Switch postfix to Podop

master
Pierre Jaury 6 years ago
parent 82e738cc53
commit bb73933e1e

@ -1,6 +1,8 @@
FROM alpine FROM alpine
RUN apk add --no-cache postfix postfix-sqlite postfix-pcre rsyslog python py-jinja2 RUN apk add --no-cache postfix postfix-pcre rsyslog \
python3 py3-pip \
&& pip3 install jinja2 podop
COPY conf /conf COPY conf /conf
COPY start.py /start.py COPY start.py /start.py

@ -19,8 +19,8 @@ mynetworks = 127.0.0.1/32 [::1]/128 {{ RELAYNETS }}
# Empty alias list to override the configuration variable and disable NIS # Empty alias list to override the configuration variable and disable NIS
alias_maps = alias_maps =
# SQLite configuration # Podop configuration
sql = sqlite:${config_directory}/ podop = socketmap:unix:/tmp/podop.socket:
# Only accept virtual emails # Only accept virtual emails
mydestination = mydestination =
@ -56,13 +56,13 @@ smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# The alias map actually returns both aliases and local mailboxes, which is # The alias map actually returns both aliases and local mailboxes, which is
# required for reject_unlisted_sender to work properly # required for reject_unlisted_sender to work properly
virtual_alias_maps = ${sql}sqlite-virtual_alias_maps.cf virtual_alias_maps = ${podop}alias
virtual_mailbox_domains = ${sql}sqlite-virtual_mailbox_domains.cf virtual_mailbox_domains = ${podop}domains
virtual_mailbox_maps = $virtual_alias_maps virtual_mailbox_maps = ${podop}mailbox
# Mails are transported if required, then forwarded to Dovecot for delivery # Mails are transported if required, then forwarded to Dovecot for delivery
relay_domains = ${sql}sqlite-transport.cf relay_domains = ${podop}transport
transport_maps = ${sql}sqlite-transport.cf transport_maps = ${podop}transport
virtual_transport = lmtp:inet:{{ HOST_LMTP }} virtual_transport = lmtp:inet:{{ HOST_LMTP }}
# In order to prevent Postfix from running DNS query, enforce the use of the # In order to prevent Postfix from running DNS query, enforce the use of the
@ -84,7 +84,7 @@ smtpd_helo_required = yes
smtpd_recipient_restrictions = smtpd_recipient_restrictions =
permit_mynetworks, permit_mynetworks,
check_sender_access ${sql}sqlite-reject-spoofed.cf, check_sender_access ${podop}spoofed
reject_non_fqdn_sender, reject_non_fqdn_sender,
reject_unknown_sender_domain, reject_unknown_sender_domain,
reject_unknown_recipient_domain, reject_unknown_recipient_domain,

@ -1,11 +1,25 @@
#!/usr/bin/python #!/usr/bin/python3
import jinja2 import jinja2
import os import os
import socket import socket
import glob import glob
import shutil import shutil
import multiprocessing
from podop import run_server
def start_podop():
os.setuid(100)
run_server(40, "postfix", "/tmp/podop.socket", [
("transport", "url", "http://admin/internal/postfix/transport/§"),
("alias", "url", "http://admin/internal/postfix/alias/§"),
("domains", "url", "http://admin/internal/postfix/domains/§"),
("mailbox", "url", "http://admin/internal/postfix/mailbox/§"),
("spoofed", "url", "http://admin/internal/postfix/spoofed/§"),
])
convert = lambda src, dst: open(dst, "w").write(jinja2.Template(open(src).read()).render(**os.environ)) convert = lambda src, dst: open(dst, "w").write(jinja2.Template(open(src).read()).render(**os.environ))
# Actual startup script # Actual startup script
@ -32,7 +46,8 @@ for map_file in glob.glob("/overrides/*.map"):
convert("/conf/rsyslog.conf", "/etc/rsyslog.conf") convert("/conf/rsyslog.conf", "/etc/rsyslog.conf")
# Run postfix # Run Podop and Postfix
multiprocessing.Process(target=start_podop).start()
if os.path.exists("/var/run/rsyslogd.pid"): if os.path.exists("/var/run/rsyslogd.pid"):
os.remove("/var/run/rsyslogd.pid") os.remove("/var/run/rsyslogd.pid")
os.system("/usr/lib/postfix/post-install meta_directory=/etc/postfix create-missing") os.system("/usr/lib/postfix/post-install meta_directory=/etc/postfix create-missing")

Loading…
Cancel
Save