From bab0277723f46c00016eabd48ec3a932b1244bf5 Mon Sep 17 00:00:00 2001 From: Casper Date: Wed, 19 May 2021 21:18:06 +0200 Subject: [PATCH] Update check (#1951) * mail binary * initial work * make env vars available * typo * some fixes * make script ugly, to satisfy linter.. * mailserver.env updated * Version to welcome message added * remove VERSION file references * VERSION --> DMS_VERSION * fetch remote version * variable usage * Quoting added * edge test & docu * dash removed * subject changed * re-add VERSION * VERSION added * new file: VERSION * rewrite * unnecessary additions from fail2ban PR removed * UPDATE_CHECK_INTERVAL added * syntax check & _log function * comment added * final commit --- .dockerignore | 1 + Dockerfile | 17 ++---- VERSION | 1 + docs/content/config/environment.md | 13 +++++ mailserver.env | 10 ++++ target/scripts/start-mailserver.sh | 8 +-- target/scripts/startup/daemons-stack.sh | 6 ++ target/scripts/update-check.sh | 60 ++++++++++++++++++++ target/supervisor/conf.d/supervisor-app.conf | 8 +++ 9 files changed, 109 insertions(+), 15 deletions(-) create mode 100644 VERSION create mode 100755 target/scripts/update-check.sh diff --git a/.dockerignore b/.dockerignore index 50365994..b6eef669 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,2 +1,3 @@ * !target +!VERSION diff --git a/Dockerfile b/Dockerfile index 7ffbbf76..15f005a9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -45,7 +45,7 @@ RUN \ apt-get -y install postfix >/dev/null && \ apt-get -y --no-install-recommends install \ # A - D - altermime amavisd-new apt-transport-https arj binutils bzip2 \ + altermime amavisd-new apt-transport-https arj binutils bzip2 bsd-mailx \ ca-certificates cabextract clamav clamav-daemon cpio curl \ dovecot-core dovecot-imapd dovecot-ldap dovecot-lmtpd \ dovecot-managesieved dovecot-pop3d dovecot-sieve dovecot-solr \ @@ -59,9 +59,8 @@ RUN \ pax pflogsumm postgrey p7zip-full postfix-ldap postfix-pcre \ postfix-policyd-spf-python postsrsd pyzor \ razor rpm2cpio rsyslog sasl2-bin spamassassin supervisor \ - unrar-free unzip whois xz-utils \ + unrar-free unzip whois xz-utils && \ # Fail2Ban - gpg gpg-agent >/dev/null && \ gpg --keyserver ${FAIL2BAN_GPG_PUBLIC_KEY_SERVER} \ --recv-keys ${FAIL2BAN_GPG_PUBLIC_KEY_ID} &>/dev/null && \ curl -Lkso fail2ban.deb ${FAIL2BAN_DEB_URL} && \ @@ -75,7 +74,6 @@ RUN \ echo "ERROR: Wrong GPG fingerprint!" 2>&1; exit 1; fi && \ dpkg -i fail2ban.deb &>/dev/null && \ rm fail2ban.deb fail2ban.deb.asc && \ - apt-get -qq -y purge gpg gpg-agent &>/dev/null && \ # cleanup apt-get -qq autoremove &>/dev/null && \ apt-get -qq autoclean && \ @@ -154,6 +152,9 @@ COPY \ ./target/docker-configomat/configomat.sh \ /usr/local/bin/ +COPY \ + ./VERSION / + RUN \ chmod +x /usr/local/bin/* && \ rm -rf /usr/share/locale/* && \ @@ -162,13 +163,7 @@ RUN \ touch /var/log/auth.log && \ update-locale && \ rm /etc/postsrsd.secret && \ - rm /etc/cron.daily/00logwatch && \ - if [[ ${VCS_VER} =~ ^refs/tags/v.+ ]]; then \ - echo "export DMS_VERSION='${VCS_VER:11}'" >>/root/.bashrc; \ - else \ - echo "export DMS_VERSION='${VCS_REF}'" >>/root/.bashrc; \ - fi - + rm /etc/cron.daily/00logwatch # ––––––––––––––––––––––––––––––––––––––––––––––– # ––– PostSRSD, Postgrey & Amavis ––––––––––––––– diff --git a/VERSION b/VERSION new file mode 100644 index 00000000..47da986f --- /dev/null +++ b/VERSION @@ -0,0 +1 @@ +9.1.0 diff --git a/docs/content/config/environment.md b/docs/content/config/environment.md index 0220fbde..2bd37156 100644 --- a/docs/content/config/environment.md +++ b/docs/content/config/environment.md @@ -193,6 +193,19 @@ Set the message size limit for all users. If set to zero, the size will be unlim - **empty** => postmaster@domain.com - => Specify the postmaster address +##### ENABLE_UPDATE_CHECK + +Check for updates on container start and then once a day. If an update is available, a mail is send to POSTMASTER_ADDRESS. + +- 0 => Update check disabled +- **1** => Update check enabled + +##### UPDATE_CHECK_INTERVAL + +Customize