mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
Issue 631 run services with supervisor (#676)
* installed supervisor. Still need to set tasks to run in foreground. * setting programs to run in foreground * seems to work now * cleanup * final fixes * tests * show startup output on stdout * set Dovecot config files before starting it * make all processes log to console * Use the supervisor as the main process. The start-mailserver is started from the supervisord and then this process triggers others. Defined some default variable in the Dockerfile. In order for supervisored to build the command lines the ENV variable need to be set. Therefore the defaults are defined. Some processes are not single processes like postfix and fail2ban and they have a wrapper. The wrapper takes care of proper shutdown and checking if the process is running or not. Supervisored will restart the wrapping script if the process is gone. Increased some delays between tests because sometimes they where to short for all containers to be running. * Remove obsolete comments, reset timeout value to old one, added new lines * Add more time for analyzing the emails. Sometimes it fails the tests and gives a wrong state about the test. During testing 40 seconds was the safe value.
This commit is contained in:
parent
8b19d54218
commit
9e7959fafe
26
Dockerfile
26
Dockerfile
|
@ -4,6 +4,13 @@ MAINTAINER Thomas VIAL
|
||||||
ENV DEBIAN_FRONTEND noninteractive
|
ENV DEBIAN_FRONTEND noninteractive
|
||||||
ENV VIRUSMAILS_DELETE_DELAY=7
|
ENV VIRUSMAILS_DELETE_DELAY=7
|
||||||
ENV ONE_DIR=0
|
ENV ONE_DIR=0
|
||||||
|
ENV ENABLE_POSTGREY=0
|
||||||
|
ENV POSTGREY_DELAY=300
|
||||||
|
ENV POSTGREY_MAX_AGE=35
|
||||||
|
ENV POSTGREY_TEXT="Delayed by postgrey"
|
||||||
|
|
||||||
|
ENV SASLAUTHD_MECHANISMS=pam
|
||||||
|
ENV SASLAUTHD_MECH_OPTIONS=""
|
||||||
|
|
||||||
# Packages
|
# Packages
|
||||||
RUN apt-get update -q --fix-missing && \
|
RUN apt-get update -q --fix-missing && \
|
||||||
|
@ -58,6 +65,7 @@ RUN apt-get update -q --fix-missing && \
|
||||||
rsyslog \
|
rsyslog \
|
||||||
sasl2-bin \
|
sasl2-bin \
|
||||||
spamassassin \
|
spamassassin \
|
||||||
|
supervisor \
|
||||||
postgrey \
|
postgrey \
|
||||||
unrar-free \
|
unrar-free \
|
||||||
unzip \
|
unzip \
|
||||||
|
@ -82,7 +90,11 @@ RUN apt-get update -q --fix-missing && \
|
||||||
|
|
||||||
RUN echo "0 0,6,12,18 * * * /usr/bin/freshclam --quiet" > /etc/cron.d/freshclam && \
|
RUN echo "0 0,6,12,18 * * * /usr/bin/freshclam --quiet" > /etc/cron.d/freshclam && \
|
||||||
chmod 644 /etc/clamav/freshclam.conf && \
|
chmod 644 /etc/clamav/freshclam.conf && \
|
||||||
freshclam
|
freshclam && \
|
||||||
|
sed -i 's/Foreground false/Foreground true/g' /etc/clamav/clamd.conf && \
|
||||||
|
sed -i 's/AllowSupplementaryGroups false/AllowSupplementaryGroups true/g' /etc/clamav/clamd.conf && \
|
||||||
|
mkdir /var/run/clamav && \
|
||||||
|
chown -R clamav:root /var/run/clamav
|
||||||
|
|
||||||
# Configures Dovecot
|
# Configures Dovecot
|
||||||
COPY target/dovecot/auth-passwdfile.inc target/dovecot/??-*.conf /etc/dovecot/conf.d/
|
COPY target/dovecot/auth-passwdfile.inc target/dovecot/??-*.conf /etc/dovecot/conf.d/
|
||||||
|
@ -124,7 +136,7 @@ RUN sed -i -r 's/#(@| \\%)bypass/\1bypass/g' /etc/amavis/conf.d/15-content_fil
|
||||||
# Configure Fail2ban
|
# Configure Fail2ban
|
||||||
COPY target/fail2ban/jail.conf /etc/fail2ban/jail.conf
|
COPY target/fail2ban/jail.conf /etc/fail2ban/jail.conf
|
||||||
COPY target/fail2ban/filter.d/dovecot.conf /etc/fail2ban/filter.d/dovecot.conf
|
COPY target/fail2ban/filter.d/dovecot.conf /etc/fail2ban/filter.d/dovecot.conf
|
||||||
RUN echo "ignoreregex =" >> /etc/fail2ban/filter.d/postfix-sasl.conf
|
RUN echo "ignoreregex =" >> /etc/fail2ban/filter.d/postfix-sasl.conf && mkdir /var/run/fail2ban
|
||||||
|
|
||||||
# Enables Pyzor and Razor
|
# Enables Pyzor and Razor
|
||||||
USER amavis
|
USER amavis
