Feature/dockerize mta (#24)

* MTA: use dockerize for configuration

* MTA: move entrypoint script

* Added some environment variables

* MTA: Add mem_limit

* MTA: add healthcheck

* Web: wait for external hosts

* Web: Update roundcube to 1.2.4

* Web: Move support url

* Test: use dockerize to wait for other containers

Author: jeboehm

Makefile

@@ -20,7 +20,6 @@ up: build
 run-test: env clean build
 	$(compose-test) build
 	$(compose-production) up -d
-	sleep 60
 	$(compose-test) run --rm test /opt/tests/run-tests.sh
 
 .PHONY: clean
@@ -34,4 +33,7 @@ env:
 
 .PHONY: logs
 logs:
-	$(compose-production) logs
+	$(compose-production) logs mta
+	$(compose-production) logs mda
+	$(compose-production) logs web
+	$(compose-production) logs db

docker-compose.yml

@@ -6,9 +6,6 @@ services:
     build: ./db
     restart: on-failure:5
     env_file: .env
-    read_only: true
-    tmpfs:
-      - /tmp
     volumes:
       - data-db:/var/lib/mysql
 
@@ -17,14 +14,9 @@ services:
     build: ./mta
     restart: on-failure:5
     env_file: .env
-    tmpfs:
-      - /tmp
-    links:
-      - db
-      - mda
-      - spamassassin
     volumes:
       - data-tls:/media/tls:ro
+    mem_limit: 128M
 
   mda:
     image: jeboehm/mailserver-mda:latest
@@ -41,22 +33,11 @@ services:
     build: ./web
     restart: on-failure:5
     env_file: .env
-    read_only: true
-    tmpfs:
-      - /tmp
-    links:
-      - db
-      - mda
-      - mta
 
   spamassassin:
     image: jeboehm/mailserver-spamassassin:latest
     build: ./spamassassin
     restart: on-failure:5
-    read_only: true
-    tmpfs:
-      - /run
-      - /tmp
 
 volumes:
   data-db:

mda/Dockerfile

@@ -10,7 +10,9 @@ ENV MYSQL_HOST=db \
     DOCKERIZE_VERSION=v0.5.0 \
     SUBMISSION_HOST=mta \
     ENABLE_POP3=true \
-    ENABLE_IMAP=true
+    ENABLE_IMAP=true \
+    SSL_CERT=/media/tls/mailserver.crt \
+    SSL_KEY=/media/tls/mailserver.key
 
 RUN apk --no-cache add \
          dovecot \

mda/rootfs/usr/local/bin/entrypoint.sh

@@ -1,5 +1,5 @@
 #!/bin/sh
-if ! [ -r /media/tls/mailserver.crt ]
+if ! [ -r ${SSL_CERT} ]
 then
     /usr/local/bin/create_tls.sh
 fi

mta/Dockerfile

@@ -9,9 +9,16 @@ ENV MAILNAME=mail.example.com \
     MYSQL_DATABASE=mailserver \
     GREYLISTING_ENABLED=true \
     GREYLISTING_DELAY=50 \
-    FILTER_MIME=false
+    FILTER_MIME=false \
+    DOCKERIZE_VERSION=v0.5.0 \
+    SPAMASSASSIN_HOST=spamassassin \
+    MDA_HOST=mda \
+    MTA_HOST=mta \
+    SSL_CERT=/media/tls/mailserver.crt \
+    SSL_KEY=/media/tls/mailserver.key
 
 RUN apk --no-cache add \
+      openssl \
       postfix-mysql \
       postfix \
       postgrey \
@@ -21,29 +28,31 @@ RUN apk --no-cache add \
     postconf virtual_mailbox_maps=mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf && \
     postconf virtual_alias_maps=mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/postfix/mysql-email2email.cf && \
     postconf smtputf8_enable=no && \
-    postconf smtpd_milters=inet:spamassassin:9999 && \
+    postconf smtpd_milters=inet:${SPAMASSASSIN_HOST}:9999 && \
     postconf milter_protocol=6 && \
     postconf milter_connect_macros="i j {daemon_name} v {if_name} _" && \
-    postconf virtual_transport=lmtp:mda:2003 && \
-    postconf smtpd_sasl_path=inet:mda:9000 && \
+    postconf virtual_transport=lmtp:${MDA_HOST}:2003 && \
+    postconf smtpd_sasl_path=inet:${MDA_HOST}:9000 && \
     postconf smtpd_sasl_type=dovecot && \
     postconf smtpd_sasl_auth_enable=yes && \
     postconf smtpd_tls_security_level=may && \
     postconf smtpd_tls_auth_only=yes && \
-    postconf smtpd_tls_cert_file=/media/tls/mailserver.crt && \
-    postconf smtpd_tls_key_file=/media/tls/mailserver.key && \
+    postconf smtpd_tls_cert_file=${SSL_CERT} && \
+    postconf smtpd_tls_key_file=${SSL_KEY} && \
     postconf soft_bounce=no && \
     postconf message_size_limit=50000000 && \
     postconf mailbox_size_limit=0 && \
     postconf recipient_delimiter=- && \
     postconf mynetworks="$MYNETWORKS" && \
     newaliases && \
-    rm -rf /var/run && \
-    ln -sf /tmp /var/run
+    wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-alpine-linux-amd64-$DOCKERIZE_VERSION.tar.gz && \
+    tar -C /usr/local/bin -xzvf dockerize-alpine-linux-amd64-$DOCKERIZE_VERSION.tar.gz && \
+    rm dockerize-alpine-linux-amd64-$DOCKERIZE_VERSION.tar.gz
 
 COPY rootfs/ /
 
 EXPOSE 25
 VOLUME ["/var/spool/postfix"]
 
-CMD ["/entrypoint.sh"]
+HEALTHCHECK CMD postfix status || exit 1
+CMD ["/usr/local/bin/entrypoint.sh"]

mta/rootfs/entrypoint.sh

@@ -0,0 +1,5 @@
+user = {{ .Env.MYSQL_USER }}
+password = {{ .Env.MYSQL_PASSWORD }}
+hosts = {{ .Env.MYSQL_HOST }}
+dbname = {{ .Env.MYSQL_DATABASE }}
+query = SELECT email FROM virtual_users WHERE email='%s'

mta/rootfs/etc/postfix/mysql-email2email.cf

@@ -0,0 +1,5 @@
+user = {{ .Env.MYSQL_USER }}
+password = {{ .Env.MYSQL_PASSWORD }}
+hosts = {{ .Env.MYSQL_HOST }}
+dbname = {{ .Env.MYSQL_DATABASE }}
+query = SELECT destination FROM virtual_aliases WHERE source='%s'