the update check interval. Number + Suffix. Suffix must be 's' for seconds, 'm' for minutes, 'h' for hours or 'd' for days. + +- **1d** => Check for updates once a day + ##### POSTSCREEN_ACTION - **enforce** => Allow other tests to complete. Reject attempts to deliver mail with a 550 SMTP reply, and log the helo/sender/recipient information. Repeat this test the next time the client connects. diff --git a/mailserver.env b/mailserver.env index f7d69c9c..25f0d27d 100644 --- a/mailserver.env +++ b/mailserver.env @@ -32,6 +32,16 @@ ONE_DIR=0 # => Specify the postmaster address POSTMASTER_ADDRESS= +# Check for updates on container start and then once a day +# If an update is available, a mail is send to POSTMASTER_ADDRESS +# 0 => Update check disabled +# 1 => Update check enabled +ENABLE_UPDATE_CHECK=1 + +# Customize the update check interval. +# Number + Suffix. Suffix must be 's' for seconds, 'm' for minutes, 'h' for hours or 'd' for days. +UPDATE_CHECK_INTERVAL=1d + # Set different options for mynetworks option (can be overwrite in postfix-main.cf) # **WARNING**: Adding the docker network's gateway to the list of trusted hosts, e.g. using the `network` or # `connected-networks` option, can create an open relay diff --git a/target/scripts/start-mailserver.sh b/target/scripts/start-mailserver.sh index 1a155507..3ee888be 100755 --- a/target/scripts/start-mailserver.sh +++ b/target/scripts/start-mailserver.sh @@ -33,6 +33,7 @@ VARS[ENABLE_QUOTAS]="${ENABLE_QUOTAS:=1}" VARS[ENABLE_SASLAUTHD]="${ENABLE_SASLAUTHD:=0}" VARS[ENABLE_SPAMASSASSIN]="${ENABLE_SPAMASSASSIN:=0}" VARS[ENABLE_SRS]="${ENABLE_SRS:=0}" +VARS[ENABLE_UPDATE_CHECK]="${ENABLE_UPDATE_CHECK:=1}" VARS[FAIL2BAN_BLOCKTYPE]="${FAIL2BAN_BLOCKTYPE:=drop}" VARS[FETCHMAIL_POLL]="${FETCHMAIL_POLL:=300}" VARS[FETCHMAIL_PARALLEL]="${FETCHMAIL_PARALLEL:=0}" @@ -64,6 +65,7 @@ VARS[SRS_SENDER_CLASSES]="${SRS_SENDER_CLASSES:=envelope_sender}" VARS[SSL_TYPE]="${SSL_TYPE:=}" VARS[SUPERVISOR_LOGLEVEL]="${SUPERVISOR_LOGLEVEL:=warn}" VARS[TLS_LEVEL]="${TLS_LEVEL:=modern}" +VARS[UPDATE_CHECK_INTERVAL]="${UPDATE_CHECK_INTERVAL:=1d}" VARS[VIRUSMAILS_DELETE_DELAY]="${VIRUSMAILS_DELETE_DELAY:=7}" export HOSTNAME DOMAINNAME CHKSUM_FILE @@ -168,6 +170,7 @@ function register_functions _register_start_daemon '_start_daemons_rsyslog' [[ ${SMTP_ONLY} -ne 1 ]] && _register_start_daemon '_start_daemons_dovecot' + [[ ${ENABLE_UPDATE_CHECK} -eq 1 ]] && _register_start_daemon '_start_daemons_update_check' # needs to be started before SASLauthd _register_start_daemon '_start_daemons_opendkim' @@ -249,16 +252,13 @@ function _defunc # shellcheck source=./startup/daemons-stack.sh . /usr/local/bin/daemons-stack.sh -# source DMS_VERSION variable -. /root/.bashrc - # –––––––––––––––––––––––––––––––––––––––––––––––––––––––––––– # ? << Sourcing all stacks # –– # ? >> Executing all stacks # –––––––––––––––––––––––––––––––––––––––––––––––––––––––––––– -_notify 'tasklog' "Welcome to docker-mailserver ${DMS_VERSION}" +_notify 'tasklog' "Welcome to docker-mailserver $( ${LATEST} ]" "${POSTMASTER_ADDRESS}" && \ + + _log "Info: Update available [ ${VERSION} --> ${LATEST} ]" && \ + + # only notify once + exit 0 + else + _log "Info: No update available" + fi + else + _log "Error: Update check failed." + fi + # check again in one day + sleep "${UPDATE_CHECK_INTERVAL}" +done diff --git a/target/supervisor/conf.d/supervisor-app.conf b/target/supervisor/conf.d/supervisor-app.conf index b2262e0e..23ef7204 100644 --- a/target/supervisor/conf.d/supervisor-app.conf +++ b/target/supervisor/conf.d/supervisor-app.conf @@ -132,3 +132,11 @@ autorestart=unexpected stdout_logfile=/var/log/supervisor/%(program_name)s.log stderr_logfile=/var/log/supervisor/%(program_name)s.log command=/usr/local/bin/postsrsd-wrapper.sh + +[program:update-check] +startsecs=0 +stopwaitsecs=55 +autostart=false +stdout_logfile=/var/log/supervisor/%(program_name)s.log +stderr_logfile=/var/log/supervisor/%(program_name)s.log +command=/bin/bash -l -c /usr/local/bin/update-check.sh