|
||||||
|
@ -146,6 +158,7 @@ COPY target/opendmarc/ignore.hosts /etc/opendmarc/ignore.hosts
|
||||||
# Configure fetchmail
|
# Configure fetchmail
|
||||||
COPY target/fetchmail/fetchmailrc /etc/fetchmailrc_general
|
COPY target/fetchmail/fetchmailrc /etc/fetchmailrc_general
|
||||||
RUN sed -i 's/START_DAEMON=no/START_DAEMON=yes/g' /etc/default/fetchmail
|
RUN sed -i 's/START_DAEMON=no/START_DAEMON=yes/g' /etc/default/fetchmail
|
||||||
|
RUN mkdir /var/run/fetchmail && chown fetchmail /var/run/fetchmail
|
||||||
|
|
||||||
# Configures Postfix
|
# Configures Postfix
|
||||||
COPY target/postfix/main.cf target/postfix/master.cf /etc/postfix/
|
COPY target/postfix/main.cf target/postfix/master.cf /etc/postfix/
|
||||||
|
@ -173,12 +186,15 @@ RUN curl -s https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem > /et
|
||||||
|
|
||||||
COPY ./target/bin /usr/local/bin
|
COPY ./target/bin /usr/local/bin
|
||||||
# Start-mailserver script
|
# Start-mailserver script
|
||||||
COPY ./target/start-mailserver.sh ./target/docker-configomat/configomat.sh /usr/local/bin/
|
COPY ./target/start-mailserver.sh ./target/fail2ban-wrapper.sh ./target/postfix-wrapper.sh ./target/docker-configomat/configomat.sh /usr/local/bin/
|
||||||
RUN chmod +x /usr/local/bin/*
|
RUN chmod +x /usr/local/bin/*
|
||||||
|
|
||||||
|
# Configure supervisor
|
||||||
|
COPY target/supervisor/* /etc/supervisor/conf.d/
|
||||||
|
|
||||||
EXPOSE 25 587 143 993 110 995 4190
|
EXPOSE 25 587 143 993 110 995 4190
|
||||||
|
|
||||||
CMD /usr/local/bin/start-mailserver.sh
|
CMD supervisord -c /etc/supervisor/supervisord.conf
|
||||||
|
|
||||||
|
|
||||||
ADD target/filebeat.yml.tmpl /etc/filebeat/filebeat.yml.tmpl
|
ADD target/filebeat.yml.tmpl /etc/filebeat/filebeat.yml.tmpl
|
||||||
|
|
||||||
|
|
14
Makefile
14
Makefile
|
@ -40,7 +40,7 @@ run:
|
||||||
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
||||||
-v "`pwd`/test/config/letsencrypt":/etc/letsencrypt/live \
|
-v "`pwd`/test/config/letsencrypt":/etc/letsencrypt/live \
|
||||||
-e ENABLE_POP3=1 \
|
-e ENABLE_POP3=1 \
|
||||||
-e DMS_DEBUG=1 \
|
-e DMS_DEBUG=0 \
|
||||||
-e SSL_TYPE=letsencrypt \
|
-e SSL_TYPE=letsencrypt \
|
||||||
-h mail.my-domain.com -t $(NAME)
|
-h mail.my-domain.com -t $(NAME)
|
||||||
sleep 15
|
sleep 15
|
||||||
|
@ -49,6 +49,7 @@ run:
|
||||||
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
||||||
-e SMTP_ONLY=1 \
|
-e SMTP_ONLY=1 \
|
||||||
-e PERMIT_DOCKER=network \
|
-e PERMIT_DOCKER=network \
|
||||||
|
-e DMS_DEBUG=0 \
|
||||||
-e OVERRIDE_HOSTNAME=mail.my-domain.com \
|
-e OVERRIDE_HOSTNAME=mail.my-domain.com \
|
||||||
-t $(NAME)
|
-t $(NAME)
|
||||||
sleep 15
|
sleep 15
|
||||||
|
@ -63,6 +64,7 @@ run:
|
||||||
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
||||||
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
||||||
-e PERMIT_DOCKER=network \
|
-e PERMIT_DOCKER=network \
|
||||||
|
-e DMS_DEBUG=0 \
|
||||||
-e OVERRIDE_HOSTNAME=mail.my-domain.com \
|
-e OVERRIDE_HOSTNAME=mail.my-domain.com \
|
||||||
-h mail.my-domain.com \
|
-h mail.my-domain.com \
|
||||||
-t $(NAME)
|
-t $(NAME)
|
||||||
|
@ -79,6 +81,7 @@ run:
|
||||||
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
||||||
-e ENABLE_FETCHMAIL=1 \
|
-e ENABLE_FETCHMAIL=1 \
|
||||||
--cap-add=NET_ADMIN \
|
--cap-add=NET_ADMIN \
|
||||||
|
-e DMS_DEBUG=0 \
|
||||||
-h mail.my-domain.com -t $(NAME)
|
-h mail.my-domain.com -t $(NAME)
|
||||||
sleep 15
|
sleep 15
|
||||||
docker run -d --name mail_disabled_clamav_spamassassin \
|
docker run -d --name mail_disabled_clamav_spamassassin \
|
||||||
|
@ -86,6 +89,7 @@ run:
|
||||||
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
||||||
-e ENABLE_CLAMAV=0 \
|
-e ENABLE_CLAMAV=0 \
|
||||||
-e ENABLE_SPAMASSASSIN=0 \
|
-e ENABLE_SPAMASSASSIN=0 \
|
||||||
|
-e DMS_DEBUG=0 \
|
||||||
-h mail.my-domain.com -t $(NAME)
|
-h mail.my-domain.com -t $(NAME)
|
||||||
sleep 15
|
sleep 15
|
||||||
docker run -d --name mail_manual_ssl \
|
docker run -d --name mail_manual_ssl \
|
||||||
|
@ -94,6 +98,7 @@ run:
|
||||||
-e SSL_TYPE=manual \
|
-e SSL_TYPE=manual \
|
||||||
-e SSL_CERT_PATH=/tmp/docker-mailserver/letsencrypt/mail.my-domain.com/fullchain.pem \
|
-e SSL_CERT_PATH=/tmp/docker-mailserver/letsencrypt/mail.my-domain.com/fullchain.pem \
|
||||||
-e SSL_KEY_PATH=/tmp/docker-mailserver/letsencrypt/mail.my-domain.com/privkey.pem \
|
-e SSL_KEY_PATH=/tmp/docker-mailserver/letsencrypt/mail.my-domain.com/privkey.pem \
|
||||||
|
-e DMS_DEBUG=0 \
|
||||||
-h mail.my-domain.com -t $(NAME)
|
-h mail.my-domain.com -t $(NAME)
|
||||||
sleep 15
|
sleep 15
|
||||||
docker run -d --name ldap_for_mail \
|
docker run -d --name ldap_for_mail \
|
||||||
|
@ -120,6 +125,7 @@ run:
|
||||||
-e SASLAUTHD_LDAP_PASSWORD=admin \
|
-e SASLAUTHD_LDAP_PASSWORD=admin \
|
||||||
-e SASLAUTHD_LDAP_SEARCH_BASE=ou=people,dc=localhost,dc=localdomain \
|
-e SASLAUTHD_LDAP_SEARCH_BASE=ou=people,dc=localhost,dc=localdomain \
|
||||||
-e POSTMASTER_ADDRESS=postmaster@localhost.localdomain \
|
-e POSTMASTER_ADDRESS=postmaster@localhost.localdomain \
|
||||||
|
-e DMS_DEBUG=0 \
|
||||||
--link ldap_for_mail:ldap \
|
--link ldap_for_mail:ldap \
|
||||||
-h mail.my-domain.com -t $(NAME)
|
-h mail.my-domain.com -t $(NAME)
|
||||||
sleep 15
|
sleep 15
|
||||||
|
@ -130,8 +136,8 @@ run:
|
||||||
-e SASLAUTHD_MECHANISMS=rimap \
|
-e SASLAUTHD_MECHANISMS=rimap \
|
||||||
-e SASLAUTHD_MECH_OPTIONS=127.0.0.1 \
|
-e SASLAUTHD_MECH_OPTIONS=127.0.0.1 \
|
||||||
-e POSTMASTER_ADDRESS=postmaster@localhost.localdomain \
|
-e POSTMASTER_ADDRESS=postmaster@localhost.localdomain \
|
||||||
|
-e DMS_DEBUG=0 \
|
||||||
-h mail.my-domain.com -t $(NAME)
|
-h mail.my-domain.com -t $(NAME)
|
||||||
# Wait for containers to fully start
|
|
||||||
sleep 15
|
sleep 15
|
||||||
docker run -d --name mail_lmtp_ip \
|
docker run -d --name mail_lmtp_ip \
|
||||||
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
||||||
|
@ -139,6 +145,7 @@ run:
|
||||||
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
||||||
-e ENABLE_POSTFIX_VIRTUAL_TRANSPORT=1 \
|
-e ENABLE_POSTFIX_VIRTUAL_TRANSPORT=1 \
|
||||||
-e POSTFIX_DAGENT=lmtp:127.0.0.1:24 \
|
-e POSTFIX_DAGENT=lmtp:127.0.0.1:24 \
|
||||||
|
-e DMS_DEBUG=0 \
|
||||||
-h mail.my-domain.com -t $(NAME)
|
-h mail.my-domain.com -t $(NAME)
|
||||||
sleep 30
|
sleep 30
|
||||||
docker run -d --name mail_with_postgrey \
|
docker run -d --name mail_with_postgrey \
|
||||||
|
@ -148,6 +155,7 @@ run:
|
||||||
-e POSTGREY_DELAY=15 \
|
-e POSTGREY_DELAY=15 \
|
||||||
-e POSTGREY_MAX_AGE=35 \
|
-e POSTGREY_MAX_AGE=35 \
|
||||||
-e POSTGREY_TEXT="Delayed by postgrey" \
|
-e POSTGREY_TEXT="Delayed by postgrey" \
|
||||||
|
-e DMS_DEBUG=0 \
|
||||||
-h mail.my-domain.com -t $(NAME)
|
-h mail.my-domain.com -t $(NAME)
|
||||||
sleep 20
|
sleep 20
|
||||||
|
|
||||||
|
@ -179,7 +187,7 @@ fixtures:
|
||||||
|
|
||||||
docker exec mail_override_hostname /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-user1.txt"
|
docker exec mail_override_hostname /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-user1.txt"
|
||||||
# Wait for mails to be analyzed
|
# Wait for mails to be analyzed
|
||||||
sleep 20
|
sleep 40
|
||||||
|
|
||||||
tests:
|
tests:
|
||||||
# Start tests
|
# Start tests
|
||||||
|
|
2
setup.sh
2
setup.sh
|
@ -7,7 +7,7 @@
|
||||||
INFO=$(docker ps \
|
INFO=$(docker ps \
|
||||||
--no-trunc \
|
--no-trunc \
|
||||||
--format="{{.Image}}\t{{.Names}}\t{{.Command}}" | \
|
--format="{{.Image}}\t{{.Names}}\t{{.Command}}" | \
|
||||||
grep '/bin/sh -c /usr/local/bin/start-mailserver.sh')
|
grep "/bin/sh -c 'supervisord -c /etc/supervisor/supervisord.conf'")
|
||||||
|
|
||||||
IMAGE_NAME=$(echo $INFO | awk '{print $1}')
|
IMAGE_NAME=$(echo $INFO | awk '{print $1}')
|
||||||
CONTAINER_NAME=$(echo $INFO | awk '{print $2}')
|
CONTAINER_NAME=$(echo $INFO | awk '{print $2}')
