From e979743226768c14aba3b366a7bd064013ff2dd7 Mon Sep 17 00:00:00 2001 From: Michael Wyraz Date: Thu, 9 Apr 2020 14:34:54 +0200 Subject: [PATCH 01/13] Rsyslog logging for postfix, optional logging to file, no logging of test requests --- core/postfix/Dockerfile | 2 +- core/postfix/conf/main.cf | 3 --- core/postfix/conf/rsyslog.conf | 40 ++++++++++++++++++++++++++++++++++ core/postfix/start.py | 6 +++++ docs/configuration.rst | 3 +++ 5 files changed, 50 insertions(+), 4 deletions(-) create mode 100644 core/postfix/conf/rsyslog.conf diff --git a/core/postfix/Dockerfile b/core/postfix/Dockerfile index af29bf91..0c7e136d 100644 --- a/core/postfix/Dockerfile +++ b/core/postfix/Dockerfile @@ -12,7 +12,7 @@ RUN pip3 install socrate==0.2.0 RUN pip3 install "podop>0.2.5" # Image specific layers under this line -RUN apk add --no-cache postfix postfix-pcre cyrus-sasl-plain cyrus-sasl-login +RUN apk add --no-cache postfix postfix-pcre cyrus-sasl-plain rsyslog cyrus-sasl-login COPY conf /conf COPY start.py /start.py diff --git a/core/postfix/conf/main.cf b/core/postfix/conf/main.cf index 8f35f609..10143f29 100644 --- a/core/postfix/conf/main.cf +++ b/core/postfix/conf/main.cf @@ -2,9 +2,6 @@ # General ############### -# Logging configuration -maillog_file = /dev/stdout - # Main domain and hostname mydomain = {{ DOMAIN }} myhostname = {{ HOSTNAMES.split(",")[0] }} diff --git a/core/postfix/conf/rsyslog.conf b/core/postfix/conf/rsyslog.conf new file mode 100644 index 00000000..d8a7bdf4 --- /dev/null +++ b/core/postfix/conf/rsyslog.conf @@ -0,0 +1,40 @@ +# rsyslog configuration file +# +# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html +# or latest version online at http://www.rsyslog.com/doc/rsyslog_conf.html +# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html + + +#### Global directives #### + +# Sets the directory that rsyslog uses for work files. +$WorkDirectory /var/lib/rsyslog + +# Sets default permissions for all log files. +$FileOwner root +$FileGroup adm +$FileCreateMode 0640 +$DirCreateMode 0755 +$Umask 0022 + +# Reduce repeating messages (default off). +$RepeatedMsgReduction on + + +#### Modules #### + +# Provides support for local system logging (e.g. via logger command). +module(load="imuxsock") + +#### Rules #### + +# Discard messages from local test requests +:msg, contains, "connect from localhost[127.0.0.1]" ~ + +{% if POSTFIX_LOG_FILE %} +# Log mail logs to file +mail.* -{{LOG_FILE}} +{% endif %} + +# Log mail logs to stdout +mail.* -/dev/stdout diff --git a/core/postfix/start.py b/core/postfix/start.py index b68303e1..d942c8f1 100755 --- a/core/postfix/start.py +++ b/core/postfix/start.py @@ -37,6 +37,9 @@ os.environ["ADMIN_ADDRESS"] = system.get_host_address_from_environment("ADMIN", os.environ["ANTISPAM_MILTER_ADDRESS"] = system.get_host_address_from_environment("ANTISPAM_MILTER", "antispam:11332") os.environ["LMTP_ADDRESS"] = system.get_host_address_from_environment("LMTP", "imap:2525") +conf.jinja("/conf/rsyslog.conf", os.environ, "/etc/rsyslog.conf") + + for postfix_file in glob.glob("/conf/*.cf"): conf.jinja(postfix_file, os.environ, os.path.join("/etc/postfix", os.path.basename(postfix_file))) @@ -61,6 +64,9 @@ if "RELAYUSER" in os.environ: conf.jinja("/conf/sasl_passwd", os.environ, path) os.system("postmap {}".format(path)) +# Start rsyslog +os.system("/usr/sbin/rsyslogd -n &") + # Run Podop and Postfix multiprocessing.Process(target=start_podop).start() os.system("/usr/libexec/postfix/post-install meta_directory=/etc/postfix create-missing") diff --git