handling queue, logs, config dirs
parent
b094e01261
commit
d6cf29c9ec
|
@ -28,7 +28,8 @@ COPY ./ /usr/local/src/kuvert/
|
||||||
RUN cd /usr/local/src/kuvert/ && \
|
RUN cd /usr/local/src/kuvert/ && \
|
||||||
make && \
|
make && \
|
||||||
make install
|
make install
|
||||||
|
|
||||||
|
# make sure entrypoint script is runnable
|
||||||
RUN chmod a+x /usr/local/src/kuvert/run.sh
|
RUN chmod a+x /usr/local/src/kuvert/run.sh
|
||||||
|
|
||||||
ENTRYPOINT ["/usr/local/src/kuvert/run.sh"]
|
ENTRYPOINT ["/usr/local/src/kuvert/run.sh"]
|
||||||
|
|
|
@ -0,0 +1,77 @@
|
||||||
|
# ~/.kuvert: example configuration file for kuvert v2
|
||||||
|
|
||||||
|
# options are given without leading whitespace
|
||||||
|
|
||||||
|
# which key to sign with by default
|
||||||
|
defaultkey 0x1234abcd
|
||||||
|
|
||||||
|
# logging to syslog, which facility? defaults to no syslog
|
||||||
|
syslog mail
|
||||||
|
|
||||||
|
# no separate logfile
|
||||||
|
logfile /home/kuvert/logs/kuvert.log
|
||||||
|
|
||||||
|
# who gets error reports
|
||||||
|
mail-on-error you@example.com
|
||||||
|
|
||||||
|
# where to spool mails and temporary files
|
||||||
|
queuedir /home/kuvert/queue/
|
||||||
|
tempdir /tmp/kuvert_temp
|
||||||
|
|
||||||
|
# how often to check the queue, in seconds
|
||||||
|
interval 60
|
||||||
|
|
||||||
|
# add an x-mailer header?
|
||||||
|
identify f
|
||||||
|
|
||||||
|
# add the explanatory mime preamble?
|
||||||
|
preamble f
|
||||||
|
|
||||||
|
# how to submit outbound mail:
|
||||||
|
#
|
||||||
|
# 1. via smtp
|
||||||
|
# settings: msserver, msport, ssl,
|
||||||
|
# ssl-cert, ssl-key, ssl-ca;
|
||||||
|
# authenticating as msuser, mspass
|
||||||
|
#
|
||||||
|
# msserver smtp.example.com
|
||||||
|
# msport 587
|
||||||
|
# ssl starttls
|
||||||
|
# ssl-key mycerts/my.key.pem
|
||||||
|
# ssl-cert mycerts/my.cert.pem
|
||||||
|
# msuser smtp-username
|
||||||
|
# mspass smtp-password
|
||||||
|
# mspass-from-query-secret f
|
||||||
|
#
|
||||||
|
# 2. by using the msp program
|
||||||
|
#
|
||||||
|
msp /usr/sbin/sendmail -om -oi -oem
|
||||||
|
|
||||||
|
can-detach f
|
||||||
|
# maport 2587
|
||||||
|
# ma-user yourname
|
||||||
|
# ma-pass somethingSECRET
|
||||||
|
|
||||||
|
defaultaction fallback-all
|
||||||
|
|
||||||
|
alwaystrust t
|
||||||
|
|
||||||
|
use-agent t
|
||||||
|
query-secret /usr/bin/q-agent get %s
|
||||||
|
flush-secret /usr/bin/q-agent delete %s
|
||||||
|
|
||||||
|
# action specifications for recipients
|
||||||
|
# are given with some leading whitespace
|
||||||
|
|
||||||
|
# multiple keys for somebody and you want a specific one?
|
||||||
|
somebody@with.many.keys fallback,0x1234abcd
|
||||||
|
|
||||||
|
# those don't want gpg-signed stuff
|
||||||
|
@somewhere.com none
|
||||||
|
|
||||||
|
# signed but not encrypted
|
||||||
|
(he|they|others)@there.com signonly
|
||||||
|
|
||||||
|
# majordomo and similar mailinglist systems get plain mail
|
||||||
|
(majordomo|-request)@ none
|
||||||
|
|
40
run.sh
40
run.sh
|
@ -3,23 +3,33 @@
|
||||||
# exit when any of the commands fails
|
# exit when any of the commands fails
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
# users' home directory
|
|
||||||
# TODO feature/future proof it
|
|
||||||
HOMEDIR="/home/${KUVERT_USER}"
|
|
||||||
|
|
||||||
# we need the KUVERT_USER envvar
|
# we need the KUVERT_USER envvar
|
||||||
[ -z ${KUVERT_USER+x} ] && KUVERT_USER="user"
|
[ -z ${KUVERT_USER+x} ] && KUVERT_USER="user"
