mirror of
https://github.com/docker-mailserver/docker-mailserver
synced 2024-05-23 19:06:05 +02:00
5254f7c658
Removes duplicate logic from `check-for-changes.sh` that is used/maintained elsewhere to avoid risk of problems, as this code is already starting to diverge / rot. --- Previously the change detection support has had code added for rebuilding config upon change detection which is the same as code run during startup scripts. Unfortunately over time this has fallen out of sync. Mostly the startup scripts would get maintenance and the contributor and reviewers may not have been aware of the duplicate code handled by `check-for-changes.sh`. That code was starting to diverge in addition to some changes in structure (_eg: relay host logic seems interleaved here vs separated out in startup scripts_). I wanted to address this before it risks becoming a much bigger headache. Rather than bloat `helper-functions.sh` further, I've added a `helpers/` folder extracting relevant common logic between startup scripts and `changedetector`. If you want to follow that process I've kept scoped commits to make those diffs easier. Some minor changes/improvements were added but nothing significant. --- - chore: Extract relay host logic to new `relay.sh` helper - chore: Extract `/etc/postfix/sasl_passwd` logic to new `sasl.sh` helper - chore: Extract `postfix-accounts.cf` logic to new `accounts.sh` helper - chore: Extract `/etc/aliases` logic to new `aliases.sh` helper - chore: Extract `/etc/postfix/vhost` logic to new `postfix.sh` helper - chore: Add inline docs for Postfix configs > These are possibly more verbose than needed and can be reduced at a later stage. > They are helpful during this refactor process while investigating that everything is handled correctly. `accounts.sh`: - Add note regarding potential bug for bare domain setups with `/etc/postfix/vhost` and `mydestination` sharing same domain value. `relay.sh`: - Remove the tabs for a single space delimiter, revised associated comment. - Add PR reference for original `_populate_relayhost_map` implementation which has some useful details. Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com> Co-authored-by: Casper <casperklein@users.noreply.github.com>
137 lines
4.2 KiB
Bash
Executable File
137 lines
4.2 KiB
Bash
Executable File
#! /bin/bash
|
|
# Support for Relay Hosts
|
|
|
|
function _relayhost_default_port_fallback
|
|
{
|
|
RELAY_PORT=${RELAY_PORT:-25}
|
|
}
|
|
|
|
# setup /etc/postfix/sasl_passwd
|
|
# --
|
|
# @domain1.com postmaster@domain1.com:your-password-1
|
|
# @domain2.com postmaster@domain2.com:your-password-2
|
|
# @domain3.com postmaster@domain3.com:your-password-3
|
|
#
|
|
# [smtp.mailgun.org]:587 postmaster@domain2.com:your-password-2
|
|
function _relayhost_sasl
|
|
{
|
|
if [[ ! -f /tmp/docker-mailserver/postfix-sasl-password.cf ]] && [[ -z ${RELAY_USER} || -z ${RELAY_PASSWORD} ]]
|
|
then
|
|
_notify 'warn' "No relay auth file found and no default set"
|
|
return 1
|
|
fi
|
|
|
|
if [[ -f /tmp/docker-mailserver/postfix-sasl-password.cf ]]
|
|
then
|
|
_notify 'inf' "Adding relay authentication from postfix-sasl-password.cf"
|
|
|
|
# add domain-specific auth from config file:
|
|
while read -r LINE
|
|
do
|
|
if ! _strip_comments "${LINE}"
|
|
then
|
|
echo "${LINE}" >> /etc/postfix/sasl_passwd
|
|
fi
|
|
done < /tmp/docker-mailserver/postfix-sasl-password.cf
|
|
fi
|
|
|
|
# add default relay
|
|
if [[ -n ${RELAY_USER} ]] && [[ -n ${RELAY_PASSWORD} ]]
|
|
then
|
|
# white-space separates value pairs (any length is valid)
|
|
echo "[${RELAY_HOST}]:${RELAY_PORT} ${RELAY_USER}:${RELAY_PASSWORD}" >> /etc/postfix/sasl_passwd
|
|
fi
|
|
|
|
_sasl_set_passwd_permissions
|
|
}
|
|
|
|
# Introduced by: https://github.com/docker-mailserver/docker-mailserver/pull/1596
|
|
# setup /etc/postfix/relayhost_map
|
|
# --
|
|
# @domain1.com [smtp.mailgun.org]:587
|
|
# @domain2.com [smtp.mailgun.org]:587
|
|
# @domain3.com [smtp.mailgun.org]:587
|
|
function _populate_relayhost_map
|
|
{
|
|
# Create the relayhost_map config file:
|
|
: >/etc/postfix/relayhost_map
|
|
chown root:root /etc/postfix/relayhost_map
|
|
chmod 0600 /etc/postfix/relayhost_map
|
|
|
|
if [[ -f /tmp/docker-mailserver/postfix-relaymap.cf ]]
|
|
then
|
|
_notify 'inf' "Adding relay mappings from postfix-relaymap.cf"
