already defined as an alias"
|
_exit_with_error "'${MAIL_ACCOUNT}' is already defined as an alias"
|
||||||
|
@ -80,20 +77,17 @@ function _account_should_not_exist_yet
|
||||||
}
|
}
|
||||||
|
|
||||||
# Also used by delmailuser, setquota, delquota
|
# Also used by delmailuser, setquota, delquota
|
||||||
function _account_should_already_exist
|
function _account_should_already_exist() {
|
||||||
{
|
|
||||||
! __account_already_exists && _exit_with_error "'${MAIL_ACCOUNT}' does not exist"
|
! __account_already_exists && _exit_with_error "'${MAIL_ACCOUNT}' does not exist"
|
||||||
}
|
}
|
||||||
|
|
||||||
function __account_already_exists
|
function __account_already_exists() {
|
||||||
{
|
|
||||||
local DATABASE=${DATABASE:-"${DATABASE_ACCOUNTS}"}
|
local DATABASE=${DATABASE:-"${DATABASE_ACCOUNTS}"}
|
||||||
_db_has_entry_with_key "${MAIL_ACCOUNT}" "${DATABASE}"
|
_db_has_entry_with_key "${MAIL_ACCOUNT}" "${DATABASE}"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Also used by addsaslpassword
|
# Also used by addsaslpassword
|
||||||
function _password_request_if_missing
|
function _password_request_if_missing() {
|
||||||
{
|
|
||||||
if [[ -z ${PASSWD} ]]; then
|
if [[ -z ${PASSWD} ]]; then
|
||||||
read -r -s -p 'Enter Password: ' PASSWD
|
read -r -s -p 'Enter Password: ' PASSWD
|
||||||
echo
|
echo
|
||||||
|
|
|
@ -11,8 +11,7 @@
|
||||||
# mail to an alias address.
|
# mail to an alias address.
|
||||||
|
|
||||||
# Logic to perform for requested operations handled here:
|
# Logic to perform for requested operations handled here:
|
||||||
function _manage_virtual_aliases
|
function _manage_virtual_aliases() {
|
||||||
{
|
|
||||||
local ACTION=${1}
|
local ACTION=${1}
|
||||||
local MAIL_ALIAS=${2}
|
local MAIL_ALIAS=${2}
|
||||||
local RECIPIENT=${3}
|
local RECIPIENT=${3}
|
||||||
|
|
|
@ -2,15 +2,13 @@
|
||||||
|
|
||||||
# Outputs the DNS label count (delimited by `.`) for the given input string.
|
# Outputs the DNS label count (delimited by `.`) for the given input string.
|
||||||
# Useful for determining an FQDN like `mail.example.com` (3), vs `example.com` (2).
|
# Useful for determining an FQDN like `mail.example.com` (3), vs `example.com` (2).
|
||||||
function _get_label_count
|
function _get_label_count() {
|
||||||
{
|
|
||||||
awk -F '.' '{ print NF }' <<< "${1}"
|
awk -F '.' '{ print NF }' <<< "${1}"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Sets HOSTNAME and DOMAINNAME globals used throughout the scripts,
|
# Sets HOSTNAME and DOMAINNAME globals used throughout the scripts,
|
||||||
# and any subprocesses called that intereact with it.
|
# and any subprocesses called that intereact with it.
|
||||||
function _obtain_hostname_and_domainname
|
function _obtain_hostname_and_domainname() {
|
||||||
{
|
|
||||||
# Normally this value would match the output of `hostname` which mirrors `/proc/sys/kernel/hostname`,
|
# Normally this value would match the output of `hostname` which mirrors `/proc/sys/kernel/hostname`,
|
||||||
# However for legacy reasons, the system ENV `HOSTNAME` was replaced here with `hostname -f` instead.
|
# However for legacy reasons, the system ENV `HOSTNAME` was replaced here with `hostname -f` instead.
|
||||||
#
|
#
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
function _exit_with_error
|
function _exit_with_error() {
|
||||||
{
|
|
||||||
if [[ -n ${1+set} ]]; then
|
if [[ -n ${1+set} ]]; then
|
||||||
_log 'error' "${1}"
|
_log 'error' "${1}"
|
||||||
else
|
else
|
||||||
|
@ -19,8 +18,7 @@ function _exit_with_error
|
||||||
# PANIC_TYPE => (Internal value for matching). You should use the convenience methods below based on your panic type.
|
# PANIC_TYPE => (Internal value for matching). You should use the convenience methods below based on your panic type.
|
||||||
# PANIC_INFO => Provide your own message string to insert into the error message for that PANIC_TYPE.
|
# PANIC_INFO => Provide your own message string to insert into the error message for that PANIC_TYPE.
|
||||||
# PANIC_SCOPE => Optionally provide a string for debugging to better identify/locate the source of the panic.
|
# PANIC_SCOPE => Optionally provide a string for debugging to better identify/locate the source of the panic.
|
||||||
function dms_panic
|
function dms_panic() {
|
||||||
{
|
|
||||||
local PANIC_TYPE=${1:-}
|
local PANIC_TYPE=${1:-}
|
||||||
local PANIC_INFO=${2:-}
|
local PANIC_INFO=${2:-}
|
||||||
local PANIC_SCOPE=${3:-}
|
local PANIC_SCOPE=${3:-}
|
||||||
|
@ -76,8 +74,7 @@ function _dms_panic__general { dms_panic 'general' "${1:-}" "${2:-}"
|
||||||
# `dms_panic` methods should be preferred if your failure type is supported.
|
# `dms_panic` methods should be preferred if your failure type is supported.
|
||||||
trap "exit 1" SIGUSR1
|
trap "exit 1" SIGUSR1
|
||||||
SCRIPT_PID=${$}
|
SCRIPT_PID=${$}
|
||||||
function _shutdown
|
function _shutdown() {
|
||||||
{
|
|
||||||
_log 'error' "${1:-_shutdown called without message}"
|
_log 'error' "${1:-_shutdown called without message}"
|
||||||
_log 'error' 'Shutting down'
|
_log 'error' 'Shutting down'
|
||||||
|
|
||||||
|
@ -91,13 +88,11 @@ function _shutdown
|
||||||
#
|
#
|
||||||
# This is mostly useful for debugging. It also helps when using something like `set -eE`,
|
# This is mostly useful for debugging. It also helps when using something like `set -eE`,
|
||||||
# as it shows where the script aborts.
|
# as it shows where the script aborts.
|
||||||
function _trap_err_signal
|
function _trap_err_signal() {
|
||||||
{
|
|
||||||
trap '__log_unexpected_error "${FUNCNAME[0]:-}" "${BASH_COMMAND:-}" "${LINENO:-}" "${?:-}"' ERR
|
trap '__log_unexpected_error "${FUNCNAME[0]:-}" "${BASH_COMMAND:-}" "${LINENO:-}" "${?:-}"' ERR
|
||||||
|
|
||||||
# shellcheck disable=SC2317
|
# shellcheck disable=SC2317
|
||||||
function __log_unexpected_error
|
function __log_unexpected_error() {
|
||||||
{
|
|
||||||
local MESSAGE="Unexpected error occured :: script = ${SCRIPT:-${0}} "
|
local MESSAGE="Unexpected error occured :: script = ${SCRIPT:-${0}} "
|
||||||
MESSAGE+=" | function = ${1:-none (global)}"
|
MESSAGE+=" | function = ${1:-none (global)}"
|
||||||
MESSAGE+=" | command = ${2:-?}"
|
MESSAGE+=" | command = ${2:-?}"
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# shellcheck source-path=target/scripts/helpers
|
# shellcheck source-path=target/scripts/helpers
|
||||||
# This file serves as a single import for all helpers
|
# This file serves as a single import for all helpers
|
||||||
|
|
||||||
function _import_scripts
|
function _import_scripts() {
|
||||||
{
|
|
||||||
local PATH_TO_SCRIPTS='/usr/local/bin/helpers'
|
local PATH_TO_SCRIPTS='/usr/local/bin/helpers'
|
||||||
|
|
||||||
source "${PATH_TO_SCRIPTS}/accounts.sh"
|
source "${PATH_TO_SCRIPTS}/accounts.sh"
|
||||||
|
|
|
@ -7,8 +7,7 @@ SCRIPT_NAME=$(basename "$0")
|
||||||
# prevent removal by other instances of docker-mailserver
|
# prevent removal by other instances of docker-mailserver
|
||||||
LOCK_ID=$(uuid)
|
LOCK_ID=$(uuid)
|
||||||
|
|
||||||
function _create_lock
|
function _create_lock() {
|
||||||
{
|
|
||||||
LOCK_FILE="/tmp/docker-mailserver/${SCRIPT_NAME}.lock"
|
LOCK_FILE="/tmp/docker-mailserver/${SCRIPT_NAME}.lock"
|
||||||
while [[ -e "${LOCK_FILE}" ]]
|
while [[ -e "${LOCK_FILE}" ]]
|
||||||
do
|
do
|
||||||
|
@ -28,8 +27,7 @@ function _create_lock
|
||||||
echo "${LOCK_ID}" >"${LOCK_FILE}"
|
echo "${LOCK_ID}" >"${LOCK_FILE}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _remove_lock
|
function _remove_lock() {
|
||||||
{
|
|
||||||
LOCK_FILE="${LOCK_FILE:-"/tmp/docker-mailserver/${SCRIPT_NAME}.lock"}"
|
LOCK_FILE="${LOCK_FILE:-"/tmp/docker-mailserver/${SCRIPT_NAME}.lock"}"
|
||||||
[[ -z "${LOCK_ID}" ]] && _exit_with_error "Cannot remove '${LOCK_FILE}' as there is no LOCK_ID set"
|
[[ -z "${LOCK_ID}" ]] && _exit_with_error "Cannot remove '${LOCK_FILE}' as there is no LOCK_ID set"
|
||||||
if [[ -e "${LOCK_FILE}" ]] && grep -q "${LOCK_ID}" "${LOCK_FILE}"; then # Ensure we don't delete a lock that's not ours
|
if [[ -e "${LOCK_FILE}" ]] && grep -q "${LOCK_ID}" "${LOCK_FILE}"; then # Ensure we don't delete a lock that's not ours
|
||||||
|
|
|
@ -42,8 +42,7 @@ RESET=$(echo -ne '\e[0m')
|
||||||
# If the first argument is not set or invalid, an error
|
# If the first argument is not set or invalid, an error
|
||||||
# message is logged. Likewise when the second argument
|
# message is logged. Likewise when the second argument
|
||||||
# is missing. Both failures will return with exit code '1'.
|
# is missing. Both failures will return with exit code '1'.
|
||||||
function _log
|
function _log() {
|
||||||
{
|
|
||||||
if [[ -z ${1+set} ]]; then
|
if [[ -z ${1+set} ]]; then
|
||||||
_log 'error' "Call to '_log' is missing a valid log level"
|
_log 'error' "Call to '_log' is missing a valid log level"
|
||||||
return 1
|
return 1
|
||||||
|
@ -106,8 +105,7 @@ function _log
|
||||||
}
|
}
|
||||||
|
|
||||||
# Like `_log` but adds a timestamp in front of the message.
|
# Like `_log` but adds a timestamp in front of the message.
|
||||||
function _log_with_date
|
function _log_with_date() {
|
||||||
{
|
|
||||||
_log "${1}" "$(date '+%Y-%m-%d %H:%M:%S') ${2}"
|
_log "${1}" "$(date '+%Y-%m-%d %H:%M:%S') ${2}"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -115,8 +113,7 @@ function _log_with_date
