mejoras generales

files/Dockerfile

@@ -2,7 +2,11 @@ FROM eumau/debian:buster-slim
 LABEL maintainer "Mauro Torrez <mauro@mau.ro>"
 ARG DEBIAN_FRONTEND=noninteractive
 ENV LC_ALL C
-ENV SUBMISSION_ENABLE= \
+ENV \
+    MAIL_DOMAINS= \
+    AUTH_MECHANISMS=plain \
+    AUTH_USERNAME_FORMAT="%Lu" \
+    AUTH_MASTER_ENABLE= \
     SUBMISSION_RELAY_HOST= \
     SUBMISSION_RELAY_PORT=25 \
     SUBMISSION_RELAY_TRUSTED=yes \
@@ -11,9 +15,25 @@ ENV SUBMISSION_ENABLE= \
     SUBMISSION_RELAY_PASSWORD= \
     SUBMISSION_RELAY_SSL=starttls \
     SUBMISSION_RELAY_SSL_VERIFY=no \
-    SUBMISSION_RELAY_RAWLOG_DIR=
+    SUBMISSION_RELAY_RAWLOG_DIR= \
+    LDAP_ENABLE= \
+    LDAP_HOSTS="ldap:389" \
+    LDAP_URIS= \
+    LDAP_BIND=yes \
+    LDAP_VERSION=3 \
+    LDAP_BASE="dc=example,dc=org" \
+    LDAP_SCOPE=sub \
+    LDAP_USER_ATTRS="=home=/vmail/mail/%d/%n, =uid=5000, =gid=5000" \
+    LDAP_USER_FILTER="(&(objectClass=inetOrgPerson)(uid=%n))" \
+    LDAP_PASS_ATTRS="userPassword=password, =userdb_home=/vmail/mail/%d/%n, =userdb_uid=5000, =userdb_gid=5000" \
+    LDAP_PASS_FILTER="(&(objectClass=inetOrgPerson)(uid=%n))" \
+    LDAP_ITERATE_ATTRS="=user=%{ldap:uid}@%d" \
+    LDAP_ITERATE_FILTER="(objectClass=inetOrgPerson)" \
+    LDAP_DEFAULT_PASS_SCHEME=CRYPT
 
-RUN apt-get update && apt-get install -y --no-install-recommends \
+RUN groupadd -g 5000 vmail && useradd -g vmail -u 5000 vmail -d /vmail \
+  && mkdir -p /vmail && chown vmail:vmail /vmail \
+  && apt-get update && apt-get install -y --no-install-recommends \
      dovecot-lmtpd \
      dovecot-imapd \
      dovecot-ldap \
@@ -24,8 +44,6 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
      bogofilter \
      ssl-cert \
   && rm -rf /var/lib/apt/lists/* \
-  && groupadd -g 5000 vmail && useradd -g vmail -u 5000 vmail -d /vmail \
-  && mkdir -p /vmail && chown vmail:vmail /vmail \
   && mkdir -p /ssl && chmod 700 /ssl \
   && cp /etc/ssl/certs/ssl-cert-snakeoil.pem /ssl/cert.pem \
   && cp /etc/ssl/private/ssl-cert-snakeoil.key /ssl/key.pem \
@@ -44,13 +62,7 @@ ADD 10-mail.conf \
 ADD local.conf /etc/dovecot/
 ADD junk-filter.sieve /etc/dovecot/sieve/before/
 
-ADD \
-  10-auth.conf.tmpl \
-  20-lmtp.conf.tmpl \
-  ldap.conf.ext.tmpl \
-  submission.conf.tmpl \
-  /etc/confd/templates/
-ADD confd-*.toml /etc/confd/conf.d/
+ADD confd /etc/confd/
 
 RUN sievec /etc/dovecot/sieve/before
 

files/confd/conf.d/auth.toml

@@ -6,5 +6,5 @@ keys = [
     "/auth/username/format",
     "/auth/mechanisms",
     "/auth/master/enable",
-    "/auth/ldap/enable"
+    "/ldap/enable"
 ]

files/confd/conf.d/submission.toml

@@ -2,7 +2,6 @@
 src = "submission.conf.tmpl"
 dest = "/etc/dovecot/local.d/submission.conf"
 keys = [
-    "/submission/enable",
     "/submission/relay/host",
     "/submission/relay/port",
     "/submission/relay/trusted",

files/confd/templates/10-auth.conf.tmpl

@@ -17,7 +17,7 @@ passdb {
 {{ end }}
 
 
-{{ if eq (getv "/auth/ldap/enable") "yes"}}
+{{ if eq (getv "/ldap/enable") "yes"}}
 passdb {
   driver = ldap
   args = /etc/dovecot/local.d/ldap.conf.ext

files/confd/templates/submission.conf.tmpl

@@ -1,5 +1,3 @@
-{{ if eq (getv "/submission/enable") "yes"}}
-protocols = $protocols submission
 submission_relay_host = {{getv "/submission/relay/host"}}
 submission_relay_port = {{getv "/submission/relay/port"}}
 submission_relay_trusted = {{getv "/submission/relay/trusted"}}
@@ -9,6 +7,3 @@ submission_relay_password = {{getv "/submission/relay/password"}}
 submission_relay_ssl = {{getv "/submission/relay/ssl"}}
 submission_relay_ssl_verify = {{getv "/submission/relay/ssl/verify"}}
 submission_relay_rawlog_dir = {{getv "/submission/relay/rawlog/dir"}}
-{{else}}
-# submission service disabled
-{{end}}