def test_jinja(self):
template = "Test {{ variable }}"
environ = {"variable": "ok"}
self.assertEqual(conf.jinja(io.StringIO(template), environ), "Test ok")
result = io.StringIO()
conf.jinja(io.StringIO(template), environ, result)
self.assertEqual(result.getvalue(), "Test ok")
'DEFER_ON_TLS_ERROR'] if 'DEFER_ON_TLS_ERROR' in os.environ else 'True'
os.environ["FRONT_ADDRESS"] = system.get_host_address_from_environment(
"FRONT", "front")
os.environ["ADMIN_ADDRESS"] = system.get_host_address_from_environment(
"ADMIN", "admin")
os.environ[
"ANTISPAM_MILTER_ADDRESS"] = system.get_host_address_from_environment(
"ANTISPAM_MILTER", "antispam:11332")
os.environ["LMTP_ADDRESS"] = system.get_host_address_from_environment(
"LMTP", "imap:2525")
os.environ["POSTFIX_LOG_SYSLOG"] = os.environ.get("POSTFIX_LOG_SYSLOG",
"local")
os.environ["POSTFIX_LOG_FILE"] = os.environ.get("POSTFIX_LOG_FILE", "")
for postfix_file in glob.glob("/conf/*.cf"):
conf.jinja(postfix_file, os.environ,
os.path.join("/etc/postfix", os.path.basename(postfix_file)))
if os.path.exists("/overrides/postfix.cf"):
for line in open("/overrides/postfix.cf").read().strip().split("\n"):
if is_valid_postconf_line(line):
os.system('postconf -e "{}"'.format(line))
if os.path.exists("/overrides/postfix.master"):
for line in open("/overrides/postfix.master").read().strip().split("\n"):
if is_valid_postconf_line(line):
os.system('postconf -Me "{}"'.format(line))
for map_file in glob.glob("/overrides/*.map"):
destination = os.path.join("/etc/postfix", os.path.basename(map_file))
shutil.copyfile(map_file, destination)
os.system("postmap {}".format(destination))
os.environ["FRONT_ADDRESS"] = system.get_host_address_from_environment("FRONT", "front")
os.environ["ADMIN_ADDRESS"] = system.get_host_address_from_environment("ADMIN", "admin")
os.environ["ANTISPAM_MILTER_ADDRESS"] = system.get_host_address_from_environment("ANTISPAM_MILTER", "antispam:11332")
os.environ["LMTP_ADDRESS"] = system.get_host_address_from_environment("LMTP", "imap:2525")
os.environ["OUTCLEAN"] = os.environ["HOSTNAMES"].split(",")[0]
try:
_to_lookup = os.environ["OUTCLEAN"]
# Ensure we lookup a FQDN: @see #1884
if not _to_lookup.endswith('.'):
_to_lookup += '.'
os.environ["OUTCLEAN_ADDRESS"] = system.resolve_hostname(_to_lookup)
except:
os.environ["OUTCLEAN_ADDRESS"] = "10.10.10.10"
for postfix_file in glob.glob("/conf/*.cf"):
conf.jinja(postfix_file, os.environ, os.path.join("/etc/postfix", os.path.basename(postfix_file)))
if os.path.exists("/overrides/postfix.cf"):
for line in open("/overrides/postfix.cf").read().strip().split("\n"):
if is_valid_postconf_line(line):
os.system('postconf -e "{}"'.format(line))
if os.path.exists("/overrides/postfix.master"):
for line in open("/overrides/postfix.master").read().strip().split("\n"):
if is_valid_postconf_line(line):
os.system('postconf -Me "{}"'.format(line))
for map_file in glob.glob("/overrides/*.map"):
destination = os.path.join("/etc/postfix", os.path.basename(map_file))
shutil.copyfile(map_file, destination)
os.system("postmap {}".format(destination))
args["ADMIN_ADDRESS"] = system.get_host_address_from_environment("ADMIN", "admin")
