Improve modular setup for DKIM

Start Amavis integration
This commit is contained in:
Val 2015-07-12 23:54:35 +01:00
parent a8d073e430
commit 7a05a328b4
8 changed files with 99 additions and 22 deletions

31
amavis/Dockerfile Normal file
View File

@ -0,0 +1,31 @@
FROM ubuntu:14.10
ENV DEBIAN_FRONTEND noninteractive
RUN locale-gen en_GB en_GB.UTF-8 && dpkg-reconfigure locales
# Prerequisites
RUN apt-get update && apt-get install -y \
amavisd-new \
spamassassin \
libnet-dns-perl \
libmail-spf-perl \
pyzor \
razor && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
# Set up razor and pyzor
RUN su - amavis -s /bin/bash && razor-admin -create && razor-admin -register && pyzor discover
COPY ./config/amavis-content_filter_mode /etc/amavis/conf.d/15-content_filter_mode
# Nice place for your settings
VOLUME ["/mail_settings"]
# Configure boot script
COPY boot /
RUN chmod 755 /boot
ENV AMAVIS=true
ENTRYPOINT ./boot; service rsyslog start; amavisd foreground

1
amavis/boot Normal file
View File

@ -0,0 +1 @@
#!/bin/bash

View File

View File

@ -29,12 +29,15 @@ ADD ./config/dovecot.imap /etc/dovecot/conf.d/20-imap.conf
# Nice place for your settings # Nice place for your settings
VOLUME ["/mail_settings"] VOLUME ["/mail_settings"]
# Configure boot script # Copy boot scripts
COPY boot / COPY boot /
RUN chmod 755 /boot RUN chmod 755 /boot
COPY boot.d /boot.d
RUN chmod -R 755 /boot.d
# Volume to store email # Volume to store email
VOLUME ["/vmail"] VOLUME ["/vmail"]
# Add user vmail that ownes mail # Add user vmail that ownes mail
RUN groupadd -g 5000 vmail RUN groupadd -g 5000 vmail
RUN useradd -g vmail -u 5000 vmail -d /vmail -m RUN useradd -g vmail -u 5000 vmail -d /vmail -m

25
email_core/boot Normal file → Executable file
View File

@ -1,5 +1,6 @@
# Check if we have SSL certificates in config, otherwise copy it there #!/bin/bash
# Check if we have SSL certificates in config, otherwise copy it there
# First the key file # First the key file
if [ -f /mail_settings/ssl-cert-snakeoil.key ]; then if [ -f /mail_settings/ssl-cert-snakeoil.key ]; then
cp /mail_settings/ssl-cert-snakeoil.key /etc/ssl/private/ssl-cert-snakeoil.key cp /mail_settings/ssl-cert-snakeoil.key /etc/ssl/private/ssl-cert-snakeoil.key
@ -46,20 +47,10 @@ chmod u+w /vmail
# Add password file # Add password file
cp /mail_settings/passwords /etc/dovecot/passwd cp /mail_settings/passwords /etc/dovecot/passwd
# Run boot scripts
# OpenDKIM config for SCRIPT in /boot.d/*
POSTFIX_MAIN_CF=/etc/postfix/main.cf do
if [ ! -z "$OPEN_DKIM" ]; then if [ -f "$SCRIPT" -a -x "$SCRIPT" ]; then
# Add config block if not present already "$SCRIPT"
if grep -q "# OpenDKIM - dockermail" "$POSTFIX_MAIN_CF"; then
echo "# OpenDKIM - dockermail" >> "$POSTFIX_MAIN_CF"
echo "milter_default_action = accept" >> "$POSTFIX_MAIN_CF"
echo "milter_protocol = 2" >> "$POSTFIX_MAIN_CF"
echo "smtpd_milters = $OPEN_DKIM_PORT_8891_ADDR" >> "$POSTFIX_MAIN_CF"
echo "non_smtpd_milters = $OPEN_DKIM_PORT_8891_ADDR" >> "$POSTFIX_MAIN_CF"
echo "# OpenDKIM - dockermail - end" >> "$POSTFIX_MAIN_CF"
fi
else
# Remove OpenDKIM block
sed '/# OpenDKIM - dockermail/,/# OpenDKIM - dockermail - end/d' "$POSTFIX_MAIN_CF"
fi fi
done

49
email_core/boot.d/opendkim Executable file
View File

@ -0,0 +1,49 @@
#!/bin/bash
echo 'Running opendkim boot script'
export DOCKERMAIL_OPENDKIM_ENV_OPEN_DKIM=true
export DOCKERMAIL_OPENDKIM_PORT_8891_TCP_ADDR=172.17.0.10
POSTFIX_MAIN_CF=/etc/postfix/main.cf
env_dump=$(printenv)
OPENDKIM_CONFIG_HEADER="# OpenDKIM - dockermail - start"
OPENDKIM_CONFIG_FOOTER="# OpenDKIM - dockermail - end"
function remove_opendkim () {
if grep -q "$OPENDKIM_CONFIG_HEADER" "$POSTFIX_MAIN_CF"; then
sed "/$OPENDKIM_CONFIG_HEADER/,/$OPENDKIM_CONFIG_FOOTER/d" "$POSTFIX_MAIN_CF"
fi
}
function add_opendkim () {
if ! grep -q "$OPENDKIM_CONFIG_HEADER" "$POSTFIX_MAIN_CF"; then
echo "$OPENDKIM_CONFIG_HEADER" >> "$POSTFIX_MAIN_CF"
echo "milter_default_action = accept" >> "$POSTFIX_MAIN_CF"
echo "milter_protocol = 2" >> "$POSTFIX_MAIN_CF"
if [[ $env_dump =~ ^.*PORT_8891_TCP_ADDR=([0-9\.]*) ]] ; then
echo "smtpd_milters = inet:${BASH_REMATCH[1]}:8891" >> "$POSTFIX_MAIN_CF"
echo "non_smtpd_milters = inet:${BASH_REMATCH[1]}:8891" >> "$POSTFIX_MAIN_CF"
fi
echo "$OPENDKIM_CONFIG_FOOTER" >> "$POSTFIX_MAIN_CF"
else
echo "Warning: $POSTFIX_MAIN_CF already contains OpenDKIM configuration, skipping"
fi
}
if [[ $env_dump =~ ^(.+OPEN_DKIM)= ]] ; then
if [ ! -z "${BASH_REMATCH[1]}" ]; then
echo "OPEN_DKIM env set, enabling email signing"
remove_opendkim # Remove first, to refresh IP info
add_opendkim
fi
else
echo "Cant find OPEN_DKIM env, signing will be disabled"
remove_opendkim
fi
echo 'Finished opendkim boot script'

View File

@ -16,8 +16,8 @@ VOLUME ["/mail_settings"]
COPY boot / COPY boot /
RUN chmod 755 /boot RUN chmod 755 /boot
ENV OPEN_DKIM true ENV OPEN_DKIM=true
ENV OPEN_DKIM_PORT_8891_ADDR inet:8891
EXPOSE 8891 EXPOSE 8891
ENTRYPOINT ./boot; service rsyslog start; opendkim -f -p $OPEN_DKIM_PORT_8891_ADDR
ENTRYPOINT /boot; service rsyslog start; opendkim -f -p inet:8891

View File

@ -1,3 +1,5 @@
#!/bin/bash
# Copy OpenDKIM config # Copy OpenDKIM config
cp /mail_settings/opendkim.conf /etc/opendkim.conf cp /mail_settings/opendkim.conf /etc/opendkim.conf
cp /mail_settings/mail.private /etc/dkim.key cp /mail_settings/mail.private /etc/dkim.key