From 88fc9841c818306bd68a2f40fe8c8f1bf66aa9b8 Mon Sep 17 00:00:00 2001
From: Martyn Ranyard <martyn@ranyard.info>
Date: Sun, 27 Nov 2016 00:25:42 +0000
Subject: [PATCH 1/4] Allow OVERRIDE_HOSTNAME

---
 target/start-mailserver.sh | 80 ++++++++++++++++++++++----------------
 1 file changed, 47 insertions(+), 33 deletions(-)

diff --git a/target/start-mailserver.sh b/target/start-mailserver.sh
index a41cd4c1..5255b19e 100644
--- a/target/start-mailserver.sh
+++ b/target/start-mailserver.sh
@@ -1,3 +1,4 @@
+
 #!/bin/bash
 
 die () {
@@ -8,11 +9,24 @@ die () {
 
 #
 # Check that hostname/domainname is provided (no default docker hostname)
+# unless OVERRIDE_HOSTNAME is set (e.g we can't in kubernetes land)
 #
-if ( ! echo $(hostname) | grep -E '^(\S+[.]\S+)$' ); then
-  die "Setting hostname/domainname is required."
+if [ -z $OVERRIDE_HOSTNAME ]; then
+  if ( ! echo $(hostname) | grep -E '^(\S+[.]\S+)$' ); then
+    die "Setting hostname/domainname is required."
+  fi
+  HOSTNAME=$(hostname)
+  DOMAINNAME=$(hostname -d)
+else
+  HOSTNAME=$OVERRIDE_HOSTNAME
+  DOMAINNAME=$(echo $OVERRIDE_HOSTNAME | sed s/[^.]*.//)
 fi
 
+echo HOSTNAME $HOSTNAME
+echo DOMAINNAME $DOMAINNAME
+die "debugging"
+
+
 #
 # Default variables
 #
@@ -104,7 +118,7 @@ if [ "$ENABLE_LDAP" = 1 ]; then
          /etc/dovecot/dovecot-ldap.conf.ext
 
   # Add  domainname to vhost.
-  echo $(hostname -d) >> /tmp/vhost.tmp
+  echo $DOMAINNAME >> /tmp/vhost.tmp
 
   echo "Enabling dovecot LDAP authentification"
   sed -i -e '/\!include auth-ldap\.conf\.ext/s/^#//' /etc/dovecot/conf.d/10-auth.conf
@@ -213,24 +227,24 @@ fi
 case $SSL_TYPE in
   "letsencrypt" )
     # letsencrypt folders and files mounted in /etc/letsencrypt
-    if [ -e "/etc/letsencrypt/live/$(hostname)/cert.pem" ] \
-    && [ -e "/etc/letsencrypt/live/$(hostname)/fullchain.pem" ]; then
+    if [ -e "/etc/letsencrypt/live/$HOSTNAME/cert.pem" ] \
+    && [ -e "/etc/letsencrypt/live/$HOSTNAME/fullchain.pem" ]; then
       KEY=""
-      if [ -e "/etc/letsencrypt/live/$(hostname)/privkey.pem" ]; then
+      if [ -e "/etc/letsencrypt/live/$HOSTNAME/privkey.pem" ]; then
         KEY="privkey"
-      elif [ -e "/etc/letsencrypt/live/$(hostname)/key.pem" ]; then
+      elif [ -e "/etc/letsencrypt/live/$HOSTNAME/key.pem" ]; then
         KEY="key"
       fi
       if [ -n "$KEY" ]; then
-        echo "Adding $(hostname) SSL certificate"
+        echo "Adding $HOSTNAME SSL certificate"
 
         # Postfix configuration
-        sed -i -r 's~smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem~smtpd_tls_cert_file=/etc/letsencrypt/live/'$(hostname)'/fullchain.pem~g' /etc/postfix/main.cf
-        sed -i -r 's~smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key~smtpd_tls_key_file=/etc/letsencrypt/live/'$(hostname)'/'"$KEY"'\.pem~g' /etc/postfix/main.cf
+        sed -i -r 's~smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem~smtpd_tls_cert_file=/etc/letsencrypt/live/'$HOSTNAME'/fullchain.pem~g' /etc/postfix/main.cf
+        sed -i -r 's~smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key~smtpd_tls_key_file=/etc/letsencrypt/live/'$HOSTNAME'/'"$KEY"'\.pem~g' /etc/postfix/main.cf
 
