mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2025-08-31 07:09:57 +02:00
scripts: rework environment variables setup (#2716)
* outsourcing env variable setup This commit contains major parts of the work of refactoring the setup and usage of environment variables. It outsources the setup into its own script and provides dedicated functions to be executed at a later point in time. A **new** env variable was added: `USER_PROVISIONG` which provides a better way of defining which method / protocol to use when it comes to setting up users. This way, the `ENABLE_LDAP` variable is deprecated, but all of this is backwards compatible due to a "compatibility layer", a function provided by the new variables script. This is not a breaking change. It mostly refators internal scripts. The only change facing the user-side is the deprecation of `ENABLE_LDAP`. We can prolong the period of deprecation for this variable as long as we want, because the new function that ensures backwards compatibility provides a clean interface for the future. Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com> Co-authored-by: Casper <casperklein@users.noreply.github.com>
This commit is contained in:
Georg Lauterbach
GitHub
parent
26053c22bd
commit
ab55343d8e
13 changed files with 302 additions and 185 deletions
|
|
@ -31,142 +31,19 @@ source /usr/local/bin/daemons-stack.sh
|
|||
# ------------------------------------------------------------
|
||||
# ? << Sourcing helpers & stacks
|
||||
# --
|
||||
# ? >> Setup Supervisor & DNS names
|
||||
# ? >> Early setup & environment variables setup
|
||||
# ------------------------------------------------------------
|
||||
|
||||
# Setup supervisord as early as possible
|
||||
declare -A VARS
|
||||
VARS[SUPERVISOR_LOGLEVEL]="${SUPERVISOR_LOGLEVEL:=warn}"
|
||||
# shellcheck source=./helpers/variables.sh
|
||||
source /usr/local/bin/helpers/variables.sh
|
||||
|
||||
_setup_supervisor
|
||||
_obtain_hostname_and_domainname
|
||||
_environment_variables_backwards_compatibility
|
||||
_environment_variables_general_setup
|
||||
|
||||
# ------------------------------------------------------------
|
||||
# ? << Setup Supervisor & DNS names
|
||||
# --
|
||||
# ? >> Setup of default and global values / variables
|
||||
# ------------------------------------------------------------
|
||||
|
||||
# shellcheck disable=SC2034
|
||||
declare -a FUNCS_SETUP FUNCS_FIX FUNCS_CHECK FUNCS_MISC DAEMONS_START
|
||||
|
||||
# These variables must be defined first; They are used as default values for other variables.
|
||||
VARS[POSTMASTER_ADDRESS]="${POSTMASTER_ADDRESS:=postmaster@${DOMAINNAME}}"
|
||||
VARS[REPORT_RECIPIENT]="${REPORT_RECIPIENT:=${POSTMASTER_ADDRESS}}"
|
||||
VARS[REPORT_SENDER]="${REPORT_SENDER:=mailserver-report@${HOSTNAME}}"
|
||||
|
||||
VARS[AMAVIS_LOGLEVEL]="${AMAVIS_LOGLEVEL:=0}"
|
||||
