handling queue, logs, config dirs
parent
b094e01261
commit
d6cf29c9ec
|
@ -28,7 +28,8 @@ COPY ./ /usr/local/src/kuvert/
|
|||
RUN cd /usr/local/src/kuvert/ && \
|
||||
make && \
|
||||
make install
|
||||
|
||||
|
||||
# make sure entrypoint script is runnable
|
||||
RUN chmod a+x /usr/local/src/kuvert/run.sh
|
||||
|
||||
ENTRYPOINT ["/usr/local/src/kuvert/run.sh"]
|
||||
|
|
|
@ -0,0 +1,77 @@
|
|||
# ~/.kuvert: example configuration file for kuvert v2
|
||||
|
||||
# options are given without leading whitespace
|
||||
|
||||
# which key to sign with by default
|
||||
defaultkey 0x1234abcd
|
||||
|
||||
# logging to syslog, which facility? defaults to no syslog
|
||||
syslog mail
|
||||
|
||||
# no separate logfile
|
||||
logfile /home/kuvert/logs/kuvert.log
|
||||
|
||||
# who gets error reports
|
||||
mail-on-error you@example.com
|
||||
|
||||
# where to spool mails and temporary files
|
||||
queuedir /home/kuvert/queue/
|
||||
tempdir /tmp/kuvert_temp
|
||||
|
||||
# how often to check the queue, in seconds
|
||||
interval 60
|
||||
|
||||
# add an x-mailer header?
|
||||
identify f
|
||||
|
||||
# add the explanatory mime preamble?
|
||||
preamble f
|
||||
|
||||
# how to submit outbound mail:
|
||||
#
|
||||
# 1. via smtp
|
||||
# settings: msserver, msport, ssl,
|
||||
# ssl-cert, ssl-key, ssl-ca;
|
||||
# authenticating as msuser, mspass
|
||||
#
|
||||
# msserver smtp.example.com
|
||||
# msport 587
|
||||
# ssl starttls
|
||||
# ssl-key mycerts/my.key.pem
|
||||
# ssl-cert mycerts/my.cert.pem
|
||||
# msuser smtp-username
|
||||
# mspass smtp-password
|
||||
# mspass-from-query-secret f
|
||||
#
|
||||
# 2. by using the msp program
|
||||
#
|
||||
msp /usr/sbin/sendmail -om -oi -oem
|
||||
|
||||
can-detach f
|
||||
# maport 2587
|
||||
# ma-user yourname
|
||||
# ma-pass somethingSECRET
|
||||
|
||||
defaultaction fallback-all
|
||||
|
||||
alwaystrust t
|
||||
|
||||
use-agent t
|
||||
query-secret /usr/bin/q-agent get %s
|
||||
flush-secret /usr/bin/q-agent delete %s
|
||||
|
||||
# action specifications for recipients
|
||||
# are given with some leading whitespace
|
||||
|
||||
# multiple keys for somebody and you want a specific one?
|
||||
somebody@with.many.keys fallback,0x1234abcd
|
||||
|
||||
# those don't want gpg-signed stuff
|
||||
@somewhere.com none
|
||||
|
||||
# signed but not encrypted
|
||||
(he|they|others)@there.com signonly
|
||||
|
||||
# majordomo and similar mailinglist systems get plain mail
|
||||
(majordomo|-request)@ none
|
||||
|
40
run.sh
40
run.sh
|
@ -3,23 +3,33 @@
|
|||
# exit when any of the commands fails
|
||||
set -e
|
||||
|
||||
# users' home directory
|
||||
# TODO feature/future proof it
|
||||
HOMEDIR="/home/${KUVERT_USER}"
|
||||
|
||||
# we need the KUVERT_USER envvar
|
||||
[ -z ${KUVERT_USER+x} ] && KUVERT_USER="user"
|
||||
|
||||
# we need the KUVERT_GROUP envvar, but we can get it from the username, right?
|
||||
[ -z ${KUVERT_GROUP+x} ] && KUVERT_GROUP="$KUVERT_USER"
|
||||
|
||||
|
||||
echo "+-- settings:"
|
||||
echo " +-- KUVERT_USER : $KUVERT_USER"
|
||||
echo " +-- KUVERT_GROUP : $KUVERT_GROUP"
|
||||
echo " +-- KUVERT_UID : ${KUVERT_UID-<not set>}"
|
||||
echo " +-- KUVERT_GID : ${KUVERT_GID-<not set>}"
|
||||
|
||||
# users' home directory
|
||||
# TODO feature/future proof it
|
||||
HOMEDIR="/home/${KUVERT_USER}"
|
||||
|
||||
# important directories
|
||||
[ -z ${KUVERT_LOGS_DIR+x} ] && KUVERT_LOGS_DIR="$HOMEDIR/logs"
|
||||
[ -z ${KUVERT_QUEUE_DIR+x} ] && KUVERT_QUEUE_DIR="$HOMEDIR/queue"
|
||||
[ -z ${KUVERT_CONFIG_DIR+x} ] && KUVERT_CONFIG_DIR="$HOMEDIR/config"
|
||||
|
||||
echo "+-- directories:"
|
||||
echo " +-- HOMEDIR : ${HOMEDIR}"
|
||||
echo " +-- KUVERT_LOGS_DIR : ${KUVERT_LOGS_DIR}"
|
||||
echo " +-- KUVERT_QUEUE_DIR : ${KUVERT_QUEUE_DIR}"
|
||||
echo " +-- KUVERT_CONFIG_DIR : ${KUVERT_CONFIG_DIR}"
|
||||
|
||||
|
||||
# get group data, if any, and check if the group exists
|
||||
echo "+-- setting up the group..."
|
||||
|
@ -106,6 +116,26 @@ else
|
|||
chmod -R ug+rwX "/home/$KUVERT_USER" || echo "WARNING: changing permissions on /home/$KUVERT_USER failed!"
|
||||
fi
|
||||
|
||||
# the directories
|
||||
echo "+-- handling directories..."
|
||||
echo " +-- creating..."
|
||||
mkdir -p "$KUVERT_LOGS_DIR"
|
||||
mkdir -p "$KUVERT_QUEUE_DIR"
|
||||
mkdir -p "$KUVERT_CONFIG_DIR"
|
||||
echo " +-- changing ownership..."
|
||||
chown -R "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_LOGS_DIR"
|
||||
chown -R "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_QUEUE_DIR"
|
||||
chown -R "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_CONFIG_DIR"
|
||||
echo " +-- changing permissions..."
|
||||
chmod -R u=rwX,g=rX,o= "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_LOGS_DIR"
|
||||
chmod -R u=rwX,g=rX,o= "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_QUEUE_DIR"
|
||||
chmod -R u=rwX,g=rX,o= "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_CONFIG_DIR"
|
||||
|
||||
#
|
||||
# kuvert explicitly expects the config file to be ~/.kuvert, so we need to link it to the actual config file,
|
||||
# wherever we expect it to be
|
||||
ln -s "$HOMEDIR/.kuvert" "$KUVERT_CONFIG_DIR/kuvert.conf"
|
||||
|
||||
# inform
|
||||
echo "========================================================================"
|
||||
echo "== Starting kuvert =="
|
||||
|
|
Loading…
Reference in New Issue