a/docs/configuration.rst b/docs/configuration.rst index 5ff3546a..78d147fa 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -147,6 +147,9 @@ Log messages equal or higher than this priority will be printed. Can be one of: CRITICAL, ERROR, WARNING, INFO, DEBUG or NOTSET. See the `python docs`_ for more information. +``POSTFIX_LOG_FILE`` enables postfix logging to the given file (in addition to log to stdout). +Log rotation should be done externally. + .. _`python docs`: https://docs.python.org/3.6/library/logging.html#logging-levels Antivirus settings From ca6ea6465c73ae49f2aa7b19b17e501c9cb325e3 Mon Sep 17 00:00:00 2001 From: Michael Wyraz Date: Sat, 23 Jan 2021 16:16:07 +0100 Subject: [PATCH 02/13] make syslog optional --- core/postfix/conf/main.cf | 5 +++++ core/postfix/start.py | 9 ++++++--- docs/configuration.rst | 12 ++++++++++++ 3 files changed, 23 insertions(+), 3 deletions(-) diff --git a/core/postfix/conf/main.cf b/core/postfix/conf/main.cf index 10143f29..1e2e9e8a 100644 --- a/core/postfix/conf/main.cf +++ b/core/postfix/conf/main.cf @@ -2,6 +2,11 @@ # General ############### +{% if POSTFIX_LOG_SYSLOG != "local" %} +# Logging configuration +maillog_file = /dev/stdout +{% endif %} + # Main domain and hostname mydomain = {{ DOMAIN }} myhostname = {{ HOSTNAMES.split(",")[0] }} diff --git a/core/postfix/start.py b/core/postfix/start.py index d942c8f1..4509da40 100755 --- a/core/postfix/start.py +++ b/core/postfix/start.py @@ -37,8 +37,9 @@ os.environ["ADMIN_ADDRESS"] = system.get_host_address_from_environment("ADMIN", os.environ["ANTISPAM_MILTER_ADDRESS"] = system.get_host_address_from_environment("ANTISPAM_MILTER", "antispam:11332") os.environ["LMTP_ADDRESS"] = system.get_host_address_from_environment("LMTP", "imap:2525") -conf.jinja("/conf/rsyslog.conf", os.environ, "/etc/rsyslog.conf") +os.environ["LMTP_ADDRESS"] = system.get_host_address_from_environment("LMTP", "imap:2525") +os.environ["POSTFIX_LOG_SYSLOG"] = os.environ.get("POSTFIX_LOG_SYSLOG","disabled") for postfix_file in glob.glob("/conf/*.cf"): conf.jinja(postfix_file, os.environ, os.path.join("/etc/postfix", os.path.basename(postfix_file))) @@ -64,8 +65,10 @@ if "RELAYUSER" in os.environ: conf.jinja("/conf/sasl_passwd", os.environ, path) os.system("postmap {}".format(path)) -# Start rsyslog -os.system("/usr/sbin/rsyslogd -n &") +if os.environ["POSTFIX_LOG_SYSLOG"]=="local": + # Configure and start local rsyslog server + conf.jinja("/conf/rsyslog.conf", os.environ, "/etc/rsyslog.conf") + os.system("/usr/sbin/rsyslogd -n &") # Run Podop and Postfix multiprocessing.Process(target=start_podop).start() diff --git a/docs/configuration.rst b/docs/configuration.rst index 78d147fa..24045b15 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -190,3 +190,15 @@ When using ``*_ADDRESS``, the hostnames must be full-qualified hostnames. Otherw resolve the hostnames. +Maillog setitngs +---------------- + +By default, all services log directly to stdout/stderr. Logs can be collected by any docker log processing solution. + +In some situations, a separate mail log is required (e.g. for legal reasons). Postfix can be configured to write the logs to a +syslog server that stores the log files to a volume. It can be configured by the following options: + +- ``POSTFIX_LOG_SYSLOG``: (default: ``disabled``) set to ``local`` to enable a local syslog server for postfix +- ``POSTFIX_LOG_FILE``: The file to log the maillog to + + From 0de2ec77c6027bd6fdfb0a1ef3b17762aab98667 Mon Sep 17 00:00:00 2001 From: Dimitri Huisman Date: Tue, 23 Nov 