Improve modular setup for DKIM
Start Amavis integration
This commit is contained in:
parent
a8d073e430
commit
7a05a328b4
31
amavis/Dockerfile
Normal file
31
amavis/Dockerfile
Normal file
@ -0,0 +1,31 @@
|
||||
FROM ubuntu:14.10
|
||||
|
||||
ENV DEBIAN_FRONTEND noninteractive
|
||||
RUN locale-gen en_GB en_GB.UTF-8 && dpkg-reconfigure locales
|
||||
|
||||
# Prerequisites
|
||||
RUN apt-get update && apt-get install -y \
|
||||
amavisd-new \
|
||||
spamassassin \
|
||||
libnet-dns-perl \
|
||||
libmail-spf-perl \
|
||||
pyzor \
|
||||
razor && \
|
||||
apt-get clean && \
|
||||
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||
|
||||
# Set up razor and pyzor
|
||||
RUN su - amavis -s /bin/bash && razor-admin -create && razor-admin -register && pyzor discover
|
||||
|
||||
COPY ./config/amavis-content_filter_mode /etc/amavis/conf.d/15-content_filter_mode
|
||||
|
||||
# Nice place for your settings
|
||||
VOLUME ["/mail_settings"]
|
||||
|
||||
# Configure boot script
|
||||
COPY boot /
|
||||
RUN chmod 755 /boot
|
||||
|
||||
ENV AMAVIS=true
|
||||
|
||||
ENTRYPOINT ./boot; service rsyslog start; amavisd foreground
|
1
amavis/boot
Normal file
1
amavis/boot
Normal file
@ -0,0 +1 @@
|
||||
#!/bin/bash
|
0
amavis/config/amavis-content_filter_mode
Normal file
0
amavis/config/amavis-content_filter_mode
Normal file
@ -29,12 +29,15 @@ ADD ./config/dovecot.imap /etc/dovecot/conf.d/20-imap.conf
|
||||
# Nice place for your settings
|
||||
VOLUME ["/mail_settings"]
|
||||
|
||||
# Configure boot script
|
||||
# Copy boot scripts
|
||||
COPY boot /
|
||||
RUN chmod 755 /boot
|
||||
COPY boot.d /boot.d
|
||||
RUN chmod -R 755 /boot.d
|
||||
|
||||
# Volume to store email
|
||||
VOLUME ["/vmail"]
|
||||
|
||||
# Add user vmail that ownes mail
|
||||
RUN groupadd -g 5000 vmail
|
||||
RUN useradd -g vmail -u 5000 vmail -d /vmail -m
|
||||
|
25
email_core/boot
Normal file → Executable file
25
email_core/boot
Normal file → Executable file
@ -1,5 +1,6 @@
|
||||
# Check if we have SSL certificates in config, otherwise copy it there
|
||||
#!/bin/bash
|
||||
|
||||
# Check if we have SSL certificates in config, otherwise copy it there
|
||||
# First the key file
|
||||
if [ -f /mail_settings/ssl-cert-snakeoil.key ]; then
|
||||
cp /mail_settings/ssl-cert-snakeoil.key /etc/ssl/private/ssl-cert-snakeoil.key
|
||||
@ -46,20 +47,10 @@ chmod u+w /vmail
|
||||
# Add password file
|
||||
cp /mail_settings/passwords /etc/dovecot/passwd
|
||||
|
||||
|
||||
# OpenDKIM config
|
||||
POSTFIX_MAIN_CF=/etc/postfix/main.cf
|
||||
if [ ! -z "$OPEN_DKIM" ]; then
|
||||
# Add config block if not present already
|
||||
if grep -q "# OpenDKIM - dockermail" "$POSTFIX_MAIN_CF"; then
|
||||
echo "# OpenDKIM - dockermail" >> "$POSTFIX_MAIN_CF"
|
||||
echo "milter_default_action = accept" >> "$POSTFIX_MAIN_CF"
|
||||
echo "milter_protocol = 2" >> "$POSTFIX_MAIN_CF"
|
||||
echo "smtpd_milters = $OPEN_DKIM_PORT_8891_ADDR" >> "$POSTFIX_MAIN_CF"
|
||||
