From d6cf29c9ec1f1709b321367f9fae5a7ec24bc28b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20=27rysiek=27=20Wo=C5=BAniak?=
 <rysiek@hackerspace.pl>
Date: Thu, 23 Feb 2017 16:36:15 +0100
Subject: [PATCH] handling queue, logs, config dirs

---
 Dockerfile        |  3 +-
 dot-kuvert.docker | 77 +++++++++++++++++++++++++++++++++++++++++++++++
 run.sh            | 40 +++++++++++++++++++++---
 3 files changed, 114 insertions(+), 6 deletions(-)
 create mode 100644 dot-kuvert.docker

diff --git a/Dockerfile b/Dockerfile
index 1df7476..48053c6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -28,7 +28,8 @@ COPY ./ /usr/local/src/kuvert/
 RUN cd /usr/local/src/kuvert/ && \
     make && \
     make install
-    
+
+# make sure entrypoint script is runnable
 RUN chmod a+x /usr/local/src/kuvert/run.sh
 
 ENTRYPOINT ["/usr/local/src/kuvert/run.sh"]
diff --git a/dot-kuvert.docker b/dot-kuvert.docker
new file mode 100644
index 0000000..eb183d2
--- /dev/null
+++ b/dot-kuvert.docker
@@ -0,0 +1,77 @@
+# ~/.kuvert: example configuration file for kuvert v2
+
+# options are given without leading whitespace
+
+# which key to sign with by default
+defaultkey 0x1234abcd
+
+# logging to syslog, which facility? defaults to no syslog
+syslog mail
+
+# no separate logfile
+logfile /home/kuvert/logs/kuvert.log
+
+# who gets error reports
+mail-on-error you@example.com
+
+# where to spool mails and temporary files
+queuedir /home/kuvert/queue/
+tempdir  /tmp/kuvert_temp
+
+# how often to check the queue, in seconds
+interval 60
+
+# add an x-mailer header?
+identify f
+
+# add the explanatory mime preamble? 
+preamble f
+
+# how to submit outbound mail: 
+#
+# 1. via smtp 
+# settings: msserver, msport, ssl,
+# ssl-cert, ssl-key, ssl-ca;
+# authenticating as msuser, mspass
+#
+# msserver smtp.example.com
+# msport 587
+# ssl starttls
+# ssl-key  mycerts/my.key.pem
+# ssl-cert mycerts/my.cert.pem
+# msuser smtp-username
+# mspass smtp-password
+# mspass-from-query-secret f
+# 
+# 2. by using the msp program
+#
+msp /usr/sbin/sendmail -om -oi -oem
+
+can-detach f
+# maport 2587
+# ma-user yourname
+# ma-pass somethingSECRET
+
+defaultaction fallback-all
+
+alwaystrust t
+
+use-agent t
+query-secret /usr/bin/q-agent get %s
+flush-secret /usr/bin/q-agent delete %s
+
+# action specifications for recipients
+# are given with some leading whitespace
+
+# multiple keys for somebody and you want a specific one?
+ somebody@with.many.keys fallback,0x1234abcd
+
+# those don't want gpg-signed stuff
+ @somewhere.com none
+
+# signed but not encrypted
+ (he|they|others)@there.com	signonly
+
+# majordomo and similar mailinglist systems get plain mail
+ (majordomo|-request)@	none
+
diff --git a/run.sh b/run.sh
index d7075fb..60f73e5 100644
--- a/run.sh
+++ b/run.sh
@@ -3,23 +3,33 @@
 # exit when any of the commands fails
 set -e
 
-# users' home directory
-# TODO feature/future proof it
-HOMEDIR="/home/${KUVERT_USER}"
-
 # we need the KUVERT_USER envvar
 [ -z ${KUVERT_USER+x} ] && KUVERT_USER="user"
 
 # we need the KUVERT_GROUP envvar, but we can get it from the username, right?
 [ -z ${KUVERT_GROUP+x} ] && KUVERT_GROUP="$KUVERT_USER"
 
-
 echo "+-- settings:"
 echo "    +-- KUVERT_USER  : $KUVERT_USER"
 echo "    +-- KUVERT_GROUP : $KUVERT_GROUP"
 echo "    +-- KUVERT_UID   : ${KUVERT_UID-<not set>}"
 echo "    +-- KUVERT_GID   : ${KUVERT_GID-<not set>}"
 
+# users' home directory
+# TODO feature/future proof it
+HOMEDIR="/home/${KUVERT_USER}"
+
+# important directories
+[ -z ${KUVERT_LOGS_DIR+x} ] && KUVERT_LOGS_DIR="$HOMEDIR/logs"
+[ -z ${KUVERT_QUEUE_DIR+x} ] && KUVERT_QUEUE_DIR="$HOMEDIR/queue"
+[ -z ${KUVERT_CONFIG_DIR+x} ] && KUVERT_CONFIG_DIR="$HOMEDIR/config"
+
+echo "+-- directories:"
+echo "    +-- HOMEDIR           : ${HOMEDIR}"
+echo "    +-- KUVERT_LOGS_DIR   : ${KUVERT_LOGS_DIR}"
+echo "    +-- KUVERT_QUEUE_DIR  : ${KUVERT_QUEUE_DIR}"
+echo "    +-- KUVERT_CONFIG_DIR : ${KUVERT_CONFIG_DIR}"
+
 
 # get group data, if any, and check if the group exists
 echo "+-- setting up the group..."
@@ -106,6 +116,26 @@ else
     chmod -R ug+rwX "/home/$KUVERT_USER" || echo "WARNING: changing permissions on /home/$KUVERT_USER failed!"
 fi
 
+# the directories
+echo "+-- handling directories..."
+echo "    +-- creating..."
+mkdir -p "$KUVERT_LOGS_DIR"
+mkdir -p "$KUVERT_QUEUE_DIR"
+mkdir -p "$KUVERT_CONFIG_DIR"
+echo "    +-- changing ownership..."
+chown -R "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_LOGS_DIR"
+chown -R "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_QUEUE_DIR"
+chown -R "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_CONFIG_DIR"
+echo "    +-- changing permissions..."
+chmod -R u=rwX,g=rX,o= "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_LOGS_DIR"
+chmod -R u=rwX,g=rX,o= "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_QUEUE_DIR"
+chmod -R u=rwX,g=rX,o= "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_CONFIG_DIR"
+
+#
+# kuvert explicitly expects the config file to be ~/.kuvert, so we need to link it to the actual config file,
+# wherever we expect it to be
+ln -s "$HOMEDIR/.kuvert" "$KUVERT_CONFIG_DIR/kuvert.conf"
+
 # inform
 echo "========================================================================"
 echo "== Starting kuvert                                                    =="