         # Dovecot configuration
-        sed -i -e 's~ssl_cert = </etc/dovecot/dovecot\.pem~ssl_cert = </etc/letsencrypt/live/'$(hostname)'/fullchain\.pem~g' /etc/dovecot/conf.d/10-ssl.conf
-        sed -i -e 's~ssl_key = </etc/dovecot/private/dovecot\.pem~ssl_key = </etc/letsencrypt/live/'$(hostname)'/'"$KEY"'\.pem~g' /etc/dovecot/conf.d/10-ssl.conf
+        sed -i -e 's~ssl_cert = </etc/dovecot/dovecot\.pem~ssl_cert = </etc/letsencrypt/live/'$HOSTNAME'/fullchain\.pem~g' /etc/dovecot/conf.d/10-ssl.conf
+        sed -i -e 's~ssl_key = </etc/dovecot/private/dovecot\.pem~ssl_key = </etc/letsencrypt/live/'$HOSTNAME'/'"$KEY"'\.pem~g' /etc/dovecot/conf.d/10-ssl.conf
 
         echo "SSL configured with 'letsencrypt' certificates"
 
@@ -240,18 +254,18 @@ case $SSL_TYPE in
 
   "custom" )
     # Adding CA signed SSL certificate if provided in 'postfix/ssl' folder
-    if [ -e "/tmp/docker-mailserver/ssl/$(hostname)-full.pem" ]; then
-      echo "Adding $(hostname) SSL certificate"
+    if [ -e "/tmp/docker-mailserver/ssl/$HOSTNAME-full.pem" ]; then
+      echo "Adding $HOSTNAME SSL certificate"
       mkdir -p /etc/postfix/ssl
-      cp "/tmp/docker-mailserver/ssl/$(hostname)-full.pem" /etc/postfix/ssl
+      cp "/tmp/docker-mailserver/ssl/$HOSTNAME-full.pem" /etc/postfix/ssl
 
       # Postfix configuration
-      sed -i -r 's~smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem~smtpd_tls_cert_file=/etc/postfix/ssl/'$(hostname)'-full.pem~g' /etc/postfix/main.cf
-      sed -i -r 's~smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key~smtpd_tls_key_file=/etc/postfix/ssl/'$(hostname)'-full.pem~g' /etc/postfix/main.cf
+      sed -i -r 's~smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem~smtpd_tls_cert_file=/etc/postfix/ssl/'$HOSTNAME'-full.pem~g' /etc/postfix/main.cf
+      sed -i -r 's~smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key~smtpd_tls_key_file=/etc/postfix/ssl/'$HOSTNAME'-full.pem~g' /etc/postfix/main.cf
 
       # Dovecot configuration
-      sed -i -e 's~ssl_cert = </etc/dovecot/dovecot\.pem~ssl_cert = </etc/postfix/ssl/'$(hostname)'-full\.pem~g' /etc/dovecot/conf.d/10-ssl.conf
-      sed -i -e 's~ssl_key = </etc/dovecot/private/dovecot\.pem~ssl_key = </etc/postfix/ssl/'$(hostname)'-full\.pem~g' /etc/dovecot/conf.d/10-ssl.conf
+      sed -i -e 's~ssl_cert = </etc/dovecot/dovecot\.pem~ssl_cert = </etc/postfix/ssl/'$HOSTNAME'-full\.pem~g' /etc/dovecot/conf.d/10-ssl.conf
+      sed -i -e 's~ssl_key = </etc/dovecot/private/dovecot\.pem~ssl_key = </etc/postfix/ssl/'$HOSTNAME'-full\.pem~g' /etc/dovecot/conf.d/10-ssl.conf
 
       echo "SSL configured with 'CA signed/custom' certificates"
 
