forked from wader/postfix-relay
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrun
executable file
·139 lines (115 loc) · 4.39 KB
/
run
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
#!/bin/bash
# DKIM config
dkimConfig()
{
postconf -e milter_default_action=accept
postconf -e smtpd_milters=inet:localhost:12301
rm -f /etc/opendkim/KeyTable
rm -f /etc/opendkim/SigningTable
echo "DNS records:"
for d in $OPENDKIM_DOMAINS ; do
domain=$(echo "$d"| cut -f1 -d '=')
selector=$(expr match "$d" '.*\=\(.*\)')
if [ -z "$selector" ] ; then
selector="mail"
fi
domainDir="/etc/opendkim/keys/$domain"
privateFile="$domainDir/$selector.private"
txtFile="$domainDir/$selector.txt"
if [ ! -f "$privateFile" ] ; then
echo "No DKIM private key found for selector '$selector' in domain '$domain'. Generating one now..."
mkdir -p "$domainDir"
opendkim-genkey -D "$domainDir" --selector=$selector --domain=$domain --append-domain
fi
# Ensure strict permissions required by opendkim
chown opendkim:opendkim "$domainDir" "$privateFile"
chmod a=,u=rw "$privateFile"
echo "$selector._domainkey.$domain $domain:$selector:$privateFile" >> /etc/opendkim/KeyTable
echo "*@$domain $selector._domainkey.$domain" >> /etc/opendkim/SigningTable
cat "$txtFile"
done
}
# Unclean container stop might leave pid files around and rsyslogd seems
# sometimes falsely think it's already running if some other process
# happens to have its old pid when starting.
rm -f \
/run/opendkim/opendkim.pid \
/run/rsyslogd.pid \
/var/spool/postfix/pid/master.pid
# POSTFIX_var env -> postconf -e var=$POSTFIX_var
for e in ${!POSTFIX_*} ; do postconf -e "${e:8}=${!e}" ; done
# POSTFIXMASTER_var env -> postconf -Me var=$POSTFIXMASTER_var + replace __ with /
for e in ${!POSTFIXMASTER_*} ; do v="${e:14}" && postconf -Me "${v/__/\/}=${!e}"; done
# POSTMAP_var env value -> /etc/postfix/var
for e in ${!POSTMAP_*} ; do echo "${!e}" > "/etc/postfix/${e:8}" && postmap "/etc/postfix/${e:8}"; done
chown -R postfix:postfix /var/lib/postfix /var/mail /var/spool/postfix
# OPENDKIM_var env -> put "key value" line in /etc/opendkim.conf
echo -n > /etc/opendkim.conf
for e in ${!OPENDKIM_*} ; do
if [ "$e" == "OPENDKIM_DOMAINS" ] ; then
continue
fi
echo "${e:9} ${!e}" >> /etc/opendkim.conf
done
trap "service postfix stop; service opendkim stop; pkill -TERM rsyslogd; pkill -TERM saslauthd" SIGTERM SIGINT
if [ ! -z "$OPENDKIM_DOMAINS" ] ; then
dkimConfig
service opendkim start
fi
# Checking for user specified passwd file
if [ ! -z "$SASL_Passwds" ] ; then
# Creating auth settings file
if [ ! -e /etc/postfix/sasl/smtpd.conf ] ; then
cat <<'EOF' > /etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
mech_list: CRAM-MD5 DIGEST-MD5 LOGIN PLAIN
EOF
fi
# Updating saslauthd config to work with chroot
dpkg-statoverride --add root sasl 710 /var/spool/postfix/var/run/saslauthd
# Giving postfix permission to use saslauthd
adduser postfix sasl
# Creating PAM authentication profile
if [ ! -e "/etc/pam.d/smtp" ] ; then
cat <<EOF > /etc/pam.d/smtp
auth required pam_pwdfile.so pwdfile=$SASL_Passwds
account required pam_permit.so
session required pam_permit.so
password required pam_deny.so
EOF
fi
mkdir -p /var/spool/postfix/var/run/saslauthd
saslauthd -c -r -a pam -m /var/spool/postfix/var/run/saslauthd &
fi
service postfix start
# Don't fiddle with existing config file (e.g. mounted from filesystem)
if [ -e /etc/rsyslog.conf ]; then
echo "Skipping /etc/rsyslog.conf generating - file already exists"
else
# Rsyslog base
cat <<'EOF' > /etc/rsyslog.conf
$ModLoad imuxsock
$WorkDirectory /var/spool/rsyslog
include(file="/etc/rsyslog.d/*.conf")
*.*;auth,authpriv.none /dev/stdout
EOF
if [ "${RSYSLOG_TIMESTAMP}" == 'no' ] ; then
echo '$template noTimestampFormat,"%syslogtag%%msg%\n"' >> /etc/rsyslog.conf
echo '$ActionFileDefaultTemplate noTimestampFormat' >> /etc/rsyslog.conf
fi
if [ "${RSYSLOG_LOG_TO_FILE}" == 'yes' ] ; then
echo 'mail.* -/var/log/mail.log' >> /etc/rsyslog.conf
fi
if [ -z ${RSYSLOG_REMOTE_PORT} ] ; then
RSYSLOG_REMOTE_PORT=514
fi
if [ -z ${RSYSLOG_REMOTE_TEMPLATE} ] ; then
RSYSLOG_REMOTE_TEMPLATE=RSYSLOG_ForwardFormat
fi
if [ ! -z ${RSYSLOG_REMOTE_HOST} ] ; then
echo "*.* action(type=\"omfwd\" target=\"${RSYSLOG_REMOTE_HOST}\" port=\"${RSYSLOG_REMOTE_PORT}\" template=\"${RSYSLOG_REMOTE_TEMPLATE}\")" >> /etc/rsyslog.conf
fi
fi
rsyslogd -n &
wait
exit 0