From dfc2b3930871a3a04d7a13816588e4554c36319d Mon Sep 17 00:00:00 2001 From: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com> Date: Tue, 28 Feb 2023 10:25:23 +0100 Subject: [PATCH] scripts: housekeeping & cleanup setup (2/2) (#3123) --- target/bin/debug-fetchmail | 2 +- target/scripts/start-mailserver.sh | 30 ++-- target/scripts/startup/daemons-stack.sh | 35 +---- target/scripts/startup/setup-stack.sh | 30 ++-- target/scripts/startup/setup.d/dovecot.sh | 11 +- target/scripts/startup/setup.d/fetchmail.sh | 148 +++++++++++--------- target/scripts/startup/setup.d/postfix.sh | 5 +- target/scripts/startup/variables-stack.sh | 51 +++---- 8 files changed, 152 insertions(+), 160 deletions(-) diff --git a/target/bin/debug-fetchmail b/target/bin/debug-fetchmail index f1e7051f..7e267184 100755 --- a/target/bin/debug-fetchmail +++ b/target/bin/debug-fetchmail @@ -5,7 +5,7 @@ source /usr/local/bin/helpers/log.sh # shellcheck source=../scripts/startup/setup.d/fetchmail.sh source /usr/local/bin/setup.d/fetchmail.sh -_setup_fetchmail +ENABLE_FETCHMAIL=1 _setup_fetchmail su -s /bin/sh -c "/usr/bin/fetchmail \ --verbose \ diff --git a/target/scripts/start-mailserver.sh b/target/scripts/start-mailserver.sh index ec5e8a65..6ba91cad 100755 --- a/target/scripts/start-mailserver.sh +++ b/target/scripts/start-mailserver.sh @@ -24,15 +24,6 @@ source /usr/local/bin/daemons-stack.sh # ------------------------------------------------------------ # ? << Sourcing helpers & stacks # -- -# ? >> Early setup & environment variables setup -# ------------------------------------------------------------ - -_early_setup_supervisor -_early_variables_setup - -# ------------------------------------------------------------ -# ? << Early setup & environment variables setup -# -- # ? >> Registering functions # ------------------------------------------------------------ @@ -82,8 +73,8 @@ function _register_functions _register_setup_function '_setup_saslauthd' fi - [[ ${POSTFIX_INET_PROTOCOLS} != 'all' ]] && _register_setup_function '_setup_postfix_inet_protocols' - [[ ${DOVECOT_INET_PROTOCOLS} != 'all' ]] && _register_setup_function '_setup_dovecot_inet_protocols' + _register_setup_function '_setup_postfix_inet_protocols' + _register_setup_function '_setup_dovecot_inet_protocols' _register_setup_function '_setup_opendkim' _register_setup_function '_setup_opendmarc' # must come after `_setup_opendkim` @@ -103,14 +94,10 @@ function _register_functions _register_setup_function '_setup_postfix_vhost' _register_setup_function '_setup_postfix_dhparam' _register_setup_function '_setup_postfix_sizelimits' + _register_setup_function '_setup_fetchmail' + _register_setup_function '_setup_fetchmail_parallel' # needs to come after _setup_postfix_aliases - - if [[ ${ENABLE_FETCHMAIL} -eq 1 ]] - then - _register_setup_function '_setup_fetchmail' - [[ ${FETCHMAIL_PARALLEL} -eq 1 ]] && _register_setup_function '_setup_fetchmail_parallel' - fi _register_setup_function '_setup_spoof_protection' if [[ ${ENABLE_SRS} -eq 1 ]] @@ -121,9 +108,7 @@ function _register_functions _register_setup_function '_setup_postfix_access_control' _register_setup_function '_setup_postfix_relay_hosts' - - [[ -n ${POSTFIX_DAGENT} ]] && _register_setup_function '_setup_postfix_virtual_transport' - + _register_setup_function '_setup_postfix_virtual_transport' _register_setup_function '_setup_postfix_override_configuration' _register_setup_function '_setup_logrotate' _register_setup_function '_setup_mail_summary' @@ -174,13 +159,16 @@ function _register_functions # ? >> Executing all stacks / actual start of DMS # ------------------------------------------------------------ +_early_supervisor_setup +_early_variables_setup + _log 'info' "Welcome to docker-mailserver $(&2 + _log 'error' "${RESULT}" dms_panic__fail_init "${1}" fi } -function _start_daemon_changedetector { _default_start_daemon 'changedetector' ; } function _start_daemon_amavis { _default_start_daemon 'amavis' ; } +function _start_daemon_changedetector { _default_start_daemon 'changedetector' ; } function _start_daemon_clamav { _default_start_daemon 'clamav' ; } function _start_daemon_cron { _default_start_daemon 'cron' ; } +function _start_daemon_dovecot { _default_start_daemon 'dovecot' ; } +function _start_daemon_fail2ban { _default_start_daemon 'fail2ban' ; } function _start_daemon_opendkim { _default_start_daemon 'opendkim' ; } function _start_daemon_opendmarc { _default_start_daemon 'opendmarc' ; } +function _start_daemon_postgrey { _default_start_daemon 'postgrey' ; } function _start_daemon_postsrsd { _default_start_daemon 'postsrsd' ; } +function _start_daemon_redis { _default_start_daemon 'redis' ; } +function _start_daemon_rspamd { _default_start_daemon 'rspamd' ; } function _start_daemon_rsyslog { _default_start_daemon 'rsyslog' ; } function _start_daemon_update_check { _default_start_daemon 'update-check' ; } -function _start_daemon_rspamd { _default_start_daemon 'rspamd' ; } -function _start_daemon_redis { _default_start_daemon 'redis' ; } function _start_daemon_saslauthd { @@ -56,30 +59,6 @@ function _start_daemon_postfix _default_start_daemon 'postfix' } -function _start_daemon_postgrey -{ - rm -f /var/run/postgrey/postgrey.pid - _default_start_daemon 'postgrey' -} - -function _start_daemon_fail2ban -{ - _default_start_daemon 'fail2ban' -} - -function _start_daemon_dovecot -{ - if [[ ${ENABLE_POP3} -eq 1 ]] - then - _log 'debug' 'Enabling POP3 services' - mv /etc/dovecot/protocols.d/pop3d.protocol.disab /etc/dovecot/protocols.d/pop3d.protocol - fi - - [[ -f /tmp/docker-mailserver/dovecot.cf ]] && cp /tmp/docker-mailserver/dovecot.cf /etc/dovecot/local.conf - - _default_start_daemon 'dovecot' -} - function _start_daemon_fetchmail { if [[ ${FETCHMAIL_PARALLEL} -eq 1 ]] diff --git a/target/scripts/startup/setup-stack.sh b/target/scripts/startup/setup-stack.sh index 374fedaf..679c2b22 100644 --- a/target/scripts/startup/setup-stack.sh +++ b/target/scripts/startup/setup-stack.sh @@ -28,7 +28,7 @@ function _setup _prepare_for_change_detection } -function _early_setup_supervisor +function _early_supervisor_setup { SUPERVISOR_LOGLEVEL="${SUPERVISOR_LOGLEVEL:-warn}" @@ -78,19 +78,6 @@ function _setup_file_permissions chmod 640 /var/log/mail/freshclam.log } -function _setup_run_user_patches -{ - local USER_PATCHES='/tmp/docker-mailserver/user-patches.sh' - - if [[ -f ${USER_PATCHES} ]] - then - _log 'debug' 'Applying user patches' - /bin/bash "${USER_PATCHES}" - else - _log 'trace' "No optional '${USER_PATCHES}' provided" - fi -} - function _setup_timezone { [[ -n ${TZ} ]] || return 0 @@ -113,11 +100,26 @@ function _setup_timezone return 1 fi } + function _setup_apply_fixes_after_configuration { _log 'trace' 'Removing leftover PID files from a stop/start' find /var/run/ -not -name 'supervisord.pid' -name '*.pid' -delete touch /dev/shm/supervisor.sock + _log 'debug' 'Checking /var/mail permissions' _chown_var_mail_if_necessary || _shutdown 'Failed to fix /var/mail permissions' } + +function _run_user_patches +{ + local