Subversion Repositories Docker.dovecot

Compare Revisions

No changes between revisions

Ignore whitespace Rev 49 → Rev 50

/tags/20201024/Dockerfile
0,0 → 1,0
link app/build/Dockerfile
Property changes:
Added: svn:special
+*
\ No newline at end of property
/tags/20201024/Makefile
0,0 → 1,0
link app/build/Makefile
Property changes:
Added: svn:special
+*
\ No newline at end of property
/tags/20201024/app/build/Dockerfile
0,0 → 1,63
##############################################################################
#
# dovecot
#
# Dovecot provides an IMAP daemon.
#
##############################################################################
ARG DOCKERARCH
ARG BUILDTAG
FROM scheerdock/alpine_${DOCKERARCH}:$BUILDTAG
 
##############################################################################
# Set name of image for using it at runtime
##############################################################################
ARG IMAGENAME=Dockerimage
ENV DOCKERIMAGE=$IMAGENAME
ARG IMAGEVERSION=0.0
ENV DOCKERIMAGEVERSION=$IMAGEVERSION
ARG IMAGEBASE=unknown
ENV DOCKERIMAGEBASE=$IMAGEBASE
ARG BUILDDATE=unknown
ENV DOCKERIMAGEBUILDDATE=$BUILDDATE
ARG NETWORKALIAS=unknown
ENV HOSTALIAS=$NETWORKALIAS
 
 
##############################################################################
# App specific variables
##############################################################################
 
 
##############################################################################
# Used volumes
##############################################################################
VOLUME /data
VOLUME /data-shared
VOLUME /letsencrypt
VOLUME /backup
 
##############################################################################
# Exposed ports
##############################################################################
EXPOSE 993
 
##############################################################################
# Add the App stuff
##############################################################################
ADD app /app-release
 
##############################################################################
# Install the app
##############################################################################
RUN echo "$DOCKERIMAGE" > /etc/imagename \
&& echo "$DOCKERIMAGEBASE" > /etc/imagebase \
#
# Do all necessary installation steps for this image \
&& /app-release/build/installimage
 
##############################################################################
# Start the container with the default argument "--init"
##############################################################################
ENTRYPOINT ["/usr/local/bin/startcontainer"]
CMD ["--init"]
/tags/20201024/app/build/Makefile
0,0 → 1,177
##############################################################################
# General Makefile for docker images
#
# Following calls are possible:
# - make or make imagename: Build the image. The resulting image is tagged
# with the value of the environment variable $DOCKERDEVTAG or "latest"
# if this variable is not set.
#
# - make push: Push the current image with the tags "latest" and the
# date of the last modification of the file .dockerbuild to Docker Hub.
#
# - make multiarch: Create a docker manifest list with the tags "latest"
# and the date of the last modification of the file .dockerbuild to
# push them to Docker Hub.
#
# - make release: Release the current image with the tags "latest" and the
# date of the last modification of the file .dockerbuild to Docker Hub.
# Furthermore a new tag is created in the SVN repository.
#
# - make links: Create all necessary directory links for accessing the
# persistent data stores.
#
##############################################################################
 
#
# Definition of some variables
IMAGENAME = $(shell denv imagename)
IMAGEVERSION = $(shell date +%Y%m%d)
IMAGEBASE = $(shell getimagebase $(IMAGENAME))
IMAGEDEP =
BUILDDATE = $(shell date +%x-%X)
BUILDARGS =
NETWORKALIAS = $(shell denv networkalias)
 
 
#
# Including an image dependant makefile. This can be used
# for redefining the above mentioned variables (especially
# IMAGEDEP and BUILDARGS)
include app/build/Makefile.appvariables
 
 
#
# Definition of source files
SOURCES = Dockerfile $(IMAGEDEP)
APPFILES = $(shell find app -type f -print)
 
 
#
# Definition of used commands within this makefile.
DOCKER = docker
SVN = svn
CP = cp -f
RM = rm -f
TOUCH = touch
MKDIR = mkdir -p
CHOWN = chown
CHGRP = chgrp
CHMOD = chmod
SUDO = sudo
TAR = tar
LN = ln -snf
ECHO = /bin/echo -n -e
 
 
#
# Target for building the image.
$(IMAGENAME) : .dockerbuild
 
 
#
# Target for pushing the built target to the Docker Hub.
push : .dockerpush
 
 
#
# Target for pushing the manifest for a multiarch image to the Docker Hub.
multiarch : .dockermultiarch
 
 
#
# Target for creating the docker release within the
# subversion repository.
release : .dockerrelease
 
 
#
# Target for creating links to the /data and /data-shared directories
links :
$(LN) $(DOCKERDATA)/$(IMAGENAME) $(DOCKERDIR)/$(IMAGENAME)/data
$(LN) $(DOCKERSHAREDDATA)/$(IMAGENAME) $(DOCKERDIR)/$(IMAGENAME)/data-shared
 
