mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
Update check (#1951)
* mail binary * initial work * make env vars available * typo * some fixes * make script ugly, to satisfy linter.. * mailserver.env updated * Version to welcome message added * remove VERSION file references * VERSION --> DMS_VERSION * fetch remote version * variable usage * Quoting added * edge test & docu * dash removed * subject changed * re-add VERSION * VERSION added * new file: VERSION * rewrite * unnecessary additions from fail2ban PR removed * UPDATE_CHECK_INTERVAL added * syntax check & _log function * comment added * final commit
This commit is contained in:
parent
225e21edb7
commit
bab0277723
|
@ -1,2 +1,3 @@
|
||||||
*
|
*
|
||||||
!target
|
!target
|
||||||
|
!VERSION
|
||||||
|
|
17
Dockerfile
17
Dockerfile
|
@ -45,7 +45,7 @@ RUN \
|
||||||
apt-get -y install postfix >/dev/null && \
|
apt-get -y install postfix >/dev/null && \
|
||||||
apt-get -y --no-install-recommends install \
|
apt-get -y --no-install-recommends install \
|
||||||
# A - D
|
# A - D
|
||||||
altermime amavisd-new apt-transport-https arj binutils bzip2 \
|
altermime amavisd-new apt-transport-https arj binutils bzip2 bsd-mailx \
|
||||||
ca-certificates cabextract clamav clamav-daemon cpio curl \
|
ca-certificates cabextract clamav clamav-daemon cpio curl \
|
||||||
dovecot-core dovecot-imapd dovecot-ldap dovecot-lmtpd \
|
dovecot-core dovecot-imapd dovecot-ldap dovecot-lmtpd \
|
||||||
dovecot-managesieved dovecot-pop3d dovecot-sieve dovecot-solr \
|
dovecot-managesieved dovecot-pop3d dovecot-sieve dovecot-solr \
|
||||||
|
@ -59,9 +59,8 @@ RUN \
|
||||||
pax pflogsumm postgrey p7zip-full postfix-ldap postfix-pcre \
|
pax pflogsumm postgrey p7zip-full postfix-ldap postfix-pcre \
|
||||||
postfix-policyd-spf-python postsrsd pyzor \
|
postfix-policyd-spf-python postsrsd pyzor \
|
||||||
razor rpm2cpio rsyslog sasl2-bin spamassassin supervisor \
|
razor rpm2cpio rsyslog sasl2-bin spamassassin supervisor \
|
||||||
unrar-free unzip whois xz-utils \
|
unrar-free unzip whois xz-utils && \
|
||||||
# Fail2Ban
|
# Fail2Ban
|
||||||
gpg gpg-agent >/dev/null && \
|
|
||||||
gpg --keyserver ${FAIL2BAN_GPG_PUBLIC_KEY_SERVER} \
|
gpg --keyserver ${FAIL2BAN_GPG_PUBLIC_KEY_SERVER} \
|
||||||
--recv-keys ${FAIL2BAN_GPG_PUBLIC_KEY_ID} &>/dev/null && \
|
--recv-keys ${FAIL2BAN_GPG_PUBLIC_KEY_ID} &>/dev/null && \
|
||||||
curl -Lkso fail2ban.deb ${FAIL2BAN_DEB_URL} && \
|
curl -Lkso fail2ban.deb ${FAIL2BAN_DEB_URL} && \
|
||||||
|
@ -75,7 +74,6 @@ RUN \
|
||||||
echo "ERROR: Wrong GPG fingerprint!" 2>&1; exit 1; fi && \
|
echo "ERROR: Wrong GPG fingerprint!" 2>&1; exit 1; fi && \
|
||||||
dpkg -i fail2ban.deb &>/dev/null && \
|
dpkg -i fail2ban.deb &>/dev/null && \
|
||||||
rm fail2ban.deb fail2ban.deb.asc && \
|
