From 54e41d04f7f46291aa8a21fd918337a09b65eafa Mon Sep 17 00:00:00 2001 From: NorseGaud Date: Sun, 6 Mar 2022 11:37:49 -0500 Subject: [PATCH 01/10] removed Darwin specific code and modified the docs to indicate macOS is not supported --- docs/content/contributing/tests.md | 14 +++++--------- setup.sh | 8 -------- test/linting/lint.sh | 12 ++---------- 3 files changed, 7 insertions(+), 27 deletions(-) diff --git a/docs/content/contributing/tests.md b/docs/content/contributing/tests.md index aa4456cf..4192a6fd 100644 --- a/docs/content/contributing/tests.md +++ b/docs/content/contributing/tests.md @@ -5,13 +5,9 @@ title: 'Contributing | Tests' 1. Install docker 2. Execute `git submodule update --init --recursive` 3. Install jq - - !!! info "MacOS Specific (needed for tests)" - - ```bash - brew install coreutils - # bash >= 4.0 for associative arrays - brew install bash - ``` - 4. Execute `make clean all` + + +!!! info "Can I use MacOS?" + + We do not support running linting, tests, etc on macOS at this time. Please use a linux VM. \ No newline at end of file diff --git a/setup.sh b/setup.sh index 8dd22b41..02f3a953 100755 --- a/setup.sh +++ b/setup.sh @@ -88,14 +88,6 @@ function _show_local_usage function _get_absolute_script_directory { - if [[ "$(uname)" == 'Darwin' ]] - then - readlink() { - # requires coreutils - greadlink "${@:+$@}" - } - fi - if dirname "$(readlink -f "${0}")" &>/dev/null then DIR="$(dirname "$(readlink -f "${0}")")" diff --git a/test/linting/lint.sh b/test/linting/lint.sh index 2cace83a..c7e6d235 100755 --- a/test/linting/lint.sh +++ b/test/linting/lint.sh @@ -1,4 +1,4 @@ -#! /usr/bin/env bash +#! /bin/bash # version v0.2.0 unstable # executed by Make during CI or manually @@ -6,12 +6,6 @@ SCRIPT="lint.sh" -if [[ "$(uname)" == "Darwin" ]] -then - readlink() { - greadlink "${@:+$@}" # Requires coreutils - } -fi SCRIPT_DIR=$(dirname "$(readlink -f "$0")") REPO_ROOT="$(realpath "${SCRIPT_DIR}"/../../)" @@ -104,10 +98,8 @@ function _shellcheck -not -path './test/test_helper/*' \ -not -path './target/docker-configomat/*' )" - # macOS lacks parity for `-executable` but presently produces the same results: https://stackoverflow.com/a/4458361 - [[ "$(uname)" == "Darwin" ]] && FIND_EXEC="-perm -711" || FIND_EXEC="-executable" # shellcheck disable=SC2248 - F_BIN="$(find 'target/bin' ${FIND_EXEC} -type f)" + F_BIN="$(find 'target/bin' -executable -type f)" F_BATS="$(find 'test' -maxdepth 1 -type f -iname '*.bats')" # This command is a bit easier to grok as multi-line. From c56db1380ef22a506154396e0ec2974f8a2f6ce7 Mon Sep 17 00:00:00 2001 From: NorseGaud Date: Sun, 6 Mar 2022 13:37:07 -0500 Subject: [PATCH 02/10] only shellcheck shell scripts --- test/linting/lint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/linting/lint.sh b/test/linting/lint.sh index c7e6d235..b2071b30 100755 --- a/test/linting/lint.sh +++ b/test/linting/lint.sh @@ -99,7 +99,7 @@ function _shellcheck -not -path './target/docker-configomat/*' )" # shellcheck disable=SC2248 - F_BIN="$(find 'target/bin' -executable -type f)" + F_BIN="$(grep -l /bin/bash target/bin/*)" F_BATS="$(find 'test' -maxdepth 1 -type f -iname '*.bats')" # This command is a bit easier to grok as multi-line. From 3be5879fcf4e67307af200e0de0209f6ade96f4d Mon Sep 17 00:00:00 2001 From: NorseGaud Date: Sun, 6 Mar 2022 13:37:34 -0500 Subject: [PATCH 03/10] prevent piling up build intermediate containers --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index e8987763..2d8d2494 100644 --- a/Makefile +++ b/Makefile @@ -11,7 +11,7 @@ VCS_VER = $(shell git describe --tags --contains --always) all: lint build backup generate-accounts tests clean build: - docker build -t $(NAME) . --build-arg VCS_VER=$(VCS_VER) --build-arg VCS_REF=$(VCS_REF) + docker build --force-rm -t $(NAME) . --build-arg VCS_VER=$(VCS_VER) --build-arg VCS_REF=$(VCS_REF) backup: # if backup directories exist, clean hasn't been called, therefore From 1ab8ea96b234fbd1de6df9da69f80fb49cfe1d22 Mon Sep 17 00:00:00 2001 From: NorseGaud Date: Sun, 6 Mar 2022 21:11:46 -0500 Subject: [PATCH 04/10] acme_extract -> acme_extract.py + F_BIN to avoid .py --- Makefile | 2 +- target/bin/{acme_extract => acme_extract.py} | 0 target/bin/print-environment | 0 target/bin/setup | 0 target/scripts/helpers/ssl.sh | 4 ++-- test/linting/lint.sh | 2 +- 6 files changed, 4 insertions(+), 4 deletions(-) rename target/bin/{acme_extract => acme_extract.py} (100%) mode change 100644 => 100755 target/bin/print-environment mode change 100644 => 100755 target/bin/setup diff --git a/Makefile b/Makefile index 2d8d2494..e8987763 100644 --- a/Makefile +++ b/Makefile @@ -11,7 +11,7 @@ VCS_VER = $(shell git describe --tags --contains --always) all: lint build backup generate-accounts tests clean build: - docker build --force-rm -t $(NAME) . --build-arg VCS_VER=$(VCS_VER) --build-arg VCS_REF=$(VCS_REF) + docker build -t $(NAME) . --build-arg VCS_VER=$(VCS_VER) --build-arg VCS_REF=$(VCS_REF) backup: # if backup directories exist, clean hasn't been called, therefore diff --git a/target/bin/acme_extract b/target/bin/acme_extract.py similarity index 100% rename from target/bin/acme_extract rename to target/bin/acme_extract.py diff --git a/target/bin/print-environment b/target/bin/print-environment old mode 100644 new mode 100755 diff --git a/target/bin/setup b/target/bin/setup old mode 100644 new mode 100755 diff --git a/target/scripts/helpers/ssl.sh b/target/scripts/helpers/ssl.sh index dc401e22..7731e6d8 100644 --- a/target/scripts/helpers/ssl.sh +++ b/target/scripts/helpers/ssl.sh @@ -418,8 +418,8 @@ function _extract_certs_from_acme fi local KEY CERT - KEY=$(acme_extract /etc/letsencrypt/acme.json "${CERT_DOMAIN}" --key) - CERT=$(acme_extract /etc/letsencrypt/acme.json "${CERT_DOMAIN}" --cert) + KEY=$(acme_extract.py /etc/letsencrypt/acme.json "${CERT_DOMAIN}" --key) + CERT=$(acme_extract.py /etc/letsencrypt/acme.json "${CERT_DOMAIN}" --cert) if [[ -z ${KEY} ]] || [[ -z ${CERT} ]] then diff --git a/test/linting/lint.sh b/test/linting/lint.sh index b2071b30..b67e6c5f 100755 --- a/test/linting/lint.sh +++ b/test/linting/lint.sh @@ -99,7 +99,7 @@ function _shellcheck -not -path './target/docker-configomat/*' )" # shellcheck disable=SC2248 - F_BIN="$(grep -l /bin/bash target/bin/*)" + F_BIN="$(find 'target/bin' -type f -not -name '*.py')" F_BATS="$(find 'test' -maxdepth 1 -type f -iname '*.bats')" # This command is a bit easier to grok as multi-line. From a2f22422ca7cb6c2f0248648e751bdcfeba67e8c Mon Sep 17 00:00:00 2001 From: Casper Date: Mon, 7 Mar 2022 23:00:32 +0100 Subject: [PATCH 05/10] docs: Enhance logrotate description (#2469) --- docs/content/config/environment.md | 8 ++++---- mailserver.env | 12 +++++++----- 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/docs/content/config/environment.md b/docs/content/config/environment.md index 535dec5b..4636db9b 100644 --- a/docs/content/config/environment.md +++ b/docs/content/config/environment.md @@ -317,11 +317,11 @@ Defines who sends reports (if they are enabled). ##### LOGROTATE_INTERVAL -Changes the interval in which a report is being sent. +Changes the interval in which log files are rotated. -- **weekly** => Rotate weekly. -- daily => Rotate daily. -- monthly => Rotate monthly. +- **weekly** => Rotate log files weekly +- daily => Rotate log files daily +- monthly => Rotate log files monthly !!! note diff --git a/mailserver.env b/mailserver.env index 6d3d7bca..48a07d37 100644 --- a/mailserver.env +++ b/mailserver.env @@ -233,17 +233,19 @@ REPORT_RECIPIENT= # => Specify the sender address REPORT_SENDER= -# Changes the interval in which a report is being sent. -# **weekly** => Send a report every week -# daily => Send a daily report -# monthly => Send a report every month +# Changes the interval in which log files are rotated +# **weekly** => Rotate log files weekly +# daily => Rotate log files daily +# monthly => Rotate log files monthly # # Note: This Variable actually controls logrotate inside the container -# and rotates the log depending on this setting. The main log output is +# and rotates the log files depending on this setting. The main log output is # still available in its entirety via `docker logs mail` (Or your # respective container name). If you want to control logrotation for # the Docker-generated logfile see: # https://docs.docker.com/config/containers/logging/configure/ +# +# Note: This variable can also determine the interval for Postfix's log summary reports, see [`PFLOGSUMM_TRIGGER`](#pflogsumm_trigger). LOGROTATE_INTERVAL=weekly # Choose TCP/IP protocols for postfix to use From bf7fba68bd2d32f4816c294db41587847f7f31df Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 9 Mar 2022 11:57:01 +1300 Subject: [PATCH 06/10] chore(deps): bump actions/checkout from 2 to 3 (#2470) Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Frederic Werner <20406381+wernerfred@users.noreply.github.com> --- .github/workflows/contributors.yml | 2 +- .github/workflows/default_on_push.yml | 4 ++-- .github/workflows/docs-preview-prepare.yml | 2 +- .github/workflows/docs-production-deploy.yml | 6 +++--- .github/workflows/linting.yml | 2 +- .github/workflows/scheduled_builds.yml | 2 +- .github/workflows/test_merge_requests.yml | 2 +- 7 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/contributors.yml b/.github/workflows/contributors.yml index bb5fe5b8..8924a738 100644 --- a/.github/workflows/contributors.yml +++ b/.github/workflows/contributors.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest needs: delete-old-branch steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Create contributors-update branch uses: peterjgrainger/action-create-branch@v2.1.0 diff --git a/.github/workflows/default_on_push.yml b/.github/workflows/default_on_push.yml index daa90ab3..246a72a6 100644 --- a/.github/workflows/default_on_push.yml +++ b/.github/workflows/default_on_push.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout - uses: actions/checkout@v2.3.4 + uses: actions/checkout@v3 with: submodules: recursive @@ -62,7 +62,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2.3.4 + uses: actions/checkout@v3 with: submodules: recursive diff --git a/.github/workflows/docs-preview-prepare.yml b/.github/workflows/docs-preview-prepare.yml index ffeb783e..80d2ffc4 100644 --- a/.github/workflows/docs-preview-prepare.yml +++ b/.github/workflows/docs-preview-prepare.yml @@ -26,7 +26,7 @@ jobs: NETLIFY_SITE_PREFIX: pullrequest-${{ github.event.pull_request.number }} NETLIFY_SITE_NAME: dms-doc-previews steps: - - uses: actions/checkout@v2.4.0 + - uses: actions/checkout@v3 - name: 'Build with mkdocs-material via Docker' working-directory: docs diff --git a/.github/workflows/docs-production-deploy.yml b/.github/workflows/docs-production-deploy.yml index cb1aaa01..a1520f04 100644 --- a/.github/workflows/docs-production-deploy.yml +++ b/.github/workflows/docs-production-deploy.yml @@ -26,7 +26,7 @@ jobs: name: 'Deploy Docs' runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v2.4.0 + - uses: actions/checkout@v3 - name: 'Check if deploy is for a `v.` tag version instead of `edge`' if: startsWith(github.ref, 'refs/tags/') @@ -75,10 +75,10 @@ jobs: needs: deploy steps: - name: 'Checkout the tagged commit (shallow clone)' - uses: actions/checkout@v2.4.0 + uses: actions/checkout@v3 - name: 'Checkout the docs deployment branch to a subdirectory' - uses: actions/checkout@v2.4.0 + uses: actions/checkout@v3 with: ref: gh-pages path: gh-pages diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 57bd0f9c..ca5501ef 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout - uses: actions/checkout@v2.3.4 + uses: actions/checkout@v3 with: submodules: recursive diff --git a/.github/workflows/scheduled_builds.yml b/.github/workflows/scheduled_builds.yml index cfd149d2..ad4e7163 100644 --- a/.github/workflows/scheduled_builds.yml +++ b/.github/workflows/scheduled_builds.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout - uses: actions/checkout@v2.3.4 + uses: actions/checkout@v3 with: submodules: recursive diff --git a/.github/workflows/test_merge_requests.yml b/.github/workflows/test_merge_requests.yml index 3671644f..6cf95dd4 100644 --- a/.github/workflows/test_merge_requests.yml +++ b/.github/workflows/test_merge_requests.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout - uses: actions/checkout@v2.3.4 + uses: actions/checkout@v3 with: submodules: recursive From 542c1f4e8dbaa78fdcdb245dfb6e3712aad7c15f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 9 Mar 2022 11:59:00 +1300 Subject: [PATCH 07/10] chore(deps): bump docker/login-action from 1.14.0 to 1.14.1 (#2471) Bumps [docker/login-action](https://github.com/docker/login-action) from 1.14.0 to 1.14.1. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v1.14.0...v1.14.1) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com> --- .github/workflows/default_on_push.yml | 4 ++-- .github/workflows/scheduled_builds.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/default_on_push.yml b/.github/workflows/default_on_push.yml index 246a72a6..242bd0c8 100644 --- a/.github/workflows/default_on_push.yml +++ b/.github/workflows/default_on_push.yml @@ -97,13 +97,13 @@ jobs: ${{ runner.os }}-buildx- - name: Login to DockerHub - uses: docker/login-action@v1.14.0 + uses: docker/login-action@v1.14.1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Login to GitHub Container Registry - uses: docker/login-action@v1.14.0 + uses: docker/login-action@v1.14.1 with: registry: ghcr.io username: ${{ github.actor }} diff --git a/.github/workflows/scheduled_builds.yml b/.github/workflows/scheduled_builds.yml index ad4e7163..cab56883 100644 --- a/.github/workflows/scheduled_builds.yml +++ b/.github/workflows/scheduled_builds.yml @@ -31,13 +31,13 @@ jobs: id: buildx - name: Login to DockerHub - uses: docker/login-action@v1.14.0 + uses: docker/login-action@v1.14.1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Login to GitHub Container Registry - uses: docker/login-action@v1.14.0 + uses: docker/login-action@v1.14.1 with: registry: ghcr.io username: ${{ github.actor }} From 66cf4f3a54fd26f551bc6feb1a12c92bb98adcf5 Mon Sep 17 00:00:00 2001 From: NorseGaud Date: Tue, 8 Mar 2022 18:30:29 -0500 Subject: [PATCH 08/10] ${@:+$@} -> ${@} --- setup.sh | 8 ++++---- test/linting/lint.sh | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/setup.sh b/setup.sh index 02f3a953..ccaed653 100755 --- a/setup.sh +++ b/setup.sh @@ -146,7 +146,7 @@ function _run_in_new_container ${CRI} run --rm "${USE_TTY}" \ -v "${CONFIG_PATH}:${DMS_CONFIG}${USE_SELINUX}" \ - "${IMAGE_NAME}" "${@:+$@}" + "${IMAGE_NAME}" "${@}" } function _main @@ -226,9 +226,9 @@ function _main if [[ -n ${CONTAINER_NAME} ]] then - ${CRI} exec "${USE_TTY}" "${CONTAINER_NAME}" setup "${@:+$@}" + ${CRI} exec "${USE_TTY}" "${CONTAINER_NAME}" setup "${@}" else - _run_in_new_container setup "${@:+$@}" + _run_in_new_container setup "${@}" fi [[ ${1} == 'help' ]] && _show_local_usage @@ -236,4 +236,4 @@ function _main return 0 } -_main "${@:+$@}" +_main "${@}" diff --git a/test/linting/lint.sh b/test/linting/lint.sh index b67e6c5f..c7e125f8 100755 --- a/test/linting/lint.sh +++ b/test/linting/lint.sh @@ -52,7 +52,7 @@ function __log_success function __in_path { - command -v "${@:+$@}" &>/dev/null && return 0 ; return 1 ; + command -v "${@}" &>/dev/null && return 0 ; return 1 ; } function _eclint @@ -156,4 +156,4 @@ function __main esac } -__main "${@:+$@}" || exit ${?} +__main "${@}" || exit ${?} From 5b5b444094eb2e58e1ae4a69a0994146415e769e Mon Sep 17 00:00:00 2001 From: Casper Date: Tue, 15 Mar 2022 02:51:47 +0100 Subject: [PATCH 09/10] docs(fail2ban): Use the correct example config location (#2484) --- docs/content/config/security/fail2ban.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/content/config/security/fail2ban.md b/docs/content/config/security/fail2ban.md index 775c2de5..43d326ee 100644 --- a/docs/content/config/security/fail2ban.md +++ b/docs/content/config/security/fail2ban.md @@ -8,9 +8,9 @@ Fail2Ban is installed automatically and bans IP addresses for 3 hours after 3 fa ## Configuration files -If you want to change this, you can easily edit our github example file: [`config/fail2ban-jail.cf`][github-file-f2bjail]. +If you want to change this, you can easily edit our github example file: [`config-examples/fail2ban-jail.cf`][github-file-f2bjail]. -You can do the same with the values from `fail2ban.conf`, e.g `dbpurgeage`. In that case you need to edit: [`config/fail2ban-fail2ban.cf`][github-file-f2bconfig]. +You can do the same with the values from `fail2ban.conf`, e.g `dbpurgeage`. In that case you need to edit: [`config-examples/fail2ban-fail2ban.cf`][github-file-f2bconfig]. The configuration files need to be located at the root of the `/tmp/docker-mailserver/` volume bind (usually `./docker-data/dms/config/:/tmp/docker-mailserver/`). From b730942b96aec3ab52699b5d927577f42eef0a45 Mon Sep 17 00:00:00 2001 From: Casper Date: Tue, 15 Mar 2022 13:47:13 +0100 Subject: [PATCH 10/10] Makefile: Remove backup/restore of obsolete config directory (#2479) --- Makefile | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index e8987763..6e436fcf 100644 --- a/Makefile +++ b/Makefile @@ -14,14 +14,12 @@ build: docker build -t $(NAME) . --build-arg VCS_VER=$(VCS_VER) --build-arg VCS_REF=$(VCS_REF) backup: -# if backup directories exist, clean hasn't been called, therefore +# if backup directory exist, clean hasn't been called, therefore # we shouldn't overwrite it. It still contains the original content. - -@ [[ ! -d config.bak ]] && cp -rp config config.bak || : -@ [[ ! -d testconfig.bak ]] && cp -rp test/config testconfig.bak || : clean: -# remove running and stopped test containers - -@ [[ -d config.bak ]] && { rm -rf config ; mv config.bak config ; } || : +# remove test containers and restore test/config directory -@ [[ -d testconfig.bak ]] && { sudo rm -rf test/config ; mv testconfig.bak test/config ; } || : -@ for container in $$(docker ps -a --filter name='^/mail$$|^ldap_for_mail$$|^mail_override_hostname$$|^mail_non_subdomain_hostname$$|^open-dkim$$|^hadolint$$|^eclint$$|^shellcheck$$|mail_changedetector.*' | sed 1d | cut -f 1-1 -d ' '); do docker rm -f $$container; done -@ sudo rm -rf test/onedir test/alias test/quota test/relay test/config/dovecot-lmtp/userdb test/config/key* test/config/opendkim/keys/domain.tld/ test/config/opendkim/keys/example.com/ test/config/opendkim/keys/localdomain2.com/ test/config/postfix-aliases.cf test/config/postfix-receive-access.cf test/config/postfix-receive-access.cfe test/config/dovecot-quotas.cf test/config/postfix-send-access.cf test/config/postfix-send-access.cfe test/config/relay-hosts/chksum test/config/relay-hosts/postfix-aliases.cf test/config/dhparams.pem test/config/dovecot-lmtp/dh.pem test/config/relay-hosts/dovecot-quotas.cf test/config/user-patches.sh test/alias/config/postfix-virtual.cf test/quota/config/dovecot-quotas.cf test/quota/config/postfix-accounts.cf test/relay/config/postfix-relaymap.cf test/relay/config/postfix-sasl-password.cf test/duplicate_configs/