VARS[CLAMAV_MESSAGE_SIZE_LIMIT]="${CLAMAV_MESSAGE_SIZE_LIMIT:=25M}" # 25 MB
|
||||
VARS[DEFAULT_RELAY_HOST]="${DEFAULT_RELAY_HOST:=}"
|
||||
VARS[DOVECOT_INET_PROTOCOLS]="${DOVECOT_INET_PROTOCOLS:=all}"
|
||||
VARS[DOVECOT_MAILBOX_FORMAT]="${DOVECOT_MAILBOX_FORMAT:=maildir}"
|
||||
VARS[DOVECOT_TLS]="${DOVECOT_TLS:=no}"
|
||||
VARS[ENABLE_AMAVIS]="${ENABLE_AMAVIS:=1}"
|
||||
VARS[ENABLE_CLAMAV]="${ENABLE_CLAMAV:=0}"
|
||||
VARS[ENABLE_DNSBL]="${ENABLE_DNSBL:=0}"
|
||||
VARS[ENABLE_FAIL2BAN]="${ENABLE_FAIL2BAN:=0}"
|
||||
VARS[ENABLE_FETCHMAIL]="${ENABLE_FETCHMAIL:=0}"
|
||||
VARS[ENABLE_LDAP]="${ENABLE_LDAP:=0}"
|
||||
VARS[ENABLE_MANAGESIEVE]="${ENABLE_MANAGESIEVE:=0}"
|
||||
VARS[ENABLE_POP3]="${ENABLE_POP3:=0}"
|
||||
VARS[ENABLE_POSTGREY]="${ENABLE_POSTGREY:=0}"
|
||||
VARS[ENABLE_QUOTAS]="${ENABLE_QUOTAS:=1}"
|
||||
VARS[ENABLE_SASLAUTHD]="${ENABLE_SASLAUTHD:=0}"
|
||||
VARS[ENABLE_SPAMASSASSIN]="${ENABLE_SPAMASSASSIN:=0}"
|
||||
VARS[ENABLE_SPAMASSASSIN_KAM]="${ENABLE_SPAMASSASSIN_KAM:=0}"
|
||||
VARS[ENABLE_SRS]="${ENABLE_SRS:=0}"
|
||||
VARS[ENABLE_UPDATE_CHECK]="${ENABLE_UPDATE_CHECK:=1}"
|
||||
VARS[FAIL2BAN_BLOCKTYPE]="${FAIL2BAN_BLOCKTYPE:=drop}"
|
||||
VARS[FETCHMAIL_PARALLEL]="${FETCHMAIL_PARALLEL:=0}"
|
||||
VARS[FETCHMAIL_POLL]="${FETCHMAIL_POLL:=300}"
|
||||
VARS[LDAP_START_TLS]="${LDAP_START_TLS:=no}"
|
||||
VARS[LOG_LEVEL]="${LOG_LEVEL:=info}"
|
||||
VARS[LOGROTATE_INTERVAL]="${LOGROTATE_INTERVAL:=weekly}"
|
||||
VARS[LOGWATCH_INTERVAL]="${LOGWATCH_INTERVAL:=none}"
|
||||
VARS[LOGWATCH_RECIPIENT]="${LOGWATCH_RECIPIENT:=${REPORT_RECIPIENT}}"
|
||||
VARS[LOGWATCH_SENDER]="${LOGWATCH_SENDER:=${REPORT_SENDER}}"
|
||||
VARS[MOVE_SPAM_TO_JUNK]="${MOVE_SPAM_TO_JUNK:=1}"
|
||||
VARS[NETWORK_INTERFACE]="${NETWORK_INTERFACE:=eth0}"
|
||||
VARS[ONE_DIR]="${ONE_DIR:=1}"
|
||||
VARS[OVERRIDE_HOSTNAME]="${OVERRIDE_HOSTNAME:-}"
|
||||
VARS[PERMIT_DOCKER]="${PERMIT_DOCKER:=none}"
|
||||
VARS[PFLOGSUMM_RECIPIENT]="${PFLOGSUMM_RECIPIENT:=${REPORT_RECIPIENT}}"
|
||||
VARS[PFLOGSUMM_SENDER]="${PFLOGSUMM_SENDER:=${REPORT_SENDER}}"
|
||||
VARS[PFLOGSUMM_TRIGGER]="${PFLOGSUMM_TRIGGER:=none}"
|
||||
VARS[POSTFIX_INET_PROTOCOLS]="${POSTFIX_INET_PROTOCOLS:=all}"
|
||||
VARS[POSTFIX_MAILBOX_SIZE_LIMIT]="${POSTFIX_MAILBOX_SIZE_LIMIT:=0}"
|
||||
VARS[POSTFIX_MESSAGE_SIZE_LIMIT]="${POSTFIX_MESSAGE_SIZE_LIMIT:=10240000}" # ~10 MB
|
||||
VARS[POSTGREY_AUTO_WHITELIST_CLIENTS]="${POSTGREY_AUTO_WHITELIST_CLIENTS:=5}"
|
||||
VARS[POSTGREY_DELAY]="${POSTGREY_DELAY:=300}"
|
||||
VARS[POSTGREY_MAX_AGE]="${POSTGREY_MAX_AGE:=35}"
|
||||
VARS[POSTGREY_TEXT]="${POSTGREY_TEXT:=Delayed by Postgrey}"
|
||||
VARS[POSTSCREEN_ACTION]="${POSTSCREEN_ACTION:=enforce}"
|
||||
VARS[RELAY_HOST]="${RELAY_HOST:=}"
|
||||
VARS[SA_KILL]=${SA_KILL:="6.31"}
|
||||
VARS[SA_SPAM_SUBJECT]=${SA_SPAM_SUBJECT:="***SPAM*** "}
|
||||
VARS[SA_TAG]=${SA_TAG:="2.0"}
|
||||
VARS[SA_TAG2]=${SA_TAG2:="6.31"}
