From 9ead9a54ac99de7029d96162f649d4bb73e4fe96 Mon Sep 17 00:00:00 2001 From: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com> Date: Mon, 27 Feb 2023 23:37:35 +0100 Subject: [PATCH] scripts: follow up of #3115 (feedback) (#3124) --- target/scripts/helpers/dhparams.sh | 20 -------------------- target/scripts/helpers/index.sh | 1 - target/scripts/helpers/ssl.sh | 19 +++++++++++++++++++ target/scripts/start-mailserver.sh | 2 ++ target/scripts/startup/setup-stack.sh | 6 ++++-- 5 files changed, 25 insertions(+), 23 deletions(-) delete mode 100644 target/scripts/helpers/dhparams.sh diff --git a/target/scripts/helpers/dhparams.sh b/target/scripts/helpers/dhparams.sh deleted file mode 100644 index e487989f..00000000 --- a/target/scripts/helpers/dhparams.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash - -function _setup_dhparam -{ - local DH_SERVICE=$1 - local DH_DEST=$2 - local DH_CUSTOM='/tmp/docker-mailserver/dhparams.pem' - - _log 'debug' "Setting up ${DH_SERVICE} dhparam" - - if [[ -f ${DH_CUSTOM} ]] - then # use custom supplied dh params (assumes they're probably insecure) - _log 'trace' "${DH_SERVICE} will use custom provided DH paramters" - _log 'warn' "Using self-generated dhparams is considered insecure - unless you know what you are doing, please remove '${DH_CUSTOM}'" - - cp -f "${DH_CUSTOM}" "${DH_DEST}" - else # use official standardized dh params (provided via Dockerfile) - _log 'trace' "${DH_SERVICE} will use official standardized DH parameters (ffdhe4096)." - fi -} diff --git a/target/scripts/helpers/index.sh b/target/scripts/helpers/index.sh index 644f8374..1e919513 100644 --- a/target/scripts/helpers/index.sh +++ b/target/scripts/helpers/index.sh @@ -10,7 +10,6 @@ function _import_scripts source "${PATH_TO_SCRIPTS}/accounts.sh" source "${PATH_TO_SCRIPTS}/aliases.sh" source "${PATH_TO_SCRIPTS}/change-detection.sh" - source "${PATH_TO_SCRIPTS}/dhparams.sh" source "${PATH_TO_SCRIPTS}/dns.sh" source "${PATH_TO_SCRIPTS}/error.sh" source "${PATH_TO_SCRIPTS}/lock.sh" diff --git a/target/scripts/helpers/ssl.sh b/target/scripts/helpers/ssl.sh index 135a85e2..70683331 100644 --- a/target/scripts/helpers/ssl.sh +++ b/target/scripts/helpers/ssl.sh @@ -1,5 +1,24 @@ #!/bin/bash +function _setup_dhparam +{ + local DH_SERVICE=$1 + local DH_DEST=$2 + local DH_CUSTOM='/tmp/docker-mailserver/dhparams.pem' + + _log 'debug' "Setting up ${DH_SERVICE} dhparam" + + if [[ -f ${DH_CUSTOM} ]] + then # use custom supplied dh params (assumes they're probably insecure) + _log 'trace' "${DH_SERVICE} will use custom provided DH paramters" + _log 'warn' "Using self-generated dhparams is considered insecure - unless you know what you are doing, please remove '${DH_CUSTOM}'" + + cp -f "${DH_CUSTOM}" "${DH_DEST}" + else # use official standardized dh params (provided via Dockerfile) + _log 'trace' "${DH_SERVICE} will use official standardized DH parameters (ffdhe4096)." + fi +} + function _setup_ssl { _log 'debug' 'Setting up SSL' diff --git a/target/scripts/start-mailserver.sh b/target/scripts/start-mailserver.sh index 62b22a4e..ec5e8a65 100755 --- a/target/scripts/start-mailserver.sh +++ b/target/scripts/start-mailserver.sh @@ -1,5 +1,7 @@ #!/bin/bash +shopt -s globstar + # ------------------------------------------------------------ # ? >> Sourcing helpers & stacks # ------------------------------------------------------------ diff --git a/target/scripts/startup/setup-stack.sh b/target/scripts/startup/setup-stack.sh index c9cfebe6..374fedaf 100644 --- a/target/scripts/startup/setup-stack.sh +++ b/target/scripts/startup/setup-stack.sh @@ -10,11 +10,13 @@ function _register_setup_function function _setup { - while read -r FILE + # requires `shopt -s globstar` because of `**` which in + # turn is required as we're decending through directories + for FILE in /usr/local/bin/setup.d/**/*.sh do # shellcheck source=/dev/null source "${FILE}" - done < <(find /usr/local/bin/setup.d/ -type f) + done _log 'info' 'Configuring mail server' for FUNC in "${FUNCS_SETUP[@]}"