2021 21:43:00 +0000 Subject: [PATCH 03/13] Process code review remarks #1441 --- core/postfix/start.py | 3 --- docs/configuration.rst | 6 +++--- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/core/postfix/start.py b/core/postfix/start.py index 4509da40..af6b41db 100755 --- a/core/postfix/start.py +++ b/core/postfix/start.py @@ -36,9 +36,6 @@ os.environ["FRONT_ADDRESS"] = system.get_host_address_from_environment("FRONT", os.environ["ADMIN_ADDRESS"] = system.get_host_address_from_environment("ADMIN", "admin") os.environ["ANTISPAM_MILTER_ADDRESS"] = system.get_host_address_from_environment("ANTISPAM_MILTER", "antispam:11332") os.environ["LMTP_ADDRESS"] = system.get_host_address_from_environment("LMTP", "imap:2525") - -os.environ["LMTP_ADDRESS"] = system.get_host_address_from_environment("LMTP", "imap:2525") - os.environ["POSTFIX_LOG_SYSLOG"] = os.environ.get("POSTFIX_LOG_SYSLOG","disabled") for postfix_file in glob.glob("/conf/*.cf"): diff --git a/docs/configuration.rst b/docs/configuration.rst index 24045b15..1c01fc09 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -190,8 +190,8 @@ When using ``*_ADDRESS``, the hostnames must be full-qualified hostnames. Otherw resolve the hostnames. -Maillog setitngs ----------------- +Mail log settings +----------------- By default, all services log directly to stdout/stderr. Logs can be collected by any docker log processing solution. @@ -199,6 +199,6 @@ In some situations, a separate mail log is required (e.g. for legal reasons). Po syslog server that stores the log files to a volume. It can be configured by the following options: - ``POSTFIX_LOG_SYSLOG``: (default: ``disabled``) set to ``local`` to enable a local syslog server for postfix -- ``POSTFIX_LOG_FILE``: The file to log the maillog to +- ``POSTFIX_LOG_FILE``: The file to log the mail log to From 1f51777f7e0b2cbac46495da4818757b5c3188d7 Mon Sep 17 00:00:00 2001 From: Dimitri Huisman Date: Tue, 23 Nov 2021 21:55:39 +0000 Subject: [PATCH 04/13] Add newsfragment. --- towncrier/newsfragments/1441.feature | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 towncrier/newsfragments/1441.feature diff --git a/towncrier/newsfragments/1441.feature b/towncrier/newsfragments/1441.feature new file mode 100644 index 00000000..557fb9e1 --- /dev/null +++ b/towncrier/newsfragments/1441.feature @@ -0,0 +1,9 @@ +Introduces postfix logging via rsyslog with these features: +- stdout logging still enabled +- internal test request log messages are filtered out by rsyslog +- optional logging to file via POSTFIX_LOG_FILE env variable +To use it configure in mailu.env +- ``POSTFIX_LOG_SYSLOG``: (default: ``disabled``) set to ``local`` to enable a local syslog server for postfix +- ``POSTFIX_LOG_FILE``: The file to log the mail log to +Only enabling POSTFIX_LOG_SYSLOG is recommended to get rid of internet test request logging messages. + From d5896fb2c642f051df11edf13191060ac7d28358 Mon Sep 17 00:00:00 2001 From: Dimitri Huisman Date: Wed, 1 Dec 2021 12:40:28 +0000 Subject: [PATCH 05/13] Add log rotation (if logging to file). Make rsyslog the default. --- core/postfix/Dockerfile | 2 +- core/postfix/conf/logrotate.conf | 11 +++++++++++ core/postfix/conf/rsyslog.conf | 2 +- core/postfix/start.py | 10 ++++++++-- docs/configuration.rst | 14 +++++++------- docs/faq.rst | 1 + 6 files changed, 29 insertions(+), 11 deletions(-) create mode 100644 core/postfix/conf/logrotate.conf diff --git a/core/postfix/Dockerfile b/core/postfix/Dockerfile index 145da4fb..2aafd552 100644 --- a/core/postfix/Dockerfile +++ b/core/postfix/Dockerfile @@ -19,7 +19,7 @@ RUN apk add --no-cache --virtual .build-deps gcc musl-dev python3-dev RUN pip3 install --no-binary :all: postfix-mta-sts-resolver==1.0.1 RUN apk del .build-deps gcc musl-dev python3-dev -RUN apk add --no-cache postfix postfix-pcre cyrus-sasl-login rsyslog +RUN apk add --no-cache postfix postfix-pcre cyrus-sasl-login rsyslog logrotate COPY conf /conf COPY start.py /start.py diff --git a/core/postfix/conf/logrotate.conf b/core/postfix/conf/logrotate.conf new file mode 100644 index 00000000..5882607c --- /dev/null +++ b/core/postfix/conf/logrotate.conf @@ -0,0 +1,11 @@ +{{POSTFIX_LOG_FILE}} { +weekly +rotate 52 +nocompress +extension log +create 0644 root root + postrotate + /bin/kill -HUP $(cat /run/rsyslogd.pid) + postfix reload + endscript +} diff --git a/core/postfix/conf/rsyslog.conf b/core/postfix/conf/rsyslog.conf index d8a7bdf4..7d55b7ba 100644 --- a/core/postfix/conf/rsyslog.conf +++ b/core/postfix/conf/rsyslog.conf @@ -33,7 +33,7 @@ module(load="imuxsock") {% if POSTFIX_LOG_FILE %} # Log mail logs to file -mail.* -{{LOG_FILE}} +mail.* -{{POSTFIX_LOG_FILE}} {% endif %} # Log mail logs to stdout diff --git a/core/postfix/start.py b/core/postfix/start.py index 458bf58d..de97baf6 100755 --- a/core/postfix/start.py +++ b/core/postfix/start.py @@ -46,7 +46,8 @@ os.environ["FRONT_ADDRESS"] = system.get_host_address_from_environment("FRONT", os.environ["ADMIN_ADDRESS"] = system.get_host_address_from_environment("ADMIN", "admin") os.environ["ANTISPAM_MILTER_ADDRESS"] = system.get_host_address_from_environment("ANTISPAM_MILTER", "antispam:11332") os.environ["LMTP_ADDRESS"] = system.get_host_address_from_environment("LMTP", "imap:2525") -os.environ["POSTFIX_LOG_SYSLOG"] = os.environ.get("POSTFIX_LOG_SYSLOG","disabled") +os.environ["POSTFIX_LOG_SYSLOG"] = os.environ.get("POSTFIX_LOG_SYSLOG","local") +os.environ["POSTFIX_LOG_FILE"] = os.environ.get("POSTFIX_LOG_FILE", "") for postfix_file in glob.glob("/conf/*.cf"): conf.jinja(postfix_file, os.environ, os.path.join("/etc/postfix", os.path.basename(postfix_file))) @@ -81,10 +82,15 @@ if "RELAYUSER" in os.environ: conf.jinja("/conf/sasl_passwd", os.environ, path) os.system("postmap {}".format(path)) -if os.environ["POSTFIX_LOG_SYSLOG"]=="local": +if os.environ["POSTFIX_LOG_SYSLOG"] == "local": # Configure and start local rsyslog server conf.jinja("/conf/rsyslog.conf", os.environ, "/etc/rsyslog.conf") os.system("/usr/sbin/rsyslogd -n &") + # Configure logrotate + if os.environ["POSTFIX_LOG_FILE"] != "": + conf.jinja("/conf/logrotate.conf", os.environ, "/etc/logrotate.d/postfix.conf") + if os.path.exists("/overrides/logrotate.conf"): + shutil.copyfile("/overrides/logrotate.conf", "/etc/logrotate.d/postfix.conf") # Run Podop and Postfix multiprocessing.Process(target=start_podop).start() diff --git a/docs/configuration.rst b/docs/configuration.rst index 00556fd7..0709e37b 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -188,9 +188,6 @@ Log messages equal or higher than this priority will be printed. Can be one of: CRITICAL, ERROR, WARNING, INFO, DEBUG or NOTSET. See the `python docs`_ for more information. -``POSTFIX_LOG_FILE`` enables postfix logging to the given file (in addition to log to stdout). -Log rotation should be done externally. - .. _`python docs`: https://docs.python.org/3.6/library/logging.html#logging-levels The ``LETSENCRYPT_SHORTCHAIN`` (default: False) setting controls whether we send the ISRG Root X1 certificate in TLS handshakes. This is required for `android handsets older than 