mirror of
https://github.com/casjaysdevdocker/mailman
synced 2025-01-19 06:34:33 -05:00
185 lines
6.0 KiB
Bash
185 lines
6.0 KiB
Bash
|
#!/bin/bash
|
||
|
# By d3fk::Angatar
|
||
|
|
||
|
URL_HOST="${URL_HOST:-lists.example.com}"
|
||
|
EMAIL_HOST="${EMAIL_HOST:-lists.example.com}"
|
||
|
MASTER_PASSWORD="${MASTER_PASSWORD:-example}"
|
||
|
LIST_ADMIN="${LIST_ADMIN:-admin@lists.example.com}"
|
||
|
LIST_LANGUAGE_CODE="${LIST_LANGUAGE_CODE:-en}"
|
||
|
ENABLE_SPF_CHECK="${ENABLE_SPF_CHECK:-false}"
|
||
|
URL_ROOT="${URL_ROOT:-/}"
|
||
|
URL_PATTERN="${URL_PATTERN:-http}"
|
||
|
SSL_FROM_CONTAINER="${SSL_FROM_CONTAINER:-false}"
|
||
|
SSL_SELFSIGNED="${SSL_SELFSIGNED:-false}"
|
||
|
|
||
|
if [ ! -f started ]; then
|
||
|
|
||
|
#set default email originator / and root user aliase
|
||
|
echo "root: ${LIST_ADMIN}" >/etc/email-addresses
|
||
|
/bin/sed -i "s/admin@example\.com/${LIST_ADMIN}/" /etc/aliases
|
||
|
|
||
|
#declare Hostname in hostname and mailname files
|
||
|
echo "${EMAIL_HOST}" >/etc/hostname
|
||
|
echo ${EMAIL_HOST} >/etc/mailname
|
||
|
|
||
|
hostname -I | awk -v hostname=${EMAIL_HOST} '{disp=$1" " hostname; print disp}' >>/etc/hosts
|
||
|
|
||
|
#Change owner:group of mailman directory
|
||
|
chown -R list:list /var/lib/mailman/
|
||
|
|
||
|
#Create docroot
|
||
|
mkdir /var/www/lists
|
||
|
echo "<html><h2>Welcome to ${URL_HOST}</h2></html>" >/var/www/lists/index.html
|
||
|
|
||
|
mailmancfg='/etc/mailman/mm_cfg.py'
|
||
|
|
||
|
# define the URL pattern for mailman
|
||
|
if [ $URL_PATTERN != "http" ]; then
|
||
|
echo "DEFAULT_URL_PATTERN = 'https://%s/${URL_ROOT}'" >>$mailmancfg
|
||
|
else
|
||
|
echo "DEFAULT_URL_PATTERN = 'http://%s/${URL_ROOT}'" >>$mailmancfg
|
||
|
fi
|
||
|
|
||
|
# enable spf check if requested
|
||
|
if [ $ENABLE_SPF_CHECK = "true" ]; then
|
||
|
echo "installing SPF tools before enabling..."
|
||
|
apt-get install -y spf-tools-perl
|
||
|
|
||
|
/bin/sed -i "s/#CHECK_RCPT_SPF/CHECK_RCPT_SPF/" /etc/exim4/conf.d/main/00_local_macros
|
||
|
echo "SPF CHECK is now enabled"
|
||
|
fi
|
||
|
|
||
|
# Replace default hostnames with runtime values:
|
||
|
/bin/sed -i "s/lists\.example\.com/${EMAIL_HOST}/" /etc/exim4/conf.d/main/00_local_macros
|
||
|
/bin/sed -i "s/lists\.example\.com/${EMAIL_HOST}/" /etc/exim4/conf.d/main/04_mailman_options
|
||
|
/bin/sed -i "s/lists\.example\.com/${EMAIL_HOST}/" /etc/exim4/update-exim4.conf.conf
|
||
|
/bin/sed -i "s/lists\.example\.com/${URL_HOST}/" /etc/apache2/apache2.conf
|
||
|
/bin/sed -i "s/lists\.example\.com/${URL_HOST}/" /etc/apache2/sites-available/mailman.conf
|
||
|
/bin/sed -i "s/URL_ROOT\//${URL_ROOT//\//\\/}/" /etc/apache2/sites-available/mailman.conf
|
||
|
/bin/sed -i "s/lists\.example\.com/${EMAIL_HOST}/" $mailmancfg
|
||
|
/bin/sed -i "s/DEFAULT_URL_HOST.*\=.*/DEFAULT_URL_HOST\ \=\ \'${URL_HOST}\'/" $mailmancfg
|
||
|
/bin/sed -i "s/DEFAULT_SERVER_LANGUAGE.*\=.*/DEFAULT_SERVER_LANGUAGE\ \=\ \'${LIST_LANGUAGE_CODE}\'/" $mailmancfg
|
||
|
|
||
|
echo -n "Setting up Mailman..."
|
||
|
{
|
||
|
dpkg-reconfigure mailman
|
||
|
|
||
|
# especialy for debian:buster
|
||
|
mkdir /var/run/mailman
|
||
|
chown list:list /var/run/mailman/
|
||
|
ln -s /var/lib/mailman/bin/mailmanctl /etc/init.d/mailman
|
||
|
}
|
||
|
|
||
|
echo -n "Initializing mailing lists..."
