From 7b870b9542f2c07cee170f435a72b334e3d2fa0a Mon Sep 17 00:00:00 2001 From: Davide Polonio Date: Mon, 5 Apr 2021 15:43:52 +0200 Subject: [PATCH] Upgrade mailserver to 9.x --- mail/docker-compose.yml | 4 +- mail/setup.sh | 222 +++++++++++++++++++++++++--------------- 2 files changed, 140 insertions(+), 86 deletions(-) diff --git a/mail/docker-compose.yml b/mail/docker-compose.yml index 20e5e15..4659d1e 100644 --- a/mail/docker-compose.yml +++ b/mail/docker-compose.yml @@ -2,7 +2,7 @@ version: '3.7' services: mail: - image: mailserver/docker-mailserver:8.0.0 + image: mailserver/docker-mailserver:9.1.0 hostname: ${HOSTNAME} domainname: ${DOMAINNAME} container_name: ${CONTAINER_NAME} @@ -39,7 +39,7 @@ services: - internal roundcube: - image: roundcube/roundcubemail:1.4.9-apache + image: roundcube/roundcubemail:1.4.11-apache restart: always depends_on: - mail diff --git a/mail/setup.sh b/mail/setup.sh index b19c562..6b26ef1 100755 --- a/mail/setup.sh +++ b/mail/setup.sh @@ -1,22 +1,38 @@ #! /bin/bash -# version v0.2.4 stable -# executed manually (via Make) +# version v0.3.0 stable +# executed manually / via Make # task wrapper for various setup scripts SCRIPT='setup.sh' +WHITE="\e[37m" +RED="\e[31m" +PURPLE="\e[35m" +YELLOW="\e[93m" +ORANGE="\e[38;5;214m" +CYAN="\e[96m" +BLUE="\e[34m" +LBLUE="\e[94m" +BOLD="\e[1m" +RESET="\e[0m" + set -euEo pipefail -trap '__log_err ${FUNCNAME[0]:-"?"} ${BASH_COMMAND:-"?"} ${LINENO:-"?"} ${?:-"?"}' ERR +trap '__log_err "${FUNCNAME[0]:-?}" "${BASH_COMMAND:-?}" "${LINENO:-?}" "${?:-?}"' ERR trap '_unset_vars || :' EXIT function __log_err { - printf "\n––– \e[1m\e[31mUNCHECKED ERROR\e[0m\n%s\n%s\n%s\n%s\n\n" \ + printf "\n––– ${BOLD}${RED}UNCHECKED ERROR${RESET}\n%s\n%s\n%s\n%s\n\n" \ " – script = ${SCRIPT:-${0}}" \ " – function = ${1} / ${2}" \ " – line = ${3}" \ " – exit code = ${4}" >&2 + + printf "Make sure you use a version of this script that matches +the version / tag of docker-mailserver. Please read the +'Get the tools' section in the README on GitHub careful- +ly and use ./setup.sh help and read the VERSION section.\n" >&2 } function _unset_vars @@ -97,69 +113,112 @@ function _inspect function _usage { - echo "${SCRIPT:-${0}} Bootstrapping Script + # shellcheck disable=SC2059 + printf "${PURPLE}SETUP${RED}(${YELLOW}1${RED}) -Usage: ${0} [-i IMAGE_NAME] [-c CONTAINER_NAME] [args] +${ORANGE}NAME${RESET} + ${SCRIPT:-${0}} - docker-mailserver administration script -OPTIONS: +${ORANGE}SYNOPSIS${RESET} + ./${SCRIPT:-${0}} [ OPTIONS${RED}...${RESET} ] COMMAND [ help ${RED}|${RESET} ARGUMENTS${RED}...${RESET} ] - -i IMAGE_NAME The name of the docker-mailserver image - The default value is - 'docker.io/mailserver/docker-mailserver:latest' + COMMAND ${RED}:=${RESET} { email ${RED}|${RESET} alias ${RED}|${RESET} quota ${RED}|${RESET} config ${RED}|${RESET} relay ${RED}|${RESET} debug } SUBCOMMAND - -c CONTAINER_NAME The name of the running container. +${ORANGE}DESCRIPTION${RESET} + This is the main administration script that you use for all interactions with your + mail server. Setup, configuration and much more is done with this script. - -p PATH Config folder path (default: ${CDIR}/config) + Please note that the script executes most of the commands inside the container itself. + If the image was not found, this script will pull the ${WHITE}:latest${RESET} tag of + ${WHITE}mailserver/docker-mailserver${RESET}. This tag refers to the latest release, + see the tagging convention in the README under + ${BLUE}https://github.com/docker-mailserver/docker-mailserver/blob/master/README.md${RESET} - -h Show this help dialogue + You will be