 
 
#
# Target for internal use only!
# This target builds the docker image.
.dockerbuild : $(SOURCES) $(APPFILES)
$(DOCKER) build --build-arg IMAGENAME=$(IMAGENAME) \
--build-arg IMAGEVERSION="$(IMAGEVERSION)" \
--build-arg IMAGEBASE="$(IMAGEBASE)" \
--build-arg DOCKERARCH="$(DOCKERARCH)" \
--build-arg BUILDTAG="$(BUILDTAG)" \
--build-arg BUILDDATE="$(BUILDDATE)" \
--build-arg NETWORKALIAS=$(NETWORKALIAS) \
$(BUILDARGS) \
--tag $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):$(BUILDTAG) . \
&& $(TOUCH) .dockerbuild \
&& $(CP) app/build/conf/app.conf $(DOCKERDIR)/conf/$(IMAGENAME).conf
 
 
#
# Target for internal use only!
# This target pushes the docker image to the Docker Hub.
# The development image gets an additional tag "dev" or "latest"
# (this is defined in app/build/Makefile.appvariables).
.dockerpush : reldate=$(shell date +%Y%m%d --reference=.dockerbuild)
.dockerpush : .dockerbuild
@$(DOCKER) tag $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):$(BUILDTAG) $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):latest \
&& $(DOCKER) tag $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):$(BUILDTAG) $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):$(reldate) \
&& $(ECHO) "$(DOCKER) push $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):latest ...\n" \
&& $(DOCKER) push $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):latest \
&& $(ECHO) "\n$(DOCKER) push $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):$(reldate) ...\n" \
&& $(DOCKER) push $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):$(reldate) \
&& $(DOCKER) image rm $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):$(reldate) \
&& $(TOUCH) .dockerpush
 
 
#
# Target for internal use only!
# This target creates and pushes the docker manifest list to the Docker Hub.
.dockermultiarch: reldate=$(shell date +%Y%m%d --reference=.dockerbuild)
.dockermultiarch: .dockerpush
@$(ECHO) "Creating manifest $(DOCKERLOGIN)/$(IMAGENAME):latest ...\n" \
&& $(DOCKER) manifest create --amend $(DOCKERLOGIN)/$(IMAGENAME):latest \
$(DOCKERLOGIN)/$(IMAGENAME)_x86_64:latest \
$(DOCKERLOGIN)/$(IMAGENAME)_armv7l:latest \
&& $(ECHO) "\nCreating manifest $(DOCKERLOGIN)/$(IMAGENAME):$(reldate) ...\n" \
&& $(DOCKER) manifest create --amend $(DOCKERLOGIN)/$(IMAGENAME):$(reldate) \
$(DOCKERLOGIN)/$(IMAGENAME)_x86_64:latest \
$(DOCKERLOGIN)/$(IMAGENAME)_armv7l:latest \
&& $(ECHO) "\nPushing manifest $(DOCKERLOGIN)/$(IMAGENAME):latest ...\n" \
&& $(DOCKER) manifest push --purge $(DOCKERLOGIN)/$(IMAGENAME):latest \
&& $(ECHO) "\nPushing manifest $(DOCKERLOGIN)/$(IMAGENAME):$(reldate) ...\n" \
&& $(DOCKER) manifest push --purge $(DOCKERLOGIN)/$(IMAGENAME):$(reldate) \
&& $(TOUCH) .dockermultiarch
 
 
#
# Target for internal use only!
# This target creates a release tag within the subversion repository
.dockerrelease: reldate=$(shell date +%Y%m%d --reference=.dockerbuild)
.dockerrelease: .dockermultiarch
@$(SVN) diff --summarize | wc -l | grep -q 0 \
|| ($(ECHO) "Please commit changes to your software repository first.\n" && return 1)
@test .dockerpush -nt .dockerbuild \
&& $(ECHO) "Image is already pushed to Docker Hub.\n" \
|| ($(DOCKER) tag $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):latest $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):$(reldate) \
&& $(ECHO) "$(DOCKER) push $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):latest ...\n" \
&& $(DOCKER) push $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):latest \
&& $(ECHO) "\n$(DOCKER) push $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):$(reldate) ...\n" \
&& $(DOCKER) push $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):$(reldate) \
&& $(DOCKER) image rm $(DOCKERLOGIN)/$(IMAGENAME)_$(DOCKERARCH):$(reldate) \
&& $(TOUCH) .dockerpush \
&& return 0 )
@$(TOUCH) .dockerrelease
@$(SVN) delete svn://$(DOCKERSVN)/Docker/$(IMAGENAME)/tags/$(reldate) \
-m "Tag $(reldate) deleted because of newer version." >/dev/null 2>&1; return 0
$(SVN) copy svn://$(DOCKERSVN)/Docker/$(IMAGENAME)/trunk \
svn://$(DOCKERSVN)/Docker/$(IMAGENAME)/tags/$(reldate) \
-m "Tag for image version $(reldate)."
 