|
||||||
|
|
34
target/fail2ban-wrapper.sh
Normal file
34
target/fail2ban-wrapper.sh
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
# fail2ban-wrapper.sh, version 0.0.1
|
||||||
|
#
|
||||||
|
# You cannot start fail2ban in some foreground mode and
|
||||||
|
# it's more or less important that docker doesn't kill
|
||||||
|
# fail2ban and its chilren if you stop the container.
|
||||||
|
#
|
||||||
|
# Use this script with supervisord and it will take
|
||||||
|
# care about starting and stopping fail2ban correctly.
|
||||||
|
#
|
||||||
|
# supervisord config snippet for fail2ban-wrapper:
|
||||||
|
#
|
||||||
|
# [program:fail2ban]
|
||||||
|
# process_name = fail2ban
|
||||||
|
# command = /path/to/fail2ban-wrapper.sh
|
||||||
|
# startsecs = 0
|
||||||
|
# autorestart = false
|
||||||
|
#
|
||||||
|
|
||||||
|
trap "/usr/bin/fail2ban-client stop" SIGINT
|
||||||
|
trap "/usr/bin/fail2ban-client stop" SIGTERM
|
||||||
|
trap "/usr/bin/fail2ban-client reload" SIGHUP
|
||||||
|
|
||||||
|
# start fail2ban
|
||||||
|
/usr/bin/fail2ban-client start
|
||||||
|
|
||||||
|
# lets give fail2ban some time to start
|
||||||
|
sleep 5
|
||||||
|
|
||||||
|
# wait until fail2ban is dead (triggered by trap)
|
||||||
|
while kill -0 "`cat /var/run/fail2ban/fail2ban.pid`"; do
|
||||||
|
sleep 5
|
||||||
|
done
|
||||||
|
|
34
target/postfix-wrapper.sh
Normal file
34
target/postfix-wrapper.sh
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
# postfix-wrapper.sh, version 0.1.0
|
||||||
|
#
|
||||||
|
# You cannot start postfix in some foreground mode and
|
||||||
|
# it's more or less important that docker doesn't kill
|
||||||
|
# postfix and its chilren if you stop the container.
|
||||||
|
#
|
||||||
|
# Use this script with supervisord and it will take
|
||||||
|
# care about starting and stopping postfix correctly.
|
||||||
|
#
|
||||||
|
# supervisord config snippet for postfix-wrapper:
|
||||||
|
#
|
||||||
|
# [program:postfix]
|
||||||
|
# process_name = postfix
|
||||||
|
# command = /path/to/postfix-wrapper.sh
|
||||||
|
# startsecs = 0
|
||||||
|
# autorestart = false
|
||||||
|
#
|
||||||
|
|
||||||
|
trap "service postfix stop" SIGINT
|
||||||
|
trap "service postfix stop" SIGTERM
|
||||||
|
trap "service postfix reload" SIGHUP
|
||||||
|
|
||||||
|
# start postfix
|
||||||
|
service postfix start
|
||||||
|
|
||||||
|
# lets give postfix some time to start
|
||||||
|
sleep 5
|
||||||
|
|
||||||
|
# wait until postfix is dead (triggered by trap)
|
||||||
|
while kill -0 "`cat /var/spool/postfix/pid/master.pid`"; do
|
||||||
|
sleep 5
|
||||||
|
done
|
||||||
|
|
|
@ -349,7 +349,7 @@ function _check_hostname() {
|
||||||
|
|
||||||
if ( ! echo $HOSTNAME | grep -E '^(\S+[.]\S+)$' > /dev/null ); then
|
if ( ! echo $HOSTNAME | grep -E '^(\S+[.]\S+)$' > /dev/null ); then
|
||||||
notify 'err' "Setting hostname/domainname is required"
|
notify 'err' "Setting hostname/domainname is required"
|
||||||
return 1
|
kill -6 `cat /var/run/supervisord.pid` && return 1
|
||||||
else
|
else
|
||||||
notify 'inf' "Domain has been set to $DOMAINNAME"
|
notify 'inf' "Domain has been set to $DOMAINNAME"
|
||||||
notify 'inf' "Hostname has been set to $HOSTNAME"
|
notify 'inf' "Hostname has been set to $HOSTNAME"
|
||||||
|
@ -383,7 +383,7 @@ function _setup_default_vars() {
|
||||||
|
|
||||||
for var in ${!DEFAULT_VARS[@]}; do
|
for var in ${!DEFAULT_VARS[@]}; do
|
||||||
echo "export $var=${DEFAULT_VARS[$var]}" >> /root/.bashrc
|
echo "export $var=${DEFAULT_VARS[$var]}" >> /root/.bashrc
|
||||||
[ $? != 0 ] && notify 'err' "Unable to set $var=${DEFAULT_VARS[$var]}" && return 1
|
[ $? != 0 ] && notify 'err' "Unable to set $var=${DEFAULT_VARS[$var]}" && kill -15 `cat /var/run/supervisord.pid` && return 1
|
||||||
notify 'inf' "Set $var=${DEFAULT_VARS[$var]}"
