Compare commits
No commits in common. "7e291fad6a5cba16a81ce165aeac20ae19d3d701" and "a45ff79f1f34ce32941616f7d5947d495be652c4" have entirely different histories.
7e291fad6a
...
a45ff79f1f
81
.gitattributes
vendored
81
.gitattributes
vendored
@ -1,81 +0,0 @@
|
|||||||
# Common settings that generally should always be used with your language specific settings
|
|
||||||
|
|
||||||
# Auto detect text files and perform LF normalization
|
|
||||||
# https://www.davidlaing.com/2012/09/19/customise-your-gitattributes-to-become-a-git-ninja/
|
|
||||||
* text=auto
|
|
||||||
|
|
||||||
#
|
|
||||||
# The above will handle all files NOT found below
|
|
||||||
#
|
|
||||||
|
|
||||||
# Documents
|
|
||||||
*.bibtex text diff=bibtex
|
|
||||||
*.doc diff=astextplain
|
|
||||||
*.DOC diff=astextplain
|
|
||||||
*.docx diff=astextplain
|
|
||||||
*.DOCX diff=astextplain
|
|
||||||
*.dot diff=astextplain
|
|
||||||
*.DOT diff=astextplain
|
|
||||||
*.pdf diff=astextplain
|
|
||||||
*.PDF diff=astextplain
|
|
||||||
*.rtf diff=astextplain
|
|
||||||
*.RTF diff=astextplain
|
|
||||||
*.md text diff=markdown
|
|
||||||
*.tex text diff=tex
|
|
||||||
*.adoc text
|
|
||||||
*.textile text
|
|
||||||
*.mustache text
|
|
||||||
*.csv text
|
|
||||||
*.tab text
|
|
||||||
*.tsv text
|
|
||||||
*.txt text
|
|
||||||
*.sql text
|
|
||||||
*.ps1 text eol=crlf
|
|
||||||
|
|
||||||
# Graphics
|
|
||||||
*.png binary
|
|
||||||
*.jpg binary
|
|
||||||
*.jpeg binary
|
|
||||||
*.gif binary
|
|
||||||
*.tif binary
|
|
||||||
*.tiff binary
|
|
||||||
*.ico binary
|
|
||||||
# SVG treated as an asset (binary) by default.
|
|
||||||
*.svg text
|
|
||||||
# If you want to treat it as binary,
|
|
||||||
# use the following line instead.
|
|
||||||
# *.svg binary
|
|
||||||
*.eps binary
|
|
||||||
|
|
||||||
# Scripts
|
|
||||||
*.bash text eol=lf
|
|
||||||
*.fish text eol=lf
|
|
||||||
*.sh text eol=lf
|
|
||||||
# These are explicitly windows files and should use crlf
|
|
||||||
*.bat text eol=crlf
|
|
||||||
*.cmd text eol=crlf
|
|
||||||
|
|
||||||
# Serialisation
|
|
||||||
*.json text
|
|
||||||
*.toml text
|
|
||||||
*.xml text
|
|
||||||
*.yaml text
|
|
||||||
*.yml text
|
|
||||||
|
|
||||||
# Archives
|
|
||||||
*.7z binary
|
|
||||||
*.gz binary
|
|
||||||
*.tar binary
|
|
||||||
*.tgz binary
|
|
||||||
*.zip binary
|
|
||||||
|
|
||||||
# Text files where line endings should be preserved
|
|
||||||
*.patch -text
|
|
||||||
|
|
||||||
#
|
|
||||||
# Exclude files from exporting
|
|
||||||
#
|
|
||||||
|
|
||||||
.gitattributes export-ignore
|
|
||||||
.gitignore export-ignore
|
|
||||||
.gitkeep export-ignore
|
|
1
.gitignore
vendored
1
.gitignore
vendored
@ -1 +0,0 @@
|
|||||||
.vscode
|
|
48
Dockerfile
48
Dockerfile
@ -1,48 +0,0 @@
|
|||||||
#
|
|
||||||
# simple postfix smarthost smtp relay
|
|
||||||
#
|
|
||||||
|
|
||||||
FROM alpine:3.13
|
|
||||||
|
|
||||||
# standardized labels
|
|
||||||
LABEL author="Asif Bacchus <asif@bacchus.cloud>"
|
|
||||||
LABEL maintainer="Asif Bacchus <asif@bacchus.cloud>"
|
|
||||||
LABEL org.label-schema.schema-version="1.0"
|
|
||||||
LABEL org.label-schema.docker.cmd=""
|
|
||||||
LABEL org.label-schema.description="Simple postfix smarthost smtp mail relay on Alpine Linux."
