mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
New command: generate-dkim-domain
This command can be used for generating DKIM key for a domain, which is not included in any configuration files. For example, when using SQL database for transport maps.
This commit is contained in:
parent
97e296162f
commit
984537526a
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -4,6 +4,7 @@ docker-compose.yml
|
|||
test/config/empty/
|
||||
test/config/without-accounts/
|
||||
test/config/without-virtual/
|
||||
test/config/with-domain/
|
||||
test/config/postfix-accounts.cf
|
||||
test/config/letsencrypt/mail.my-domain.com/combined.pem
|
||||
test/onedir
|
||||
|
|
3
Makefile
3
Makefile
|
@ -220,4 +220,5 @@ clean:
|
|||
-sudo rm -rf test/onedir \
|
||||
test/config/empty \
|
||||
test/config/without-accounts \
|
||||
test/config/without-virtual
|
||||
test/config/without-virtual \
|
||||
test/config/with-domain
|
||||
|
|
|
@ -151,6 +151,12 @@ Don't forget to adapt MAIL_USER and MAIL_PASS to your needs
|
|||
-v "$(pwd)/config":/tmp/docker-mailserver \
|
||||
-ti tvial/docker-mailserver:latest generate-dkim-config
|
||||
|
||||
This generates DKIM keys for domains in configuration files. You can also generate DKIM key for a domain by using command
|
||||
|
||||
docker run --rm \
|
||||
-v "$(pwd)/config":/tmp/docker-mailserver \
|
||||
-ti tvial/docker-mailserver:latest generate-dkim-domain name_of_domain
|
||||
|
||||
Now the keys are generated, you can configure your DNS server by just pasting the content of `config/opendkim/keys/domain.tld/mail.txt` in your `domain.tld.hosts` zone.
|
||||
|
||||
Note: you can also manage email accounts, DKIM keys and more with the [setup.sh convenience script](https://github.com/tomav/docker-mailserver/wiki/Setup-docker-mailserver-using-the-script-setup.sh).
|
||||
|
|
39
target/bin/generate-dkim-domain
Normal file
39
target/bin/generate-dkim-domain
Normal file
|
@ -0,0 +1,39 @@
|
|||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
if [ $# -ne 1 ]; then
|
||||
echo $0: "usage: generate-dkim-domain domain"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
domainname=$1
|
||||
|
||||
mkdir -p /tmp/docker-mailserver/opendkim/keys/$domainname
|
||||
|
||||
if [ ! -f "/tmp/docker-mailserver/opendkim/keys/$domainname/mail.private" ]; then
|
||||
echo "Creating DKIM private key /tmp/docker-mailserver/opendkim/keys/$domainname/mail.private"
|
||||
opendkim-genkey --subdomains --domain=$domainname --selector=mail -D /tmp/docker-mailserver/opendkim/keys/$domainname
|
||||
fi
|
||||
|
||||
# Write to KeyTable if necessary
|
||||
keytableentry="mail._domainkey.$domainname $domainname:mail:/etc/opendkim/keys/$domainname/mail.private"
|
||||
if [ ! -f "/tmp/docker-mailserver/opendkim/KeyTable" ]; then
|
||||
echo "Creating DKIM KeyTable"
|
||||
echo $keytableentry > /tmp/docker-mailserver/opendkim/KeyTable
|
||||
else
|
||||
if ! grep -q "$keytableentry" "/tmp/docker-mailserver/opendkim/KeyTable" ; then
|
||||
echo $keytableentry >> /tmp/docker-mailserver/opendkim/KeyTable
|
||||
fi
|
||||
fi
|
||||
|
||||
# Write to SigningTable if necessary
|
||||
signingtableentry="*@$domainname mail._domainkey.$domainname"
|
||||
if [ ! -f "/tmp/docker-mailserver/opendkim/SigningTable" ]; then
|
||||
echo "Creating DKIM SigningTable"
|
||||
echo "*@$domainname mail._domainkey.$domainname" > /tmp/docker-mailserver/opendkim/SigningTable