rm fail2ban.deb fail2ban.deb.asc && \
|
||||||
apt-get -qq -y purge gpg gpg-agent &>/dev/null && \
|
|
||||||
# cleanup
|
# cleanup
|
||||||
apt-get -qq autoremove &>/dev/null && \
|
apt-get -qq autoremove &>/dev/null && \
|
||||||
apt-get -qq autoclean && \
|
apt-get -qq autoclean && \
|
||||||
|
@ -154,6 +152,9 @@ COPY \
|
||||||
./target/docker-configomat/configomat.sh \
|
./target/docker-configomat/configomat.sh \
|
||||||
/usr/local/bin/
|
/usr/local/bin/
|
||||||
|
|
||||||
|
COPY \
|
||||||
|
./VERSION /
|
||||||
|
|
||||||
RUN \
|
RUN \
|
||||||
chmod +x /usr/local/bin/* && \
|
chmod +x /usr/local/bin/* && \
|
||||||
rm -rf /usr/share/locale/* && \
|
rm -rf /usr/share/locale/* && \
|
||||||
|
@ -162,13 +163,7 @@ RUN \
|
||||||
touch /var/log/auth.log && \
|
touch /var/log/auth.log && \
|
||||||
update-locale && \
|
update-locale && \
|
||||||
rm /etc/postsrsd.secret && \
|
rm /etc/postsrsd.secret && \
|
||||||
rm /etc/cron.daily/00logwatch && \
|
rm /etc/cron.daily/00logwatch
|
||||||
if [[ ${VCS_VER} =~ ^refs/tags/v.+ ]]; then \
|
|
||||||
echo "export DMS_VERSION='${VCS_VER:11}'" >>/root/.bashrc; \
|
|
||||||
else \
|
|
||||||
echo "export DMS_VERSION='${VCS_REF}'" >>/root/.bashrc; \
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
# –––––––––––––––––––––––––––––––––––––––––––––––
|
# –––––––––––––––––––––––––––––––––––––––––––––––
|
||||||
# ––– PostSRSD, Postgrey & Amavis –––––––––––––––
|
# ––– PostSRSD, Postgrey & Amavis –––––––––––––––
|
||||||
|
|
|
@ -193,6 +193,19 @@ Set the message size limit for all users. If set to zero, the size will be unlim
|
||||||
- **empty** => postmaster@domain.com
|
- **empty** => postmaster@domain.com
|
||||||
- => Specify the postmaster address
|
- => Specify the postmaster address
|
||||||
|
|
||||||
|
##### ENABLE_UPDATE_CHECK
|
||||||
|
|
||||||
|
Check for updates on container start and then once a day. If an update is available, a mail is send to POSTMASTER_ADDRESS.
|
||||||
|
|
||||||
|
- 0 => Update check disabled
|
||||||
|
- **1** => Update check enabled
|
||||||
|
|
||||||
|
##### UPDATE_CHECK_INTERVAL
|
||||||
|
|
||||||
|
Customize the update check interval. Number + Suffix. Suffix must be 's' for seconds, 'm' for minutes, 'h' for hours or 'd' for days.
|
||||||
|
|
||||||
|
- **1d** => Check for updates once a day
|
||||||
|
|
||||||
##### POSTSCREEN_ACTION
|
##### POSTSCREEN_ACTION
|
||||||
|
|
||||||
- **enforce** => Allow other tests to complete. Reject attempts to deliver mail with a 550 SMTP reply, and log the helo/sender/recipient information. Repeat this test the next time the client connects.
|
- **enforce** => Allow other tests to complete. Reject attempts to deliver mail with a 550 SMTP reply, and log the helo/sender/recipient information. Repeat this test the next time the client connects.
