🗃️ Committing everything that changed 🗃️

Dockerfile
rootfs/root/
rootfs/usr/local/etc/docker/init.d/

Dockerfile

@@ -22,7 +22,7 @@ ARG IMAGE_REPO="casjaysdevdocker/mailman"
 ARG IMAGE_VERSION="latest"
 ARG CONTAINER_VERSION=""
 
-ARG PULL_URL="d3fk/mailman2"
+ARG PULL_URL="casjaysdev/debian"
 ARG DISTRO_VERSION="${IMAGE_VERSION}"
 ARG BUILD_VERSION="${BUILD_DATE}"
 
@@ -46,7 +46,7 @@ ARG DEFAULT_TEMPLATE_DIR
 ARG DISTRO_VERSION
 ARG PHP_VERSION
 
-ARG PACK_LIST="bash bash-completion git curl wget sudo unzip tini xz-utils iproute2 locales procps net-tools bsd-mailx \
+ARG PACK_LIST="bash mailman exim4 apache2 apache2-data apache2-utils curl \
   "
 
 ENV ENV=~/.bashrc

rootfs/root/docker/conf/00_local_macros

@@ -0,0 +1,14 @@
+DKIM_CANON = relaxed
+DKIM_SELECTOR = listsdkim
+DKIM_DOMAIN = lists.example.com
+DKIM_PRIVATE_KEY = /etc/exim4/tls.d/private.pem
+smtp_banner = lists.example.com
+REMOTE_SMTP_HELO_DATA = lists.example.com
+MAIN_TLS_ENABLE = true
+REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS = *
+# DAEMON_SMTP_PORTS and TLS_ON_CONNECT_PORTS var need to be lowercase
+daemon_smtp_ports = 25 : 465 : 587
+tls_on_connect_ports = 465 : 587
+# Declare the official primary_hostname to reduce container level complexity
+MAIN_HARDCODE_PRIMARY_HOSTNAME = lists.example.com
+#CHECK_RCPT_SPF = true

rootfs/root/docker/conf/04_mailman_options

@@ -0,0 +1,30 @@
+# start
+# Home dir for your Mailman installation -- aka Mailman's prefix
+# directory.
+# By default this is set to "/usr/local/mailman"
+# On a Red Hat/Fedora system using the RPM use "/var/mailman"
+# On Debian using the deb package use "/var/lib/mailman"
+# This is normally the same as ~mailman
+MM_HOME=/var/lib/mailman
+#
+# User and group for Mailman, should match your --with-mail-gid
+# switch to Mailman's configure script.  Value is normally "mailman"
+MM_UID=list
+MM_GID=list
+#
+# Domains that your lists are in - colon separated list
+# you may wish to add these into local_domains as well
+domainlist mm_domains=lists.example.com
+#
+# -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
+#
+# These values are derived from the ones above and should not need
+# editing unless you have munged your mailman installation
+#
+# The path of the Mailman mail wrapper script
+MM_WRAP=MM_HOME/mail/mailman
+#
+# The path of the list config file (used as a required file when
+# verifying list addresses)
+MM_LISTCHK=MM_HOME/lists/${lc::$local_part}/config.pck
+# end

rootfs/root/docker/conf/40_mailman_pipe

@@ -0,0 +1,11 @@
+mailman_transport:
+   driver = pipe
+   command = MM_WRAP \
+          '${if def:local_part_suffix \
+                {${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \
+                {post}}' \
+          $local_part
+   current_directory = MM_HOME
+   home_directory = MM_HOME
+   user = MM_UID
+   group = MM_GID

rootfs/root/docker/conf/450_mailman_aliases

@@ -0,0 +1,12 @@
+mailman_router:
+  driver = accept
+  domains = +mm_domains
+  require_files = MM_LISTCHK
+  local_part_suffix_optional
+  local_part_suffix = -admin : \
+    -bounces   : -bounces+*  : \
+    -confirm   : -confirm+*  : \
+    -join      : -leave      : \
+    -owner     : -request    : \
+    -subscribe : -unsubscribe
+  transport = mailman_transport