7.1.1` but slows down the performance of modern devices. @@ -270,8 +267,11 @@ Mail log settings By default, all services log directly to stdout/stderr. Logs can be collected by any docker log processing solution. -In some situations, a separate mail log is required (e.g. for legal reasons). Postfix can be configured to write the logs to a -syslog server that stores the log files to a volume. It can be configured by the following options: +Postfix writes the logs to a syslog server which logs to stdout. This is used to filter out messages from the healthcheck. +In some situations, a separate mail log is required (e.g. for legal reasons). The syslog server can be configured to write log files to a volume. It can be configured by the following options: -- ``POSTFIX_LOG_SYSLOG``: (default: ``disabled``) set to ``local`` to enable a local syslog server for postfix -- ``POSTFIX_LOG_FILE``: The file to log the mail log to +- ``POSTFIX_LOG_SYSLOG`` (default: ``local`` ): Set to ``local`` (default) to enable the syslog server. Set to ``disable`` to disable the syslog server. If disabled, Postfix will log directly to stdout and the healthcheck messages will not be filtered out. +- ``POSTFIX_LOG_FILE``: The file to log the mail log to. When enabled, the syslog server will also log to stdout. + +When ``POSTFIX_LOG_FILE`` is enabled, the logrotate program will automatically rotate the logs every week and keep 52 logs. +To override the logrotate configuration, create the file logrotate.conf with the desired configuration in the :ref:`Postfix overrides folder`. diff --git a/docs/faq.rst b/docs/faq.rst index 177e65d7..ced46237 100644 --- a/docs/faq.rst +++ b/docs/faq.rst @@ -263,6 +263,7 @@ correct syntax. The following file names will be taken as override configuration - All ``$ROOT/overrides/postfix/*.map`` files - For both ``postfix.cf`` and ``postfix.master``, you need to put one configuration per line, as they are fed line-by-line to postfix. + - ``logrotate.conf`` as ``$ROOT/overrides/postfix/logrotate.conf`` - Replaces the logrotate.conf file used for rotating ``POSTFIX_LOG_FILE``. - `Dovecot`_ - ``dovecot.conf`` in dovecot sub-directory; - `Nginx`_ - All ``*.conf`` files in the ``nginx`` sub-directory; - `Rspamd`_ - All files in the ``rspamd`` sub-directory. From 5c4000c279e9d43e5116e60b4f09c149109db84d Mon Sep 17 00:00:00 2001 From: Dimitri Huisman Date: Wed, 1 Dec 2021 12:46:43 +0000 Subject: [PATCH 06/13] Update newsfragment. --- towncrier/newsfragments/1441.feature | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/towncrier/newsfragments/1441.feature b/towncrier/newsfragments/1441.feature index 557fb9e1..ea2b721e 100644 --- a/towncrier/newsfragments/1441.feature +++ b/towncrier/newsfragments/1441.feature @@ -1,9 +1,9 @@ Introduces postfix logging via rsyslog with these features: - stdout logging still enabled -- internal test request log messages are filtered out by rsyslog +- internal test request log messages (healthcheck) are filtered out by rsyslog - optional logging to file via POSTFIX_LOG_FILE env variable To use it configure in mailu.env -- ``POSTFIX_LOG_SYSLOG``: (default: ``disabled``) set to ``local`` to enable a local syslog server for postfix +- ``POSTFIX_LOG_SYSLOG``: (default: ``local``) set to ``local`` (Default) to enable a local syslog server for postfix. Set to ``disable``to disable. - ``POSTFIX_LOG_FILE``: The file to log the mail log to -Only enabling POSTFIX_LOG_SYSLOG is recommended to get rid of internet test request logging messages. +Not disabling POSTFIX_LOG_SYSLOG