|
||||||
|
|
|
@ -32,6 +32,16 @@ ONE_DIR=0
|
||||||
# => Specify the postmaster address
|
# => Specify the postmaster address
|
||||||
POSTMASTER_ADDRESS=
|
POSTMASTER_ADDRESS=
|
||||||
|
|
||||||
|
# Check for updates on container start and then once a day
|
||||||
|
# If an update is available, a mail is send to POSTMASTER_ADDRESS
|
||||||
|
# 0 => Update check disabled
|
||||||
|
# 1 => Update check enabled
|
||||||
|
ENABLE_UPDATE_CHECK=1
|
||||||
|
|
||||||
|
# Customize the update check interval.
|
||||||
|
# Number + Suffix. Suffix must be 's' for seconds, 'm' for minutes, 'h' for hours or 'd' for days.
|
||||||
|
UPDATE_CHECK_INTERVAL=1d
|
||||||
|
|
||||||
# Set different options for mynetworks option (can be overwrite in postfix-main.cf)
|
# Set different options for mynetworks option (can be overwrite in postfix-main.cf)
|
||||||
# **WARNING**: Adding the docker network's gateway to the list of trusted hosts, e.g. using the `network` or
|
# **WARNING**: Adding the docker network's gateway to the list of trusted hosts, e.g. using the `network` or
|
||||||
# `connected-networks` option, can create an open relay
|
# `connected-networks` option, can create an open relay
|
||||||
|
|
|
@ -33,6 +33,7 @@ VARS[ENABLE_QUOTAS]="${ENABLE_QUOTAS:=1}"
|
||||||
VARS[ENABLE_SASLAUTHD]="${ENABLE_SASLAUTHD:=0}"
|
VARS[ENABLE_SASLAUTHD]="${ENABLE_SASLAUTHD:=0}"
|
||||||
VARS[ENABLE_SPAMASSASSIN]="${ENABLE_SPAMASSASSIN:=0}"
|
VARS[ENABLE_SPAMASSASSIN]="${ENABLE_SPAMASSASSIN:=0}"
|
||||||
VARS[ENABLE_SRS]="${ENABLE_SRS:=0}"
|
VARS[ENABLE_SRS]="${ENABLE_SRS:=0}"
|
||||||
|
VARS[ENABLE_UPDATE_CHECK]="${ENABLE_UPDATE_CHECK:=1}"
|
||||||
VARS[FAIL2BAN_BLOCKTYPE]="${FAIL2BAN_BLOCKTYPE:=drop}"
|
VARS[FAIL2BAN_BLOCKTYPE]="${FAIL2BAN_BLOCKTYPE:=drop}"
|
||||||
VARS[FETCHMAIL_POLL]="${FETCHMAIL_POLL:=300}"
|
VARS[FETCHMAIL_POLL]="${FETCHMAIL_POLL:=300}"
|
||||||
VARS[FETCHMAIL_PARALLEL]="${FETCHMAIL_PARALLEL:=0}"
|
VARS[FETCHMAIL_PARALLEL]="${FETCHMAIL_PARALLEL:=0}"
|
||||||
|
@ -64,6 +65,7 @@ VARS[SRS_SENDER_CLASSES]="${SRS_SENDER_CLASSES:=envelope_sender}"
|
||||||
VARS[SSL_TYPE]="${SSL_TYPE:=}"
|
VARS[SSL_TYPE]="${SSL_TYPE:=}"
|
||||||
VARS[SUPERVISOR_LOGLEVEL]="${SUPERVISOR_LOGLEVEL:=warn}"
|
VARS[SUPERVISOR_LOGLEVEL]="${SUPERVISOR_LOGLEVEL:=warn}"
|
||||||
VARS[TLS_LEVEL]="${TLS_LEVEL:=modern}"
|
VARS[TLS_LEVEL]="${TLS_LEVEL:=modern}"
|
||||||
|
VARS[UPDATE_CHECK_INTERVAL]="${UPDATE_CHECK_INTERVAL:=1d}"
|
||||||
VARS[VIRUSMAILS_DELETE_DELAY]="${VIRUSMAILS_DELETE_DELAY:=7}"
|
VARS[VIRUSMAILS_DELETE_DELAY]="${VIRUSMAILS_DELETE_DELAY:=7}"
|
||||||
|
|
||||||
export HOSTNAME DOMAINNAME CHKSUM_FILE
|
export HOSTNAME DOMAINNAME CHKSUM_FILE
|
||||||
|
@ -168,6 +170,7 @@ function register_functions
|
||||||
_register_start_daemon '_start_daemons_rsyslog'
|
_register_start_daemon '_start_daemons_rsyslog'
|
||||||
|
|
||||||
[[ ${SMTP_ONLY} -ne 1 ]] && _register_start_daemon '_start_daemons_dovecot'
|
[[ ${SMTP_ONLY} -ne 1 ]] && _register_start_daemon '_start_daemons_dovecot'
|
||||||
|
[[ ${ENABLE_UPDATE_CHECK} -eq 1 ]] && _register_start_daemon '_start_daemons_update_check'
|
||||||
|
|
||||||
# needs to be started before SASLauthd
|
# needs to be started before SASLauthd
|
||||||
_register_start_daemon '_start_daemons_opendkim'
|
_register_start_daemon '_start_daemons_opendkim'
|
||||||
|
@ -249,16 +252,13 @@ function _defunc
|
||||||
# shellcheck source=./startup/daemons-stack.sh
|
# shellcheck source=./startup/daemons-stack.sh
|
||||||
. /usr/local/bin/daemons-stack.sh
|
. /usr/local/bin/daemons-stack.sh
|
||||||
|
|
||||||
# source DMS_VERSION variable
|
|
||||||
. /root/.bashrc
|
|
||||||
|
|
||||||
# ––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––
|
# ––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––
|
||||||
# ? << Sourcing all stacks
|
# ? << Sourcing all stacks
|