args["ANTISPAM_WEBUI_ADDRESS"] = system.get_host_address_from_environment("ANTISPAM_WEBUI", "antispam:11334")
if args["WEBMAIL"] != "none":
args["WEBMAIL_ADDRESS"] = system.get_host_address_from_environment("WEBMAIL", "webmail")
if args["WEBDAV"] != "none":
args["WEBDAV_ADDRESS"] = system.get_host_address_from_environment("WEBDAV", "webdav:5232")
# TLS configuration
cert_name = os.getenv("TLS_CERT_FILENAME", default="cert.pem")
keypair_name = os.getenv("TLS_KEYPAIR_FILENAME", default="key.pem")
args["TLS"] = {
"cert": ("/certs/%s" % cert_name, "/certs/%s" % keypair_name),
"letsencrypt": ("/certs/letsencrypt/live/mailu/nginx-chain.pem",
"/certs/letsencrypt/live/mailu/privkey.pem", "/certs/letsencrypt/live/mailu-ecdsa/nginx-chain.pem", "/certs/letsencrypt/live/mailu-ecdsa/privkey.pem"),
"mail": ("/certs/%s" % cert_name, "/certs/%s" % keypair_name),
"mail-letsencrypt": ("/certs/letsencrypt/live/mailu/nginx-chain.pem",
"/certs/letsencrypt/live/mailu/privkey.pem", "/certs/letsencrypt/live/mailu-ecdsa/nginx-chain.pem", "/certs/letsencrypt/live/mailu-ecdsa/privkey.pem"),
"notls": None
}[args["TLS_FLAVOR"]]
if args["TLS"] and not all(os.path.exists(file_path) for file_path in args["TLS"]):
print("Missing cert or key file, disabling TLS")
args["TLS_ERROR"] = "yes"
# Build final configuration paths
conf.jinja("/conf/tls.conf", args, "/etc/nginx/tls.conf")
conf.jinja("/conf/proxy.conf", args, "/etc/nginx/proxy.conf")
conf.jinja("/conf/nginx.conf", args, "/etc/nginx/nginx.conf")
if os.path.exists("/var/run/nginx.pid"):
os.system("nginx -s reload")
("quota", "url", url),
("auth", "url", url),
("sieve", "url", url),
])
# Actual startup script
os.environ["FRONT_ADDRESS"] = system.get_host_address_from_environment(
"FRONT", "front")
os.environ["REDIS_ADDRESS"] = system.get_host_address_from_environment(
"REDIS", "redis")
os.environ["ADMIN_ADDRESS"] = system.get_host_address_from_environment(
"ADMIN", "admin")
os.environ["ANTISPAM_ADDRESS"] = system.get_host_address_from_environment(
"ANTISPAM", "antispam:11334")
if os.environ["WEBMAIL"] != "none":
os.environ["WEBMAIL_ADDRESS"] = system.get_host_address_from_environment(
"WEBMAIL", "webmail")
for dovecot_file in glob.glob("/conf/*.conf"):
conf.jinja(dovecot_file, os.environ,
os.path.join("/etc/dovecot", os.path.basename(dovecot_file)))
# Run Podop, then postfix
multiprocessing.Process(target=start_podop).start()
os.system("chown mail:mail /mail")
os.system("chown -R mail:mail /var/lib/dovecot /conf")
os.execv("/usr/sbin/dovecot",
["dovecot", "-c", "/etc/dovecot/dovecot.conf", "-F"])
#!/usr/bin/python3
import os
import logging as log
import sys
from socrate import conf
log.basicConfig(stream=sys.stderr,
level=os.environ.get("LOG_LEVEL", "WARNING"))
conf.jinja("/unbound.conf", os.environ, "/etc/unbound/unbound.conf")
os.execv("/usr/sbin/unbound", ["-c /etc/unbound/unbound.conf"])
import sys
from socrate import system, conf
log.basicConfig(stream=sys.stderr,
level=os.environ.get("LOG_LEVEL", "WARNING"))
# Actual startup script
os.environ["FRONT_ADDRESS"] = system.resolve_address(
os.environ.get("HOST_FRONT", "front"))
os.environ["IMAP_ADDRESS"] = system.resolve_address(
os.environ.get("HOST_IMAP", "imap"))
os.environ["MAX_FILESIZE"] = str(
int(int(os.environ.get("MESSAGE_SIZE_LIMIT")) * 0.66 / 1048576))
base = "/data/_data_/_default_/"
shutil.rmtree(base + "domains/", ignore_errors=True)
os.makedirs(base + "domains", exist_ok=True)
os.makedirs(base + "configs", exist_ok=True)
conf.jinja("/defaults/default.ini", os.environ,
"/data/_data_/_default_/domains/default.ini")
conf.jinja("/defaults/application.ini", os.environ,
"/data/_data_/_default_/configs/application.ini")
conf.jinja("/defaults/php.ini", os.environ, "/etc/php7/php.ini")
os.system("chown -R nginx:nginx /data")
os.system("chmod -R a+rX /var/www/rainloop/")
os.execv("/usr/sbin/nginx", ["nginx", "-g", "daemon off;"])
#!/usr/bin/python3
import os
import glob
import logging as log
import sys
from socrate import system, conf
log.basicConfig(stream=sys.stderr,
level=os.environ.get("LOG_LEVEL", "WARNING"))
# Actual startup script
os.environ["FRONT_ADDRESS"] = system.get_host_address_from_environment(
"FRONT", "front")
os.environ["REDIS_ADDRESS"] = system.get_host_address_from_environment(
"REDIS", "redis")
if os.environ.get("ANTIVIRUS") == 'clamav':
os.environ["ANTIVIRUS_ADDRESS"] = system.get_host_address_from_environment(
"ANTIVIRUS", "antivirus:3310")
for rspamd_file in glob.glob("/conf/*"):
conf.jinja(
rspamd_file, os.environ,
os.path.join("/etc/rspamd/local.d", os.path.basename(rspamd_file)))
# Run rspamd
os.execv("/usr/sbin/rspamd", ["rspamd", "-i", "-f"])
import logging as log
import sys
from socrate import system, conf
log.basicConfig(stream=sys.stderr,
level=os.environ.get("LOG_LEVEL", "WARNING"))
# Actual startup script
os.environ["FRONT_ADDRESS"] = system.resolve_address(
os.environ.get("HOST_FRONT", "front"))
os.environ["IMAP_ADDRESS"] = system.resolve_address(
os.environ.get("HOST_IMAP", "imap"))
os.environ["MAX_FILESIZE"] = str(
int(int(os.environ.get("MESSAGE_SIZE_LIMIT")) * 0.66 / 1048576))
base = "/data/_data_/_default_/"
shutil.rmtree(base + "domains/", ignore_errors=True)
os.makedirs(base + "domains", exist_ok=True)
os.makedirs(base + "configs", exist_ok=True)
conf.jinja("/default.ini", os.environ,
"/data/_data_/_default_/domains/default.ini")
conf.jinja("/application.ini", os.environ,
"/data/_data_/_default_/configs/application.ini")
conf.jinja("/php.ini", os.environ, "/usr/local/etc/php/conf.d/rainloop.ini")
os.system("chown -R www-data:www-data /data")
os.execv("/usr/local/bin/apache2-foreground", ["apache2-foreground"])
#!/usr/bin/python3
import os
import logging as log
import sys
from socrate import conf
log.basicConfig(stream=sys.stderr,
level=os.environ.get("LOG_LEVEL", "WARNING"))
os.environ["MAX_FILESIZE"] = str(
int(int(os.environ.get("MESSAGE_SIZE_LIMIT")) * 0.66 / 1048576))
conf.jinja("/php.ini", os.environ, "/usr/local/etc/php/conf.d/roundcube.ini")
# Fix some permissions
os.system("mkdir -p /data/gpg")
os.system("chown -R www-data:www-data /data")
# Run apache
os.execv("/usr/local/bin/apache2-foreground", ["apache2-foreground"])
if os.listdir("/backup/wal_archive"):
with open("/data/recovery.conf", "w") as rec:
rec.write("restore_command = 'gunzip < /backup/wal_archive/%f > %p'\n")
rec.write("standby_mode = off\n")
os.system("chown postgres:postgres /data/recovery.conf")