|
||||
VARS[SMTP_ONLY]="${SMTP_ONLY:=0}"
|
||||
VARS[SPAMASSASSIN_SPAM_TO_INBOX]="${SPAMASSASSIN_SPAM_TO_INBOX:=1}"
|
||||
VARS[SPOOF_PROTECTION]="${SPOOF_PROTECTION:=0}"
|
||||
VARS[SRS_SENDER_CLASSES]="${SRS_SENDER_CLASSES:=envelope_sender}"
|
||||
VARS[SSL_TYPE]="${SSL_TYPE:=}"
|
||||
VARS[TLS_LEVEL]="${TLS_LEVEL:=modern}"
|
||||
VARS[TZ]="${TZ:=}"
|
||||
VARS[UPDATE_CHECK_INTERVAL]="${UPDATE_CHECK_INTERVAL:=1d}"
|
||||
VARS[VIRUSMAILS_DELETE_DELAY]="${VIRUSMAILS_DELETE_DELAY:=7}"
|
||||
|
||||
# SASL specific variables
|
||||
VARS[LDAP_BIND_DN]="${LDAP_BIND_DN:=}"
|
||||
VARS[LDAP_BIND_PW]="${LDAP_BIND_PW:=}"
|
||||
VARS[LDAP_SEARCH_BASE]="${LDAP_SEARCH_BASE:=}"
|
||||
VARS[LDAP_SERVER_HOST]="${LDAP_SERVER_HOST:=}"
|
||||
|
||||
VARS[SASLAUTHD_LDAP_AUTH_METHOD]="${SASLAUTHD_LDAP_AUTH_METHOD:=bind}"
|
||||
VARS[SASLAUTHD_LDAP_BIND_DN]="${SASLAUTHD_LDAP_BIND_DN:=${LDAP_BIND_DN}}"
|
||||
VARS[SASLAUTHD_LDAP_FILTER]="${SASLAUTHD_LDAP_FILTER:=(&(uniqueIdentifier=%u)(mailEnabled=TRUE))}"
|
||||
VARS[SASLAUTHD_LDAP_PASSWORD]="${SASLAUTHD_LDAP_PASSWORD:=${LDAP_BIND_PW}}"
|
||||
VARS[SASLAUTHD_LDAP_SEARCH_BASE]="${SASLAUTHD_LDAP_SEARCH_BASE:=${LDAP_SEARCH_BASE}}"
|
||||
VARS[SASLAUTHD_LDAP_SERVER]="${SASLAUTHD_LDAP_SERVER:=${LDAP_SERVER_HOST}}"
|
||||
[[ ${SASLAUTHD_LDAP_SERVER} != *'://'* ]] && SASLAUTHD_LDAP_SERVER="ldap://${SASLAUTHD_LDAP_SERVER}"
|
||||
VARS[SASLAUTHD_LDAP_START_TLS]="${SASLAUTHD_LDAP_START_TLS:=no}"
|
||||
VARS[SASLAUTHD_LDAP_TLS_CHECK_PEER]="${SASLAUTHD_LDAP_TLS_CHECK_PEER:=no}"
|
||||
VARS[SASLAUTHD_MECHANISMS]="${SASLAUTHD_MECHANISMS:=pam}"
|
||||
|
||||
if [[ -z ${SASLAUTHD_LDAP_TLS_CACERT_FILE} ]]
|
||||
then
|
||||
SASLAUTHD_LDAP_TLS_CACERT_FILE=''
|
||||
else
|
||||
SASLAUTHD_LDAP_TLS_CACERT_FILE="ldap_tls_cacert_file: ${SASLAUTHD_LDAP_TLS_CACERT_FILE}"
|
||||
fi
|
||||
VARS[SASLAUTHD_LDAP_TLS_CACERT_FILE]="${SASLAUTHD_LDAP_TLS_CACERT_FILE}"
|
||||
|
||||
if [[ -z ${SASLAUTHD_LDAP_TLS_CACERT_DIR} ]]
|
||||
then
|
||||
SASLAUTHD_LDAP_TLS_CACERT_DIR=''
|
||||
else
|
||||
SASLAUTHD_LDAP_TLS_CACERT_DIR="ldap_tls_cacert_dir: ${SASLAUTHD_LDAP_TLS_CACERT_DIR}"
|
||||
fi
|
||||
VARS[SASLAUTHD_LDAP_TLS_CACERT_DIR]="${SASLAUTHD_LDAP_TLS_CACERT_DIR}"
|
||||
|
||||
if [[ -z ${SASLAUTHD_LDAP_PASSWORD_ATTR} ]]
|
||||
then
|
||||
SASLAUTHD_LDAP_PASSWORD_ATTR=''
|
||||
else
|
||||
SASLAUTHD_LDAP_PASSWORD_ATTR="ldap_password_attr: ${SASLAUTHD_LDAP_PASSWORD_ATTR}"
|
||||
fi
|
||||
VARS[SASLAUTHD_LDAP_PASSWORD_ATTR]="${SASLAUTHD_LDAP_PASSWORD_ATTR}"
|
||||
|
||||
if [[ -z ${SASLAUTHD_LDAP_MECH} ]]
|
||||
then
|
||||
SASLAUTHD_LDAP_MECH=''
|
||||
else
|
||||
SASLAUTHD_LDAP_MECH="ldap_mech: ${SASLAUTHD_LDAP_MECH}"
|
||||
fi
|
||||
VARS[SASLAUTHD_LDAP_MECH]="${SASLAUTHD_LDAP_MECH}"
|
||||
|
||||
# ------------------------------------------------------------
|
||||
# ? << Setup of default and global values / variables
|
