diff --git a/build-scripts/postfix-install.sh b/build-scripts/postfix-install.sh index dc66206..7aec3e7 100644 --- a/build-scripts/postfix-install.sh +++ b/build-scripts/postfix-install.sh @@ -2,41 +2,41 @@ set -e if [ -f /etc/os-release ]; then - . /etc/os-release + . /etc/os-release fi # Installs postfix, opendkim, and other required packages using the # Alpine package manager. This function is called when the image is # built on an Alpine base image. do_alpine() { - architecture_specific_packages="" - apk update + architecture_specific_packages="" + apk update - if [ "$(apk info postfix-pgsql | grep -R '^postfix-pgsql')" != "" ]; then - architecture_specific_packages="${architecture_specific_packages} postfix-pgsql" - fi - if [ "$(apk info postfix-mysql | grep -R '^postfix-mysql')" != "" ]; then - architecture_specific_packages="${architecture_specific_packages} postfix-mysql" - fi + if [ "$(apk info postfix-pgsql | grep -R '^postfix-pgsql')" != "" ]; then + architecture_specific_packages="${architecture_specific_packages} postfix-pgsql" + fi + if [ "$(apk info postfix-mysql | grep -R '^postfix-mysql')" != "" ]; then + architecture_specific_packages="${architecture_specific_packages} postfix-mysql" + fi - apk add --upgrade cyrus-sasl cyrus-sasl-static cyrus-sasl-digestmd5 cyrus-sasl-crammd5 cyrus-sasl-login cyrus-sasl-ntlm libsasl - apk add postfix postfix-pcre postfix-ldap ${architecture_specific_packages} - apk add opendkim - apk add --upgrade \ - bash \ - bind-tools \ - ca-certificates \ - jsoncpp \ - libcurl \ - lmdb \ - logrotate \ - musl \ - musl-utils \ - netcat-openbsd \ - opendkim-utils \ - rsyslog \ - supervisor \ - tzdata + apk add --upgrade cyrus-sasl cyrus-sasl-static cyrus-sasl-digestmd5 cyrus-sasl-crammd5 cyrus-sasl-login cyrus-sasl-ntlm libsasl + apk add postfix postfix-pcre postfix-ldap ${architecture_specific_packages} + apk add opendkim + apk add --upgrade \ + bash \ + bind-tools \ + ca-certificates \ + jsoncpp \ + libcurl \ + lmdb \ + logrotate \ + musl \ + musl-utils \ + netcat-openbsd \ + opendkim-utils \ + rsyslog \ + supervisor \ + tzdata } @@ -44,54 +44,54 @@ do_alpine() { # ubuntu/debian package manager. This function is called when the # image is built on a ubuntu/debian base image. do_ubuntu() { - architecture_specific_packages="" - RELEASE_SPECIFIC_PACKAGES="" - export DEBCONF_NOWARNINGS=yes - export DEBIAN_FRONTEND=noninteractive - echo "Europe/Berlin" > /etc/timezone - apt-get update -y -q - - if [ "$(apt-cache search --names-only '^postfix-pgsql$')" != "" ]; then - architecture_specific_packages="${architecture_specific_packages} postfix-pgsql" - fi - if [ "$(apt-cache search --names-only '^postfix-mysql$')" != "" ]; then - architecture_specific_packages="${architecture_specific_packages} postfix-mysql" - fi + architecture_specific_packages="" + RELEASE_SPECIFIC_PACKAGES="" + export DEBCONF_NOWARNINGS=yes + export DEBIAN_FRONTEND=noninteractive + echo "Europe/Berlin" > /etc/timezone + apt-get update -y -q - apt-get install -y libsasl2-modules sasl2-bin - apt-get install -y postfix postfix-pcre postfix-ldap ${architecture_specific_packages} - apt-get install -y opendkim - local libcurl="libcurl4" - if [ "$(apt-cache search --names-only '^libcurl4t64$')" != "" ]; then - libcurl="libcurl4t64" - fi - apt-get install -y \ - ${libcurl} ${RELEASE_SPECIFIC_PACKAGES} \ - bash \ - ca-certificates \ - colorized-logs \ - cron \ - curl \ - dnsutils \ - libjsoncpp25 \ - logrotate \ - net-tools \ - netcat-openbsd \ - opendkim-tools \ - postfix-lmdb \ - procps \ - rsyslog \ - sasl2-bin \ - supervisor \ - tzdata \ - apt-get clean - rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + if [ "$(apt-cache search --names-only '^postfix-pgsql$')" != "" ]; then + architecture_specific_packages="${architecture_specific_packages} postfix-pgsql" + fi + if [ "$(apt-cache search --names-only '^postfix-mysql$')" != "" ]; then + architecture_specific_packages="${architecture_specific_packages} postfix-mysql" + fi + + apt-get install -y libsasl2-modules sasl2-bin + apt-get