fix(scripts): mark entrypoint executable

struct(scripts): entrypoint and config partial
refactor(dockerfile): change env var names
2021-05-13 13:23:00 -06:00 · 2021-05-13 13:21:04 -06:00 · 2021-05-13 13:20:24 -06:00 · 2021-05-13 12:39:16 -06:00 · 2021-05-13 12:38:54 -06:00
5 changed files with 245 additions and 0 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1,81 @@
+# Common settings that generally should always be used with your language specific settings
+
+# Auto detect text files and perform LF normalization
+# https://www.davidlaing.com/2012/09/19/customise-your-gitattributes-to-become-a-git-ninja/
+*          text=auto
+
+#
+# The above will handle all files NOT found below
+#
+
+# Documents
+*.bibtex   text diff=bibtex
+*.doc      diff=astextplain
+*.DOC      diff=astextplain
+*.docx     diff=astextplain
+*.DOCX     diff=astextplain
+*.dot      diff=astextplain
+*.DOT      diff=astextplain
+*.pdf      diff=astextplain
+*.PDF      diff=astextplain
+*.rtf      diff=astextplain
+*.RTF      diff=astextplain
+*.md       text diff=markdown
+*.tex      text diff=tex
+*.adoc     text
+*.textile  text
+*.mustache text
+*.csv      text
+*.tab      text
+*.tsv      text
+*.txt      text
+*.sql      text
+*.ps1      text eol=crlf
+
+# Graphics
+*.png      binary
+*.jpg      binary
+*.jpeg     binary
+*.gif      binary
+*.tif      binary
+*.tiff     binary
+*.ico      binary
+# SVG treated as an asset (binary) by default.
+*.svg      text
+# If you want to treat it as binary,
+# use the following line instead.
+# *.svg    binary
+*.eps      binary
+
+# Scripts
+*.bash     text eol=lf
+*.fish     text eol=lf
+*.sh       text eol=lf
+# These are explicitly windows files and should use crlf
+*.bat      text eol=crlf
+*.cmd      text eol=crlf
+
+# Serialisation
+*.json     text
+*.toml     text
+*.xml      text
+*.yaml     text
+*.yml      text
+
+# Archives
+*.7z       binary
+*.gz       binary
+*.tar      binary
+*.tgz      binary
+*.zip      binary
+
+# Text files where line endings should be preserved
+*.patch    -text
+
+#
+# Exclude files from exporting
+#
+
+.gitattributes export-ignore
+.gitignore     export-ignore
+.gitkeep       export-ignore
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+.vscode
--- a/48
+++ b/48
@ -0,0 +1,48 @@
+#
+# simple postfix smarthost smtp relay
+#
+
+FROM alpine:3.13
+
+# standardized labels
+LABEL author="Asif Bacchus <asif@bacchus.cloud>"
+LABEL maintainer="Asif Bacchus <asif@bacchus.cloud>"
+LABEL org.label-schema.schema-version="1.0"
+LABEL org.label-schema.docker.cmd=""
+LABEL org.label-schema.description="Simple postfix smarthost smtp mail relay on Alpine Linux."
+LABEL org.label-schema.url=""
+LABEL org.label-schema.usage=""
+LABEL org.label-schema.vcs-url=""
+
+# install mSMTP
+RUN apk --no-cache \
+    ca-certificates \
+    postfix \
+    bind-tools \
+    && rm -f /var/cache/apk/*
+
+# set environment variables
+ENV TZ=Etc/UTC
+ENV LOCAL_HOSTNAME=${HOSTNAME}
+ENV LOCAL_DOMAINNAME=${HOSTNAME#*.}
+ENV LOCAL_ENCRYPTION=false
+ENV SMARTHOST=""
+ENV SMARTHOST_PORT=587
+ENV SMARTHOST_USERNAME=""
+ENV SMARTHOST_PASSWORD=""
+ENV SMARTHOST_ENCRYPTION="OPTIONAL"
+
+# copy configuration snippets
+COPY main.cf.insert /tmp/main.cf.insert
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
+
+# set entrypoint and default command
+ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ]
+CMD [ "/usr/local/sbin/postfix", "start-fg" ]
+
+# set parameters, vendor, version and build-date labels
+LABEL org.label-schema.docker.params="TZ=Etc/UTC, HOSTNAME=HOSTNAME, DOMAINNAME=(derived from hostname), LOCAL_ENCRYPTION=false, SMARTHOST, SMARTHOST_PORT=587, SMARTHOST_USERNAME, SMARTHOST_PASSWORD, SMARTHOST_ENCRYPTION='OPTIONAL'"
+LABEL org.label-schema.vendor="Alpine 3.13, Postfix 3.5.10-r0"
+LABEL org.label-schema.version="0.1"
+ARG BUILD_DATE
+LABEL org.label-schema.build-date=${BUILD_DATE}
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -0,0 +1,82 @@
+#!/bin/sh
+
+#
+# entrypoint script for postfix smarthost mail relay
+#
+
+convertCase () {
+    printf "%s" "$1" | tr "[:lower:]" "[:upper:]"
+}
+
+printf "\nVerifying environment variables... "
+
+# check for missing environment variable values
+if [ -z "$SMARTHOST" ]; then
+    printf "\nYou must specify the hostname or IP address of a smarthost where mail should be relayed.\n\n"
+fi
+if [ -z "$SMARTHOST_USERNAME" ]; then
+    printf "\nYou must provide a username for smarthost authentication.\n\n"
+fi
+if [ -z "$SMARTHOST_PASSWORD" ]; then
+    printf "\nYou must provide a password for smarthost authentication.\n\n"
+fi
+
+# set failsafes
+[ -z "$SMARTHOST_PORT" ] && SMARTHOST_PORT=587
+[ -z "$LOCAL_HOSTNAME" ] && LOCAL_HOSTNAME="smarthost"
+[ -z "$LOCAL_DOMAINNAME" ] && LOCAL_DOMAINNAME="smarthost"
+
+printf "done\n"
+printf "updating configuration files... "
+
+# update main.cf
+sed -i 's/{LOCAL_HOSTNAME}/${LOCAL_HOSTNAME}/' /tmp/main.cf.insert
+sed -i 's/{LOCAL_DOMAINNAME}/${LOCAL_DOMAINNAME}/' /tmp/main.cf.insert
+sed -i 's/{SMARTHOST}/${SMARTHOST}/' /tmp/main.cf.insert
+sed -i 's/{SMARTHOST_PORT}/${SMARTHOST_PORT}/' /tmp/main.cf.insert
+sed -i 's/{SMARTHOST_USERNAME}/${SMARTHOST_USERNAME}/' /tmp/main.cf.insert
+sed -i 's/{SMARTHOST_PASSWORD}/${SMARTHOST_PASSWORD}/' /tmp/main.cf.insert
+
+LOCAL_ENCRYPTION="$(convertCase "$LOCAL_ENCRYPTION")"
+case "$LOCAL_ENCRYPTION" in
+    OPT*)
+        sed -i 's/{LOCAL_ENCRYPTION}/may/' /tmp/main.cf.insert
+        sed -i 's/#smtpd_/smtpd_/g' /tmp/main.cf.insert
+        ;;
+    TRUE)
+        sed -i 's/{LOCAL_ENCRYPTION}/encrypt/' /tmp/main.cf.insert
+        sed -i 's/#smtpd_/smtpd_/g' /tmp/main.cf.insert
+        ;;
+    *)
+        sed -i 's/{LOCAL_ENCRYPTION}//' /tmp/main.cf.insert
+        ;;
+esac
+
+SMARTHOST_ENCRYPTION="$(convertCase "$SMARTHOST_ENCRYPTION")"
+case "$SMARTHOST_ENCRYPTION" in
+    OPT*)
+        sed -i 's/{SMARTHOST_ENCRYPTION}/may/' /tmp/main.cf.insert
+        ;;
+    TRUE)
+        sed -i 's/{SMARTHOST_ENCRYPTION}/secure/' /tmp/main.cf.insert
+        ;;
+    *)
+        sed -i 's/{SMARTHOST_ENCRYPTION}/none/' /tmp/main.cf.insert
+        ;;
+esac
+
+cat /tmp/main.cf.insert >> /etc/postfix/main.cf
+rm -f /tmp/main.cf.insert
+
+# update master.cf
+sed -i 's/#tlsproxy/tlsproxy/' /etc/postfix/master.cf
+
+printf "done\n"
+printf "container setup complete!\n"
+
+# run CMD passed to this container
+printf "\nExecuting: %s\n" "$*"
+exec "$@"
+
+exit 0
+#EOF
--- a/main.cf.insert
+++ b/main.cf.insert
@ -0,0 +1,33 @@
+#
+# configure as smarthost
+#
+myhostname = {LOCAL_HOSTNAME}
+mydomain = {LOCAL_DOMAINNAME}
+
+myorigin = $mydomain
+mydestination = localhost localhost.$mydomain $myhostname $mydomain
+mynetworks_style = subnet
+
+relay_domains =
+relayhost = [{SMARTHOST}]:{SMARTHOST_PORT}
+
+#smtpd_tls_chain_files = /certs/privkey.pem, /certs/fullchain.pem
+#smtpd_tls_mandatory_ciphers = high
+#smptd_tls_mandatory_exclude_ciphers = aNULL, MD5
+#smtpd_tls_mandatory_protocols = >=TLSv1.2
+#smtpd_tls_security_level = {LOCAL_ENCRYPTION}
+
+smtp_tls_security_level = {SMARTHOST_ENCRYPTION}
+smtp_tls_connection_reuse = yes
+smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
+
+smtp_sasl_auth_enable = yes
+smtp_sasl_password_maps = static:{SMARTHOST_USERNAME}:{SMARTHOST_PASSWORD}
+smtp_sasl_security_options = noanonymous
+
+header_size_limit = 4096000
+relay_destination_concurrency_limit = 20
+
+soft_bounce = no
+
+maillog_file = /dev/stdout
Author	SHA1	Message	Date
Asif Bacchus	7e291fad6a	fix(scripts): mark entrypoint executable	2021-05-13 13:23:00 -06:00
Asif Bacchus	efe0c2aebc	struct(scripts): entrypoint and config partial	2021-05-13 13:21:04 -06:00
Asif Bacchus	a270bc5014	refactor(dockerfile): change env var names	2021-05-13 13:20:24 -06:00
Asif Bacchus	cb6868a6e7	(dockerfile): initial dockerfile	2021-05-13 12:39:16 -06:00
Asif Bacchus	d4a39d6439	git: repo set-up	2021-05-13 12:38:54 -06:00