 
#
# Including an image dependant makefile. This can be used
# for defining additional targets.
include app/build/Makefile.apptargets
/tags/20201024/app/build/Makefile.apptargets
0,0 → 1,8
##############################################################################
#
# Image specific targets of the Makefile
#
##############################################################################
 
#
# Specify app specific targets here.
/tags/20201024/app/build/Makefile.appvariables
0,0 → 1,21
##############################################################################
#
# Image specific variables of the Makefile
#
##############################################################################
 
#
# Define the .dockerbuild file of the base image.
IMAGEDEP = $(DOCKERDIR)/alpine/.dockerbuild
 
#
# Define additional arguments for the build process.
BUILDARGS =
 
#
# Define the name of the docker tag used for "docker build".
ifdef DOCKERBUILDTAG
BUILDTAG = $(DOCKERBUILDTAG)
else
BUILDTAG = latest
endif
/tags/20201024/app/build/conf/app.conf
0,0 → 1,93
##############################################################################
#
# Configuration file of the image.
#
##############################################################################
 
#
# Name of this image
IMAGENAME=dovecot
 
 
#
# Tag to be used for starting a container of this image
IMAGETAG=latest
 
 
#
# Name of the container
CONTAINERNAME=$IMAGENAME
 
 
#
# Name of the service in case of starting a container by docker-compose
SERVICENAME=$CONTAINERNAME
 
 
#
# Environment variables
ENV[FETCHMAILINTERVAL]="60"
 
 
#
# Definition of used volumes
VOLUME[0]="$DOCKERDATA/$IMAGENAME:/data"
VOLUME[1]="$DOCKERSHAREDDATA/$IMAGENAME:/data-shared"
VOLUME[2]="$DOCKERDATA/$IMAGENAME/backup:/backup"
VOLUME[3]="$DOCKERSHAREDDATA/letsencrypt:/letsencrypt"
 
 
#
# Definition of used block devices
DEVICE[0]=""
 
 
#
# Definition of dependencies.
# The dependent containers must run before starting a container of this
# image.
# DEPENDENCYCHECK defines weather the check is active (1) or inactive (0).
# DEPENDENCYDELAY defines the delay between two checks.
# DPENDENCY[] defines an array to generate the depends_on section in the
# docker-compose YAML-file.
ENV[DEPENDENCYCHECK]="1"
ENV[DEPENDENCYDELAY]="10"
DEPENDENCY[0]=""
 
 
#
# Intial script when starting the container.
# (Leave empty for using the script defined in the image's Dockerfile)
ENTRYPOINT=()
 
 
#
# Definition of one of the following modes to start the container.
# - detach: Start detached without interaction.
# - tty: Start with tty mode (stdin/stdout). This implies also interactive.
# - interactive: Run interactivly (necessary for batch jobs).
START="detach"
 
 
#
# Defintion of the type of restart for docker-compose.
# (no, unless-stopped, always, on-failure)
# https://docs.docker.com/compose/compose-file/#restart
RESTART="unless-stopped"
 