|
notify 'inf' "Set $var=${DEFAULT_VARS[$var]}"
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
@ -644,18 +644,6 @@ EOF
|
||||||
-e "/^[^#].*smtpd_sasl_path.*/s/^/#/g" \
|
-e "/^[^#].*smtpd_sasl_path.*/s/^/#/g" \
|
||||||
/etc/postfix/master.cf
|
/etc/postfix/master.cf
|
||||||
|
|
||||||
sed -i \
|
|
||||||
-e "s|^START=.*|START=yes|g" \
|
|
||||||
-e "s|^MECHANISMS=.*|MECHANISMS="\"$SASLAUTHD_MECHANISMS\""|g" \
|
|
||||||
-e "s|^MECH_OPTIONS=.*|MECH_OPTIONS="\"$SASLAUTHD_MECH_OPTIONS\""|g" \
|
|
||||||
/etc/default/saslauthd
|
|
||||||
|
|
||||||
if [ "$SASLAUTHD_MECHANISMS" = rimap ]; then
|
|
||||||
sed -i \
|
|
||||||
-e 's|^OPTIONS="|OPTIONS="-r |g' \
|
|
||||||
/etc/default/saslauthd
|
|
||||||
fi
|
|
||||||
|
|
||||||
sed -i \
|
sed -i \
|
||||||
-e "/smtpd_sasl_path =.*/d" \
|
-e "/smtpd_sasl_path =.*/d" \
|
||||||
-e "/smtpd_sasl_type =.*/d" \
|
-e "/smtpd_sasl_type =.*/d" \
|
||||||
|
@ -860,7 +848,7 @@ function _setup_postfix_virtual_transport() {
|
||||||
|
|
||||||
[ -z "${POSTFIX_DAGENT}" ] && \
|
[ -z "${POSTFIX_DAGENT}" ] && \
|
||||||
echo "${POSTFIX_DAGENT} not set." && \
|
echo "${POSTFIX_DAGENT} not set." && \
|
||||||
return 1
|
kill -15 `cat /var/run/supervisord.pid` && return 1
|
||||||
postconf -e "virtual_transport = ${POSTFIX_DAGENT}"
|
postconf -e "virtual_transport = ${POSTFIX_DAGENT}"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1124,60 +1112,60 @@ function start_daemons() {
|
||||||
|
|
||||||
function _start_daemons_cron() {
|
function _start_daemons_cron() {
|
||||||
notify 'task' 'Starting cron' 'n'
|
notify 'task' 'Starting cron' 'n'
|
||||||
display_startup_daemon "cron"
|
supervisorctl start cron
|
||||||
}
|
}
|
||||||
|
|
||||||
function _start_daemons_rsyslog() {
|
function _start_daemons_rsyslog() {
|
||||||
notify 'task' 'Starting rsyslog' 'n'
|
notify 'task' 'Starting rsyslog ' 'n'
|
||||||
display_startup_daemon "/etc/init.d/rsyslog start"
|
supervisorctl start rsyslog
|
||||||
}
|
}
|
||||||
|
|
||||||
function _start_daemons_saslauthd() {
|
function _start_daemons_saslauthd() {
|
||||||
notify 'task' 'Starting saslauthd' 'n'
|
notify 'task' 'Starting saslauthd' 'n'
|
||||||
display_startup_daemon "/etc/init.d/saslauthd start"
|
supervisorctl start "saslauthd_${SASLAUTHD_MECHANISMS}"
|
||||||
}
|
}
|
||||||
|
|
||||||
function _start_daemons_fail2ban() {
|
function _start_daemons_fail2ban() {
|
||||||
notify 'task' 'Starting fail2ban' 'n'
|
notify 'task' 'Starting fail2ban ' 'n'
|
||||||
touch /var/log/auth.log
|
touch /var/log/auth.log
|
||||||
# Delete fail2ban.sock that probably was left here after container restart
|
# Delete fail2ban.sock that probably was left here after container restart
|
||||||
if [ -e /var/run/fail2ban/fail2ban.sock ]; then
|
if [ -e /var/run/fail2ban/fail2ban.sock ]; then
|
||||||
rm /var/run/fail2ban/fail2ban.sock
|
rm /var/run/fail2ban/fail2ban.sock
|
||||||
fi
|
fi
|
||||||
display_startup_daemon "/etc/init.d/fail2ban start"
|
supervisorctl start fail2ban
|
||||||
}
|
}
|
||||||
|
|
||||||
function _start_daemons_opendkim() {
|
function _start_daemons_opendkim() {
|
||||||
notify 'task' 'Starting opendkim' 'n'
|
notify 'task' 'Starting opendkim ' 'n'
|
||||||
display_startup_daemon "/etc/init.d/opendkim start"
|
supervisorctl start opendkim
|
||||||
}
|
}
|
||||||
|
|
||||||
function _start_daemons_opendmarc() {
|
function _start_daemons_opendmarc() {
|
||||||
notify 'task' 'Starting opendmarc' 'n'
|
notify 'task' 'Starting opendmarc ' 'n'
|
||||||
display_startup_daemon "/etc/init.d/opendmarc start"
|
supervisorctl start opendmarc
|
||||||
}
|
}
|
||||||
|
|
||||||
function _start_daemons_postfix() {
|
function _start_daemons_postfix() {
|
||||||
notify 'task' 'Starting postfix' 'n'
|
notify 'task' 'Starting postfix' 'n'
|