@@ -284,29 +298,29 @@ case $SSL_TYPE in
 
   "self-signed" )
     # Adding self-signed SSL certificate if provided in 'postfix/ssl' folder
-    if [ -e "/tmp/docker-mailserver/ssl/$(hostname)-cert.pem" ] \
-    && [ -e "/tmp/docker-mailserver/ssl/$(hostname)-key.pem"  ] \
-    && [ -e "/tmp/docker-mailserver/ssl/$(hostname)-combined.pem" ] \
+    if [ -e "/tmp/docker-mailserver/ssl/$HOSTNAME-cert.pem" ] \
+    && [ -e "/tmp/docker-mailserver/ssl/$HOSTNAME-key.pem"  ] \
+    && [ -e "/tmp/docker-mailserver/ssl/$HOSTNAME-combined.pem" ] \
     && [ -e "/tmp/docker-mailserver/ssl/demoCA/cacert.pem" ]; then
-      echo "Adding $(hostname) SSL certificate"
+      echo "Adding $HOSTNAME SSL certificate"
       mkdir -p /etc/postfix/ssl
-      cp "/tmp/docker-mailserver/ssl/$(hostname)-cert.pem" /etc/postfix/ssl
-      cp "/tmp/docker-mailserver/ssl/$(hostname)-key.pem" /etc/postfix/ssl
+      cp "/tmp/docker-mailserver/ssl/$HOSTNAME-cert.pem" /etc/postfix/ssl
+      cp "/tmp/docker-mailserver/ssl/$HOSTNAME-key.pem" /etc/postfix/ssl
       # Force permission on key file
-      chmod 600 /etc/postfix/ssl/$(hostname)-key.pem
-      cp "/tmp/docker-mailserver/ssl/$(hostname)-combined.pem" /etc/postfix/ssl
+      chmod 600 /etc/postfix/ssl/$HOSTNAME-key.pem
+      cp "/tmp/docker-mailserver/ssl/$HOSTNAME-combined.pem" /etc/postfix/ssl
       cp /tmp/docker-mailserver/ssl/demoCA/cacert.pem /etc/postfix/ssl
 
       # Postfix configuration
-      sed -i -r 's~smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem~smtpd_tls_cert_file=/etc/postfix/ssl/'$(hostname)'-cert.pem~g' /etc/postfix/main.cf
-      sed -i -r 's~smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key~smtpd_tls_key_file=/etc/postfix/ssl/'$(hostname)'-key.pem~g' /etc/postfix/main.cf
+      sed -i -r 's~smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem~smtpd_tls_cert_file=/etc/postfix/ssl/'$HOSTNAME'-cert.pem~g' /etc/postfix/main.cf
+      sed -i -r 's~smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key~smtpd_tls_key_file=/etc/postfix/ssl/'$HOSTNAME'-key.pem~g' /etc/postfix/main.cf
       sed -i -r 's~#smtpd_tls_CAfile=~smtpd_tls_CAfile=/etc/postfix/ssl/cacert.pem~g' /etc/postfix/main.cf
       sed -i -r 's~#smtp_tls_CAfile=~smtp_tls_CAfile=/etc/postfix/ssl/cacert.pem~g' /etc/postfix/main.cf
-      ln -s /etc/postfix/ssl/cacert.pem "/etc/ssl/certs/cacert-$(hostname).pem"
+      ln -s /etc/postfix/ssl/cacert.pem "/etc/ssl/certs/cacert-$HOSTNAME.pem"
 
       # Dovecot configuration
-      sed -i -e 's~ssl_cert = </etc/dovecot/dovecot\.pem~ssl_cert = </etc/postfix/ssl/'$(hostname)'-combined\.pem~g' /etc/dovecot/conf.d/10-ssl.conf
-      sed -i -e 's~ssl_key = </etc/dovecot/private/dovecot\.pem~ssl_key = </etc/postfix/ssl/'$(hostname)'-key\.pem~g' /etc/dovecot/conf.d/10-ssl.conf
+      sed -i -e 's~ssl_cert = </etc/dovecot/dovecot\.pem~ssl_cert = </etc/postfix/ssl/'$HOSTNAME'-combined\.pem~g' /etc/dovecot/conf.d/10-ssl.conf
+      sed -i -e 's~ssl_key = </etc/dovecot/private/dovecot\.pem~ssl_key = </etc/postfix/ssl/'$HOSTNAME'-key\.pem~g' /etc/dovecot/conf.d/10-ssl.conf
 
       echo "SSL configured with 'self-signed' certificates"
 
