Compare commits
7 Commits
702d352988
...
e7923cf4cb
Author | SHA1 | Date |
---|---|---|
Asif Bacchus | e7923cf4cb | |
Asif Bacchus | 6c74ebed2c | |
Asif Bacchus | 720d110135 | |
Asif Bacchus | e17624864c | |
Asif Bacchus | 3f8ab5d378 | |
Asif Bacchus | 713c5fa2ad | |
Asif Bacchus | f164b317dc |
22
Dockerfile
22
Dockerfile
|
@ -1,5 +1,5 @@
|
||||||
#
|
#
|
||||||
# simple postfix smarthost smtp relay
|
# simple postfix smtp relay
|
||||||
#
|
#
|
||||||
|
|
||||||
FROM alpine:3.13
|
FROM alpine:3.13
|
||||||
|
@ -9,13 +9,13 @@ LABEL author="Asif Bacchus <asif@bacchus.cloud>"
|
||||||
LABEL maintainer="Asif Bacchus <asif@bacchus.cloud>"
|
LABEL maintainer="Asif Bacchus <asif@bacchus.cloud>"
|
||||||
LABEL org.label-schema.schema-version="1.0"
|
LABEL org.label-schema.schema-version="1.0"
|
||||||
LABEL org.label-schema.docker.cmd=""
|
LABEL org.label-schema.docker.cmd=""
|
||||||
LABEL org.label-schema.description="Simple postfix smarthost smtp mail relay on Alpine Linux."
|
LABEL org.label-schema.description="Simple postfix smtp mail relay on Alpine."
|
||||||
LABEL org.label-schema.url=""
|
LABEL org.label-schema.url="https://git.asifbacchus.app/ab-docker/postfix-smtp-relay"
|
||||||
LABEL org.label-schema.usage=""
|
LABEL org.label-schema.usage="https://git.asifbacchus.app/ab-docker/postfix-smtp-relay"
|
||||||
LABEL org.label-schema.vcs-url=""
|
LABEL org.label-schema.vcs-url="https://git.asifbacchus.app/ab-docker/postfix-smtp-relay.git"
|
||||||
|
|
||||||
# install mSMTP
|
# install packages and clean-up
|
||||||
RUN apk --no-cache \
|
RUN apk --no-cache add \
|
||||||
ca-certificates \
|
ca-certificates \
|
||||||
postfix \
|
postfix \
|
||||||
bind-tools \
|
bind-tools \
|
||||||
|
@ -23,8 +23,8 @@ RUN apk --no-cache \
|
||||||
|
|
||||||
# set environment variables
|
# set environment variables
|
||||||
ENV TZ=Etc/UTC
|
ENV TZ=Etc/UTC
|
||||||
ENV LOCAL_HOSTNAME=${HOSTNAME}
|
ENV LOCAL_HOSTNAME=""
|
||||||
ENV LOCAL_DOMAINNAME=${HOSTNAME#*.}
|
ENV LOCAL_DOMAINNAME=""
|
||||||
ENV LOCAL_ENCRYPTION=false
|
ENV LOCAL_ENCRYPTION=false
|
||||||
ENV SMARTHOST=""
|
ENV SMARTHOST=""
|
||||||
ENV SMARTHOST_PORT=587
|
ENV SMARTHOST_PORT=587
|
||||||
|
@ -41,8 +41,8 @@ ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ]
|
||||||
CMD [ "/usr/local/sbin/postfix", "start-fg" ]
|
CMD [ "/usr/local/sbin/postfix", "start-fg" ]
|
||||||
|
|
||||||
# set parameters, vendor, version and build-date labels
|
# set parameters, vendor, version and build-date labels
|
||||||
LABEL org.label-schema.docker.params="TZ=Etc/UTC, HOSTNAME=HOSTNAME, DOMAINNAME=(derived from hostname), LOCAL_ENCRYPTION=false, SMARTHOST, SMARTHOST_PORT=587, SMARTHOST_USERNAME, SMARTHOST_PASSWORD, SMARTHOST_ENCRYPTION='OPTIONAL'"
|
LABEL org.label-schema.docker.params="TZ=Etc/UTC, HOSTNAME=(container hostname), DOMAINNAME=(derived from hostname), LOCAL_ENCRYPTION=false|optional|true, SMARTHOST=..., SMARTHOST_PORT=587, SMARTHOST_USERNAME=..., SMARTHOST_PASSWORD=..., SMARTHOST_ENCRYPTION=optional|false|true"
|
||||||
LABEL org.label-schema.vendor="Alpine 3.13, Postfix 3.5.10-r0"
|
LABEL org.label-schema.vendor="Alpine 3.13, Postfix 3.5.10-r0"
|
||||||
LABEL org.label-schema.version="0.1"
|
LABEL org.label-schema.version="0.5"
|
||||||
ARG BUILD_DATE
|
ARG BUILD_DATE
|
||||||
LABEL org.label-schema.build-date=${BUILD_DATE}
|
LABEL org.label-schema.build-date=${BUILD_DATE}
|
||||||
|
|
135
entrypoint.sh
135
entrypoint.sh
|
@ -8,70 +8,89 @@ convertCase () {
|
||||||
printf "%s" "$1" | tr "[:lower:]" "[:upper:]"
|
printf "%s" "$1" | tr "[:lower:]" "[:upper:]"
|
||||||
}
|
}
|
||||||
|
|
||||||
printf "\nVerifying environment variables... "
|
if [ -f "/etc/postfix/main.cf.override" ]; then
|
||||||
|
# use provided configuration file
|
||||||
|
printf "\nAppending provided MAIN configuration... "
|
||||||
|
cat /etc/postfix/main.cf.override >> /etc/postfix/main.cf
|
||||||
|
\rm -f /tmp/main.cf.insert
|
||||||
|
else
|
||||||
|
# process auto-setup
|
||||||
|
printf "\nVerifying environment variables... "
|
||||||
|
|
||||||
# check for missing environment variable values
|
# check for missing environment variable values
|
||||||
if [ -z "$SMARTHOST" ]; then
|
if [ -z "$SMARTHOST" ]; then
|
||||||
printf "\nYou must specify the hostname or IP address of a smarthost where mail should be relayed.\n\n"
|
printf "\nYou must specify the hostname or IP address of a smarthost where mail should be relayed.\n\n"
|
||||||
fi
|
exit 1
|
||||||
if [ -z "$SMARTHOST_USERNAME" ]; then
|
fi
|
||||||
printf "\nYou must provide a username for smarthost authentication.\n\n"
|
if [ -z "$SMARTHOST_USERNAME" ]; then
|
||||||
fi
|
printf "\nYou must provide a username for smarthost authentication.\n\n"
|
||||||
if [ -z "$SMARTHOST_PASSWORD" ]; then
|
exit 1
|
||||||
printf "\nYou must provide a password for smarthost authentication.\n\n"
|
fi
|
||||||
fi
|
if [ -z "$SMARTHOST_PASSWORD" ]; then
|
||||||
|
printf "\nYou must provide a password for smarthost authentication.\n\n"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
# set failsafes
|
# set failsafes
|
||||||
[ -z "$SMARTHOST_PORT" ] && SMARTHOST_PORT=587
|
[ -z "$SMARTHOST_PORT" ] && SMARTHOST_PORT=587
|
||||||
[ -z "$LOCAL_HOSTNAME" ] && LOCAL_HOSTNAME="smarthost"
|
[ -z "$LOCAL_HOSTNAME" ] && LOCAL_HOSTNAME="$(uname -n)"
|
||||||
[ -z "$LOCAL_DOMAINNAME" ] && LOCAL_DOMAINNAME="smarthost"
|
[ -z "$LOCAL_DOMAINNAME" ] && LOCAL_DOMAINNAME="${LOCAL_HOSTNAME#*.}"
|
||||||
|
|
||||||
|
printf "done\n"
|
||||||
|
printf "updating configuration files... "
|
||||||
|
|
||||||
|
# update main.cf
|
||||||
|
sed -i "s/{LOCAL_HOSTNAME}/${LOCAL_HOSTNAME}/" /tmp/main.cf.insert
|
||||||
|
sed -i "s/{LOCAL_DOMAINNAME}/${LOCAL_DOMAINNAME}/" /tmp/main.cf.insert
|
||||||
|
sed -i "s/{SMARTHOST}/${SMARTHOST}/" /tmp/main.cf.insert
|
||||||
|
sed -i "s/{SMARTHOST_PORT}/${SMARTHOST_PORT}/" /tmp/main.cf.insert
|
||||||
|
sed -i "s/{SMARTHOST_USERNAME}/${SMARTHOST_USERNAME}/" /tmp/main.cf.insert
|
||||||
|
sed -i "s/{SMARTHOST_PASSWORD}/${SMARTHOST_PASSWORD}/" /tmp/main.cf.insert
|
||||||
|
|
||||||
|
LOCAL_ENCRYPTION="$(convertCase "$LOCAL_ENCRYPTION")"
|
||||||
|
case "$LOCAL_ENCRYPTION" in
|
||||||
|
OPT*)
|
||||||
|
sed -i 's/{LOCAL_ENCRYPTION}/may/' /tmp/main.cf.insert
|
||||||
|
sed -i 's/#smtpd_/smtpd_/g' /tmp/main.cf.insert
|
||||||
|
;;
|
||||||
|
TRUE)
|
||||||
|
sed -i 's/{LOCAL_ENCRYPTION}/encrypt/' /tmp/main.cf.insert
|
||||||
|
sed -i 's/#smtpd_/smtpd_/g' /tmp/main.cf.insert
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
sed -i 's/{LOCAL_ENCRYPTION}//' /tmp/main.cf.insert
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
SMARTHOST_ENCRYPTION="$(convertCase "$SMARTHOST_ENCRYPTION")"
|
||||||
|
case "$SMARTHOST_ENCRYPTION" in
|
||||||
|
OPT*)
|
||||||
|
sed -i 's/{SMARTHOST_ENCRYPTION}/may/' /tmp/main.cf.insert
|
||||||
|
;;
|
||||||
|
TRUE)
|
||||||
|
sed -i 's/{SMARTHOST_ENCRYPTION}/secure/' /tmp/main.cf.insert
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
sed -i 's/{SMARTHOST_ENCRYPTION}/none/' /tmp/main.cf.insert
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# append configuration and remove temp file
|
||||||
|
cat /tmp/main.cf.insert >> /etc/postfix/main.cf
|
||||||
|
\rm -f /tmp/main.cf.insert
|
||||||
|
fi
|
||||||
printf "done\n"
|
printf "done\n"
|
||||||
printf "updating configuration files... "
|
|
||||||
|
|
||||||
# update main.cf
|
|
||||||
sed -i "s/{LOCAL_HOSTNAME}/${LOCAL_HOSTNAME}/" /tmp/main.cf.insert
|
|
||||||
sed -i "s/{LOCAL_DOMAINNAME}/${LOCAL_DOMAINNAME}/" /tmp/main.cf.insert
|
|
||||||
sed -i "s/{SMARTHOST}/${SMARTHOST}/" /tmp/main.cf.insert
|
|
||||||
sed -i "s/{SMARTHOST_PORT}/${SMARTHOST_PORT}/" /tmp/main.cf.insert
|
|
||||||
sed -i "s/{SMARTHOST_USERNAME}/${SMARTHOST_USERNAME}/" /tmp/main.cf.insert
|
|
||||||
sed -i "s/{SMARTHOST_PASSWORD}/${SMARTHOST_PASSWORD}/" /tmp/main.cf.insert
|
|
||||||
|
|
||||||
LOCAL_ENCRYPTION="$(convertCase "$LOCAL_ENCRYPTION")"
|
|
||||||
case "$LOCAL_ENCRYPTION" in
|
|
||||||
OPT*)
|
|
||||||
sed -i 's/{LOCAL_ENCRYPTION}/may/' /tmp/main.cf.insert
|
|
||||||
sed -i 's/#smtpd_/smtpd_/g' /tmp/main.cf.insert
|
|
||||||
;;
|
|
||||||
TRUE)
|
|
||||||
sed -i 's/{LOCAL_ENCRYPTION}/encrypt/' /tmp/main.cf.insert
|
|
||||||
sed -i 's/#smtpd_/smtpd_/g' /tmp/main.cf.insert
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
sed -i 's/{LOCAL_ENCRYPTION}//' /tmp/main.cf.insert
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
SMARTHOST_ENCRYPTION="$(convertCase "$SMARTHOST_ENCRYPTION")"
|
|
||||||
case "$SMARTHOST_ENCRYPTION" in
|
|
||||||
OPT*)
|
|
||||||
sed -i 's/{SMARTHOST_ENCRYPTION}/may/' /tmp/main.cf.insert
|
|
||||||
;;
|
|
||||||
TRUE)
|
|
||||||
sed -i 's/{SMARTHOST_ENCRYPTION}/secure/' /tmp/main.cf.insert
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
sed -i 's/{SMARTHOST_ENCRYPTION}/none/' /tmp/main.cf.insert
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
cat /tmp/main.cf.insert >> /etc/postfix/main.cf
|
|
||||||
rm -f /tmp/main.cf.insert
|
|
||||||
|
|
||||||
# update master.cf
|
|
||||||
sed -i 's/#tlsproxy/tlsproxy/' /etc/postfix/master.cf
|
|
||||||
|
|
||||||
|
if [ -f "/etc/postfix/master.cf.override" ]; then
|
||||||
|
# use provided configuration file
|
||||||
|
printf "\nUsing provided MASTER configuration... "
|
||||||
|
\cp --force /etc/postfix/master.cf.override /etc/postfix/master.cf
|
||||||
|
else
|
||||||
|
# update master.cf
|
||||||
|
sed -i 's/#tlsproxy/tlsproxy/' /etc/postfix/master.cf
|
||||||
|
fi
|
||||||
printf "done\n"
|
printf "done\n"
|
||||||
|
|
||||||
printf "container setup complete!\n"
|
printf "container setup complete!\n"
|
||||||
|
|
||||||
# run CMD passed to this container
|
# run CMD passed to this container
|
||||||
|
|
|
@ -13,7 +13,7 @@ relayhost = [{SMARTHOST}]:{SMARTHOST_PORT}
|
||||||
|
|
||||||
#smtpd_tls_chain_files = /certs/privkey.pem, /certs/fullchain.pem
|
#smtpd_tls_chain_files = /certs/privkey.pem, /certs/fullchain.pem
|
||||||
#smtpd_tls_mandatory_ciphers = high
|
#smtpd_tls_mandatory_ciphers = high
|
||||||
#smptd_tls_mandatory_exclude_ciphers = aNULL, MD5
|
#smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5
|
||||||
#smtpd_tls_mandatory_protocols = >=TLSv1.2
|
#smtpd_tls_mandatory_protocols = >=TLSv1.2
|
||||||
#smtpd_tls_security_level = {LOCAL_ENCRYPTION}
|
#smtpd_tls_security_level = {LOCAL_ENCRYPTION}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue