mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
Improve LDAP integration (#379)
* Move ldap files to target dir * Move ldap files to target dir * Update start-mailser.sh to use copied files * Add the domainname from container to vhost * Fix unary operator error * List dovecot users only when LDAP disabled * Minor
This commit is contained in:
parent
f2f059bb91
commit
d3cd407295
|
@ -62,6 +62,10 @@ RUN sed -i -e 's/^.*postmaster_address.*/postmaster_address = '${POSTMASTER_ADDR
|
||||||
COPY target/dovecot/auth-passwdfile.inc /etc/dovecot/conf.d/
|
COPY target/dovecot/auth-passwdfile.inc /etc/dovecot/conf.d/
|
||||||
COPY target/dovecot/??-*.conf /etc/dovecot/conf.d/
|
COPY target/dovecot/??-*.conf /etc/dovecot/conf.d/
|
||||||
|
|
||||||
|
# Configures LDAP
|
||||||
|
COPY target/dovecot/dovecot-ldap.conf.ext /etc/dovecot
|
||||||
|
COPY target/postfix/ldap-users.cf target/postfix/ldap-groups.cf target/postfix/ldap-aliases.cf /etc/postfix/
|
||||||
|
|
||||||
# Enables Spamassassin CRON updates
|
# Enables Spamassassin CRON updates
|
||||||
RUN sed -i -r 's/^(CRON)=0/\1=1/g' /etc/default/spamassassin
|
RUN sed -i -r 's/^(CRON)=0/\1=1/g' /etc/default/spamassassin
|
||||||
|
|
||||||
|
|
|
@ -89,29 +89,23 @@ fi
|
||||||
#
|
#
|
||||||
if [ "$ENABLE_LDAP" = 1 ]; then
|
if [ "$ENABLE_LDAP" = 1 ]; then
|
||||||
for i in 'users' 'groups' 'aliases'; do
|
for i in 'users' 'groups' 'aliases'; do
|
||||||
fpath="/tmp/docker-mailserver/postfix-ldap-${i}.cf"
|
|
||||||
if [ -f $fpath ]; then
|
|
||||||
cp ${fpath} /etc/postfix/ldap-${i}.cf
|
|
||||||
sed -i -e 's|^server_host.*|server_host = '${LDAP_SERVER_HOST:="mail.domain.com"}'|g' \
|
sed -i -e 's|^server_host.*|server_host = '${LDAP_SERVER_HOST:="mail.domain.com"}'|g' \
|
||||||
-e 's|^search_base.*|search_base = '${LDAP_SEARCH_BASE:="ou=people,dc=domain,dc=com"}'|g' \
|
-e 's|^search_base.*|search_base = '${LDAP_SEARCH_BASE:="ou=people,dc=domain,dc=com"}'|g' \
|
||||||
-e 's|^bind_dn.*|bind_dn = '${LDAP_BIND_DN:="cn=admin,dc=domain,dc=com"}'|g' \
|
-e 's|^bind_dn.*|bind_dn = '${LDAP_BIND_DN:="cn=admin,dc=domain,dc=com"}'|g' \
|
||||||
-e 's|^bind_pw.*|bind_pw = '${LDAP_BIND_PW:="admin"}'|g' \
|
-e 's|^bind_pw.*|bind_pw = '${LDAP_BIND_PW:="admin"}'|g' \
|
||||||
/etc/postfix/ldap-${i}.cf
|
/etc/postfix/ldap-${i}.cf
|
||||||
else
|
|
||||||
echo "${fpath} not found"
|
|
||||||
echo "==> Warning: 'config/postfix-ldap-$i.cf' is not provided."
|
|
||||||
fi
|
|
||||||
done
|
done
|
||||||
|
|
||||||
echo "Loading dovecot LDAP authentification configuration"
|
echo "Configuring dovecot LDAP authentification"
|
||||||
cp /tmp/docker-mailserver/dovecot-ldap.conf.ext /etc/dovecot/dovecot-ldap.conf.ext
