mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
Improve LDAP integration (#379)
* Move ldap files to target dir * Move ldap files to target dir * Update start-mailser.sh to use copied files * Add the domainname from container to vhost * Fix unary operator error * List dovecot users only when LDAP disabled * Minor
This commit is contained in:
parent
f2f059bb91
commit
d3cd407295
|
@ -62,6 +62,10 @@ RUN sed -i -e 's/^.*postmaster_address.*/postmaster_address = '${POSTMASTER_ADDR
|
|||
COPY target/dovecot/auth-passwdfile.inc /etc/dovecot/conf.d/
|
||||
COPY target/dovecot/??-*.conf /etc/dovecot/conf.d/
|
||||
|
||||
# Configures LDAP
|
||||
COPY target/dovecot/dovecot-ldap.conf.ext /etc/dovecot
|
||||
COPY target/postfix/ldap-users.cf target/postfix/ldap-groups.cf target/postfix/ldap-aliases.cf /etc/postfix/
|
||||
|
||||
# Enables Spamassassin CRON updates
|
||||
RUN sed -i -r 's/^(CRON)=0/\1=1/g' /etc/default/spamassassin
|
||||
|
||||
|
|
|
@ -89,28 +89,22 @@ fi
|
|||
#
|
||||
if [ "$ENABLE_LDAP" = 1 ]; then
|
||||
for i in 'users' 'groups' 'aliases'; do
|
||||
fpath="/tmp/docker-mailserver/postfix-ldap-${i}.cf"
|
||||
if [ -f $fpath ]; then
|
||||
cp ${fpath} /etc/postfix/ldap-${i}.cf
|
||||
sed -i -e 's|^server_host.*|server_host = '${LDAP_SERVER_HOST:="mail.domain.com"}'|g' \
|
||||
-e 's|^search_base.*|search_base = '${LDAP_SEARCH_BASE:="ou=people,dc=domain,dc=com"}'|g' \
|
||||
-e 's|^bind_dn.*|bind_dn = '${LDAP_BIND_DN:="cn=admin,dc=domain,dc=com"}'|g' \
|
||||
-e 's|^bind_pw.*|bind_pw = '${LDAP_BIND_PW:="admin"}'|g' \
|
||||
/etc/postfix/ldap-${i}.cf
|
||||
else
|
||||
echo "${fpath} not found"
|
||||
echo "==> Warning: 'config/postfix-ldap-$i.cf' is not provided."
|
||||
fi
|
||||
sed -i -e 's|^server_host.*|server_host = '${LDAP_SERVER_HOST:="mail.domain.com"}'|g' \
|
||||
-e 's|^search_base.*|search_base = '${LDAP_SEARCH_BASE:="ou=people,dc=domain,dc=com"}'|g' \
|
||||
-e 's|^bind_dn.*|bind_dn = '${LDAP_BIND_DN:="cn=admin,dc=domain,dc=com"}'|g' \
|
||||
-e 's|^bind_pw.*|bind_pw = '${LDAP_BIND_PW:="admin"}'|g' \
|
||||
/etc/postfix/ldap-${i}.cf
|
||||
done
|
||||
|
||||
echo "Loading dovecot LDAP authentification configuration"
|
||||
cp /tmp/docker-mailserver/dovecot-ldap.conf.ext /etc/dovecot/dovecot-ldap.conf.ext
|
||||
|
||||
echo "Configuring dovecot LDAP authentification"
