first commit

2024-06-03 18:43:35 +02:00
parent 2da01a3f6e
commit f501d519af
883 changed files with 71550 additions and 2 deletions
--- a/dockers/sympa/config/aliases.sympa.postfix
+++ b/dockers/sympa/config/aliases.sympa.postfix
@ -0,0 +1,11 @@
+# Robot aliases for Sympa.
+sympa:                 "| /usr/lib/sympa/bin/queue sympa@MAILNAME.DOMAINNAME"
+listmaster:            "| /usr/lib/sympa/bin/queue listmaster@MAILNAME.DOMAINNAME"
+bounce:                "| /usr/lib/sympa/bin/bouncequeue sympa@MAILNAME.DOMAINNAME"
+abuse-feedback-report: "| /usr/lib/sympa/bin/bouncequeue sympa@MAILNAME.DOMAINNAME"
+sympa-request:         postmaster
+sympa-owner:           postmaster
+#listserv:             sympa
+#listserv-request:     sympa-request
+#majordomo:            sympa
+#listserv-owner:       sympa-owner
--- a/dockers/sympa/config/postfix-wrapper.sh
+++ b/dockers/sympa/config/postfix-wrapper.sh
@ -0,0 +1,32 @@
+#! /bin/bash
+
+# You cannot start postfix in some foreground mode and
+# it's more or less important that docker doesn't kill
+# postfix and its chilren if you stop the container.
+#
+# Use this script with supervisord and it will take
+# care about starting and stopping postfix correctly.
+#
+# supervisord config snippet for postfix-wrapper:
+#
+# [program:postfix]
+# process_name = postfix
+# command = /path/to/postfix-wrapper.sh
+# startsecs = 0
+# autorestart = false
+#
+
+trap "service postfix stop" SIGINT
+trap "service postfix stop" SIGTERM
+trap "service postfix reload" SIGHUP
+
+service postfix start
+
+# lets give postfix some time to start
+sleep 60
+
+# wait until postfix is dead (triggered by trap)
+while kill -0 "$(< /var/spool/postfix/pid/master.pid)"
+do
+  sleep 5
+done
--- a/dockers/sympa/config/postfix.sh
+++ b/dockers/sympa/config/postfix.sh
@ -0,0 +1,41 @@
+#!/bin/bash
+
+postconf "postscreen_dnsbl_action = enforce"
+postconf "smtpd_banner = ESMTP"
+postconf "postscreen_dnsbl_sites = zen.spamhaus.org*3 bl.mailspike.net b.barracudacentral.org*2 bl.spameatingmonkey.net dnsbl.sorbs.net psbl.surriel.com list.dnswl.org=127.0.[0..255].0*-2 list.dnswl.org=127.0.[0..255].1*-3 list.dnswl.org=127.0.[0..255].[2..3]*-4"
+postconf "postscreen_dnsbl_threshold = 3"
+postconf "postscreen_dnsbl_whitelist_threshold = -1"
+postconf "postscreen_greet_action = enforce"
+postconf "postscreen_bare_newline_action = enforce"
+postconf "smtputf8_enable = no"
+postconf "smtpd_tls_cert_file=ENVCERT"
+postconf "smtpd_tls_key_file=ENVKEY"
+postconf "myhostname = MAILNAME.DOMAINNAME"
+postconf "transport_maps = hash:/etc/postfix/transport"
+postconf "message_size_limit = 1024000000"
+postconf "slow_destination_concurrency_limit = 2"
+postconf "slow_destination_recipient_limit = 20"
+postconf "slow_destination_rate_delay = 5s"
+postconf "slow_destination_concurrency_failed_cohort_limit=10"
+postconf "veryslow_destination_concurrency_limit = 2"
+postconf "veryslow_destination_recipient_limit = 2"
+postconf "veryslow_destination_rate_delay = 10s"
+postconf "veryslow_destination_concurrency_failed_cohort_limit=10"
+
+postmap /etc/postfix/transport
+
+grep "slow_destination" /etc/postfix/master.cf >/dev/null 2>&1
+if [ "$?" -ne "0" ]
+then
+	echo -e "slow    unix    -       -       n       -       5       smtp\n \
+	-o syslog_name=postfix-slow" \
+	 >>/etc/postfix/master.cf
