summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichał 'rysiek' Woźniak <rysiek@hackerspace.pl>2017-02-23 16:36:15 +0100
committerMichał 'rysiek' Woźniak <rysiek@hackerspace.pl>2017-02-23 16:36:15 +0100
commitd6cf29c9ec1f1709b321367f9fae5a7ec24bc28b (patch)
tree0cd5a232454732dc63af45e62f55621ef5701fee
parentb094e01261a27c53acbabc7994684df5fd7fb2ed (diff)
downloadkuvert-d6cf29c9ec1f1709b321367f9fae5a7ec24bc28b.tar.gz
kuvert-d6cf29c9ec1f1709b321367f9fae5a7ec24bc28b.tar.bz2
kuvert-d6cf29c9ec1f1709b321367f9fae5a7ec24bc28b.zip
handling queue, logs, config dirs
-rw-r--r--Dockerfile3
-rw-r--r--dot-kuvert.docker77
-rw-r--r--run.sh40
3 files changed, 114 insertions, 6 deletions
diff --git a/Dockerfile b/Dockerfile
index 1df7476..48053c6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -28,7 +28,8 @@ COPY ./ /usr/local/src/kuvert/
RUN cd /usr/local/src/kuvert/ && \
make && \
make install
-
+
+# make sure entrypoint script is runnable
RUN chmod a+x /usr/local/src/kuvert/run.sh
ENTRYPOINT ["/usr/local/src/kuvert/run.sh"]
diff --git a/dot-kuvert.docker b/dot-kuvert.docker
new file mode 100644
index 0000000..eb183d2
--- /dev/null
+++ b/dot-kuvert.docker
@@ -0,0 +1,77 @@
+# ~/.kuvert: example configuration file for kuvert v2
+
+# options are given without leading whitespace
+
+# which key to sign with by default
+defaultkey 0x1234abcd
+
+# logging to syslog, which facility? defaults to no syslog
+syslog mail
+
+# no separate logfile
+logfile /home/kuvert/logs/kuvert.log
+
+# who gets error reports
+mail-on-error you@example.com
+
+# where to spool mails and temporary files
+queuedir /home/kuvert/queue/
+tempdir /tmp/kuvert_temp
+
+# how often to check the queue, in seconds
+interval 60
+
+# add an x-mailer header?
+identify f
+
+# add the explanatory mime preamble?
+preamble f
+
+# how to submit outbound mail:
+#
+# 1. via smtp
+# settings: msserver, msport, ssl,
+# ssl-cert, ssl-key, ssl-ca;
+# authenticating as msuser, mspass
+#
+# msserver smtp.example.com
+# msport 587
+# ssl starttls
+# ssl-key mycerts/my.key.pem
+# ssl-cert mycerts/my.cert.pem
+# msuser smtp-username
+# mspass smtp-password
+# mspass-from-query-secret f
+#
+# 2. by using the msp program
+#
+msp /usr/sbin/sendmail -om -oi -oem
+
+can-detach f
+# maport 2587
+# ma-user yourname
+# ma-pass somethingSECRET
+
+defaultaction fallback-all
+
+alwaystrust t
+
+use-agent t
+query-secret /usr/bin/q-agent get %s
+flush-secret /usr/bin/q-agent delete %s
+
+# action specifications for recipients
+# are given with some leading whitespace
+
+# multiple keys for somebody and you want a specific one?
+ somebody@with.many.keys fallback,0x1234abcd
+
+# those don't want gpg-signed stuff
+ @somewhere.com none
+
+# signed but not encrypted
+ (he|they|others)@there.com signonly
+
+# majordomo and similar mailinglist systems get plain mail
+ (majordomo|-request)@ none
+
diff --git a/run.sh b/run.sh
index d7075fb..60f73e5 100644
--- a/run.sh
+++ b/run.sh
@@ -3,23 +3,33 @@
# exit when any of the commands fails
set -e
-# users' home directory
-# TODO feature/future proof it
-HOMEDIR="/home/${KUVERT_USER}"
-
# we need the KUVERT_USER envvar
[ -z ${KUVERT_USER+x} ] && KUVERT_USER="user"
# we need the KUVERT_GROUP envvar, but we can get it from the username, right?
[ -z ${KUVERT_GROUP+x} ] && KUVERT_GROUP="$KUVERT_USER"
-
echo "+-- settings:"
echo " +-- KUVERT_USER : $KUVERT_USER"
echo " +-- KUVERT_GROUP : $KUVERT_GROUP"
echo " +-- KUVERT_UID : ${KUVERT_UID-<not set>}"
echo " +-- KUVERT_GID : ${KUVERT_GID-<not set>}"
+# users' home directory
+# TODO feature/future proof it
+HOMEDIR="/home/${KUVERT_USER}"
+
+# important directories
+[ -z ${KUVERT_LOGS_DIR+x} ] && KUVERT_LOGS_DIR="$HOMEDIR/logs"
+[ -z ${KUVERT_QUEUE_DIR+x} ] && KUVERT_QUEUE_DIR="$HOMEDIR/queue"
+[ -z ${KUVERT_CONFIG_DIR+x} ] && KUVERT_CONFIG_DIR="$HOMEDIR/config"
+
+echo "+-- directories:"
+echo " +-- HOMEDIR : ${HOMEDIR}"
+echo " +-- KUVERT_LOGS_DIR : ${KUVERT_LOGS_DIR}"
+echo " +-- KUVERT_QUEUE_DIR : ${KUVERT_QUEUE_DIR}"
+echo " +-- KUVERT_CONFIG_DIR : ${KUVERT_CONFIG_DIR}"
+
# get group data, if any, and check if the group exists
echo "+-- setting up the group..."
@@ -106,6 +116,26 @@ else
chmod -R ug+rwX "/home/$KUVERT_USER" || echo "WARNING: changing permissions on /home/$KUVERT_USER failed!"
fi
+# the directories
+echo "+-- handling directories..."
+echo " +-- creating..."
+mkdir -p "$KUVERT_LOGS_DIR"
+mkdir -p "$KUVERT_QUEUE_DIR"
+mkdir -p "$KUVERT_CONFIG_DIR"
+echo " +-- changing ownership..."
+chown -R "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_LOGS_DIR"
+chown -R "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_QUEUE_DIR"
+chown -R "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_CONFIG_DIR"
+echo " +-- changing permissions..."
+chmod -R u=rwX,g=rX,o= "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_LOGS_DIR"
+chmod -R u=rwX,g=rX,o= "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_QUEUE_DIR"
+chmod -R u=rwX,g=rX,o= "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_CONFIG_DIR"
+
+#
+# kuvert explicitly expects the config file to be ~/.kuvert, so we need to link it to the actual config file,
+# wherever we expect it to be
+ln -s "$HOMEDIR/.kuvert" "$KUVERT_CONFIG_DIR/kuvert.conf"
+
# inform
echo "========================================================================"
echo "== Starting kuvert =="