7x31/mailcow-dockerized
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

removed policyd

Browse Source
This commit is contained in:
zekeriya
2019-09-13 20:12:50 +03:00
parent 9b43974c96
commit 1973774ecc
11 changed files with 1 additions and 357 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
data/Dockerfiles/policyd/Dockerfile
View File

@@ -1,19 +0,0 @@
FROM docker.io/1and1internet/ubuntu-16-apache-php-7.1:latest
ARG DEBIAN_FRONTEND=noninteractive
COPY files /
RUN \
groupadd cbpolicyd && \
useradd -g cbpolicyd cbpolicyd && \
apt-get update && \
apt-get -o Dpkg::Options::=--force-confdef -y install gettext-base postfix-cluebringer postfix-cluebringer-mysql postfix-cluebringer-webui -y && \
apt-get -y clean && \
rm -rf /var/lib/apt/lists/* /etc/cluebringer && \
mkdir --mode=0775 /etc/cluebringer && \
cp /usr/share/doc/postfix-cluebringer/database/policyd-db.mysql.gz /tmp/ && \
cp -r /usr/share/postfix-cluebringer-webui/webui/* /var/www/html/ && \
gunzip /tmp/policyd-db.mysql.gz && \
sed -i -e 's/TYPE=InnoDB/ENGINE=InnoDB/g' /tmp/policyd-db.mysql && \
chmod -R 0755 /hooks && \
chmod -R 0777 /var/www/html && \
chmod 0666 /var/log/cbpolicyd.log
EXPOSE 10031 8080 8443

12
data/Dockerfiles/policyd/files/etc/supervisor/conf.d/apache-2.4.conf
View File

@@ -1,12 +0,0 @@
[program:apache-2.4]
command=/bin/bash -c "source /etc/apache2/envvars && exec /usr/sbin/apache2 -DFOREGROUND"
autostart=true
autorestart=true
startretries=3
# Redirect output so we can see it using "docker logs"
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0

12
data/Dockerfiles/policyd/files/etc/supervisor/conf.d/cbpolicyd.conf
View File

@@ -1,12 +0,0 @@
[program:cbpolicyd]
command=/usr/sbin/cbpolicyd --fg --config=/etc/cluebringer/cluebringer.conf
autostart=true
autorestart=true
startretries=3
# Redirect output so we can see it using "docker logs"
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0

48
data/Dockerfiles/policyd/files/hooks/supervisord-pre.d/50_install_cluebringer_db
View File

@@ -1,48 +0,0 @@
#!/bin/bash
set -eo pipefail
# Password protect webui
echo Creating webui user
echo $WEBUI_PASSWORD | htpasswd -ci /var/www/html/.htpasswd webui
# Checking for DB liveness before continuing with DB set up.
count=0
while [ $count -lt 4 ]; do
if [[ $(mysql -h$CLUEBRINGER_DB_HOST -uroot -p$MYSQL_ROOT_PASSWORD -e "select 1" &>/dev/null ; echo $?) -ne 0 ]]; then
echo "Waiting for DB to be ready."
sleep 15
let count+=1
else
echo "DB appears to be ready."
break
fi
done
# Die if DB doesn't come up in time.
if [ $count -eq 4 ]; then
echo "!!!WARNING!!! DB didn't come up in time."
exit 0
fi
# Set up DB if it's empty.
if [[ $(mysql -N -h$CLUEBRINGER_DB_HOST -uroot -p$MYSQL_ROOT_PASSWORD -e "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema = '$MYSQL_DATABASE';") == 0 ]]; then
echo "Setting up cluebringer DB."
# Set up DB and User
if [[ $(mysql -N -h$CLUEBRINGER_DB_HOST -uroot -p$MYSQL_ROOT_PASSWORD -e "create database $MYSQL_DATABASE;use $MYSQL_DATABASE;CREATE USER '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD';GRANT ALL PRIVILEGES ON $MYSQL_DATABASE.* TO '$MYSQL_USER'@'%';") -ne 0 ]]; then
echo "Can't create DB and Policyd DB user!"
exit 0
fi
# Add our policys from sql if they exist.
if [[ -e /tmpl/cluebringer/import/policy.sql ]]; then
echo "Importing our configuration."
mysql -h$CLUEBRINGER_DB_HOST -u$MYSQL_USER -p$MYSQL_PASSWORD $MYSQL_DATABASE < /tmpl/cluebringer/import/policy.sql
echo "Done."
else
echo "Additional sql configuration no found importing standart configuration."
mysql -h$CLUEBRINGER_DB_HOST -u$MYSQL_USER -p$MYSQL_PASSWORD $MYSQL_DATABASE < /tmp/policyd-db.mysql
fi
else
echo "Cluebringer DB not empty, exiting."
exit 0
fi