rootfs/root/docker/conf/aliases

@@ -0,0 +1,23 @@
+mailer-daemon: postmaster
+postmaster: root
+nobody: root
+hostmaster: root
+usenet: root
+news: root
+webmaster: root
+www: root
+ftp: root
+abuse: root
+noc: root
+security: root
+root: admin@example.com
+mailman:              "|/var/lib/mailman/mail/mailman post mailman"
+mailman-admin:        "|/var/lib/mailman/mail/mailman admin mailman"
+mailman-bounces:      "|/var/lib/mailman/mail/mailman bounces mailman"
+mailman-confirm:      "|/var/lib/mailman/mail/mailman confirm mailman"
+mailman-join:         "|/var/lib/mailman/mail/mailman join mailman"
+mailman-leave:        "|/var/lib/mailman/mail/mailman leave mailman"
+mailman-owner:        "|/var/lib/mailman/mail/mailman owner mailman"
+mailman-request:      "|/var/lib/mailman/mail/mailman request mailman"
+mailman-subscribe:    "|/var/lib/mailman/mail/mailman subscribe mailman"
+mailman-unsubscribe:  "|/var/lib/mailman/mail/mailman unsubscribe mailman"

rootfs/root/docker/conf/exim4-config.cfg

@@ -0,0 +1,14 @@
+exim4-config exim4/dc_postmaster string 
+exim4-config exim4/hide_mailname boolean 
+exim4-config exim4/dc_minimaldns boolean false
+exim4-config exim4/dc_readhost string 
+exim4-config exim4/dc_other_hostnames string 
+exim4-config exim4/dc_relay_nets string 
+exim4-config exim4/dc_smarthost string 
+exim4-config exim4/dc_localdelivery select mbox format in /var/mail/
+exim4-config exim4/no_config boolean true
+exim4-config exim4/use_split_config boolean true
+exim4-config exim4/dc_local_interfaces string 
+exim4-config exim4/dc_relay_domains string 
+exim4-config exim4/dc_eximconfig_configtype select internet site; mail is sent and received directly using SMTP
+exim4-config exim4/mailname string lists.example.com

rootfs/root/docker/conf/mailman.conf

@@ -0,0 +1,85 @@
+# Configuration for Debian mailman with Apache
+<Directory /usr/lib/cgi-bin/mailman/>
+    AllowOverride None
+    Options ExecCGI
+    AddHandler cgi-script .cgi
+    Require all granted
+</Directory>
+<Directory /var/lib/mailman/archives/public/>
+    Options FollowSymlinks
+    AllowOverride None
+    Require all granted
+</Directory>
+<Directory /usr/share/images/mailman/>
+    AllowOverride None
+    Require all granted
+</Directory>
+
+
+
+<VirtualHost *:80>
+ServerName lists.example.com
+
+<IfModule mod_ssl.c>
+  Redirect "/" "https://lists.example.com/"
+</IfModule>
+
+DocumentRoot /var/www/lists
+ErrorLog /var/log/apache2/lists-error.log
+CustomLog /var/log/apache2/lists-access.log combined
+<Directory /var/lib/mailman/archives/>
+    Options FollowSymLinks
+    AllowOverride None
+</Directory>
+Alias /URL_ROOT/pipermail/ /var/lib/mailman/archives/public/
+Alias /images/mailman/ /usr/share/images/mailman/
+
+ScriptAlias /URL_ROOT/admin /usr/lib/cgi-bin/mailman/admin
+ScriptAlias /URL_ROOT/admindb /usr/lib/cgi-bin/mailman/admindb
+ScriptAlias /URL_ROOT/confirm /usr/lib/cgi-bin/mailman/confirm
+ScriptAlias /URL_ROOT/create /usr/lib/cgi-bin/mailman/create
+ScriptAlias /URL_ROOT/edithtml /usr/lib/cgi-bin/mailman/edithtml
+ScriptAlias /URL_ROOT/listinfo /usr/lib/cgi-bin/mailman/listinfo
+ScriptAlias /URL_ROOT/options /usr/lib/cgi-bin/mailman/options
+ScriptAlias /URL_ROOT/private /usr/lib/cgi-bin/mailman/private
+ScriptAlias /URL_ROOT/rmlist /usr/lib/cgi-bin/mailman/rmlist
+ScriptAlias /URL_ROOT/roster /usr/lib/cgi-bin/mailman/roster
+ScriptAlias /URL_ROOT/subscribe /usr/lib/cgi-bin/mailman/subscribe
+ScriptAlias /URL_ROOT/mailman/ /usr/lib/cgi-bin/mailman/
+</VirtualHost>
+
+<IfModule mod_ssl.c>
+<VirtualHost *:443>
+ServerName lists.example.com
+DocumentRoot /var/www/lists
+ErrorLog /var/log/apache2/lists-error.log
+CustomLog /var/log/apache2/lists-access.log combined
+<Directory /var/lib/mailman/archives/>
+    Options FollowSymLinks
+    AllowOverride None
+</Directory>
+Alias /URL_ROOT/pipermail/ /var/lib/mailman/archives/public/
+Alias /images/mailman/ /usr/share/images/mailman/
+
+ScriptAlias /URL_ROOT/admin /usr/lib/cgi-bin/mailman/admin
+ScriptAlias /URL_ROOT/admindb /usr/lib/cgi-bin/mailman/admindb
+ScriptAlias /URL_ROOT/confirm /usr/lib/cgi-bin/mailman/confirm
+ScriptAlias /URL_ROOT/create /usr/lib/cgi-bin/mailman/create
+ScriptAlias /URL_ROOT/edithtml /usr/lib/cgi-bin/mailman/edithtml
+ScriptAlias /URL_ROOT/listinfo /usr/lib/cgi-bin/mailman/listinfo
+ScriptAlias /URL_ROOT/options /usr/lib/cgi-bin/mailman/options
+ScriptAlias /URL_ROOT/private /usr/lib/cgi-bin/mailman/private
+ScriptAlias /URL_ROOT/rmlist /usr/lib/cgi-bin/mailman/rmlist
+ScriptAlias /URL_ROOT/roster /usr/lib/cgi-bin/mailman/roster
+ScriptAlias /URL_ROOT/subscribe /usr/lib/cgi-bin/mailman/subscribe
+ScriptAlias /URL_ROOT/mailman/ /usr/lib/cgi-bin/mailman/
+
+SSLEngine on
+SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
+SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+
+</VirtualHost>
+</IfModule>
+
+
+

