[Policyd] Added policyd Dockerfile

[Compose] Added policyd Service [Postfix] Added policyd for check_policy_service to main.cf
2019-03-01 10:42:11 +03:00
parent 97adcbe5f8
commit 9b43974c96
11 changed files with 357 additions and 1 deletions
--- a/data/Dockerfiles/policyd/files/tmpl/cluebringer/cluebringer-webui.conf
+++ b/data/Dockerfiles/policyd/files/tmpl/cluebringer/cluebringer-webui.conf
@@ -0,0 +1,16 @@
+<?php
+
+# mysql:host=xx;dbname=yyy
+# pgsql:host=xx;dbname=yyy
+# sqlite:////full/unix/path/to/file.db?mode=0666
+#
+#$DB_DSN="sqlite:////tmp/cluebringer.sqlite";
+#$DB_DSN="pgsql:host=xx;dbname=yyy";
+#$DB_DSN="mysql:host=xx;dbname=yyy";
+
+${DOLLAR}DB_DSN="${CLUEBRINGER_DB_BACKEND}:host=${CLUEBRINGER_DB_HOST};dbname=${MYSQL_DATABASE}";
+${DOLLAR}DB_USER="${MYSQL_USER}";
+${DOLLAR}DB_PASS="${MYSQL_PASSWORD}";
+
+
+?>
--- a/data/Dockerfiles/policyd/files/tmpl/cluebringer/cluebringer.conf
+++ b/data/Dockerfiles/policyd/files/tmpl/cluebringer/cluebringer.conf
@@ -0,0 +1,192 @@
+#
+# Server configuration
+#
+[server]
+
+# Protocols to load
+protocols=<<EOT
+Postfix
+Bizanga
+EOT
+
+# Modules to load
+modules=<<EOT
+Core
+AccessControl
+CheckHelo
+CheckSPF
+Greylisting
+Quotas
+EOT
+
+# User to run this daemon as
+user=root
+#group=
+
+# Filename to store pid of parent process
+pid_file=/var/run/cluebringer/cbpolicyd.pid
+
+# Uncommenting the below option will prevent cbpolicyd going into the background
+background=no
+
+# Preforking configuration
+#
+# min_server		- Minimum servers to keep around
+# min_spare_servers	- Minimum spare servers to keep around ready to
+# 			  handle requests
+# max_spare_servers	- Maximum spare servers to have around doing nothing
+# max_servers		- Maximum servers alltogether
+# max_requests		- Maximum number of requests each child will serve
+#
+# One may want to use the following as a rough guideline...
+# Small mailserver:  2, 2, 4, 10, 1000
+# Medium mailserver: 4, 4, 12, 25, 1000
+# Large mailserver: 8, 8, 16, 64, 1000
+#
+min_servers=4
+min_spare_servers=4
+max_spare_servers=12
+max_servers=25
+max_requests=1000
+
+
+
+# Log level:
+# 0 - Errors only
+# 1 - Warnings and errors
+# 2 - Notices, warnings, errors
+# 3 - Info, notices, warnings, errors
+# 4 - Debugging
+log_level=4
+
+# File to log to instead of stdout
+log_file=/var/log/cbpolicyd.log
+
+# Log destination for mail logs...
+# main		- Default. Log to policyd's main log mechanism, accepts NO args
+# syslog	- log mail via syslog
+#			format: log_mail=facility@method,args
+#
+# Valid methods for syslog:
+# native	- Let Sys::Syslog decide
+# unix		- Unix socket
+# udp		- UDP socket
+# stream	- Stream (for Solaris)
+#
+# Example: unix native
+#log_mail=mail@syslog:native
+#
+# Example: unix socket
+#log_mail=mail@syslog:unix
+#
+# Example: udp
+#log_mail=mail@syslog:udp,127.0.0.1
+#
+# Example: Solaris
+#log_mail=local0@syslog:stream,/dev/log
+#log_mail=maillog
+log_mail=main
+#mail@syslog:native
+
+# Things to log in extreme detail
+# modules 	- Log detailed module running information
+# tracking 	- Log detailed tracking information
+# policies 	- Log policy resolution
+# protocols 	- Log general protocol info, but detailed
+# bizanga 	- Log the bizanga protocol
+#
+# There is no default for this configuration option. Options can be
+# separated by commas. ie. protocols,modules
+#
+#log_detail=
+
+# IP to listen on, * for all
+host=*
+# host=0.0.0.0
+
+# Port to run on
+port=10031
+
+# Timeout in communication with clients
+#timeout=120
+
+# cidr_allow/cidr_deny
+# Comma, whitespace or semi-colon separated. Contains a CIDR block to
+# compare the clients IP to.  If cidr_allow or cidr_deny options are
+# given, the incoming client must match a cidr_allow and not match a
+# cidr_deny or the client connection will be closed.
+#cidr_allow=0.0.0.0/0
+#cidr_deny=
+
+
+
+[database]
+#DSN=DBI:SQLite:dbname=policyd.sqlite
+#DSN=DBI:mysql:database=policyd;host=localhost
+#DSN=DBI:Pg:database=policyd;host=localhost
+#DSN=DBI:_DBC_DBTYPE_:dbname=_DBC_DBNAME_;host=_DBC_DBSERVER_
+## Debian
+# DB_Type can be one of - pgsql, mysql or sqlite3
+# DB_Host is ignored for sqlite3. For pgsql and mysql it should be left
+#         unset or as 'localhost' if you wish to use unix sockets to communicate
+#         with the database. To use TCP/IP to connect to a local database set
+#         '127.0.0.1' as the value. Otherwise use the hostname or IP address of
+#         the database server.
+# DB_Port is ignored for sqlite3. For pgsql it will default to '5432' and
+#         for mysql the default is '3306'. If you are running your database server
+#         on a non-standard port you should set it's value here.
+# DB_Name defaults to '/var/lib/cluebringer/cluebringer.db' for sqlite3, if you
+#         wish to use another file for the database set it's full path here and
+#         ensure that the cluebringer user can read and write not only the file
+#         but the directory it lives in. For pgsql and mysql this will
+#         default to 'cluebringer', otherwise you should set the name of the
+#         database here.
+
+DSN=DBI:${CLUEBRINGER_DB_BACKEND}:database=${MYSQL_DATABASE};host=${CLUEBRINGER_DB_HOST}
+DB_Type=${CLUEBRINGER_DB_BACKEND}
+DB_Host=${CLUEBRINGER_DB_HOST}
+DB_Port=${CLUEBRINGER_DB_PORT}
+DB_Name=${MYSQL_DATABASE}
+Username=${MYSQL_USER}
+Password=${MYSQL_PASSWORD}
+
+
+# What do we do when we have a database connection problem
+# tempfail	- Return temporary failure
+# pass		- Return success
+bypass_mode=tempfail
+
+# How many seconds before we retry a DB connection
+bypass_timeout=30
+
+
+
+# Access Control module
+[AccessControl]
+enable=1
+
+# Accounting module
+[Accounting]
+enable=1
+
+# Greylisting module
+[Greylisting]
+enable=1
+
+
+# CheckHelo module
+[CheckHelo]
+enable=1
+
+
+# CheckSPF module
+[CheckSPF]
+enable=1
+
+
+# Quotas module
+[Quotas]
+enable=1
+
+
+