From c3da995b99b34e6d6346725676cee25f6278c89e Mon Sep 17 00:00:00 2001 From: Johan Smits Date: Sat, 29 Jul 2017 11:38:09 +0200 Subject: [PATCH] Use the supervisor as the main process. The start-mailserver is started from the supervisord and then this process triggers others. Defined some default variable in the Dockerfile. In order for supervisored to build the command lines the ENV variable need to be set. Therefore the defaults are defined. Some processes are not single processes like postfix and fail2ban and they have a wrapper. The wrapper takes care of proper shutdown and checking if the process is running or not. Supervisored will restart the wrapping script if the process is gone. Increased some delays between tests because sometimes they where to short for all containers to be running. --- Dockerfile | 21 +++-- Makefile | 24 ++--- setup.sh | 2 +- target/fail2ban-wrapper.sh | 33 +++++++ target/postfix-wrapper.sh | 33 +++++++ target/start-mailserver.sh | 31 ++----- target/supervisor/saslauth.conf | 44 +++++++++ target/supervisor/supervisor-app.conf | 126 +++++++++++++------------- test/tests.bats | 100 ++++++++++---------- 9 files changed, 258 insertions(+), 156 deletions(-) create mode 100644 target/fail2ban-wrapper.sh create mode 100644 target/postfix-wrapper.sh create mode 100644 target/supervisor/saslauth.conf diff --git a/Dockerfile b/Dockerfile index 168648fd..c2a03a91 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,6 +4,13 @@ MAINTAINER Thomas VIAL ENV DEBIAN_FRONTEND noninteractive ENV VIRUSMAILS_DELETE_DELAY=7 ENV ONE_DIR=0 +ENV ENABLE_POSTGREY=0 +ENV POSTGREY_DELAY=300 +ENV POSTGREY_MAX_AGE=35 +ENV POSTGREY_TEXT="Delayed by postgrey" + +ENV SASLAUTHD_MECHANISMS=pam +ENV SASLAUTHD_MECH_OPTIONS="" # Packages RUN apt-get update -q --fix-missing && \ @@ -137,9 +144,7 @@ COPY target/opendmarc/ignore.hosts /etc/opendmarc/ignore.hosts # Configure fetchmail COPY target/fetchmail/fetchmailrc /etc/fetchmailrc_general RUN sed -i 's/START_DAEMON=no/START_DAEMON=yes/g' /etc/default/fetchmail - -# Configure supervisor -COPY target/supervisor/supervisor-app.conf /etc/supervisor/conf.d/ +RUN mkdir /var/run/fetchmail && chown fetchmail /var/run/fetchmail # Configures Postfix COPY target/postfix/main.cf target/postfix/master.cf /etc/postfix/ @@ -167,12 +172,14 @@ RUN curl -s https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem > /et COPY ./target/bin /usr/local/bin # Start-mailserver script -COPY ./target/start-mailserver.sh ./target/docker-configomat/configomat.sh /usr/local/bin/ +COPY ./target/start-mailserver.sh ./target/fail2ban-wrapper.sh ./target/postfix-wrapper.sh ./target/docker-configomat/configomat.sh /usr/local/bin/ RUN chmod +x /usr/local/bin/* +# Configure supervisor +COPY target/supervisor/* /etc/supervisor/conf.d/ + EXPOSE 25 587 143 993 110 995 4190 -CMD /usr/local/bin/start-mailserver.sh | tee /var/log/container-startup.log +CMD supervisord -c /etc/supervisor/supervisord.conf - -ADD target/filebeat.yml.tmpl /etc/filebeat/filebeat.yml.tmpl +ADD target/filebeat.yml.tmpl /etc/filebeat/filebeat.yml.tmpl \ No newline at end of file diff --git a/Makefile b/Makefile index 70938eeb..33f43da1 100644 --- a/Makefile +++ b/Makefile @@ -32,7 +32,7 @@ run: -e SASL_PASSWD="external-domain.com username:password" \ -e ENABLE_MANAGESIEVE=1 \ -e PERMIT_DOCKER=host \ - -e DMS_DEBUG=1 \ + -e DMS_DEBUG=0 \ -h mail.my-domain.com -t $(NAME) sleep 15 docker run -d --name mail_pop3 \ @@ -40,7 +40,7 @@ run: -v "`pwd`/test":/tmp/docker-mailserver-test \ -v "`pwd`/test/config/letsencrypt":/etc/letsencrypt/live \ -e ENABLE_POP3=1 \ - -e DMS_DEBUG=1 \ + -e DMS_DEBUG=0 \ -e SSL_TYPE=letsencrypt \ -h mail.my-domain.com -t $(NAME) sleep 15 @@ -49,7 +49,7 @@ run: -v "`pwd`/test":/tmp/docker-mailserver-test \ -e SMTP_ONLY=1 \ -e PERMIT_DOCKER=network \ - -e DMS_DEBUG=1 \ + -e DMS_DEBUG=0 \ -e OVERRIDE_HOSTNAME=mail.my-domain.com \ -t $(NAME) sleep 15 @@ -64,7 +64,7 @@ run: -v "`pwd`/test/config":/tmp/docker-mailserver \ -v "`pwd`/test":/tmp/docker-mailserver-test \ -e PERMIT_DOCKER=network \ - -e DMS_DEBUG=1 \ + -e DMS_DEBUG=0 \ -e OVERRIDE_HOSTNAME=mail.my-domain.com \ -h mail.my-domain.com \ -t $(NAME) @@ -81,7 +81,7 @@ run: -v "`pwd`/test":/tmp/docker-mailserver-test \ -e ENABLE_FETCHMAIL=1 \ --cap-add=NET_ADMIN \ - -e DMS_DEBUG=1 \ + -e DMS_DEBUG=0 \ -h mail.my-domain.com -t $(NAME) sleep 15 docker run -d --name mail_disabled_clamav_spamassassin \ @@ -89,7 +89,7 @@ run: -v "`pwd`/test":/tmp/docker-mailserver-test \ -e ENABLE_CLAMAV=0 \ -e ENABLE_SPAMASSASSIN=0 \ - -e DMS_DEBUG=1 \ + -e DMS_DEBUG=0 \ -h mail.my-domain.com -t $(NAME) sleep 15 docker run -d --name mail_manual_ssl \ @@ -98,7 +98,7 @@ run: -e SSL_TYPE=manual \ -e SSL_CERT_PATH=/tmp/docker-mailserver/letsencrypt/mail.my-domain.com/fullchain.pem \ -e SSL_KEY_PATH=/tmp/docker-mailserver/letsencrypt/mail.my-domain.com/privkey.pem \ - -e DMS_DEBUG=1 \ + -e DMS_DEBUG=0 \ -h mail.my-domain.com -t $(NAME) sleep 15 docker run -d --name ldap_for_mail \ @@ -125,7 +125,7 @@ run: -e SASLAUTHD_LDAP_PASSWORD=admin \ -e SASLAUTHD_LDAP_SEARCH_BASE=ou=people,dc=localhost,dc=localdomain \ -e POSTMASTER_ADDRESS=postmaster@localhost.localdomain \ - -e DMS_DEBUG=1 \ + -e DMS_DEBUG=0 \ --link ldap_for_mail:ldap \ -h mail.my-domain.com -t $(NAME) sleep 15 @@ -136,7 +136,7 @@ run: -e SASLAUTHD_MECHANISMS=rimap \ -e SASLAUTHD_MECH_OPTIONS=127.0.0.1 \ -e POSTMASTER_ADDRESS=postmaster@localhost.localdomain \ - -e DMS_DEBUG=1 \ + -e DMS_DEBUG=0 \ -h mail.my-domain.com -t $(NAME) # Wait for containers to fully start sleep 15 @@ -146,7 +146,7 @@ run: -v "`pwd`/test":/tmp/docker-mailserver-test \ -e ENABLE_POSTFIX_VIRTUAL_TRANSPORT=1 \ -e POSTFIX_DAGENT=lmtp:127.0.0.1:24 \ - -e DMS_DEBUG=1 \ + -e DMS_DEBUG=0 \ -h mail.my-domain.com -t $(NAME) sleep 30 docker run -d --name mail_with_postgrey \ @@ -156,7 +156,7 @@ run: -e POSTGREY_DELAY=15 \ -e POSTGREY_MAX_AGE=35 \ -e POSTGREY_TEXT="Delayed by postgrey" \ - -e DMS_DEBUG=1 \ + -e DMS_DEBUG=0 \ -h mail.my-domain.com -t $(NAME) sleep 20 @@ -188,7 +188,7 @@ fixtures: docker exec mail_override_hostname /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-user1.txt" # Wait for mails to be analyzed - sleep 20 + sleep 40 tests: # Start tests diff --git a/setup.sh b/setup.sh index 3de6ae86..26da098c 100755 --- a/setup.sh +++ b/setup.sh @@ -7,7 +7,7 @@ INFO=$(docker ps \ --no-trunc \ --format="{{.Image}}\t{{.Names}}\t{{.Command}}" | \ - grep '/bin/sh -c /usr/local/bin/start-mailserver.sh') + grep "/bin/sh -c 'supervisord -c /etc/supervisor/supervisord.conf'") IMAGE_NAME=$(echo $INFO | awk '{print $1}') CONTAINER_NAME=$(echo $INFO | awk '{print $2}') diff --git a/target/fail2ban-wrapper.sh b/target/fail2ban-wrapper.sh new file mode 100644 index 00000000..f866a476 --- /dev/null +++ b/target/fail2ban-wrapper.sh @@ -0,0 +1,33 @@ +#!