+fi
+
+grep "veryslow_destination" /etc/postfix/master.cf >/dev/null 2>&1
+if [ "$?" -ne "0" ]
+then
+	echo -e "veryslow    unix    -       -       n       -       5       smtp\n \
+	-o syslog_name=postfix-veryslow" \
+	 >>/etc/postfix/master.cf
+fi
--- a/dockers/sympa/config/start.sh
+++ b/dockers/sympa/config/start.sh
@ -0,0 +1,51 @@
+#!/bin/bash
+
+echo "Configuring for ${DOMAIN_SYMPA}"
+sed -i -e "s/MAILNAME.DOMAINNAME/${DOMAIN_SYMPA}/g" /etc/postfix/main.cf
+sed -i -e "s/MAILNAME.DOMAINNAME/${DOMAIN_SYMPA}/g" /etc/sympa/sympa/sympa.conf
+sed -i -e "s/MAILNAME.DOMAINNAME/${DOMAIN_SYMPA}/g" /etc/mailname
+sed -i -e "s/ADMIN_EMAIL/$ADMINEMAIL/g" /etc/aliases
+postalias /etc/aliases
+
+
+sed -i -e "s%ENVKEY%$KEY%g" /etc/postfix/main.cf
+sed -i -e "s%ENVCERT%$CERT%g" /etc/postfix/main.cf
+
+sed -i -e "s%ENVKEY%$KEY%g" /etc/apache2/sites-available/default-ssl.conf
+sed -i -e "s%ENVCERT%$CERT%g" /etc/apache2/sites-available/default-ssl.conf
+sed -i -e "s/MAILNAME.DOMAINNAME/${DOMAIN_SYMPA}/g" /etc/apache2/sites-available/000-default.conf
+sed -i -e "s/MAILNAME.DOMAINNAME/${DOMAIN_SYMPA}/g" /var/www/html/index.html
+
+sed -i -e "s/MAILNAME.DOMAINNAME/${DOMAIN_SYMPA}/g" /etc/sympa/aliases.sympa.postfix
+postalias hash:/etc/sympa/aliases.sympa.postfix
+/usr/lib/sympa/bin/sympa_newaliases.pl
+
+postmap /etc/postfix/transport
+
+# sed -i -e "s/LISTMASTERS/$LISTMASTERS/g" /etc/sympa/sympa/sympa.conf
+
+# Passage de SQLite à MySQL
+sed -i -e "s/db_name.*//g" /etc/sympa/sympa/sympa.conf
+sed -i -e "s/db_type.*//g" /etc/sympa/sympa/sympa.conf
+echo -e "db_type	mysql\ndb_host	db\ndb_port	3306\ndb_name	${MYSQL_DATABASE}\ndb_user	${MYSQL_USER}\ndb_passwd	${MYSQL_PASSWORD}" >> /etc/sympa/sympa/sympa.conf
+
+# set des listmasters
+sed -i -e "s/listmaster.*//g" /etc/sympa/sympa/sympa.conf
+echo -e "listmaster $LISTMASTERS" >> /etc/sympa/sympa/sympa.conf
+
+# passage en https
+sed -i -e "s/http:/https:/g" /etc/sympa/sympa/sympa.conf
+
+# Initialisation/Vérification de la database
+until /usr/lib/sympa/bin/sympa.pl --health_check # creates the database if needed, wait for the DB to be ready
+do
+  sleep 0.1
+done
+
+# préparation du SOAP
+sed -i -e "s%SOAP_USER%${SOAP_USER}%g" /etc/sympa/trusted_applications.conf
+MD5PASS=$(/usr/lib/sympa/bin/sympa.pl --md5_digest=${SOAP_PASSWORD} | cut -d':' -f2 | sed -e "s/[[:space:]]*//g")
+sed -i -e "s%SOAP_MD5PASS%${MD5PASS}%g" /etc/sympa/trusted_applications.conf
+
+echo "Starting supervisord"
+supervisord -n -c /etc/supervisord.conf
--- a/dockers/sympa/config/supervisord.conf
+++ b/dockers/sympa/config/supervisord.conf
@ -0,0 +1,90 @@
+[supervisord]
+user = root
+loglevel = warn
+nodaemon = true
+strip_ansi = true
+logfile = /var/log/supervisor/supervisord.log      ; default $CWD/supervisord.log
+pidfile = /var/run/supervisord.pid                 ; default supervisord.pid
+childlogdir = /var/log/supervisor                  ; default $TEMP ('AUTO' child log dir)
+
+[unix_http_server]
+file = /dev/shm/supervisor.sock
+chmod = 0700
+chown = nobody:nogroup
+username = docker-mailserver
+password = docker-mailserver-password
+
+[supervisorctl]
+serverurl = unix:///dev/shm/supervisor.sock        ; use a 'unix://' path for a unix socket
+username = docker-mailserver
+password = docker-mailserver-password
+
