docker-mailserver/target/bin/restrict-access
Brennan Kinney a7e6439a39
fix: Workaround postconf write settling logic (#2998)
* fix: Workaround `postconf` write settle logic

After updating `main.cf`, to avoid an enforced delay from reading the config by postfix tools, we can ensure the modified time is at least 2 seconds in the past as a workaround. This should be ok with our usage AFAIK.

Shaves off 2+ seconds roughly off each container startup, reduces roughly 2+ minutes off tests.

* chore: Only modify `mtime` if less than 2 seconds ago

- Slight improvement by avoiding unnecessary writes with a conditional check on the util method.
- Can more comfortably call this during `postfix reload` in the change detection cycle now.
- Identified other tests that'd benefit from this, created a helper method to call instead of copy/paste.
- The `setup email restrict` command also did a modification and reload. Added util method here too.

* tests(fix): `mail_smtponly.bats` should wait for Postfix

- `postfix reload` fails if the service is not ready yet.
- `service postfix reload` and `/etc/init.d/postfix reload` presumably wait until it is ready? (as these work regardless)

* chore: Review feedback - Move reload method into utilities
2023-01-13 10:10:58 +13:00

67 lines
1.8 KiB
Bash
Executable file

#!/bin/bash
# shellcheck source=../scripts/helpers/index.sh
source /usr/local/bin/helpers/index.sh
MODE="${1}"
USER="${3}"
function __usage { echo "Usage: ${0} <add|del|list> <send|receive> [<email@domain.com>]" ; }
[[ -z ${MODE} ]] && _exit_with_error 'Missing parameters: <add|del|list> <send|receive> [<email@domain.com>]'
case "${2}" in
( 'send' )
DATABASE="/tmp/docker-mailserver/postfix-send-access.cf"
;;
( 'receive' )
DATABASE="/tmp/docker-mailserver/postfix-receive-access.cf"
;;
( * )
__usage
_exit_with_error "Missing parameters: specify 'send' or 'receive'"
;;
esac
if [[ -z ${USER} ]] && [[ ${MODE} != list ]]
then
read -r -p 'User(user@domain.com): ' USER
echo
[[ -z ${USER} ]] && _exit_with_error 'User must not be empty'
fi
case "${MODE}" in
( 'add' )
grep -qi "^$(_escape "${USER}")" "${DATABASE}" 2>/dev/null && _exit_with_error "User '${USER}' already denied to ${2} mails"
if [[ ! -f ${DATABASE} ]]
then
# shellcheck disable=SC2015
[[ ${DATABASE} = *"send"* ]] && \
sed -i 's|smtpd_sender_restrictions =|smtpd_sender_restrictions = check_sender_access texthash:/tmp/docker-mailserver/postfix-send-access.cf,|' /etc/postfix/main.cf \
|| sed -i 's|smtpd_recipient_restrictions =|smtpd_recipient_restrictions = check_recipient_access texthash:/tmp/docker-mailserver/postfix-receive-access.cf,|' /etc/postfix/main.cf
_reload_postfix
fi
echo -e "${USER} \t\t REJECT" >>"${DATABASE}"
;;
( 'del' )
sed -ie "/^$(_escape "${USER}")/d" "${DATABASE}" 2>/dev/null || _exit_with_error "User '${USER}' not found."
;;
( 'list' )
grep "REJECT" "${DATABASE}" 2>/dev/null || _log 'info' "Everyone is allowed to ${2} mails"
;;
( * )
__usage
_exit_with_error "Missing mode: specify 'add', 'del' or 'list'"
;;
esac