From edb2b6cd8c7edea31e7717452b2b54d36bdcb074 Mon Sep 17 00:00:00 2001 From: Disassembler Date: Mon, 15 Jan 2018 20:05:33 +0100 Subject: [PATCH] Dockerize postfix --- basic.sh | 10 +++------- postfix.sh | 18 ++++++++++++++++++ postfix/Dockerfile | 16 ++++++++++++++++ .../docker/etc/services.d/.s6-svscan/finish | 3 +++ postfix/docker/etc/services.d/postfix/run | 7 +++++++ postfix/docker/etc/services.d/syslogd/run | 3 +++ postfix/etc/init.d/postfix | 16 ++++++++++++++++ .../srv/postfix/conf}/main.cf | 6 +++--- 8 files changed, 69 insertions(+), 10 deletions(-) create mode 100644 postfix.sh create mode 100644 postfix/Dockerfile create mode 100755 postfix/docker/etc/services.d/.s6-svscan/finish create mode 100755 postfix/docker/etc/services.d/postfix/run create mode 100755 postfix/docker/etc/services.d/syslogd/run create mode 100755 postfix/etc/init.d/postfix rename {basic/etc/postfix => postfix/srv/postfix/conf}/main.cf (63%) diff --git a/basic.sh b/basic.sh index 5419aed..6bb2ddd 100755 --- a/basic.sh +++ b/basic.sh @@ -4,11 +4,10 @@ SOURCE_DIR=$(realpath $(dirname "${0}"))/basic # Install packages apk --no-cache add --virtual .useful git file htop libressl openssh-server openssh-sftp-server -apk --no-cache add docker gettext kbd-misc postfix python2 nginx +apk --no-cache add docker gettext kbd-misc python2 nginx # Copy profile files and settings -mkdir /root/.ssh -mkdir -p /root/.config/htop +mkdir -p /root/.config/htop /root/.ssh cp ${SOURCE_DIR}/root/.profile /root/.profile cp ${SOURCE_DIR}/root/.ssh/authorized_keys /root/.ssh/authorized_keys cp ${SOURCE_DIR}/root/.config/htop/htoprc /root/.config/htop/htoprc @@ -27,9 +26,6 @@ cp ${SOURCE_DIR}/etc/issue.template /etc/issue.template cp ${SOURCE_DIR}/sbin/issue-gen /sbin/issue-gen >/etc/motd -# Configure Postfix -cp ${SOURCE_DIR}/etc/postfix/main.cf /etc/postfix/main.cf - # Create a self-signed certificate mkdir /etc/ssl/private openssl req -x509 -new -out /etc/ssl/certs/services.pem -keyout /etc/ssl/private/services.key -nodes -days 3654 -subj "/C=CZ/CN=$(hostname -f)" @@ -45,7 +41,7 @@ cp ${SOURCE_DIR}/usr/local/bin/portal-app-manager /usr/local/bin/portal-app-mana cp -r ${SOURCE_DIR}/srv/portal /srv/portal # Configure services -for SERVICE in crond docker nginx postfix sshd; do +for SERVICE in crond docker nginx sshd; do rc-update add ${SERVICE} boot service ${SERVICE} start done diff --git a/postfix.sh b/postfix.sh new file mode 100644 index 0000000..73cc002 --- /dev/null +++ b/postfix.sh @@ -0,0 +1,18 @@ +#!/bin/sh + +SOURCE_DIR=$(realpath $(dirname "${0}"))/postfix +# Build Docker container +docker build -t postfix ${SOURCE_DIR} + +# Copy existing config files into persistent storage +mkdir -p /srv/postfix/conf /srv/postfix/data +chown -R 587:587 /srv/postfix/data +docker run --rm -v /srv/postfix/conf:/mnt/conf postfix cp -rp /etc/postfix/. /mnt/conf + +# Configure postfix +cp ${SOURCE_DIR}/srv/postfix/conf/main.cf /srv/postfix/conf/main.cf + +# Configure postfix service +cp ${SOURCE_DIR}/etc/init.d/postfix /etc/init.d/postfix +rc-update add postfix boot +service postfix start diff --git a/postfix/Dockerfile b/postfix/Dockerfile new file mode 100644 index 0000000..6facdaa --- /dev/null +++ b/postfix/Dockerfile @@ -0,0 +1,16 @@ +FROM alpine:3.7 +MAINTAINER Disassembler + +RUN \ + # Create OS user (which will be picked up later by apk add) + addgroup -S -g 587 postfix \ + && adduser -S -u 587 -h /var/spool/postfix -s /bin/false -g postfix -G postfix postfix \ + # Install Postfix + && apk --no-cache add ca-certificates postfix s6 + +COPY docker/ / + +VOLUME ["/var/spool/postfix"] +EXPOSE 587 + +CMD ["s6-svscan", "/etc/services.d"] diff --git a/postfix/docker/etc/services.d/.s6-svscan/finish b/postfix/docker/etc/services.d/.s6-svscan/finish new file mode 100755 index 0000000..78d5fdc --- /dev/null +++ b/postfix/docker/etc/services.d/.s6-svscan/finish @@ -0,0 +1,3 @@ +#!/bin/sh + +/bin/true diff --git a/postfix/docker/etc/services.d/postfix/run b/postfix/docker/etc/services.d/postfix/run new file mode 100755 index 0000000..b47dc8f --- /dev/null +++ b/postfix/docker/etc/services.d/postfix/run @@ -0,0 +1,7 @@ +#!/bin/sh + +/usr/sbin/postfix -c /etc/postfix start + +while kill -0 $(cat /var/spool/postfix/pid/master.pid) 2>/dev/null; do + sleep 1 +done diff --git a/postfix/docker/etc/services.d/syslogd/run b/postfix/docker/etc/services.d/syslogd/run new file mode 100755 index 0000000..7f2b5a1 --- /dev/null +++ b/postfix/docker/etc/services.d/syslogd/run @@ -0,0 +1,3 @@ +#!/bin/execlineb -P + +/sbin/syslogd -n -S -O - diff --git a/postfix/etc/init.d/postfix b/postfix/etc/init.d/postfix new file mode 100755 index 0000000..ea7932d --- /dev/null +++ b/postfix/etc/init.d/postfix @@ -0,0 +1,16 @@ +#!/sbin/openrc-run + +description="Postfix docker container" + +depend() { + need docker net + use dns logger netmount +} + +start() { + /usr/bin/docker run -d --rm --name postfix -v /srv/postfix/conf:/etc/postfix -v /srv/postfix/data:/var/spool/postfix postfix +} + +stop() { + /usr/bin/docker stop postfix +} diff --git a/basic/etc/postfix/main.cf b/postfix/srv/postfix/conf/main.cf similarity index 63% rename from basic/etc/postfix/main.cf rename to postfix/srv/postfix/conf/main.cf index 12933f9..3c8e0db 100644 --- a/basic/etc/postfix/main.cf +++ b/postfix/srv/postfix/conf/main.cf @@ -1,8 +1,8 @@ append_dot_mydomain = no biff = no compatibility_level = 2 -inet_interfaces = loopback-only inet_protocols = ipv4 -mynetworks = 127.0.0.0/8 172.17.0.0/24 +mynetworks = 0.0.0.0/0 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache -smtp_use_tls=yes +smtp_use_tls = yes +smtputf8_enable = no