#!/bin/bash
# By d3fk::Angatar
if [ ! -f started ]; then
#set default email originator / and root user aliase
echo "root: ${LIST_ADMIN}" > /etc/email-addresses
/bin/sed -i "s/admin@example\.com/${LIST_ADMIN}/" /etc/aliases
#declare Hostname in hostname and mailname files
echo "${EMAIL_HOST}" > /etc/hostname
echo ${EMAIL_HOST} > /etc/mailname
hostname -I | awk -v hostname=${EMAIL_HOST} '{disp=$1" " hostname; print disp}' >> /etc/hosts
#Change owner:group of mailman directory
chown -R list:list /var/lib/mailman/
#Create docroot
mkdir /var/www/lists
echo "
Welcome to ${URL_HOST}
" > /var/www/lists/index.html
mailmancfg='/etc/mailman/mm_cfg.py'
# define the URL pattern for mailman
if [ $URL_PATTERN != "http" ]; then
echo "DEFAULT_URL_PATTERN = 'https://%s/${URL_ROOT}'" >> $mailmancfg
else
echo "DEFAULT_URL_PATTERN = 'http://%s/${URL_ROOT}'" >> $mailmancfg
fi
# enable spf check if requested
if [ $ENABLE_SPF_CHECK = "true" ]; then
echo "installing SPF tools before enabling..."
apt-get install -y spf-tools-perl
/bin/sed -i "s/#CHECK_RCPT_SPF/CHECK_RCPT_SPF/" /etc/exim4/conf.d/main/00_local_macros
echo "SPF CHECK is now enabled"
fi
# Replace default hostnames with runtime values:
/bin/sed -i "s/lists\.example\.com/${EMAIL_HOST}/" /etc/exim4/conf.d/main/00_local_macros
/bin/sed -i "s/lists\.example\.com/${EMAIL_HOST}/" /etc/exim4/conf.d/main/04_mailman_options
/bin/sed -i "s/lists\.example\.com/${EMAIL_HOST}/" /etc/exim4/update-exim4.conf.conf
/bin/sed -i "s/lists\.example\.com/${URL_HOST}/" /etc/apache2/apache2.conf
/bin/sed -i "s/lists\.example\.com/${URL_HOST}/" /etc/apache2/sites-available/mailman.conf
/bin/sed -i "s/URL_ROOT\//${URL_ROOT//\//\\/}/" /etc/apache2/sites-available/mailman.conf
/bin/sed -i "s/lists\.example\.com/${EMAIL_HOST}/" $mailmancfg
/bin/sed -i "s/DEFAULT_URL_HOST.*\=.*/DEFAULT_URL_HOST\ \=\ \'${URL_HOST}\'/" $mailmancfg
/bin/sed -i "s/DEFAULT_SERVER_LANGUAGE.*\=.*/DEFAULT_SERVER_LANGUAGE\ \=\ \'${LIST_LANGUAGE_CODE}\'/" $mailmancfg
echo -n "Setting up Mailman..."
{
dpkg-reconfigure mailman
# especialy for debian:buster
mkdir /var/run/mailman
chown list:list /var/run/mailman/
ln -s /var/lib/mailman/bin/mailmanctl /etc/init.d/mailman
}
echo -n "Initializing mailing lists..."
{
/usr/sbin/mmsitepass ${MASTER_PASSWORD}
/usr/sbin/newlist -q -l ${LIST_LANGUAGE_CODE} mailman ${LIST_ADMIN} ${MASTER_PASSWORD}
}
#update aliases
/usr/bin/newaliases
echo -n "Setting up Apache web server..."
{
a2enmod -q cgi
if [ $SSL_FROM_CONTAINER = "true" ]; then
if [ $SSL_SELFSIGNED = "true" ]; then
make-ssl-cert generate-default-snakeoil --force-overwrite
echo -n "self signed SSL certificate freshly regenerated..."
fi
a2enmod ssl
fi
a2dissite -q 000-default
a2ensite mailman.conf
# edit apache default security.conf for production
/bin/sed -i "s/ServerSignature On/ServerSignature Off/" /etc/apache2/conf-available/security.conf
/bin/sed -i "s/ServerTokens OS/ServerTokens Prod/" /etc/apache2/conf-available/security.conf
echo "Apache2 new configuration is now activated"
echo "The service apache2 will be started at the end of this container deployment"
}
echo "Setting up RSA keys for DKIM..."
{
if [ ! -f /etc/exim4/tls.d/private.pem ]; then
mkdir -p /etc/exim4/tls.d
openssl genrsa -out /etc/exim4/tls.d/private.pem 2048
openssl rsa -in /etc/exim4/tls.d/private.pem -out /etc/exim4/tls.d/public.pem -pubout
fi
}
key=$(sed -e '/^-/d' /etc/exim4/tls.d/public.pem|paste -sd '' -)
echo "setting up cert for TLS..."
{
if [ ! -f /etc/exim4/exim.key ]; then
openssl req -x509 -sha256 -days 9000 -nodes -newkey rsa:4096 -keyout /etc/exim4/exim.key -out /etc/exim4/exim.crt -subj "/O=${EMAIL_HOST}/OU=IT Department/CN=${EMAIL_HOST}"
echo "Cert for TLS now generated..."
fi
}
echo "Fixing exim4 permissions..."
{
chown -R Debian-exim:Debian-exim /etc/exim4
chown -R Debian-exim /var/log/exim4
}
#build updated exim config file
echo "Setting up Exim4..."
{
update-exim4.conf
}
echo "Fixing mailman permissons..."
{
/usr/lib/mailman/bin/check_perms -f > /dev/null
}
touch started
echo "///////////This d3fk/mailman2 container is now configured !///////////"
fi
echo "Starting up services..."
{
/etc/init.d/exim4 start
/etc/init.d/mailman start
echo " exim4 OK ... mailman OK ..."
}
echo '------------- Apache2 service is starting -------------'
echo
echo
cat << EOB
***********************************************
* *
* TO COMPLETE DKIM SETUP, COPY THE *
* FOLLOWING CODE INTO A NEW TXT RECORD *
* IN YOUR DNS SERVER: *
* *
***********************************************
EOB
echo "listsdkim._domainkey.${EMAIL_HOST} IN TXT \"v=DKIM1; k=rsa; p=$key\""
echo
echo
# defining stop actions in case of SIGTERM or SIGINT
graceful_stop() {
echo "The container was asked to terminate its processes gracefully..."
/etc/init.d/mailman stop
/etc/init.d/exim4 stop
apachectl -k stop
echo "Apache2 server is now stopped."
echo "Asking for exit with code 143 (SIGTERM)..."
exit 143
}
# trapping SIGTERM and SIGINT termination signals and trigger actions
trap 'graceful_stop' SIGTERM SIGINT
echo '------------- CONTAINER UP AND RUNNING! -------------'
# Starting apache2 in foreground & wait
apachectl -DFOREGROUND -k start & wait ${!}