servicio submission con confd

2019-09-09 17:51:34 -03:00 · 2019-09-09 17:51:34 -03:00 · 14402dd44e
commit 14402dd44e
parent cfb396d82c
5 changed files with 69 additions and 3 deletions
--- a/files/Dockerfile
+++ b/files/Dockerfile
@ -1,7 +1,30 @@
-FROM debian:buster-slim
 LABEL maintainer "Mauro Torrez <mauro@mau.ro>"
+# confd -----------------------------------------------------------------------
+FROM golang:1.9-alpine as confd
+ARG CONFD_VERSION=0.16.0
+ADD https://github.com/kelseyhightower/confd/archive/v${CONFD_VERSION}.tar.gz /tmp/
+RUN apk add --no-cache bzip2 make && \
+  mkdir -p /go/src/github.com/kelseyhightower/confd && \
+  cd /go/src/github.com/kelseyhightower/confd && \
+  tar --strip-components=1 -zxf /tmp/v${CONFD_VERSION}.tar.gz && \
+  go install github.com/kelseyhightower/confd && \
+  rm -rf /tmp/v${CONFD_VERSION}.tar.gz
+# end confd -------------------------------------------------------------------
+
+FROM debian:buster-slim
 ARG DEBIAN_FRONTEND=noninteractive
 ENV LC_ALL C
+ENV SUBMISSION_ENABLE= \
+    SUBMISSION_RELAY_HOST=
+    SUBMISSION_RELAY_PORT=25
+    SUBMISSION_RELAY_TRUSTED=yes \
+    SUBMISSION_RELAY_USER= \
+    SUBMISSION_RELAY_MASTER_USER= \
+    SUBMISSION_RELAY_PASSWORD= \
+    SUBMISSION_RELAY_SSL=starttls \
+    SUBMISSION_RELAY_SSL_VERIFY=no \
+    SUBMISSION_RELAY_RAWLOG_DIR=
+
 RUN apt-get update && apt-get install -y --no-install-recommends \
     dovecot-lmtpd \
     dovecot-imapd \
@ -9,6 +32,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
     dovecot-sieve \
     dovecot-managesieved \
     dovecot-antispam \
+     dovecot-submission \
     bogofilter \
     ssl-cert \
  && rm -rf /var/lib/apt/lists/* \
@ -17,7 +41,8 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
  && mkdir -p /ssl && chmod 700 /ssl \
  && cp /etc/ssl/certs/ssl-cert-snakeoil.pem /ssl/cert.pem \
  && cp /etc/ssl/private/ssl-cert-snakeoil.key /ssl/key.pem \
-  && mkdir -p /etc/dovecot/sieve/before /etc/dovecot/sieve/after
+  && mkdir -p /etc/dovecot/local.d /etc/dovecot/sieve/{before,after} \
+  && mkdir -p /etc/confd/{conf.d,templates}

 ADD 10-mail.conf \
  10-master.conf \
@ -33,11 +58,18 @@ ADD 10-mail.conf \

 ADD local.conf /etc/dovecot/

+ADD submission.conf.tmpl \
+  /etc/confd/templates/
+ADD confd.toml /etc/confd/conf.d/
+
 ADD junk-filter.sieve /etc/dovecot/sieve/before/
 RUN sievec /etc/dovecot/sieve/before && sievec /etc/dovecot/sieve/after

 VOLUME /etc/dovecot /ssl /vmail

-EXPOSE 143/tcp 993/tcp 110/tcp 995/tcp 2000/tcp
+EXPOSE 110/tcp 143/tcp 587/tcp 993/tcp 995/tcp 2000/tcp

+COPY --from=confd /go/bin/confd /usr/local/bin/confd
+ADD entrypoint.sh /
+ENTRYPOINT /entrypoint.sh
 CMD dovecot -F
--- a/files/confd.toml
+++ b/files/confd.toml
@ -0,0 +1,15 @@
+[template]
+src = "submission.conf.tmpl"
+dest = "/etc/dovecot/local.d/submission.conf"
+keys = [
+    "submission/enable",
+    "submission/relay/host",
+    "submission/relay/port",
+    "submission/relay/trusted",
+    "submission/relay/user", 
+    "submission/relay/master/user", 
+    "submission/relay/password", 
+    "submission/relay/ssl", 
+    "submission/relay/ssl/verify", 
+    "submission/relay/rawlog/dir"
+]
--- a/files/entrypoint.sh
+++ b/files/entrypoint.sh
@ -0,0 +1,4 @@
+#!/bin/bash
+# actualizar templates con confd
+/usr/local/bin/confd -onetime -backend env
+exec ${@}
--- a/files/local.conf
+++ b/files/local.conf
@ -1 +1,2 @@
+!include_try local.d/*.conf
 log_path = /dev/stdout
--- a/files/submission.conf.tmpl
+++ b/files/submission.conf.tmpl
@ -0,0 +1,14 @@
+{{if getv "/submission/enable" == "yes"}}
+protocols = $protocols submission
+submission_relay_host = {{getv "/submission/relay/host"}}
+submission_relay_port = {{getv "/submission/relay/port"}}
+submission_relay_trusted = {{getv "/submission/relay/trusted"}}
+submission_relay_user = {{getv "/submission/relay/user"}}
+submission_relay_master_user = {{getv "/submission/relay/master/user"}}
+submission_relay_password = {{getv "/submission/relay/password"}}
+submission_relay_ssl = {{getv "/submission/relay/ssl"}}
+submission_relay_ssl_verify= {{getv "/submission/relay/ssl/verify"}}
+submission_relay_rawlog_dir= {{getv "/submission/relay/rawlog/dir"}}
+{{else}}
+# submission service disabled
+{{end}}