Compare commits
5 Commits
a45ff79f1f
...
7e291fad6a
Author | SHA1 | Date | |
---|---|---|---|
|
7e291fad6a | ||
|
efe0c2aebc | ||
|
a270bc5014 | ||
|
cb6868a6e7 | ||
|
d4a39d6439 |
81
.gitattributes
vendored
Normal file
81
.gitattributes
vendored
Normal file
@ -0,0 +1,81 @@
|
|||||||
|
# Common settings that generally should always be used with your language specific settings
|
||||||
|
|
||||||
|
# Auto detect text files and perform LF normalization
|
||||||
|
# https://www.davidlaing.com/2012/09/19/customise-your-gitattributes-to-become-a-git-ninja/
|
||||||
|
* text=auto
|
||||||
|
|
||||||
|
#
|
||||||
|
# The above will handle all files NOT found below
|
||||||
|
#
|
||||||
|
|
||||||
|
# Documents
|
||||||
|
*.bibtex text diff=bibtex
|
||||||
|
*.doc diff=astextplain
|
||||||
|
*.DOC diff=astextplain
|
||||||
|
*.docx diff=astextplain
|
||||||
|
*.DOCX diff=astextplain
|
||||||
|
*.dot diff=astextplain
|
||||||
|
*.DOT diff=astextplain
|
||||||
|
*.pdf diff=astextplain
|
||||||
|
*.PDF diff=astextplain
|
||||||
|
*.rtf diff=astextplain
|
||||||
|
*.RTF diff=astextplain
|
||||||
|
*.md text diff=markdown
|
||||||
|
*.tex text diff=tex
|
||||||
|
*.adoc text
|
||||||
|
*.textile text
|
||||||
|
*.mustache text
|
||||||
|
*.csv text
|
||||||
|
*.tab text
|
||||||
|
*.tsv text
|
||||||
|
*.txt text
|
||||||
|
*.sql text
|
||||||
|
*.ps1 text eol=crlf
|
||||||
|
|
||||||
|
# Graphics
|
||||||
|
*.png binary
|
||||||
|
*.jpg binary
|
||||||
|
*.jpeg binary
|
||||||
|
*.gif binary
|
||||||
|
*.tif binary
|
||||||
|
*.tiff binary
|
||||||
|
*.ico binary
|
||||||
|
# SVG treated as an asset (binary) by default.
|
||||||
|
*.svg text
|
||||||
|
# If you want to treat it as binary,
|
||||||
|
# use the following line instead.
|
||||||
|
# *.svg binary
|
||||||
|
*.eps binary
|
||||||
|
|
||||||
|
# Scripts
|
||||||
|
*.bash text eol=lf
|
||||||
|
*.fish text eol=lf
|
||||||
|
*.sh text eol=lf
|
||||||
|
# These are explicitly windows files and should use crlf
|
||||||
|
*.bat text eol=crlf
|
||||||
|
*.cmd text eol=crlf
|
||||||
|
|
||||||
|
# Serialisation
|
||||||
|
*.json text
|
||||||
|
*.toml text
|
||||||
|
*.xml text
|
||||||
|
*.yaml text
|
||||||
|
*.yml text
|
||||||
|
|
||||||
|
# Archives
|
||||||
|
*.7z binary
|
||||||
|
*.gz binary
|
||||||
|
*.tar binary
|
||||||
|
*.tgz binary
|
||||||
|
*.zip binary
|
||||||
|
|
||||||
|
# Text files where line endings should be preserved
|
||||||
|
*.patch -text
|
||||||
|
|
||||||
|
#
|
||||||
|
# Exclude files from exporting
|
||||||
|
#
|
||||||
|
|
||||||
|
.gitattributes export-ignore
|
||||||
|
.gitignore export-ignore
|
||||||
|
.gitkeep export-ignore
|
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
.vscode
|
48
Dockerfile
Normal file
48
Dockerfile
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
#
|
||||||
|
# simple postfix smarthost smtp relay
|
||||||
|
#
|
||||||
|
|
||||||
|
FROM alpine:3.13
|
||||||
|
|
||||||
|
# standardized labels
|
||||||
|
LABEL author="Asif Bacchus <asif@bacchus.cloud>"
|
||||||
|
LABEL maintainer="Asif Bacchus <asif@bacchus.cloud>"
|
||||||
|
LABEL org.label-schema.schema-version="1.0"
|
||||||
|
LABEL org.label-schema.docker.cmd=""
|
||||||
|
LABEL org.label-schema.description="Simple postfix smarthost smtp mail relay on Alpine Linux."