 
#
# Alias hostname of the container
NETWORKALIAS=$IMAGENAME
 
 
#
# Definition of the network mode
# (bridge, host, none)
NETWORKMODE="bridge"
 
 
#
# Definition of the port(s) to publish to the host.
# ("hostport:containerport")
PORTMAP[0]="993:993"
/tags/20201024/app/build/dh.pem
0,0 → 1,13
-----BEGIN DH PARAMETERS-----
MIICCAKCAgEA6dDPvFz89HDimiNjItch9gMA9MklgZC/pGrMvLQNkDV5fEnGqp5q
HgDzASK9w9oN2aH3nF2AJBKOSm2w0VMas8HjNUQfB164TADXmvLv0l/aiNmE4Eai
MdKk9xNwVUFxy6mHras1zn5ERSgrzFtC95ITqVPaQzqzT6Bq/nTo0htAcyzZazR5
Uk2VAH0TC2fRUtgP0WlBbOfdta9PsHuVnI/+MTYj7X85ln9hLqj+fGPo8kYTruqL
QcdAYP3yOWTu1uHqtiPgKu3c+C9WsRYMjvZA0iIkHR/inVLwSEwazN0jNUUK3Wop
E8viVZyAsBGH1lHSkpcQgvAaK047oLw/fNgW8J1RkgBfAJJFalBpRvrHv2NAKd7w
ZnAeyjIIO9kDoSo/qEEKP2FJN6g28GA2jpl+yxa9ioovdUTS2IUnqlpIpcH74COq
iycta/KFiV6mr1nmqBbtI0NfgtpFmOE8afQuEWI9g0bFYdq2CxfByO+5FfRCoYfE
+gSRZxPt/bQdcjnTTr5NvqukfNssEk6ciT9LRNlpNMXfXK1LO+ZsfPkaVQD8bO9w
lI/98nq+htyg+uLr5Pj2HozXdwNJY5fgjh6Io5kOgOumd1YXQ1xcJSnTCl5QoOI1
MoFFrt0XlkNKigpnKD6PdA9rwJ/eyTZm420Pan3KBhdfHMtjrk+qWCMCAQI=
-----END DH PARAMETERS-----
/tags/20201024/app/build/dovecot_10-auth_mods.sed
0,0 → 1,4
1,$s|^#\s*disable_plaintext_auth\s*=\s*.*|disable_plaintext_auth = yes|
1,$s|^!include auth-(.*)|#!include auth-\1|
1,$s|^#!include auth-passwdfile.conf.ext|!include auth-passwdfile.conf.ext|
1,$s|^#!include auth-deny.conf.ext|!include auth-deny.conf.ext|
/tags/20201024/app/build/dovecot_10-logging_mods.sed
0,0 → 1,3
1,$s|^#?s*log_path\s*=\s*.*|log_path = /dev/stderr|i
1,$s|^#?s*info_log_path\s*=\s*.*|info_log_path = /dev/stdout|i
1,$s|^#?s*debug_log_path\s*=\s*.*|debug_log_path = /dev/stdout|i
/tags/20201024/app/build/dovecot_10-mail_mods.sed
0,0 → 1,0
1,$s|^#?s*mail_location\s*=\s*.*|mail_location = maildir:/data/%n/Maildir:LAYOUT=fs:CONTROL=/data/%n/.dovecot/control|i
/tags/20201024/app/build/dovecot_10-master_mods.sed
0,0 → 1,7
1,$s|^#\s*default_login_user\s*=\s*.*|default_login_user = dovenull|
1,$s|^#\s*default_internal_user\s*=\s*.*|default_internal_user = dovecot|
/^service\s*imap-login\s*/,/^}/s|port\s*=\s*143|#port = 143|
/^service\s*imap-login\s*/,/^}/s|#port\s*=\s*993|port = 993|
/^service\s*imap-login\s*/,/^}/s|#ssl\s*=\s*.*|ssl = yes|
/^service\s*pop3-login\s*/,/^}/s|^|#|
/^service\s*pop3\s*/,/^}/s|^|#|
/tags/20201024/app/build/dovecot_10-ssl_mods.sed
0,0 → 1,5
1,$s|^#?s*ssl\s*=\s*.*|ssl = yes|i
1,$s|^#?s*ssl_cert\s*=\s*.*|ssl_cert = </letsencrypt/scheernet.spdns.de/fullchain.pem|i
1,$s|^#?s*ssl_key\s*=\s*.*|ssl_key = </letsencrypt/scheernet.spdns.de/privkey.pem|i
1,$s|^#?s*ssl_dh\s*=\s*.*|ssl_dh = </etc/dovecot/dh.pem|i
1,$s|^#?s*ssl_min_protocol\s*=\s*.*|ssl_min_protocol = SSLv3|i
/tags/20201024/app/build/dovecot_15-lda_mods.sed
0,0 → 1,0
1,$s|^#\s*postmaster_address\s*=\s*.*|postmaster_address = postmaster@scheernet.de|
/tags/20201024/app/build/dovecot_auth-passwdfile_mods.sed
0,0 → 1,0
1,$s|/etc/dovecot/users|/data/dovecot.passwd|
/tags/20201024/app/build/installimage
0,0 → 1,121
#!/bin/bash
##############################################################################
# Installation script for this app
##############################################################################
 
#
# Create user and group dovecot. This way we can control
# the uid and gid of this user/group. So the id's will
# match with the id's on the docker host.
addgroup -g 20103 dovecot
adduser -g "Dovecot administrator" -s "/sbin/nologin" -D \
-G dovecot -u 20103 dovecot
 
