docker-postfix/scripts/run.sh

#!/usr/bin/env bash
set -e

chmod +x /scripts/*.sh
. /scripts/common.sh
. /scripts/common-run.sh

announce_startup                        # Print startup banner
setup_timezone                          # Check if we need to configure the container timezone
check_environment_sane                  # Check if the the environment is sane
rsyslog_log_format                      # Setup rsyslog output format
anon_email_log                          # Setup email anonymizer
setup_conf                              # Copy over files from /etc/postfix.template to /etc/postfix, if the user mounted the folder manually
reown_folders                           # Make and reown /var/spool/postfix/ folders
postfix_enable_chroot                   # Allow Postfix to run in chroot
postfix_upgrade_default_database_type   # Compatibility layer. Debian still uses 'hash:', but newer distributions use 'lmbd:'
postfix_upgrade_conf                    # Upgrade old coniguration, replace "hash:" and "btree:" databases to "lmdb:"
postfix_upgrade_daemon_directory        # Change the 'daemon_directory' postfix configuration, if a change is detected from Alpine<->Debian/Ubuntu
postfix_disable_utf8                    # Disable SMTPUTF8, because libraries (ICU) are missing in alpine
postfix_create_aliases                  # Update aliases database. It's not used, but postfix complains if the .db file is missing
postfix_disable_local_mail_delivery     # Disable local mail delivery
postfix_disable_domain_relays           # Don't relay for any domains
postfix_increase_header_size_limit      # Increase the allowed header size, the default (102400) is quite smallish
postfix_restrict_message_size           # Restrict the size of messages (or set them to unlimited)
postfix_reject_invalid_helos            # Reject invalid HELOs
postfix_set_hostname                    # Set up host name
postfix_set_relay_tls_level             # Set TLS level security for relays
postfix_setup_xoauth2_pre_setup         # (Pre) Setup XOAUTH2 authentication
postfix_setup_relayhost                 # Setup a relay host, if defined
postfix_setup_xoauth2_post_setup        # (Post) Setup XOAUTH2 autentication
postfix_setup_networks                  # Set MYNETWORKS
postfix_setup_debugging                 # Enable debugging, if defined
postfix_setup_sender_domains            # Configure allowed sender domains
postfix_setup_masquarading              # Setup masquaraded domains
postfix_setup_header_checks             # Enable SMTP header checks, if defined
postfix_setup_dkim                      # Configure DKIM, if enabled
postfix_setup_smtpd_sasl_auth           # Enable sender sasl auth, if defined
postfix_custom_commands                 # Apply custom postfix settings
opendkim_custom_commands                # Apply custom OpenDKIM settings
postfix_open_submission_port            # Enable the submission port
execute_post_init_scripts               # Execute any scripts found in /docker-init.db/
unset_sensitive_variables               # Remove environment variables that contains sensitive values (secrets) that are read from conf files

notice "Starting: ${emphasis}rsyslog${reset}, ${emphasis}crond${reset}, ${emphasis}postfix${reset}$DKIM_ENABLED"
exec supervisord -c /etc/supervisord.conf
Add the option to log to rsyslog as plain or JSON and restructure tests - It's now possible to choose the logging type - either 'plain' or 'json' - The code is ready to support multiple integration tests (with different configurations) - `OPENDKIM_` and `POSTFIX_` variables are handled properly and recorded in the corresponding files. (This had a downfall that `bash` now needs to be installed, so we can probably simplify some of the shell scripts.) 2020-07-01 19:50:08 +08:00			`#!/usr/bin/env bash`
Larger refactoring of the codebase + DKIM_SELECTOR Summary ^^^^^^^ This commit refactors the code base to be more manageble and prepares the groundwork for tests. Refactoring ^^^^^^^^^^^ Files are now moved to subdirectories, all for the sole purpose of easier management. Tests live in their own folders, as well as configs and other files. Test framework ^^^^^^^^^^^^^^ Two new important scripts/directories are available: - `unit-tests.sh` / `/unit-test` which executes unit tests across shell scripts, and - `integration-test.sh` / `integration-tests`, which spins up the container and tries to send the email. Both tests use the [BATS](https://github.com/sstephenson/bats) framework for testing. To create a new test, simply drop a `.bats` file into a corresponding directory. Functions have been extracted into `common-run.sh`, to be able to test them independently. DKIM_SELECTOR ^^^^^^^^^^^^^ It is now possible to specify a DKIM selector to use (instead of the default "mail"). See `README.md` for more details. JSON logging ^^^^^^^^^^^^ WIP: rsyslog will now output JSON logs. This is especially important if you plan on deploying the image into Kubernetes, as [Prometheus](https://prometheus.io/) can handle logs in JSON much easier. TODO: Make this an optional feature, to not confuse existing users. 2020-06-30 00:49:52 +08:00			`set -e`