|
|
||||||
|
|
||||||
sed -i -e 's|^hosts.*|hosts = '${LDAP_SERVER_HOST:="mail.domain.com"}'|g' \
|
sed -i -e 's|^hosts.*|hosts = '${LDAP_SERVER_HOST:="mail.domain.com"}'|g' \
|
||||||
-e 's|^base.*|base = '${LDAP_SEARCH_BASE:="ou=people,dc=domain,dc=com"}'|g' \
|
-e 's|^base.*|base = '${LDAP_SEARCH_BASE:="ou=people,dc=domain,dc=com"}'|g' \
|
||||||
-e 's|^dn\s*=.*|dn = '${LDAP_BIND_DN:="cn=admin,dc=domain,dc=com"}'|g' \
|
-e 's|^dn\s*=.*|dn = '${LDAP_BIND_DN:="cn=admin,dc=domain,dc=com"}'|g' \
|
||||||
-e 's|^dnpass\s*=.*|dnpass = '${LDAP_BIND_PW:="admin"}'|g' \
|
-e 's|^dnpass\s*=.*|dnpass = '${LDAP_BIND_PW:="admin"}'|g' \
|
||||||
/etc/dovecot/dovecot-ldap.conf.ext
|
/etc/dovecot/dovecot-ldap.conf.ext
|
||||||
|
|
||||||
|
# Add domainname to vhost.
|
||||||
|
echo $(domainname) >> /tmp/vhost.tmp
|
||||||
|
|
||||||
echo "Enabling dovecot LDAP authentification"
|
echo "Enabling dovecot LDAP authentification"
|
||||||
sed -i -e '/\!include auth-ldap\.conf\.ext/s/^#//' /etc/dovecot/conf.d/10-auth.conf
|
sed -i -e '/\!include auth-ldap\.conf\.ext/s/^#//' /etc/dovecot/conf.d/10-auth.conf
|
||||||
sed -i -e '/\!include auth-passwdfile\.inc/s/^/#/' /etc/dovecot/conf.d/10-auth.conf
|
sed -i -e '/\!include auth-passwdfile\.inc/s/^/#/' /etc/dovecot/conf.d/10-auth.conf
|
||||||
|
@ -141,7 +135,7 @@ if [ "$ENABLE_SASLAUTHD" = 1 ]; then
|
||||||
[ -z $SASLAUTHD_LDAP_SEARCH_BASE ] && SASLAUTHD_MECHANISMS=pam
|
[ -z $SASLAUTHD_LDAP_SEARCH_BASE ] && SASLAUTHD_MECHANISMS=pam
|
||||||
[ -z $SASLAUTHD_LDAP_SERVER ] && SASLAUTHD_LDAP_SERVER=localhost
|
[ -z $SASLAUTHD_LDAP_SERVER ] && SASLAUTHD_LDAP_SERVER=localhost
|
||||||
[ -z $SASLAUTHD_LDAP_FILTER ] && SASLAUTHD_LDAP_FILTER='(&(uniqueIdentifier=%u)(mailEnabled=TRUE))'
|
[ -z $SASLAUTHD_LDAP_FILTER ] && SASLAUTHD_LDAP_FILTER='(&(uniqueIdentifier=%u)(mailEnabled=TRUE))'
|
||||||
([ $SASLAUTHD_LDAP_SSL == 0 ] || [ -z $SASLAUTHD_LDAP_SSL ]) && SASLAUTHD_LDAP_PROTO='ldap://' || SASLAUTHD_LDAP_PROTO='ldaps://'
|
([ -z $SASLAUTHD_LDAP_SSL ] || [ $SASLAUTHD_LDAP_SSL == 0 ]) && SASLAUTHD_LDAP_PROTO='ldap://' || SASLAUTHD_LDAP_PROTO='ldaps://'
|
||||||
|
|
||||||
if [ ! -f /etc/saslauthd.conf ]; then
|
if [ ! -f /etc/saslauthd.conf ]; then
|
||||||
echo "Creating /etc/saslauthd.conf"
|
echo "Creating /etc/saslauthd.conf"
|
||||||
|
@ -527,7 +521,7 @@ if [ "$ENABLE_SASLAUTHD" = 1 ]; then
|
||||||
/etc/init.d/saslauthd start
|
/etc/init.d/saslauthd start
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$SMTP_ONLY" != 1 ]; then
|
if [ "$SMTP_ONLY" != 1 -a "$ENABLE_LDAP" != 1 ]; then
|
||||||
echo "Listing users"
|
echo "Listing users"
|
||||||
/usr/sbin/dovecot user '*'
|
/usr/sbin/dovecot user '*'
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -1,10 +0,0 @@
|
||||||
base = ou=people,dc=my-domain,dc=com
|
|
||||||
default_pass_scheme = SSHA
|
|
||||||
dn = cn=admin,dc=my-domain,dc=com
|
|
||||||
dnpass = admin
|
|
||||||
hosts = mail.my-domain.com
|
|
||||||
ldap_version = 3
|
|
||||||
pass_attrs = uniqueIdentifier=user,userPassword=password
|
|
||||||
pass_filter = (&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%n))
|
|
||||||
user_attrs = mailHomeDirectory=home,mailUidNumber=uid,mailGidNumber=gid,mailStorageDirectory=mail
|
|
||||||
user_filter = (&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%n))
|
|
|
@ -1,8 +0,0 @@
|
||||||
bind = yes
|
|
||||||
bind_dn = cn=admin,dc=my-domain,dc=com
|
|
||||||
bind_pw = admin
|
|
||||||
query_filter = (&(mailAlias=%s)(mailEnabled=TRUE))
|
|
||||||
result_attribute = mail
|
|
||||||
search_base = ou=people,dc=my-domain,dc=com
|
|
||||||
server_host = mail.my-domain.com
|
|
||||||
version = 3
|
|
|
@ -1,8 +0,0 @@
|
||||||
bind = yes
|
|
||||||
bind_dn = cn=admin,dc=my-domain,dc=com
|
|
||||||
bind_pw = admin
|
|
||||||
query_filter = (&(mailGroupMember=%s)(mailEnabled=TRUE))
|
|
||||||
result_attribute = mail
|
|
||||||
search_base = ou=people,dc=my-domain,dc=com
|
|
||||||
server_host = mail.my-domain.com
|
|
||||||
version = 3
|
|
|
@ -1,8 +0,0 @@
|
||||||
bind = yes
|
|
||||||
bind_dn = cn=admin,dc=my-domain,dc=com
|
|
||||||
bind_pw = admin
|
|
||||||
query_filter = (&(mail=%s)(mailEnabled=TRUE))
|
|
||||||
result_attribute = mail
|
|
||||||
search_base = ou=people,dc=my-domain,dc=com
|
|
||||||
server_host = mail.my-domain.com
|
|
||||||
version = 3
|
|
Loading…
Reference in a new issue