|
||||||
|
|
||||||
# we need the KUVERT_GROUP envvar, but we can get it from the username, right?
|
# we need the KUVERT_GROUP envvar, but we can get it from the username, right?
|
||||||
[ -z ${KUVERT_GROUP+x} ] && KUVERT_GROUP="$KUVERT_USER"
|
[ -z ${KUVERT_GROUP+x} ] && KUVERT_GROUP="$KUVERT_USER"
|
||||||
|
|
||||||
|
|
||||||
echo "+-- settings:"
|
echo "+-- settings:"
|
||||||
echo " +-- KUVERT_USER : $KUVERT_USER"
|
echo " +-- KUVERT_USER : $KUVERT_USER"
|
||||||
echo " +-- KUVERT_GROUP : $KUVERT_GROUP"
|
echo " +-- KUVERT_GROUP : $KUVERT_GROUP"
|
||||||
echo " +-- KUVERT_UID : ${KUVERT_UID-<not set>}"
|
echo " +-- KUVERT_UID : ${KUVERT_UID-<not set>}"
|
||||||
echo " +-- KUVERT_GID : ${KUVERT_GID-<not set>}"
|
echo " +-- KUVERT_GID : ${KUVERT_GID-<not set>}"
|
||||||
|
|
||||||
|
# users' home directory
|
||||||
|
# TODO feature/future proof it
|
||||||
|
HOMEDIR="/home/${KUVERT_USER}"
|
||||||
|
|
||||||
|
# important directories
|
||||||
|
[ -z ${KUVERT_LOGS_DIR+x} ] && KUVERT_LOGS_DIR="$HOMEDIR/logs"
|
||||||
|
[ -z ${KUVERT_QUEUE_DIR+x} ] && KUVERT_QUEUE_DIR="$HOMEDIR/queue"
|
||||||
|
[ -z ${KUVERT_CONFIG_DIR+x} ] && KUVERT_CONFIG_DIR="$HOMEDIR/config"
|
||||||
|
|
||||||
|
echo "+-- directories:"
|
||||||
|
echo " +-- HOMEDIR : ${HOMEDIR}"
|
||||||
|
echo " +-- KUVERT_LOGS_DIR : ${KUVERT_LOGS_DIR}"
|
||||||
|
echo " +-- KUVERT_QUEUE_DIR : ${KUVERT_QUEUE_DIR}"
|
||||||
|
echo " +-- KUVERT_CONFIG_DIR : ${KUVERT_CONFIG_DIR}"
|
||||||
|
|
||||||
|
|
||||||
# get group data, if any, and check if the group exists
|
# get group data, if any, and check if the group exists
|
||||||
echo "+-- setting up the group..."
|
echo "+-- setting up the group..."
|
||||||
|
@ -106,6 +116,26 @@ else
|
||||||
chmod -R ug+rwX "/home/$KUVERT_USER" || echo "WARNING: changing permissions on /home/$KUVERT_USER failed!"
|
chmod -R ug+rwX "/home/$KUVERT_USER" || echo "WARNING: changing permissions on /home/$KUVERT_USER failed!"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# the directories
|
||||||
|
echo "+-- handling directories..."
|
||||||
|
echo " +-- creating..."
|
||||||
|
mkdir -p "$KUVERT_LOGS_DIR"
|
||||||
|
mkdir -p "$KUVERT_QUEUE_DIR"
|
||||||
|
mkdir -p "$KUVERT_CONFIG_DIR"
|
||||||
|
echo " +-- changing ownership..."
|
||||||
|
chown -R "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_LOGS_DIR"
|
||||||
|
chown -R "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_QUEUE_DIR"
|
||||||
|
chown -R "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_CONFIG_DIR"
|
||||||
|
echo " +-- changing permissions..."
|
||||||
|
chmod -R u=rwX,g=rX,o= "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_LOGS_DIR"
|
||||||
|
chmod -R u=rwX,g=rX,o= "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_QUEUE_DIR"
|
||||||
|
chmod -R u=rwX,g=rX,o= "$KUVERT_USER":"$KUVERT_GROUP" "$KUVERT_CONFIG_DIR"
|
||||||
|
|
||||||
|
#
|
||||||
|
# kuvert explicitly expects the config file to be ~/.kuvert, so we need to link it to the actual config file,
|
||||||
|
# wherever we expect it to be
|
||||||
|
ln -s "$HOMEDIR/.kuvert" "$KUVERT_CONFIG_DIR/kuvert.conf"
|
||||||
|
|
||||||
# inform
|
# inform
|
||||||
echo "========================================================================"
|
echo "========================================================================"
|
||||||
echo "== Starting kuvert =="
|
echo "== Starting kuvert =="
|
||||||
|
|
Loading…
Reference in New Issue