|
||||
sed -i -e 's|^hosts.*|hosts = '${LDAP_SERVER_HOST:="mail.domain.com"}'|g' \
|
||||
-e 's|^base.*|base = '${LDAP_SEARCH_BASE:="ou=people,dc=domain,dc=com"}'|g' \
|
||||
-e 's|^dn\s*=.*|dn = '${LDAP_BIND_DN:="cn=admin,dc=domain,dc=com"}'|g' \
|
||||
-e 's|^dnpass\s*=.*|dnpass = '${LDAP_BIND_PW:="admin"}'|g' \
|
||||
/etc/dovecot/dovecot-ldap.conf.ext
|
||||
-e 's|^base.*|base = '${LDAP_SEARCH_BASE:="ou=people,dc=domain,dc=com"}'|g' \
|
||||
-e 's|^dn\s*=.*|dn = '${LDAP_BIND_DN:="cn=admin,dc=domain,dc=com"}'|g' \
|
||||
-e 's|^dnpass\s*=.*|dnpass = '${LDAP_BIND_PW:="admin"}'|g' \
|
||||
/etc/dovecot/dovecot-ldap.conf.ext
|
||||
|
||||
# Add domainname to vhost.
|
||||
echo $(domainname) >> /tmp/vhost.tmp
|
||||
|
||||
echo "Enabling dovecot LDAP authentification"
|
||||
sed -i -e '/\!include auth-ldap\.conf\.ext/s/^#//' /etc/dovecot/conf.d/10-auth.conf
|
||||
|
@ -141,7 +135,7 @@ if [ "$ENABLE_SASLAUTHD" = 1 ]; then
|
|||
[ -z $SASLAUTHD_LDAP_SEARCH_BASE ] && SASLAUTHD_MECHANISMS=pam
|
||||
[ -z $SASLAUTHD_LDAP_SERVER ] && SASLAUTHD_LDAP_SERVER=localhost
|
||||
[ -z $SASLAUTHD_LDAP_FILTER ] && SASLAUTHD_LDAP_FILTER='(&(uniqueIdentifier=%u)(mailEnabled=TRUE))'
|
||||
([ $SASLAUTHD_LDAP_SSL == 0 ] || [ -z $SASLAUTHD_LDAP_SSL ]) && SASLAUTHD_LDAP_PROTO='ldap://' || SASLAUTHD_LDAP_PROTO='ldaps://'
|
||||
([ -z $SASLAUTHD_LDAP_SSL ] || [ $SASLAUTHD_LDAP_SSL == 0 ]) && SASLAUTHD_LDAP_PROTO='ldap://' || SASLAUTHD_LDAP_PROTO='ldaps://'
|
||||
|
||||
if [ ! -f /etc/saslauthd.conf ]; then
|
||||
echo "Creating /etc/saslauthd.conf"
|
||||
|
@ -527,7 +521,7 @@ if [ "$ENABLE_SASLAUTHD" = 1 ]; then
|
|||
/etc/init.d/saslauthd start
|
||||
fi
|
||||
|
||||
if [ "$SMTP_ONLY" != 1 ]; then
|
||||
if [ "$SMTP_ONLY" != 1 -a "$ENABLE_LDAP" != 1 ]; then
|
||||
echo "Listing users"
|
||||
/usr/sbin/dovecot user '*'
|
||||
fi
|
||||
|
|
|
@ -1,10 +0,0 @@
|
|||
base = ou=people,dc=my-domain,dc=com
|
||||
default_pass_scheme = SSHA
|
||||
dn = cn=admin,dc=my-domain,dc=com
|
||||
dnpass = admin
|
||||
hosts = mail.my-domain.com
|
||||
ldap_version = 3
|
||||
pass_attrs = uniqueIdentifier=user,userPassword=password
|
||||
pass_filter = (&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%n))
|
||||
user_attrs = mailHomeDirectory=home,mailUidNumber=uid,mailGidNumber=gid,mailStorageDirectory=mail
|
||||
user_filter = (&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%n))
|
|
@ -1,8 +0,0 @@
|
|||
bind = yes
|
||||
bind_dn = cn=admin,dc=my-domain,dc=com
|
||||
bind_pw = admin
|
||||
query_filter = (&(mailAlias=%s)(mailEnabled=TRUE))
|
||||
result_attribute = mail
|
||||
search_base = ou=people,dc=my-domain,dc=com
|
||||
server_host = mail.my-domain.com
|
||||
version = 3
|
|
@ -1,8 +0,0 @@
|
|||
bind = yes
|
||||
bind_dn = cn=admin,dc=my-domain,dc=com
|
||||
bind_pw = admin
|
||||
query_filter = (&(mailGroupMember=%s)(mailEnabled=TRUE))
|
||||
result_attribute = mail
|
||||
search_base = ou=people,dc=my-domain,dc=com
|
||||
server_host = mail.my-domain.com
|
||||
version = 3
|
|
@ -1,8 +0,0 @@
|
|||
bind = yes
|
||||
bind_dn = cn=admin,dc=my-domain,dc=com
|
||||
bind_pw = admin
|
||||
query_filter = (&(mail=%s)(mailEnabled=TRUE))
|
||||
result_attribute = mail
|
||||
search_base = ou=people,dc=my-domain,dc=com
|
||||
server_host = mail.my-domain.com
|
||||
version = 3
|
Loading…
Reference in a new issue