#
# Create user and group dovenull. This way we can control
# the uid and gid of this user/group. So the id's will
# match with the id's on the docker host.
addgroup -g 20104 dovenull
adduser -g "Dovecot administrator" -s "/sbin/nologin" -D \
-G dovenull -u 20104 dovenull
 
 
#
# Disable creation of SSL/TLS certificates during installation of Dovecot
mkdir -p /etc/dovecot
echo "ssl = no" > /etc/dovecot/local.conf
 
 
#
# Install Dovecot and fetchmail
apk update
apk add --no-cache dovecot dovecot-doc fetchmail fetchmail-doc || exit 1
 
 
#
# Remove previously generated local.conf to reenable SSL/TLS certificates.
rm /etc/dovecot/local.conf
 
 
#
# Link the application directory to /app
if [ "$(readlink -f /app)" == '/app-develop' ]; then
echo
echo "Skipping the linking of /app because you are in a development environment."
else
ln -snf /app-release /app
fi
 
 
#
# Set logging to STDOUT and STDERR.
sed --regexp-extended --in-place --file=/app/build/dovecot_10-logging_mods.sed \
/etc/dovecot/conf.d/10-logging.conf
 
 
#
# Set default passdb and disable plaintext authentication before a SSL/TLS
# encryption is established.
sed --regexp-extended --in-place --file=/app/build/dovecot_10-auth_mods.sed \
/etc/dovecot/conf.d/10-auth.conf
sed --regexp-extended --in-place --file=/app/build/dovecot_auth-passwdfile_mods.sed \
/etc/dovecot/conf.d/auth-passwdfile.conf.ext
#
# In the conffile 10-auth.conf the file auth-deny.conf.ext is included to
# prohibit the access on mailboxes for system users. In the conffile
# auth-deny.conf.ext the name of the user file is defined in a line
# beginning with "args =". This filename is extracted to create the file
# with typically system users.
denyfile=$(grep "args\s*=" /etc/dovecot/conf.d/auth-deny.conf.ext | sed 's/\s*//g' | cut -d= -f2)
if [ ! -z "$denyfile" ]; then
echo -e "root\n" > $denyfile
chown dovecot:dovecot $denyfile
chmod 640 $denyfile
fi
 
 
#
# Enable imap SSL/TLS and disable POP3 service.
# Set default users for the different processes of dovecot.
sed --regexp-extended --in-place --file=/app/build/dovecot_10-master_mods.sed \
/etc/dovecot/conf.d/10-master.conf
 
 
#
# Set location of mailstore
sed --regexp-extended --in-place --file=/app/build/dovecot_10-mail_mods.sed \
/etc/dovecot/conf.d/10-mail.conf
 
 
#
# Set SSL configuration
#
# https://wiki.dovecot.org/SSL/DovecotConfiguration
# ssl=required: SSL/TLS is always required, even if non-plaintext authentication
# mechanisms are used. Any attempt to authenticate before SSL/TLS is enabled will
# cause an authentication failure.
sed --regexp-extended --in-place --file=/app/build/dovecot_10-ssl_mods.sed \
/etc/dovecot/conf.d/10-ssl.conf
#
# Since version 2.3 dovecot needs the Diffie Hellman file dh.pem, which is generated by
# 'openssl dhparam -out /etc/dovecot/dh.pem 4096'. Without this file no SSL
# connection could be established. On a RaspBerry Pi 2 the generation tooks about
# 24 hours. So it would be better to create the file on a faster machine and just
# copy this file to the appropriate directory.
# If no file exists in the build directory of the container, then the file
# would be generated, but only with a length of 1024 because of the mentioned
# performance issue (1024=19 sec, 2048=140 sec, 4096=22687 sec on RasPi3).
if [ -r /app/build/dh.pem ]; then
cp /app/build/dh.pem /etc/dovecot/dh.pem
else
openssl dhparam -out /etc/dovecot/dh.pem 1024
fi
chown dovecot:dovecot /etc/dovecot/dh.pem
chmod 640 /etc/dovecot/dh.pem
 
