mirror of
https://github.com/deuill/coreos-home-server.git
synced 2024-09-21 05:30:45 +00:00
dovecot: Activate FTS, ManagedSieve plugins
This commit enables FTS via Xapian, and exposes the port required for ManagedSieve integration with Dovecot; additionally, bugs in the integration of LMTP with RSpamd have been fixed. In support of these changes, configuration files that were previously split into container-based and service-based are now consolidated, and we now ensure that only our own container-based configuration is used when running Dovecot.
This commit is contained in:
parent
d2b2476cf6
commit
5367d2650e
@ -3,14 +3,15 @@ ARG VERSION=2.3.13
|
||||
|
||||
RUN apt-get update -y && apt-get install -y --no-install-recommends \
|
||||
dovecot-imapd=1:${VERSION}* dovecot-lmtpd=1:${VERSION}* dovecot-mysql=1:${VERSION}* \
|
||||
dovecot-sieve=1:${VERSION}* dovecot-managesieved=1:${VERSION}* \
|
||||
dovecot-sieve=1:${VERSION}* dovecot-managesieved=1:${VERSION}* dovecot-fts-xapian \
|
||||
gettext ca-certificates curl
|
||||
|
||||
RUN rm -Rf /etc/dovecot
|
||||
COPY container/config /etc/dovecot
|
||||
COPY container/run-dovecot /run-dovecot
|
||||
|
||||
RUN addgroup --system --gid 5000 virtual
|
||||
RUN adduser --system --uid 5000 --ingroup virtual --home /var/mail/virtual virtual
|
||||
|
||||
EXPOSE 24 143 993 3659
|
||||
EXPOSE 24 143 993 3659 4190
|
||||
ENTRYPOINT ["/run-dovecot"]