||||
# ? << Early setup & environment variables setup
|
||||
# --
|
||||
# ? >> Registering functions
|
||||
# ------------------------------------------------------------
|
||||
|
|
@ -183,22 +60,42 @@ function _register_functions
|
|||
|
||||
# ? >> Setup
|
||||
|
||||
_register_setup_function '_setup_default_vars'
|
||||
_register_setup_function '_setup_file_permissions'
|
||||
|
||||
[[ -n ${TZ} ]] && _register_setup_function '_setup_timezone'
|
||||
_register_setup_function '_setup_timezone'
|
||||
|
||||
if [[ ${SMTP_ONLY} -ne 1 ]]
|
||||
then
|
||||
_register_setup_function '_setup_dovecot'
|
||||
_register_setup_function '_setup_dovecot_dhparam'
|
||||
_register_setup_function '_setup_dovecot_quota'
|
||||
_register_setup_function '_setup_dovecot_local_user'
|
||||
fi
|
||||
|
||||
[[ ${ENABLE_LDAP} -eq 1 ]] && _register_setup_function '_setup_ldap'
|
||||
case "${ACCOUNT_PROVISIONER}" in
|
||||
( 'FILE' )
|
||||
_register_setup_function '_setup_dovecot_local_user'
|
||||
;;
|
||||
|
||||
( 'LDAP' )
|
||||
_environment_variables_ldap
|
||||
_register_setup_function '_setup_ldap'
|
||||
;;
|
||||
|
||||
( 'OIDC' )
|
||||
_register_setup_function '_setup_oidc'
|
||||
;;
|
||||
|
||||
( * )
|
||||
_shutdown "'${ACCOUNT_PROVISIONER}' is not a valid value for ACCOUNT_PROVISIONER"
|
||||
;;
|
||||
esac
|
||||
|
||||
if [[ ${ENABLE_SASLAUTHD} -eq 1 ]]
|
||||
then
|
||||
_environment_variables_saslauthd
|
||||
_register_setup_function '_setup_saslauthd'
|
||||
fi
|
||||
|
||||
[[ ${ENABLE_POSTGREY} -eq 1 ]] && _register_setup_function '_setup_postgrey'
|
||||
[[ ${ENABLE_SASLAUTHD} -eq 1 ]] && _register_setup_function '_setup_saslauthd'
|
||||
[[ ${POSTFIX_INET_PROTOCOLS} != 'all' ]] && _register_setup_function '_setup_postfix_inet_protocols'
|
||||
[[ ${DOVECOT_INET_PROTOCOLS} != 'all' ]] && _register_setup_function '_setup_dovecot_inet_protocols'
|
||||
[[ ${ENABLE_FAIL2BAN} -eq 1 ]] && _register_setup_function '_setup_fail2ban'
|
||||
|
|
@ -259,6 +156,7 @@ function _register_functions
|
|||
# ? >> Miscellaneous
|
||||
|
||||
_register_misc_function '_misc_save_states'
|
||||
_register_setup_function '_environment_variables_export'
|
||||
|
||||
# ? >> Daemons
|
||||
|
||||
|
|
@ -282,7 +180,7 @@ function _register_functions
|
|||
[[ ${ENABLE_FAIL2BAN} -eq 1 ]] && _register_start_daemon '_start_daemon_fail2ban'
|
||||
[[ ${ENABLE_FETCHMAIL} -eq 1 ]] && _register_start_daemon '_start_daemon_fetchmail'
|
||||
[[ ${ENABLE_CLAMAV} -eq 1 ]] && _register_start_daemon '_start_daemon_clamav'
|
||||
[[ ${ENABLE_LDAP} -eq 0 ]] && _register_start_daemon '_start_daemon_changedetector'
|
||||
[[ ${ACCOUNT_PROVISIONER} == 'FILE' ]] && _register_start_daemon '_start_daemon_changedetector'
|
||||
[[ ${ENABLE_AMAVIS} -eq 1 ]] && _register_start_daemon '_start_daemon_amavis'
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue