polpetta/server-dotfiles
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Upgrade mailserver to 9.x (#3)

Browse Source 
Upgrade mailserver to 9.x

Co-authored-by: Davide Polonio <poloniodavide@gmail.com>
Reviewed-on: #3
This commit is contained in:
Davide Polonio 2021-09-20 08:10:19 +00:00
parent ed3c454ae0
commit fc2c232fd2
2 changed files with 140 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
mail/docker-compose.yml
View File

@ -2,7 +2,7 @@
version: '3.7'
services:
mail:
image: mailserver/docker-mailserver:8.0.0
image: mailserver/docker-mailserver:9.1.0
hostname: ${HOSTNAME}
domainname: ${DOMAINNAME}
container_name: ${CONTAINER_NAME}
@ -39,7 +39,7 @@ services:
- internal
roundcube:
image: roundcube/roundcubemail:1.4.9-apache
image: roundcube/roundcubemail:1.4.11-apache
restart: always
depends_on:
- mail

216
mail/setup.sh
View File

@ -1,22 +1,38 @@
#! /bin/bash
# version v0.2.4 stable
# executed manually (via Make)
# version v0.3.0 stable
# executed manually / via Make
# task wrapper for various setup scripts
SCRIPT='setup.sh'
WHITE="\e[37m"
RED="\e[31m"
PURPLE="\e[35m"
YELLOW="\e[93m"
ORANGE="\e[38;5;214m"
CYAN="\e[96m"
BLUE="\e[34m"
LBLUE="\e[94m"
BOLD="\e[1m"
RESET="\e[0m"
set -euEo pipefail
trap '__log_err ${FUNCNAME[0]:-"?"} ${BASH_COMMAND:-"?"} ${LINENO:-"?"} ${?:-"?"}' ERR
trap '__log_err "${FUNCNAME[0]:-?}" "${BASH_COMMAND:-?}" "${LINENO:-?}" "${?:-?}"' ERR
trap '_unset_vars || :' EXIT
function __log_err
{
printf "\n \e[1m\e[31mUNCHECKED ERROR\e[0m\n%s\n%s\n%s\n%s\n\n" \
printf "\n ${BOLD}${RED}UNCHECKED ERROR${RESET}\n%s\n%s\n%s\n%s\n\n" \
" script = ${SCRIPT:-${0}}" \
" function = ${1} / ${2}" \
" line = ${3}" \
" exit code = ${4}" >&2
printf "Make sure you use a version of this script that matches
the version / tag of docker-mailserver. Please read the
'Get the tools' section in the README on GitHub careful-
ly and use ./setup.sh help and read the VERSION section.\n" >&2
}
function _unset_vars
@ -97,69 +113,112 @@ function _inspect
function _usage
{
echo "${SCRIPT:-${0}} Bootstrapping Script
# shellcheck disable=SC2059
printf "${PURPLE}SETUP${RED}(${YELLOW}1${RED})
Usage: ${0} [-i IMAGE_NAME] [-c CONTAINER_NAME] <subcommand> <subcommand> [args]
${ORANGE}NAME${RESET}
${SCRIPT:-${0}} - docker-mailserver administration script
OPTIONS:
${ORANGE}SYNOPSIS${RESET}
./${SCRIPT:-${0}} [ OPTIONS${RED}...${RESET} ] COMMAND [ help ${RED}|${RESET} ARGUMENTS${RED}...${RESET} ]
-i IMAGE_NAME The name of the docker-mailserver image
The default value is
'docker.io/mailserver/docker-mailserver:latest'
COMMAND ${RED}:=${RESET} { email ${RED}|${RESET} alias ${RED}|${RESET} quota ${RED}|${RESET} config ${RED}|${RESET} relay ${RED}|${RESET} debug } SUBCOMMAND
-c CONTAINER_NAME The name of the running container.
${ORANGE}DESCRIPTION${RESET}
This is the main administration script that you use for all interactions with your
mail server. Setup, configuration and much more is done with this script.
-p PATH Config folder path (default: ${CDIR}/config)
Please note that the script executes most of the commands inside the container itself.
If the image was not found, this script will pull the ${WHITE}:latest${RESET} tag of
${WHITE}mailserver/docker-mailserver${RESET}. This tag refers to the latest release,
see the tagging convention in the README under
${BLUE}https://github.com/docker-mailserver/docker-mailserver/blob/master/README.md${RESET}
-h Show this help dialogue
You will be able to see detailed information about the script you're invoking and
its arguments by appending ${WHITE}help${RESET} after your command. Currently, this
