Ajout d’une passerelle de messagerie pour les conteneurs.
This commit is contained in:
parent
a8226e2942
commit
be14957a0e
23
env/.env
vendored
23
env/.env
vendored
@ -34,6 +34,28 @@ NINEAPACHE_SERVICE_NAME=nineapache
|
||||
NINEAPACHE_ACTIVATE=1
|
||||
NINEAPACHE_LOCAL=1
|
||||
|
||||
# MTA
|
||||
# passerelle courriel
|
||||
MTA_SERVICE_NAME=mta
|
||||
MTA_ACTIVATE=1
|
||||
MTA_LOCAL=1
|
||||
MTA_RELAY_HOST=
|
||||
MTA_RELAY_PORT=
|
||||
MTA_RELAY_USER="user"
|
||||
|
||||
# DEBUGING MTA
|
||||
# fake-smtp server
|
||||
FAKE_SMTP_NAME=fakesmtp
|
||||
FAKE_SMTP_LOCAL=1
|
||||
FAKE_SMTP_ACTIVATE=1
|
||||
# si actif, il faut sans doute l’utiliser
|
||||
# comme passerelle pour le service MTA
|
||||
#if [ "$FAKE_SMTP_ACTIVATE" -eq 1 ]
|
||||
#then
|
||||
# MTA_RELAY_HOST="$FAKE_SMTP_NAME"
|
||||
# MTA_RELAY_PORT=2525
|
||||
#fi
|
||||
|
||||
# MARIADB
|
||||
MARIADB_SERVICE_NAME=mariadb
|
||||
MARIADB_ACTIVATE=1
|
||||
@ -59,7 +81,6 @@ MINIO_HOST=${MINIO_SERVICE_NAME}
|
||||
MINIO_PORT=9000
|
||||
MINIO_URL=${PROTOCOLE}://${WEB_URL}:9001
|
||||
|
||||
|
||||
# OPENLDAP
|
||||
# LDAP_SYNC Si MASTERIDENTITY = SQL permet la synchronisation des utilisateurs SQL vers LDAP
|
||||
OPENLDAP_SERVICE_NAME=openldap
|
||||
|
33
misc/images/mta/containers/Dockerfile
Executable file
33
misc/images/mta/containers/Dockerfile
Executable file
@ -0,0 +1,33 @@
|
||||
FROM debian:buster-slim
|
||||
|
||||
RUN set -eux; \
|
||||
apt-get update; \
|
||||
apt-get install -y \
|
||||
exim4-daemon-light \
|
||||
tini \
|
||||
; \
|
||||
rm -rf /var/lib/apt/lists/*; \
|
||||
ln -svfT /etc/hostname /etc/mailname
|
||||
|
||||
# https://blog.dhampir.no/content/exim4-line-length-in-debian-stretch-mail-delivery-failed-returning-message-to-sender
|
||||
# https://serverfault.com/a/881197
|
||||
# https://bugs.debian.org/828801
|
||||
RUN echo "IGNORE_SMTP_LINE_LENGTH_LIMIT='true'" >> /etc/exim4/exim4.conf.localmacros
|
||||
|
||||
RUN set -eux; \
|
||||
mkdir -p /var/spool/exim4 /var/log/exim4; \
|
||||
chown -R Debian-exim:Debian-exim /var/spool/exim4 /var/log/exim4
|
||||
|
||||
COPY set-exim4-update-conf docker-entrypoint.sh /usr/local/bin/
|
||||
RUN set -eux; \
|
||||
set-exim4-update-conf \
|
||||
dc_eximconfig_configtype 'internet' \
|
||||
dc_hide_mailname 'true' \
|
||||
dc_local_interfaces '0.0.0.0 ; ::0' \
|
||||
dc_other_hostnames '' \
|
||||
dc_relay_nets '0.0.0.0/0' \
|
||||
;
|
||||
|
||||
EXPOSE 25
|
||||
ENTRYPOINT ["docker-entrypoint.sh"]
|
||||
CMD ["exim", "-bd", "-v"]
|
33
misc/images/mta/containers/docker-entrypoint.sh
Normal file
33
misc/images/mta/containers/docker-entrypoint.sh
Normal file
@ -0,0 +1,33 @@
|
||||
#!/bin/bash
|
||||
set -Eeuo pipefail
|
||||
|
||||
if [ "$1" = 'exim' ]; then
|
||||
if [ -n "${GMAIL_USER:-}" ] && [ -n "${GMAIL_PASSWORD:-}" ]; then