rootfs/root/docker/conf/mm_cfg.py

@@ -0,0 +1,128 @@
+# -*- python -*-
+
+# Copyright (C) 1998,1999,2000 by the Free Software Foundation, Inc.
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301 USA
+
+
+"""This is the module which takes your site-specific settings.
+
+From a raw distribution it should be copied to mm_cfg.py.  If you
+already have an mm_cfg.py, be careful to add in only the new settings
+you want.  The complete set of distributed defaults, with annotation,
+are in ./Defaults.  In mm_cfg, override only those you want to
+change, after the
+
+  from Defaults import *
+
+line (see below).
+
+Note that these are just default settings - many can be overridden via the
+admin and user interfaces on a per-list or per-user basis.
+
+Note also that some of the settings are resolved against the active list
+setting by using the value as a format string against the
+list-instance-object's dictionary - see the distributed value of
+DEFAULT_MSG_FOOTER for an example."""
+
+
+#######################################################
+#    Here's where we get the distributed defaults.    #
+
+from Defaults import *
+
+##############################################################
+# Put YOUR site-specific configuration below, in mm_cfg.py . #
+# See Defaults.py for explanations of the values.            #
+
+#-------------------------------------------------------------
+# The name of the list Mailman uses to send password reminders
+# and similar. Don't change if you want mailman-owner to be
+# a valid local part.
+MAILMAN_SITE_LIST = 'mailman'
+
+#-------------------------------------------------------------
+# If you change these, you have to configure your http server
+# accordingly (Alias and ScriptAlias directives in most httpds)
+#DEFAULT_URL_PATTERN = 'http://%s/cgi-bin/mailman/'
+IMAGE_LOGOS         = '/images/mailman/'
+
+#-------------------------------------------------------------
+# Default domain for email addresses of newly created MLs
+DEFAULT_EMAIL_HOST = 'lists.example.com'
+#-------------------------------------------------------------
+# Default host for web interface of newly created MLs
+DEFAULT_URL_HOST = 'lists.example.com'
+#-------------------------------------------------------------
+# Required when setting any of its arguments.
+add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)
+
+#-------------------------------------------------------------
+# The default language for this server.
+DEFAULT_SERVER_LANGUAGE = 'en'
+
+#-------------------------------------------------------------
+# Iirc this was used in pre 2.1, leave it for now
+USE_ENVELOPE_SENDER    = 0              # Still used?
+
+#-------------------------------------------------------------
+# Unset send_reminders on newly created lists
+DEFAULT_SEND_REMINDERS = 0
+
+#-------------------------------------------------------------
+# Uncomment this if you configured your MTA such that it
+# automatically recognizes newly created lists.
+# (see /usr/share/doc/mailman/README.Exim4.Debian or
+# /usr/share/mailman/postfix-to-mailman.py)
+# MTA=None   # Misnomer, suppresses alias output on newlist
+
+#-------------------------------------------------------------
+# Uncomment if you use Postfix virtual domains (but not
+# postfix-to-mailman.py), but be sure to see
+# /usr/share/doc/mailman/README.Debian first.
+# MTA='Postfix'
+
+#-------------------------------------------------------------
+# Uncomment if you want to filter mail with SpamAssassin. For
+# more information please visit this website:
+# http://www.jamesh.id.au/articles/mailman-spamassassin/
+# GLOBAL_PIPELINE.insert(1, 'SpamAssassin')
+
+# Note - if you're looking for something that is imported from mm_cfg, but you
+# didn't find it above, it's probably in /usr/lib/mailman/Mailman/Defaults.py.
+MTA = None
+DELIVERY_MODULE = "SMTPDirect"
+SMTP_MAX_RCPTS = 500
+MAX_DELIVERY_THREADS = 0
+SMTPHOST = 'lists.example.com'
+SMTPPORT = 0
+DEFAULT_SEND_REMINDERS = 0
+DEFAULT_MAX_MESSAGE_SIZE = 11240
+DEFAULT_FROM_IS_LIST = True
+DEFAULT_DMARC_MODERATION_ACTION = True
+DEFAULT_SEND_WELCOME_MSG = False
+DEFAULT_SEND_GOODBYE_MSG = False
+DEFAULT_SUBSCRIBE_POLICY = 3  
+DEFAULT_MSG_FOOTER = """_______________________________________________
+%(real_name)s mailing list
+%(real_name)s@%(host_name)s
+"""
+SMTP_USE_TLS = Yes
+DEFAULT_ARCHIVE_PRIVATE = True
+VIRTUAL_MAILMAN_LOCAL_DOMAIN = 'lists.example.com'
+DEFAULT_MAX_DAYS_TO_HOLD = 15
+DEFAULT_DIGEST_SEND_PERIODIC = False
+REMOVE_DKIM_HEADERS = Yes