USER_PATCHES='/tmp/docker-mailserver/user-patches.sh' + + if [[ -f ${USER_PATCHES} ]] + then + _log 'debug' 'Applying user patches' + /bin/bash "${USER_PATCHES}" + else + _log 'trace' "No optional '${USER_PATCHES}' provided" + fi +} diff --git a/target/scripts/startup/setup.d/dovecot.sh b/target/scripts/startup/setup.d/dovecot.sh index 175ba370..478610c5 100644 --- a/target/scripts/startup/setup.d/dovecot.sh +++ b/target/scripts/startup/setup.d/dovecot.sh @@ -87,6 +87,14 @@ function _setup_dovecot chown docker:docker -R /usr/lib/dovecot/sieve* chmod 550 -R /usr/lib/dovecot/sieve* chmod -f +x /usr/lib/dovecot/sieve-pipe/* + + if [[ ${ENABLE_POP3} -eq 1 ]] + then + _log 'debug' 'Enabling POP3 services' + mv /etc/dovecot/protocols.d/pop3d.protocol.disab /etc/dovecot/protocols.d/pop3d.protocol + fi + + [[ -f /tmp/docker-mailserver/dovecot.cf ]] && cp /tmp/docker-mailserver/dovecot.cf /etc/dovecot/local.conf } @@ -184,10 +192,11 @@ function _setup_dovecot_local_user function _setup_dovecot_inet_protocols { - local PROTOCOL + [[ ${DOVECOT_INET_PROTOCOLS} == 'all' ]] && return 0 _log 'trace' 'Setting up DOVECOT_INET_PROTOCOLS option' + local PROTOCOL # https://dovecot.org/doc/dovecot-example.conf if [[ ${DOVECOT_INET_PROTOCOLS} == "ipv4" ]] then diff --git a/target/scripts/startup/setup.d/fetchmail.sh b/target/scripts/startup/setup.d/fetchmail.sh index d17a9d4c..97b4aa99 100644 --- a/target/scripts/startup/setup.d/fetchmail.sh +++ b/target/scripts/startup/setup.d/fetchmail.sh @@ -2,87 +2,94 @@ function _setup_fetchmail { - _log 'trace' 'Preparing Fetchmail configuration' - - local CONFIGURATION FETCHMAILRC - - CONFIGURATION='/tmp/docker-mailserver/fetchmail.cf' - FETCHMAILRC='/etc/fetchmailrc' - - if [[ -f ${CONFIGURATION} ]] + if [[ ${ENABLE_FETCHMAIL} -eq 1 ]] then - cat /etc/fetchmailrc_general "${CONFIGURATION}" >"${FETCHMAILRC}" - else - cat /etc/fetchmailrc_general >"${FETCHMAILRC}" - fi + _log 'trace' 'Enabling and configuring Fetchmail' - chmod 700 "${FETCHMAILRC}" - chown fetchmail:root "${FETCHMAILRC}" + local CONFIGURATION FETCHMAILRC + + CONFIGURATION='/tmp/docker-mailserver/fetchmail.cf' + FETCHMAILRC='/etc/fetchmailrc' + + if [[ -f ${CONFIGURATION} ]] + then + cat /etc/fetchmailrc_general "${CONFIGURATION}" >"${FETCHMAILRC}" + else + cat /etc/fetchmailrc_general >"${FETCHMAILRC}" + fi + + chmod 700 "${FETCHMAILRC}" + chown fetchmail:root "${FETCHMAILRC}" + else + _log 'debug' 'Fetchmail is disabled' + fi } function _setup_fetchmail_parallel { - _log 'trace' 'Setting up Fetchmail parallel' - mkdir /etc/fetchmailrc.d/ + if [[ ${FETCHMAIL_PARALLEL} -eq 1 ]] + then + _log 'trace' 'Enabling and configuring Fetchmail parallel' + mkdir /etc/fetchmailrc.d/ - # Split the content of /etc/fetchmailrc into - # smaller fetchmailrc files per server [poll] entries. Each - # separate fetchmailrc file is stored in /etc/fetchmailrc.d - # - # The sole purpose for this is to work around what is known - # as the Fetchmail IMAP idle issue. - function _fetchmailrc_split - { - local FETCHMAILRC='/etc/fetchmailrc' - local FETCHMAILRCD='/etc/fetchmailrc.d' - local DEFAULT_FILE="${FETCHMAILRCD}/defaults" + # Split the content of /etc/fetchmailrc into + # smaller fetchmailrc files per server [poll] entries. Each + # separate fetchmailrc file is stored in /etc/fetchmailrc.d + # + # The sole purpose for this is to work around what is known + # as the Fetchmail IMAP idle issue. + function _fetchmailrc_split + { + local FETCHMAILRC='/etc/fetchmailrc' + local FETCHMAILRCD='/etc/fetchmailrc.d' + local