|
||||
|
@ -0,0 +1,9 @@
|
||||
# Use Xapian as the default full-text-search backend.
|
||||
mail_plugins = $mail_plugins fts fts_xapian
|
||||
|
||||
plugin {
|
||||
fts = xapian
|
||||
fts_xapian = partial=3 full=20 verbose=0
|
||||
fts_autoindex = yes
|
||||
fts_enforced = yes
|
||||
}
|
10
config/service/dovecot/container/config/conf.d/85-lmtp.conf
Normal file
10
config/service/dovecot/container/config/conf.d/85-lmtp.conf
Normal file
@ -0,0 +1,10 @@
|
||||
protocols = $protocols lmtp
|
||||
|
||||
service lmtp {
|
||||
user = virtual
|
||||
group = virtual
|
||||
|
||||
inet_listener lmtp {
|
||||
port = 24
|
||||
}
|
||||
}
|
31
config/service/dovecot/container/config/conf.d/90-sieve.conf
Normal file
31
config/service/dovecot/container/config/conf.d/90-sieve.conf
Normal file
@ -0,0 +1,31 @@
|
||||
protocols = $protocols sieve
|
||||
|
||||
protocol imap {
|
||||
mail_plugins = $mail_plugins imap_sieve
|
||||
}
|
||||
|
||||
protocol lmtp {
|
||||
mail_plugins = $mail_plugins sieve
|
||||
}
|
||||
|
||||
plugin {
|
||||
# Setup default plugins and extensions.
|
||||
sieve_plugins = sieve_imapsieve sieve_extprograms
|
||||
sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment
|
||||
sieve_pipe_bin_dir = /etc/dovecot/scripts
|
||||
|
||||
# Read Sieve scripts from pre-defined directories.
|
||||
sieve_before = /etc/dovecot/sieve.before.d
|
||||
sieve_after = /etc/dovecot/sieve.after.d
|
||||
|
||||
# From elsewhere to Junk folder.
|
||||
imapsieve_mailbox1_name = INBOX.Junk
|
||||
imapsieve_mailbox1_causes = COPY
|
||||
imapsieve_mailbox1_before = file:/etc/dovecot/sieve/learn-spam.sieve
|
||||
|
||||
# From Junk folder to elsewhere.
|
||||
imapsieve_mailbox2_name = *
|
||||
imapsieve_mailbox2_from = INBOX.Junk
|
||||
imapsieve_mailbox2_causes = COPY
|
||||
imapsieve_mailbox2_before = file:/etc/dovecot/sieve/learn-ham.sieve
|
||||
}
|
@ -3,5 +3,6 @@ driver = mysql
|
||||
connect = "host=${DOVECOT_DATABASE_HOST} dbname=${DOVECOT_DATABASE_NAME} user=${DOVECOT_DATABASE_USERNAME} password=${DOVECOT_DATABASE_PASSWORD}"
|
||||
|
||||
default_pass_scheme = SHA512-CRYPT
|
||||
password_query = SELECT username AS user, password, CONCAT(home, '/', maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid FROM users WHERE username = '%u'
|
||||
iterate_query = SELECT username FROM users
|
||||
user_query = SELECT CONCAT(home, '/', maildir) AS home, uid, gid, CONCAT('maildir:', home, '/', maildir) AS mail FROM users WHERE username = '%u'
|
||||
password_query = SELECT username AS user, password, CONCAT(home, '/', maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid FROM users WHERE username = '%u'
|
||||
|
@ -8,6 +8,11 @@
|
||||
log_path = /dev/stderr
|
||||
auth_verbose = yes
|
||||
|
||||
plugin {
|
||||
mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
|
||||
mail_log_fields = uid box msgid size
|
||||
}
|
||||
|
||||
# Mail directory.
|
||||
mail_location = maildir:/var/mail/virtual/%u
|
||||
mail_privileged_group = virtual
|
||||
@ -58,26 +63,17 @@ namespace inbox {
|
||||
# ----------------------
|
||||
|
||||
# Enabled protocols.
|
||||
protocols = imap lmtp sieve
|
||||
protocols = imap
|
||||
|
||||
# Enable SSL and STARTTLS.
|
||||
ssl = yes
|
||||
ssl_min_protocol = TLSv1.2
|
||||
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
|
||||
ssl_prefer_server_ciphers = no
|
||||
|
||||
ssl_cert = </etc/ssl/private/certificates/${DOVECOT_HOST}.crt
|
||||
ssl_key = </etc/ssl/private/certificates/${DOVECOT_HOST}.key
|
||||
|
||||
protocol lmtp {
|
||||
mail_plugins = $mail_plugins sieve
|
||||
}
|
||||
|
||||
service lmtp {
|
||||
user = virtual
|
||||
group = virtual
|
||||
|
||||
inet_listener lmtp {
|
||||
port = 24
|
||||
}
|
||||
}
|
||||
|
||||
protocol imap {
|
||||
mail_max_userip_connections = 25
|
||||
}
|
||||
|
@ -5,5 +5,5 @@ if test "${1}" != "ham" -a "${1}" != "spam"; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
source /etc/dovecot/rspamd/rspamd.env
|
||||
source /etc/dovecot/rspamd.env
|
||||
curl --silent -H "Deliver-To: ${USER}" -H "password: ${RSPAMD_CONTROLLER_PASSWORD}" --data-binary @- "${RSPAMD_CONTROLLER_HOST}:${RSPAMD_CONTROLLER_PORT}/learn${1}"
|
@ -1,23 +1,16 @@
|
||||
#!/bin/sh
|
||||
|
||||
# Prepare configuration files for environment variable substitution.
|
||||
ENV_NAMES="`env | awk -F '=' '{printf "$%s ", $1}'`"
|
||||
ENV_NAMES="$(env | awk -F= '{printf "$%s ", $1}')"
|
||||
for file in /etc/dovecot/*.template; do
|
||||
envsubst "$ENV_NAMES" < "$file" > "`echo $file | awk -F '.template$' '{print $1}'`"
|
||||
envsubst "$ENV_NAMES" < "$file" > "$(echo "$file" | awk -F '.template$' '{print $1}')"