|
||||||
|
LABEL org.label-schema.url=""
|
||||||
|
LABEL org.label-schema.usage=""
|
||||||
|
LABEL org.label-schema.vcs-url=""
|
||||||
|
|
||||||
|
# install mSMTP
|
||||||
|
RUN apk --no-cache \
|
||||||
|
ca-certificates \
|
||||||
|
postfix \
|
||||||
|
bind-tools \
|
||||||
|
&& rm -f /var/cache/apk/*
|
||||||
|
|
||||||
|
# set environment variables
|
||||||
|
ENV TZ=Etc/UTC
|
||||||
|
ENV LOCAL_HOSTNAME=${HOSTNAME}
|
||||||
|
ENV LOCAL_DOMAINNAME=${HOSTNAME#*.}
|
||||||
|
ENV LOCAL_ENCRYPTION=false
|
||||||
|
ENV SMARTHOST=""
|
||||||
|
ENV SMARTHOST_PORT=587
|
||||||
|
ENV SMARTHOST_USERNAME=""
|
||||||
|
ENV SMARTHOST_PASSWORD=""
|
||||||
|
ENV SMARTHOST_ENCRYPTION="OPTIONAL"
|
||||||
|
|
||||||
|
# copy configuration snippets
|
||||||
|
COPY main.cf.insert /tmp/main.cf.insert
|
||||||
|
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
|
||||||
|
|
||||||
|
# set entrypoint and default command
|
||||||
|
ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ]
|
||||||
|
CMD [ "/usr/local/sbin/postfix", "start-fg" ]
|
||||||
|
|
||||||
|
# set parameters, vendor, version and build-date labels
|
||||||
|
LABEL org.label-schema.docker.params="TZ=Etc/UTC, HOSTNAME=HOSTNAME, DOMAINNAME=(derived from hostname), LOCAL_ENCRYPTION=false, SMARTHOST, SMARTHOST_PORT=587, SMARTHOST_USERNAME, SMARTHOST_PASSWORD, SMARTHOST_ENCRYPTION='OPTIONAL'"
|
||||||
|
LABEL org.label-schema.vendor="Alpine 3.13, Postfix 3.5.10-r0"
|
||||||
|
LABEL org.label-schema.version="0.1"
|
||||||
|
ARG BUILD_DATE
|
||||||
|
LABEL org.label-schema.build-date=${BUILD_DATE}
|
82
entrypoint.sh
Executable file
82
entrypoint.sh
Executable file
@ -0,0 +1,82 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
#
|
||||||
|
# entrypoint script for postfix smarthost mail relay
|
||||||
|
#
|
||||||
|
|
||||||
|
convertCase () {
|
||||||
|
printf "%s" "$1" | tr "[:lower:]" "[:upper:]"
|
||||||
|
}
|
||||||
|
|
||||||
|
printf "\nVerifying environment variables... "
|
||||||
|
|
||||||
|
# check for missing environment variable values
|
||||||
|
if [ -z "$SMARTHOST" ]; then
|
||||||
|
printf "\nYou must specify the hostname or IP address of a smarthost where mail should be relayed.\n\n"
|
||||||
|
fi
|
||||||
|
if [ -z "$SMARTHOST_USERNAME" ]; then
|
||||||
|
printf "\nYou must provide a username for smarthost authentication.\n\n"
|
||||||
|
fi
|
||||||
|
if [ -z "$SMARTHOST_PASSWORD" ]; then
|
||||||
|
printf "\nYou must provide a password for smarthost authentication.\n\n"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# set failsafes
|
||||||
|
[ -z "$SMARTHOST_PORT" ] && SMARTHOST_PORT=587
|
||||||
|
[ -z "$LOCAL_HOSTNAME" ] && LOCAL_HOSTNAME="smarthost"
|
||||||
|
[ -z "$LOCAL_DOMAINNAME" ] && LOCAL_DOMAINNAME="smarthost"
|
||||||
|
|
||||||
|
printf "done\n"
|
||||||
|
printf "updating configuration files... "
|
||||||
|
|
||||||
|
# update main.cf
|
||||||
|
sed -i 's/{LOCAL_HOSTNAME}/${LOCAL_HOSTNAME}/' /tmp/main.cf.insert
|
||||||
|
sed -i 's/{LOCAL_DOMAINNAME}/${LOCAL_DOMAINNAME}/' /tmp/main.cf.insert
|
||||||
|
sed -i 's/{SMARTHOST}/${SMARTHOST}/' /tmp/main.cf.insert
|
||||||
|