|
||||
else
|
||||
if ! grep -q "$signingtableentry" "/tmp/docker-mailserver/opendkim/SigningTable" ; then
|
||||
echo $signingtableentry >> /tmp/docker-mailserver/opendkim/SigningTable
|
||||
fi
|
||||
fi
|
|
@ -574,6 +574,61 @@ load 'test_helper/bats-assert/load'
|
|||
assert_output 4
|
||||
}
|
||||
|
||||
@test "checking opendkim: generator creates keys, tables and TrustedHosts using domain name" {
|
||||
rm -rf "$(pwd)/test/config/with-domain" && mkdir -p "$(pwd)/test/config/with-domain"
|
||||
run docker run --rm \
|
||||
-v "$(pwd)/test/config/with-domain/":/tmp/docker-mailserver/ \
|
||||
-v "$(pwd)/test/config/postfix-accounts.cf":/tmp/docker-mailserver/postfix-accounts.cf \
|
||||
-v "$(pwd)/test/config/postfix-virtual.cf":/tmp/docker-mailserver/postfix-virtual.cf \
|
||||
`docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c 'generate-dkim-config | wc -l'
|
||||
assert_success
|
||||
assert_output 6
|
||||
# Generate key using domain name
|
||||
run docker run --rm \
|
||||
-v "$(pwd)/test/config/with-domain/":/tmp/docker-mailserver/ \
|
||||
`docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c 'generate-dkim-domain testdomain.tld | wc -l'
|
||||
assert_success
|
||||
assert_output 1
|
||||
# Check keys for localhost.localdomain
|
||||
run docker run --rm \
|
||||
-v "$(pwd)/test/config/with-domain/opendkim":/etc/opendkim \
|
||||
`docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c 'ls -1 /etc/opendkim/keys/localhost.localdomain/ | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
# Check keys for otherdomain.tld
|
||||
run docker run --rm \
|
||||
-v "$(pwd)/test/config/with-domain/opendkim":/etc/opendkim \
|
||||
`docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c 'ls -1 /etc/opendkim/keys/otherdomain.tld | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
# Check keys for testdomain.tld
|
||||
run docker run --rm \
|
||||
-v "$(pwd)/test/config/with-domain/opendkim":/etc/opendkim \
|
||||
`docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c 'ls -1 /etc/opendkim/keys/testdomain.tld | wc -l'
|
||||
assert_success
|
||||
assert_output 2
|
||||
# Check presence of tables and TrustedHosts
|
||||
run docker run --rm \
|
||||
-v "$(pwd)/test/config/with-domain/opendkim":/etc/opendkim \
|
||||
`docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c "ls -1 /etc/opendkim | grep -E 'KeyTable|SigningTable|TrustedHosts|keys' | wc -l"
|
||||
assert_success
|
||||
assert_output 4
|
||||
# Check valid entries actually present in KeyTable
|
||||
run docker run --rm \
|
||||
-v "$(pwd)/test/config/with-domain/opendkim":/etc/opendkim \
|
||||
`docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c \
|
||||
"egrep 'localhost.localdomain|otherdomain.tld|localdomain2.com|testdomain.tld' /etc/opendkim/KeyTable | wc -l"
|
||||
assert_success
|
||||
assert_output 4
|
||||
# Check valid entries actually present in SigningTable
|
||||
run docker run --rm \
|
||||
-v "$(pwd)/test/config/with-domain/opendkim":/etc/opendkim \
|
||||
`docker inspect --format '{{ .Config.Image }}' mail` /bin/sh -c \
|
||||
"egrep 'localhost.localdomain|otherdomain.tld|localdomain2.com|testdomain.tld' /etc/opendkim/SigningTable | wc -l"
|
||||
assert_success
|
||||
assert_output 4
|
||||
}
|
||||
|
||||
#
|
||||
# ssl
|
||||
#
|
||||
|
|
Loading…
Reference in a new issue