Archive-Team
/
docker-mailserver
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into issues/2467

This commit is contained in:
Nathan Pierce 2022-03-15 10:18:52 -04:00 committed by GitHub
parent f14945c52d b730942b96
commit 6dd8d48a04
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
18 changed files with 44 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/contributors.yml vendored
View File

@ -19,7 +19,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: delete-old-branch needs: delete-old-branch
steps: steps:
- uses: actions/checkout@v2 - uses: actions/checkout@v3
- name: Create contributors-update branch - name: Create contributors-update branch
uses: peterjgrainger/action-create-branch@v2.1.0 uses: peterjgrainger/action-create-branch@v2.1.0

8
.github/workflows/default_on_push.yml vendored
View File

@ -19,7 +19,7 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v2.3.4 uses: actions/checkout@v3
with: with:
submodules: recursive submodules: recursive
@ -62,7 +62,7 @@ jobs:
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v2.3.4 uses: actions/checkout@v3
with: with:
submodules: recursive submodules: recursive
@ -97,13 +97,13 @@ jobs:
${{ runner.os }}-buildx- ${{ runner.os }}-buildx-
- name: Login to DockerHub - name: Login to DockerHub
uses: docker/login-action@v1.14.0 uses: docker/login-action@v1.14.1
with: with:
username: ${{ secrets.DOCKER_USERNAME }} username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }} password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry - name: Login to GitHub Container Registry
uses: docker/login-action@v1.14.0 uses: docker/login-action@v1.14.1
with: with:
registry: ghcr.io registry: ghcr.io
username: ${{ github.actor }} username: ${{ github.actor }}

2
.github/workflows/docs-preview-prepare.yml vendored
View File

@ -26,7 +26,7 @@ jobs:
NETLIFY_SITE_PREFIX: pullrequest-${{ github.event.pull_request.number }} NETLIFY_SITE_PREFIX: pullrequest-${{ github.event.pull_request.number }}
NETLIFY_SITE_NAME: dms-doc-previews NETLIFY_SITE_NAME: dms-doc-previews
steps: steps:
- uses: actions/checkout@v2.4.0 - uses: actions/checkout@v3
- name: 'Build with mkdocs-material via Docker' - name: 'Build with mkdocs-material via Docker'
working-directory: docs working-directory: docs

6
.github/workflows/docs-production-deploy.yml vendored
View File

@ -26,7 +26,7 @@ jobs:
name: 'Deploy Docs' name: 'Deploy Docs'
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- uses: actions/checkout@v2.4.0 - uses: actions/checkout@v3
- name: 'Check if deploy is for a `v<major>.<minor>` tag version instead of `edge`' - name: 'Check if deploy is for a `v<major>.<minor>` tag version instead of `edge`'
if: startsWith(github.ref, 'refs/tags/') if: startsWith(github.ref, 'refs/tags/')
@ -75,10 +75,10 @@ jobs:
needs: deploy needs: deploy
steps: steps:
- name: 'Checkout the tagged commit (shallow clone)' - name: 'Checkout the tagged commit (shallow clone)'
uses: actions/checkout@v2.4.0 uses: actions/checkout@v3
- name: 'Checkout the docs deployment branch to a subdirectory' - name: 'Checkout the docs deployment branch to a subdirectory'
uses: actions/checkout@v2.4.0 uses: actions/checkout@v3
with: with:
ref: gh-pages ref: gh-pages
path: gh-pages path: gh-pages

2
.github/workflows/linting.yml vendored
View File

@ -12,7 +12,7 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v2.3.4 uses: actions/checkout@v3
with: with:
submodules: recursive submodules: recursive

6
.github/workflows/scheduled_builds.yml vendored
View File

@ -9,7 +9,7 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v2.3.4 uses: actions/checkout@v3
with: with:
submodules: recursive submodules: recursive
@ -31,13 +31,13 @@ jobs:
id: buildx id: buildx
- name: Login to DockerHub - name: Login to DockerHub
uses: docker/login-action@v1.14.0 uses: docker/login-action@v1.14.1
with: with:
username: ${{ secrets.DOCKER_USERNAME }} username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }} password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry - name: Login to GitHub Container Registry
uses: docker/login-action@v1.14.0 uses: docker/login-action@v1.14.1
with: with:
registry: ghcr.io registry: ghcr.io
username: ${{ github.actor }} username: ${{ github.actor }}

2
.github/workflows/test_merge_requests.yml vendored
View File

@ -16,7 +16,7 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v2.3.4 uses: actions/checkout@v3
with: with:
submodules: recursive submodules: recursive

6
Makefile
View File

@ -14,14 +14,12 @@ build:
docker build -t $(NAME) . --build-arg VCS_VER=$(VCS_VER) --build-arg VCS_REF=$(VCS_REF) docker build -t $(NAME) . --build-arg VCS_VER=$(VCS_VER) --build-arg VCS_REF=$(VCS_REF)
backup: backup:
# if backup directories exist, clean hasn't been called, therefore # if backup directory exist, clean hasn't been called, therefore
# we shouldn't overwrite it. It still contains the original content. # we shouldn't overwrite it. It still contains the original content.
-@ [[ ! -d config.bak ]] && cp -rp config config.bak || :
-@ [[ ! -d testconfig.bak ]] && cp -rp test/config testconfig.bak || : -@ [[ ! -d testconfig.bak ]] && cp -rp test/config testconfig.bak || :
clean: clean:
# remove running and stopped test containers # remove test containers and restore test/config directory
-@ [[ -d config.bak ]] && { rm -rf config ; mv config.bak config ; } || :
-@ [[ -d testconfig.bak ]] && { sudo rm -rf test/config ; mv testconfig.bak test/config ; } || : -@ [[ -d testconfig.bak ]] && { sudo rm -rf test/config ; mv testconfig.bak test/config ; } || :
-@ for container in $$(docker ps -a --filter name='^/mail$$|^ldap_for_mail$$|^mail_override_hostname$$|^mail_non_subdomain_hostname$$|^open-dkim$$|^hadolint$$|^eclint$$|^shellcheck$$|mail_changedetector.*' | sed 1d | cut -f 1-1 -d ' '); do docker rm -f $$container; done -@ for container in $$(docker ps -a --filter name='^/mail$$|^ldap_for_mail$$|^mail_override_hostname$$|^mail_non_subdomain_hostname$$|^open-dkim$$|^hadolint$$|^eclint$$|^shellcheck$$|mail_changedetector.*' | sed 1d | cut -f 1-1 -d ' '); do docker rm -f $$container; done
-@ sudo rm -rf test/onedir test/alias test/quota test/relay test/config/dovecot-lmtp/userdb test/config/key* test/config/opendkim/keys/domain.tld/ test/config/opendkim/keys/example.com/ test/config/opendkim/keys/localdomain2.com/ test/config/postfix-aliases.cf test/config/postfix-receive-access.cf test/config/postfix-receive-access.cfe test/config/dovecot-quotas.cf test/config/postfix-send-access.cf test/config/postfix-send-access.cfe test/config/relay-hosts/chksum test/config/relay-hosts/postfix-aliases.cf test/config/dhparams.pem test/config/dovecot-lmtp/dh.pem test/config/relay-hosts/dovecot-quotas.cf test/config/user-patches.sh test/alias/config/postfix-virtual.cf test/quota/config/dovecot-quotas.cf test/quota/config/postfix-accounts.cf test/relay/config/postfix-relaymap.cf test/relay/config/postfix-sasl-password.cf test/duplicate_configs/ -@ sudo rm -rf test/onedir test/alias test/quota test/relay test/config/dovecot-lmtp/userdb test/config/key* test/config/opendkim/keys/domain.tld/ test/config/opendkim/keys/example.com/ test/config/opendkim/keys/localdomain2.com/ test/config/postfix-aliases.cf test/config/postfix-receive-access.cf test/config/postfix-receive-access.cfe test/config/dovecot-quotas.cf test/config/postfix-send-access.cf test/config/postfix-send-access.cfe test/config/relay-hosts/chksum test/config/relay-hosts/postfix-aliases.cf test/config/dhparams.pem test/config/dovecot-lmtp/dh.pem test/config/relay-hosts/dovecot-quotas.cf test/config/user-patches.sh test/alias/config/postfix-virtual.cf test/quota/config/dovecot-quotas.cf test/quota/config/postfix-accounts.cf test/relay/config/postfix-relaymap.cf test/relay/config/postfix-sasl-password.cf test/duplicate_configs/

8
docs/content/config/environment.md
View File

@ -317,11 +317,11 @@ Defines who sends reports (if they are enabled).
##### LOGROTATE_INTERVAL ##### LOGROTATE_INTERVAL
Changes the interval in which a report is being sent. Changes the interval in which log files are rotated.
- **weekly** => Rotate weekly. - **weekly** => Rotate log files weekly
- daily => Rotate daily. - daily => Rotate log files daily
- monthly => Rotate monthly. - monthly => Rotate log files monthly
!!! note !!! note

4
docs/content/config/security/fail2ban.md
View File

@ -8,9 +8,9 @@ Fail2Ban is installed automatically and bans IP addresses for 3 hours after 3 fa
## Configuration files ## Configuration files
If you want to change this, you can easily edit our github example file: [`config/fail2ban-jail.cf`][github-file-f2bjail]. If you want to change this, you can easily edit our github example file: [`config-examples/fail2ban-jail.cf`][github-file-f2bjail].
You can do the same with the values from `fail2ban.conf`, e.g `dbpurgeage`. In that case you need to edit: [`config/fail2ban-fail2ban.cf`][github-file-f2bconfig]. You can do the same with the values from `fail2ban.conf`, e.g `dbpurgeage`. In that case you need to edit: [`config-examples/fail2ban-fail2ban.cf`][github-file-f2bconfig].
The configuration files need to be located at the root of the `/tmp/docker-mailserver/` volume bind (usually `./docker-data/dms/config/:/tmp/docker-mailserver/`). The configuration files need to be located at the root of the `/tmp/docker-mailserver/` volume bind (usually `./docker-data/dms/config/:/tmp/docker-mailserver/`).

14
docs/content/contributing/tests.md
View File

@ -5,13 +5,9 @@ title: 'Contributing | Tests'
1. Install docker 1. Install docker
2. Execute `git submodule update --init --recursive` 2. Execute `git submodule update --init --recursive`
3. Install jq 3. Install jq
!!! info "MacOS Specific (needed for tests)"
```bash
brew install coreutils
# bash >= 4.0 for associative arrays
brew install bash
```
4. Execute `make clean all` 4. Execute `make clean all`
!!! info "Can I use MacOS?"
We do not support running linting, tests, etc on macOS at this time. Please use a linux VM.

12
mailserver.env
View File

@ -233,17 +233,19 @@ REPORT_RECIPIENT=
# => Specify the sender address # => Specify the sender address
REPORT_SENDER= REPORT_SENDER=
# Changes the interval in which a report is being sent. # Changes the interval in which log files are rotated
# **weekly** => Send a report every week # **weekly** => Rotate log files weekly
# daily => Send a daily report # daily => Rotate log files daily
# monthly => Send a report every month # monthly => Rotate log files monthly
# #
# Note: This Variable actually controls logrotate inside the container # Note: This Variable actually controls logrotate inside the container
# and rotates the log depending on this setting. The main log output is # and rotates the log files depending on this setting. The main log output is
# still available in its entirety via `docker logs mail` (Or your # still available in its entirety via `docker logs mail` (Or your
# respective container name). If you want to control logrotation for # respective container name). If you want to control logrotation for
# the Docker-generated logfile see: # the Docker-generated logfile see:
# https://docs.docker.com/config/containers/logging/configure/ # https://docs.docker.com/config/containers/logging/configure/
#
# Note: This variable can also determine the interval for Postfix's log summary reports, see [`PFLOGSUMM_TRIGGER`](#pflogsumm_trigger).
LOGROTATE_INTERVAL=weekly LOGROTATE_INTERVAL=weekly
# Choose TCP/IP protocols for postfix to use # Choose TCP/IP protocols for postfix to use

16
setup.sh
View File

@ -88,14 +88,6 @@ function _show_local_usage
function _get_absolute_script_directory function _get_absolute_script_directory
{ {
if [[ "$(uname)" == 'Darwin' ]]
then
readlink() {
# requires coreutils
greadlink "${@:+$@}"
}
fi
if dirname "$(readlink -f "${0}")" &>/dev/null if dirname "$(readlink -f "${0}")" &>/dev/null
then then
DIR="$(dirname "$(readlink -f "${0}")")" DIR="$(dirname "$(readlink -f "${0}")")"
@ -154,7 +146,7 @@ function _run_in_new_container
${CRI} run --rm "${USE_TTY}" \ ${CRI} run --rm "${USE_TTY}" \
-v "${CONFIG_PATH}:${DMS_CONFIG}${USE_SELINUX}" \ -v "${CONFIG_PATH}:${DMS_CONFIG}${USE_SELINUX}" \
"${IMAGE_NAME}" "${@:+$@}" "${IMAGE_NAME}" "${@}"
} }
function _main function _main
@ -234,9 +226,9 @@ function _main
if [[ -n ${CONTAINER_NAME} ]] if [[ -n ${CONTAINER_NAME} ]]
then then
${CRI} exec "${USE_TTY}" "${CONTAINER_NAME}" setup "${@:+$@}" ${CRI} exec "${USE_TTY}" "${CONTAINER_NAME}" setup "${@}"
else else
_run_in_new_container setup "${@:+$@}" _run_in_new_container setup "${@}"
fi fi
[[ ${1} == 'help' ]] && _show_local_usage [[ ${1} == 'help' ]] && _show_local_usage
@ -244,4 +236,4 @@ function _main
return 0 return 0
} }
_main "${@:+$@}" _main "${@}"

0
target/bin/acme_extract → target/bin/acme_extract.py
View File

0
target/bin/print-environment Normal file → Executable file
View File

0
target/bin/setup Normal file → Executable file
View File

4
target/scripts/helpers/ssl.sh
View File

@ -418,8 +418,8 @@ function _extract_certs_from_acme
fi fi
local KEY CERT local KEY CERT
KEY=$(acme_extract /etc/letsencrypt/acme.json "${CERT_DOMAIN}" --key) KEY=$(acme_extract.py /etc/letsencrypt/acme.json "${CERT_DOMAIN}" --key)
CERT=$(acme_extract /etc/letsencrypt/acme.json "${CERT_DOMAIN}" --cert) CERT=$(acme_extract.py /etc/letsencrypt/acme.json "${CERT_DOMAIN}" --cert)
if [[ -z ${KEY} ]] || [[ -z ${CERT} ]] if [[ -z ${KEY} ]] || [[ -z ${CERT} ]]
then then

16
test/linting/lint.sh
View File

@ -1,4 +1,4 @@
#! /usr/bin/env bash #! /bin/bash
# version v0.2.0 unstable # version v0.2.0 unstable
# executed by Make during CI or manually # executed by Make during CI or manually
@ -6,12 +6,6 @@
SCRIPT="lint.sh" SCRIPT="lint.sh"
if [[ "$(uname)" == "Darwin" ]]
then
readlink() {
greadlink "${@:+$@}" # Requires coreutils
}
fi
SCRIPT_DIR=$(dirname "$(readlink -f "$0")") SCRIPT_DIR=$(dirname "$(readlink -f "$0")")
REPO_ROOT="$(realpath "${SCRIPT_DIR}"/../../)" REPO_ROOT="$(realpath "${SCRIPT_DIR}"/../../)"
@ -58,7 +52,7 @@ function __log_success
function __in_path function __in_path
{ {
command -v "${@:+$@}" &>/dev/null && return 0 ; return 1 ; command -v "${@}" &>/dev/null && return 0 ; return 1 ;
} }
function _eclint function _eclint
@ -104,10 +98,8 @@ function _shellcheck
-not -path './test/test_helper/*' \ -not -path './test/test_helper/*' \
-not -path './target/docker-configomat/*' -not -path './target/docker-configomat/*'
)" )"
# macOS lacks parity for `-executable` but presently produces the same results: https://stackoverflow.com/a/4458361
[[ "$(uname)" == "Darwin" ]] && FIND_EXEC="-perm -711" || FIND_EXEC="-executable"
# shellcheck disable=SC2248 # shellcheck disable=SC2248
F_BIN="$(find 'target/bin' ${FIND_EXEC} -type f)" F_BIN="$(find 'target/bin' -type f -not -name '*.py')"
F_BATS="$(find 'test' -maxdepth 1 -type f -iname '*.bats')" F_BATS="$(find 'test' -maxdepth 1 -type f -iname '*.bats')"
# This command is a bit easier to grok as multi-line. # This command is a bit easier to grok as multi-line.
@ -164,4 +156,4 @@ function __main
esac esac
} }
__main "${@:+$@}" || exit ${?} __main "${@}" || exit ${?}