sed -i 's/{SMARTHOST_PORT}/${SMARTHOST_PORT}/' /tmp/main.cf.insert
|
||||||
|
sed -i 's/{SMARTHOST_USERNAME}/${SMARTHOST_USERNAME}/' /tmp/main.cf.insert
|
||||||
|
sed -i 's/{SMARTHOST_PASSWORD}/${SMARTHOST_PASSWORD}/' /tmp/main.cf.insert
|
||||||
|
|
||||||
|
LOCAL_ENCRYPTION="$(convertCase "$LOCAL_ENCRYPTION")"
|
||||||
|
case "$LOCAL_ENCRYPTION" in
|
||||||
|
OPT*)
|
||||||
|
sed -i 's/{LOCAL_ENCRYPTION}/may/' /tmp/main.cf.insert
|
||||||
|
sed -i 's/#smtpd_/smtpd_/g' /tmp/main.cf.insert
|
||||||
|
;;
|
||||||
|
TRUE)
|
||||||
|
sed -i 's/{LOCAL_ENCRYPTION}/encrypt/' /tmp/main.cf.insert
|
||||||
|
sed -i 's/#smtpd_/smtpd_/g' /tmp/main.cf.insert
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
sed -i 's/{LOCAL_ENCRYPTION}//' /tmp/main.cf.insert
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
SMARTHOST_ENCRYPTION="$(convertCase "$SMARTHOST_ENCRYPTION")"
|
||||||
|
case "$SMARTHOST_ENCRYPTION" in
|
||||||
|
OPT*)
|
||||||
|
sed -i 's/{SMARTHOST_ENCRYPTION}/may/' /tmp/main.cf.insert
|
||||||
|
;;
|
||||||
|
TRUE)
|
||||||
|
sed -i 's/{SMARTHOST_ENCRYPTION}/secure/' /tmp/main.cf.insert
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
sed -i 's/{SMARTHOST_ENCRYPTION}/none/' /tmp/main.cf.insert
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
cat /tmp/main.cf.insert >> /etc/postfix/main.cf
|
||||||
|
rm -f /tmp/main.cf.insert
|
||||||
|
|
||||||
|
# update master.cf
|
||||||
|
sed -i 's/#tlsproxy/tlsproxy/' /etc/postfix/master.cf
|
||||||
|
|
||||||
|
printf "done\n"
|
||||||
|
printf "container setup complete!\n"
|
||||||
|
|
||||||
|
# run CMD passed to this container
|
||||||
|
printf "\nExecuting: %s\n" "$*"
|
||||||
|
exec "$@"
|
||||||
|
|
||||||
|
exit 0
|
||||||
|
#EOF
|
33
main.cf.insert
Normal file
33
main.cf.insert
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
#
|
||||||
|
# configure as smarthost
|
||||||
|
#
|
||||||
|
myhostname = {LOCAL_HOSTNAME}
|
||||||
|
mydomain = {LOCAL_DOMAINNAME}
|
||||||
|
|
||||||
|
myorigin = $mydomain
|
||||||
|
mydestination = localhost localhost.$mydomain $myhostname $mydomain
|
||||||
|
mynetworks_style = subnet
|
||||||
|
|
||||||
|
relay_domains =
|
||||||
|
relayhost = [{SMARTHOST}]:{SMARTHOST_PORT}
|
||||||
|
|
||||||
|
#smtpd_tls_chain_files = /certs/privkey.pem, /certs/fullchain.pem
|
||||||
|
#smtpd_tls_mandatory_ciphers = high
|
||||||
|
#smptd_tls_mandatory_exclude_ciphers = aNULL, MD5
|
||||||
|
#smtpd_tls_mandatory_protocols = >=TLSv1.2
|
||||||
|
#smtpd_tls_security_level = {LOCAL_ENCRYPTION}
|
||||||
|
|
||||||
|
smtp_tls_security_level = {SMARTHOST_ENCRYPTION}
|
||||||
|
smtp_tls_connection_reuse = yes
|
||||||
|
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
|
||||||
|
|
||||||
|
smtp_sasl_auth_enable = yes
|
||||||
|
smtp_sasl_password_maps = static:{SMARTHOST_USERNAME}:{SMARTHOST_PASSWORD}
|
||||||
|
smtp_sasl_security_options = noanonymous
|
||||||
|
|
||||||
|
header_size_limit = 4096000
|
||||||
|
relay_destination_concurrency_limit = 20
|
||||||
|
|
||||||
|
soft_bounce = no
|
||||||
|
|
||||||
|
maillog_file = /dev/stdout
|
Loading…
Reference in New Issue
Block a user