From f837b1978941175c1805b3ab22a7024268938840 Mon Sep 17 00:00:00 2001 From: Joel Rebello Date: Thu, 3 Jul 2014 17:43:03 +0530 Subject: [PATCH 1/7] fix variable naming in doc --- README | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README b/README index 640fa8a..4d540de 100644 --- a/README +++ b/README @@ -30,7 +30,7 @@ Run a one-off container to configure the database: docker run \ --link rtdb:db \ -e DATABASE_USER=rt_user \ - -e DATABASE_PASS=rt_pass \ + -e DATABASE_PASSWORD=rt_pass \ -e DATABASE_NAME=rt4 \ nickstenning/rt \ /usr/bin/rtinit @@ -42,7 +42,7 @@ Now the database is initialised and you can run RT proper: -p 25 \ -p 80 \ -e DATABASE_USER=rt_user \ - -e DATABASE_PASS=rt_pass \ + -e DATABASE_PASSWORD=rt_pass \ -e DATABASE_NAME=rt4 \ nickstenning/rt @@ -58,7 +58,7 @@ You can provide the DATABASE_HOST directly: -p 80 \ -e DATABASE_HOST=dbserver \ -e DATABASE_USER=rt_user \ - -e DATABASE_PASS=rt_pass \ + -e DATABASE_PASSWORD=rt_pass \ -e DATABASE_NAME=rt4 \ nickstenning/rt From 53a9aab39637fbb5b35a475c99d142cf41f0c5f6 Mon Sep 17 00:00:00 2001 From: Joel Rebello Date: Thu, 3 Jul 2014 19:16:02 +0530 Subject: [PATCH 2/7] copy services, resolv.conf into postfix's var dir - postfix will error without these --- Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Dockerfile b/Dockerfile index fca87ab..94ab1e0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -58,6 +58,8 @@ RUN chown -R root:root /etc/postfix RUN newaliases RUN mkdir -m 1777 /var/log/procmail ADD ./etc/logrotate.procmail /etc/logrotate.d/procmail +RUN cp /etc/resolv.conf /var/spool/postfix/etc/ +RUN cp /etc/services /var/spool/postfix/etc/ # Build RT and extensions ADD ./scripts/installext.sh /src/installext.sh From 3f919cf2ec48cde197974c9621a54087bdb007d7 Mon Sep 17 00:00:00 2001 From: Joel Rebello Date: Thu, 3 Jul 2014 19:18:49 +0530 Subject: [PATCH 3/7] include updated postfix, procmail config to allow RELAY_HOST, WEB_DOMAIN to be defined --- etc/postfix/main.cf | 32 +++++++++++++++++++++++++++----- etc/postfix/procmailrc.rt | 28 ++++++++++++++++++++++------ 2 files changed, 49 insertions(+), 11 deletions(-) diff --git a/etc/postfix/main.cf b/etc/postfix/main.cf index 124640a..fdd1a96 100644 --- a/etc/postfix/main.cf +++ b/etc/postfix/main.cf @@ -1,10 +1,32 @@ -myhostname = rt.example.org -mydomain = example.org -myorigin = $myhostname +mail_owner = postfix +myhostname = WEB_DOMAIN +mydomain = WEB_DOMAIN +myorigin = WEB_DOMAIN inet_interfaces = all mydestination = $myhostname unknown_local_recipient_reject_code = 550 -relayhost = mailrelay.example.org +relayhost = RELAY_IP +relay_domains = + WEB_DOMAIN alias_maps = hash:/etc/postfix/aliases alias_database = hash:/etc/postfix/aliases -recipient_delimiter = - +mailman_destination_recipient_limit=1 +smtpd_helo_restrictions = + reject_non_fqdn_hostname, + reject_invalid_hostname, + permit +smtpd_sender_restrictions = + permit_mynetworks, + reject_non_fqdn_sender, + reject_unknown_sender_domain, + permit +smtpd_recipient_restrictions = + permit_mynetworks, + reject_unauth_pipelining, + reject_non_fqdn_recipient, + reject_unknown_recipient_domain, + reject_invalid_hostname, + reject_unauth_destination, + reject_rbl_client sbl-xbl.spamhaus.org, + permit + diff --git a/etc/postfix/procmailrc.rt b/etc/postfix/procmailrc.rt index 261df61..bc1a4bd 100644 --- a/etc/postfix/procmailrc.rt +++ b/etc/postfix/procmailrc.rt @@ -4,22 +4,38 @@ LOGFILE=/var/log/procmail/rt.log #Messages >300000 characters proceed to recipient (unlikely to be spam) :0w * > 300000 -| rt-mailgate --queue $QUEUE --action $ACTION --url http://rt.example.org/ +| rt-mailgate --queue $QUEUE --action $ACTION --url http://WEB_DOMAIN/ :0w -* ^X-RT-Loop-Prevention: example.org +* ^X-RT-Loop-Prevention: okfn.org /dev/null +:0w +* ^Subject:.*\[billing\] Heroku Invoice +! payments@okfn.org + +:0w +* ^Subject:.*\[GANDI\] Insufficient funds +! payments@okfn.org + +:0w +* ^Subject:.*\[GANDI\] Invoice +! payments@okfn.org + +:0w +* ^Subject:.