Initial commit

.editorconfig

@@ -0,0 +1,17 @@
+root = true
+
+[*]
+end_of_line = lf
+insert_final_newline = true
+
+[*.sh]
+indent_style = space
+indent_size = 4
+
+[.envrc]
+indent_style = space
+indent_size = 4
+
+[scripts/*]
+indent_style = space
+indent_size = 4

.gitignore

@@ -0,0 +1,3 @@
+/html/
+/xml/
+/result

README.md

@@ -0,0 +1,18 @@
+# DKIM Reports
+
+This repository helps you to convert DKIM reports to HTML and then serve them with a web server.
+This way you can easily look at the reports and see if there are any issues with your DKIM setup.
+
+## How to use
+
+You need to have Nix installed with Flakes enabled.
+Then you can clone this repository, cd into it and run the following command:
+
+```sh
+nix run .#dkim-report
+```
+
+The script will create an **html** and a **xml** directory.
+The **xml** directory is used to store the DKIM reports and the **html** directory is used to store the converted reports.
+You can add .zip and .tar.gz files to the **xml** directory and the script will automatically extract them.
+After the script converted the reports iptables will open port 8080 and then the webserver will serve the reports.

config.yaml

@@ -0,0 +1,37 @@
+input:
+  delete: no
+  dir: "./xml"
+  #imap:
+  #  server: ""
+  #  username: ""
+  #  password: ""
+  #  mailbox: ""
+  # enable debug messages for imap package?
+  #  debug: no
+  # delete emails from server after fetch?
+  #  delete: no
+
+output:
+  # output file
+  # should be: string, golang template string or "stdout"
+  file: "./html/{{ .ID }}.html"
+  # file: "/tmp/html/{{ .ReportMetadata.Email }}/{{ .PolicyPublished.Domain }}!{{.ReportMetadata.DateRange.Begin}}!{{ .ReportMetadata.ReportID }}.html"
+
+  # output format
+  # should be: txt, json, html_static, html, external_template
+  format: "html_static"
+
+  # if you configure format to "html" output, don't forget to configure assets_path and your web server
+  # assets_path: "./assets"
+
+  # if you configure format to "external_output", don't forget to configure external_template
+  # external_template: "/path/to/your/txt.gotmpl"
+
+# perform reverse lookups?
+lookup_addr: yes
+
+# merge multiple similar reports to one?
+merge_reports: no
+
+log_debug: no
+log_datetime: no

flake.lock

@@ -0,0 +1,61 @@
+{
+  "nodes": {
+    "flake-utils": {
+      "inputs": {
+        "systems": "systems"
+      },
+      "locked": {
+        "lastModified": 1705309234,
+        "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1708296515,
+        "narHash": "sha256-FyF489fYNAUy7b6dkYV6rGPyzp+4tThhr80KNAaF/yY=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "b98a4e1746acceb92c509bc496ef3d0e5ad8d4aa",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "flake-utils": "flake-utils",
+        "nixpkgs": "nixpkgs"
+      }
+    },
+    "systems": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}

flake.nix

@@ -0,0 +1,39 @@
+{
+  description = "A simple flake to generate DKIM reports.";
+  inputs = {
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
+    flake-utils.url = "github:numtide/flake-utils";
+  };
+
+  outputs =
+    inputs@{
+      self,
+      nixpkgs,
+      flake-utils,
+    }:
+    flake-utils.lib.eachDefaultSystem (
+      system:
+      let
+        pkgs = nixpkgs.legacyPackages.${system};
+        reports = pkgs.writeShellApplication {
+          name = "reports";
+          runtimeInputs = [
+            pkgs.dmarc-report-converter
+            pkgs.gnutar
+            pkgs.python3
+            pkgs.unzip
+          ];
+          text = (builtins.readFile ./reports.sh);
+        };
+      in
+      {
+        packages.dkim-report = reports;
+        packages.default = reports;
+        apps.dkim-report = {
+          type = "app";
+          program = "${self.packages.${system}.dkim-report}/bin/reports";
+        };
+        apps.default = self.apps.${system}.dkim-report;
+      }
+    );
+}

reports.sh

@@ -0,0 +1,37 @@
+WORKDIR=$(pwd)
+PORT=8080
+mkdir -p "$WORKDIR"/xml
+mkdir -p "$WORKDIR"/html
+
+extract-zips() {
+    echo "extracting zipped reports"
+    for i in "$WORKDIR"/xml/*.zip; do
+        unzip "$i" -d "$WORKDIR/xml" && rm -r "$i"
+    done
+}
+extract-tars() {
+    echo "extracting tarred reports"
+    for i in "$WORKDIR"/xml/*.tar.gz; do
+        tar xzvf "$i" -C "$WORKDIR/xml" && rm -r "$i"
+    done
+}
+
+# extract zips if they exist
+# count_zips=$(ls -1 "$WORKDIR"/xml/*.zip 2>/dev/null | wc -l)
+mapfile -t count_zips < <(find "$WORKDIR"/xml/ -maxdepth 1 -name "*.zip" -type f)
+if [ "${#count_zips[@]}" -gt 0 ]; then
+    extract-zips
+fi
+# extract tars if they exist
+# count_tars=$(ls -1 "$WORKDIR"/xml/*.tar.gz 2>/dev/null | wc -l)
+mapfile -t count_tars < <(find "$WORKDIR"/xml/ -maxdepth 1 -name "*.tar.gz" -type f)
+if [ "${#count_tars[@]}" -gt 0 ]; then
+    extract-tars
+fi
+
+echo "converting reports to html"
+dmarc-report-converter
+echo "open filewall port"
+sudo iptables -I INPUT -p tcp --dport $PORT -j ACCEPT
+echo "serving reports"
+cd "$WORKDIR/html" && python3 -m http.server $PORT