 
#
# To enable fetchmail using Dovecot as a LDA, we ve to set the parameter
# postmaster_address = postmaster@scheernet.de
sed --regexp-extended --in-place --file=/app/build/dovecot_15-lda_mods.sed \
/etc/dovecot/conf.d/15-lda.conf
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/tags/20201024/app/build/x.pem
0,0 → 1,13
-----BEGIN DH PARAMETERS-----
MIICCAKCAgEA4qOh0knYP/B/bmCxm/IoHDAUUkUhjpQjEiHpJ2LcvZQcNL8IaccX
eHxB0sBZs6M5Il8dijRevvw3tUwRuLEM/nGMS9wYITQFQSN2DJmWylmnNdRiw1H4
mdtPhg+XN5xp0JMRAHrP/tez+LxX5iD5yoNvpeNKXI32tCHpWXmSHOpe5Mha+rVH
vdMjiOCQxBgdLk3Vlf58a2CcqadL/OWAut4UuE96Gf+KALUrQ6oFsejkUx9OKpHP
yJ8ClmE0ttp5copLkQ4P5aosxQp2xjN+EsSoGsvydaR/JL28TiihG50cpNkHlvqj
t78LH1JRezL619o87ZfKk8PH5zEklna4mltIequmOT8ZzOMiQFHyqkPH0Uwnwn5P
DSqSqhV/skfuHivITEh+W+UsS9KM4uYeQrCDFn1NdCv1pMMQzO65QOCW7EYlum+t
oRYJgv+34DY5ibiXP5Z41MnFE0ay7L5Ef299Hpa00uuImrvLbVJQcJ9O8E1Vmmu5
bxyVUs5bwjGDAjVGH0Ri5Vo+zzBrRIs/fRMOzoZOHN5EFyuRkWDF98C4iJGMfWMI
LfAeW4mf1Lnz93fb7/0EkeqU6R/87yew7jA5nxELlpCLp4CiwpGjIMf1gUpBgAza
i9fDryj05PcTE1O7g1Mv5LnhVSF6v5BoDhiDGoJf/gisixzQCFbb6PsCAQI=
-----END DH PARAMETERS-----
/tags/20201024/app/init/README
0,0 → 1,12
##############################################################################
#
# This directory can contain executables which are started by the script
# /usr/local/bin/startcontainer.
#
# At startup the script /app/init/start is called. The script will be
# called with the arguments given to /usr/local/bin/startcontainer.
#
# If the script startcontainer is terminated by the signal SIGTERM, SIGINT,
# SIGHUP or SIGQUIT it will call the script /app/init/stop if it exists.
#
##############################################################################
/tags/20201024/app/init/start
0,0 → 1,160
#!/bin/bash
 
##############################################################################
#
# Starting Dovecot
#
##############################################################################
 
#
# Define the time in seconds between the call of fetching new mail.
FETCHMAILINTERVALDEFAULT=60
if [ -z "$FETCHMAILINTERVAL" ]; then
FETCHMAILINTERVAL=$FETCHMAILINTERVALDEFAULT
fi
 
 
#
# Defintion of the short options for getopt
SOPTS=bc:i
 
#
# Defintion of the long options for getopt
LOPTS=help,backup,changepw:,init,fetchmail-interval:
 
#
# Parse available options
PARSED=$(getopt --options=$SOPTS --longoptions=$LOPTS --name "$DOCKERIMAGE" -- "$@") || exit 2
eval set -- "$PARSED"
 
 
#
# These variable are set by evaluating the commandline options.
CMD=""
DOVECOTUSER=''
 
 
#
# Now evaluate all options until --
errortext="You can use only one of the options --init, --backup, --changepw. Exiting!"
while true; do
case "$1" in
--help)
echo "Usage: drun dovecot --help"
echo " or: drun dovecot --init [--fetchmail-interval=SECONDS]"
echo " or: drun dovecot --backup"
echo " or: drun dovecot --changepw USER"
echo "Dovecot provides an IMAP daemon."
echo
echo "Mandatory arguments to long options are mandatory for short options too."
echo "-b, --backup Backup all Mailboxes."
echo "-c, --changepw=USER Change Password of USER."
echo " --fetchmail-interval=SECONDS Interval of the fetchmail call in SECONDS."
echo " (Default are $FETCHMAILINTERVALDEFAULT seconds)"
echo " --help Show this help."
echo "-i, --init Start and initialize the container."
exit 0
;;
-b | --backup)
if [ -z "$CMD" ]; then
CMD=backup
shift 1
else
echo "$errortext" 1>&2
exit 1
fi
;;
-c | --changepw)
if [ -z "$CMD" ]; then
CMD=changepw
if [[ $2 =~ ^[a-zA-Z0-9]+$ ]]; then
DOVECOTUSER="$2"
shift 2
else
echo "Please provide a valid username. Exiting!" 1>&2
exit 1
fi
else
echo "$errortext" 1>&2
exit 1
fi
;;
--fetchmail-interval)
if [[ $2 =~ ^[0-9]+$ ]]; then
FETCHMAILINTERVAL=$2
shift 2
else
echo "The interval for calling fetchmail must be given in seconds. Exiting!" 1>&2
exit 1
fi
;;
-i | --init)
if [ -z "$CMD" ]; then
CMD=init
shift 1
else
echo "$errortext" 1>&2
exit 1
fi
;;
--)
shift
break
;;
*)
echo "This line cannot be reached. This must be a programming error. Exiting" 1>&2
exit 3
;;
esac
done
 
case $CMD in
init)
if [ ! -r /data/dovecot.passwd ]; then
echo "Creating password file ... "
install -m 640 -o dovecot -g dovecot /dev/null /data/dovecot.passwd \
&& echo OK
fi
 
