fix: Workaround postconf write settling logic (#2998)

* fix: Workaround `postconf` write settle logic After updating `main.cf`, to avoid an enforced delay from reading the config by postfix tools, we can ensure the modified time is at least 2 seconds in the past as a workaround. This should be ok with our usage AFAIK. Shaves off 2+ seconds roughly off each container startup, reduces roughly 2+ minutes off tests. * chore: Only modify `mtime` if less than 2 seconds ago - Slight improvement by avoiding unnecessary writes with a conditional check on the util method. - Can more comfortably call this during `postfix reload` in the change detection cycle now. - Identified other tests that'd benefit from this, created a helper method to call instead of copy/paste. - The `setup email restrict` command also did a modification and reload. Added util method here too. * tests(fix): `mail_smtponly.bats` should wait for Postfix - `postfix reload` fails if the service is not ready yet. - `service postfix reload` and `/etc/init.d/postfix reload` presumably wait until it is ready? (as these work regardless) * chore: Review feedback - Move reload method into utilities
2025-06-24 17:58:58 +02:00 · 2023-01-13 10:10:58 +13:00 · 2023-01-13 10:10:58 +13:00 · a7e6439a39
commit a7e6439a39
parent 0ecb647ae2
11 changed files with 86 additions and 36 deletions
--- a/target/scripts/startup/setup-stack.sh
+++ b/target/scripts/startup/setup-stack.sh
@ -686,48 +686,52 @@ function _setup_docker_permit
    CONTAINER_NETWORKS+=("${IP}")
  done < <(ip -o -4 addr show type veth | grep -E -o '[0-9\.]+/[0-9]+')

+  function __clear_postfix_mynetworks
+  {
+    _log 'trace' "Clearing Postfix's 'mynetworks'"
+    postconf "mynetworks ="
+  }
+
+  function __add_to_postfix_mynetworks
+  {
+    local NETWORK_TYPE=$1
+    local NETWORK=$2
+
+    _log 'trace' "Adding ${NETWORK_TYPE} (${NETWORK}) to Postfix 'main.cf:mynetworks'"
+    _adjust_mtime_for_postfix_maincf
+    postconf "$(postconf | grep '^mynetworks =') ${NETWORK}"
+    echo "${NETWORK}" >> /etc/opendmarc/ignore.hosts
+    echo "${NETWORK}" >> /etc/opendkim/TrustedHosts
+  }
+
  case "${PERMIT_DOCKER}" in
    ( 'none' )
-      _log 'trace' "Clearing Postfix's 'mynetworks'"
-      postconf "mynetworks ="
+      __clear_postfix_mynetworks
      ;;

    ( 'connected-networks' )
-      for NETWORK in "${CONTAINER_NETWORKS[@]}"
+      for CONTAINER_NETWORK in "${CONTAINER_NETWORKS[@]}"
      do
-        NETWORK=$(_sanitize_ipv4_to_subnet_cidr "${NETWORK}")
-        _log 'trace' "Adding Docker network '${NETWORK}' to Postfix's 'mynetworks'"
-        postconf "$(postconf | grep '^mynetworks =') ${NETWORK}"
-        echo "${NETWORK}" >> /etc/opendmarc/ignore.hosts
-        echo "${NETWORK}" >> /etc/opendkim/TrustedHosts
+        CONTAINER_NETWORK=$(_sanitize_ipv4_to_subnet_cidr "${CONTAINER_NETWORK}")
+        __add_to_postfix_mynetworks 'Docker Network' "${CONTAINER_NETWORK}"
      done
      ;;

    ( 'container' )
-      _log 'trace' "Adding container IP address to Postfix's 'mynetworks'"
-      postconf "$(postconf | grep '^mynetworks =') ${CONTAINER_IP}/32"
-      echo "${CONTAINER_IP}/32" >> /etc/opendmarc/ignore.hosts
-      echo "${CONTAINER_IP}/32" >> /etc/opendkim/TrustedHosts
+      __add_to_postfix_mynetworks 'Container IP address' "${CONTAINER_IP}/32"
      ;;

    ( 'host' )
-      _log 'trace' "Adding '${CONTAINER_NETWORK}/16' to Postfix's 'mynetworks'"
-      postconf "$(postconf | grep '^mynetworks =') ${CONTAINER_NETWORK}/16"
-      echo "${CONTAINER_NETWORK}/16" >> /etc/opendmarc/ignore.hosts
-      echo "${CONTAINER_NETWORK}/16" >> /etc/opendkim/TrustedHosts
+      __add_to_postfix_mynetworks 'Host Network' "${CONTAINER_NETWORK}/16"
      ;;

    ( 'network' )
-      _log 'trace' "Adding Docker network to Postfix's 'mynetworks'"
-      postconf "$(postconf | grep '^mynetworks =') 172.16.0.0/12"
-      echo 172.16.0.0/12 >> /etc/opendmarc/ignore.hosts
-      echo 172.16.0.0/12 >> /etc/opendkim/TrustedHosts
+      __add_to_postfix_mynetworks 'Docker IPv4 Subnet' '172.16.0.0/12'
      ;;

    ( * )
      _log 'warn' "Invalid value for PERMIT_DOCKER: '${PERMIT_DOCKER}'"
-      _log 'warn' "Clearing Postfix's 'mynetworks'"
-      postconf "mynetworks ="
+      __clear_postfix_mynetworks
      ;;

  esac
@ -754,9 +758,13 @@ function _setup_postfix_override_configuration
  if [[ -f /tmp/docker-mailserver/postfix-main.cf ]]
  then
    cat /tmp/docker-mailserver/postfix-main.cf >>/etc/postfix/main.cf
+    _adjust_mtime_for_postfix_maincf
+
    # do not directly output to 'main.cf' as this causes a read-write-conflict
    postconf -n >/tmp/postfix-main-new.cf 2>/dev/null
+
    mv /tmp/postfix-main-new.cf /etc/postfix/main.cf
+    _adjust_mtime_for_postfix_maincf
    _log 'trace' "Adjusted '/etc/postfix/main.cf' according to '/tmp/docker-mailserver/postfix-main.cf'"
  else
    _log 'trace' "No extra Postfix settings loaded because optional '/tmp/docker-mailserver/postfix-main.cf' was not provided"