able to see detailed information about the script you're invoking and + its arguments by appending ${WHITE}help${RESET} after your command. Currently, this + does not work with all scripts. - -z Allow container access to the bind mount content - that is shared among multiple containers - on a SELinux-enabled host. +${ORANGE}VERSION${RESET} + The current version of this script is backwards compatible with versions of + ${WHITE}docker-mailserver${RESET} ${BOLD}after${RESET} ${BLUE}8.0.1${RESET}. In case that there is not a more recent release, + this script is currently only working with the ${WHITE}:edge${RESET} tag. - -Z Allow container access to the bind mount content - that is private and unshared with other containers - on a SELinux-enabled host. + You can download the script for your release by substituting TAG from the + following URL, where TAG looks like 'vX.X.X': + https://raw.githubusercontent.com/docker-mailserver/docker-mailserver/TAG/setup.sh -SUBCOMMANDS: +${ORANGE}OPTIONS${RESET} + ${LBLUE}Config path, container or image adjustments${RESET} + -i IMAGE_NAME + Provides the name of the docker-mailserver image. The default value is + ${WHITE}docker.io/mailserver/docker-mailserver:latest${RESET} - email: + -c CONTAINER_NAME + Provides the name of the running container. - ${0} email add [] - ${0} email update [] - ${0} email del - ${0} email restrict [] - ${0} email list + -p PATH + Provides the config folder path. The default is + ${WHITE}${CDIR}/config/${RESET} - alias: - ${0} alias add - ${0} alias del - ${0} alias list + ${LBLUE}SELinux${RESET} + -z + Allows container access to the bind mount content that is shared among + multiple containers on a SELinux-enabled host. - quota: - ${0} quota set [] - ${0} quota del + -Z + Allows container access to the bind mount content that is private and + unshared with other containers on a SELinux-enabled host. - config: +${RED}[${ORANGE}SUB${RED}]${ORANGE}COMMANDS${RESET} + ${LBLUE}COMMAND${RESET} email ${RED}:=${RESET} + ${0} email add [] + ${0} email update [] + ${0} email del [ OPTIONS${RED}...${RESET} ] [ ${RED}...${RESET} ] + ${0} email restrict [] + ${0} email list - ${0} config dkim (default: 4096) (optional - for LDAP systems) - ${0} config ssl + ${LBLUE}COMMAND${RESET} alias ${RED}:=${RESET} + ${0} alias add + ${0} alias del + ${0} alias list - relay: + ${LBLUE}COMMAND${RESET} quota ${RED}:=${RESET} + ${0} quota set [] + ${0} quota del - ${0} relay add-domain [] - ${0} relay add-auth [] - ${0} relay exclude-domain + ${LBLUE}COMMAND${RESET} config ${RED}:=${RESET} + ${0} config dkim [ ARGUMENTS${RED}...${RESET} ] + ${0} config ssl (${CYAN}ATTENTION${RESET}: This is deprecated and will be removed soon.) - debug: + ${LBLUE}COMMAND${RESET} relay ${RED}:=${RESET} + ${0} relay add-domain [] + ${0} relay add-auth [] + ${0} relay exclude-domain - ${0} debug fetchmail - ${0} debug fail2ban [ ] - ${0} debug show-mail-logs - ${0} debug inspect - ${0} debug login + ${LBLUE}COMMAND${RESET} debug ${RED}:=${RESET} + ${0} debug fetchmail + ${0} debug fail2ban [unban ] + ${0} debug show-mail-logs + ${0} debug inspect + ${0} debug login - help: Show this help dialogue +${ORANGE}EXAMPLES${RESET} + ${WHITE}./setup.sh email add test@domain.tld${RESET} + Add the email account ${WHITE}test@domain.tld${RESET}. You will be prompted + to input a password afterwards since no password was supplied. + + ${WHITE}./setup.sh config dkim keysize 2048 domain 'whoami.com,whoareyou.org'${RESET} + Creates keys of length 2048 but in an LDAP setup where domains are not known to + Postfix by default, so you need to provide them yourself in a