e6a3f3affd
- Introduced custom HTML error pages for various HTTP status codes (400, 401, 403, 404, 408, 429, 500, 502, 503, 504) in the proxy module. - Created a .gitignore file to exclude non-HTML files in the error resources directory. - Updated Nginx configuration to serve custom error pages for upstream errors. - Added new Nginx configuration templates for handling HTTP and stream protocols. - Implemented Wireguard configuration templates and associated variables for secure connections. - Established Kubernetes resources for Stunnel and Wireguard, including deployment, service accounts, and config maps. - Defined variables for the Stunnel and Wireguard modules to facilitate configuration. - Created a new Wol Proxy module with Kubernetes resources for deployment and service management.
77 lines
2.5 KiB
Bash
77 lines
2.5 KiB
Bash
#!/bin/bash
|
|
if [ -z "$SMTP_HOST" ]; then
|
|
echo "SMTP_HOST is required"
|
|
exit 1
|
|
fi
|
|
if [ -z "$SMTP_PORT" ]; then
|
|
echo "SMTP_PORT is required"
|
|
exit 1
|
|
fi
|
|
if [ -z "$SMTP_USER" ]; then
|
|
echo "SMTP_USER is required"
|
|
exit 1
|
|
fi
|
|
if [ -z "$SMTP_PASSWORD" ]; then
|
|
echo "SMTP_PASSWORD is required"
|
|
exit 1
|
|
fi
|
|
|
|
postconf -e "myhostname=$MAILNAME"
|
|
postconf -e "mydomain=$MY_PRIMARY_DOMAIN"
|
|
postconf -e "myorigin=$MY_PRIMARY_DOMAIN"
|
|
postconf -e "smtpd_banner=\$myhostname ESMTP \$mail_name"
|
|
postconf -e "mydestination=$MY_DESTINATION"
|
|
|
|
# Relay configuration
|
|
postconf -e "relayhost=[$SMTP_HOST]:$SMTP_PORT"
|
|
postconf -e "smtp_sasl_auth_enable=yes"
|
|
postconf -e "smtp_sasl_password_maps=static:$SMTP_USER:$SMTP_PASSWORD"
|
|
# clear the password from memory
|
|
unset SMTP_USER
|
|
unset SMTP_PASSWORD
|
|
postconf -e "smtp_sasl_security_options=noanonymous"
|
|
postconf -e "smtp_tls_security_level=encrypt"
|
|
postconf -e "smtp_use_tls=yes"
|
|
postconf -e "smtp_tls_CAfile=/etc/ssl/certs/ca-certificates.crt"
|
|
|
|
# SASL configuration
|
|
postconf -e "smtpd_sasl_type=dovecot"
|
|
postconf -e "smtpd_sasl_path=inet:localhost:31000"
|
|
postconf -e "smtpd_sasl_auth_enable=yes"
|
|
postconf -e "smtpd_sasl_security_options=noanonymous"
|
|
postconf -e "smtpd_recipient_restrictions=permit_sasl_authenticated, reject_unauth_destination"
|
|
postconf -e "smtpd_relay_restrictions=permit_sasl_authenticated, reject_unauth_destination"
|
|
postconf -e "smtpd_sasl_authenticated_header=yes"
|
|
postconf -e "smtpd_tls_wrappermode=yes"
|
|
|
|
# TLS configuration
|
|
postconf -e "smtpd_tls_cert_file=/etc/letsencrypt/tls.crt"
|
|
postconf -e "smtpd_tls_key_file=/etc/letsencrypt/tls.key"
|
|
postconf -e "smtpd_tls_security_level=encrypt"
|
|
postconf -e "smtp_tls_wrappermode=yes"
|
|
|
|
# BCC configuration
|
|
postconf -e "virtual_transport=lmtp:[$DOVECOT_LMTP_ADDRESS]:$DOVECOT_LMTP_PORT"
|
|
|
|
# Other configuration
|
|
postconf -e "inet_interfaces=all"
|
|
postconf -e "inet_protocols=ipv4"
|
|
postconf -e "queue_directory=/var/spool/postfix"
|
|
postconf -e "compatibility_level=2"
|
|
|
|
# Debugging
|
|
# postconf -e "debug_peer_list=127.0.0.1"
|
|
# postconf -e "debug_peer_level=3"
|
|
|
|
echo "
|
|
smtps inet n - n - - smtpd
|
|
-o syslog_name=postfix/smtps
|
|
-o smtpd_tls_wrappermode=yes
|
|
-o smtpd_sasl_auth_enable=yes
|
|
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject_unauth_destination
|
|
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject_unauth_destination
|
|
" | sudo tee -a /etc/postfix/master.cf
|
|
|
|
/usr/sbin/postfix -c /etc/postfix start
|
|
/usr/sbin/postfix -c /etc/postfix abort
|
|
exec "$POSTFIX_PATH" -c /etc/postfix -s |