rootfs/root/docker/conf/run.sh

@@ -0,0 +1,176 @@
+#!/bin/bash
+# By d3fk::Angatar
+
+if [ ! -f started ]; then
+
+        #set default email originator /  and root user aliase
+        echo "root: ${LIST_ADMIN}" > /etc/email-addresses
+        /bin/sed -i "s/admin@example\.com/${LIST_ADMIN}/" /etc/aliases
+
+        #declare Hostname in hostname and mailname files
+        echo "${EMAIL_HOST}" > /etc/hostname
+        echo ${EMAIL_HOST} > /etc/mailname
+
+        hostname -I |  awk -v hostname=${EMAIL_HOST} '{disp=$1"    " hostname; print disp}' >> /etc/hosts
+
+        #Change owner:group of mailman directory
+        chown -R list:list /var/lib/mailman/
+
+        #Create docroot
+        mkdir /var/www/lists
+        echo "<html><h2>Welcome to ${URL_HOST}</h2></html>" > /var/www/lists/index.html
+
+        mailmancfg='/etc/mailman/mm_cfg.py'
+
+        # define the URL pattern for mailman
+        if [ $URL_PATTERN != "http" ]; then
+        echo "DEFAULT_URL_PATTERN = 'https://%s/${URL_ROOT}'" >> $mailmancfg
+        else
+        echo "DEFAULT_URL_PATTERN = 'http://%s/${URL_ROOT}'" >> $mailmancfg
+        fi
+
+        # enable spf check if requested
+        if [ $ENABLE_SPF_CHECK = "true" ]; then
+        echo "installing SPF tools before enabling..."
+        apt-get install -y spf-tools-perl
+
+        /bin/sed -i "s/#CHECK_RCPT_SPF/CHECK_RCPT_SPF/" /etc/exim4/conf.d/main/00_local_macros
+        echo "SPF CHECK is now enabled"
+        fi
+
+        # Replace default hostnames with runtime values:
+        /bin/sed -i "s/lists\.example\.com/${EMAIL_HOST}/" /etc/exim4/conf.d/main/00_local_macros
+        /bin/sed -i "s/lists\.example\.com/${EMAIL_HOST}/" /etc/exim4/conf.d/main/04_mailman_options
+        /bin/sed -i "s/lists\.example\.com/${EMAIL_HOST}/" /etc/exim4/update-exim4.conf.conf
+        /bin/sed -i "s/lists\.example\.com/${URL_HOST}/" /etc/apache2/apache2.conf
+        /bin/sed -i "s/lists\.example\.com/${URL_HOST}/" /etc/apache2/sites-available/mailman.conf
+        /bin/sed -i "s/URL_ROOT\//${URL_ROOT//\//\\/}/" /etc/apache2/sites-available/mailman.conf
+        /bin/sed -i "s/lists\.example\.com/${EMAIL_HOST}/" $mailmancfg
+        /bin/sed -i "s/DEFAULT_URL_HOST.*\=.*/DEFAULT_URL_HOST\ \=\ \'${URL_HOST}\'/" $mailmancfg
+        /bin/sed -i "s/DEFAULT_SERVER_LANGUAGE.*\=.*/DEFAULT_SERVER_LANGUAGE\ \=\ \'${LIST_LANGUAGE_CODE}\'/" $mailmancfg
+
+
+        echo -n "Setting up Mailman..."
+        {
+                dpkg-reconfigure mailman
+
+        #      especialy for debian:buster
+        mkdir /var/run/mailman
+        chown list:list /var/run/mailman/
+        ln -s /var/lib/mailman/bin/mailmanctl /etc/init.d/mailman
+        }
+
+
+        echo -n "Initializing mailing lists..."
+        {
+                /usr/sbin/mmsitepass ${MASTER_PASSWORD}
+                /usr/sbin/newlist -q -l ${LIST_LANGUAGE_CODE} mailman ${LIST_ADMIN} ${MASTER_PASSWORD}
+        }
+
+        #update aliases
+        /usr/bin/newaliases
+
+
+        echo -n "Setting up Apache web server..."
+        {
+                a2enmod -q cgi
+                if [ $SSL_FROM_CONTAINER = "true" ]; then
+                if [ $SSL_SELFSIGNED = "true" ]; then
+                        make-ssl-cert generate-default-snakeoil --force-overwrite
+                        echo -n "self signed SSL certificate freshly regenerated..."