comma-separated list. + + ${WHITE}./setup.sh config dkim help${RESET} + This will provide you with a detailed explanation on how to use the ${WHITE} + config dkim${RESET} command, showing what arguments can be passed and what they do. + +${ORANGE}EXIT STATUS${RESET} + Exit status is 0 if the command was successful. If there was an unexpected error, an error + message is shown describing the error. In case of an error, the script will exit with exit + status 1. " } @@ -185,7 +244,7 @@ function _docker_image fi ${CRI} run --rm \ - -v "${CONFIG_PATH}":/tmp/docker-mailserver"${USING_SELINUX}" \ + -v "${CONFIG_PATH}:/tmp/docker-mailserver${USING_SELINUX}" \ "${USE_TTY}" "${IMAGE_NAME}" "${@}" fi } @@ -249,11 +308,6 @@ function _main USE_CONTAINER=true ;; - h ) - _usage - return - ;; - p ) case "${OPTARG}" in /* ) WISHED_CONFIG_PATH="${OPTARG}" ;; @@ -269,7 +323,7 @@ function _main ;; * ) - echo "Invalid option: -${OPTARG}" >&2 + echo "Invalid option: -${OPT}" >&2 ;; esac @@ -293,67 +347,67 @@ function _main case ${1:-} in - email) - shift ; case ${1:-} in - add ) shift ; _docker_image addmailuser "${@}" ;; - update ) shift ; _docker_image updatemailuser "${@}" ;; - del ) shift ; _docker_image delmailuser "${@}" ;; - restrict ) shift ; _docker_container restrict-access "${@}" ;; + email ) + case ${2:-} in + add ) shift 2 ; _docker_image addmailuser "${@}" ;; + update ) shift 2 ; _docker_image updatemailuser "${@}" ;; + del ) shift 2 ; _docker_container delmailuser "${@}" ;; + restrict ) shift 2 ; _docker_container restrict-access "${@}" ;; list ) _docker_image listmailuser ;; * ) _usage ;; esac ;; - alias) - shift ; case ${1:-} in - add ) shift ; _docker_image addalias "${1}" "${2}" ;; - del ) shift ; _docker_image delalias "${1}" "${2}" ;; - list ) shift ; _docker_image listalias ;; + alias ) + case ${2:-} in + add ) shift 2 ; _docker_image addalias "${1}" "${2}" ;; + del ) shift 2 ; _docker_image delalias "${1}" "${2}" ;; + list ) shift 2 ; _docker_image listalias ;; * ) _usage ;; esac ;; - quota) - shift ; case ${1:-} in - set ) shift ; _docker_image setquota "${@}" ;; - del ) shift ; _docker_image delquota "${@}" ;; + quota ) + case ${2:-} in + set ) shift 2 ; _docker_image setquota "${@}" ;; + del ) shift 2 ; _docker_image delquota "${@}" ;; * ) _usage ;; esac ;; - config) - shift ; case ${1:-} in - dkim ) _docker_image generate-dkim-config "${2:-4096}" "${3:-}" ;; - ssl ) _docker_image generate-ssl-certificate "${2}" ;; + config ) + case ${2:-} in + dkim ) shift 2 ; _docker_image open-dkim "${@}" ;; + ssl ) shift 2 ; _docker_image generate-ssl-certificate "${1}" ;; * ) _usage ;; esac ;; - relay) - shift ; case ${1:-} in - add-domain ) shift ; _docker_image addrelayhost "${@}" ;; - add-auth ) shift ; _docker_image addsaslpassword "${@}" ;; - exclude-domain ) shift ; _docker_image excluderelaydomain "${@}" ;; + relay ) + case ${2:-} in + add-domain ) shift 2 ; _docker_image addrelayhost "${@}" ;; + add-auth ) shift 2 ; _docker_image addsaslpassword "${@}" ;; + exclude-domain ) shift 2 ; _docker_image excluderelaydomain "${@}" ;; * ) _usage ;; esac ;; - debug) - shift ; case ${1:-} in + debug ) + case ${2:-} in fetchmail ) _docker_image debug-fetchmail ;; - fail2ban ) shift ; _docker_container fail2ban "${@}" ;; + fail2ban ) shift 2 ; _docker_container fail2ban "${@}" ;; show-mail-logs ) _docker_container cat /var/log/mail/mail.log ;; inspect ) _inspect ;; login ) - shift - if [[ -z ${1:-''} ]] + shift 2 + if [[ -z ${1:-} ]] then _docker_container /bin/bash else _docker_container /bin/bash -c "${@}" fi ;; - * ) _usage ; exit 1 ;; + * ) _usage ; exit 1 ;; esac ;;