PERMIT_DOCKER=none as new default value (#2424)

Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2025-08-01 00:25:40 +02:00 · 2022-03-02 16:03:40 +01:00 · 2022-03-02 16:03:40 +01:00 · 57c52d7b5b
commit 57c52d7b5b
parent 6d1c740310
13 changed files with 84 additions and 63 deletions
--- a/target/scripts/start-mailserver.sh
+++ b/target/scripts/start-mailserver.sh
@ -47,6 +47,7 @@ VARS[MOVE_SPAM_TO_JUNK]="${MOVE_SPAM_TO_JUNK:=1}"
 VARS[NETWORK_INTERFACE]="${NETWORK_INTERFACE:=eth0}"
 VARS[ONE_DIR]="${ONE_DIR:=1}"
 VARS[OVERRIDE_HOSTNAME]="${OVERRIDE_HOSTNAME}"
+VARS[PERMIT_DOCKER]="${PERMIT_DOCKER:=none}"
 VARS[POSTFIX_INET_PROTOCOLS]="${POSTFIX_INET_PROTOCOLS:=all}"
 VARS[POSTFIX_MAILBOX_SIZE_LIMIT]="${POSTFIX_MAILBOX_SIZE_LIMIT:=0}"
 VARS[POSTFIX_MESSAGE_SIZE_LIMIT]="${POSTFIX_MESSAGE_SIZE_LIMIT:=10240000}" # ~10MB
--- a/target/scripts/startup/setup-stack.sh
+++ b/target/scripts/startup/setup-stack.sh
@ -754,38 +754,44 @@ function _setup_docker_permit
      postconf -e "mynetworks ="
      ;;

-    "host" )
-      _notify 'inf' "Adding ${CONTAINER_NETWORK}/16 to my networks"
-      postconf -e "$(postconf | grep '^mynetworks =') ${CONTAINER_NETWORK}/16"
-      echo "${CONTAINER_NETWORK}/16" >> /etc/opendmarc/ignore.hosts
-      echo "${CONTAINER_NETWORK}/16" >> /etc/opendkim/TrustedHosts
-      ;;
-
-    "network" )
-      _notify 'inf' "Adding docker network in my networks"
-      postconf -e "$(postconf | grep '^mynetworks =') 172.16.0.0/12"
-      echo 172.16.0.0/12 >> /etc/opendmarc/ignore.hosts
-      echo 172.16.0.0/12 >> /etc/opendkim/TrustedHosts
-      ;;
-
    "connected-networks" )
      for NETWORK in "${CONTAINER_NETWORKS[@]}"
      do
        NETWORK=$(_sanitize_ipv4_to_subnet_cidr "${NETWORK}")
-        _notify 'inf' "Adding docker network ${NETWORK} in my networks"
+        _notify 'inf' "Adding docker network ${NETWORK} to Postfix's 'mynetworks'"
        postconf -e "$(postconf | grep '^mynetworks =') ${NETWORK}"
        echo "${NETWORK}" >> /etc/opendmarc/ignore.hosts
        echo "${NETWORK}" >> /etc/opendkim/TrustedHosts
      done
      ;;

-    * )
-      _notify 'inf' 'Adding container ip in my networks'
+    "container" )
+      _notify 'inf' "Adding container IP address to Postfix's 'mynetworks'"
      postconf -e "$(postconf | grep '^mynetworks =') ${CONTAINER_IP}/32"
      echo "${CONTAINER_IP}/32" >> /etc/opendmarc/ignore.hosts
      echo "${CONTAINER_IP}/32" >> /etc/opendkim/TrustedHosts
      ;;

+    "host" )
+      _notify 'inf' "Adding ${CONTAINER_NETWORK}/16 to Postfix's 'mynetworks'"
+      postconf -e "$(postconf | grep '^mynetworks =') ${CONTAINER_NETWORK}/16"
+      echo "${CONTAINER_NETWORK}/16" >> /etc/opendmarc/ignore.hosts
+      echo "${CONTAINER_NETWORK}/16" >> /etc/opendkim/TrustedHosts
+      ;;
+
+    "network" )
+      _notify 'inf' "Adding docker network to Postfix's 'mynetworks'"
+      postconf -e "$(postconf | grep '^mynetworks =') 172.16.0.0/12"
+      echo 172.16.0.0/12 >> /etc/opendmarc/ignore.hosts
+      echo 172.16.0.0/12 >> /etc/opendkim/TrustedHosts
+      ;;
+
+    * )
+      _notify 'warn' "Invalid value for PERMIT_DOCKER: ${PERMIT_DOCKER}"
+      _notify 'inf' "Clearing Postfix's 'mynetworks'"
+      postconf -e "mynetworks ="
+      ;;
+
  esac
 }