Archive-Team
/
docker-mailserver
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improved output and updated SSL certs for LE

This commit is contained in:
Thomas VIAL 2016-12-23 23:27:39 +01:00
parent 691fdd1d89
commit 59dc02cc62
No known key found for this signature in database
GPG Key ID: 0394CEE552FAFEFC
3 changed files with 94 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Dockerfile
View File

@ -117,8 +117,7 @@ RUN sed -i -r "/^#?compress/c\compress\ncopytruncate" /etc/logrotate.conf && \
sed -i -r 's|/var/log/mail|/var/log/mail/mail|g' /etc/logrotate.d/rsyslog sed -i -r 's|/var/log/mail|/var/log/mail/mail|g' /etc/logrotate.d/rsyslog
# Get LetsEncrypt signed certificate # Get LetsEncrypt signed certificate
RUN curl -s https://letsencrypt.org/certs/lets-encrypt-x1-cross-signed.pem > /etc/ssl/certs/lets-encrypt-x1-cross-signed.pem && \ RUN curl -s https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem > /etc/ssl/certs/lets-encrypt-x3-cross-signed.pem
curl -s https://letsencrypt.org/certs/lets-encrypt-x2-cross-signed.pem > /etc/ssl/certs/lets-encrypt-x2-cross-signed.pem
COPY ./target/bin /usr/local/bin COPY ./target/bin /usr/local/bin
# Start-mailserver script # Start-mailserver script