|
||
|
{
|
||
|
/usr/sbin/mmsitepass ${MASTER_PASSWORD}
|
||
|
/usr/sbin/newlist -q -l ${LIST_LANGUAGE_CODE} mailman ${LIST_ADMIN} ${MASTER_PASSWORD}
|
||
|
}
|
||
|
|
||
|
#update aliases
|
||
|
/usr/bin/newaliases
|
||
|
|
||
|
echo -n "Setting up Apache web server..."
|
||
|
{
|
||
|
a2enmod -q cgi
|
||
|
if [ $SSL_FROM_CONTAINER = "true" ]; then
|
||
|
if [ $SSL_SELFSIGNED = "true" ]; then
|
||
|
make-ssl-cert generate-default-snakeoil --force-overwrite
|
||
|
echo -n "self signed SSL certificate freshly regenerated..."
|
||
|
fi
|
||
|
a2enmod ssl
|
||
|
fi
|
||
|
a2dissite -q 000-default
|
||
|
a2ensite mailman.conf
|
||
|
# edit apache default security.conf for production
|
||
|
/bin/sed -i "s/ServerSignature On/ServerSignature Off/" /etc/apache2/conf-available/security.conf
|
||
|
/bin/sed -i "s/ServerTokens OS/ServerTokens Prod/" /etc/apache2/conf-available/security.conf
|
||
|
echo "Apache2 new configuration is now activated"
|
||
|
echo "The service apache2 will be started at the end of this container deployment"
|
||
|
}
|
||
|
|
||
|
echo "Setting up RSA keys for DKIM..."
|
||
|
{
|
||
|
if [ ! -f /etc/exim4/tls.d/private.pem ]; then
|
||
|
mkdir -p /etc/exim4/tls.d
|
||
|
openssl genrsa -out /etc/exim4/tls.d/private.pem 2048
|
||
|
openssl rsa -in /etc/exim4/tls.d/private.pem -out /etc/exim4/tls.d/public.pem -pubout
|
||
|
fi
|
||
|
}
|
||
|
|
||
|
key=$(sed -e '/^-/d' /etc/exim4/tls.d/public.pem | paste -sd '' -)
|
||
|
|
||
|
echo "setting up cert for TLS..."
|
||
|
{
|
||
|
if [ ! -f /etc/exim4/exim.key ]; then
|
||
|
openssl req -x509 -sha256 -days 9000 -nodes -newkey rsa:4096 -keyout /etc/exim4/exim.key -out /etc/exim4/exim.crt -subj "/O=${EMAIL_HOST}/OU=IT Department/CN=${EMAIL_HOST}"
|
||
|
echo "Cert for TLS now generated..."
|
||
|
fi
|
||
|
}
|
||
|
|
||
|
echo "Fixing exim4 permissions..."
|
||
|
{
|
||
|
chown -R Debian-exim:Debian-exim /etc/exim4
|
||
|
chown -R Debian-exim /var/log/exim4
|
||
|
}
|
||
|
|
||
|
#build updated exim config file
|
||
|
echo "Setting up Exim4..."
|
||
|
{
|
||
|
update-exim4.conf
|
||
|
}
|
||
|
|
||
|
echo "Fixing mailman permissons..."
|
||
|
{
|
||
|
/usr/lib/mailman/bin/check_perms -f >/dev/null
|
||
|
}
|
||
|
|
||
|
touch started
|
||
|
echo "///////////This d3fk/mailman2 container is now configured !///////////"
|
||
|
|
||
|
fi
|
||
|
|
||
|
echo "Starting up services..."
|
||
|
{
|
||
|
/etc/init.d/exim4 start
|
||
|
/etc/init.d/mailman start
|
||
|
echo " exim4 OK ... mailman OK ..."
|
||
|
}
|
||
|
|
||
|
echo '------------- Apache2 service is starting -------------'
|
||
|
echo
|
||
|
echo
|
||
|
cat <<EOB
|
||
|
|
||
|
***********************************************
|
||
|
* *
|
||
|
* TO COMPLETE DKIM SETUP, COPY THE *
|
||
|
* FOLLOWING CODE INTO A NEW TXT RECORD *
|
||
|
* IN YOUR DNS SERVER: *
|
||
|
* *
|
||
|
***********************************************
|
||
|
|
||
|
EOB
|
||
|
echo "listsdkim._domainkey.${EMAIL_HOST} IN TXT \"v=DKIM1; k=rsa; p=$key\""
|
||
|
echo
|
||
|
echo
|
||
|
|
||
|
# defining stop actions in case of SIGTERM or SIGINT
|
||
|
graceful_stop() {
|
||
|
echo "The container was asked to terminate its processes gracefully..."
|
||
|
/etc/init.d/mailman stop
|
||
|
/etc/init.d/exim4 stop
|
||
|
apachectl -k stop
|
||
|
echo "Apache2 server is now stopped."
|
||
|
echo "Asking for exit with code 143 (SIGTERM)..."
|
||
|
exit 143
|
||
|
}
|
||
|
|
||
|
# trapping SIGTERM and SIGINT termination signals and trigger actions
|
||
|
trap 'graceful_stop' SIGTERM SIGINT
|
||
|
|
||
|
echo '------------- CONTAINER UP AND RUNNING! -------------'
|
||
|
# Starting apache2 in foreground & wait
|
||
|
apachectl -DFOREGROUND -k start &
|
||
|
wait ${!}
|