+                fi
+                a2enmod ssl
+                fi
+                a2dissite -q 000-default
+                a2ensite mailman.conf
+        # edit apache default security.conf for production
+                /bin/sed -i "s/ServerSignature On/ServerSignature Off/" /etc/apache2/conf-available/security.conf
+                /bin/sed -i "s/ServerTokens OS/ServerTokens Prod/" /etc/apache2/conf-available/security.conf
+                echo "Apache2 new configuration is now activated"
+                echo "The service apache2 will be started at the end of this container deployment"
+        }
+
+        echo "Setting up RSA keys for DKIM..."
+        {
+                if [ ! -f /etc/exim4/tls.d/private.pem ]; then
+                        mkdir -p /etc/exim4/tls.d
+                        openssl genrsa -out /etc/exim4/tls.d/private.pem 2048
+                        openssl rsa -in /etc/exim4/tls.d/private.pem -out /etc/exim4/tls.d/public.pem -pubout
+                fi
+        }
+
+        key=$(sed -e '/^-/d' /etc/exim4/tls.d/public.pem|paste -sd '' -)
+
+        echo "setting up cert for TLS..."
+        {
+                if [ ! -f /etc/exim4/exim.key ]; then
+                        openssl req -x509 -sha256 -days 9000 -nodes -newkey rsa:4096 -keyout /etc/exim4/exim.key -out /etc/exim4/exim.crt -subj "/O=${EMAIL_HOST}/OU=IT Department/CN=${EMAIL_HOST}"
+                        echo "Cert for TLS now generated..."
+                fi
+        }
+
+        echo "Fixing exim4 permissions..."
+        {
+                chown -R Debian-exim:Debian-exim /etc/exim4
+                chown -R Debian-exim /var/log/exim4
+        }
+
+        #build updated exim config file
+        echo  "Setting up Exim4..."
+        {
+                update-exim4.conf
+        }
+
+        echo  "Fixing mailman permissons..."
+        {
+                /usr/lib/mailman/bin/check_perms -f > /dev/null
+        }
+
+        touch started
+        echo "///////////This d3fk/mailman2 container is now configured !///////////"
+
+fi
+
+echo "Starting up services..."
+{
+	/etc/init.d/exim4 start
+	/etc/init.d/mailman start
+echo " exim4 OK ... mailman OK ..."
+}
+
+echo '------------- Apache2 service is starting -------------'
+echo
+echo
+cat << EOB
+
+    ***********************************************
+    *                                             *
+    *   TO COMPLETE DKIM SETUP, COPY THE          *
+    *   FOLLOWING CODE INTO A NEW TXT RECORD      *
+    *   IN YOUR DNS SERVER:                       *
+    *                                             *
+    ***********************************************
+
+EOB
+echo "listsdkim._domainkey.${EMAIL_HOST} IN TXT \"v=DKIM1; k=rsa; p=$key\""
+echo
+echo
+
+# defining stop actions in case of SIGTERM or SIGINT
+graceful_stop() {
+  echo "The container was asked to terminate its processes gracefully..."
+  /etc/init.d/mailman stop
+  /etc/init.d/exim4 stop
+  apachectl -k stop
+  echo "Apache2 server is now stopped."
+  echo "Asking for exit with code 143 (SIGTERM)..."
+  exit 143
+}
+
+# trapping SIGTERM and SIGINT termination signals and trigger actions
+trap 'graceful_stop' SIGTERM SIGINT
+
+echo '------------- CONTAINER UP AND RUNNING! -------------'
+# Starting apache2 in foreground & wait
+apachectl -DFOREGROUND -k start & wait ${!}
+