#
# Checking the variable FETCHMAILINTERVAL.
if [[ ! $FETCHMAILINTERVAL =~ ^[0-9]+$ ]]; then
echo
echo "WARNING: The interval for fetching new mails must be numeric. Defaulting to $FETCHMAILINTERVALDEFAULT."
FETCHMAILINTERVAL=$FETCHMAILINTERVALDEFAULT
fi
 
 
echo
echo "Setting tty writable for everyone (needed for fetchmail) ..."
chmod 622 /dev/stdout
chmod 622 /dev/stderr
 
echo
echo "Starting endless loop of fetchmail ..."
/app/sbin/fetchmailloop $FETCHMAILINTERVAL &
 
echo
echo "Starting Dovecot in foreground ..."
exec /usr/sbin/dovecot -F
;;
backup)
/app/sbin/dovecotbackup
;;
changepw)
/app/sbin/changepw $DOVECOTUSER
;;
*)
if [ -z "$CMD" ]; then
echo "The option --fetchmail-interval can only be used with the --init option. Exiting!" 1>&2
exit 1
else
#
# Just defensive programming ;-)
echo "Unknown internal command \"$CMD\" programmed. Exiting!" 1>&2
exit 3
fi
;;
esac
 
exit 0
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/tags/20201024/app/init/stop
0,0 → 1,19
#!/bin/bash
 
##############################################################################
#
# Example stopping script
#
##############################################################################
 
echo "Cleaning up ..."
 
#
# Stop the endless loop of fetchmail
kill -15 $(cat /var/run/fetchmail/fetchmailloop.pid)
 
 
#
# Dovecot is already stopped by the SIGTERM which is sent to the running
# container.
#doveadm stop
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/tags/20201024/app/sbin/changepw
0,0 → 1,52
#!/bin/bash
 
 
#
# The script can be called with the username.
if [ -z "$1" ]; then
echo -e -n "Username: "
read DOVECOTUSER
if [ -z "$DOVECOTUSER" ]; then
echo "No username given. Exiting!"
exit 1
fi
else
DOVECOTUSER="$1"
fi
 
 
#
# Check, if the user exists
doveadm user '*' | grep -q "^$DOVECOTUSER\$"
if [ $? -ne 0 ]; then
echo "The user \"$DOVECOTUSER\" is not defined. Aborting!"
exit 1
fi
 
 
#
# Ask for password
echo -e -n "New Password: "
read -s DOVECOTPASS
echo
if [ -z "$DOVECOTPASS" ]; then
echo "No password given. Exiting!"
exit 1
fi
echo -e -n "Retype Password: "
read -s DOVECOTPASS2
echo
if [ "$DOVECOTPASS" != "$DOVECOTPASS2" ]; then
echo "The passwords do not match. Aborting!"
exit 1
fi
 
 
#
# Generate password.
CRYPTPASS=$(doveadm pw -p "$DOVECOTPASS" -s crypt)
 
 
#
# Replace current password with the new one.
sed --regexp-extended --in-place -e "s|$DOVECOTUSER:.*:([0-9]+:[0-9]+::.*$)|$DOVECOTUSER:$CRYPTPASS:\1|" /data/dovecot.passwd
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/tags/20201024/app/sbin/dovecotbackup
0,0 → 1,131
##############################################################################
#
# Backup of Dovecot
#
# Dirk Scheer (dirk@scheernet.de)
#
##############################################################################
 
##############################################################################
#
# Definition of some variables
#
##############################################################################
MAILBOXES=$(doveadm user '*')
BACKUPDIR=/backup
LOCKFILE=/tmp/lockfile.$$
DAYNUM=`date +%u`
 
trap "rm -f $LOCKFILE; exit 1" 1 2 3
 
 
###########################################################################
#
# Checking for an already running svnbackup
#
###########################################################################
if [ -f $LOCKFILE ]; then
echo "There's already running a dovecotbackup (PID=`cat $LOCKFILE`)"
echo "If you think, this is an error, please delete the file $LOCKFILE manually"
exit 1
else
echo $$ > $LOCKFILE
fi
 