|
|
||||||
LABEL org.label-schema.url=""
|
|
||||||
LABEL org.label-schema.usage=""
|
|
||||||
LABEL org.label-schema.vcs-url=""
|
|
||||||
|
|
||||||
# install mSMTP
|
|
||||||
RUN apk --no-cache \
|
|
||||||
ca-certificates \
|
|
||||||
postfix \
|
|
||||||
bind-tools \
|
|
||||||
&& rm -f /var/cache/apk/*
|
|
||||||
|
|
||||||
# set environment variables
|
|
||||||
ENV TZ=Etc/UTC
|
|
||||||
ENV LOCAL_HOSTNAME=${HOSTNAME}
|
|
||||||
ENV LOCAL_DOMAINNAME=${HOSTNAME#*.}
|
|
||||||
ENV LOCAL_ENCRYPTION=false
|
|
||||||
ENV SMARTHOST=""
|
|
||||||
ENV SMARTHOST_PORT=587
|
|
||||||
ENV SMARTHOST_USERNAME=""
|
|
||||||
ENV SMARTHOST_PASSWORD=""
|
|
||||||
ENV SMARTHOST_ENCRYPTION="OPTIONAL"
|
|
||||||
|
|
||||||
# copy configuration snippets
|
|
||||||
COPY main.cf.insert /tmp/main.cf.insert
|
|
||||||
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
|
|
||||||
|
|
||||||
# set entrypoint and default command
|
|
||||||
ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ]
|
|
||||||
CMD [ "/usr/local/sbin/postfix", "start-fg" ]
|
|
||||||
|
|
||||||
# set parameters, vendor, version and build-date labels
|
|
||||||
LABEL org.label-schema.docker.params="TZ=Etc/UTC, HOSTNAME=HOSTNAME, DOMAINNAME=(derived from hostname), LOCAL_ENCRYPTION=false, SMARTHOST, SMARTHOST_PORT=587, SMARTHOST_USERNAME, SMARTHOST_PASSWORD, SMARTHOST_ENCRYPTION='OPTIONAL'"
|
|
||||||
LABEL org.label-schema.vendor="Alpine 3.13, Postfix 3.5.10-r0"
|
|
||||||
LABEL org.label-schema.version="0.1"
|
|
||||||
ARG BUILD_DATE
|
|
||||||
LABEL org.label-schema.build-date=${BUILD_DATE}
|
|
@ -1,82 +0,0 @@
|
|||||||
#!/bin/sh
|
|
||||||
|
|
||||||
#
|
|
||||||
# entrypoint script for postfix smarthost mail relay
|
|
||||||
#
|
|
||||||
|
|
||||||
convertCase () {
|
|
||||||
printf "%s" "$1" | tr "[:lower:]" "[:upper:]"
|
|
||||||
}
|
|
||||||
|
|
||||||
printf "\nVerifying environment variables... "
|
|
||||||
|
|
||||||
# check for missing environment variable values
|
|
||||||
if [ -z "$SMARTHOST" ]; then
|
|
||||||
printf "\nYou must specify the hostname or IP address of a smarthost where mail should be relayed.\n\n"
|
|
||||||
fi
|
|
||||||
if [ -z "$SMARTHOST_USERNAME" ]; then
|
|
||||||
printf "\nYou must provide a username for smarthost authentication.\n\n"
|
|
||||||
fi
|
|
||||||
if [ -z "$SMARTHOST_PASSWORD" ]; then
|
|
||||||
printf "\nYou must provide a password for smarthost authentication.\n\n"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# set failsafes
|
|
||||||
[ -z "$SMARTHOST_PORT" ] && SMARTHOST_PORT=587
|
|
||||||
[ -z "$LOCAL_HOSTNAME" ] && LOCAL_HOSTNAME="smarthost"
|
|
||||||
[ -z "$LOCAL_DOMAINNAME" ] && LOCAL_DOMAINNAME="smarthost"
|
|
||||||
|
|
||||||
printf "done\n"
|
|
||||||
printf "updating configuration files... "
|
|
||||||
|
|
||||||
# update main.cf
|
|
||||||
sed -i 's/{LOCAL_HOSTNAME}/${LOCAL_HOSTNAME}/' /tmp/main.cf.insert
|
|
||||||
sed -i 's/{LOCAL_DOMAINNAME}/${LOCAL_DOMAINNAME}/' /tmp/main.cf.insert
|
|
||||||
sed -i 's/{SMARTHOST}/${SMARTHOST}/' /tmp/main.cf.insert
|
|
||||||