rootfs/root/docker/conf/update-exim4.conf.conf

@@ -0,0 +1,31 @@
+# /etc/exim4/update-exim4.conf.conf
+#
+# Edit this file and /etc/mailname by hand and execute update-exim4.conf
+# yourself or use 'dpkg-reconfigure exim4-config'
+#
+# Please note that this is _not_ a dpkg-conffile and that automatic changes
+# to this file might happen. The code handling this will honor your local
+# changes, so this is usually fine, but will break local schemes that mess
+# around with multiple versions of the file.
+#
+# update-exim4.conf uses this file to determine variable values to generate
+# exim configuration macros for the configuration file.
+#
+# Most settings found in here do have corresponding questions in the
+# Debconf configuration, but not all of them.
+#
+# This is a Debian specific file
+
+dc_eximconfig_configtype='internet'
+dc_other_hostnames='lists.example.com'
+dc_local_interfaces=''
+dc_readhost=''
+dc_relay_domains=''
+dc_minimaldns='false'
+dc_relay_nets=''
+dc_smarthost=''
+CFILEMODE='644'
+dc_use_split_config='true'
+dc_hide_mailname=''
+dc_mailname_in_oh='true'
+dc_localdelivery='mail_spool'

rootfs/root/docker/setup/packages

@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+
+apt-get update &&
+  apt-get -y upgrade &&
+  apt-get install -y mailman exim4 apache2 apache2-data apache2-utils curl &&
+  apt-get remove -y --purge --autoremove mariadb-common mysql-common bzip2 &&
+  apt-get clean &&
+  rm -rf /var/lib/apt/lists/* &&
+  echo "ServerName $URL_HOST" >>/etc/apache2/apache2.conf &&
+  echo "tls_require_ciphers = NORMAL:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1" >/etc/exim4/conf.d/main/00_exim4-config_tlsversions
+
+cp -Rf /root/docker/conf/00_local_macros /etc/exim4/conf.d/main/
+cp -Rf /root/docker/conf/04_mailman_options /etc/exim4/conf.d/main/
+cp -Rf /root/docker/conf/450_mailman_aliases /etc/exim4/conf.d/router/
+cp -Rf /root/docker/conf/40_mailman_pipe /etc/exim4/conf.d/transport/
+cp -Rf /root/docker/conf/update-exim4.conf.conf /etc/exim4/update-exim4.conf.conf
+cp -Rf /root/docker/conf/mm_cfg.py /etc/mailman/mm_cfg.py
+cp -Rf /root/docker/conf/mailman.conf /etc/apache2/sites-available/
+cp -Rf /root/docker/conf/aliases /etc/aliases