else:
# Bootstrap the database
os.system("sudo -u postgres initdb -D /data")
# Create backup directory structure, if it does not yet exist
os.system("mkdir -p /backup/wal_archive")
os.system("chown -R postgres:postgres /backup")
# Render config files
for pg_file in glob.glob("/conf/*.conf"):
conf.jinja(pg_file, os.environ, os.path.join("/data", os.path.basename(pg_file)))
# (Re)start postgresql locally for DB and user creation
os.system("sudo -u postgres pg_ctl start -D /data -o '-h \"''\" '")
while os.path.isfile("recovery.conf"):
pass
os.system("sudo -u postgres pg_ctl -D /data promote")
setup()
os.system("sudo -u postgres pg_ctl stop -m smart -w -D /data")
out=open("/proc/1/fd/1", "w")
err=open("/proc/1/fd/2", "w")
# Run the cron deamon
subprocess.Popen(["crond", "-f"], stdout=out, stderr=err)
# Run postgresql service
os.system("sudo -u postgres postgres -D /data -h \*")
from postfix_mta_sts_resolver import daemon
daemon.main()
def is_valid_postconf_line(line):
return not line.startswith("#") \
and not line == ''
# Actual startup script
os.environ['DEFER_ON_TLS_ERROR'] = os.environ['DEFER_ON_TLS_ERROR'] if 'DEFER_ON_TLS_ERROR' in os.environ else 'True'
os.environ["FRONT_ADDRESS"] = system.get_host_address_from_environment("FRONT", "front")
os.environ["ADMIN_ADDRESS"] = system.get_host_address_from_environment("ADMIN", "admin")
os.environ["ANTISPAM_MILTER_ADDRESS"] = system.get_host_address_from_environment("ANTISPAM_MILTER", "antispam:11332")
os.environ["LMTP_ADDRESS"] = system.get_host_address_from_environment("LMTP", "imap:2525")
for postfix_file in glob.glob("/conf/*.cf"):
conf.jinja(postfix_file, os.environ, os.path.join("/etc/postfix", os.path.basename(postfix_file)))
if os.path.exists("/overrides/postfix.cf"):
for line in open("/overrides/postfix.cf").read().strip().split("\n"):
if is_valid_postconf_line(line):
os.system('postconf -e "{}"'.format(line))
if os.path.exists("/overrides/postfix.master"):
for line in open("/overrides/postfix.master").read().strip().split("\n"):
if is_valid_postconf_line(line):
os.system('postconf -Me "{}"'.format(line))
for map_file in glob.glob("/overrides/*.map"):
destination = os.path.join("/etc/postfix", os.path.basename(map_file))
shutil.copyfile(map_file, destination)
os.system("postmap {}".format(destination))
"carddav", "mailu"
])
context["PLUGINS"] = ",".join(f"'{p}'" for p in plugins)
# add overrides
context["INCLUDES"] = sorted(
inc for inc in os.listdir("/overrides")
if inc.endswith(".inc")) if os.path.isdir("/overrides") else []
# calculate variables for config file
context["SESSION_TIMEOUT_MINUTES"] = max(
int(env.get("SESSION_TIMEOUT", "3600")) // 60, 1)
# create config files
conf.jinja("/php.ini", context, "/usr/local/etc/php/conf.d/roundcube.ini")
conf.jinja("/config.inc.php", context, "/var/www/html/config/config.inc.php")
# create dirs
os.system("mkdir -p /data/gpg")
print("Initializing database")
try:
result = subprocess.check_output(
["/var/www/html/bin/initdb.sh", "--dir", "/var/www/html/SQL"],
stderr=subprocess.STDOUT)
print(result.decode())
except subprocess.CalledProcessError as exc:
err = exc.stdout.decode()
if "already exists" in err:
print("Already initialzed")