|
||||||
# it is set. Otherwise, try to query the common environment
|
# it is set. Otherwise, try to query the common environment
|
||||||
# variables file. If this does not yield a value either,
|
# variables file. If this does not yield a value either,
|
||||||
# use the default log level.
|
# use the default log level.
|
||||||
function _get_log_level_or_default
|
function _get_log_level_or_default() {
|
||||||
{
|
|
||||||
if [[ -n ${LOG_LEVEL+set} ]]; then
|
if [[ -n ${LOG_LEVEL+set} ]]; then
|
||||||
echo "${LOG_LEVEL}"
|
echo "${LOG_LEVEL}"
|
||||||
elif [[ -e /etc/dms-settings ]] && grep -q -E "^LOG_LEVEL='[a-z]+'" /etc/dms-settings; then
|
elif [[ -e /etc/dms-settings ]] && grep -q -E "^LOG_LEVEL='[a-z]+'" /etc/dms-settings; then
|
||||||
|
@ -128,7 +125,6 @@ function _get_log_level_or_default
|
||||||
|
|
||||||
# This function checks whether the log level is the one
|
# This function checks whether the log level is the one
|
||||||
# provided as the first argument.
|
# provided as the first argument.
|
||||||
function _log_level_is
|
function _log_level_is() {
|
||||||
{
|
|
||||||
[[ $(_get_log_level_or_default) =~ ^${1}$ ]]
|
[[ $(_get_log_level_or_default) =~ ^${1}$ ]]
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
function _mask_ip_digit
|
function _mask_ip_digit() {
|
||||||
{
|
|
||||||
if [[ ${1} -ge 8 ]]; then
|
if [[ ${1} -ge 8 ]]; then
|
||||||
MASK=255
|
MASK=255
|
||||||
elif [[ ${1} -le 0 ]]; then
|
elif [[ ${1} -le 0 ]]; then
|
||||||
|
@ -21,8 +20,7 @@ function _mask_ip_digit
|
||||||
# like 1.2.3.4/16 to subnet with cidr suffix
|
# like 1.2.3.4/16 to subnet with cidr suffix
|
||||||
# like 1.2.0.0/16.
|
# like 1.2.0.0/16.
|
||||||
# Assumes correct IP and subnet are provided.
|
# Assumes correct IP and subnet are provided.
|
||||||
function _sanitize_ipv4_to_subnet_cidr
|
function _sanitize_ipv4_to_subnet_cidr() {
|
||||||
{
|
|
||||||
local DIGIT_PREFIX_LENGTH="${1#*/}"
|
local DIGIT_PREFIX_LENGTH="${1#*/}"
|
||||||
|
|
||||||
declare -a MASKED_DIGITS DIGITS
|
declare -a MASKED_DIGITS DIGITS
|
||||||
|
|
|
@ -17,8 +17,7 @@
|
||||||
# Should not be a concern for most types used by `docker-mailserver`: texthash, ldap, pcre, tcp, unionmap, unix.
|
# Should not be a concern for most types used by `docker-mailserver`: texthash, ldap, pcre, tcp, unionmap, unix.
|
||||||
# The only other type in use by `docker-mailserver` is the hash type for /etc/aliases, which `postalias` handles.
|
# The only other type in use by `docker-mailserver` is the hash type for /etc/aliases, which `postalias` handles.
|
||||||
|
|
||||||
function _create_postfix_vhost
|
function _create_postfix_vhost() {
|
||||||
{
|
|
||||||
# `main.cf` configures `virtual_mailbox_domains = /etc/postfix/vhost`
|
# `main.cf` configures `virtual_mailbox_domains = /etc/postfix/vhost`
|
||||||
# NOTE: Amavis also consumes this file.
|
# NOTE: Amavis also consumes this file.
|
||||||
local DATABASE_VHOST='/etc/postfix/vhost'
|
local DATABASE_VHOST='/etc/postfix/vhost'
|
||||||
|
@ -29,8 +28,7 @@ function _create_postfix_vhost
|
||||||
}
|
}
|
||||||
|
|
||||||
# Filter unique values into a proper DATABASE_VHOST config:
|
# Filter unique values into a proper DATABASE_VHOST config:
|
||||||
function _create_vhost
|
function _create_vhost() {
|
||||||
{
|
|
||||||
: >"${DATABASE_VHOST}"
|
: >"${DATABASE_VHOST}"
|
||||||
|
|
||||||
if [[ -f ${TMP_VHOST} ]]; then
|
if [[ -f ${TMP_VHOST} ]]; then
|
||||||
|
@ -40,8 +38,7 @@ function _create_vhost
|
||||||
}
|
}
|
||||||
|
|
||||||
# Collects domains from configs (DATABASE_) into TMP_VHOST
|
# Collects domains from configs (DATABASE_) into TMP_VHOST
|
||||||
function _vhost_collect_postfix_domains
|
function _vhost_collect_postfix_domains() {
|
||||||
{
|
|
||||||
local DATABASE_ACCOUNTS='/tmp/docker-mailserver/postfix-accounts.cf'
|
local DATABASE_ACCOUNTS='/tmp/docker-mailserver/postfix-accounts.cf'
|
||||||
local DATABASE_VIRTUAL='/tmp/docker-mailserver/postfix-virtual.cf'
|
local DATABASE_VIRTUAL='/tmp/docker-mailserver/postfix-virtual.cf'
|
||||||
local DOMAIN UNAME
|
local DOMAIN UNAME
|
||||||
|
@ -75,8 +72,7 @@ function _vhost_collect_postfix_domains
|
||||||
# - `main.cf:mydestination` setting removes `$mydestination` as an LDAP bugfix.
|
# - `main.cf:mydestination` setting removes `$mydestination` as an LDAP bugfix.
|
||||||
# - `main.cf:virtual_mailbox_domains` uses `/etc/postfix/vhost`, but may
|
# - `main.cf:virtual_mailbox_domains` uses `/etc/postfix/vhost`, but may
|
||||||
# conditionally include a 2nd table (ldap:/etc/postfix/ldap-domains.cf).
|
# conditionally include a 2nd table (ldap:/etc/postfix/ldap-domains.cf).
|
||||||
function _vhost_ldap_support
|
function _vhost_ldap_support() {
|
||||||
{
|
|
||||||
[[ ${ACCOUNT_PROVISIONER} == 'LDAP' ]] && echo "${DOMAINNAME}" >>"${TMP_VHOST}"
|
[[ ${ACCOUNT_PROVISIONER} == 'LDAP' ]] && echo "${DOMAINNAME}" >>"${TMP_VHOST}"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -53,15 +53,13 @@
|
||||||
# That shouldn't be a breaking change, as long as the mapping is maintained correctly.
|
# That shouldn't be a breaking change, as long as the mapping is maintained correctly.
|
||||||
# TODO: RELAY_HOST should consider dropping `[]` and require the user to include that?
|
# TODO: RELAY_HOST should consider dropping `[]` and require the user to include that?
|
||||||
# Future refactor for _populate_relayhost_map may warrant dropping these two ENV in favor of DEFAULT_RELAY_HOST?
|
# Future refactor for _populate_relayhost_map may warrant dropping these two ENV in favor of DEFAULT_RELAY_HOST?
|
||||||
function _env_relay_host
|
function _env_relay_host() {
|
||||||
{
|
|
||||||
echo "[${RELAY_HOST}]:${RELAY_PORT:-25}"
|
echo "[${RELAY_HOST}]:${RELAY_PORT:-25}"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Responsible for `postfix-sasl-password.cf` support:
|
# Responsible for `postfix-sasl-password.cf` support:
|
||||||
# `/etc/postfix/sasl_passwd` example at end of file.
|
# `/etc/postfix/sasl_passwd` example at end of file.
|
||||||
function _relayhost_sasl
|
function _relayhost_sasl() {
|
||||||
{
|
|
||||||
if [[ ! -f /tmp/docker-mailserver/postfix-sasl-password.cf ]] \
|
if [[ ! -f /tmp/docker-mailserver/postfix-sasl-password.cf ]] \
|
||||||
&& [[ -z ${RELAY_USER} || -z ${RELAY_PASSWORD} ]]
|
&& [[ -z ${RELAY_USER} || -z ${RELAY_PASSWORD} ]]
|
||||||
then
|
then
|
||||||
|
@ -108,8 +106,7 @@ function _relayhost_sasl
|
||||||
# to a separate transport (which can drop the `relayhost` setting) would be more appropriate.
|
# to a separate transport (which can drop the `relayhost` setting) would be more appropriate.
|
||||||
# TODO: With `sender_dependent_default_transport_maps`, we can extract out the excluded domains and route them through a separate transport.
|
# TODO: With `sender_dependent_default_transport_maps`, we can extract out the excluded domains and route them through a separate transport.
|
||||||
# while deprecating that support in favor of a transport config, similar to what is offered currently via sasl_passwd and relayhost_map.
|
# while deprecating that support in favor of a transport config, similar to what is offered currently via sasl_passwd and relayhost_map.
|
||||||
function _populate_relayhost_map
|
function _populate_relayhost_map() {
|
||||||
{
|
|
||||||
# Create the relayhost_map config file:
|
# Create the relayhost_map config file:
|
||||||
: >/etc/postfix/relayhost_map
|
: >/etc/postfix/relayhost_map
|
||||||
chown root:root /etc/postfix/relayhost_map
|
chown root:root /etc/postfix/relayhost_map
|
||||||
|
@ -142,8 +139,7 @@ function _populate_relayhost_map
|
||||||
# map to a different relay-host, or use a separate transport (needs feature support added).
|
# map to a different relay-host, or use a separate transport (needs feature support added).
|
||||||
|
|
||||||
# Args: <PRINT_DOMAIN_PART_> <config filepath>
|
# Args: <PRINT_DOMAIN_PART_> <config filepath>
|
||||||
function _list_domain_parts
|
function _list_domain_parts() {
|
||||||
{
|
|
||||||
[[ -f $2 ]] && sed -n -r "/${MATCH_VALID}/ ${1}" "${2}"
|
[[ -f $2 ]] && sed -n -r "/${MATCH_VALID}/ ${1}" "${2}"
