From 288a95eb1330f4ed7b477faa6fe87610a36defdf Mon Sep 17 00:00:00 2001
From: Thomas Picouet <thomas.picouet@riseup.net>
Date: Thu, 13 Dec 2018 00:46:24 +0100
Subject: [PATCH] mise au propre dockerfile + entrypoint
---
pica-mail-mda/auth_LDAP/Dockerfile | 9 +--
pica-mail-mda/auth_LDAP/entrypoint.sh | 33 ++++++-----
.../auth_LDAP/fichiers_de_configuration.sh | 57 +++++++++++++++++++
pica-mail-mta/Dockerfile | 1 +
pica-mail-mta/entrypoint.sh | 2 +-
5 files changed, 80 insertions(+), 22 deletions(-)
create mode 100644 pica-mail-mda/auth_LDAP/fichiers_de_configuration.sh
diff --git a/pica-mail-mda/auth_LDAP/Dockerfile b/pica-mail-mda/auth_LDAP/Dockerfile
index 53918a8a..4907a032 100644
--- a/pica-mail-mda/auth_LDAP/Dockerfile
+++ b/pica-mail-mda/auth_LDAP/Dockerfile
@@ -11,14 +11,11 @@ RUN apt-get update -y \
dovecot-common dovecot-imapd dovecot-lmtpd dovecot-ldap nano telnet \
&& rm -rf /var/lib/apt/lists/*
-
-#configuration de dovecot
-#adresse ip locale du lda (serveur qui réceptionne les courriers de fin de chaîne de postfix)
-
# copie de tous les fichiers de config modifiés dans le répertoire de config de Dovecot
-COPY ./conf.d/* /etc/dovecot/conf.d/
-COPY ./dovecot-ldap.conf.ext /etc/dovecot/dovecot-ldap.conf.ext
+#COPY ./conf.d/* /etc/dovecot/conf.d/
+#COPY ./dovecot-ldap.conf.ext /etc/dovecot/dovecot-ldap.conf.ext
COPY entrypoint.sh /
+COPY fichiers_de_configuration.sh /
ENTRYPOINT ["/entrypoint.sh"]
diff --git a/pica-mail-mda/auth_LDAP/entrypoint.sh b/pica-mail-mda/auth_LDAP/entrypoint.sh
index 3ac49e53..f04e8ce6 100755
--- a/pica-mail-mda/auth_LDAP/entrypoint.sh
+++ b/pica-mail-mda/auth_LDAP/entrypoint.sh
@@ -2,27 +2,30 @@
#protocoles supportés par le mda
#lmtp est le protocole permettant de faire du lda
-cat <<EOF >> /etc/dovecot/dovecot.conf
-protocols = imap lmtp
-EOF
+#cat <<EOF >> /etc/dovecot/dovecot.conf
+#protocols = imap lmtp
+#EOF
#on enlève la communication lmtp en socket unix...
#il faut récupérer l'adresse IP par laquelle le conteneur communique avec son hôte
-ETH0_ADRESS=$(ip address show eth0 | grep inet | cut -b 10-19)
+#ETH0_ADRESS=$(ip address show eth0 | grep inet | cut -b 10-19)
-cat <<EOF >> /etc/dovecot/conf.d/10-master.conf
-service lmtp {
- inet_listener lmtp {
- address = ${ETH0_ADRESS} 127.0.0.1
- port = 24
- }
-}
-EOF
+#cat <<EOF >> /etc/dovecot/conf.d/10-master.conf
+#service lmtp {
+# inet_listener lmtp {
+# address = ${ETH0_ADRESS} 127.0.0.1
+# port = 24
+# }
+#}
+#EOF
#désactiver l'utilisation du protocole ssl
-cat <<EOF >> /etc/dovecot/conf.d/10-ssl.conf
-ssl = no
-EOF
+#cat <<EOF >> /etc/dovecot/conf.d/10-ssl.conf
+#ssl = no
+#EOF
+
+chmod 744 fichiers_de_configuration.sh
+./fichiers_de_configuration.sh
#ajouter utilisateur et groupe vmail (utilisateur système qui permet aux utilisateurs dits "virtuels" (en fait LDAP) d'accéder à leur BAL)
addgroup --gid 1000 vmail
diff --git a/pica-mail-mda/auth_LDAP/fichiers_de_configuration.sh b/pica-mail-mda/auth_LDAP/fichiers_de_configuration.sh
new file mode 100644
index 00000000..d8df8549
--- /dev/null
+++ b/pica-mail-mda/auth_LDAP/fichiers_de_configuration.sh
@@ -0,0 +1,57 @@
+#!/bin/bash
+
+######################################################################################
+### Script de modification des paramètres des fichiers de configuration de Dovecot ###
+######################################################################################
+
+### Définition des variables d'environnement.