|
||||
# see https://wiki.debian.org/GmailAndExim4
|
||||
export EXIM4_SMARTHOST='smtp.gmail.com::587' \
|
||||
EXIM4_SMARTHOST_USER="$GMAIL_USER" \
|
||||
EXIM4_SMARTHOST_PASSWORD="$GMAIL_PASSWORD"
|
||||
fi
|
||||
unset GMAIL_USER GMAIL_PASSWORD # scrub env of creds
|
||||
|
||||
if [ -n "${EXIM4_SMARTHOST:-}" ]; then
|
||||
set-exim4-update-conf \
|
||||
dc_eximconfig_configtype 'smarthost' \
|
||||
dc_smarthost "$EXIM4_SMARTHOST"
|
||||
if [ -n "${EXIM4_SMARTHOST_USER:-}" ] && [ -n "${EXIM4_SMARTHOST_PASSWORD:-}" ]; then
|
||||
echo "*:$EXIM4_SMARTHOST_USER:$EXIM4_SMARTHOST_PASSWORD" > /etc/exim4/passwd.client
|
||||
fi
|
||||
fi
|
||||
unset EXIM4_SMARTHOST EXIM4_SMARTHOST_USER EXIM4_SMARTHOST_PASSWORD # scrub env of creds
|
||||
|
||||
if [ "$(id -u)" = '0' ]; then
|
||||
mkdir -p /var/spool/exim4 /var/log/exim4 || :
|
||||
chown -R Debian-exim:Debian-exim /var/spool/exim4 /var/log/exim4 || :
|
||||
fi
|
||||
|
||||
if [ "$$" = 1 ]; then
|
||||
set -- tini -- "$@"
|
||||
fi
|
||||
fi
|
||||
|
||||
exec "$@"
|
28
misc/images/mta/containers/set-exim4-update-conf
Normal file
28
misc/images/mta/containers/set-exim4-update-conf
Normal file
@ -0,0 +1,28 @@
|
||||
#!/usr/bin/env bash
|
||||
set -Eeuo pipefail
|
||||
|
||||
conf='/etc/exim4/update-exim4.conf.conf'
|
||||
|
||||
args=()
|
||||
while [ "$#" -gt 0 ]; do
|
||||
key="$1"
|
||||
value="$2"
|
||||
shift 2
|
||||
|
||||
if ! grep -qE "^#?${key}=" "$conf"; then
|
||||
echo >&2 "error: '$key' not found in '$conf'"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
sed_escaped_value="$(sed -e 's/[\/&]/\\&/g' <<<"$value")"
|
||||
args+=( -e "s/^#?(${key})=.*/\1='${sed_escaped_value}'/" )
|
||||
done
|
||||
|
||||
if [ "${#args[@]}" -eq 0 ]; then
|
||||
echo >&2 "error: nothing to do?"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
set -x
|
||||
sed -ri "${args[@]}" "$conf"
|
||||
update-exim4.conf -v
|
32
nine.sh
32
nine.sh
@ -123,18 +123,40 @@ env(){
|
||||
# Construction du dockercompose
|
||||
|
||||
dockercompose() {
|
||||
echo "services:" > docker-compose.yml
|
||||
|
||||
echo "services:" > services.yml
|
||||
echo "secrets:" > secrets.yml
|
||||
echo "networks:" > networks.yml
|
||||
echo " nine-network:" >> networks.yml
|
||||
echo " name: nine-network" >> networks.yml
|
||||
for dir in $(ls -d "services"/[0-9][0-9]-* | sort); do
|
||||
# Construction du docker-compose
|
||||
if [ -f "$dir/dockercompose/dockercompose.yml" ]; then
|
||||
cat "$dir/dockercompose/dockercompose.yml" >> docker-compose.yml
|
||||
unset section
|
||||
while read; do
|
||||
case $REPLY in
|
||||
"services:")
|
||||
section=${REPLY%:}
|
||||
;;
|
||||
"secrets:")
|
||||
section=${REPLY%:}
|
||||
;;
|
||||
"networks:")
|
||||
section=${REPLY%:}
|
||||
;;
|
||||
*)
|
||||