is recommended to get rid of internal healtcheck messages. From 84af3a3e503fbc5b8390d3fdbeb266f60efb3d25 Mon Sep 17 00:00:00 2001 From: willofr Date: Mon, 6 Dec 2021 21:43:06 +0100 Subject: [PATCH 07/13] use dovecot-fts-xapian from alpine package I suggest using the dovecot-fts-xapian package from the alpine repository (newer) instead of compiling an older version from source: see https://pkgs.alpinelinux.org/package/edge/community/x86/dovecot-fts-xapian --- core/dovecot/Dockerfile | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/core/dovecot/Dockerfile b/core/dovecot/Dockerfile index 7a2dbdc1..8fcc391b 100644 --- a/core/dovecot/Dockerfile +++ b/core/dovecot/Dockerfile @@ -1,14 +1,4 @@ -ARG DISTRO=alpine:3.14.2 -FROM $DISTRO as builder -WORKDIR /tmp -RUN apk add git build-base automake autoconf libtool dovecot-dev xapian-core-dev icu-dev -RUN git clone https://github.com/grosjo/fts-xapian.git \ - && cd fts-xapian \ - && git checkout 1.2.7 \ - && autoreconf -vi \ - && PANDOC=false ./configure --with-dovecot=/usr/lib/dovecot \ - && make \ - && make install +ARG DISTRO=alpine:3.14 FROM $DISTRO @@ -27,11 +17,9 @@ RUN pip3 install "podop>0.2.5" # Image specific layers under this line RUN apk add --no-cache \ - dovecot dovecot-lmtpd dovecot-pop3d dovecot-submissiond dovecot-pigeonhole-plugin rspamd-client xapian-core \ + dovecot dovecot-lmtpd dovecot-pop3d dovecot-submissiond dovecot-pigeonhole-plugin rspamd-client xapian-core dovecot-fts-xapian \ && mkdir /var/lib/dovecot -COPY --from=builder /usr/lib/dovecot/lib21_fts_xapian_plugin.* /usr/lib/dovecot/ - COPY conf /conf COPY start.py /start.py From 53975684b845951f1444ca9f05d236594d50e82c Mon Sep 17 00:00:00 2001 From: Dimitri Huisman Date: Tue, 7 Dec 2021 10:13:47 +0000 Subject: [PATCH 08/13] Using Syslog is the new standard. It is not optional anymore. --- core/postfix/conf/main.cf | 5 ----- core/postfix/start.py | 17 ++++++++--------- docs/configuration.rst | 3 +-- towncrier/newsfragments/1441.feature | 7 ++----- 4 files changed, 11 insertions(+), 21 deletions(-) diff --git a/core/postfix/conf/main.cf b/core/postfix/conf/main.cf index 26a79791..444dacad 100644 --- a/core/postfix/conf/main.cf +++ b/core/postfix/conf/main.cf @@ -2,11 +2,6 @@ # General ############### -{% if POSTFIX_LOG_SYSLOG != "local" %} -# Logging configuration -maillog_file = /dev/stdout -{% endif %} - # Main domain and hostname mydomain = {{ DOMAIN }} myhostname = {{ HOSTNAMES.split(",")[0] }} diff --git a/core/postfix/start.py b/core/postfix/start.py index de97baf6..19b403db 100755 --- a/core/postfix/start.py +++ b/core/postfix/start.py @@ -82,15 +82,14 @@ if "RELAYUSER" in os.environ: conf.jinja("/conf/sasl_passwd", os.environ, path) os.system("postmap {}".format(path)) -if os.environ["POSTFIX_LOG_SYSLOG"] == "local": - # Configure and start local rsyslog server - conf.jinja("/conf/rsyslog.conf", os.environ, "/etc/rsyslog.conf") - os.system("/usr/sbin/rsyslogd -n &") - # Configure logrotate - if os.environ["POSTFIX_LOG_FILE"] != "": - conf.jinja("/conf/logrotate.conf", os.environ, "/etc/logrotate.d/postfix.conf") - if os.path.exists("/overrides/logrotate.conf"): - shutil.copyfile("/overrides/logrotate.conf", "/etc/logrotate.d/postfix.conf") +# Configure and start local rsyslog server +conf.jinja("/conf/rsyslog.conf", os.environ, "/etc/rsyslog.conf") +os.system("/usr/sbin/rsyslogd -n &") +# Configure logrotate +if os.environ["POSTFIX_LOG_FILE"] != "": + conf.jinja("/conf/logrotate.conf", os.environ, "/etc/logrotate.d/postfix.conf") + if