|
||||
done
|
||||
|
||||
# Prepare other configuration.
|
||||
mkdir -p /var/lib/dovecot/script /var/lib/dovecot/sieve
|
||||
install -m 0755 /etc/dovecot/conf.d/*.script /var/lib/dovecot/script
|
||||
install -m 0644 /etc/dovecot/conf.d/*.sieve /var/lib/dovecot/sieve
|
||||
|
||||
# Compile Sieve scripts.
|
||||
find /etc/dovecot/sieve.* -name '*.sieve' | xargs -I@ sievec @
|
||||
find /var/lib/dovecot/sieve -name '*.sieve' | xargs -I@ sievec @
|
||||
find /etc/dovecot -name '*.sieve' -execdir sievec {} \;
|
||||
|
||||
# Set up environment variables for Rspamd.
|
||||
mkdir -p /etc/dovecot/rspamd
|
||||
env | awk -F '_' '$1 == "RSPAMD" {print $0}' > /etc/dovecot/rspamd/rspamd.env
|
||||
# Set up environment variables for Rspamd integration.
|
||||
env | awk -F_ '$1 == "RSPAMD" {print $0}' > /etc/dovecot/rspamd.env
|
||||
|
||||
# Run Dovecot daemon.
|
||||
/usr/sbin/dovecot -F
|
||||
|
@ -1,25 +0,0 @@
|
||||
protocol imap {
|
||||
mail_plugins = $mail_plugins imap_sieve
|
||||
}
|
||||
|
||||
plugin {
|
||||
# Setup default plugins and extensions.
|
||||
sieve_plugins = sieve_imapsieve sieve_extprograms
|
||||
sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment
|
||||
sieve_pipe_bin_dir = /var/lib/dovecot/script
|
||||
|
||||
# Read Sieve scripts from pre-defined directories.
|
||||
sieve_before = /etc/dovecot/sieve.before.d
|
||||
sieve_after = /etc/dovecot/sieve.after.d
|
||||
|
||||
# From elsewhere to Junk folder.
|
||||
imapsieve_mailbox1_name = INBOX.Junk
|
||||
imapsieve_mailbox1_causes = COPY
|
||||
imapsieve_mailbox1_before = file:/var/lib/dovecot/sieve/learn-spam.sieve
|
||||
|
||||
# From Junk folder to elsewhere.
|
||||
imapsieve_mailbox2_name = *
|
||||
imapsieve_mailbox2_from = INBOX.Junk
|
||||
imapsieve_mailbox2_causes = COPY
|
||||
imapsieve_mailbox2_before = file:/var/lib/dovecot/sieve/learn-ham.sieve
|
||||
}
|
@ -8,5 +8,7 @@ systemd:
|
||||
units:
|
||||
- name: dovecot-firstboot.target
|
||||
enabled: true
|
||||
- name: dovecot-fts-optimize.timer
|
||||
enabled: true
|
||||
- name: dovecot.service
|
||||
enabled: true
|
||||
|
12
config/service/dovecot/systemd/dovecot-fts-optimize.service
Normal file
12
config/service/dovecot/systemd/dovecot-fts-optimize.service
Normal file
@ -0,0 +1,12 @@
|
||||
[Unit]
|
||||
Description=Optimize Dovecot FTS Index
|
||||
Wants=dovecot.service
|
||||
After=dovecot.service
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
SyslogIdentifier=%N
|
||||
ExecStart=/bin/podman exec dovecot doveadm fts optimize -A
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -0,0 +1,9 @@
|
||||
[Unit]
|
||||
Description=Optimize Dovecot FTS Index
|
||||
|
||||
[Timer]
|
||||
OnCalendar=daily
|
||||
Persistent=true
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
@ -12,10 +12,9 @@ Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
ExecStart=/bin/podman run --replace --name %N --net internal --sdnotify=conmon \
|
||||
--env-file %E/coreos-home-server/%N/%N.env \
|
||||
--env-file %E/coreos-home-server/rspamd/rspamd.env \
|
||||
--publish 143:143 --publish 993:993 \
|
||||
--publish 143:143 --publish 993:993 --publish 4190:4190 \
|
||||
--volume %N:/var/mail:z \
|
||||
--volume letsencrypt:/etc/ssl/private:z \
|
||||
--volume %E/coreos-home-server/%N/service/config:/etc/%N/conf.d:z,ro \
|
||||
--volume letsencrypt:/etc/ssl/private:z,ro \
|
||||
localhost/%N:latest
|
||||
ExecStop=/bin/podman stop --ignore --time 10 %N
|
||||
ExecStopPost=/bin/podman rm --ignore --force %N
|
||||
|
Loading…
Reference in New Issue
Block a user