|
||||||
}
|
}
|
||||||
# Matches and outputs (capture group via `/\1/p`) the domain part (value of address after `@`) in the config file.
|
# Matches and outputs (capture group via `/\1/p`) the domain part (value of address after `@`) in the config file.
|
||||||
|
@ -167,16 +163,14 @@ function _populate_relayhost_map
|
||||||
postconf 'sender_dependent_relayhost_maps = texthash:/etc/postfix/relayhost_map'
|
postconf 'sender_dependent_relayhost_maps = texthash:/etc/postfix/relayhost_map'
|
||||||
}
|
}
|
||||||
|
|
||||||
function _relayhost_configure_postfix
|
function _relayhost_configure_postfix() {
|
||||||
{
|
|
||||||
postconf \
|
postconf \
|
||||||
'smtp_sasl_auth_enable = yes' \
|
'smtp_sasl_auth_enable = yes' \
|
||||||
'smtp_sasl_security_options = noanonymous' \
|
'smtp_sasl_security_options = noanonymous' \
|
||||||
'smtp_tls_security_level = encrypt'
|
'smtp_tls_security_level = encrypt'
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_relayhost
|
function _setup_relayhost() {
|
||||||
{
|
|
||||||
_log 'debug' 'Setting up Postfix Relay Hosts'
|
_log 'debug' 'Setting up Postfix Relay Hosts'
|
||||||
|
|
||||||
if [[ -n ${DEFAULT_RELAY_HOST} ]]; then
|
if [[ -n ${DEFAULT_RELAY_HOST} ]]; then
|
||||||
|
@ -194,8 +188,7 @@ function _setup_relayhost
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _rebuild_relayhost
|
function _rebuild_relayhost() {
|
||||||
{
|
|
||||||
if [[ -n ${RELAY_HOST} ]]; then
|
if [[ -n ${RELAY_HOST} ]]; then
|
||||||
_relayhost_sasl
|
_relayhost_sasl
|
||||||
_populate_relayhost_map
|
_populate_relayhost_map
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
function _setup_dhparam
|
function _setup_dhparam() {
|
||||||
{
|
|
||||||
local DH_SERVICE=$1
|
local DH_SERVICE=$1
|
||||||
local DH_DEST=$2
|
local DH_DEST=$2
|
||||||
local DH_CUSTOM='/tmp/docker-mailserver/dhparams.pem'
|
local DH_CUSTOM='/tmp/docker-mailserver/dhparams.pem'
|
||||||
|
@ -18,8 +17,7 @@ function _setup_dhparam
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_ssl
|
function _setup_ssl() {
|
||||||
{
|
|
||||||
_log 'debug' 'Setting up SSL'
|
_log 'debug' 'Setting up SSL'
|
||||||
|
|
||||||
local POSTFIX_CONFIG_MAIN='/etc/postfix/main.cf'
|
local POSTFIX_CONFIG_MAIN='/etc/postfix/main.cf'
|
||||||
|
@ -31,8 +29,7 @@ function _setup_ssl
|
||||||
mkdir -p "${DMS_TLS_PATH}"
|
mkdir -p "${DMS_TLS_PATH}"
|
||||||
|
|
||||||
# Primary certificate to serve for TLS
|
# Primary certificate to serve for TLS
|
||||||
function _set_certificate
|
function _set_certificate() {
|
||||||
{
|
|
||||||
local POSTFIX_KEY_WITH_FULLCHAIN=${1}
|
local POSTFIX_KEY_WITH_FULLCHAIN=${1}
|
||||||
local DOVECOT_KEY=${1}
|
local DOVECOT_KEY=${1}
|
||||||
local DOVECOT_CERT=${1}
|
local DOVECOT_CERT=${1}
|
||||||
|
@ -60,8 +57,7 @@ function _setup_ssl
|
||||||
}
|
}
|
||||||
|
|
||||||
# Enables supporting two certificate types such as ECDSA with an RSA fallback
|
# Enables supporting two certificate types such as ECDSA with an RSA fallback
|
||||||
function _set_alt_certificate
|
function _set_alt_certificate() {
|
||||||
{
|
|
||||||
local COPY_KEY_FROM_PATH=$1
|
local COPY_KEY_FROM_PATH=$1
|
||||||
local COPY_CERT_FROM_PATH=$2
|
local COPY_CERT_FROM_PATH=$2
|
||||||
local PRIVATE_KEY_ALT="${DMS_TLS_PATH}/fallback_key"
|
local PRIVATE_KEY_ALT="${DMS_TLS_PATH}/fallback_key"
|
||||||
|
@ -88,8 +84,7 @@ function _setup_ssl
|
||||||
"${DOVECOT_CONFIG_SSL}"
|
"${DOVECOT_CONFIG_SSL}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _apply_tls_level
|
function _apply_tls_level() {
|
||||||
{
|
|
||||||
local TLS_CIPHERS_ALLOW=$1
|
local TLS_CIPHERS_ALLOW=$1
|
||||||
local TLS_PROTOCOL_IGNORE=$2
|
local TLS_PROTOCOL_IGNORE=$2
|
||||||
local TLS_PROTOCOL_MINIMUM=$3
|
local TLS_PROTOCOL_MINIMUM=$3
|
||||||
|
@ -113,8 +108,7 @@ function _setup_ssl
|
||||||
# Extracts files `key.pem` and `fullchain.pem`.
|
# Extracts files `key.pem` and `fullchain.pem`.
|
||||||
# `_extract_certs_from_acme` is located in `helpers/ssl.sh`
|
# `_extract_certs_from_acme` is located in `helpers/ssl.sh`
|
||||||
# NOTE: See the `SSL_TYPE=letsencrypt` case below for more details.
|
# NOTE: See the `SSL_TYPE=letsencrypt` case below for more details.
|
||||||
function _traefik_support
|
function _traefik_support() {
|
||||||
{
|
|
||||||
if [[ -f /etc/letsencrypt/acme.json ]]; then
|
if [[ -f /etc/letsencrypt/acme.json ]]; then
|
||||||
# Variable only intended for troubleshooting via debug output
|
# Variable only intended for troubleshooting via debug output
|
||||||
local EXTRACTED_DOMAIN
|
local EXTRACTED_DOMAIN
|
||||||
|
@ -379,8 +373,7 @@ function _setup_ssl
|
||||||
|
|
||||||
|
|
||||||
# Identify a valid letsencrypt FQDN folder to use.
|
# Identify a valid letsencrypt FQDN folder to use.
|
||||||
function _find_letsencrypt_domain
|
function _find_letsencrypt_domain() {
|
||||||
{
|
|
||||||
local LETSENCRYPT_DOMAIN
|
local LETSENCRYPT_DOMAIN
|
||||||
|
|
||||||
if [[ -n ${SSL_DOMAIN} ]] && [[ -e /etc/letsencrypt/live/$(_strip_wildcard_prefix "${SSL_DOMAIN}")/fullchain.pem ]]; then
|
if [[ -n ${SSL_DOMAIN} ]] && [[ -e /etc/letsencrypt/live/$(_strip_wildcard_prefix "${SSL_DOMAIN}")/fullchain.pem ]]; then
|
||||||
|
@ -398,8 +391,7 @@ function _find_letsencrypt_domain
|
||||||
}
|
}
|
||||||
|
|
||||||
# Verify the FQDN folder also includes a valid private key (`privkey.pem` for Certbot, `key.pem` for extraction by Traefik)
|
# Verify the FQDN folder also includes a valid private key (`privkey.pem` for Certbot, `key.pem` for extraction by Traefik)
|
||||||
function _find_letsencrypt_key
|
function _find_letsencrypt_key() {
|
||||||
{
|
|
||||||
local LETSENCRYPT_KEY
|
local LETSENCRYPT_KEY
|
||||||
|
|
||||||
local LETSENCRYPT_DOMAIN=${1}
|
local LETSENCRYPT_DOMAIN=${1}
|
||||||
|
@ -419,8 +411,7 @@ function _find_letsencrypt_key
|
||||||
echo "${LETSENCRYPT_KEY}"
|
echo "${LETSENCRYPT_KEY}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _extract_certs_from_acme
|
function _extract_certs_from_acme() {
|
||||||
{
|
|
||||||
local CERT_DOMAIN=${1}
|
local CERT_DOMAIN=${1}
|
||||||
if [[ -z ${CERT_DOMAIN} ]]; then
|
if [[ -z ${CERT_DOMAIN} ]]; then
|
||||||
_log 'warn' "_extract_certs_from_acme | CERT_DOMAIN is empty"
|
_log 'warn' "_extract_certs_from_acme | CERT_DOMAIN is empty"
|
||||||
|
|
|
@ -1,21 +1,18 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
function _escape
|
function _escape() {
|
||||||
{
|
|
||||||
echo "${1//./\\.}"
|
echo "${1//./\\.}"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Returns input after filtering out lines that are:
|
# Returns input after filtering out lines that are:
|
||||||
# empty, white-space, comments (`#` as the first non-whitespace character)
|
# empty, white-space, comments (`#` as the first non-whitespace character)
|
||||||
function _get_valid_lines_from_file
|
function _get_valid_lines_from_file() {
|
||||||
{
|
|
||||||
grep --extended-regexp --invert-match "^\s*$|^\s*#" "${1}" || true
|
grep --extended-regexp --invert-match "^\s*$|^\s*#" "${1}" || true
|
||||||
}
|
}
|
||||||
|
|
||||||
# Provide the name of an environment variable to this function
|
# Provide the name of an environment variable to this function
|
||||||
# and it will return its value stored in /etc/dms-settings
|
# and it will return its value stored in /etc/dms-settings
|
||||||
function _get_dms_env_value
|
function _get_dms_env_value() {
|
||||||
{
|
|
||||||
if [[ -f /etc/dms-settings ]]; then
|
if [[ -f /etc/dms-settings ]]; then
|
||||||
grep "^${1}=" /etc/dms-settings | cut -d "'" -f 2
|
grep "^${1}=" /etc/dms-settings | cut -d "'" -f 2
|
||||||
else
|
else
|
||||||
|
@ -30,8 +27,7 @@ function _get_dms_env_value
|
||||||
#
|
#
|
||||||
# `helpers/accounts.sh:_create_accounts` (mkdir, cp) appears to be the only writer to
|
# `helpers/accounts.sh:_create_accounts` (mkdir, cp) appears to be the only writer to
|
||||||
# /var/mail folders (used during startup and change detection handling).
|
# /var/mail folders (used during startup and change detection handling).
|
||||||
function _chown_var_mail_if_necessary
|
function _chown_var_mail_if_necessary() {
|
||||||
{
|
|
||||||
# fix permissions, but skip this if 3 levels deep the user id is already set
|
# fix permissions, but skip this if 3 levels deep the user id is already set
|
||||||
if find /var/mail -maxdepth 3 -a \( \! -user 5000 -o \! -group 5000 \) | read -r; then
|
if find /var/mail -maxdepth 3 -a \( \! -user 5000 -o \! -group 5000 \) | read -r; then
|
||||||
_log 'trace' 'Fixing /var/mail permissions'
|
_log 'trace' 'Fixing /var/mail permissions'
|
||||||
|
@ -39,8 +35,7 @@ function _chown_var_mail_if_necessary
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _require_n_parameters_or_print_usage
|
function _require_n_parameters_or_print_usage() {
|
||||||
{
|
|
||||||
local COUNT
|
local COUNT
|
||||||
COUNT=${1}
|
COUNT=${1}
|
||||||
shift
|
shift
|
||||||
|
@ -55,15 +50,13 @@ function _require_n_parameters_or_print_usage
|
||||||
# After we modify the config explicitly, we can safely assume (reasonably)
|
# After we modify the config explicitly, we can safely assume (reasonably)
|
||||||
# that the write stream has completed, and it is safe to read the config.
|
# that the write stream has completed, and it is safe to read the config.
|
||||||
# https://github.com/docker-mailserver/docker-mailserver/issues/2985
|
# https://github.com/docker-mailserver/docker-mailserver/issues/2985
|
||||||
function _adjust_mtime_for_postfix_maincf
|
function _adjust_mtime_for_postfix_maincf() {
|
||||||
{
|
|
||||||
if [[ $(( $(date '+%s') - $(stat -c '%Y' '/etc/postfix/main.cf') )) -lt 2 ]]; then
|
if [[ $(( $(date '+%s') - $(stat -c '%Y' '/etc/postfix/main.cf') )) -lt 2 ]]; then
|
||||||
touch -d '2 seconds ago' /etc/postfix/main.cf
|
touch -d '2 seconds ago' /etc/postfix/main.cf
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _reload_postfix
|
function _reload_postfix() {
|
||||||
{
|
|
||||||
_adjust_mtime_for_postfix_maincf
|
_adjust_mtime_for_postfix_maincf
|
||||||
postfix reload
|
postfix reload
|
||||||
}
|
}
|
||||||
|
@ -92,8 +85,7 @@ function _reload_postfix
|
||||||
#
|
#
|
||||||
# 1. No first and second argument is supplied
|
# 1. No first and second argument is supplied
|
||||||
# 2. The second argument is a path to a file that does not exist
|
# 2. The second argument is a path to a file that does not exist
|
||||||
function _replace_by_env_in_file
|
function _replace_by_env_in_file() {
|
||||||
{
|
|
||||||
if [[ -z ${1+set} ]]; then
|
if [[ -z ${1+set} ]]; then
|
||||||
_dms_panic__invalid_value 'first argument unset' 'utils.sh:_replace_by_env_in_file'
|
_dms_panic__invalid_value 'first argument unset' 'utils.sh:_replace_by_env_in_file'
