diff --git a/integration-tests/ldap-allow/docker-compose.yml b/integration-tests/ldap-allow/docker-compose.yml deleted file mode 100644 index 65424f9..0000000 --- a/integration-tests/ldap-allow/docker-compose.yml +++ /dev/null @@ -1,42 +0,0 @@ -version: '3.7' -services: - postfix_test_587: - hostname: "postfix" - image: "boky/postfix" - restart: always - healthcheck: - test: [ "CMD", "sh", "-c", "netstat -an | fgrep 587 | fgrep -q LISTEN" ] - interval: 10s - timeout: 5s - start_period: 10s - retries: 2 - volumes: - - "./restricted-senders.cf:/etc/postfix/conf/restricted-senders.cf" - environment: - FORCE_COLOR: "1" - ALLOWED_SENDER_DOMAINS: "example.org" - POSTFIX_smtpd_sender_restrictions: "check_client_access ldap:/etc/postfix/conf/restricted-senders.cf" - ldap: - hostname: "ldap" - image: "thoteam/slapd-server-mock" - restart: always - healthcheck: - test: [ "CMD", "sh", "-c", "netstat -an | fgrep 389 | fgrep -q LISTEN" ] - interval: 10s - timeout: 5s - start_period: 10s - retries: 2 - volumes: - - "./config.ldif:/bootstrap/config.ldif.TEMPLATE" - - "./data.ldif:/bootstrap/data.ldif.TEMPLATE" - tests: - image: "boky/postfix-integration-test" - restart: "no" - volumes: - - "../tester:/code" - build: - context: ../tester - command: "/" # relative path to /code - environment: - FROM: "demo@example.org" - TO: "test@gmail.com" diff --git a/integration-tests/ldap-allow/restricted-senders.cf b/integration-tests/ldap-allow/restricted-senders.cf deleted file mode 100644 index 03dcda6..0000000 --- a/integration-tests/ldap-allow/restricted-senders.cf +++ /dev/null @@ -1,4 +0,0 @@ - server_host = ldap://ldap - search_base = dc=ldapmock,dc=local - query_filter = (sn=allowed) - result_attribute = mail diff --git a/integration-tests/ldap-block/config.ldif b/integration-tests/ldap-block/config.ldif deleted file mode 100644 index a641550..0000000 --- a/integration-tests/ldap-block/config.ldif +++ /dev/null @@ -1,37 +0,0 @@ -version: 1 - -# Add the groupType Attribute and group class for MSAD -# Kept for memory in case we need to enable this again -# dn: cn={0}core,cn=schema,cn=config -# changetype: modify -# add: olcAttributetypes -# olcAttributetypes: ( 1.2.840.113556.1.4.750 NAME 'groupType' -# SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE -# ) -# -# dn: cn={0}core,cn=schema,cn=config -# changetype: modify -# add: olcObjectClasses -# olcObjectClasses: ( 1.2.840.113556.1.5.8 NAME 'Group' -# DESC 'a group of users' -# SUP top STRUCTURAL -# MUST ( groupType $ cn) -# MAY ( member ) ) - -# Configure TLS -dn: cn=config -changetype: modify -replace: olcTLSCertificateFile -olcTLSCertificateFile: /etc/ldap/ssl/ldap.crt -- -replace: olcTLSCertificateKeyFile -olcTLSCertificateKeyFile: /etc/ldap/ssl/ldap.key -- -replace: olcTLSVerifyClient -olcTLSVerifyClient: never - -# Configure loging -dn: cn=config -changetype: modify -replace: olcLogLevel -olcLogLevel: stats diff --git a/integration-tests/ldap-block/data.ldif b/integration-tests/ldap-block/data.ldif deleted file mode 100644 index 5d46eec..0000000 --- a/integration-tests/ldap-block/data.ldif +++ /dev/null @@ -1,9 +0,0 @@ -# demo@example.org -dn: uid=demo,${LDAP_BASEDN} -objectClass: inetOrgPerson -objectClass: organizationalPerson -objectClass: person -objectClass: top -cn: Demo -sn: blocked -mail: demo@example.org diff --git a/integration-tests/ldap-block/docker-compose.yml b/integration-tests/ldap-block/docker-compose.yml deleted file mode 100644 index 65424f9..0000000 --- a/integration-tests/ldap-block/docker-compose.yml +++ /dev/null @@ -1,42 +0,0 @@ -version: '3.7' -services: - postfix_test_587: - hostname: "postfix" - image: "boky/postfix" - restart: always - healthcheck: - test: [ "CMD", "sh", "-c", "netstat -an | fgrep 587 | fgrep -q LISTEN" ] - interval: 10s - timeout: 5s - start_period: 10s - retries: 2 - volumes: - - "./restricted-senders.cf:/etc/postfix/conf/restricted-senders.cf" - environment: - FORCE_COLOR: "1" - ALLOWED_SENDER_DOMAINS: "example.org" - POSTFIX_smtpd_sender_restrictions: "check_client_access ldap:/etc/postfix/conf/restricted-senders.cf" - ldap: - hostname: "ldap" - image: "thoteam/slapd-server-mock" - restart: always - healthcheck: - test: [ "CMD", "sh", "-c", "netstat -an | fgrep 389 | fgrep -q LISTEN" ] - interval: 10s - timeout: 5s - start_period: 10s - retries: 2 - volumes: - - "./config.ldif:/bootstrap/config.ldif.TEMPLATE" - - "./data.ldif:/bootstrap/data.ldif.TEMPLATE" - tests: - image: "boky/postfix-integration-test" - restart: "no" - volumes: - - "../tester:/code" - build: - context: ../tester - command: "/" # relative path to /code - environment: - FROM: "demo@example.org" - TO: "test@gmail.com" diff --git a/integration-tests/ldap-block/restricted-senders.cf b/integration-tests/ldap-block/restricted-senders.cf deleted file mode 100644 index 03dcda6..0000000 --- a/integration-tests/ldap-block/restricted-senders.cf +++ /dev/null @@ -1,4 +0,0 @@ - server_host = ldap://ldap - search_base = dc=ldapmock,dc=local - query_filter = (sn=allowed) - result_attribute = mail diff --git a/integration-tests/ldap-block/test.bats b/integration-tests/ldap-block/test.bats deleted file mode 100755 index 2219952..0000000 --- a/integration-tests/ldap-block/test.bats +++ /dev/null @@ -1,26 +0,0 @@ -#!/usr/bin/env bats - -FROM=$1 -TO=$2 - -if [ -z "$FROM" ]; then - FROM="demo@example.org" -fi - -if [ -z "$TO" ]; then - TO="test@gmail.com" -fi - -# Wait for postfix to startup -wait-for-service -q tcp://postfix_test_587:587 -wait-for-service -q tcp://ldap:389 - -SMTP_DATA="-smtp postfix_test_587 -port 587" - -@test "Make sure postfix rejects the message from us" { - ! mailsend -debug \ - -sub "Test email 1" $SMTP_DATA \ - -from "$FROM" -to "$TO" \ - body \ - -msg "Hello world!\nThis is a simple test message!" -} diff --git a/integration-tests/ldap/docker-compose.yml b/integration-tests/ldap/docker-compose.yml new file mode 100644 index 0000000..1652516 --- /dev/null +++ b/integration-tests/ldap/docker-compose.yml @@ -0,0 +1,31 @@ +version: '3.7' +services: + tests: + hostname: "postfix" + image: "boky/postfix" + restart: "no" + volumes: + - "./tests:/tests" + - "./postfix-conf:/etc/postfix/conf/" + environment: + FORCE_COLOR: "1" + ALLOWED_EMPTY_SENDER_DOMAINS: "example.org" + POSTFIX_smtpd_end_of_data_restrictions: "check_client_access static:discard" + entrypoint: [ "/bin/sh", "-c" ] + command: [ "/tests/test.sh" ] + depends_on: + ldap: + condition: service_healthy + restart: true + ldap: + hostname: "ldap" + image: "thoteam/slapd-server-mock" + restart: always + healthcheck: + test: [ "CMD-SHELL", "bash -c 'exec 6<> /dev/tcp/localhost/389'" ] + interval: 10s + timeout: 5s + start_period: 10s + retries: 2 + volumes: + - "./ldap-conf:/bootstrap/" \ No newline at end of file diff --git a/integration-tests/ldap-allow/config.ldif b/integration-tests/ldap/ldap-conf/config.ldif.TEMPLATE similarity index 100% rename from integration-tests/ldap-allow/config.ldif rename to integration-tests/ldap/ldap-conf/config.ldif.TEMPLATE diff --git a/integration-tests/ldap-allow/data.ldif b/integration-tests/ldap/ldap-conf/data.ldif.TEMPLATE similarity index 100% rename from integration-tests/ldap-allow/data.ldif rename to integration-tests/ldap/ldap-conf/data.ldif.TEMPLATE diff --git a/integration-tests/ldap/postfix-conf/restricted-senders.cf b/integration-tests/ldap/postfix-conf/restricted-senders.cf new file mode 100644 index 0000000..7871292 --- /dev/null +++ b/integration-tests/ldap/postfix-conf/restricted-senders.cf @@ -0,0 +1,4 @@ +server_host = ldap://ldap +search_base = dc=ldapmock,dc=local +query_filter = (&(mail=%s)(sn=allowed)) +result_attribute = mail diff --git a/integration-tests/ldap/tests/test.sh b/integration-tests/ldap/tests/test.sh new file mode 100755 index 0000000..c44070d --- /dev/null +++ b/integration-tests/ldap/tests/test.sh @@ -0,0 +1,10 @@ +#!/bin/sh +set -e +set -x + +if ! hash postmap; then + echo "postmap not found!" >2 + exit 1 +fi + +postmap -q demo@example.org ldap:/etc/postfix/conf/restricted-senders.cf