echo "non_smtpd_milters = $OPEN_DKIM_PORT_8891_ADDR" >> "$POSTFIX_MAIN_CF"
|
||||
echo "# OpenDKIM - dockermail - end" >> "$POSTFIX_MAIN_CF"
|
||||
fi
|
||||
else
|
||||
# Remove OpenDKIM block
|
||||
sed '/# OpenDKIM - dockermail/,/# OpenDKIM - dockermail - end/d' "$POSTFIX_MAIN_CF"
|
||||
# Run boot scripts
|
||||
for SCRIPT in /boot.d/*
|
||||
do
|
||||
if [ -f "$SCRIPT" -a -x "$SCRIPT" ]; then
|
||||
"$SCRIPT"
|
||||
fi
|
||||
done
|
||||
|
49
email_core/boot.d/opendkim
Executable file
49
email_core/boot.d/opendkim
Executable file
@ -0,0 +1,49 @@
|
||||
#!/bin/bash
|
||||
echo 'Running opendkim boot script'
|
||||
|
||||
export DOCKERMAIL_OPENDKIM_ENV_OPEN_DKIM=true
|
||||
export DOCKERMAIL_OPENDKIM_PORT_8891_TCP_ADDR=172.17.0.10
|
||||
|
||||
POSTFIX_MAIN_CF=/etc/postfix/main.cf
|
||||
|
||||
env_dump=$(printenv)
|
||||
|
||||
OPENDKIM_CONFIG_HEADER="# OpenDKIM - dockermail - start"
|
||||
OPENDKIM_CONFIG_FOOTER="# OpenDKIM - dockermail - end"
|
||||
|
||||
function remove_opendkim () {
|
||||
if grep -q "$OPENDKIM_CONFIG_HEADER" "$POSTFIX_MAIN_CF"; then
|
||||
sed "/$OPENDKIM_CONFIG_HEADER/,/$OPENDKIM_CONFIG_FOOTER/d" "$POSTFIX_MAIN_CF"
|
||||
fi
|
||||
}
|
||||
|
||||
function add_opendkim () {
|
||||
if ! grep -q "$OPENDKIM_CONFIG_HEADER" "$POSTFIX_MAIN_CF"; then
|
||||
echo "$OPENDKIM_CONFIG_HEADER" >> "$POSTFIX_MAIN_CF"
|
||||
|
||||
echo "milter_default_action = accept" >> "$POSTFIX_MAIN_CF"
|
||||
echo "milter_protocol = 2" >> "$POSTFIX_MAIN_CF"
|
||||
|
||||
if [[ $env_dump =~ ^.*PORT_8891_TCP_ADDR=([0-9\.]*) ]] ; then
|
||||
echo "smtpd_milters = inet:${BASH_REMATCH[1]}:8891" >> "$POSTFIX_MAIN_CF"
|
||||
echo "non_smtpd_milters = inet:${BASH_REMATCH[1]}:8891" >> "$POSTFIX_MAIN_CF"
|
||||
fi
|
||||
|
||||
echo "$OPENDKIM_CONFIG_FOOTER" >> "$POSTFIX_MAIN_CF"
|
||||
else
|
||||
echo "Warning: $POSTFIX_MAIN_CF already contains OpenDKIM configuration, skipping"
|
||||
fi
|
||||
}
|
||||
|
||||
if [[ $env_dump =~ ^(.+OPEN_DKIM)= ]] ; then
|
||||
if [ ! -z "${BASH_REMATCH[1]}" ]; then
|
||||
echo "OPEN_DKIM env set, enabling email signing"
|
||||
remove_opendkim # Remove first, to refresh IP info
|
||||
add_opendkim
|
||||
fi
|
||||
else
|
||||
echo "Cant find OPEN_DKIM env, signing will be disabled"
|
||||
remove_opendkim
|
||||
fi
|
||||
|
||||
echo 'Finished opendkim boot script'
|
@ -16,8 +16,8 @@ VOLUME ["/mail_settings"]
|
||||
COPY boot /
|
||||
RUN chmod 755 /boot
|
||||
|
||||
ENV OPEN_DKIM true
|
||||
ENV OPEN_DKIM_PORT_8891_ADDR inet:8891
|
||||
ENV OPEN_DKIM=true
|
||||
|
||||
EXPOSE 8891
|
||||
ENTRYPOINT ./boot; service rsyslog start; opendkim -f -p $OPEN_DKIM_PORT_8891_ADDR
|
||||
|
||||
ENTRYPOINT /boot; service rsyslog start; opendkim -f -p inet:8891
|
||||
|
@ -1,3 +1,5 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Copy OpenDKIM config
|
||||
cp /mail_settings/opendkim.conf /etc/opendkim.conf
|
||||
cp /mail_settings/mail.private /etc/dkim.key
|
||||
|
Loading…
Reference in New Issue
Block a user