+# Récupération de l'adresse IP avec laquelle le conteneur communique avec son hôte
+ETH0_ADRESS=$(ip address show eth0 | grep inet | cut -b 10-19)
+# LDAP
+LDAP_ADRESS=ldap.test.picasoft.net
+LDAP_CN=nss
+LDAP_DC2=picasoft
+LDAP_DC1=net
+LDAP_DNPASS=rdonly
+
+# Modification de /etc/dovecot/dovecot-ldap.conf.ext
+#
+sed -i 's/^#hosts =.*/hosts = '"${LDAP_ADRESS}"'/' /etc/dovecot/dovecot-ldap.conf.ext
+sed -i 's/^#dn =.*/dn = cn='"${LDAP_CN}"',dc='"${LDAP_DC2}"',dc='"${LDAP_DC1}"'/' /etc/dovecot/dovecot-ldap.conf.ext
+sed -i 's/^#dnpass =.*/dnpass = '"${LDAP_DNPASS}"'/' /etc/dovecot/dovecot-ldap.conf.ext
+sed -i 's/^#auth_bind = no/auth_bind = yes/' /etc/dovecot/dovecot-ldap.conf.ext
+sed -i 's/^base =.*/base = dc='"${LDAP_DC2}"',dc='"${LDAP_DC1}"'/' /etc/dovecot/dovecot-ldap.conf.ext
+sed -i 's/^#scope = subtree.*/scope = subtree/' /etc/dovecot/dovecot-ldap.conf.ext
+sed -i 's/^#user_attrs =.*/user_attrs =/' /etc/dovecot/dovecot-ldap.conf.ext
+sed -i 's/^#user_filter = .*/user_filter = (uid=%n)/' /etc/dovecot/dovecot-ldap.conf.ext
+sed -i 's/^#pass_attrs = .*/pass_attrs = uid=user,userPassword=password/' /etc/dovecot/dovecot-ldap.conf.ext
+sed -i 's/^#pass_filter = .*/pass_filter = (uid=%n)/' /etc/dovecot/dovecot-ldap.conf.ext
+#sed -i 's/^# = .*//' /etc/dovecot/dovecot-ldap.conf.ext
+
+# modification de /etc/dovecot/conf.d/10-auth.conf
+sed -i 's/^!include auth-system\.conf\.ext.*/#!include auth-system.conf.ext/' /etc/dovecot/conf.d/10-auth.conf
+sed -i 's/^#!include auth-ldap\.conf\.ext.*/!include auth-ldap.conf.ext/' /etc/dovecot/conf.d/10-auth.conf
+#sed -i 's/^# = .*//' /etc/dovecot/conf.d/10-auth.conf
+
+# modification de /etc/dovecot/conf.d/10-logging.conf
+sed -i 's/^#log_path = .*/log_path = \/var\/log\/dovecot.log/' /etc/dovecot/conf.d/10-logging.conf
+#sed -i 's/^# = .*//' /etc/dovecot/conf.d/10-logging.conf
+
+# modification de /etc/dovecot/conf.d/10-mail.conf
+sed -i 's/^mail_location = .*/mail_location = maildir:\/home\/vmail\/%n\/Maildir\
+mail_home = \/home\/vmail\/%n/' /etc/dovecot/conf.d/10-mail.conf
+sed -i 's/^#mail_uid =.*/mail_uid = vmail/' /etc/dovecot/conf.d/10-mail.conf
+sed -i 's/^#mail_gid =.*/mail_gid = vmail/' /etc/dovecot/conf.d/10-mail.conf
+#sed -i 's/^# = .*//' /etc/dovecot/conf.d/10-mail.conf
+
+# modification de /etc/dovecot/conf.d/10-master.conf
+#sed -i 's/^service lmtp {.*/#service lmtp {/' /etc/dovecot/conf.d/10-master.conf
+sed -i 's/^ unix_listener lmtp {.*/# unix_listener lmtp {/' /etc/dovecot/conf.d/10-master.conf
+sed -i 's/^ #mode = .*/# #mode = 0666/' /etc/dovecot/conf.d/10-master.conf
+sed -i '51s/^ }.*/ #}/' /etc/dovecot/conf.d/10-master.conf
+sed -i 's/^ #inet_listener lmtp {.*/ inet_listener lmtp {/' /etc/dovecot/conf.d/10-master.conf
+sed -i '56s/^ #address =.*/ address = '"${ETH0_ADRESS}"' 127.0.0.1/' /etc/dovecot/conf.d/10-master.conf
+sed -i '57s/^ #port =.*/ port = 24/' /etc/dovecot/conf.d/10-master.conf
+sed -i '58s/^ #}.*/ }/' /etc/dovecot/conf.d/10-master.conf
+echo "protocols = imap lmtp" >> /etc/dovecot/conf.d/10-master.conf
+#sed -i 's/^# = .*//' /etc/dovecot/conf.d/10-master.conf
diff --git a/pica-mail-mta/Dockerfile b/pica-mail-mta/Dockerfile
index 5fbd1ab7..b2f7dfc3 100644
--- a/pica-mail-mta/Dockerfile
+++ b/pica-mail-mta/Dockerfile
@@ -53,6 +53,7 @@ COPY spam/dkimkeys/* /etc/dkimkeys/
COPY spam/opendkim /etc/default/opendkim
COPY spam/opendmarc /etc/default/opendmarc
COPY --chown=opendkim:opendkim spam/nov2018.picasoft.net.rsa /etc/dkimkeys/nov2018.picasoft.net.rsa
+RUN mkdir /etc/opendmarc
COPY --chown=opendmarc:opendmarc spam/ignore.hosts /etc/opendmarc/ignore.hosts
COPY saslauthd-postfix /etc/default/
diff --git a/pica-mail-mta/entrypoint.sh b/pica-mail-mta/entrypoint.sh
index bf8102ee..ca67c17b 100755
--- a/pica-mail-mta/entrypoint.sh
+++ b/pica-mail-mta/entrypoint.sh
@@ -102,7 +102,7 @@ postconf -e "non_smtpd_milters = local:/opendkim/opendkim.sock, local:/opendmarc
#création des répertoires où transiteront les sockets + gestion des permissions
mkdir /var/spool/postfix/opendkim
mkdir /var/spool/postfix/opendmarc
-mkdir /etc/opendmarc
+#mkdir /etc/opendmarc
chown -R opendmarc:opendmarc /etc/opendmarc
chown -R opendkim:opendkim /etc/opendkim.conf /etc/dkimkeys
chown opendmarc:opendmarc /etc/opendmarc.conf
--
GitLab