While these tests are neccessary, they cannot be completed
immutably. They rely in access and refresh token from Google
and these expire -- we would need to devise a smart way of
getting them every time before the tests are run.
- It's now possible to choose the logging type - either 'plain' or
'json'
- The code is ready to support multiple integration tests (with
different configurations)
- `OPENDKIM_` and `POSTFIX_` variables are handled properly and recorded
in the corresponding files. (This had a downfall that `bash` now needs
to be installed, so we can probably simplify some of the shell
scripts.)
Summary
^^^^^^^
This commit refactors the code base to be more manageble and
prepares the groundwork for tests.
Refactoring
^^^^^^^^^^^
Files are now moved to subdirectories, all for the sole purpose of
easier management. Tests live in their own folders, as well as configs
and other files.
Test framework
^^^^^^^^^^^^^^
Two new important scripts/directories are available:
- `unit-tests.sh` / `/unit-test` which executes unit tests across shell
scripts, and
- `integration-test.sh` / `integration-tests`, which spins up the
container and tries to send the email.
Both tests use the [BATS](https://github.com/sstephenson/bats) framework
for testing. To create a new test, simply drop a `.bats` file into a
corresponding directory.
Functions have been extracted into `common-run.sh`, to be able to test
them independently.
DKIM_SELECTOR
^^^^^^^^^^^^^
It is now possible to specify a DKIM selector to use (instead of
the default "mail"). See `README.md` for more details.
JSON logging
^^^^^^^^^^^^
WIP: rsyslog will now output JSON logs. This is especially important
if you plan on deploying the image into Kubernetes, as [Prometheus](https://prometheus.io/)
can handle logs in JSON much easier.
TODO: Make this an optional feature, to not confuse existing users.
Expand the `README.md` a bit to better explain what's needed to get the server up and running.
It seems that a lot of users are trying to use this image and running into issues. This should help out a bit to get them started.
This PR allows setting an empty `ALLOWED_SENDER_DOMAINS` variable. The default behaviour remains the same (empty `ALLOWED_SENDER_DOMAINS` will throw an error), but it is posible to override this behaviour via a new variable `ALLOW_EMPTY_SENDER_DOMAINS`.
This fix makes it more explicit that "mail" segment must be used
with this DKIM and adds a few more code to the DKIM part to make
it more resillient and useful.
This commit brings two important features:
- **DKIM support** It's now possible to configure this postfix
image to sign messages using DKIM by simply generating the keys
and providing them in the approprate folder. This should bring
us one step closer to directly sending out emails without relying
on a 3rd-party proxy.
- **test support** A nice and handy script, conviniently called
`test.sh` has been provided, builds the image, spins it up and
tries to send out an email. You'll need `docker-compose` to run
it, though.
This update includes a few features that make it easier to work
with relay hosts. The configuration now uses built-in (Alpine) TLS
certificates and allows the user to specify how the Postfix should
establish a TLS connection. Configure it using `RELAYHOST_TLS_LEVEL`,
if needed.
Another configuration option was added, `MESSAGE_SIZE_LIMIT`, which
enables you to reject messages exceeding certain limits. Especially
useful with relay servers, to prevent messages getting stuck in
Postfix queue.
Use the `INBOUND_DEBUGGING` parameter to enable additional postfix
logs for incoming messages when things go south.
Use `TZ` parameter to set the timezone of the container (especially
useful for logs and dates in the messages).
*Notice that `ALLOWED_SENDER_DOMAINS` is now a neccessary parameter.*
Turns out that due to Postfix anti-spam configuration there's no way
to start it properly without specifying the domains it will relay
email for.
This commit also includes a few samples of running the container:
- standalone
- in [docker-compose](https://docs.docker.com/compose/)
Further work: add a working Kubernetes / Helm chart example.
The Dockerfile has been reformatted a bit to make it more clear and easy
to understand. README.md has been updated with the postfix's user
account details.
hosts's username and password, if your remote host requires
authentication.
NEW FEATURE: The possibility to execute third party scripts. This should
make extending this image easier.
REFACTORING: Dockerfile now starts with run.sh instead of suprevisor.
This makes it much easier to see any errors that might creep into the
code. Also note that the script now relies on POSIX-compliant commands
only so the executor has been changed from /bin/bash to /bin/sh.