|
|
# keep lines which are not a comment *and* have a destination.
|
|
sed -n '/^\s*[^#[:space:]]\S*\s\+\S/p' /tmp/docker-mailserver/postfix-relaymap.cf >> /etc/postfix/relayhost_map
|
|
fi
|
|
|
|
{
|
|
# note: won't detect domains when lhs has spaces (but who does that?!)
|
|
sed -n '/^\s*[^#[:space:]]/ s/^[^@|]*@\([^|]\+\)|.*$/\1/p' /tmp/docker-mailserver/postfix-accounts.cf
|
|
|
|
[ -f /tmp/docker-mailserver/postfix-virtual.cf ] && sed -n '/^\s*[^#[:space:]]/ s/^\s*[^@[:space:]]*@\(\S\+\)\s.*/\1/p' /tmp/docker-mailserver/postfix-virtual.cf
|
|
} | while read -r DOMAIN
|
|
do
|
|
# DOMAIN not already present *and* not ignored
|
|
if ! grep -q -e "^@${DOMAIN}\b" /etc/postfix/relayhost_map && ! grep -qs -e "^\s*@${DOMAIN}\s*$" /tmp/docker-mailserver/postfix-relaymap.cf
|
|
then
|
|
_notify 'inf' "Adding relay mapping for ${DOMAIN}"
|
|
echo "@${DOMAIN} [${RELAY_HOST}]:${RELAY_PORT}" >> /etc/postfix/relayhost_map
|
|
fi
|
|
done
|
|
}
|
|
|
|
function _relayhost_configure_postfix
|
|
{
|
|
postconf -e \
|
|
"smtp_sasl_auth_enable = yes" \
|
|
"smtp_sasl_security_options = noanonymous" \
|
|
"smtp_sasl_password_maps = texthash:/etc/postfix/sasl_passwd" \
|
|
"smtp_tls_security_level = encrypt" \
|
|
"smtp_tls_note_starttls_offer = yes" \
|
|
"smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt" \
|
|
"sender_dependent_relayhost_maps = texthash:/etc/postfix/relayhost_map" \
|
|
"smtp_sender_dependent_authentication = yes"
|
|
}
|
|
|
|
# ? --------------------------------------------- Callers
|
|
|
|
# setup-stack.sh:
|
|
function _setup_relayhost
|
|
{
|
|
_notify 'task' 'Setting up Postfix Relay Hosts'
|
|
|
|
if [[ -n ${DEFAULT_RELAY_HOST} ]]
|
|
then
|
|
_notify 'inf' "Setting default relay host ${DEFAULT_RELAY_HOST} to /etc/postfix/main.cf"
|
|
postconf -e "relayhost = ${DEFAULT_RELAY_HOST}"
|
|
fi
|
|
|
|
if [[ -n ${RELAY_HOST} ]]
|
|
then
|
|
_relayhost_default_port_fallback
|
|
_notify 'inf' "Setting up outgoing email relaying via ${RELAY_HOST}:${RELAY_PORT}"
|
|
|
|
# Expects `_sasl_passwd_create` was called prior in `setup-stack.sh`
|
|
_relayhost_sasl
|
|
_populate_relayhost_map
|
|
|
|
_relayhost_configure_postfix
|
|
fi
|
|
}
|
|
|
|
# check-for-changes.sh:
|
|
function _rebuild_relayhost
|
|
{
|
|
if [[ -n ${RELAY_HOST} ]]
|
|
then
|
|
_relayhost_default_port_fallback
|
|
|
|
# Start from a new `/etc/postfix/sasl_passwd` state:
|
|
_sasl_passwd_create
|
|
|
|
_relayhost_sasl
|
|
_populate_relayhost_map
|
|
fi
|
|
}
|