*\[CloudFlare\] Invoice +! payments@okfn.org + #Is it spam? :0fw: spamassassin.lock * < 300000 | spamc - + #if the spam trigger is fired send to spam queue :0w * ^X-spam-Status: Yes -| rt-mailgate --queue spam --action correspond --url http://rt.example.org/ - +| rt-mailgate --queue spam --action correspond --url http://WEB_DOMAIN/ + #if the spam trigger is not fired then send to expected destination :0w -| rt-mailgate --queue $QUEUE --action $ACTION --url http://rt.example.org/ +| rt-mailgate --queue $QUEUE --action $ACTION --url http://WEB_DOMAIN/ From f4bc83f9b2895f95e9b56cf65452fde93793fb04 Mon Sep 17 00:00:00 2001 From: Joel Rebello Date: Thu, 3 Jul 2014 19:19:37 +0530 Subject: [PATCH 4/7] update postfix run script - to allow config params to be defined --- svc/postfix/run | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/svc/postfix/run b/svc/postfix/run index 136893b..e02aec8 100755 --- a/svc/postfix/run +++ b/svc/postfix/run @@ -1,6 +1,17 @@ #!/bin/sh exec 2>&1 + +#these are expected to be passed in via docker -e +if [ -z ${RELAY_IP} ]; +then + RELAY_IP=$(route -n | awk /UG/'{print $2}' | head -1) +fi + +sed -e "s/RELAY_IP/${RELAY_IP}/g" -i /etc/postfix/main.cf +sed -e "s/WEB_DOMAIN/${WEB_DOMAIN}/g" -i /etc/postfix/main.cf +sed -e "s/WEB_DOMAIN/${WEB_DOMAIN}/g" -i /etc/postfix/procmailrc.rt + command_directory=$(postconf -h command_directory) daemon_directory=$("$command_directory"/postconf -h daemon_directory) From 9d84a6b99bb2f0a8422a9dd3617ade214cfb2fdf Mon Sep 17 00:00:00 2001 From: Joel Rebello Date: Thu, 3 Jul 2014 19:20:10 +0530 Subject: [PATCH 5/7] update doc on defining RELAY_IP and other availble vars --- README | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/README b/README index 4d540de..dda1886 100644 --- a/README +++ b/README @@ -66,4 +66,10 @@ configuration ------------- This image provides some limited support for customising the deployment using -environment variables. See RT_SiteConfig.pm for details. +environment variables. See RT_SiteConfig.pm for the various variables which, +can be defined to configure how the container starts up + +By default the postfix within the container will be set to relay (relay_host), +ail to containers gateway IP address, to redefine `relay_host` use: + + -e RELAY_IP='some.ip.goes.here' From c08720a6032638ddeaf8beb9a026b2f5a6a80a03 Mon Sep 17 00:00:00 2001 From: Joel Rebello Date: Thu, 3 Jul 2014 19:27:29 +0530 Subject: [PATCH 6/7] remove incorrectly added okf specific config --- etc/postfix/procmailrc.rt | 22 +++------------------- 1 file changed, 3 insertions(+), 19 deletions(-) diff --git a/etc/postfix/procmailrc.rt b/etc/postfix/procmailrc.rt index bc1a4bd..5e971ac 100644 --- a/etc/postfix/procmailrc.rt +++ b/etc/postfix/procmailrc.rt @@ -7,35 +7,19 @@ LOGFILE=/var/log/procmail/rt.log | rt-mailgate --queue $QUEUE --action $ACTION --url http://WEB_DOMAIN/ :0w -* ^X-RT-Loop-Prevention: okfn.org +* ^X-RT-Loop-Prevention: example.org /dev/null -:0w -* ^Subject:.*\[billing\] Heroku Invoice -! payments@okfn.org - -:0w -* ^Subject:.*\[GANDI\] Insufficient funds -! payments@okfn.org - -:0w -* ^Subject:.*\[GANDI\] Invoice -! payments@okfn.org - -:0w -* ^Subject:.*\[CloudFlare\] Invoice -! payments@okfn.org - #Is it spam? :0fw: spamassassin.lock * < 300000 | spamc - + #if the spam trigger is fired send to spam queue :0w * ^X-spam-Status: Yes | rt-mailgate --queue spam --action correspond --url http://WEB_DOMAIN/ - + #if the spam trigger is not fired then send to expected destination :0w | rt-mailgate --queue $QUEUE --action $ACTION --url http://WEB_DOMAIN/ From 9c1dcead8d0d342e906ecc055c858809e57a8815 Mon Sep 17 00:00:00 2001 From: Joel Rebello Date: Fri, 4 Jul 2014 11:48:29 +0530 Subject: [PATCH 7/7] use sysv init to start postfix --- svc/postfix/run | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/svc/postfix/run b/svc/postfix/run index e02aec8..4018a90 100755 --- a/svc/postfix/run +++ b/svc/postfix/run @@ -12,11 +12,6 @@ sed -e "s/RELAY_IP/${RELAY_IP}/g" -i /etc/postfix/main.cf sed -e "s/WEB_DOMAIN/${WEB_DOMAIN}/g" -i /etc/postfix/main.cf sed -e "s/WEB_DOMAIN/${WEB_DOMAIN}/g" -i /etc/postfix/procmailrc.rt -command_directory=$(postconf -h command_directory) -daemon_directory=$("$command_directory"/postconf -h daemon_directory) - -# make consistency check -"$command_directory"/postfix check - -# run Postfix -exec "$daemon_directory"/master +service postfix start +sleep 5 +exec tail -F /var/log/mail.log