|
||||||
elif [[ -z ${2+set} ]]; then
|
elif [[ -z ${2+set} ]]; then
|
||||||
|
@ -123,8 +115,7 @@ function _replace_by_env_in_file
|
||||||
# is not zero or one.
|
# is not zero or one.
|
||||||
#
|
#
|
||||||
# @param ${1} = name of the ENV variable to check
|
# @param ${1} = name of the ENV variable to check
|
||||||
function _env_var_expect_zero_or_one
|
function _env_var_expect_zero_or_one() {
|
||||||
{
|
|
||||||
local ENV_VAR_NAME=${1:?ENV var name must be provided to _env_var_expect_zero_or_one}
|
local ENV_VAR_NAME=${1:?ENV var name must be provided to _env_var_expect_zero_or_one}
|
||||||
|
|
||||||
[[ ${!ENV_VAR_NAME} =~ ^(0|1)$ ]] && return 0
|
[[ ${!ENV_VAR_NAME} =~ ^(0|1)$ ]] && return 0
|
||||||
|
@ -138,8 +129,7 @@ function _env_var_expect_zero_or_one
|
||||||
# is not an integer.
|
# is not an integer.
|
||||||
#
|
#
|
||||||
# @param ${1} = name of the ENV variable to check
|
# @param ${1} = name of the ENV variable to check
|
||||||
function _env_var_expect_integer
|
function _env_var_expect_integer() {
|
||||||
{
|
|
||||||
local ENV_VAR_NAME=${1:?ENV var name must be provided to _env_var_expect_integer}
|
local ENV_VAR_NAME=${1:?ENV var name must be provided to _env_var_expect_integer}
|
||||||
|
|
||||||
[[ ${!ENV_VAR_NAME} =~ ^-?[0-9][0-9]*$ ]] && return 0
|
[[ ${!ENV_VAR_NAME} =~ ^-?[0-9][0-9]*$ ]] && return 0
|
||||||
|
|
|
@ -27,8 +27,7 @@ source /usr/local/bin/daemons-stack.sh
|
||||||
# ? >> Registering functions
|
# ? >> Registering functions
|
||||||
# ------------------------------------------------------------
|
# ------------------------------------------------------------
|
||||||
|
|
||||||
function _register_functions
|
function _register_functions() {
|
||||||
{
|
|
||||||
_log 'debug' 'Registering functions'
|
_log 'debug' 'Registering functions'
|
||||||
|
|
||||||
# ? >> Checks
|
# ? >> Checks
|
||||||
|
|
|
@ -2,14 +2,12 @@
|
||||||
|
|
||||||
declare -a FUNCS_CHECK
|
declare -a FUNCS_CHECK
|
||||||
|
|
||||||
function _register_check_function
|
function _register_check_function() {
|
||||||
{
|
|
||||||
FUNCS_CHECK+=("${1}")
|
FUNCS_CHECK+=("${1}")
|
||||||
_log 'trace' "${1}() registered"
|
_log 'trace' "${1}() registered"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _check
|
function _check() {
|
||||||
{
|
|
||||||
_log 'info' 'Checking configuration'
|
_log 'info' 'Checking configuration'
|
||||||
for FUNC in "${FUNCS_CHECK[@]}"
|
for FUNC in "${FUNCS_CHECK[@]}"
|
||||||
do
|
do
|
||||||
|
@ -17,8 +15,7 @@ function _check
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
function _check_improper_restart
|
function _check_improper_restart() {
|
||||||
{
|
|
||||||
_log 'debug' 'Checking for improper restart'
|
_log 'debug' 'Checking for improper restart'
|
||||||
|
|
||||||
if [[ -f /CONTAINER_START ]]; then
|
if [[ -f /CONTAINER_START ]]; then
|
||||||
|
@ -27,8 +24,7 @@ function _check_improper_restart
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _check_hostname
|
function _check_hostname() {
|
||||||
{
|
|
||||||
_log 'debug' 'Checking that hostname/domainname is provided or overridden'
|
_log 'debug' 'Checking that hostname/domainname is provided or overridden'
|
||||||
|
|
||||||
_log 'debug' "Domain has been set to ${DOMAINNAME}"
|
_log 'debug' "Domain has been set to ${DOMAINNAME}"
|
||||||
|
@ -40,8 +36,7 @@ function _check_hostname
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _check_log_level
|
function _check_log_level() {
|
||||||
{
|
|
||||||
if [[ ${LOG_LEVEL} == 'trace' ]] \
|
if [[ ${LOG_LEVEL} == 'trace' ]] \
|
||||||
|| [[ ${LOG_LEVEL} == 'debug' ]] \
|
|| [[ ${LOG_LEVEL} == 'debug' ]] \
|
||||||
|| [[ ${LOG_LEVEL} == 'info' ]] \
|
|| [[ ${LOG_LEVEL} == 'info' ]] \
|
||||||
|
|
|
@ -2,14 +2,12 @@
|
||||||
|
|
||||||
declare -a DAEMONS_START
|
declare -a DAEMONS_START
|
||||||
|
|
||||||
function _register_start_daemon
|
function _register_start_daemon() {
|
||||||
{
|
|
||||||
DAEMONS_START+=("${1}")
|
DAEMONS_START+=("${1}")
|
||||||
_log 'trace' "${1}() registered"
|
_log 'trace' "${1}() registered"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _start_daemons
|
function _start_daemons() {
|
||||||
{
|
|
||||||
_log 'info' 'Starting daemons'
|
_log 'info' 'Starting daemons'
|
||||||
|
|
||||||
for FUNCTION in "${DAEMONS_START[@]}"
|
for FUNCTION in "${DAEMONS_START[@]}"
|
||||||
|
@ -18,8 +16,7 @@ function _start_daemons
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
function _default_start_daemon
|
function _default_start_daemon() {
|
||||||
{
|
|
||||||
_log 'debug' "Starting ${1:?}"
|
_log 'debug' "Starting ${1:?}"
|
||||||
|
|
||||||
local RESULT
|
local RESULT
|
||||||
|
@ -47,19 +44,16 @@ function _start_daemon_rspamd_redis { _default_start_daemon 'rspamd-redis' ;
|
||||||
function _start_daemon_rsyslog { _default_start_daemon 'rsyslog' ; }
|
function _start_daemon_rsyslog { _default_start_daemon 'rsyslog' ; }
|
||||||
function _start_daemon_update_check { _default_start_daemon 'update-check' ; }
|
function _start_daemon_update_check { _default_start_daemon 'update-check' ; }
|
||||||
|
|
||||||
function _start_daemon_saslauthd
|
function _start_daemon_saslauthd() {
|
||||||
{
|
|
||||||
_default_start_daemon "saslauthd_${SASLAUTHD_MECHANISMS}"
|
_default_start_daemon "saslauthd_${SASLAUTHD_MECHANISMS}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _start_daemon_postfix
|
function _start_daemon_postfix() {
|
||||||
{
|
|
||||||
_adjust_mtime_for_postfix_maincf
|
_adjust_mtime_for_postfix_maincf
|
||||||
_default_start_daemon 'postfix'
|
_default_start_daemon 'postfix'
|
||||||
}
|
}
|
||||||
|
|
||||||
function _start_daemon_fetchmail
|
function _start_daemon_fetchmail() {
|
||||||
{
|
|
||||||
if [[ ${FETCHMAIL_PARALLEL} -eq 1 ]]; then
|
if [[ ${FETCHMAIL_PARALLEL} -eq 1 ]]; then
|
||||||
local COUNTER=0
|
local COUNTER=0
|
||||||
for _ in /etc/fetchmailrc.d/fetchmail-*.rc
|
for _ in /etc/fetchmailrc.d/fetchmail-*.rc
|
||||||
|
|
|
@ -2,14 +2,12 @@
|
||||||
|
|
||||||
declare -a FUNCS_SETUP
|
declare -a FUNCS_SETUP
|
||||||
|
|
||||||
function _register_setup_function
|
function _register_setup_function() {
|
||||||
{
|
|
||||||
FUNCS_SETUP+=("${1}")
|
FUNCS_SETUP+=("${1}")
|
||||||
_log 'trace' "${1}() registered"
|
_log 'trace' "${1}() registered"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup
|
function _setup() {
|
||||||
{
|
|
||||||
# Requires `shopt -s globstar` because of `**` which in
|
# Requires `shopt -s globstar` because of `**` which in
|
||||||
# turn is required as we're decending through directories
|
# turn is required as we're decending through directories
|
||||||
for FILE in /usr/local/bin/setup.d/**/*.sh
|
for FILE in /usr/local/bin/setup.d/**/*.sh
|
||||||
|
@ -28,8 +26,7 @@ function _setup
|
||||||
_prepare_for_change_detection
|
_prepare_for_change_detection
|
||||||
}
|
}
|
||||||
|
|
||||||
function _early_supervisor_setup
|
function _early_supervisor_setup() {
|
||||||
{
|
|
||||||
SUPERVISOR_LOGLEVEL="${SUPERVISOR_LOGLEVEL:-warn}"
|
SUPERVISOR_LOGLEVEL="${SUPERVISOR_LOGLEVEL:-warn}"
|
||||||
|
|
||||||
if ! grep -q "loglevel = ${SUPERVISOR_LOGLEVEL}" /etc/supervisor/supervisord.conf; then
|
if ! grep -q "loglevel = ${SUPERVISOR_LOGLEVEL}" /etc/supervisor/supervisord.conf; then
|
||||||
|
@ -56,8 +53,7 @@ function _early_supervisor_setup
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_timezone
|
function _setup_timezone() {
|
||||||
{
|
|
||||||
[[ -n ${TZ} ]] || return 0
|
[[ -n ${TZ} ]] || return 0
|
||||||
_log 'debug' "Setting timezone to '${TZ}'"
|
_log 'debug' "Setting timezone to '${TZ}'"
|
||||||
|
|
||||||
|
@ -78,8 +74,7 @@ function _setup_timezone
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_apply_fixes_after_configuration
|
function _setup_apply_fixes_after_configuration() {
|
||||||
{
|
|
||||||
_log 'trace' 'Removing leftover PID files from a stop/start'
|
_log 'trace' 'Removing leftover PID files from a stop/start'
|
||||||
find /var/run/ -not -name 'supervisord.pid' -name '*.pid' -delete
|
find /var/run/ -not -name 'supervisord.pid' -name '*.pid' -delete
|
||||||
touch /dev/shm/supervisor.sock
|
touch /dev/shm/supervisor.sock
|
||||||
|
@ -93,8 +88,7 @@ function _setup_apply_fixes_after_configuration
|
||||||
rm -rf /var/mail-state/spool-postfix/{dev,etc,lib,pid,usr,private/auth}
|
rm -rf /var/mail-state/spool-postfix/{dev,etc,lib,pid,usr,private/auth}
|
||||||
}
|
}
|
||||||
|
|
||||||
function _run_user_patches
|
function _run_user_patches() {
|
||||||
{
|
|
||||||
local USER_PATCHES='/tmp/docker-mailserver/user-patches.sh'
|
local USER_PATCHES='/tmp/docker-mailserver/user-patches.sh'
|
||||||
|
|
||||||
if [[ -f ${USER_PATCHES} ]]; then
|
if [[ -f ${USER_PATCHES} ]]; then
|
||||||
|
|
|
@ -6,8 +6,7 @@
|
||||||
#
|
#
|
||||||
# The OpenDKIM milter must come before the OpenDMARC milter in Postfix's
|
# The OpenDKIM milter must come before the OpenDMARC milter in Postfix's
|
||||||
# `smtpd_milters` milters options.
|
# `smtpd_milters` milters options.
|
||||||
function _setup_opendkim
|
function _setup_opendkim() {
|
||||||
{
|
|
||||||
if [[ ${ENABLE_OPENDKIM} -eq 1 ]]; then
|
if [[ ${ENABLE_OPENDKIM} -eq 1 ]]; then
|
||||||
_log 'debug' 'Configuring DKIM'
|
_log 'debug' 'Configuring DKIM'
|
||||||
|
|
||||||
|
@ -54,8 +53,7 @@ function _setup_opendkim
|
||||||
#
|
#
|
||||||
# The OpenDMARC milter must come after the OpenDKIM milter in Postfix's
|
# The OpenDMARC milter must come after the OpenDKIM milter in Postfix's
|
||||||
# `smtpd_milters` milters options.
|
# `smtpd_milters` milters options.
|
||||||
function _setup_opendmarc
|
function _setup_opendmarc() {
|
||||||
{
|
|
||||||
if [[ ${ENABLE_OPENDMARC} -eq 1 ]]; then
|
if [[ ${ENABLE_OPENDMARC} -eq 1 ]]; then
|
||||||
# TODO When disabling SPF is possible, add a check whether DKIM and SPF is disabled
|
# TODO When disabling SPF is possible, add a check whether DKIM and SPF is disabled
|
||||||
# for DMARC to work, you should have at least one enabled
|
# for DMARC to work, you should have at least one enabled
|
||||||
|
@ -83,8 +81,7 @@ function _setup_opendmarc
|
||||||
|
|
||||||
# Configures the SPF check inside Postfix's configuration via policyd-spf. When
|
# Configures the SPF check inside Postfix's configuration via policyd-spf. When
|
||||||
# using Rspamd, you will likely want to turn that off.
|
# using Rspamd, you will likely want to turn that off.
|
||||||
function _setup_policyd_spf
|
function _setup_policyd_spf() {
|
||||||
{
|
|
||||||
if [[ ${ENABLE_POLICYD_SPF} -eq 1 ]]; then
|
if [[ ${ENABLE_POLICYD_SPF} -eq 1 ]]; then
|
||||||
_log 'debug' 'Configuring policyd-spf'
|
_log 'debug' 'Configuring policyd-spf'
|
||||||
cat >>/etc/postfix/master.cf <<EOF
|
cat >>/etc/postfix/master.cf <<EOF
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
function _setup_dovecot
|
function _setup_dovecot() {
|
||||||
{
|
|
||||||
_log 'debug' 'Setting up Dovecot'
|
_log 'debug' 'Setting up Dovecot'
|
||||||
|
|
||||||
cp -a /usr/share/dovecot/protocols.d /etc/dovecot/
|
cp -a /usr/share/dovecot/protocols.d /etc/dovecot/
|
||||||
|
@ -46,8 +45,7 @@ function _setup_dovecot
|
||||||
[[ -f /tmp/docker-mailserver/dovecot.cf ]] && cp /tmp/docker-mailserver/dovecot.cf /etc/dovecot/local.conf
|
[[ -f /tmp/docker-mailserver/dovecot.cf ]] && cp /tmp/docker-mailserver/dovecot.cf /etc/dovecot/local.conf
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_dovecot_sieve
|
function _setup_dovecot_sieve() {
|
||||||
{
|
|
||||||
mkdir -p /usr/lib/dovecot/sieve-{filter,global,pipe}
|
mkdir -p /usr/lib/dovecot/sieve-{filter,global,pipe}
|
||||||
mkdir -p /usr/lib/dovecot/sieve-global/{before,after}
|
mkdir -p /usr/lib/dovecot/sieve-global/{before,after}
|
||||||
|
|
||||||
|
@ -83,8 +81,7 @@ function _setup_dovecot_sieve
|
||||||
find /usr/lib/dovecot/sieve-{filter,pipe} -type f -exec chmod +x {} +
|
find /usr/lib/dovecot/sieve-{filter,pipe} -type f -exec chmod +x {} +
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_dovecot_quota
|
function _setup_dovecot_quota() {
|
||||||
{
|
|
||||||
_log 'debug' 'Setting up Dovecot quota'
|
_log 'debug' 'Setting up Dovecot quota'
|
||||||
|
|
||||||
# Dovecot quota is disabled when using LDAP or SMTP_ONLY or when explicitly disabled.
|
# Dovecot quota is disabled when using LDAP or SMTP_ONLY or when explicitly disabled.
|
||||||
|
@ -136,8 +133,7 @@ function _setup_dovecot_quota
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_dovecot_local_user
|
function _setup_dovecot_local_user() {
|
||||||
{
|
|
||||||
[[ ${SMTP_ONLY} -eq 1 ]] && return 0
|
[[ ${SMTP_ONLY} -eq 1 ]] && return 0
|
||||||
[[ ${ACCOUNT_PROVISIONER} == 'FILE' ]] || return 0
|
[[ ${ACCOUNT_PROVISIONER} == 'FILE' ]] || return 0
|
||||||
|
|
||||||
|
@ -147,8 +143,7 @@ function _setup_dovecot_local_user
|
||||||
_log 'trace' "No mail accounts to create - '/tmp/docker-mailserver/postfix-accounts.cf' is missing"
|
_log 'trace' "No mail accounts to create - '/tmp/docker-mailserver/postfix-accounts.cf' is missing"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
function __wait_until_an_account_is_added_or_shutdown
|
function __wait_until_an_account_is_added_or_shutdown() {
|
||||||
{
|
|
||||||
local SLEEP_PERIOD='10'
|
local SLEEP_PERIOD='10'
|
||||||
|
|
||||||
for (( COUNTER = 11 ; COUNTER >= 0 ; COUNTER-- ))
|
for (( COUNTER = 11 ; COUNTER >= 0 ; COUNTER-- ))
|
||||||
|
@ -169,8 +164,7 @@ function _setup_dovecot_local_user
|
||||||
_create_accounts
|
_create_accounts
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_dovecot_inet_protocols
|
function _setup_dovecot_inet_protocols() {
|
||||||
{
|
|
||||||
[[ ${DOVECOT_INET_PROTOCOLS} == 'all' ]] && return 0
|
[[ ${DOVECOT_INET_PROTOCOLS} == 'all' ]] && return 0
|
||||||
|
|
||||||
_log 'trace' 'Setting up DOVECOT_INET_PROTOCOLS option'
|
_log 'trace' 'Setting up DOVECOT_INET_PROTOCOLS option'
|
||||||
|
@ -189,13 +183,11 @@ function _setup_dovecot_inet_protocols
|
||||||
sedfile -i "s|^#listen =.*|listen = ${PROTOCOL}|g" /etc/dovecot/dovecot.conf
|
sedfile -i "s|^#listen =.*|listen = ${PROTOCOL}|g" /etc/dovecot/dovecot.conf
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_dovecot_dhparam
|
function _setup_dovecot_dhparam() {
|
||||||
{
|
|
||||||
_setup_dhparam 'Dovecot' '/etc/dovecot/dh.pem'
|
_setup_dhparam 'Dovecot' '/etc/dovecot/dh.pem'
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_dovecot_hostname
|
function _setup_dovecot_hostname() {
|
||||||
{
|
|
||||||
_log 'debug' 'Applying hostname to Dovecot'
|
_log 'debug' 'Applying hostname to Dovecot'
|
||||||
sed -i "s|^#hostname =.*$|hostname = '${HOSTNAME}'|g" /etc/dovecot/conf.d/15-lda.conf
|
sed -i "s|^#hostname =.*$|hostname = '${HOSTNAME}'|g" /etc/dovecot/conf.d/15-lda.conf
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
function _setup_fetchmail
|
function _setup_fetchmail() {
|
||||||
{
|
|
||||||
if [[ ${ENABLE_FETCHMAIL} -eq 1 ]]; then
|
if [[ ${ENABLE_FETCHMAIL} -eq 1 ]]; then
|
||||||
_log 'trace' 'Enabling and configuring Fetchmail'
|
_log 'trace' 'Enabling and configuring Fetchmail'
|
||||||
|
|
||||||
|
@ -23,8 +22,7 @@ function _setup_fetchmail
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_fetchmail_parallel
|
function _setup_fetchmail_parallel() {
|
||||||
{
|
|
||||||
if [[ ${FETCHMAIL_PARALLEL} -eq 1 ]]; then
|
if [[ ${FETCHMAIL_PARALLEL} -eq 1 ]]; then
|
||||||
_log 'trace' 'Enabling and configuring Fetchmail parallel'
|
_log 'trace' 'Enabling and configuring Fetchmail parallel'