os.path.exists("/overrides/logrotate.conf"): + shutil.copyfile("/overrides/logrotate.conf", "/etc/logrotate.d/postfix.conf") # Run Podop and Postfix multiprocessing.Process(target=start_podop).start() diff --git a/docs/configuration.rst b/docs/configuration.rst index 0709e37b..fba84c9a 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -268,9 +268,8 @@ Mail log settings By default, all services log directly to stdout/stderr. Logs can be collected by any docker log processing solution. Postfix writes the logs to a syslog server which logs to stdout. This is used to filter out messages from the healthcheck. -In some situations, a separate mail log is required (e.g. for legal reasons). The syslog server can be configured to write log files to a volume. It can be configured by the following options: +In some situations, a separate mail log is required (e.g. for legal reasons). The syslog server can be configured to write log files to a volume. It can be configured with the following option: -- ``POSTFIX_LOG_SYSLOG`` (default: ``local`` ): Set to ``local`` (default) to enable the syslog server. Set to ``disable`` to disable the syslog server. If disabled, Postfix will log directly to stdout and the healthcheck messages will not be filtered out. - ``POSTFIX_LOG_FILE``: The file to log the mail log to. When enabled, the syslog server will also log to stdout. When ``POSTFIX_LOG_FILE`` is enabled, the logrotate program will automatically rotate the logs every week and keep 52 logs. diff --git a/towncrier/newsfragments/1441.feature b/towncrier/newsfragments/1441.feature index ea2b721e..7704b2cb 100644 --- a/towncrier/newsfragments/1441.feature +++ b/towncrier/newsfragments/1441.feature @@ -1,9 +1,6 @@ -Introduces postfix logging via rsyslog with these features: +Introduces postfix logging via syslog with these features: - stdout logging still enabled - internal test request log messages (healthcheck) are filtered out by rsyslog - optional logging to file via POSTFIX_LOG_FILE env variable -To use it configure in mailu.env -- ``POSTFIX_LOG_SYSLOG``: (default: ``local``) set to ``local`` (Default) to enable a local syslog server for postfix. Set to ``disable``to disable. +To use logging to file configure in mailu.env - ``POSTFIX_LOG_FILE``: The file to log the mail log to -Not disabling POSTFIX_LOG_SYSLOG is recommended to get rid of internal healtcheck messages. - From 841b29e794cdb8a5ee396cc9de794a6609767dc9 Mon Sep 17 00:00:00 2001 From: willofr Date: Tue, 7 Dec 2021 18:20:16 +0100 Subject: [PATCH 09/13] revert back to alpine 3.14.2 as requested --- core/dovecot/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/dovecot/Dockerfile b/core/dovecot/Dockerfile index 8fcc391b..c2d7b063 100644 --- a/core/dovecot/Dockerfile +++ b/core/dovecot/Dockerfile @@ -1,4 +1,4 @@ -ARG DISTRO=alpine:3.14 +ARG DISTRO=alpine:3.14.2 FROM $DISTRO From 206c6b3427e6701b91da5ebceef2f0870976f89b Mon Sep 17 00:00:00 2001 From: willofr Date: Tue, 7 Dec 2021 18:27:14 +0100 Subject: [PATCH 10/13] Create 2072.enhancement --- towncrier/newsfragments/2072.enhancement | 1 + 1 file changed, 1 insertion(+) create mode 100644 towncrier/newsfragments/2072.enhancement diff --git a/towncrier/newsfragments/2072.enhancement b/towncrier/newsfragments/2072.enhancement new file mode 100644 index 00000000..48275dff --- /dev/null +++ b/towncrier/newsfragments/2072.enhancement @@ -0,0 +1 @@ +use dovecot-fts-xapian from alpine package From fdb10cfb85aa9e0cdbcba04136c32b8d2ebacb06 Mon Sep 17 00:00:00 2001 From: Dimitri Huisman Date: Tue, 14 Dec 2021 15:47:16 +0000 Subject: [PATCH 11/13] Start crond when POSTFIX_LOG_FILE is set --- core/postfix/start.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/core/postfix/start.py b/core/postfix/start.py index 19b403db..bcbdea1d 100755 --- a/core/postfix/start.py +++ b/core/postfix/start.py @@ -85,9 +85,10 @@ if "RELAYUSER" in os.environ: # Configure and start local rsyslog server conf.jinja("/conf/rsyslog.conf", os.environ, "/etc/rsyslog.conf") os.system("/usr/sbin/rsyslogd -n &") -# Configure logrotate +# Configure logrotate and start crond if os.environ["POSTFIX_LOG_FILE"] != "": conf.jinja("/conf/logrotate.conf", os.environ, "/etc/logrotate.d/postfix.conf") + os.system("/usr/sbin/crond") if os.path.exists("/overrides/logrotate.conf"): shutil.copyfile("/overrides/logrotate.conf", "/etc/logrotate.d/postfix.conf") From 09926702d6b17c72174299e9bdf8d9d5eb4c393b Mon Sep 17 00:00:00 2001 From: Florent Daigniere Date: Sat, 18 Dec 2021 13:59:31 +0100 Subject: [PATCH 12/13] fix 2086 --- core/dovecot/conf/ham.script | 4 ++-- core/dovecot/conf/spam.script | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/core/dovecot/conf/ham.script b/core/dovecot/conf/ham.script index 910df8e4..57112747 100755 --- a/core/dovecot/conf/ham.script +++ b/core/dovecot/conf/ham.script @@ -1,6 +1,6 @@ #!/bin/bash - -RSPAMD_HOST="$(getent hosts {{ ANTISPAM_WEBUI_ADDRESS }}|cut -d\ -f1)" +{% set hostname,port = ANTISPAM_WEBUI_ADDRESS.split(':') %} +RSPAMD_HOST="$(getent hosts {{ hostname }}|cut -d\ -f1):{{ port }}" if [[ $? -ne 0 ]] then echo "Failed to lookup {{ ANTISPAM_WEBUI_ADDRESS }}" >&2 diff --git a/core/dovecot/conf/spam.script b/core/dovecot/conf/spam.script index e7d20427..2e3872b0 100755 --- a/core/dovecot/conf/spam.script +++ b/core/dovecot/conf/spam.script @@ -1,6 +1,6 @@ #!/bin/bash - -RSPAMD_HOST="$(getent hosts {{ ANTISPAM_WEBUI_ADDRESS }}|cut -d\ -f1)" +{% set hostname,port = ANTISPAM_WEBUI_ADDRESS.split(':') %} +RSPAMD_HOST="$(getent hosts {{ hostname }}|cut -d\ -f1):{{ port }}" if [[ $? -ne 0 ]] then echo "Failed to lookup {{ ANTISPAM_WEBUI_ADDRESS }}" >&2 From 346ace5fb3c0096012b2d73ec8204c8c5b8a78a0 Mon Sep 17 00:00:00 2001 From: Florent Daigniere Date: Sat, 18 Dec 2021 15:38:07 +0100 Subject: [PATCH 13/13] Make webmail the default action --- core/admin/mailu/sso/forms.py | 2 +- core/admin/mailu/sso/views/base.py | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/core/admin/mailu/sso/forms.py b/core/admin/mailu/sso/forms.py index c190b8bc..5cf38dbe 100644 --- a/core/admin/mailu/sso/forms.py +++ b/core/admin/mailu/sso/forms.py @@ -7,5 +7,5 @@ class LoginForm(flask_wtf.FlaskForm): csrf = False email = fields.StringField(_('E-mail'), [validators.Email(), validators.DataRequired()]) pw = fields.PasswordField(_('Password'), [validators.DataRequired()]) - submitAdmin = fields.SubmitField(_('Sign in')) submitWebmail = fields.SubmitField(_('Sign in')) + submitAdmin = fields.SubmitField(_('Sign in')) diff --git a/core/admin/mailu/sso/views/base.py b/core/admin/mailu/sso/views/base.py index 390d5bbf..cf2e166c 100644 --- a/core/admin/mailu/sso/views/base.py +++ b/core/admin/mailu/sso/views/base.py @@ -15,10 +15,10 @@ def login(): form.submitWebmail.label.text = form.submitWebmail.label.text + ' Webmail' fields = [] - if str(app.config["ADMIN"]).upper() != "FALSE": - fields.append(form.submitAdmin) if str(app.config["WEBMAIL"]).upper() != "NONE": fields.append(form.submitWebmail) + if str(app.config["ADMIN"]).upper() != "FALSE": + fields.append(form.submitAdmin) fields = [fields] if form.validate_on_submit():