if [ -n "$section" ]; then
|
||||
echo "$REPLY" >> ${section}.yml
|
||||
fi
|
||||
;;
|
||||
|
||||
esac
|
||||
done < "$dir/dockercompose/dockercompose.yml"
|
||||
fi
|
||||
done
|
||||
cat services.yml secrets.yml networks.yml > docker-compose.yml
|
||||
rm -f services.yml secrets.yml networks.yml
|
||||
|
||||
echo "networks:" >> docker-compose.yml
|
||||
echo " nine-network:" >> docker-compose.yml
|
||||
echo " name: nine-network" >> docker-compose.yml
|
||||
}
|
||||
|
||||
#===========================================================================================================================================
|
||||
|
14
services/01-mta/dockercompose/dockercompose.yml
Normal file
14
services/01-mta/dockercompose/dockercompose.yml
Normal file
@ -0,0 +1,14 @@
|
||||
# Passerelle courriel pour les autres conteneurs
|
||||
services:
|
||||
mta:
|
||||
image: postfix
|
||||
container_name: mta
|
||||
restart: unless-stopped
|
||||
env_file: ./services/01-mta/env/.env.merge
|
||||
networks:
|
||||
- nine-network
|
||||
secrets:
|
||||
- postfix_password
|
||||
secrets:
|
||||
postfix_password:
|
||||
file: ./services/01-mta/secrets/postfix_password.txt
|
4
services/01-mta/env/.env
vendored
Normal file
4
services/01-mta/env/.env
vendored
Normal file
@ -0,0 +1,4 @@
|
||||
POSTFIX_HOSTNAME="nine.local"
|
||||
POSTFIX_RELAY_HOST="$MTA_RELAY_HOST:$MTA_RELAY_PORT"
|
||||
POSTFIX_RELAY_USER="$MTA_RELAY_USER"
|
||||
POSTFIX_RELAY_PASSWORD_FILE="/run/secrets/postfix_password"
|
22
services/01-mta/misc/nine.sh
Normal file
22
services/01-mta/misc/nine.sh
Normal file
@ -0,0 +1,22 @@
|
||||
#!/bin/bash
|
||||
|
||||
function upmta {
|
||||
if [[ $MTA_ACTIVATE == 1 && $MTA_LOCAL == 1 ]]
|
||||
then
|
||||
Title ${MTA_SERVICE_NAME^^}
|
||||
EchoVert "CONTAINER"
|
||||
upservice ${MTA_SERVICE_NAME}
|
||||
Echo
|
||||
fi
|
||||
}
|
||||
|
||||
function destroymta {
|
||||
if [[ $MTA_LOCAL == 1 ]]
|
||||
then
|
||||
Title "DESTROY ${MTA_SERVICE_NAME}"
|
||||
|
||||
stop ${MTA_SERVICE_NAME} 1
|
||||
docker-compose rm -s -v -f "${MTA_SERVICE_NAME}"
|
||||
echo ""
|
||||
fi
|
||||
}
|
1
services/01-mta/secrets/postfix_password.txt
Normal file
1
services/01-mta/secrets/postfix_password.txt
Normal file
@ -0,0 +1 @@
|
||||
secret
|
@ -1,4 +1,4 @@
|
||||
|
||||
services:
|
||||
# Nineapache
|
||||
# Reverse proxy de l'ensemble des services
|
||||
# Seul port ouvert sur l'exterieur
|
||||
|
@ -1,4 +1,4 @@
|
||||
|
||||
services:
|
||||
# Mariadb
|
||||
# Base de données des services
|
||||
# Port interne 3306
|
||||
|
@ -1,4 +1,4 @@
|
||||
|
||||
services:
|
||||
# Minio
|
||||
# Stocakge S3
|
||||
# Port interne 9000 pour le stockage / Port interne 9001 pour l'interface web
|
||||
@ -12,4 +12,4 @@
|
||||
networks:
|
||||
- nine-network
|
||||
volumes:
|
||||