|
||||||
mkdir /etc/fetchmailrc.d/
|
mkdir /etc/fetchmailrc.d/
|
||||||
|
@ -35,8 +33,7 @@ function _setup_fetchmail_parallel
|
||||||
#
|
#
|
||||||
# The sole purpose for this is to work around what is known
|
# The sole purpose for this is to work around what is known
|
||||||
# as the Fetchmail IMAP idle issue.
|
# as the Fetchmail IMAP idle issue.
|
||||||
function _fetchmailrc_split
|
function _fetchmailrc_split() {
|
||||||
{
|
|
||||||
local FETCHMAILRC='/etc/fetchmailrc'
|
local FETCHMAILRC='/etc/fetchmailrc'
|
||||||
local FETCHMAILRCD='/etc/fetchmailrc.d'
|
local FETCHMAILRCD='/etc/fetchmailrc.d'
|
||||||
local DEFAULT_FILE="${FETCHMAILRCD}/defaults"
|
local DEFAULT_FILE="${FETCHMAILRCD}/defaults"
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
function _setup_getmail
|
function _setup_getmail() {
|
||||||
{
|
|
||||||
if [[ ${ENABLE_GETMAIL} -eq 1 ]]; then
|
if [[ ${ENABLE_GETMAIL} -eq 1 ]]; then
|
||||||
_log 'trace' 'Preparing Getmail configuration'
|
_log 'trace' 'Preparing Getmail configuration'
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
function _setup_ldap
|
function _setup_ldap() {
|
||||||
{
|
|
||||||
_log 'debug' 'Setting up LDAP'
|
_log 'debug' 'Setting up LDAP'
|
||||||
_log 'trace' 'Checking for custom configs'
|
_log 'trace' 'Checking for custom configs'
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
function _setup_logs_general
|
function _setup_logs_general() {
|
||||||
{
|
|
||||||
_log 'debug' 'Setting up general log files'
|
_log 'debug' 'Setting up general log files'
|
||||||
|
|
||||||
# File/folder permissions are fine when using docker volumes, but may be wrong
|
# File/folder permissions are fine when using docker volumes, but may be wrong
|
||||||
|
@ -11,8 +10,7 @@ function _setup_logs_general
|
||||||
chown syslog:root /var/log/mail
|
chown syslog:root /var/log/mail
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_logrotate
|
function _setup_logrotate() {
|
||||||
{
|
|
||||||
_log 'debug' 'Setting up logrotate'
|
_log 'debug' 'Setting up logrotate'
|
||||||
|
|
||||||
LOGROTATE='/var/log/mail/mail.log\n{\n compress\n copytruncate\n delaycompress\n'
|
LOGROTATE='/var/log/mail/mail.log\n{\n compress\n copytruncate\n delaycompress\n'
|
||||||
|
@ -42,8 +40,7 @@ function _setup_logrotate
|
||||||
echo -e "${LOGROTATE}}" >/etc/logrotate.d/maillog
|
echo -e "${LOGROTATE}}" >/etc/logrotate.d/maillog
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_mail_summary
|
function _setup_mail_summary() {
|
||||||
{
|
|
||||||
local ENABLED_MESSAGE
|
local ENABLED_MESSAGE
|
||||||
ENABLED_MESSAGE="Enabling Postfix log summary reports with recipient '${PFLOGSUMM_RECIPIENT}'"
|
ENABLED_MESSAGE="Enabling Postfix log summary reports with recipient '${PFLOGSUMM_RECIPIENT}'"
|
||||||
|
|
||||||
|
@ -80,8 +77,7 @@ EOF
|
||||||
esac
|
esac
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_logwatch
|
function _setup_logwatch() {
|
||||||
{
|
|
||||||
echo 'LogFile = /var/log/mail/freshclam.log' >>/etc/logwatch/conf/logfiles/clam-update.conf
|
echo 'LogFile = /var/log/mail/freshclam.log' >>/etc/logwatch/conf/logfiles/clam-update.conf
|
||||||
echo "MailFrom = ${LOGWATCH_SENDER}" >>/etc/logwatch/conf/logwatch.conf
|
echo "MailFrom = ${LOGWATCH_SENDER}" >>/etc/logwatch/conf/logwatch.conf
|
||||||
echo "Mailer = \"sendmail -t -f ${LOGWATCH_SENDER}\"" >>/etc/logwatch/conf/logwatch.conf
|
echo "Mailer = \"sendmail -t -f ${LOGWATCH_SENDER}\"" >>/etc/logwatch/conf/logwatch.conf
|
||||||
|
|
|
@ -2,8 +2,7 @@
|
||||||
|
|
||||||
# Consolidate all states into a single directory
|
# Consolidate all states into a single directory
|
||||||
# (/var/mail-state) to allow persistence using docker volumes
|
# (/var/mail-state) to allow persistence using docker volumes
|
||||||
function _setup_save_states
|
function _setup_save_states() {
|
||||||
{
|
|
||||||
local DEST DESTDIR STATEDIR SERVICEDIR SERVICEDIRS SERVICEFILE SERVICEFILES
|
local DEST DESTDIR STATEDIR SERVICEDIR SERVICEDIRS SERVICEFILE SERVICEFILES
|
||||||
|
|
||||||
STATEDIR='/var/mail-state'
|
STATEDIR='/var/mail-state'
|
||||||
|
|
|
@ -1,13 +1,11 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
function _setup_mailname
|
function _setup_mailname() {
|
||||||
{
|
|
||||||
_log 'debug' "Setting up mailname and creating '/etc/mailname'"
|
_log 'debug' "Setting up mailname and creating '/etc/mailname'"
|
||||||
echo "${DOMAINNAME}" >/etc/mailname
|
echo "${DOMAINNAME}" >/etc/mailname
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_docker_permit
|
function _setup_docker_permit() {
|
||||||
{
|
|
||||||
_log 'debug' 'Setting up PERMIT_DOCKER option'
|
_log 'debug' 'Setting up PERMIT_DOCKER option'
|
||||||
|
|
||||||
local CONTAINER_IP CONTAINER_NETWORK
|
local CONTAINER_IP CONTAINER_NETWORK
|
||||||
|
@ -29,14 +27,12 @@ function _setup_docker_permit
|
||||||
CONTAINER_NETWORKS+=("${IP}")
|
CONTAINER_NETWORKS+=("${IP}")
|
||||||
done < <(ip -o -4 addr show type veth | grep -E -o '[0-9\.]+/[0-9]+')
|
done < <(ip -o -4 addr show type veth | grep -E -o '[0-9\.]+/[0-9]+')
|
||||||
|
|
||||||
function __clear_postfix_mynetworks
|
function __clear_postfix_mynetworks() {
|
||||||
{
|
|
||||||
_log 'trace' "Clearing Postfix's 'mynetworks'"
|
_log 'trace' "Clearing Postfix's 'mynetworks'"
|
||||||
postconf "mynetworks ="
|
postconf "mynetworks ="
|
||||||
}
|
}
|
||||||
|
|
||||||
function __add_to_postfix_mynetworks
|
function __add_to_postfix_mynetworks() {
|
||||||
{
|
|
||||||
local NETWORK_TYPE=$1
|
local NETWORK_TYPE=$1
|
||||||
local NETWORK=$2
|
local NETWORK=$2
|
||||||
|
|
||||||
|
|
|
@ -7,8 +7,7 @@
|
||||||
# @param ${2} = message
|
# @param ${2} = message
|
||||||
function __postfix__log { _log "${1:-}" "(Postfix setup) ${2:-}" ; }
|
function __postfix__log { _log "${1:-}" "(Postfix setup) ${2:-}" ; }
|
||||||
|
|
||||||
function _setup_postfix_early
|
function _setup_postfix_early() {
|
||||||
{
|
|
||||||
_log 'debug' 'Configuring Postfix (early setup)'
|
_log 'debug' 'Configuring Postfix (early setup)'
|
||||||
|
|
||||||
__postfix__log 'trace' 'Applying hostname and domainname'
|
__postfix__log 'trace' 'Applying hostname and domainname'
|
||||||
|
@ -66,8 +65,7 @@ EOF
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_postfix_late
|
function _setup_postfix_late() {
|
||||||
{
|
|
||||||
_log 'debug' 'Configuring Postfix (late setup)'
|
_log 'debug' 'Configuring Postfix (late setup)'
|
||||||
|
|
||||||
__postfix__log 'trace' 'Configuring user access'
|
__postfix__log 'trace' 'Configuring user access'
|
||||||
|
@ -91,8 +89,7 @@ function _setup_postfix_late
|
||||||
__postfix__setup_override_configuration
|
__postfix__setup_override_configuration
|
||||||
}
|
}
|
||||||
|
|
||||||
function __postfix__setup_override_configuration
|
function __postfix__setup_override_configuration() {
|
||||||
{
|
|
||||||
__postfix__log 'debug' 'Overriding / adjusting configuration with user-supplied values'
|
__postfix__log 'debug' 'Overriding / adjusting configuration with user-supplied values'
|
||||||
|
|
||||||
if [[ -f /tmp/docker-mailserver/postfix-main.cf ]]; then
|
if [[ -f /tmp/docker-mailserver/postfix-main.cf ]]; then
|
||||||
|
@ -122,8 +119,7 @@ function __postfix__setup_override_configuration
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _setup_SRS
|
function _setup_SRS() {
|
||||||
{
|
|
||||||
_log 'debug' 'Setting up SRS'
|
_log 'debug' 'Setting up SRS'
|
||||||
|
|
||||||
postconf 'sender_canonical_maps = tcp:localhost:10001'
|
postconf 'sender_canonical_maps = tcp:localhost:10001'
|
||||||
|
@ -131,8 +127,7 @@ function _setup_SRS
|
||||||
postconf 'recipient_canonical_maps = tcp:localhost:10002'
|
postconf 'recipient_canonical_maps = tcp:localhost:10002'
|
||||||
postconf 'recipient_canonical_classes = envelope_recipient,header_recipient'
|
postconf 'recipient_canonical_classes = envelope_recipient,header_recipient'
|
||||||
|
|
||||||
function __generate_secret
|
function __generate_secret() {
|
||||||
{
|
|
||||||
(
|
(
|
||||||
umask 0077
|
umask 0077
|
||||||
dd if=/dev/urandom bs=24 count=1 2>/dev/null | base64 -w0 >"${1}"
|
dd if=/dev/urandom bs=24 count=1 2>/dev/null | base64 -w0 >"${1}"
|
||||||
|
|
|
@ -1,8 +1,7 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
|
|
||||||
function _setup_saslauthd
|
function _setup_saslauthd() {
|
||||||
{
|
|
||||||
_log 'debug' 'Setting up SASLAUTHD'
|
_log 'debug' 'Setting up SASLAUTHD'
|
||||||
|
|
||||||
if [[ ! -f /etc/saslauthd.conf ]]; then
|
if [[ ! -f /etc/saslauthd.conf ]]; then
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
function _setup_security_stack
|
function _setup_security_stack() {
|
||||||
{
|
|
||||||
_log 'debug' 'Setting up Security Stack'
|
_log 'debug' 'Setting up Security Stack'
|
||||||
|
|
||||||
__setup__security__postgrey
|
__setup__security__postgrey
|
||||||
|
@ -23,8 +22,7 @@ function _setup_security_stack
|
||||||
__setup__security__amavis
|
__setup__security__amavis
|
||||||
}
|
}
|
||||||
|
|
||||||
function __setup__security__postgrey
|
function __setup__security__postgrey() {
|
||||||
{
|
|
||||||
if [[ ${ENABLE_POSTGREY} -eq 1 ]]; then
|
if [[ ${ENABLE_POSTGREY} -eq 1 ]]; then
|
||||||
_log 'debug' 'Enabling and configuring Postgrey'
|
_log 'debug' 'Enabling and configuring Postgrey'
|
||||||
|
|
||||||
|
@ -52,8 +50,7 @@ function __setup__security__postgrey
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function __setup__security__postscreen
|
function __setup__security__postscreen() {
|
||||||
{
|
|
||||||
_log 'debug' 'Configuring Postscreen'
|
_log 'debug' 'Configuring Postscreen'
|
||||||
sed -i \
|
sed -i \
|
||||||
-e "s|postscreen_dnsbl_action = enforce|postscreen_dnsbl_action = ${POSTSCREEN_ACTION}|" \
|
-e "s|postscreen_dnsbl_action = enforce|postscreen_dnsbl_action = ${POSTSCREEN_ACTION}|" \
|
||||||
|
@ -69,8 +66,7 @@ function __setup__security__postscreen
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function __setup__security__spamassassin
|
function __setup__security__spamassassin() {
|
||||||
{
|
|
||||||
if [[ ${ENABLE_SPAMASSASSIN} -eq 1 ]]; then
|
if [[ ${ENABLE_SPAMASSASSIN} -eq 1 ]]; then
|
||||||
_log 'debug' 'Enabling and configuring SpamAssassin'
|
_log 'debug' 'Enabling and configuring SpamAssassin'
|
||||||
|
|
||||||
|
@ -157,8 +153,7 @@ EOF
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function __setup__security__clamav
|
function __setup__security__clamav() {
|
||||||
{
|
|
||||||
if [[ ${ENABLE_CLAMAV} -eq 1 ]]; then
|
if [[ ${ENABLE_CLAMAV} -eq 1 ]]; then
|
||||||
_log 'debug' 'Enabling and configuring ClamAV'
|
_log 'debug' 'Enabling and configuring ClamAV'
|
||||||
|
|
||||||
|
@ -197,8 +192,7 @@ function __setup__security__clamav
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function __setup__security__fail2ban
|
function __setup__security__fail2ban() {
|
||||||
{
|
|
||||||
if [[ ${ENABLE_FAIL2BAN} -eq 1 ]]; then
|
if [[ ${ENABLE_FAIL2BAN} -eq 1 ]]; then
|
||||||
_log 'debug' 'Enabling and configuring Fail2Ban'
|
_log 'debug' 'Enabling and configuring Fail2Ban'
|
||||||
|
|
||||||
|
@ -221,8 +215,7 @@ function __setup__security__fail2ban
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function __setup__security__amavis
|
function __setup__security__amavis() {
|
||||||
{
|
|
||||||
if [[ ${ENABLE_AMAVIS} -eq 1 ]]; then
|
if [[ ${ENABLE_AMAVIS} -eq 1 ]]; then
|
||||||
_log 'debug' 'Configuring Amavis'
|
_log 'debug' 'Configuring Amavis'