+; must remain in config file for RPC (supervisorctl/web interface) to work, additional
+; interfaces may be added by defining them in separate rpcinterface: sections
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
+
+
+[program:rsyslog]
+#command=/etc/init.d/rsyslog restart
+command=/usr/sbin/rsyslogd -n
+stdout_events_enabled=true
+stderr_events_enabled=true
+
+[program:postfix]
+startsecs=0
+stopwaitsecs=55
+autostart=true
+autorestart=true
+command=/usr/local/bin/postfix-wrapper.sh
+#command=/usr/lib/postfix/sbin/master -d
+#command=/etc/init.d/postfix restart
+stdout_events_enabled=true
+stderr_events_enabled=true
+
+[program:apache2]
+#command=/etc/init.d/apache2 restart
+command=/usr/sbin/apache2ctl -c "ErrorLog /dev/stdout" -DFOREGROUND
+stdout_events_enabled=true
+stderr_events_enabled=true
+
+[program:anacron]
+#command=/etc/init.d/anacron restart
+command=/usr/sbin/anacron -sd
+stdout_events_enabled=true
+stderr_events_enabled=true
+
+[program:sympa-outgoing]
+command=/usr/lib/sympa/bin/bulk.pl -F
+stdout_events_enabled=true
+stderr_events_enabled=true
+
+[program:sympa-archive]
+command=/usr/lib/sympa/bin/archived.pl -F
+stdout_events_enabled=true
+stderr_events_enabled=true
+
+[program:sympa-bounce]
+command=/usr/lib/sympa/bin/bounced.pl -F
+stdout_events_enabled=true
+stderr_events_enabled=true
+
+[program:sympa-task]
+command=/usr/lib/sympa/bin/task_manager.pl -F
+stdout_events_enabled=true
+stderr_events_enabled=true
+
+[program:sympa]
+command=/usr/lib/sympa/bin/sympa_msg.pl --foreground
+stdout_events_enabled=true
+stderr_events_enabled=true
+
+[program:sympa-fcgi]
+command=/usr/bin/spawn-fcgi -n -u sympa -g sympa -a 127.0.0.1 -p 8442 /usr/lib/cgi-bin/sympa/wwsympa.fcgi
+stdout_events_enabled=true
+stderr_events_enabled=true
+
+[program:sympa-soap-fcgi]
+command=/usr/bin/spawn-fcgi -n -u sympa -g sympa -a 127.0.0.1 -p 8443 /usr/lib/cgi-bin/sympa/sympa_soap_server.fcgi
+stdout_events_enabled=true
+stderr_events_enabled=true
--- a/dockers/sympa/config/sympa.preseed
+++ b/dockers/sympa/config/sympa.preseed
@ -0,0 +1,15 @@
+postfix	postfix/mailname		string		MAILNAME.DOMAINNAME
+postfix	postfix/main_mailer_type	string		'Pas de configuration'
+
+sympa	sympa/dbconfig-install		boolean		true
+sympa	sympa/database-type		select		sqlite3
+sympa	sympa/sympa_newaliases-wrapper-setuid-root	boolean	true
+sympa	sympa/listmaster		string		LISTMASTERS
+
+sympa	wwsympa/webserver_type		select		Apache 2
+sympa	sympa/use_soap			boolean		false
+
+# à garder dans un coin
+# sympa sympa/use_wwsympa boolean true
+# sympa wwsympa/fastcgi boolean true
+# sympa sympa/use_soap boolean true
--- a/dockers/sympa/config/transport
+++ b/dockers/sympa/config/transport
@ -0,0 +1,13 @@
+orange.fr       veryslow:
+orange.com      veryslow:
+wanadoo.com     veryslow:
+wanadoo.fr      veryslow:
+gmail.com	slow:
+yahoo.com  	slow:
+yahoo.fr	slow:
+outlook.com	veryslow:
+outlook.fr  veryslow:
+hotmail.fr	veryslow:
+hotmail.com	veryslow:
+live.com	veryslow:
+live.fr   veryslow:
--- a/dockers/sympa/config/trusted_applications.conf
+++ b/dockers/sympa/config/trusted_applications.conf
@ -0,0 +1,5 @@
+trusted_application
+  name SOAP_USER
+  md5password SOAP_MD5PASS
+  # the md5 digest of the application pasword. You can get it with sympa.pl --md5_digest=<the password>
+  proxy_for_variables USER_EMAIL,remote_host