| #!/bin/sh |
| |
| set -e |
| |
| secret() { |
| seed=$(cat /run/secrets/seed) |
| printf "%s:%40s" "${seed}" "$*" | sha256sum | sed 's/[[:space:]].*//' |
| } |
| |
| # Add local containers as trusted for postfix relaying. |
| add_mynetworks_hosts() { |
| myhosts= |
| for host in mailserver "$@"; do |
| IP=$(host ${host} | sed -n 's/.*has address //p') |
| myhosts="${myhosts} ${IP}/32" |
| done |
| postconf "mynetworks =${myhosts}" |
| } |
| |
| # Create given users, requires a seed file for secret() |
| add_users_with_passwd() { |
| for user in "$@"; do |
| if [ ! -d /var/mail/${HOSTNAME#mail.}/${user} ]; then |
| setup email add ${user}@${HOSTNAME#mail.} $(secret mail:${user}) |
| else |
| setup email update ${user}@${HOSTNAME#mail.} $(secret mail:${user}) |
| fi |
| done |
| } |
| |
| { |
| add_users_with_passwd gerrit keycloak |
| |
| # Restrict gerrit@ sending to local IP: |
| if ! grep -q gerrit /tmp/docker-mailserver/user.access 2>/dev/null; then |
| echo "gerrit@${HOSTNAME#mail.} gerrit_sender_check" >>/tmp/docker-mailserver/user.access |
| postmap /tmp/docker-mailserver/user.access |
| fi |
| IP=$(host gerrit | sed -n 's/.*has address //p') |
| echo "${IP} permit_sasl_authenticated" >/tmp/docker-mailserver/gerrit-client.access |
| postmap /tmp/docker-mailserver/gerrit-client.access |
| } |