/usr/bin/env bash +# fail2ban-wrapper.sh, version 0.0.1 +# +# You cannot start fail2ban in some foreground mode and +# it's more or less important that docker doesn't kill +# fail2ban and its chilren if you stop the container. +# +# Use this script with supervisord and it will take +# care about starting and stopping fail2ban correctly. +# +# supervisord config snippet for fail2ban-wrapper: +# +# [program:fail2ban] +# process_name = fail2ban +# command = /path/to/fail2ban-wrapper.sh +# startsecs = 0 +# autorestart = false +# + +trap "/usr/bin/fail2ban-client stop" SIGINT +trap "/usr/bin/fail2ban-client stop" SIGTERM +trap "/usr/bin/fail2ban-client reload" SIGHUP + +# start fail2ban +/usr/bin/fail2ban-client start + +# lets give fail2ban some time to start +sleep 5 + +# wait until fail2ban is dead (triggered by trap) +while kill -0 "`cat /var/run/fail2ban/fail2ban.pid`"; do + sleep 5 +done \ No newline at end of file diff --git a/target/postfix-wrapper.sh b/target/postfix-wrapper.sh new file mode 100644 index 00000000..35caf190 --- /dev/null +++ b/target/postfix-wrapper.sh @@ -0,0 +1,33 @@ +#!/usr/bin/env bash +# postfix-wrapper.sh, version 0.1.0 +# +# You cannot start postfix in some foreground mode and +# it's more or less important that docker doesn't kill +# postfix and its chilren if you stop the container. +# +# Use this script with supervisord and it will take +# care about starting and stopping postfix correctly. +# +# supervisord config snippet for postfix-wrapper: +# +# [program:postfix] +# process_name = postfix +# command = /path/to/postfix-wrapper.sh +# startsecs = 0 +# autorestart = false +# + +trap "service postfix stop" SIGINT +trap "service postfix stop" SIGTERM +trap "service postfix reload" SIGHUP + +# start postfix +service postfix start + +# lets give postfix some time to start +sleep 5 + +# wait until postfix is dead (triggered by trap) +while kill -0 "`cat /var/spool/postfix/pid/master.pid`"; do + sleep 5 +done \ No newline at end of file diff --git a/target/start-mailserver.sh b/target/start-mailserver.sh index b3d8122c..d3976b12 100644 --- a/target/start-mailserver.sh +++ b/target/start-mailserver.sh @@ -349,7 +349,7 @@ function _check_hostname() { if ( ! echo $HOSTNAME | grep -E '^(\S+[.]\S+)$' > /dev/null ); then notify 'err' "Setting hostname/domainname is required" - return 1 + kill -6 `cat /var/run/supervisord.pid` && return 1 else notify 'inf' "Domain has been set to $DOMAINNAME" notify 'inf' "Hostname has been set to $HOSTNAME" @@ -383,7 +383,7 @@ function _setup_default_vars() { for var in ${!DEFAULT_VARS[@]}; do echo "export $var=${DEFAULT_VARS[$var]}" >> /root/.bashrc - [ $? != 0 ] && notify 'err' "Unable to set $var=${DEFAULT_VARS[$var]}" && return 1 + [ $? != 0 ] && notify 'err' "Unable to set $var=${DEFAULT_VARS[$var]}" && kill -15 `cat /var/run/supervisord.pid` && return 1 notify 'inf' "Set $var=${DEFAULT_VARS[$var]}" done } @@ -644,18 +644,6 @@ EOF -e "/^[^#].*smtpd_sasl_path.*/s/^/#/g" \ /etc/postfix/master.cf - sed -i \ - -e "s|^START=.*|START=yes|g" \ - -e "s|^MECHANISMS=.*|MECHANISMS="\"$SASLAUTHD_MECHANISMS\""|g" \ - -e "s|^MECH_OPTIONS=.*|MECH_OPTIONS="\"$SASLAUTHD_MECH_OPTIONS\""|g" \ - /etc/default/saslauthd - - if [ "$SASLAUTHD_MECHANISMS" = rimap ]; then - sed -i \ - -e 's|^OPTIONS="|OPTIONS="-r |g' \ - /etc/default/saslauthd - fi - sed -i \ -e "/smtpd_sasl_path =.*/d" \ -e "/smtpd_sasl_type =.*/d" \ @@ -860,7 +848,7 @@ function _setup_postfix_virtual_transport() { [ -z "${POSTFIX_DAGENT}" ] && \ echo "${POSTFIX_DAGENT} not set." && \ - return 1 + kill -15 `cat /var/run/supervisord.pid` && return 1 postconf -e "virtual_transport = ${POSTFIX_DAGENT}" } @@ -1124,7 +1112,7 @@ function start_daemons() { function _start_daemons_cron() { notify 'task' 'Starting cron' 'n' - display_startup_daemon "cron" + supervisorctl start cron } function _start_daemons_rsyslog() { @@ -1134,7 +1122,7 @@ function _start_daemons_rsyslog() { function _start_daemons_saslauthd() { notify 'task' 'Starting saslauthd' 'n' - display_startup_daemon "/etc/init.d/saslauthd start" + supervisorctl