So, alpine will download platform-specific cache files, meaning that
when another platform tries to use the cache, it will fail with
packages not being found.
This refactor simplifies the `Dockerfile` by considerable amount:
new features of mobykit buildkit allow us to cache `apt`/`apk`
folder (so no need to delete `/var/lib/cache`) as well as extract
the build / install logic into separate files, which removes the
need for `&& \` and makes the code *much more* readable.
`build.sh` script has been updated as well to allow caching local
builds when testing, making it much more easier to test.
This new feature will anonymize emails in the Postfix logs. This allows
you to keep them indefinetely while being compliant with GDPR.
Based on excellent work on [this pull request](https://github.com/bokysan/docker-postfix/pull/91).
Check `README.md` for more details.
Some users have reported issues with GCE and how sasl-xoauth2 was
built. Moving the building process back into the main part of the
`Dockerfile` should hopefully prevent similar issues.
`HEALTHCHECK` instruction has been added to `Dockerfile`. This should
allow `docker-compose` installations to monitor and restart the
container if neccessary.
Kubernetes deployment healthcheck has been tweaked a bit to better
validate that the server is actually running.
- It's now possible to choose the logging type - either 'plain' or
'json'
- The code is ready to support multiple integration tests (with
different configurations)
- `OPENDKIM_` and `POSTFIX_` variables are handled properly and recorded
in the corresponding files. (This had a downfall that `bash` now needs
to be installed, so we can probably simplify some of the shell
scripts.)
Summary
^^^^^^^
This commit refactors the code base to be more manageble and
prepares the groundwork for tests.
Refactoring
^^^^^^^^^^^
Files are now moved to subdirectories, all for the sole purpose of
easier management. Tests live in their own folders, as well as configs
and other files.
Test framework
^^^^^^^^^^^^^^
Two new important scripts/directories are available:
- `unit-tests.sh` / `/unit-test` which executes unit tests across shell
scripts, and
- `integration-test.sh` / `integration-tests`, which spins up the
container and tries to send the email.
Both tests use the [BATS](https://github.com/sstephenson/bats) framework
for testing. To create a new test, simply drop a `.bats` file into a
corresponding directory.
Functions have been extracted into `common-run.sh`, to be able to test
them independently.
DKIM_SELECTOR
^^^^^^^^^^^^^
It is now possible to specify a DKIM selector to use (instead of
the default "mail"). See `README.md` for more details.
JSON logging
^^^^^^^^^^^^
WIP: rsyslog will now output JSON logs. This is especially important
if you plan on deploying the image into Kubernetes, as [Prometheus](https://prometheus.io/)
can handle logs in JSON much easier.
TODO: Make this an optional feature, to not confuse existing users.
* Support multiple alpine versions in Dockerfile
Add an ARG to the Dockerfile to support passing in build-args when
running docker build to support different alpine base image versions.
* Create push.sh script for managing image updates
The push.sh script supports passing multiple alpine tags which will then
be built, tagged, and pushed to docker hub
Use case is being able to reuse the common methods when extending the image so that the behavior is consistent (e.g: same formatting for log messages) without needing to repeat the code while extending.
This PR allows setting an empty `ALLOWED_SENDER_DOMAINS` variable. The default behaviour remains the same (empty `ALLOWED_SENDER_DOMAINS` will throw an error), but it is posible to override this behaviour via a new variable `ALLOW_EMPTY_SENDER_DOMAINS`.
It turns out that builds cannot be predictable - different accounts
were assigned by different build systems. Consequentially we install
each tool separately.
This commit brings two important features:
- **DKIM support** It's now possible to configure this postfix
image to sign messages using DKIM by simply generating the keys
and providing them in the approprate folder. This should bring
us one step closer to directly sending out emails without relying
on a 3rd-party proxy.
- **test support** A nice and handy script, conviniently called
`test.sh` has been provided, builds the image, spins it up and
tries to send out an email. You'll need `docker-compose` to run
it, though.
This update includes a few features that make it easier to work
with relay hosts. The configuration now uses built-in (Alpine) TLS
certificates and allows the user to specify how the Postfix should
establish a TLS connection. Configure it using `RELAYHOST_TLS_LEVEL`,
if needed.
Another configuration option was added, `MESSAGE_SIZE_LIMIT`, which
enables you to reject messages exceeding certain limits. Especially
useful with relay servers, to prevent messages getting stuck in
Postfix queue.
Use the `INBOUND_DEBUGGING` parameter to enable additional postfix
logs for incoming messages when things go south.
Use `TZ` parameter to set the timezone of the container (especially
useful for logs and dates in the messages).
*Notice that `ALLOWED_SENDER_DOMAINS` is now a neccessary parameter.*
Turns out that due to Postfix anti-spam configuration there's no way
to start it properly without specifying the domains it will relay
email for.
This commit also includes a few samples of running the container:
- standalone
- in [docker-compose](https://docs.docker.com/compose/)
Further work: add a working Kubernetes / Helm chart example.
The Dockerfile has been reformatted a bit to make it more clear and easy
to understand. README.md has been updated with the postfix's user
account details.
hosts's username and password, if your remote host requires
authentication.
NEW FEATURE: The possibility to execute third party scripts. This should
make extending this image easier.
REFACTORING: Dockerfile now starts with run.sh instead of suprevisor.
This makes it much easier to see any errors that might creep into the
code. Also note that the script now relies on POSIX-compliant commands
only so the executor has been changed from /bin/bash to /bin/sh.