rootfs/usr/local/etc/docker/init.d/mailman.sh

@@ -0,0 +1,184 @@
+#!/bin/bash
+# By d3fk::Angatar
+
+URL_HOST="${URL_HOST:-lists.example.com}"
+EMAIL_HOST="${EMAIL_HOST:-lists.example.com}"
+MASTER_PASSWORD="${MASTER_PASSWORD:-example}"
+LIST_ADMIN="${LIST_ADMIN:-admin@lists.example.com}"
+LIST_LANGUAGE_CODE="${LIST_LANGUAGE_CODE:-en}"
+ENABLE_SPF_CHECK="${ENABLE_SPF_CHECK:-false}"
+URL_ROOT="${URL_ROOT:-/}"
+URL_PATTERN="${URL_PATTERN:-http}"
+SSL_FROM_CONTAINER="${SSL_FROM_CONTAINER:-false}"
+SSL_SELFSIGNED="${SSL_SELFSIGNED:-false}"
+
+if [ ! -f started ]; then
+
+  #set default email originator /  and root user aliase
+  echo "root: ${LIST_ADMIN}" >/etc/email-addresses
+  /bin/sed -i "s/admin@example\.com/${LIST_ADMIN}/" /etc/aliases
+
+  #declare Hostname in hostname and mailname files
+  echo "${EMAIL_HOST}" >/etc/hostname
+  echo ${EMAIL_HOST} >/etc/mailname
+
+  hostname -I | awk -v hostname=${EMAIL_HOST} '{disp=$1"    " hostname; print disp}' >>/etc/hosts
+
+  #Change owner:group of mailman directory
+  chown -R list:list /var/lib/mailman/
+
+  #Create docroot
+  mkdir /var/www/lists
+  echo "<html><h2>Welcome to ${URL_HOST}</h2></html>" >/var/www/lists/index.html
+
+  mailmancfg='/etc/mailman/mm_cfg.py'
+
+  # define the URL pattern for mailman
+  if [ $URL_PATTERN != "http" ]; then
+    echo "DEFAULT_URL_PATTERN = 'https://%s/${URL_ROOT}'" >>$mailmancfg
+  else
+    echo "DEFAULT_URL_PATTERN = 'http://%s/${URL_ROOT}'" >>$mailmancfg
+  fi
+
+  # enable spf check if requested
+  if [ $ENABLE_SPF_CHECK = "true" ]; then
+    echo "installing SPF tools before enabling..."
+    apt-get install -y spf-tools-perl
+
+    /bin/sed -i "s/#CHECK_RCPT_SPF/CHECK_RCPT_SPF/" /etc/exim4/conf.d/main/00_local_macros
+    echo "SPF CHECK is now enabled"
+  fi
+
+  # Replace default hostnames with runtime values:
+  /bin/sed -i "s/lists\.example\.com/${EMAIL_HOST}/" /etc/exim4/conf.d/main/00_local_macros
+  /bin/sed -i "s/lists\.example\.com/${EMAIL_HOST}/" /etc/exim4/conf.d/main/04_mailman_options
+  /bin/sed -i "s/lists\.example\.com/${EMAIL_HOST}/" /etc/exim4/update-exim4.conf.conf
+  /bin/sed -i "s/lists\.example\.com/${URL_HOST}/" /etc/apache2/apache2.conf
+  /bin/sed -i "s/lists\.example\.com/${URL_HOST}/" /etc/apache2/sites-available/mailman.conf
+  /bin/sed -i "s/URL_ROOT\//${URL_ROOT//\//\\/}/" /etc/apache2/sites-available/mailman.conf
+  /bin/sed -i "s/lists\.example\.com/${EMAIL_HOST}/" $mailmancfg
+  /bin/sed -i "s/DEFAULT_URL_HOST.*\=.*/DEFAULT_URL_HOST\ \=\ \'${URL_HOST}\'/" $mailmancfg
+  /bin/sed -i "s/DEFAULT_SERVER_LANGUAGE.*\=.*/DEFAULT_SERVER_LANGUAGE\ \=\ \'${LIST_LANGUAGE_CODE}\'/" $mailmancfg
+
+  echo -n "Setting up Mailman..."
+  {
+    dpkg-reconfigure mailman
+
+    #      especialy for debian:buster
+    mkdir /var/run/mailman
+    chown list:list /var/run/mailman/
+    ln -s /var/lib/mailman/bin/mailmanctl /etc/init.d/mailman
+  }
+
+  echo -n "Initializing mailing lists..."
+  {
+    /usr/sbin/mmsitepass ${MASTER_PASSWORD}
+    /usr/sbin/newlist -q -l ${LIST_LANGUAGE_CODE} mailman ${LIST_ADMIN} ${MASTER_PASSWORD}
+  }
+
+  #update aliases
+  /usr/bin/newaliases
+
+  echo -n "Setting up Apache web server..."