install -y postfix postfix-pcre postfix-ldap ${architecture_specific_packages} + apt-get install -y opendkim + local libcurl="libcurl4" + if [ "$(apt-cache search --names-only '^libcurl4t64$')" != "" ]; then + libcurl="libcurl4t64" + fi + apt-get install -y \ + ${libcurl} ${RELEASE_SPECIFIC_PACKAGES} \ + bash \ + ca-certificates \ + colorized-logs \ + cron \ + curl \ + dnsutils \ + libjsoncpp25 \ + logrotate \ + net-tools \ + netcat-openbsd \ + opendkim-tools \ + postfix-lmdb \ + procps \ + rsyslog \ + sasl2-bin \ + supervisor \ + tzdata + apt-get clean + rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* } if [ -f /etc/alpine-release ]; then - do_alpine + do_alpine else - do_ubuntu + do_ubuntu fi # Some services (eg. cron) will complain if this file does not exists, even if it's empty. diff --git a/scripts/cron.sh b/scripts/cron.sh index d5bcbb7..94b7c03 100755 --- a/scripts/cron.sh +++ b/scripts/cron.sh @@ -1,7 +1,7 @@ #!/bin/sh if [ -f /usr/sbin/cron ]; then # Ubuntu - exec /usr/sbin/cron -f + exec /usr/sbin/cron -f else # Alpine / Busybox cron - exec /usr/sbin/crond -f -S + exec /usr/sbin/crond -f -S fi \ No newline at end of file diff --git a/scripts/email-anonymizer.sh b/scripts/email-anonymizer.sh index 0620652..be57c91 100755 --- a/scripts/email-anonymizer.sh +++ b/scripts/email-anonymizer.sh @@ -9,5 +9,5 @@ SCRIPT_DIR=$(CDPATH='' cd -- "$(dirname -- "$0")" && pwd) # are sent straight to the terminal ## while ! env PYTHONUNBUFFERED=1 python3 "$SCRIPT_DIR/email-anonymizer.py" "$@"; do - sleep 1 + sleep 1 done \ No newline at end of file diff --git a/scripts/healthcheck.sh b/scripts/healthcheck.sh index 1b3ec42..eae1f57 100644 --- a/scripts/healthcheck.sh +++ b/scripts/healthcheck.sh @@ -1,34 +1,33 @@ #!/bin/sh set -e if [ -f /tmp/container_is_terminating ]; then - exit 0 + exit 0 fi check_postfix() { - local proxy_protocol="$(postconf postscreen_upstream_proxy_protocol | cut -f2- -d= | tr -d '[:blank:]')" + local proxy_protocol="$(postconf postscreen_upstream_proxy_protocol | cut -f2- -d= | tr -d '[:blank:]')" + check_string="EHLO healthcheck\nquit\n" - check_string="EHLO healthcheck\nquit\n" + if [ -n "$proxy_protocol" ]; then + check_string="PROXY TCP4 127.0.0.1 127.0.0.1 587 587\n${check_string}" + # ^--- proxied internet protocol and family + # ^--- source address + # ^--- destination address + # ^--- source port + # ^--- destination port + fi - if [ -n "$proxy_protocol" ]; then - check_string="PROXY TCP4 127.0.0.1 127.0.0.1 587 587\n${check_string}" - # ^--- proxied internet protocol and family - # ^--- source address - # ^--- destination address - # ^--- source port - # ^--- destination port - fi - - printf "${check_string}" | \ - { while read l ; do sleep 1; echo $l; done } | \ - nc -w 2 127.0.0.1 587 | \ - grep -qE "^220.*ESMTP Postfix" + printf "${check_string}" | \ + { while read l ; do sleep 1; echo $l; done } | \ + nc -w 2 127.0.0.1 587 | \ + grep -qE "^220.*ESMTP Postfix" } check_dkim() { - if [ -f /tmp/no_open_dkim ]; then - return - fi - printf '\x18Clocalhost\x004\x00\x00127.0.0.1\x00' | nc -w 2 127.0.0.1 8891 + if [ -f /tmp/no_open_dkim ]; then + return + fi + printf '\x18Clocalhost\x004\x00\x00127.0.0.1\x00' | nc -w 2 127.0.0.1 8891 } echo "Postfix check..." diff --git a/scripts/opendkim.sh b/scripts/opendkim.sh index 385b4e0..79b1943 100755 --- a/scripts/opendkim.sh +++ b/scripts/opendkim.sh @@ -1,21 +1,21 @@ #!/bin/sh noop() { - while true; do - # 2147483647 = max signed 32-bit integer - # 2147483647 s ≅ 70 years - sleep infinity || sleep 2147483647 - done + while true; do + # 2147483647 = max signed 32-bit integer + # 2147483647 s ≅ 70 years + sleep infinity || sleep 2147483647 + done } if [ ! -d /etc/opendkim/keys ]; then - touch /tmp/no_open_dkim - noop + touch /tmp/no_open_dkim + noop elif [ -z "$(find /etc/opendkim/keys -type f ! -name .)" ]; then - touch /tmp/no_open_dkim - noop + touch /tmp/no_open_dkim + noop else - exec /usr/sbin/opendkim -D -f -x /etc/opendkim/opendkim.conf + exec /usr/sbin/opendkim -D -f -x /etc/opendkim/opendkim.conf fi