|
||||||
if [[ -f /tmp/docker-mailserver/amavis.cf ]]; then
|
if [[ -f /tmp/docker-mailserver/amavis.cf ]]; then
|
||||||
|
@ -257,8 +250,7 @@ function __setup__security__amavis
|
||||||
}
|
}
|
||||||
|
|
||||||
# We can use Sieve to move spam emails to the "Junk" folder.
|
# We can use Sieve to move spam emails to the "Junk" folder.
|
||||||
function _setup_spam_to_junk
|
function _setup_spam_to_junk() {
|
||||||
{
|
|
||||||
if [[ ${MOVE_SPAM_TO_JUNK} -eq 1 ]]; then
|
if [[ ${MOVE_SPAM_TO_JUNK} -eq 1 ]]; then
|
||||||
_log 'debug' 'Spam emails will be moved to the Junk folder'
|
_log 'debug' 'Spam emails will be moved to the Junk folder'
|
||||||
cat >/usr/lib/dovecot/sieve-global/after/spam_to_junk.sieve << EOF
|
cat >/usr/lib/dovecot/sieve-global/after/spam_to_junk.sieve << EOF
|
||||||
|
|
|
@ -1,8 +1,7 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
# Function called during global setup to handle the complete setup of Rspamd.
|
# Function called during global setup to handle the complete setup of Rspamd.
|
||||||
function _setup_rspamd
|
function _setup_rspamd() {
|
||||||
{
|
|
||||||
if _env_var_expect_zero_or_one 'ENABLE_RSPAMD' && [[ ${ENABLE_RSPAMD} -eq 1 ]]; then
|
if _env_var_expect_zero_or_one 'ENABLE_RSPAMD' && [[ ${ENABLE_RSPAMD} -eq 1 ]]; then
|
||||||
_log 'debug' 'Enabling and configuring Rspamd'
|
_log 'debug' 'Enabling and configuring Rspamd'
|
||||||
__rspamd__log 'trace' '---------- Setup started ----------'
|
__rspamd__log 'trace' '---------- Setup started ----------'
|
||||||
|
@ -36,8 +35,7 @@ function __rspamd__log { _log "${1:-}" "(Rspamd setup) ${2:-}" ; }
|
||||||
# @param ${2} = `true` when you want to enable the module (default),
|
# @param ${2} = `true` when you want to enable the module (default),
|
||||||
# `false` when you want to disable the module [OPTIONAL]
|
# `false` when you want to disable the module [OPTIONAL]
|
||||||
# @param ${3} = whether to use `local` (default) or `override` [OPTIONAL]
|
# @param ${3} = whether to use `local` (default) or `override` [OPTIONAL]
|
||||||
function __rspamd__helper__enable_disable_module
|
function __rspamd__helper__enable_disable_module() {
|
||||||
{
|
|
||||||
local MODULE=${1:?Module name must be provided}
|
local MODULE=${1:?Module name must be provided}
|
||||||
local ENABLE_MODULE=${2:-true}
|
local ENABLE_MODULE=${2:-true}
|
||||||
local LOCAL_OR_OVERRIDE=${3:-local}
|
local LOCAL_OR_OVERRIDE=${3:-local}
|
||||||
|
@ -61,8 +59,7 @@ EOF
|
||||||
|
|
||||||
# Run miscellaneous early setup tasks and checks, such as creating files needed at runtime
|
# Run miscellaneous early setup tasks and checks, such as creating files needed at runtime
|
||||||
# or checking for other anti-spam/anti-virus software.
|
# or checking for other anti-spam/anti-virus software.
|
||||||
function __rspamd__run_early_setup_and_checks
|
function __rspamd__run_early_setup_and_checks() {
|
||||||
{
|
|
||||||
# Note: Variables not marked with `local` are
|
# Note: Variables not marked with `local` are
|
||||||
# used in other functions as well.
|
# used in other functions as well.
|
||||||
RSPAMD_LOCAL_D='/etc/rspamd/local.d'
|
RSPAMD_LOCAL_D='/etc/rspamd/local.d'
|
||||||
|
@ -105,8 +102,7 @@ function __rspamd__run_early_setup_and_checks
|
||||||
|
|
||||||
# Sets up Redis. In case the user does not use a dedicated Redis instance, we
|
# Sets up Redis. In case the user does not use a dedicated Redis instance, we
|
||||||
# supply a configuration for our local Redis instance which is started later.
|
# supply a configuration for our local Redis instance which is started later.
|
||||||
function __rspamd__setup_redis
|
function __rspamd__setup_redis() {
|
||||||
{
|
|
||||||
if _env_var_expect_zero_or_one 'ENABLE_RSPAMD_REDIS' && [[ ${ENABLE_RSPAMD_REDIS} -eq 1 ]]; then
|
if _env_var_expect_zero_or_one 'ENABLE_RSPAMD_REDIS' && [[ ${ENABLE_RSPAMD_REDIS} -eq 1 ]]; then
|
||||||
__rspamd__log 'debug' 'Internal Redis is enabled, adding configuration'
|
__rspamd__log 'debug' 'Internal Redis is enabled, adding configuration'
|
||||||
cat >"${RSPAMD_LOCAL_D}/redis.conf" << "EOF"
|
cat >"${RSPAMD_LOCAL_D}/redis.conf" << "EOF"
|
||||||
|
@ -136,8 +132,7 @@ EOF
|
||||||
|
|
||||||
# Adjust Postfix's configuration files. We only need to append Rspamd at the end of
|
# Adjust Postfix's configuration files. We only need to append Rspamd at the end of
|
||||||
# `smtpd_milters` in `/etc/postfix/main.cf`.
|
# `smtpd_milters` in `/etc/postfix/main.cf`.
|
||||||
function __rspamd__setup_postfix
|
function __rspamd__setup_postfix() {
|
||||||
{
|
|
||||||
__rspamd__log 'debug' "Adjusting Postfix's configuration"
|
__rspamd__log 'debug' "Adjusting Postfix's configuration"
|
||||||
|
|
||||||
postconf 'rspamd_milter = inet:localhost:11332'
|
postconf 'rspamd_milter = inet:localhost:11332'
|
||||||
|
@ -146,8 +141,7 @@ function __rspamd__setup_postfix
|
||||||
}
|
}
|
||||||
|
|
||||||
# If ClamAV is enabled, we will integrate it into Rspamd.
|
# If ClamAV is enabled, we will integrate it into Rspamd.
|
||||||
function __rspamd__setup_clamav
|
function __rspamd__setup_clamav() {
|
||||||
{
|
|
||||||
if _env_var_expect_zero_or_one 'ENABLE_CLAMAV' && [[ ${ENABLE_CLAMAV} -eq 1 ]]; then
|
if _env_var_expect_zero_or_one 'ENABLE_CLAMAV' && [[ ${ENABLE_CLAMAV} -eq 1 ]]; then
|
||||||
__rspamd__log 'debug' 'Enabling ClamAV integration'
|
__rspamd__log 'debug' 'Enabling ClamAV integration'
|
||||||
sedfile -i -E 's|^(enabled).*|\1 = true;|g' "${RSPAMD_LOCAL_D}/antivirus.conf"
|
sedfile -i -E 's|^(enabled).*|\1 = true;|g' "${RSPAMD_LOCAL_D}/antivirus.conf"
|
||||||
|
@ -169,8 +163,7 @@ function __rspamd__setup_clamav
|
||||||
# We disable the modules listed in `DISABLE_MODULES` as we believe these modules
|
# We disable the modules listed in `DISABLE_MODULES` as we believe these modules
|
||||||
# are not commonly used and the average user does not need them. As a consequence,
|
# are not commonly used and the average user does not need them. As a consequence,
|
||||||
# disabling them saves resources.
|
# disabling them saves resources.
|
||||||
function __rspamd__setup_default_modules
|
function __rspamd__setup_default_modules() {
|
||||||
{
|
|
||||||
__rspamd__log 'debug' 'Disabling default modules'
|
__rspamd__log 'debug' 'Disabling default modules'
|
||||||
|
|
||||||
# This array contains all the modules we disable by default. They
|
# This array contains all the modules we disable by default. They
|
||||||
|
@ -197,8 +190,7 @@ function __rspamd__setup_default_modules
|
||||||
# 1. enabling auto-learn for the classifier-bayes module
|
# 1. enabling auto-learn for the classifier-bayes module
|
||||||
# 2. setting up sieve scripts that detect when a user is moving e-mail
|
# 2. setting up sieve scripts that detect when a user is moving e-mail
|
||||||
# from or to the "Junk" folder, and learning them as ham or spam.
|
# from or to the "Junk" folder, and learning them as ham or spam.
|
||||||
function __rspamd__setup_learning
|
function __rspamd__setup_learning() {
|
||||||
{
|
|
||||||
if _env_var_expect_zero_or_one 'RSPAMD_LEARN' && [[ ${RSPAMD_LEARN} -eq 1 ]]; then
|
if _env_var_expect_zero_or_one 'RSPAMD_LEARN' && [[ ${RSPAMD_LEARN} -eq 1 ]]; then
|
||||||
__rspamd__log 'debug' 'Setting up intelligent learning of spam and ham'
|
__rspamd__log 'debug' 'Setting up intelligent learning of spam and ham'
|
||||||
|
|
||||||
|
@ -241,8 +233,7 @@ EOF
|
||||||
|
|
||||||
# Sets up greylisting with the greylisting module (see
|
# Sets up greylisting with the greylisting module (see
|
||||||
# https://rspamd.com/doc/modules/greylisting.html).
|
# https://rspamd.com/doc/modules/greylisting.html).
|
||||||
function __rspamd__setup_greylisting
|
function __rspamd__setup_greylisting() {
|
||||||
{
|
|
||||||
if _env_var_expect_zero_or_one 'RSPAMD_GREYLISTING' && [[ ${RSPAMD_GREYLISTING} -eq 1 ]]; then
|
if _env_var_expect_zero_or_one 'RSPAMD_GREYLISTING' && [[ ${RSPAMD_GREYLISTING} -eq 1 ]]; then
|
||||||
__rspamd__log 'debug' 'Enabling greylisting'
|
__rspamd__log 'debug' 'Enabling greylisting'
|
||||||
sedfile -i -E "s|(enabled =).*|\1 true;|g" "${RSPAMD_LOCAL_D}/greylist.conf"
|
sedfile -i -E "s|(enabled =).*|\1 true;|g" "${RSPAMD_LOCAL_D}/greylist.conf"