Fix for #147: Update daemon_directory based on running distribution This image will now automatically reconfigure `daemon_directory` in case of distrubution switching. Alpine and Debian/Ubuntu will use different directly layout and if the user persists `/etc/postfix`, this image will not start if the distribution changes. 2023-10-30 06:42:37 +08:00			`chmod +x /scripts/*.sh`
Add email anonymizer option in case is needed for GDPR This new feature will anonymize emails in the Postfix logs. This allows you to keep them indefinetely while being compliant with GDPR. Based on excellent work on [this pull request](https://github.com/bokysan/docker-postfix/pull/91). Check `README.md` for more details. 2021-11-10 21:12:14 +08:00			`. /scripts/common.sh`
			`. /scripts/common-run.sh`
Larger refactoring of the codebase + DKIM_SELECTOR Summary ^^^^^^^ This commit refactors the code base to be more manageble and prepares the groundwork for tests. Refactoring ^^^^^^^^^^^ Files are now moved to subdirectories, all for the sole purpose of easier management. Tests live in their own folders, as well as configs and other files. Test framework ^^^^^^^^^^^^^^ Two new important scripts/directories are available: - `unit-tests.sh` / `/unit-test` which executes unit tests across shell scripts, and - `integration-test.sh` / `integration-tests`, which spins up the container and tries to send the email. Both tests use the [BATS](https://github.com/sstephenson/bats) framework for testing. To create a new test, simply drop a `.bats` file into a corresponding directory. Functions have been extracted into `common-run.sh`, to be able to test them independently. DKIM_SELECTOR ^^^^^^^^^^^^^ It is now possible to specify a DKIM selector to use (instead of the default "mail"). See `README.md` for more details. JSON logging ^^^^^^^^^^^^ WIP: rsyslog will now output JSON logs. This is especially important if you plan on deploying the image into Kubernetes, as [Prometheus](https://prometheus.io/) can handle logs in JSON much easier. TODO: Make this an optional feature, to not confuse existing users. 2020-06-30 00:49:52 +08:00
Fix for #151 2023-11-01 21:33:44 +08:00			`announce_startup # Print startup banner`
			`setup_timezone # Check if we need to configure the container timezone`
Upt: Add postfix-pcre, add additional checks for sanity and mount /tmp to emptydir 2024-02-25 16:12:02 +08:00			`check_environment_sane # Check if the the environment is sane`
Fix for #151 2023-11-01 21:33:44 +08:00			`rsyslog_log_format # Setup rsyslog output format`
			`anon_email_log # Setup email anonymizer`
			`setup_conf # Copy over files from /etc/postfix.template to /etc/postfix, if the user mounted the folder manually`
			`reown_folders # Make and reown /var/spool/postfix/ folders`
			`postfix_enable_chroot # Allow Postfix to run in chroot`
			`postfix_upgrade_default_database_type # Compatibility layer. Debian still uses 'hash:', but newer distributions use 'lmbd:'`
			`postfix_upgrade_conf # Upgrade old coniguration, replace "hash:" and "btree:" databases to "lmdb:"`
			`postfix_upgrade_daemon_directory # Change the 'daemon_directory' postfix configuration, if a change is detected from Alpine<->Debian/Ubuntu`
			`postfix_disable_utf8 # Disable SMTPUTF8, because libraries (ICU) are missing in alpine`
			`postfix_create_aliases # Update aliases database. It's not used, but postfix complains if the .db file is missing`
			`postfix_disable_local_mail_delivery # Disable local mail delivery`
			`postfix_disable_domain_relays # Don't relay for any domains`
			`postfix_increase_header_size_limit # Increase the allowed header size, the default (102400) is quite smallish`
			`postfix_restrict_message_size # Restrict the size of messages (or set them to unlimited)`
			`postfix_reject_invalid_helos # Reject invalid HELOs`
			`postfix_set_hostname # Set up host name`
			`postfix_set_relay_tls_level # Set TLS level security for relays`
			`postfix_setup_xoauth2_pre_setup # (Pre) Setup XOAUTH2 authentication`
			`postfix_setup_relayhost # Setup a relay host, if defined`
			`postfix_setup_xoauth2_post_setup # (Post) Setup XOAUTH2 autentication`
			`postfix_setup_networks # Set MYNETWORKS`
			`postfix_setup_debugging # Enable debugging, if defined`
			`postfix_setup_sender_domains # Configure allowed sender domains`
			`postfix_setup_masquarading # Setup masquaraded domains`
			`postfix_setup_header_checks # Enable SMTP header checks, if defined`
			`postfix_setup_dkim # Configure DKIM, if enabled`
			`postfix_setup_smtpd_sasl_auth # Enable sender sasl auth, if defined`
			`postfix_custom_commands # Apply custom postfix settings`
			`opendkim_custom_commands # Apply custom OpenDKIM settings`
			`postfix_open_submission_port # Enable the submission port`
			`execute_post_init_scripts # Execute any scripts found in /docker-init.db/`
			`unset_sensitive_variables # Remove environment variables that contains sensitive values (secrets) that are read from conf files`
Larger refactoring of the codebase + DKIM_SELECTOR Summary ^^^^^^^ This commit refactors the code base to be more manageble and prepares the groundwork for tests. Refactoring ^^^^^^^^^^^ Files are now moved to subdirectories, all for the sole purpose of easier management. Tests live in their own folders, as well as configs and other files. Test framework ^^^^^^^^^^^^^^ Two new important scripts/directories are available: - `unit-tests.sh` / `/unit-test` which executes unit tests across shell scripts, and - `integration-test.sh` / `integration-tests`, which spins up the container and tries to send the email. Both tests use the [BATS](https://github.com/sstephenson/bats) framework for testing. To create a new test, simply drop a `.bats` file into a corresponding directory. Functions have been extracted into `common-run.sh`, to be able to test them independently. DKIM_SELECTOR ^^^^^^^^^^^^^ It is now possible to specify a DKIM selector to use (instead of the default "mail"). See `README.md` for more details. JSON logging ^^^^^^^^^^^^ WIP: rsyslog will now output JSON logs. This is especially important if you plan on deploying the image into Kubernetes, as [Prometheus](https://prometheus.io/) can handle logs in JSON much easier. TODO: Make this an optional feature, to not confuse existing users. 2020-06-30 00:49:52 +08:00
Fix for #151 2023-11-01 21:33:44 +08:00			`notice "Starting: ${emphasis}rsyslog${reset}, ${emphasis}crond${reset}, ${emphasis}postfix${reset}$DKIM_ENABLED"`
Larger refactoring of the codebase + DKIM_SELECTOR Summary ^^^^^^^ This commit refactors the code base to be more manageble and prepares the groundwork for tests. Refactoring ^^^^^^^^^^^ Files are now moved to subdirectories, all for the sole purpose of easier management. Tests live in their own folders, as well as configs and other files. Test framework ^^^^^^^^^^^^^^ Two new important scripts/directories are available: - `unit-tests.sh` / `/unit-test` which executes unit tests across shell scripts, and - `integration-test.sh` / `integration-tests`, which spins up the container and tries to send the email. Both tests use the [BATS](https://github.com/sstephenson/bats) framework for testing. To create a new test, simply drop a `.bats` file into a corresponding directory. Functions have been extracted into `common-run.sh`, to be able to test them independently. DKIM_SELECTOR ^^^^^^^^^^^^^ It is now possible to specify a DKIM selector to use (instead of the default "mail"). See `README.md` for more details. JSON logging ^^^^^^^^^^^^ WIP: rsyslog will now output JSON logs. This is especially important if you plan on deploying the image into Kubernetes, as [Prometheus](https://prometheus.io/) can handle logs in JSON much easier. TODO: Make this an optional feature, to not confuse existing users. 2020-06-30 00:49:52 +08:00			`exec supervisord -c /etc/supervisord.conf`