 
##############################################################################
#
# Creating backup directories (for every mailbox a sperate directory)
#
##############################################################################
mkdir -p $BACKUPDIR/$DAYNUM
chmod 755 $BACKUPDIR/$DAYNUM
for user in $MAILBOXES; do
mkdir -p $BACKUPDIR/$DAYNUM/$user
chown $user:$user $BACKUPDIR/$DAYNUM/$user
chmod 770 $BACKUPDIR/$DAYNUM/$user
done
 
 
###########################################################################
#
# Print a starting message
#
###########################################################################
dat=`date +"%d.%m.%Y %H:%M:%S"`
echo "*********************************************************************"
echo "* *"
echo "* Backup of Dovecot's mailboxes *"
echo "* Start $dat *"
echo "* *"
echo "*********************************************************************"
echo
 
 
##############################################################################
#
# Now let's do the backup of all mailboxes ;-)
#
##############################################################################
for user in $MAILBOXES; do
echo "Backup of mailbox $user ..."
dsync -v -f -u $user backup maildir:$BACKUPDIR/$DAYNUM/$user:LAYOUT=fs
case $? in
0)
echo "OK"
;;
2)
echo "OK - resyncing because of warnings."
dsync -u $user backup maildir:$BACKUPDIR/$DAYNUM/$user
case $? in
0)
echo "OK"
;;
2)
echo "OK - but with warnings."
;;
*)
echo "Error - please check!"
;;
esac
;;
*)
echo "Error - please check!"
;;
esac
echo
done
 
echo "Compressing ..."
cd $BACKUPDIR/$DAYNUM
tar -zcf ../$DAYNUM.tgz .
chmod 640 ../$DAYNUM.tgz
if [ $? -eq 0 ]; then
echo "Removing backup directory - leaving compressed archive $DAYNUM.tgz ..."
rm -rf $BACKUPDIR/$DAYNUM
else
echo "Because of an error, the backup directory will not be removed!"
fi
 
 
###########################################################################
#
# Print an ending message
#
###########################################################################
dat=`date +"%d.%m.%Y %H:%M:%S"`
echo
echo "*********************************************************************"
echo "* *"
echo "* End $dat *"
echo "* *"
echo "*********************************************************************"
 
 
###########################################################################
#
# Cleaning up and exit
#
##############################################################################
rm -f $LOCKFILE
exit 0
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/tags/20201024/app/sbin/fetchmailloop
0,0 → 1,93
#!/bin/bash
 
 
#
# File for storing current PID
PIDFILE=/var/run/fetchmail/fetchmailloop.pid
if [ -f $PIDFILE ]; then
echo "There is already a running fetchmailloop $(cat $PIDFILE). Aborting!"
fi
 
 
#
# This variable is used to indicate running fetchmail processes.
INACTION=0
 
 
#
# Function for cleaning up, when the process should be terminated.
trap 'cleanup' 1 2 3 15
function cleanup() {
if [ $INACTION -eq 1 ]; then
wait
echo "fetchmailloop terminated after waiting for all fetchmail processes."
else
echo "fetchmailloop terminated."
fi
 
rm -f $PIDFILE
 
exit 1
}
 
 
#
# The script can be called with the time to sleep between
# calling fetchmail.
if [ -z $1 ]; then
SLEEPTIME=60
else
if [[ $1 =~ ^[0-9]+$ ]]; then
SLEEPTIME=$1
else
echo "fetchmailloop [timeout in seconds]"
exit 1
fi
fi
 
 
#
# Store current PID
echo $$ > $PIDFILE
 
 
#
# Now start the endless loop ...
round=0
while true; do
#
# Sleep the configured time.
# It is important, that sleep is running in background and
# the shell waits for this background process, because only this
# way it is assured, that signals like SIGTERM are handeled correctly.
sleep $SLEEPTIME &
wait
 
 
#
# Output the date and time for the now starting loop of fetchmail.
round=$(expr $round + 1)
echo "fetchmailloop [$round]: $(date)"
 
 
#
# Indicate for cleanup(), that the running fetchmail must be waited for.
INACTION=1
 
 
#
# If the data directory of a Dovecot user contains a
# file named ".fetchmailrc", then fetchmail is executed
# in the context of the user.
for user in $(cat /data/dovecot.passwd | cut -d: -f1); do
if [ -f /data/$user/.fetchmailrc ]; then
su -s /bin/bash - $user -c "fetchmail -s -f /data/$user/.fetchmailrc"
fi
done
 
 
#
# Indicate for loop, that there is nothing to wait for.
INACTION=0
 
done
Property changes:
Added: svn:executable
+*
\ No newline at end of property