||||||
display_startup_daemon "/etc/init.d/postfix start"
|
supervisorctl start postfix
|
||||||
}
|
}
|
||||||
|
|
||||||
function _start_daemons_dovecot() {
|
function _start_daemons_dovecot() {
|
||||||
# Here we are starting sasl and imap, not pop3 because it's disabled by default
|
# Here we are starting sasl and imap, not pop3 because it's disabled by default
|
||||||
|
|
||||||
notify 'task' 'Starting dovecot services' 'n'
|
notify 'task' 'Starting dovecot services' 'n'
|
||||||
display_startup_daemon "/usr/sbin/dovecot -c /etc/dovecot/dovecot.conf"
|
|
||||||
|
|
||||||
if [ "$ENABLE_POP3" = 1 ]; then
|
if [ "$ENABLE_POP3" = 1 ]; then
|
||||||
notify 'task' 'Starting pop3 services' 'n'
|
notify 'task' 'Starting pop3 services' 'n'
|
||||||
mv /etc/dovecot/protocols.d/pop3d.protocol.disab /etc/dovecot/protocols.d/pop3d.protocol
|
mv /etc/dovecot/protocols.d/pop3d.protocol.disab /etc/dovecot/protocols.d/pop3d.protocol
|
||||||
display_startup_daemon "/usr/sbin/dovecot reload"
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -f /tmp/docker-mailserver/dovecot.cf ]; then
|
if [ -f /tmp/docker-mailserver/dovecot.cf ]; then
|
||||||
cp /tmp/docker-mailserver/dovecot.cf /etc/dovecot/local.conf
|
cp /tmp/docker-mailserver/dovecot.cf /etc/dovecot/local.conf
|
||||||
/usr/sbin/dovecot reload
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
supervisorctl start dovecot
|
||||||
|
|
||||||
# @TODO fix: on integration test
|
# @TODO fix: on integration test
|
||||||
# doveadm: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: No such file or directory
|
# doveadm: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: No such file or directory
|
||||||
# doveadm: Fatal: user listing failed
|
# doveadm: Fatal: user listing failed
|
||||||
|
@ -1190,30 +1178,30 @@ function _start_daemons_dovecot() {
|
||||||
|
|
||||||
function _start_daemons_filebeat() {
|
function _start_daemons_filebeat() {
|
||||||
notify 'task' 'Starting filebeat' 'n'
|
notify 'task' 'Starting filebeat' 'n'
|
||||||
display_startup_daemon "/etc/init.d/filebeat start"
|
supervisorctl start filebeat
|
||||||
}
|
}
|
||||||
|
|
||||||
function _start_daemons_fetchmail() {
|
function _start_daemons_fetchmail() {
|
||||||
notify 'task' 'Starting fetchmail' 'n'
|
notify 'task' 'Starting fetchmail' 'n'
|
||||||
/usr/local/bin/setup-fetchmail
|
/usr/local/bin/setup-fetchmail
|
||||||
display_startup_daemon "/etc/init.d/fetchmail start"
|
supervisorctl start fetchmail
|
||||||
}
|
}
|
||||||
|
|
||||||
function _start_daemons_clamav() {
|
function _start_daemons_clamav() {
|
||||||
notify 'task' 'Starting clamav' 'n'
|
notify 'task' 'Starting clamav' 'n'
|
||||||
display_startup_daemon "/etc/init.d/clamav-daemon start"
|
supervisorctl start clamav
|
||||||
}
|
}
|
||||||
|
|
||||||
function _start_daemons_postgrey() {
|
function _start_daemons_postgrey() {
|
||||||
notify 'task' 'Starting postgrey' 'n'
|
notify 'task' 'Starting postgrey' 'n'
|
||||||
rm -f /var/run/postgrey/postgrey.pid
|
rm -f /var/run/postgrey/postgrey.pid
|
||||||
display_startup_daemon "/etc/init.d/postgrey start"
|
supervisorctl start postgrey
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
function _start_daemons_amavis() {
|
function _start_daemons_amavis() {
|
||||||
notify 'task' 'Starting amavis' 'n'
|
notify 'task' 'Starting amavis' 'n'
|
||||||
display_startup_daemon "/etc/init.d/amavis start"
|
supervisorctl start amavis
|
||||||
}
|
}
|
||||||
|
|
||||||
##########################################################################
|
##########################################################################
|
||||||
|
@ -1262,7 +1250,7 @@ notify 'taskgrp' "# $HOSTNAME is up and running"
|
||||||
notify 'taskgrp' "#"
|
notify 'taskgrp' "#"
|
||||||
notify 'taskgrp' ""
|
notify 'taskgrp' ""
|
||||||
|
|
||||||
|
touch /var/log/mail/mail.log
|
||||||
tail -fn 0 /var/log/mail/mail.log
|
tail -fn 0 /var/log/mail/mail.log
|
||||||
|
|
||||||
|
|
||||||
|
|
45
target/supervisor/saslauth.conf
Normal file
45
target/supervisor/saslauth.conf
Normal file
|
@ -0,0 +1,45 @@
|
||||||
|
[program:saslauthd_ldap]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
command=/usr/sbin/saslauthd -d -a ldap -O /etc/saslauthd.conf
|
||||||
|
pidfile=/var/run/saslauthd/saslauthd.pid
|
||||||
|
|
||||||
|
[program:saslauthd_mysql]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
command=/usr/sbin/saslauthd -d -a mysql -O %(ENV_SASLAUTHD_MECH_OPTIONS)s
|
||||||
|
pidfile=/var/run/saslauthd/saslauthd.pid
|
||||||
|
|
||||||
|
[program:saslauthd_pam]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
command=/usr/sbin/saslauthd -d -a pam -O %(ENV_SASLAUTHD_MECH_OPTIONS)s
|
||||||
|
pidfile=/var/run/saslauthd/saslauthd.pid
|
||||||
|
|
||||||
|
[program:saslauthd_rimap]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
command=/usr/sbin/saslauthd -d -a rimap -r -O %(ENV_SASLAUTHD_MECH_OPTIONS)s
|
||||||
|
pidfile=/var/run/saslauthd/saslauthd.pid
|
||||||
|
|
||||||
|
[program:saslauthd_shadow]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
command=/usr/sbin/saslauthd -d -a shadow -O %(ENV_SASLAUTHD_MECH_OPTIONS)s
|
||||||
|
pidfile=/var/run/saslauthd/saslauthd.pid
|
||||||
|
|
116
target/supervisor/supervisor-app.conf
Normal file
116
target/supervisor/supervisor-app.conf
Normal file
|
@ -0,0 +1,116 @@
|
||||||
|
# each program entry below is a separate terminal command.
|
||||||
|
# Each command MUST run in the foreground and stay running.
|
||||||
|
# If the command ever exits, the supervisor daemon will automatically run it again.
|
||||||
|
# Programs can be controlled like this: 'supervisorctl start fail2ban' 'supervisorctl stop fail2ban'
|
||||||
|
# supervisor writes program statuses in /var/log/supervisor
|
||||||
|
|
||||||
|
[supervisord]
|
||||||
|
nodaemon=true
|
||||||
|
|
||||||
|
[program:mailserver]
|
||||||
|
startsecs=0
|
||||||
|
autostart=true
|
||||||
|
autorestart=false
|
||||||
|
stdout_logfile=/dev/stdout
|
||||||
|
stdout_logfile_maxbytes=0
|
||||||
|
stderr_logfile=/dev/stderr
|
||||||
|
stderr_logfile_maxbytes=0
|
||||||
|
command=/usr/local/bin/start-mailserver.sh
|
||||||
|
|
||||||
|
[program:cron]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
command=/usr/sbin/cron -f
|
||||||
|
|
||||||
|
[program:rsyslog]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
command=/usr/sbin/rsyslogd -n
|
||||||
|
|
||||||
|
[program:fail2ban]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
command=/usr/local/bin/fail2ban-wrapper.sh
|
||||||
|
|
||||||
|
[program:opendkim]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
command=/usr/sbin/opendkim -f
|
||||||
|
|
||||||
|
[program:opendmarc]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
command=/usr/sbin/opendmarc -f -p "inet:8893@localhost" -P /var/run/opendmarc/opendmarc.pid
|
||||||
|
|
||||||
|
[program:dovecot]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
command=/usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf
|
||||||
|
|
||||||
|
[program:filebeat]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
command=/usr/bin/filebeat -c /etc/filebeat/filebeat.yml
|
||||||
|
|
||||||
|
[program:clamav]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
command=/usr/sbin/clamd -c /etc/clamav/clamd.conf
|
||||||
|
|
||||||
|
[program:postgrey]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/mail/mail.log
|
||||||
|
stderr_logfile=/var/log/mail/mail.log
|
||||||
|
command=/usr/sbin/postgrey --inet=127.0.0.1:10023 --syslog-facility=mail --delay=%(ENV_POSTGREY_DELAY)s --max-age=%(ENV_POSTGREY_MAX_AGE)s --greylist-text="%(ENV_POSTGREY_TEXT)s"
|
||||||
|
|
||||||
|
[program:amavis]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
command=/usr/sbin/amavisd-new foreground
|
||||||
|
|
||||||
|
[program:fetchmail]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
user=fetchmail
|
||||||
|
command=/usr/bin/fetchmail -f /etc/fetchmailrc -v --nodetach --daemon 300 -i /var/lib/fetchmail/.fetchmail-UIDL-cache --pidfile /var/run/fetchmail/fetchmail.pid
|
||||||
|
|
||||||
|
[program:postfix]
|
||||||
|
startsecs=0
|
||||||
|
autostart=false
|
||||||
|
autorestart=true
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
command=/usr/local/bin/postfix-wrapper.sh
|
||||||
|
|
|
@ -111,10 +111,6 @@ load 'test_helper/bats-assert/load'
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "checking process: saslauthd (saslauthd server enabled)" {
|
|
||||||
run docker exec mail_with_imap /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/sbin/saslauthd'"
|
|
||||||
assert_success
|
|
||||||
}
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# postgrey
|
# postgrey
|
||||||
|
@ -1194,3 +1190,54 @@ load 'test_helper/bats-assert/load'
|
||||||
assert_success
|
assert_success
|
||||||
assert_output 0
|
assert_output 0
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# supervisor
|
||||||
|
#
|
||||||
|
|
||||||
|
@test "checking restart of process: postfix" {
|
||||||
|
run docker exec mail /bin/bash -c "pkill master && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/lib/postfix/sbin/master'"
|
||||||
|
assert_success
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "checking restart of process: clamd" {
|
||||||
|
run docker exec mail /bin/bash -c "pkill clamd && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/sbin/clamd'"
|
||||||
|
assert_success
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "checking restart of process: amavisd-new" {
|
||||||
|
run docker exec mail /bin/bash -c "pkill amavi && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/sbin/amavisd-new (master)'"
|
||||||
|
assert_success
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "checking restart of process: opendkim" {
|
||||||
|
run docker exec mail /bin/bash -c "pkill opendkim && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/sbin/opendkim'"
|
||||||
|
assert_success
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "checking restart of process: opendmarc" {
|
||||||
|
run docker exec mail /bin/bash -c "pkill opendmarc && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/sbin/opendmarc'"
|
||||||
|
assert_success
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "checking restart of process: fail2ban (fail2ban server enabled)" {
|
||||||
|
run docker exec mail_fail2ban /bin/bash -c "pkill fail2ban && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/bin/python3 /usr/bin/fail2ban-server'"
|
||||||
|
assert_success
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "checking restart of process: fetchmail" {
|
||||||
|
run docker exec mail_fetchmail /bin/bash -c "pkill fetchmail && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/bin/fetchmail'"
|
||||||
|
assert_success
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "checking restart of process: clamav (clamav disabled by ENABLED_CLAMAV=0)" {
|
||||||
|
run docker exec mail_disabled_clamav_spamassassin /bin/bash -c "pkill -f clamd && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/sbin/clamd'"
|
||||||
|
assert_failure
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "checking restart of process: saslauthd (saslauthd server enabled)" {
|
||||||
|
run docker exec mail_with_ldap /bin/bash -c "pkill saslauthd && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/sbin/saslauthd'"
|
||||||
|
assert_success
|
||||||
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue