lub
/
mailu
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity

Switch to using Podop in Dovecot

Browse Source
master
Pierre Jaury 6 years ago
parent 809fe78f82
commit b5d6b93869
6 changed files with 36 additions and 109 deletions
Show Stats Download Patch File Download Diff File

8
core/dovecot/Dockerfile
Unescape Escape View File

@ -1,9 +1,9 @@
FROM alpine:edge FROM alpine:edge
RUN echo "@testing http://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \ RUN apk add --no-cache \
&& apk add --no-cache \ dovecot dovecot-pop3d dovecot-lmtpd dovecot-pigeonhole-plugin rspamd-client \
dovecot dovecot-sqlite dovecot-pigeonhole-plugin dovecot-pigeonhole-plugin-extdata \ python3 py3-pip \
rspamd-client@testing python py-jinja2 && pip3 install jinja2 podop
COPY conf /conf COPY conf /conf
COPY sieve /var/lib/dovecot COPY sieve /var/lib/dovecot

5
core/dovecot/conf/auth.conf
Unescape Escape View File

@ -0,0 +1,5 @@
uri = proxy:/tmp/podop.socket:auth
iterate_disable = yes
default_pass_scheme = plain
password_key = passdb/%u
user_key = userdb/%u

18
core/dovecot/conf/dovecot-sql.conf.ext
Unescape Escape View File

@ -1,18 +0,0 @@
driver = sqlite
connect = /data/main.db
# Return the user hashed password
password_query = \
SELECT NULL as password, 'Y' as nopassword, '{% if POD_ADDRESS_RANGE %}{{ POD_ADDRESS_RANGE }}{% else %}{{ FRONT_ADDRESS }}{% if WEBMAIL_ADDRESS %},{{ WEBMAIL_ADDRESS }}{% endif %}{% endif %}' as allow_nets \
FROM user \
WHERE user.email = '%u'
# Mostly get the user quota
user_query = \
SELECT '*:bytes=' || user.quota_bytes AS quota_rule \
FROM user \
WHERE user.email = '%u'
# For using doveadm -A:
iterate_query = \
SELECT user.email AS user FROM user

51
core/dovecot/conf/dovecot.conf
Unescape Escape View File

@ -7,17 +7,6 @@ postmaster_address = {{ POSTMASTER }}@{{ DOMAIN }}
hostname = {{ HOSTNAMES.split(",")[0] }} hostname = {{ HOSTNAMES.split(",")[0] }}
submission_host = {{ FRONT_ADDRESS }} submission_host = {{ FRONT_ADDRESS }}
service dict {
unix_listener dict {
group = mail
mode = 0660
}
}
dict {
sieve = sqlite:/etc/dovecot/pigeonhole-sieve.dict
}
############### ###############
# Mailboxes # Mailboxes
############### ###############
@ -36,28 +25,18 @@ mail_plugins = $mail_plugins quota quota_clone
namespace inbox { namespace inbox {
inbox = yes inbox = yes
mailbox Trash { {% for mailbox in ("Trash", "Drafts", "Sent", "Junk") %}
mailbox {{ mailbox }} {
auto = subscribe auto = subscribe
special_use = \Trash special_use = \{{ mailbox }}
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox Junk {
auto = subscribe
special_use = \Junk
} }
{% endfor %}
} }
plugin { plugin {
quota = count:User quota quota = count:User quota
quota_vsizes = yes quota_vsizes = yes
quota_clone_dict = redis:host={{ REDIS_ADDRESS }}:port=6379:db=1 quota_clone_dict = proxy:/tmp/podop.socket:quota
} }
############### ###############
@ -65,16 +44,15 @@ plugin {
############### ###############
auth_mechanisms = plain login auth_mechanisms = plain login
disable_plaintext_auth = no disable_plaintext_auth = no
ssl_protocols = !SSLv3
passdb { passdb {
driver = sql driver = dict
args = /etc/dovecot/dovecot-sql.conf.ext args = /etc/dovecot/auth.conf
} }
userdb { userdb {
driver = sql driver = dict
args = /etc/dovecot/dovecot-sql.conf.ext args = /etc/dovecot/auth.conf
} }
service auth { service auth {
@ -95,7 +73,6 @@ service auth-worker {
############### ###############
# IMAP & POP # IMAP & POP
############### ###############
protocol imap { protocol imap {
mail_plugins = $mail_plugins imap_quota imap_sieve mail_plugins = $mail_plugins imap_quota imap_sieve
} }
@ -113,7 +90,6 @@ service imap-login {
############### ###############
# Delivery # Delivery
############### ###############
protocol lmtp { protocol lmtp {
mail_plugins = $mail_plugins sieve mail_plugins = $mail_plugins sieve
recipient_delimiter = {{ RECIPIENT_DELIMITER }} recipient_delimiter = {{ RECIPIENT_DELIMITER }}
@ -125,11 +101,9 @@ service lmtp {
} }
} }
############### ###############
# Filtering # Filtering
############### ###############
service managesieve-login { service managesieve-login {
inet_listener sieve { inet_listener sieve {
port = 4190 port = 4190
@ -140,13 +114,12 @@ service managesieve {
} }
plugin { plugin {
sieve = file:~/sieve;active=~/.dovecot.sieve sieve = dict:proxy:/tmp/podop.socket:sieve
sieve_plugins = sieve_extdata sieve_imapsieve sieve_extprograms sieve_plugins = sieve_imapsieve sieve_extprograms
sieve_global_extensions = +vnd.dovecot.extdata +spamtest +spamtestplus +vnd.dovecot.execute +editheader sieve_global_extensions = +spamtest +spamtestplus +vnd.dovecot.execute +editheader
sieve_before = /var/lib/dovecot/before.sieve sieve_before = /var/lib/dovecot/before.sieve
sieve_default = /var/lib/dovecot/default.sieve sieve_default = /var/lib/dovecot/default.sieve
sieve_after = /var/lib/dovecot/after.sieve sieve_after = /var/lib/dovecot/after.sieve
sieve_extdata_dict_uri = proxy::sieve
# Sieve execute # Sieve execute
sieve_execute_bin_dir = /var/lib/dovecot/bin sieve_execute_bin_dir = /var/lib/dovecot/bin

43
core/dovecot/conf/pigeonhole-sieve.dict
Unescape Escape View File

@ -1,43 +0,0 @@
connect = /data/main.db
map {
pattern = priv/spam_enabled
table = user
username_field = email
value_field = spam_enabled
}
map {
pattern = priv/spam_threshold
table = user
username_field = email
value_field = spam_threshold
}
map {
pattern = priv/reply_enabled
table = user
username_field = email
value_field = reply_enabled
}
map {
pattern = priv/reply_subject
table = user
username_field = email
value_field = reply_subject
}
map {
pattern = priv/reply_body
table = user
username_field = email
value_field = reply_body
}
map {
pattern = priv/reply_enddate
table = user
username_field = email
value_field = reply_enddate
}

20
core/dovecot/start.py
Unescape Escape View File

@ -1,21 +1,31 @@
#!/usr/bin/python #!/usr/bin/python3
import jinja2 import jinja2
import os import os
import socket import socket
import glob import glob
import multiprocessing
from podop import run_server
def start_podop():
os.setuid(8)
run_server(40, "dovecot", "/tmp/podop.socket", [
("quota", "url", "http://admin/internal/dovecot/quota/§"),
("auth", "url", "http://admin/internal/dovecot/auth/§"),
("sieve", "url", "http://admin/internal/dovecot/sieve/§"),
])
convert = lambda src, dst: open(dst, "w").write(jinja2.Template(open(src).read()).render(**os.environ)) convert = lambda src, dst: open(dst, "w").write(jinja2.Template(open(src).read()).render(**os.environ))
# Actual startup script # Actual startup script
os.environ["FRONT_ADDRESS"] = socket.gethostbyname(os.environ.get("FRONT_ADDRESS", "front")) os.environ["FRONT_ADDRESS"] = socket.gethostbyname(os.environ.get("FRONT_ADDRESS", "front"))
os.environ["REDIS_ADDRESS"] = socket.gethostbyname(os.environ.get("REDIS_ADDRESS", "redis"))
if os.environ["WEBMAIL"] != "none":
os.environ["WEBMAIL_ADDRESS"] = socket.gethostbyname(os.environ.get("WEBMAIL_ADDRESS", "webmail"))
for dovecot_file in glob.glob("/conf/*"): for dovecot_file in glob.glob("/conf/*"):
convert(dovecot_file, os.path.join("/etc/dovecot", os.path.basename(dovecot_file))) convert(dovecot_file, os.path.join("/etc/dovecot", os.path.basename(dovecot_file)))
# Run postfix # Run Podop, then postfix
multiprocessing.Process(target=start_podop).start()
os.system("chown -R mail:mail /mail /var/lib/dovecot") os.system("chown -R mail:mail /mail /var/lib/dovecot")
os.execv("/usr/sbin/dovecot", ["dovecot", "-c", "/etc/dovecot/dovecot.conf", "-F"]) os.execv("/usr/sbin/dovecot", ["dovecot", "-c", "/etc/dovecot/dovecot.conf", "-F"])

Write Preview
Loading…
Cancel
Save