+  {
+    a2enmod -q cgi
+    if [ $SSL_FROM_CONTAINER = "true" ]; then
+      if [ $SSL_SELFSIGNED = "true" ]; then
+        make-ssl-cert generate-default-snakeoil --force-overwrite
+        echo -n "self signed SSL certificate freshly regenerated..."
+      fi
+      a2enmod ssl
+    fi
+    a2dissite -q 000-default
+    a2ensite mailman.conf
+    # edit apache default security.conf for production
+    /bin/sed -i "s/ServerSignature On/ServerSignature Off/" /etc/apache2/conf-available/security.conf
+    /bin/sed -i "s/ServerTokens OS/ServerTokens Prod/" /etc/apache2/conf-available/security.conf
+    echo "Apache2 new configuration is now activated"
+    echo "The service apache2 will be started at the end of this container deployment"
+  }
+
+  echo "Setting up RSA keys for DKIM..."
+  {
+    if [ ! -f /etc/exim4/tls.d/private.pem ]; then
+      mkdir -p /etc/exim4/tls.d
+      openssl genrsa -out /etc/exim4/tls.d/private.pem 2048
+      openssl rsa -in /etc/exim4/tls.d/private.pem -out /etc/exim4/tls.d/public.pem -pubout
+    fi
+  }
+
+  key=$(sed -e '/^-/d' /etc/exim4/tls.d/public.pem | paste -sd '' -)
+
+  echo "setting up cert for TLS..."
+  {
+    if [ ! -f /etc/exim4/exim.key ]; then
+      openssl req -x509 -sha256 -days 9000 -nodes -newkey rsa:4096 -keyout /etc/exim4/exim.key -out /etc/exim4/exim.crt -subj "/O=${EMAIL_HOST}/OU=IT Department/CN=${EMAIL_HOST}"
+      echo "Cert for TLS now generated..."
+    fi
+  }
+
+  echo "Fixing exim4 permissions..."
+  {
+    chown -R Debian-exim:Debian-exim /etc/exim4
+    chown -R Debian-exim /var/log/exim4
+  }
+
+  #build updated exim config file
+  echo "Setting up Exim4..."
+  {
+    update-exim4.conf
+  }
+
+  echo "Fixing mailman permissons..."
+  {
+    /usr/lib/mailman/bin/check_perms -f >/dev/null
+  }
+
+  touch started
+  echo "///////////This d3fk/mailman2 container is now configured !///////////"
+
+fi
+
+echo "Starting up services..."
+{
+  /etc/init.d/exim4 start
+  /etc/init.d/mailman start
+  echo " exim4 OK ... mailman OK ..."
+}
+
+echo '------------- Apache2 service is starting -------------'
+echo
+echo
+cat <<EOB
+
+    ***********************************************
+    *                                             *
+    *   TO COMPLETE DKIM SETUP, COPY THE          *
+    *   FOLLOWING CODE INTO A NEW TXT RECORD      *
+    *   IN YOUR DNS SERVER:                       *
+    *                                             *
+    ***********************************************
+
+EOB
+echo "listsdkim._domainkey.${EMAIL_HOST} IN TXT \"v=DKIM1; k=rsa; p=$key\""
+echo
+echo
+
+# defining stop actions in case of SIGTERM or SIGINT
+graceful_stop() {
+  echo "The container was asked to terminate its processes gracefully..."
+  /etc/init.d/mailman stop
+  /etc/init.d/exim4 stop
+  apachectl -k stop
+  echo "Apache2 server is now stopped."
+  echo "Asking for exit with code 143 (SIGTERM)..."
+  exit 143
+}
+
+# trapping SIGTERM and SIGINT termination signals and trigger actions
+trap 'graceful_stop' SIGTERM SIGINT
+
+echo '------------- CONTAINER UP AND RUNNING! -------------'
+# Starting apache2 in foreground & wait
+apachectl -DFOREGROUND -k start &
+wait ${!}