14
data/Dockerfiles/policyd/files/hooks/supervisord-pre.d/51_configure_policyd
View File

@@ -1,14 +0,0 @@
#!/bin/bash
set -eu
export DOLLAR=$
export MYSQL_DATABASE=${MYSQL_DATABASE}
export MYSQL_USER=${MYSQL_USER}
export MYSQL_PASSWORD=${MYSQL_PASSWORD}
export CLUEBRINGER_DB_BACKEND=${CLUEBRINGER_DB_BACKEND}
export CLUEBRINGER_DB_PORT=${CLUEBRINGER_DB_PORT}
export CLUEBRINGER_DB_HOST=${CLUEBRINGER_DB_HOST}
envsubst < /tmpl/cluebringer/cluebringer.conf > /etc/cluebringer/cluebringer.conf
envsubst < /tmpl/cluebringer/cluebringer-webui.conf > /etc/cluebringer/cluebringer-webui.conf

16
data/Dockerfiles/policyd/files/tmpl/cluebringer/cluebringer-webui.conf
View File

@@ -1,16 +0,0 @@
<?php
# mysql:host=xx;dbname=yyy
# pgsql:host=xx;dbname=yyy
# sqlite:////full/unix/path/to/file.db?mode=0666
#
#$DB_DSN="sqlite:////tmp/cluebringer.sqlite";
#$DB_DSN="pgsql:host=xx;dbname=yyy";
#$DB_DSN="mysql:host=xx;dbname=yyy";
${DOLLAR}DB_DSN="${CLUEBRINGER_DB_BACKEND}:host=${CLUEBRINGER_DB_HOST};dbname=${MYSQL_DATABASE}";
${DOLLAR}DB_USER="${MYSQL_USER}";
${DOLLAR}DB_PASS="${MYSQL_PASSWORD}";
?>