|
||||||
|
@ -255,8 +246,7 @@ function __rspamd__setup_greylisting
|
||||||
# https://www.rspamd.com/doc/modules/hfilter.html). This module is mainly
|
# https://www.rspamd.com/doc/modules/hfilter.html). This module is mainly
|
||||||
# used for hostname checks, and whether or not a reverse-DNS check
|
# used for hostname checks, and whether or not a reverse-DNS check
|
||||||
# succeeds.
|
# succeeds.
|
||||||
function __rspamd__setup_hfilter_group
|
function __rspamd__setup_hfilter_group() {
|
||||||
{
|
|
||||||
local MODULE_FILE="${RSPAMD_LOCAL_D}/hfilter_group.conf"
|
local MODULE_FILE="${RSPAMD_LOCAL_D}/hfilter_group.conf"
|
||||||
if _env_var_expect_zero_or_one 'RSPAMD_HFILTER' && [[ ${RSPAMD_HFILTER} -eq 1 ]]; then
|
if _env_var_expect_zero_or_one 'RSPAMD_HFILTER' && [[ ${RSPAMD_HFILTER} -eq 1 ]]; then
|
||||||
__rspamd__log 'debug' 'Hfilter (group) module is enabled'
|
__rspamd__log 'debug' 'Hfilter (group) module is enabled'
|
||||||
|
@ -278,8 +268,7 @@ function __rspamd__setup_hfilter_group
|
||||||
# Parses `RSPAMD_CUSTOM_COMMANDS_FILE` and executed the directives given by the file.
|
# Parses `RSPAMD_CUSTOM_COMMANDS_FILE` and executed the directives given by the file.
|
||||||
# To get a detailed explanation of the commands and how the file works, visit
|
# To get a detailed explanation of the commands and how the file works, visit
|
||||||
# https://docker-mailserver.github.io/docker-mailserver/edge/config/security/rspamd/#with-the-help-of-a-custom-file
|
# https://docker-mailserver.github.io/docker-mailserver/edge/config/security/rspamd/#with-the-help-of-a-custom-file
|
||||||
function __rspamd__handle_user_modules_adjustments
|
function __rspamd__handle_user_modules_adjustments() {
|
||||||
{
|
|
||||||
# Adds an option with a corresponding value to a module, or, in case the option
|
# Adds an option with a corresponding value to a module, or, in case the option
|
||||||
# is already present, overwrites it.
|
# is already present, overwrites it.
|
||||||
#
|
#
|
||||||
|
@ -293,8 +282,7 @@ function __rspamd__handle_user_modules_adjustments
|
||||||
# While this function is currently bound to the scope of `__rspamd__handle_user_modules_adjustments`,
|
# While this function is currently bound to the scope of `__rspamd__handle_user_modules_adjustments`,
|
||||||
# it is written in a versatile way (taking 4 arguments instead of assuming `ARGUMENT2` / `ARGUMENT3`
|
# it is written in a versatile way (taking 4 arguments instead of assuming `ARGUMENT2` / `ARGUMENT3`
|
||||||
# are set) so that it may be used elsewhere if needed.
|
# are set) so that it may be used elsewhere if needed.
|
||||||
function __add_or_replace
|
function __add_or_replace() {
|
||||||
{
|
|
||||||
local MODULE_FILE=${1:?Module file name must be provided}
|
local MODULE_FILE=${1:?Module file name must be provided}
|
||||||
local MODULE_LOG_NAME=${2:?Module log name must be provided}
|
local MODULE_LOG_NAME=${2:?Module log name must be provided}
|
||||||
local OPTION=${3:?Option name must be provided}
|
local OPTION=${3:?Option name must be provided}
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
function _setup_spoof_protection
|
function _setup_spoof_protection() {
|
||||||
{
|
|
||||||
if [[ ${SPOOF_PROTECTION} -eq 1 ]]; then
|
if [[ ${SPOOF_PROTECTION} -eq 1 ]]; then
|
||||||
_log 'trace' 'Enabling and configuring spoof protection'
|
_log 'trace' 'Enabling and configuring spoof protection'
|
||||||
|
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
# shellcheck disable=SC2034
|
# shellcheck disable=SC2034
|
||||||
declare -A VARS
|
declare -A VARS
|
||||||
|
|
||||||
function _early_variables_setup
|
function _early_variables_setup() {
|
||||||
{
|
|
||||||
_obtain_hostname_and_domainname
|
_obtain_hostname_and_domainname
|
||||||
__environment_variables_backwards_compatibility
|
__environment_variables_backwards_compatibility
|
||||||
__environment_variables_general_setup
|
__environment_variables_general_setup
|
||||||
|
@ -13,8 +12,7 @@ function _early_variables_setup
|
||||||
# This function handles variables that are deprecated. This allows a
|
# This function handles variables that are deprecated. This allows a
|
||||||
# smooth transition period, without the need of removing a variable
|
# smooth transition period, without the need of removing a variable
|
||||||
# completely with a single version.
|
# completely with a single version.
|
||||||
function __environment_variables_backwards_compatibility
|
function __environment_variables_backwards_compatibility() {
|
||||||
{
|
|
||||||
if [[ ${ENABLE_LDAP:-0} -eq 1 ]]; then
|
if [[ ${ENABLE_LDAP:-0} -eq 1 ]]; then
|
||||||
_log 'warn' "'ENABLE_LDAP=1' is deprecated (and will be removed in v13.0.0) => use 'ACCOUNT_PROVISIONER=LDAP' instead"
|
_log 'warn' "'ENABLE_LDAP=1' is deprecated (and will be removed in v13.0.0) => use 'ACCOUNT_PROVISIONER=LDAP' instead"
|
||||||
ACCOUNT_PROVISIONER='LDAP'
|
ACCOUNT_PROVISIONER='LDAP'
|
||||||
|
@ -32,8 +30,7 @@ function __environment_variables_backwards_compatibility
|
||||||
# This function sets almost all environment variables. This involves setting
|
# This function sets almost all environment variables. This involves setting
|
||||||
# a default if no value was provided and writing the variable and its value
|
# a default if no value was provided and writing the variable and its value
|
||||||
# to the VARS map.
|
# to the VARS map.
|
||||||
function __environment_variables_general_setup
|
function __environment_variables_general_setup() {
|
||||||
{
|
|
||||||
_log 'debug' 'Handling general environment variable setup'
|
_log 'debug' 'Handling general environment variable setup'
|
||||||
|
|
||||||
# these variables must be defined first
|
# these variables must be defined first
|
||||||
|
@ -143,8 +140,7 @@ function __environment_variables_general_setup
|
||||||
}
|
}
|
||||||
|
|
||||||
# This function handles environment variables related to LDAP.
|
# This function handles environment variables related to LDAP.
|
||||||
function _environment_variables_ldap
|
function _environment_variables_ldap() {
|
||||||
{
|
|
||||||
_log 'debug' 'Setting LDAP-related environment variables now'
|
_log 'debug' 'Setting LDAP-related environment variables now'
|
||||||
|
|
||||||
VARS[LDAP_BIND_DN]="${LDAP_BIND_DN:=}"
|
VARS[LDAP_BIND_DN]="${LDAP_BIND_DN:=}"
|
||||||
|
@ -156,8 +152,7 @@ function _environment_variables_ldap
|
||||||
|
|
||||||
# This function handles environment variables related to SASLAUTHD
|
# This function handles environment variables related to SASLAUTHD
|
||||||
# and, if activated, variables related to SASLAUTHD and LDAP.
|
# and, if activated, variables related to SASLAUTHD and LDAP.
|
||||||
function _environment_variables_saslauthd
|
function _environment_variables_saslauthd() {
|
||||||
{
|
|
||||||
_log 'debug' 'Setting SASLAUTHD-related environment variables now'
|
_log 'debug' 'Setting SASLAUTHD-related environment variables now'
|
||||||
|
|
||||||
VARS[SASLAUTHD_MECHANISMS]="${SASLAUTHD_MECHANISMS:=pam}"
|
VARS[SASLAUTHD_MECHANISMS]="${SASLAUTHD_MECHANISMS:=pam}"
|
||||||
|
@ -210,8 +205,7 @@ function _environment_variables_saslauthd
|
||||||
# This function Writes the contents of the `VARS` map (associative array)
|
# This function Writes the contents of the `VARS` map (associative array)
|
||||||
# to locations where they can be sourced from (e.g. `/etc/dms-settings`)
|
# to locations where they can be sourced from (e.g. `/etc/dms-settings`)
|
||||||
# or where they can be used by Bash directly (e.g. `/root/.bashrc`).
|
# or where they can be used by Bash directly (e.g. `/root/.bashrc`).
|
||||||
function _environment_variables_export
|
function _environment_variables_export() {
|
||||||
{
|
|
||||||
_log 'debug' "Exporting environment variables now (creating '/etc/dms-settings')"
|
_log 'debug' "Exporting environment variables now (creating '/etc/dms-settings')"
|
||||||
|
|
||||||
: >/root/.bashrc # make DMS variables available in login shells and their subprocesses
|
: >/root/.bashrc # make DMS variables available in login shells and their subprocesses
|
||||||
|
|
|
@ -396,8 +396,7 @@ function _container_is_running() {
|
||||||
#
|
#
|
||||||
# @param ${1} = directory
|
# @param ${1} = directory
|
||||||
# @param ${2} = number of files that should be in ${1}
|
# @param ${2} = number of files that should be in ${1}
|
||||||
function _count_files_in_directory_in_container()
|
function _count_files_in_directory_in_container() {
|
||||||
{
|
|
||||||
local DIRECTORY=${1:?No directory provided}
|
local DIRECTORY=${1:?No directory provided}
|
||||||
local NUMBER_OF_LINES=${2:?No line count provided}
|
local NUMBER_OF_LINES=${2:?No line count provided}
|
||||||
|
|
||||||
|
|
|
@ -16,8 +16,7 @@ SHELLCHECK_VERSION='0.9.0'
|
||||||
# shellcheck source=./../../target/scripts/helpers/log.sh
|
# shellcheck source=./../../target/scripts/helpers/log.sh
|
||||||
source "${REPOSITORY_ROOT}/target/scripts/helpers/log.sh"
|
source "${REPOSITORY_ROOT}/target/scripts/helpers/log.sh"
|
||||||
|
|
||||||
function _eclint
|
function _eclint() {
|
||||||
{
|
|
||||||
if docker run --rm --tty \
|
if docker run --rm --tty \
|
||||||
--volume "${REPOSITORY_ROOT}:/ci:ro" \
|
--volume "${REPOSITORY_ROOT}:/ci:ro" \
|
||||||
--workdir "/ci" \
|
--workdir "/ci" \
|
||||||
|
@ -31,8 +30,7 @@ function _eclint
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _hadolint
|
function _hadolint() {
|
||||||
{
|
|
||||||
if docker run --rm --tty \
|
if docker run --rm --tty \
|
||||||
--volume "${REPOSITORY_ROOT}:/ci:ro" \
|
--volume "${REPOSITORY_ROOT}:/ci:ro" \
|
||||||
--workdir "/ci" \
|
--workdir "/ci" \
|
||||||
|
@ -46,8 +44,7 @@ function _hadolint
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _shellcheck
|
function _shellcheck() {
|
||||||
{
|
|
||||||
local F_SH F_BIN F_BATS
|
local F_SH F_BIN F_BATS
|
||||||
|
|
||||||
# File paths for shellcheck:
|
# File paths for shellcheck:
|
||||||
|
@ -119,8 +116,7 @@ function _shellcheck
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _main
|
function _main() {
|
||||||
{
|
|
||||||
case "${1:-}" in
|
case "${1:-}" in
|
||||||
( 'eclint' ) _eclint ;;
|
( 'eclint' ) _eclint ;;
|
||||||
( 'hadolint' ) _hadolint ;;
|
( 'hadolint' ) _hadolint ;;
|
||||||
|
|
Loading…
Reference in a new issue