sed -i 's/{SMARTHOST_PORT}/${SMARTHOST_PORT}/' /tmp/main.cf.insert
|
|
||||||
sed -i 's/{SMARTHOST_USERNAME}/${SMARTHOST_USERNAME}/' /tmp/main.cf.insert
|
|
||||||
sed -i 's/{SMARTHOST_PASSWORD}/${SMARTHOST_PASSWORD}/' /tmp/main.cf.insert
|
|
||||||
|
|
||||||
LOCAL_ENCRYPTION="$(convertCase "$LOCAL_ENCRYPTION")"
|
|
||||||
case "$LOCAL_ENCRYPTION" in
|
|
||||||
OPT*)
|
|
||||||
sed -i 's/{LOCAL_ENCRYPTION}/may/' /tmp/main.cf.insert
|
|
||||||
sed -i 's/#smtpd_/smtpd_/g' /tmp/main.cf.insert
|
|
||||||
;;
|
|
||||||
TRUE)
|
|
||||||
sed -i 's/{LOCAL_ENCRYPTION}/encrypt/' /tmp/main.cf.insert
|
|
||||||
sed -i 's/#smtpd_/smtpd_/g' /tmp/main.cf.insert
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
sed -i 's/{LOCAL_ENCRYPTION}//' /tmp/main.cf.insert
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
SMARTHOST_ENCRYPTION="$(convertCase "$SMARTHOST_ENCRYPTION")"
|
|
||||||
case "$SMARTHOST_ENCRYPTION" in
|
|
||||||
OPT*)
|
|
||||||
sed -i 's/{SMARTHOST_ENCRYPTION}/may/' /tmp/main.cf.insert
|
|
||||||
;;
|
|
||||||
TRUE)
|
|
||||||
sed -i 's/{SMARTHOST_ENCRYPTION}/secure/' /tmp/main.cf.insert
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
sed -i 's/{SMARTHOST_ENCRYPTION}/none/' /tmp/main.cf.insert
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
cat /tmp/main.cf.insert >> /etc/postfix/main.cf
|
|
||||||
rm -f /tmp/main.cf.insert
|
|
||||||
|
|
||||||
# update master.cf
|
|
||||||
sed -i 's/#tlsproxy/tlsproxy/' /etc/postfix/master.cf
|
|
||||||
|
|
||||||
printf "done\n"
|
|
||||||
printf "container setup complete!\n"
|
|
||||||
|
|
||||||
# run CMD passed to this container
|
|
||||||
printf "\nExecuting: %s\n" "$*"
|
|
||||||
exec "$@"
|
|
||||||
|
|
||||||
exit 0
|
|
||||||
#EOF
|
|
@ -1,33 +0,0 @@
|
|||||||
#
|
|
||||||
# configure as smarthost
|
|
||||||
#
|
|
||||||
myhostname = {LOCAL_HOSTNAME}
|
|
||||||
mydomain = {LOCAL_DOMAINNAME}
|
|
||||||
|
|
||||||
myorigin = $mydomain
|
|
||||||
mydestination = localhost localhost.$mydomain $myhostname $mydomain
|
|
||||||
mynetworks_style = subnet
|
|
||||||
|
|
||||||
relay_domains =
|
|
||||||
relayhost = [{SMARTHOST}]:{SMARTHOST_PORT}
|
|
||||||
|
|
||||||
#smtpd_tls_chain_files = /certs/privkey.pem, /certs/fullchain.pem
|
|
||||||
#smtpd_tls_mandatory_ciphers = high
|
|
||||||
#smptd_tls_mandatory_exclude_ciphers = aNULL, MD5
|
|
||||||
#smtpd_tls_mandatory_protocols = >=TLSv1.2
|
|
||||||
#smtpd_tls_security_level = {LOCAL_ENCRYPTION}
|
|
||||||
|
|
||||||
smtp_tls_security_level = {SMARTHOST_ENCRYPTION}
|
|
||||||
smtp_tls_connection_reuse = yes
|
|
||||||
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
|
|
||||||
|
|
||||||
smtp_sasl_auth_enable = yes
|
|
||||||
smtp_sasl_password_maps = static:{SMARTHOST_USERNAME}:{SMARTHOST_PASSWORD}
|
|
||||||
smtp_sasl_security_options = noanonymous
|
|
||||||
|
|
||||||
header_size_limit = 4096000
|
|
||||||
relay_destination_concurrency_limit = 20
|
|
||||||
|
|
||||||
soft_bounce = no
|
|
||||||
|
|
||||||
maillog_file = /dev/stdout
|
|
Loading…
Reference in New Issue
Block a user