@@ -400,7 +414,7 @@ else
 fi
 
 echo "Creating /etc/mailname"
-echo $(hostname -d) > /etc/mailname
+echo $DOMAINNAME > /etc/mailname
 
 echo "Configuring Spamassassin"
 SA_TAG=${SA_TAG:="2.0"} && sed -i -r 's/^\$sa_tag_level_deflt (.*);/\$sa_tag_level_deflt = '$SA_TAG';/g' /etc/amavis/conf.d/20-debian_defaults

From 8b2a41973c012472fcc2f79a9750d4d10fd68d83 Mon Sep 17 00:00:00 2001
From: Martyn Ranyard <martyn@ranyard.info>
Date: Sun, 27 Nov 2016 00:26:43 +0000
Subject: [PATCH 2/4] Removing hacky bash debugging

---
 target/start-mailserver.sh | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/target/start-mailserver.sh b/target/start-mailserver.sh
index 5255b19e..eb048d6a 100644
--- a/target/start-mailserver.sh
+++ b/target/start-mailserver.sh
@@ -22,11 +22,6 @@ else
   DOMAINNAME=$(echo $OVERRIDE_HOSTNAME | sed s/[^.]*.//)
 fi
 
-echo HOSTNAME $HOSTNAME
-echo DOMAINNAME $DOMAINNAME
-die "debugging"
-
-
 #
 # Default variables
 #

From 9b2be1232006b070d09b088036506da701f631fd Mon Sep 17 00:00:00 2001
From: Martyn Ranyard <martyn@ranyard.info>
Date: Sun, 27 Nov 2016 00:36:03 +0000
Subject: [PATCH 3/4] Document the new environment variable

---
 README.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/README.md b/README.md
index f3d78ae4..5a45f8be 100644
--- a/README.md
+++ b/README.md
@@ -148,6 +148,11 @@ Otherwise, `iptables` won't be able to ban IPs.
   - **empty** => admin
   - => Specify the password to bind against ldap
 
+##### OVERRIDE_HOSTNAE
+
+  - **empty** => uses the `hostname` command to get the mail server's canonical hostname
+  - => Specify a fully-qualified domainname to serve mail for.  This is used for many of the config features so if you can't set your hostname (e.g. you're in a container platform that doesn't let you) specify it in this environment variable.
+
 ##### POSTMASTER_ADDRESS
 
   - **empty** => postmaster@domain.com

From 8c6349470e941407034502e58f07a6cb60519608 Mon Sep 17 00:00:00 2001
From: Martyn Ranyard <martyn@ranyard.info>
Date: Sun, 27 Nov 2016 01:06:11 +0000
Subject: [PATCH 4/4] Amavis uses hostname apparently

---
 target/start-mailserver.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/target/start-mailserver.sh b/target/start-mailserver.sh
index eb048d6a..c5d2cc36 100644
--- a/target/start-mailserver.sh
+++ b/target/start-mailserver.sh
@@ -417,6 +417,9 @@ SA_TAG2=${SA_TAG2:="6.31"} && sed -i -r 's/^\$sa_tag2_level_deflt (.*);/\$sa_tag
 SA_KILL=${SA_KILL:="6.31"} && sed -i -r 's/^\$sa_kill_level_deflt (.*);/\$sa_kill_level_deflt = '$SA_KILL';/g' /etc/amavis/conf.d/20-debian_defaults
 test -e /tmp/docker-mailserver/spamassassin-rules.cf && cp /tmp/docker-mailserver/spamassassin-rules.cf /etc/spamassassin/
 
+echo "Overriding hostname of amavis"
+sed -i 's/^#\$myhostname = "mail.example.com";/\$myhostname = "'$HOSTNAME'";/' /etc/amavis/conf.d/05-node_id
+
 if [ "$ENABLE_FAIL2BAN" = 1 ]; then
   echo "Fail2ban enabled"
   test -e /tmp/docker-mailserver/fail2ban-jail.cf && cp /tmp/docker-mailserver/fail2ban-jail.cf /etc/fail2ban/jail.local