start "saslauthd_${SASLAUTHD_MECHANISMS}" } function _start_daemons_fail2ban() { @@ -1159,13 +1147,13 @@ function _start_daemons_opendmarc() { function _start_daemons_postfix() { notify 'task' 'Starting postfix' 'n' - display_startup_daemon "/etc/init.d/postfix start" + supervisorctl start postfix } function _start_daemons_dovecot() { # Here we are starting sasl and imap, not pop3 because it's disabled by default - notify 'task' 'Starting dovecot services' 'n' + notify 'task' 'Starting dovecot services' 'n' if [ "$ENABLE_POP3" = 1 ]; then notify 'task' 'Starting pop3 services' 'n' @@ -1177,7 +1165,6 @@ function _start_daemons_dovecot() { cp /tmp/docker-mailserver/dovecot.cf /etc/dovecot/local.conf # /usr/sbin/dovecot reload fi - supervisorctl start dovecot @@ -1199,7 +1186,7 @@ function _start_daemons_filebeat() { function _start_daemons_fetchmail() { notify 'task' 'Starting fetchmail' 'n' /usr/local/bin/setup-fetchmail - display_startup_daemon "/etc/init.d/fetchmail start" + supervisorctl start fetchmail } function _start_daemons_clamav() { @@ -1251,8 +1238,6 @@ notify 'taskgrp' "#" notify 'taskgrp' "#" notify 'taskgrp' "" -supervisord -c /etc/supervisor/supervisord.conf - register_functions check diff --git a/target/supervisor/saslauth.conf b/target/supervisor/saslauth.conf new file mode 100644 index 00000000..43e1ab84 --- /dev/null +++ b/target/supervisor/saslauth.conf @@ -0,0 +1,44 @@ +[program:saslauthd_ldap] +startsecs=0 +autostart=false +autorestart=true +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +command=/usr/sbin/saslauthd -d -a ldap -O /etc/saslauthd.conf +pidfile=/var/run/saslauthd/saslauthd.pid + +[program:saslauthd_mysql] +startsecs=0 +autostart=false +autorestart=true +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +command=/usr/sbin/saslauthd -d -a mysql -O %(ENV_SASLAUTHD_MECH_OPTIONS)s +pidfile=/var/run/saslauthd/saslauthd.pid + +[program:saslauthd_pam] +startsecs=0 +autostart=false +autorestart=true +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +command=/usr/sbin/saslauthd -d -a pam -O %(ENV_SASLAUTHD_MECH_OPTIONS)s +pidfile=/var/run/saslauthd/saslauthd.pid + +[program:saslauthd_rimap] +startsecs=0 +autostart=false +autorestart=true +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +command=/usr/sbin/saslauthd -d -a rimap -r -O %(ENV_SASLAUTHD_MECH_OPTIONS)s +pidfile=/var/run/saslauthd/saslauthd.pid + +[program:saslauthd_shadow] +startsecs=0 +autostart=false +autorestart=true +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +command=/usr/sbin/saslauthd -d -a shadow -O %(ENV_SASLAUTHD_MECH_OPTIONS)s +pidfile=/var/run/saslauthd/saslauthd.pid \ No newline at end of file diff --git a/target/supervisor/supervisor-app.conf b/target/supervisor/supervisor-app.conf index c879654b..14403add 100644 --- a/target/supervisor/supervisor-app.conf +++ b/target/supervisor/supervisor-app.conf @@ -4,112 +4,112 @@ # Programs can be controlled like this: 'supervisorctl start fail2ban' 'supervisorctl stop fail2ban' # supervisor writes program statuses in /var/log/supervisor +[supervisord] +nodaemon=true + +[program:mailserver] +startsecs=0 +autostart=true +autorestart=false +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 +command=/usr/local/bin/start-mailserver.sh + +[program:cron] +startsecs=0 +autostart=false +autorestart=true +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +command=/usr/sbin/cron -f + [program:rsyslog] startsecs=0 autostart=false autorestart=true -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 -command = /usr/sbin/rsyslogd -n +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +command=/usr/sbin/rsyslogd -n [program:fail2ban] startsecs=0 autostart=false autorestart=true -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 -command = /usr/bin/fail2ban-server -f +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +command=/usr/local/bin/fail2ban-wrapper.sh [program:opendkim] startsecs=0 autostart=false autorestart=true -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 -command = /usr/sbin/opendkim -f +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +command=/usr/sbin/opendkim -f [program:opendmarc] startsecs=0 autostart=false autorestart=true -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 -command = /usr/sbin/opendmarc -f -p "inet:8893@localhost" +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +command=/usr/sbin/opendmarc -f -p "inet:8893@localhost" -P /var/run/opendmarc/opendmarc.pid [program:dovecot] startsecs=0 autostart=false autorestart=true -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 -command = /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +command=/usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf [program:filebeat] startsecs=0 autostart=false autorestart=true -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 -command = /usr/bin/filebeat -c /etc/filebeat/filebeat.yml +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +command=/usr/bin/filebeat -c /etc/filebeat/filebeat.yml [program:clamav] startsecs=0 autostart=false autorestart=true -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 -command = /usr/sbin/clamd -c /etc/clamav/clamd.conf +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +command=/usr/sbin/clamd -c /etc/clamav/clamd.conf [program:postgrey] startsecs=0 autostart=false autorestart=true -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 -command = /usr/sbin/postgrey --inet=127.0.0.1:10023 +stdout_logfile=/var/log/mail/mail.log +stderr_logfile=/var/log/mail/mail.log +command=/usr/sbin/postgrey --inet=127.0.0.1:10023 --syslog-facility=mail --delay=%(ENV_POSTGREY_DELAY)s --max-age=%(ENV_POSTGREY_MAX_AGE)s --greylist-text="%(ENV_POSTGREY_TEXT)s" [program:amavis] startsecs=0 autostart=false autorestart=true -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 -command = /usr/sbin/amavisd-new foreground +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +command=/usr/sbin/amavisd-new foreground +[program:fetchmail] +startsecs=0 +autostart=false +autorestart=true +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +user=fetchmail +command=/usr/bin/fetchmail -f /etc/fetchmailrc -v --nodetach --daemon 300 -i /var/lib/fetchmail/.fetchmail-UIDL-cache --pidfile /var/run/fetchmail/fetchmail.pid -# Couldn't figure out how to run these in the foreground. We'll start them without supervisor. -#[program:fetchmail] -#startsecs=0 -#autostart=false -#autorestart=true -#command = /usr/bin/fetchmail - -#[program:postfix] -#startsecs=0 -#autostart=false -#autorestart=true -#command = /etc/init.d/postfix start - -#[program:saslauthd] -#startsecs=0 -#autostart=false -#autorestart=true -#command = /etc/init.d/saslauthd start +[program:postfix] +startsecs=0 +autostart=false +autorestart=true +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +command=/usr/local/bin/postfix-wrapper.sh \ No newline at end of file diff --git a/test/tests.bats b/test/tests.bats index 6815c62d..660532f8 100644 --- a/test/tests.bats +++ b/test/tests.bats @@ -111,56 +111,6 @@ load 'test_helper/bats-assert/load' assert_success } -@test "checking process: saslauthd (saslauthd server enabled)" { - run docker exec mail_with_imap /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/sbin/saslauthd'" - assert_success -} - -# -# supervisor -# - -# - -@test "checking restart of process: clamd" { - run docker exec mail /bin/bash -c "pkill -f clamav && sleep 5 && ps aux --forest | grep -v grep | grep '/usr/sbin/clamd'" - assert_success -} - -@test "checking process: new" { - run docker exec mail /bin/bash -c "pkill -f amavis && sleep 5 && ps aux --forest | grep -v grep | grep '/usr/sbin/amavisd-new'" - assert_success -} - -@test "checking process: opendkim" { - run docker exec mail /bin/bash -c "pkill -f opendkim && sleep 5 && ps aux --forest | grep -v grep | grep '/usr/sbin/opendkim'" - assert_success -} - -@test "checking process: opendmarc" { - run docker exec mail /bin/bash -c "pkill -f opendmarc && sleep 5 && ps aux --forest | grep -v grep | grep '/usr/sbin/opendmarc'" - assert_success -} - -@test "checking process: fail2ban (fail2ban server enabled)" { - run docker exec mail_fail2ban /bin/bash -c "pkill -f fail2ban && sleep 5 && ps aux --forest | grep -v grep | grep '/usr/bin/python3 /usr/bin/fail2ban-server'" - assert_success -} - -# - -@test "checking process: clamav (clamav disabled by ENABLED_CLAMAV=0)" { - run docker exec mail_disabled_clamav_spamassassin /bin/bash -c "pkill -f clamd && sleep 5 && ps aux --forest | grep -v grep | grep '/usr/sbin/clamd'" - assert_failure -} - -@test "checking process: saslauthd (saslauthd server enabled)" { - run docker exec mail_with_ldap /bin/bash -c "pkill -f saslauthd && sleep 5 && ps aux --forest | grep -v grep | grep '/usr/sbin/saslauthd'" - assert_success -} - -# - # # postgrey @@ -1233,3 +1183,53 @@ load 'test_helper/bats-assert/load' assert_success assert_output 0 } + + +# +# supervisor +# + +@test "checking restart of process: postfix" { + run docker exec mail /bin/bash -c "pkill master && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/lib/postfix/sbin/master'" + assert_success +} + +@test "checking restart of process: clamd" { + run docker exec mail /bin/bash -c "pkill clamd && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/sbin/clamd'" + assert_success +} + +@test "checking restart of process: amavisd-new" { + run docker exec mail /bin/bash -c "pkill amavi && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/sbin/amavisd-new (master)'" + assert_success +} + +@test "checking restart of process: opendkim" { + run docker exec mail /bin/bash -c "pkill opendkim && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/sbin/opendkim'" + assert_success +} + +@test "checking restart of process: opendmarc" { + run docker exec mail /bin/bash -c "pkill opendmarc && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/sbin/opendmarc'" + assert_success +} + +@test "checking restart of process: fail2ban (fail2ban server enabled)" { + run docker exec mail_fail2ban /bin/bash -c "pkill fail2ban && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/bin/python3 /usr/bin/fail2ban-server'" + assert_success +} + +@test "checking restart of process: fetchmail" { + run docker exec mail_fetchmail /bin/bash -c "pkill fetchmail && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/bin/fetchmail'" + assert_success +} + +@test "checking restart of process: clamav (clamav disabled by ENABLED_CLAMAV=0)" { + run docker exec mail_disabled_clamav_spamassassin /bin/bash -c "pkill -f clamd && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/sbin/clamd'" + assert_failure +} + +@test "checking restart of process: saslauthd (saslauthd server enabled)" { + run docker exec mail_with_ldap /bin/bash -c "pkill saslauthd && sleep 10 && ps aux --forest | grep -v grep | grep '/usr/sbin/saslauthd'" + assert_success +} \ No newline at end of file