143
target/start-mailserver.sh
View File

@ -98,7 +98,8 @@ function register_functions() {
################### >> daemon funcs ################### >> daemon funcs
_register_start_daemon "_start_daemons_sys" _register_start_daemon "_start_daemons_cron"
_register_start_daemon "_start_daemons_rsyslog"
if [ "$ENABLE_ELK_FORWARDER" = 1 ]; then if [ "$ENABLE_ELK_FORWARDER" = 1 ]; then
_register_start_daemon "_start_daemons_filebeat" _register_start_daemon "_start_daemons_filebeat"
@ -203,44 +204,71 @@ function notify () {
notification_type=$1 notification_type=$1
notification_msg=$2 notification_msg=$2
notification_format=$3
msg="" msg=""
case "${notification_type}" in case "${notification_type}" in
'inf')
if [[ ${DEFAULT_VARS["DMS_DEBUG"]} == 1 ]]; then
msg="${c_green} * ${c_reset}${notification_msg}"
fi
;;
'err')
msg="${c_red} * ${c_reset}${notification_msg}"
;;
'warn')
msg="${c_brown} * Warning => ${notification_msg}"
;;
'task')
if [[ ${DEFAULT_VARS["DMS_DEBUG"]} == 1 ]]; then
msg="${notification_msg}"
fi
;;
'taskgrp') 'taskgrp')
msg="${c_bold}${notification_msg}${c_reset}" msg="${c_bold}${notification_msg}${c_reset}"
;; ;;
'task')
if [[ ${DEFAULT_VARS["DMS_DEBUG"]} == 1 ]]; then
msg=" ${notification_msg}${c_reset}"
fi
;;
'inf')
if [[ ${DEFAULT_VARS["DMS_DEBUG"]} == 1 ]]; then
msg="${c_green} * ${notification_msg}${c_reset}"
fi
;;
'started')
msg="${c_green} ${notification_msg}${c_reset}"
;;
'warn')
msg="${c_brown} * ${notification_msg}${c_reset}"
;;
'err')
msg="${c_red} * ${notification_msg}${c_reset}"
;;
'fatal') 'fatal')
msg="${c_red}Error: ${notification_msg}${c_red}" msg="${c_red}Error: ${notification_msg}${c_reset}"
;; ;;
*) *)
msg="" msg=""
;; ;;
esac esac
[[ ! -z "${msg}" ]] && echo -e "${msg}" case "${notification_format}" in
'n')
options="-ne"
;;
*)
options="-e"
;;
esac
[[ ! -z "${msg}" ]] && echo $options "${msg}"
} }
function defunc() { function defunc() {
notify 'fatal' "Please fix the failures. Exiting..." notify 'fatal' "Please fix your configuration. Exiting..."
exit 1 exit 1
} }
function display_startup_daemon() {
$1 &>/dev/null
res=$?
if [[ ${DEFAULT_VARS["DMS_DEBUG"]} == 1 ]]; then
if [ $res = 0 ]; then
notify 'started' " [ OK ]"
else
echo "false"
notify 'err' " [ FAILED ]"
fi
fi
return $res
}
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# ! CARE --> DON'T CHANGE, except you know exactly what you are doing # ! CARE --> DON'T CHANGE, except you know exactly what you are doing
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
@ -299,7 +327,7 @@ function _setup_default_vars() {
for var in ${!DEFAULT_VARS[@]}; do for var in ${!DEFAULT_VARS[@]}; do
echo "export $var=${DEFAULT_VARS[$var]}" >> /root/.bashrc echo "export $var=${DEFAULT_VARS[$var]}" >> /root/.bashrc
# [ $? != 0 ] && notify 'err' "Unable to set $var=${DEFAULT_VARS[$var]}" && return 1 [ $? != 0 ] && notify 'err' "Unable to set $var=${DEFAULT_VARS[$var]}" && return 1
notify 'inf' "Set $var=${DEFAULT_VARS[$var]}" notify 'inf' "Set $var=${DEFAULT_VARS[$var]}"
done done
} }
@ -758,7 +786,7 @@ function fix() {
notify 'taskgrg' "Post-configuration checks..." notify 'taskgrg' "Post-configuration checks..."
for _func in "${FUNCS_FIX[@]}";do for _func in "${FUNCS_FIX[@]}";do
$_func $_func
# [ $? != 0 ] && defunc [ $? != 0 ] && defunc
done done
} }
@ -830,57 +858,58 @@ function start_daemons() {
done done
} }
function _start_daemons_sys() { function _start_daemons_cron() {
notify 'task' 'Starting Cron' notify 'task' 'Starting cron' 'n'
cron display_startup_daemon "cron"
}
notify 'task' 'Starting rsyslog' function _start_daemons_rsyslog() {
/etc/init.d/rsyslog start notify 'task' 'Starting rsyslog' 'n'
display_startup_daemon "/etc/init.d/rsyslog start"
} }
function _start_daemons_saslauthd() { function _start_daemons_saslauthd() {
notify "task" "Starting saslauthd" notify 'task' 'Starting saslauthd' 'n'
/etc/init.d/saslauthd start display_startup_daemon "/etc/init.d/saslauthd start"
} }
function _start_daemons_fail2ban() { function _start_daemons_fail2ban() {
notify 'task' 'Starting fail2ban' notify 'task' 'Starting fail2ban' 'n'
touch /var/log/auth.log touch /var/log/auth.log
# Delete fail2ban.sock that probably was left here after container restart # Delete fail2ban.sock that probably was left here after container restart
if [ -e /var/run/fail2ban/fail2ban.sock ]; then if [ -e /var/run/fail2ban/fail2ban.sock ]; then
rm /var/run/fail2ban/fail2ban.sock rm /var/run/fail2ban/fail2ban.sock
fi fi
/etc/init.d/fail2ban start display_startup_daemon "/etc/init.d/fail2ban start"
} }
function _start_daemons_opendkim() { function _start_daemons_opendkim() {
notify 'task' 'Starting opendkim' notify 'task' 'Starting opendkim' 'n'
/etc/init.d/opendkim start display_startup_daemon "/etc/init.d/opendkim start"
} }
function _start_daemons_opendmarc() { function _start_daemons_opendmarc() {
notify 'task' 'Starting opendmarc' notify 'task' 'Starting opendmarc' 'n'
/etc/init.d/opendmarc start display_startup_daemon "/etc/init.d/opendmarc start"
} }
function _start_daemons_postfix() { function _start_daemons_postfix() {
notify 'task' 'Starting postfix' notify 'task' 'Starting postfix' 'n'
/etc/init.d/postfix start display_startup_daemon "/etc/init.d/postfix start"
} }
function _start_daemons_dovecot() { function _start_daemons_dovecot() {
# Here we are starting sasl and imap, not pop3 because it's disabled by default # Here we are starting sasl and imap, not pop3 because it's disabled by default
notify 'task' "Starting dovecot services" notify 'task' 'Starting dovecot services' 'n'
/usr/sbin/dovecot -c /etc/dovecot/dovecot.conf display_startup_daemon "/usr/sbin/dovecot -c /etc/dovecot/dovecot.conf"
if [ "$ENABLE_POP3" = 1 ]; then if [ "$ENABLE_POP3" = 1 ]; then
notify 'inf' "Starting POP3 services" notify 'task' 'Starting pop3 services' 'n'
mv /etc/dovecot/protocols.d/pop3d.protocol.disab /etc/dovecot/protocols.d/pop3d.protocol mv /etc/dovecot/protocols.d/pop3d.protocol.disab /etc/dovecot/protocols.d/pop3d.protocol
/usr/sbin/dovecot reload display_startup_daemon "/usr/sbin/dovecot reload"
fi fi
if [ -f /tmp/docker-mailserver/dovecot.cf ]; then if [ -f /tmp/docker-mailserver/dovecot.cf ]; then
notify 'inf' "Adding file 'dovecot.cf' to the Dovecot configuration"
cp /tmp/docker-mailserver/dovecot.cf /etc/dovecot/local.conf cp /tmp/docker-mailserver/dovecot.cf /etc/dovecot/local.conf
/usr/sbin/dovecot reload /usr/sbin/dovecot reload
fi fi
@ -896,25 +925,24 @@ function _start_daemons_dovecot() {
} }
function _start_daemons_filebeat() { function _start_daemons_filebeat() {
notify 'task' 'Starting FileBeat' notify 'task' 'Starting filebeat' 'n'
/etc/init.d/filebeat start display_startup_daemon "/etc/init.d/filebeat start"
} }
function _start_daemons_fetchmail() { function _start_daemons_fetchmail() {
notify 'task' 'Starting fetchmail' notify 'task' 'Starting fetchmail' 'n'
/usr/local/bin/setup-fetchmail /usr/local/bin/setup-fetchmail
echo "Fetchmail enabled" display_startup_daemon "/etc/init.d/fetchmail start"
/etc/init.d/fetchmail start
} }
function _start_daemons_clamav() { function _start_daemons_clamav() {
notify 'task' "Starting clamav" notify 'task' 'Starting clamav' 'n'
/etc/init.d/clamav-daemon start display_startup_daemon "/etc/init.d/clamav-daemon start"
} }
function _start_daemons_amavis() { function _start_daemons_amavis() {
notify 'task' 'Starting Daemon Amavis' notify 'task' 'Starting amavis' 'n'
/etc/init.d/amavis start display_startup_daemon "/etc/init.d/amavis start"
# @TODO fix: on integration test of mail_with_ldap amavis fails because of: # @TODO fix: on integration test of mail_with_ldap amavis fails because of:
# Starting amavisd: The value of variable $myhostname is "ldap", but should have been # Starting amavisd: The value of variable $myhostname is "ldap", but should have been
@ -923,7 +951,7 @@ function _start_daemons_amavis() {
# in /etc/amavis/conf.d/05-node_id, or fix what uname(3) provides as a host's # in /etc/amavis/conf.d/05-node_id, or fix what uname(3) provides as a host's
# network name! # network name!
# > temporary workaround to passe integration test # > temporary workaround to pass integration test
return 0 return 0
} }
########################################################################## ##########################################################################
@ -939,6 +967,17 @@ function _start_daemons_amavis() {
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# >> # >>
if [[ ${DEFAULT_VARS["DMS_DEBUG"]} == 1 ]]; then
notify 'taskgrp' ""
notify 'taskgrp' "#"
notify 'taskgrp' "#"
notify 'taskgrp' "# ENV"
notify 'taskgrp' "#"
notify 'taskgrp' "#"
notify 'taskgrp' ""
printenv
fi
notify 'taskgrp' "" notify 'taskgrp' ""
notify 'taskgrp' "#" notify 'taskgrp' "#"
notify 'taskgrp' "#" notify 'taskgrp' "#"

9
test/tests.bats
View File

@ -402,13 +402,8 @@
[ "$status" -eq 0 ] [ "$status" -eq 0 ]
} }
@test "checking ssl: lets-encrypt-x1-cross-signed.pem is installed" { @test "checking ssl: lets-encrypt-x3-cross-signed.pem is installed" {
run docker exec mail grep 'BEGIN CERTIFICATE' /etc/ssl/certs/lets-encrypt-x1-cross-signed.pem run docker exec mail grep 'BEGIN CERTIFICATE' /etc/ssl/certs/lets-encrypt-x3-cross-signed.pem
[ "$status" -eq 0 ]
}
@test "checking ssl: lets-encrypt-x2-cross-signed.pem is installed" {
run docker exec mail grep 'BEGIN CERTIFICATE' /etc/ssl/certs/lets-encrypt-x2-cross-signed.pem
[ "$status" -eq 0 ] [ "$status" -eq 0 ]
} }