192
data/Dockerfiles/policyd/files/tmpl/cluebringer/cluebringer.conf
View File

@@ -1,192 +0,0 @@
#
# Server configuration
#
[server]
# Protocols to load
protocols=<<EOT
Postfix
Bizanga
EOT
# Modules to load
modules=<<EOT
Core
AccessControl
CheckHelo
CheckSPF
Greylisting
Quotas
EOT
# User to run this daemon as
user=root
#group=
# Filename to store pid of parent process
pid_file=/var/run/cluebringer/cbpolicyd.pid
# Uncommenting the below option will prevent cbpolicyd going into the background
background=no
# Preforking configuration
#
# min_server - Minimum servers to keep around
# min_spare_servers - Minimum spare servers to keep around ready to
# handle requests
# max_spare_servers - Maximum spare servers to have around doing nothing
# max_servers - Maximum servers alltogether
# max_requests - Maximum number of requests each child will serve
#
# One may want to use the following as a rough guideline...
# Small mailserver: 2, 2, 4, 10, 1000
# Medium mailserver: 4, 4, 12, 25, 1000
# Large mailserver: 8, 8, 16, 64, 1000
#
min_servers=4
min_spare_servers=4
max_spare_servers=12
max_servers=25
max_requests=1000
# Log level:
# 0 - Errors only
# 1 - Warnings and errors
# 2 - Notices, warnings, errors
# 3 - Info, notices, warnings, errors
# 4 - Debugging
log_level=4
# File to log to instead of stdout
log_file=/var/log/cbpolicyd.log
# Log destination for mail logs...
# main - Default. Log to policyd's main log mechanism, accepts NO args
# syslog - log mail via syslog
# format: log_mail=facility@method,args
#
# Valid methods for syslog:
# native - Let Sys::Syslog decide
# unix - Unix socket
# udp - UDP socket
# stream - Stream (for Solaris)
#
# Example: unix native
#log_mail=mail@syslog:native
#
# Example: unix socket
#log_mail=mail@syslog:unix
#
# Example: udp
#log_mail=mail@syslog:udp,127.0.0.1
#
# Example: Solaris
#log_mail=local0@syslog:stream,/dev/log
#log_mail=maillog
log_mail=main
#mail@syslog:native
# Things to log in extreme detail
# modules - Log detailed module running information
# tracking - Log detailed tracking information
# policies - Log policy resolution
# protocols - Log general protocol info, but detailed
# bizanga - Log the bizanga protocol
#
# There is no default for this configuration option. Options can be
# separated by commas. ie. protocols,modules
#
#log_detail=
# IP to listen on, * for all
host=*
# host=0.0.0.0
# Port to run on
port=10031
# Timeout in communication with clients
#timeout=120
# cidr_allow/cidr_deny
# Comma, whitespace or semi-colon separated. Contains a CIDR block to
# compare the clients IP to. If cidr_allow or cidr_deny options are
# given, the incoming client must match a cidr_allow and not match a
# cidr_deny or the client connection will be closed.
#cidr_allow=0.0.0.0/0
#cidr_deny=
[database]
#DSN=DBI:SQLite:dbname=policyd.sqlite
#DSN=DBI:mysql:database=policyd;host=localhost
#DSN=DBI:Pg:database=policyd;host=localhost
#DSN=DBI:_DBC_DBTYPE_:dbname=_DBC_DBNAME_;host=_DBC_DBSERVER_
## Debian
# DB_Type can be one of - pgsql, mysql or sqlite3
# DB_Host is ignored for sqlite3. For pgsql and mysql it should be left
# unset or as 'localhost' if you wish to use unix sockets to communicate
# with the database. To use TCP/IP to connect to a local database set
# '127.0.0.1' as the value. Otherwise use the hostname or IP address of
# the database server.
# DB_Port is ignored for sqlite3. For pgsql it will default to '5432' and
# for mysql the default is '3306'. If you are running your database server
# on a non-standard port you should set it's value here.
# DB_Name defaults to '/var/lib/cluebringer/cluebringer.db' for sqlite3, if you
# wish to use another file for the database set it's full path here and
# ensure that the cluebringer user can read and write not only the file
# but the directory it lives in. For pgsql and mysql this will
# default to 'cluebringer', otherwise you should set the name of the
# database here.
DSN=DBI:${CLUEBRINGER_DB_BACKEND}:database=${MYSQL_DATABASE};host=${CLUEBRINGER_DB_HOST}
DB_Type=${CLUEBRINGER_DB_BACKEND}
DB_Host=${CLUEBRINGER_DB_HOST}
DB_Port=${CLUEBRINGER_DB_PORT}
DB_Name=${MYSQL_DATABASE}
Username=${MYSQL_USER}
Password=${MYSQL_PASSWORD}
# What do we do when we have a database connection problem
# tempfail - Return temporary failure
# pass - Return success
bypass_mode=tempfail
# How many seconds before we retry a DB connection
bypass_timeout=30
# Access Control module
[AccessControl]
enable=1
# Accounting module
[Accounting]
enable=1
# Greylisting module
[Greylisting]
enable=1
# CheckHelo module
[CheckHelo]
enable=1
# CheckSPF module
[CheckSPF]
enable=1
# Quotas module
[Quotas]
enable=1

4
data/Dockerfiles/policyd/files/var/www/html/.htaccess
View File

@@ -1,4 +0,0 @@
AuthType Basic
AuthName "Password Protected Area"
AuthUserFile /var/www/html/.htpasswd
Require valid-user