||||||
# ––
|
# ––
|
||||||
# ? >> Executing all stacks
|
# ? >> Executing all stacks
|
||||||
# ––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––
|
# ––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––
|
||||||
|
|
||||||
_notify 'tasklog' "Welcome to docker-mailserver ${DMS_VERSION}"
|
_notify 'tasklog' "Welcome to docker-mailserver $(</VERSION)"
|
||||||
_notify 'inf' 'ENVIRONMENT'
|
_notify 'inf' 'ENVIRONMENT'
|
||||||
[[ ${DMS_DEBUG} -eq 1 ]] && printenv
|
[[ ${DMS_DEBUG} -eq 1 ]] && printenv
|
||||||
|
|
||||||
|
|
|
@ -152,3 +152,9 @@ function _start_changedetector
|
||||||
_notify 'task' 'Starting changedetector'
|
_notify 'task' 'Starting changedetector'
|
||||||
supervisorctl start changedetector
|
supervisorctl start changedetector
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function _start_daemons_update_check
|
||||||
|
{
|
||||||
|
_notify 'task' 'Starting update-check'
|
||||||
|
supervisorctl start update-check
|
||||||
|
}
|
||||||
|
|
60
target/scripts/update-check.sh
Executable file
60
target/scripts/update-check.sh
Executable file
|
@ -0,0 +1,60 @@
|
||||||
|
#! /bin/bash
|
||||||
|
|
||||||
|
VERSION=$(</VERSION)
|
||||||
|
VERSION_URL="https://raw.githubusercontent.com/docker-mailserver/docker-mailserver/master/VERSION"
|
||||||
|
CHANGELOG="https://github.com/docker-mailserver/docker-mailserver/blob/master/CHANGELOG.md"
|
||||||
|
|
||||||
|
function _log
|
||||||
|
{
|
||||||
|
DATE=$(date '+%F %T')
|
||||||
|
echo "${DATE} ${1}"
|
||||||
|
}
|
||||||
|
|
||||||
|
# check for correct syntax
|
||||||
|
# number + suffix. suffix must be 's' for seconds, 'm' for minutes, 'h' for hours or 'd' for days.
|
||||||
|
if [[ ! ${UPDATE_CHECK_INTERVAL} =~ ^[0-9]+[smhd]{1}$ ]]
|
||||||
|
then
|
||||||
|
_log "Error: Invalid UPDATE_CHECK_INTERVAL value: ${UPDATE_CHECK_INTERVAL}"
|
||||||
|
_log "Info: Fallback to daily update checks"
|
||||||
|
UPDATE_CHECK_INTERVAL="1d"
|
||||||
|
fi
|
||||||
|
|
||||||
|
while true
|
||||||
|
do
|
||||||
|
# get remote version information
|
||||||
|
LATEST=$(curl -Lsf "${VERSION_URL}")
|
||||||
|
|
||||||
|
# did we get a valid response?
|
||||||
|
if [[ ${LATEST} =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]
|
||||||
|
then
|
||||||
|
_log "Info: Remote version information fetched"
|
||||||
|
|
||||||
|
# compare versions
|
||||||
|
if dpkg --compare-versions "${VERSION}" lt "${LATEST}"
|
||||||
|
then
|
||||||
|
# send mail notification to postmaster
|
||||||
|
read -r -d '' MAIL << EOM
|
||||||
|
Hello ${POSTMASTER_ADDRESS}!
|
||||||
|
|
||||||
|
There is a docker-mailserver update available on your host: $(hostname -f)
|
||||||
|
|
||||||
|
Current version: ${VERSION}
|
||||||
|
Latest version: ${LATEST}
|
||||||
|
|
||||||
|
Changelog: ${CHANGELOG}
|
||||||
|
EOM
|
||||||
|
echo "${MAIL}" | mail -s "Mailserver update available! [ ${VERSION} --> ${LATEST} ]" "${POSTMASTER_ADDRESS}" && \
|
||||||
|
|
||||||
|
_log "Info: Update available [ ${VERSION} --> ${LATEST} ]" && \
|
||||||
|
|
||||||
|
# only notify once
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
_log "Info: No update available"
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
_log "Error: Update check failed."
|
||||||
|
fi
|
||||||
|
# check again in one day
|
||||||
|
sleep "${UPDATE_CHECK_INTERVAL}"
|
||||||
|
done
|
|
@ -132,3 +132,11 @@ autorestart=unexpected
|
||||||
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
command=/usr/local/bin/postsrsd-wrapper.sh
|
command=/usr/local/bin/postsrsd-wrapper.sh
|
||||||
|
|
||||||
|
[program:update-check]
|
||||||
|
startsecs=0
|
||||||
|
stopwaitsecs=55
|
||||||
|
autostart=false
|
||||||
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
||||||
|
command=/bin/bash -l -c /usr/local/bin/update-check.sh
|
||||||
|
|
Loading…
Reference in a new issue