DEFAULT_FILE="${FETCHMAILRCD}/defaults" - if [[ ! -r ${FETCHMAILRC} ]] - then - _log 'warn' "File '${FETCHMAILRC}' not found" - return 1 - fi - - if [[ ! -d ${FETCHMAILRCD} ]] - then - if ! mkdir "${FETCHMAILRCD}" + if [[ ! -r ${FETCHMAILRC} ]] then - _log 'warn' "Unable to create folder '${FETCHMAILRCD}'" + _log 'warn' "File '${FETCHMAILRC}' not found" return 1 fi - fi - local COUNTER=0 SERVER=0 - while read -r LINE - do - if [[ ${LINE} =~ poll ]] + if [[ ! -d ${FETCHMAILRCD} ]] then - # If we read "poll" then we reached a new server definition - # We need to create a new file with fetchmail defaults from - # /etc/fetcmailrc - COUNTER=$(( COUNTER + 1 )) - SERVER=1 - cat "${DEFAULT_FILE}" >"${FETCHMAILRCD}/fetchmail-${COUNTER}.rc" - echo "${LINE}" >>"${FETCHMAILRCD}/fetchmail-${COUNTER}.rc" - elif [[ ${SERVER} -eq 0 ]] - then - # We have not yet found "poll". Let's assume we are still reading - # the default settings from /etc/fetchmailrc file - echo "${LINE}" >>"${DEFAULT_FILE}" - else - # Just the server settings that need to be added to the specific rc.d file - echo "${LINE}" >>"${FETCHMAILRCD}/fetchmail-${COUNTER}.rc" + if ! mkdir "${FETCHMAILRCD}" + then + _log 'warn' "Unable to create folder '${FETCHMAILRCD}'" + return 1 + fi fi - done < <(_get_valid_lines_from_file "${FETCHMAILRC}") - rm "${DEFAULT_FILE}" - } + local COUNTER=0 SERVER=0 + while read -r LINE + do + if [[ ${LINE} =~ poll ]] + then + # If we read "poll" then we reached a new server definition + # We need to create a new file with fetchmail defaults from + # /etc/fetcmailrc + COUNTER=$(( COUNTER + 1 )) + SERVER=1 + cat "${DEFAULT_FILE}" >"${FETCHMAILRCD}/fetchmail-${COUNTER}.rc" + echo "${LINE}" >>"${FETCHMAILRCD}/fetchmail-${COUNTER}.rc" + elif [[ ${SERVER} -eq 0 ]] + then + # We have not yet found "poll". Let's assume we are still reading + # the default settings from /etc/fetchmailrc file + echo "${LINE}" >>"${DEFAULT_FILE}" + else + # Just the server settings that need to be added to the specific rc.d file + echo "${LINE}" >>"${FETCHMAILRCD}/fetchmail-${COUNTER}.rc" + fi + done < <(_get_valid_lines_from_file "${FETCHMAILRC}") - _fetchmailrc_split + rm "${DEFAULT_FILE}" + } - local COUNTER=0 - for RC in /etc/fetchmailrc.d/fetchmail-*.rc - do + _fetchmailrc_split + + local COUNTER=0 + for RC in /etc/fetchmailrc.d/fetchmail-*.rc + do COUNTER=$(( COUNTER + 1 )) cat >"/etc/supervisor/conf.d/fetchmail-${COUNTER}.conf" << EOF [program:fetchmail-${COUNTER}] @@ -94,10 +101,13 @@ stderr_logfile=/var/log/supervisor/%(program_name)s.log user=fetchmail command=/usr/bin/fetchmail -f ${RC} -v --nodetach --daemon %(ENV_FETCHMAIL_POLL)s -i /var/lib/fetchmail/.fetchmail-UIDL-cache --pidfile /var/run/fetchmail/%(program_name)s.pid EOF - chmod 700 "${RC}" - chown fetchmail:root "${RC}" - done + chmod 700 "${RC}" + chown fetchmail:root "${RC}" + done - supervisorctl reread - supervisorctl update + supervisorctl reread + supervisorctl update + else + _log 'debug' 'Fetchmail parallel is disabled' + fi } diff --git a/target/scripts/startup/setup.d/postfix.sh b/target/scripts/startup/setup.d/postfix.sh index 61917a43..0f1c7c58 100644 --- a/target/scripts/startup/setup.d/postfix.sh +++ b/target/scripts/startup/setup.d/postfix.sh @@ -62,13 +62,16 @@ function _setup_postfix_vhost function _setup_postfix_inet_protocols { + [[ ${POSTFIX_INET_PROTOCOLS} == 'all' ]] && return 0 + _log 'trace' 'Setting up POSTFIX_INET_PROTOCOLS option' postconf "inet_protocols = ${POSTFIX_INET_PROTOCOLS}" } - function _setup_postfix_virtual_transport { + [[ -z ${POSTFIX_DAGENT} ]] && return 0 + _log 'trace' "Changing Postfix virtual transport to '${POSTFIX_DAGENT}'" # Default value in main.cf should be 'lmtp:unix:/var/run/dovecot/lmtp' postconf "virtual_transport = ${POSTFIX_DAGENT}" diff --git a/target/scripts/startup/variables-stack.sh b/target/scripts/startup/variables-stack.sh index bfff1c1c..bb0a197f 100644 --- a/target/scripts/startup/variables-stack.sh +++ b/target/scripts/startup/variables-stack.sh @@ -6,14 +6,14 @@ declare -A VARS function _early_variables_setup { _obtain_hostname_and_domainname - _environment_variables_backwards_compatibility - _environment_variables_general_setup + __environment_variables_backwards_compatibility + __environment_variables_general_setup } # This function handles variables that are deprecated. This allows a # smooth transition period, without the need of removing a variable # completely with a single version. -function _environment_variables_backwards_compatibility +function __environment_variables_backwards_compatibility { if [[ ${ENABLE_LDAP:-0} -eq 1 ]] then @@ -30,31 +30,10 @@ function _environment_variables_backwards_compatibility # fi } -# This function Writes the contents of the `VARS` map (associative array) -# to locations where they can be sourced from (e.g. `/etc/dms-settings`) -# or where they can be used by Bash directly (e.g. `/root/.bashrc`). -function _environment_variables_export -{ - _log 'debug' "Exporting environment variables now (creating '/etc/dms-settings')" - - : >/root/.bashrc # make DMS variables available in login shells and their subprocesses - : >/etc/dms-settings # this file can be sourced by other scripts - - local VAR - for VAR in "${!VARS[@]}" - do - echo "export ${VAR}='${VARS[${VAR}]}'" >>/root/.bashrc - echo "${VAR}='${VARS[${VAR}]}'" >>/etc/dms-settings - done - - sort -o /root/.bashrc /root/.bashrc - sort -o /etc/dms-settings /etc/dms-settings -} - # This function sets almost all environment variables. This involves setting # a default if no value was provided and writing the variable and its value # to the VARS map. -function _environment_variables_general_setup +function __environment_variables_general_setup { _log 'debug' 'Handling general environment variable setup' @@ -125,6 +104,7 @@ function _environment_variables_general_setup VARS[POSTFIX_INET_PROTOCOLS]="${POSTFIX_INET_PROTOCOLS:=all}" VARS[POSTFIX_MAILBOX_SIZE_LIMIT]="${POSTFIX_MAILBOX_SIZE_LIMIT:=0}" VARS[POSTFIX_MESSAGE_SIZE_LIMIT]="${POSTFIX_MESSAGE_SIZE_LIMIT:=10240000}" # ~10 MB + VARS[POSTFIX_DAGENT]="${POSTFIX_DAGENT:=}" _log 'trace' 'Setting miscellaneous environment variables' @@ -217,3 +197,24 @@ function _environment_variables_saslauthd VARS[SASLAUTHD_LDAP_MECH]="${SASLAUTHD_LDAP_MECH}" fi } + +# This function Writes the contents of the `VARS` map (associative array) +# to locations where they can be sourced from (e.g. `/etc/dms-settings`) +# or where they can be used by Bash directly (e.g. `/root/.bashrc`). +function _environment_variables_export +{ + _log 'debug' "Exporting environment variables now (creating '/etc/dms-settings')" + + : >/root/.bashrc # make DMS variables available in login shells and their subprocesses + : >/etc/dms-settings # this file can be sourced by other scripts + + local VAR + for VAR in "${!VARS[@]}" + do + echo "export ${VAR}='${VARS[${VAR}]}'" >>/root/.bashrc + echo "${VAR}='${VARS[${VAR}]}'" >>/etc/dms-settings + done + + sort -o /root/.bashrc /root/.bashrc + sort -o /etc/dms-settings /etc/dms-settings +}