- './services/30-minio/volume/data:/data'
|
||||
- './services/30-minio/volume/data:/data'
|
||||
|
@ -1,4 +1,4 @@
|
||||
|
||||
services:
|
||||
# Openldap
|
||||
# Annuaire
|
||||
# Port interne 1389 & 1636
|
||||
|
@ -1,4 +1,4 @@
|
||||
|
||||
services:
|
||||
# Redis
|
||||
# Base de données redis pour les services qui souhaitent stocker leur session en bdd
|
||||
# Port interne 6379
|
||||
|
@ -1,4 +1,4 @@
|
||||
|
||||
services:
|
||||
# Keycloak
|
||||
# serveur SSO
|
||||
# Port interne 8999 & 8443
|
||||
|
@ -1,4 +1,4 @@
|
||||
|
||||
services:
|
||||
# Dokuwiki
|
||||
# Wiki
|
||||
# Port interne 80
|
||||
|
@ -1,4 +1,4 @@
|
||||
|
||||
services:
|
||||
# Nextcloud
|
||||
# Hébergement de fichiers et une plateforme de collaboration
|
||||
# Port interne 80
|
||||
|
@ -1,4 +1,4 @@
|
||||
|
||||
services:
|
||||
# Nineboard
|
||||
# Tableaux de bord collaboratif
|
||||
# Port interne 80
|
||||
|
@ -1,4 +1,4 @@
|
||||
|
||||
services:
|
||||
# Ninegate
|
||||
# Portail collaboratif
|
||||
# Port interne 80
|
||||
|
@ -1,4 +1,4 @@
|
||||
|
||||
services:
|
||||
# Nineskeletor
|
||||
# Portail collaboratif
|
||||
# Port interne 80
|
||||
|
@ -1,4 +1,4 @@
|
||||
|
||||
services:
|
||||
# Wordpress
|
||||
# Reseau de blog
|
||||
# Port interne 80
|
||||
|
@ -1,4 +1,4 @@
|
||||
|
||||
services:
|
||||
# Adminer
|
||||
# Gestionnaire BDD
|
||||
# Port interne 8080
|
||||
|
11
services/90-fakesmtp/dockercompose/dockercompose.yml
Normal file
11
services/90-fakesmtp/dockercompose/dockercompose.yml
Normal file
@ -0,0 +1,11 @@
|
||||
# Passerelle courriel pour les autres conteneurs
|
||||
services:
|
||||
fakesmtp:
|
||||
image: reg.cadoles.com/cadoles/fake-smtp
|
||||
container_name: fakesmtp
|
||||
restart: unless-stopped
|
||||
env_file: ./services/90-fakesmtp/env/.env.merge
|
||||
networks:
|
||||
- nine-network
|
||||
ports:
|
||||
- "8080:8080"
|
0
services/90-fakesmtp/env/.env
vendored
Normal file
0
services/90-fakesmtp/env/.env
vendored
Normal file
22
services/90-fakesmtp/misc/nine.sh
Normal file
22
services/90-fakesmtp/misc/nine.sh
Normal file
@ -0,0 +1,22 @@
|
||||
#!/bin/bash
|
||||
|
||||
function upfakesmtp {
|
||||
if [[ $FAKE_SMTP_ACTIVATE == 1 && $FAKE_SMTP_LOCAL == 1 ]]
|
||||
then
|
||||
Title ${FAKE_SMTP_NAME^^}
|
||||
EchoVert "CONTAINER"
|
||||
upservice ${FAKE_SMTP_NAME}
|
||||
Echo
|
||||
fi
|
||||
}
|
||||
|
||||
function destroyfakesmtp {
|
||||
if [[ $FAKE_SMTP_LOCAL == 1 ]]
|
||||
then
|
||||
Title "DESTROY ${FAKE_SMTP_NAME}"
|
||||
|
||||
stop ${FAKE_SMTP_NAME} 1
|
||||
docker-compose rm -s -v -f "${FAKE_SMTP_NAME}"
|
||||
echo ""
|
||||
fi
|
||||
}
|
@ -1,4 +1,4 @@
|
||||
|
||||
services:
|
||||
# Phpldapadmin
|
||||
# Gestionnaire Annuaire
|
||||
# Port interne 80
|
||||
|
Loading…
Reference in New Issue
Block a user