does not work with all scripts.
-z Allow container access to the bind mount content
that is shared among multiple containers
on a SELinux-enabled host.
${ORANGE}VERSION${RESET}
The current version of this script is backwards compatible with versions of
${WHITE}docker-mailserver${RESET} ${BOLD}after${RESET} ${BLUE}8.0.1${RESET}. In case that there is not a more recent release,
this script is currently only working with the ${WHITE}:edge${RESET} tag.
-Z Allow container access to the bind mount content
that is private and unshared with other containers
on a SELinux-enabled host.
You can download the script for your release by substituting TAG from the
following URL, where TAG looks like 'vX.X.X':
https://raw.githubusercontent.com/docker-mailserver/docker-mailserver/TAG/setup.sh
SUBCOMMANDS:
${ORANGE}OPTIONS${RESET}
${LBLUE}Config path, container or image adjustments${RESET}
-i IMAGE_NAME
Provides the name of the docker-mailserver image. The default value is
${WHITE}docker.io/mailserver/docker-mailserver:latest${RESET}
email:
-c CONTAINER_NAME
Provides the name of the running container.
${0} email add <email> [<password>]
${0} email update <email> [<password>]
${0} email del <email>
${0} email restrict <add|del|list> <send|receive> [<email>]
-p PATH
Provides the config folder path. The default is
${WHITE}${CDIR}/config/${RESET}
${LBLUE}SELinux${RESET}
-z
Allows container access to the bind mount content that is shared among
multiple containers on a SELinux-enabled host.
-Z
Allows container access to the bind mount content that is private and
unshared with other containers on a SELinux-enabled host.
${RED}[${ORANGE}SUB${RED}]${ORANGE}COMMANDS${RESET}
${LBLUE}COMMAND${RESET} email ${RED}:=${RESET}
${0} email add <EMAIL ADDRESS> [<PASSWORD>]
${0} email update <EMAIL ADDRESS> [<PASSWORD>]
${0} email del [ OPTIONS${RED}...${RESET} ] <EMAIL ADDRESS> [ <EMAIL ADDRESS>${RED}...${RESET} ]
${0} email restrict <add${RED}|${RESET}del${RED}|${RESET}list> <send${RED}|${RESET}receive> [<EMAIL ADDRESS>]
${0} email list
alias:
${0} alias add <email> <recipient>
${0} alias del <email> <recipient>
${LBLUE}COMMAND${RESET} alias ${RED}:=${RESET}
${0} alias add <EMAIL ADDRESS> <RECIPIENT>
${0} alias del <EMAIL ADDRESS> <RECIPIENT>
${0} alias list
quota:
${0} quota set <email> [<quota>]
${0} quota del <email>
${LBLUE}COMMAND${RESET} quota ${RED}:=${RESET}
${0} quota set <EMAIL ADDRESS> [<QUOTA>]
${0} quota del <EMAIL ADDRESS>
config:
${LBLUE}COMMAND${RESET} config ${RED}:=${RESET}
${0} config dkim [ ARGUMENTS${RED}...${RESET} ]
${0} config ssl <FQDN> (${CYAN}ATTENTION${RESET}: This is deprecated and will be removed soon.)
${0} config dkim <keysize> (default: 4096) <domain> (optional - for LDAP systems)
${0} config ssl <fqdn>
relay:
${0} relay add-domain <domain> <host> [<port>]
${0} relay add-auth <domain> <username> [<password>]
${0} relay exclude-domain <domain>
debug:
${LBLUE}COMMAND${RESET} relay ${RED}:=${RESET}
${0} relay add-domain <DOMAIN> <HOST> [<PORT>]
${0} relay add-auth <DOMAIN> <USERNAME> [<PASSWORD>]
${0} relay exclude-domain <DOMAIN>
${LBLUE}COMMAND${RESET} debug ${RED}:=${RESET}
${0} debug fetchmail
${0} debug fail2ban [<unban> <ip-address>]
${0} debug fail2ban [unban <IP>]
${0} debug show-mail-logs
${0} debug inspect
${0} debug login <commands>
${0} debug login <COMMANDS>
help: Show this help dialogue
${ORANGE}EXAMPLES${RESET}
${WHITE}./setup.sh email add test@domain.tld${RESET}
Add the email account ${WHITE}test@domain.tld${RESET}. You will be prompted
to input a password afterwards since no password was supplied.
${WHITE}./setup.sh config dkim keysize 2048 domain 'whoami.com,whoareyou.org'${RESET}
Creates keys of length 2048 but in an LDAP setup where domains are not known to
Postfix by default, so you need to provide them yourself in a comma-separated list.
${WHITE}./setup.sh config dkim help${RESET}
This will provide you with a detailed explanation on how to use the ${WHITE}
config dkim${RESET} command, showing what arguments can be passed and what they do.
${ORANGE}EXIT STATUS${RESET}
Exit status is 0 if the command was successful. If there was an unexpected error, an error
message is shown describing the error. In case of an error, the script will exit with exit
status 1.
"
}
@ -185,7 +244,7 @@ function _docker_image
fi
${CRI} run --rm \
-v "${CONFIG_PATH}":/tmp/docker-mailserver"${USING_SELINUX}" \
-v "${CONFIG_PATH}:/tmp/docker-mailserver${USING_SELINUX}" \
"${USE_TTY}" "${IMAGE_NAME}" "${@}"
fi
}
@ -249,11 +308,6 @@ function _main
USE_CONTAINER=true
;;
h )
_usage
return
;;
p )
case "${OPTARG}" in
/* ) WISHED_CONFIG_PATH="${OPTARG}" ;;
@ -269,7 +323,7 @@ function _main
;;
* )
echo "Invalid option: -${OPTARG}" >&2
echo "Invalid option: -${OPT}" >&2
;;
esac
@ -293,60 +347,60 @@ function _main
case ${1:-} in
email)
shift ; case ${1:-} in
add ) shift ; _docker_image addmailuser "${@}" ;;
update ) shift ; _docker_image updatemailuser "${@}" ;;
del ) shift ; _docker_image delmailuser "${@}" ;;
restrict ) shift ; _docker_container restrict-access "${@}" ;;
email )
case ${2:-} in
add ) shift 2 ; _docker_image addmailuser "${@}" ;;
update ) shift 2 ; _docker_image updatemailuser "${@}" ;;
del ) shift 2 ; _docker_container delmailuser "${@}" ;;
restrict ) shift 2 ; _docker_container restrict-access "${@}" ;;
list ) _docker_image listmailuser ;;
* ) _usage ;;
esac
;;
alias)
shift ; case ${1:-} in
add ) shift ; _docker_image addalias "${1}" "${2}" ;;
del ) shift ; _docker_image delalias "${1}" "${2}" ;;
list ) shift ; _docker_image listalias ;;
alias )
case ${2:-} in
add ) shift 2 ; _docker_image addalias "${1}" "${2}" ;;
del ) shift 2 ; _docker_image delalias "${1}" "${2}" ;;
list ) shift 2 ; _docker_image listalias ;;
* ) _usage ;;
esac
;;
quota)
shift ; case ${1:-} in
set ) shift ; _docker_image setquota "${@}" ;;
del ) shift ; _docker_image delquota "${@}" ;;
quota )
case ${2:-} in
set ) shift 2 ; _docker_image setquota "${@}" ;;
del ) shift 2 ; _docker_image delquota "${@}" ;;
* ) _usage ;;
esac
;;
config)
shift ; case ${1:-} in
dkim ) _docker_image generate-dkim-config "${2:-4096}" "${3:-}" ;;
ssl ) _docker_image generate-ssl-certificate "${2}" ;;
config )
case ${2:-} in
dkim ) shift 2 ; _docker_image open-dkim "${@}" ;;
ssl ) shift 2 ; _docker_image generate-ssl-certificate "${1}" ;;
* ) _usage ;;
esac
;;
relay)
shift ; case ${1:-} in
add-domain ) shift ; _docker_image addrelayhost "${@}" ;;
add-auth ) shift ; _docker_image addsaslpassword "${@}" ;;
exclude-domain ) shift ; _docker_image excluderelaydomain "${@}" ;;
relay )
case ${2:-} in
add-domain ) shift 2 ; _docker_image addrelayhost "${@}" ;;
add-auth ) shift 2 ; _docker_image addsaslpassword "${@}" ;;
exclude-domain ) shift 2 ; _docker_image excluderelaydomain "${@}" ;;
* ) _usage ;;
esac
;;
debug)
shift ; case ${1:-} in
debug )
case ${2:-} in
fetchmail ) _docker_image debug-fetchmail ;;
fail2ban ) shift ; _docker_container fail2ban "${@}" ;;
fail2ban ) shift 2 ; _docker_container fail2ban "${@}" ;;
show-mail-logs ) _docker_container cat /var/log/mail/mail.log ;;
inspect ) _inspect ;;
login )
shift
if [[ -z ${1:-''} ]]
shift 2
if [[ -z ${1:-} ]]
then
_docker_container /bin/bash
else