servicio submission con confd

files/Dockerfile

@@ -1,7 +1,30 @@
-FROM debian:buster-slim
 LABEL maintainer "Mauro Torrez <mauro@mau.ro>"
+# confd -----------------------------------------------------------------------
+FROM golang:1.9-alpine as confd
+ARG CONFD_VERSION=0.16.0
+ADD https://github.com/kelseyhightower/confd/archive/v${CONFD_VERSION}.tar.gz /tmp/
+RUN apk add --no-cache bzip2 make && \
+  mkdir -p /go/src/github.com/kelseyhightower/confd && \
+  cd /go/src/github.com/kelseyhightower/confd && \
+  tar --strip-components=1 -zxf /tmp/v${CONFD_VERSION}.tar.gz && \
+  go install github.com/kelseyhightower/confd && \
+  rm -rf /tmp/v${CONFD_VERSION}.tar.gz
+# end confd -------------------------------------------------------------------
+
+FROM debian:buster-slim
 ARG DEBIAN_FRONTEND=noninteractive
 ENV LC_ALL C
+ENV SUBMISSION_ENABLE= \
+    SUBMISSION_RELAY_HOST=
+    SUBMISSION_RELAY_PORT=25
+    SUBMISSION_RELAY_TRUSTED=yes \
+    SUBMISSION_RELAY_USER= \
+    SUBMISSION_RELAY_MASTER_USER= \
+    SUBMISSION_RELAY_PASSWORD= \
+    SUBMISSION_RELAY_SSL=starttls \
+    SUBMISSION_RELAY_SSL_VERIFY=no \
+    SUBMISSION_RELAY_RAWLOG_DIR=
+
 RUN apt-get update && apt-get install -y --no-install-recommends \
      dovecot-lmtpd \
      dovecot-imapd \
@@ -9,6 +32,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
      dovecot-sieve \
      dovecot-managesieved \
      dovecot-antispam \
+     dovecot-submission \
      bogofilter \
      ssl-cert \
   && rm -rf /var/lib/apt/lists/* \
@@ -17,7 +41,8 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
   && mkdir -p /ssl && chmod 700 /ssl \
   && cp /etc/ssl/certs/ssl-cert-snakeoil.pem /ssl/cert.pem \
   && cp /etc/ssl/private/ssl-cert-snakeoil.key /ssl/key.pem \
-  && mkdir -p /etc/dovecot/sieve/before /etc/dovecot/sieve/after
+  && mkdir -p /etc/dovecot/local.d /etc/dovecot/sieve/{before,after} \
+  && mkdir -p /etc/confd/{conf.d,templates}
 
 ADD 10-mail.conf \
   10-master.conf \
@@ -33,11 +58,18 @@ ADD 10-mail.conf \
 
 ADD local.conf /etc/dovecot/
 
+ADD submission.conf.tmpl \
+  /etc/confd/templates/
+ADD confd.toml /etc/confd/conf.d/
+
 ADD junk-filter.sieve /etc/dovecot/sieve/before/
 RUN sievec /etc/dovecot/sieve/before && sievec /etc/dovecot/sieve/after
 
 VOLUME /etc/dovecot /ssl /vmail
 
-EXPOSE 143/tcp 993/tcp 110/tcp 995/tcp 2000/tcp
+EXPOSE 110/tcp 143/tcp 587/tcp 993/tcp 995/tcp 2000/tcp
 
+COPY --from=confd /go/bin/confd /usr/local/bin/confd
+ADD entrypoint.sh /
+ENTRYPOINT /entrypoint.sh
 CMD dovecot -F

files/confd.toml

@@ -0,0 +1,15 @@
+[template]
+src = "submission.conf.tmpl"
+dest = "/etc/dovecot/local.d/submission.conf"
+keys = [
+    "submission/enable",
+    "submission/relay/host",
+    "submission/relay/port",
+    "submission/relay/trusted",
+    "submission/relay/user", 
+    "submission/relay/master/user", 
+    "submission/relay/password", 
+    "submission/relay/ssl", 
+    "submission/relay/ssl/verify", 
+    "submission/relay/rawlog/dir"
+]

files/entrypoint.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+# actualizar templates con confd
+/usr/local/bin/confd -onetime -backend env
+exec ${@}

files/local.conf

@@ -1 +1,2 @@
+!include_try local.d/*.conf
 log_path = /dev/stdout

files/submission.conf.tmpl

@@ -0,0 +1,14 @@
+{{if getv "/submission/enable" == "yes"}}
+protocols = $protocols submission
+submission_relay_host = {{getv "/submission/relay/host"}}
+submission_relay_port = {{getv "/submission/relay/port"}}
+submission_relay_trusted = {{getv "/submission/relay/trusted"}}
+submission_relay_user = {{getv "/submission/relay/user"}}
+submission_relay_master_user = {{getv "/submission/relay/master/user"}}
+submission_relay_password = {{getv "/submission/relay/password"}}
+submission_relay_ssl = {{getv "/submission/relay/ssl"}}
+submission_relay_ssl_verify= {{getv "/submission/relay/ssl/verify"}}
+submission_relay_rawlog_dir= {{getv "/submission/relay/rawlog/dir"}}
+{{else}}
+# submission service disabled
+{{end}}