Files
a13labs.infra/terraform/modules/apps/mail/resources/postfix/run.config
T
alexandre.pires e6a3f3affd Add custom error pages and Nginx configuration for proxy module
- Introduced custom HTML error pages for various HTTP status codes (400, 401, 403, 404, 408, 429, 500, 502, 503, 504) in the proxy module.
- Created a .gitignore file to exclude non-HTML files in the error resources directory.
- Updated Nginx configuration to serve custom error pages for upstream errors.
- Added new Nginx configuration templates for handling HTTP and stream protocols.
- Implemented Wireguard configuration templates and associated variables for secure connections.
- Established Kubernetes resources for Stunnel and Wireguard, including deployment, service accounts, and config maps.
- Defined variables for the Stunnel and Wireguard modules to facilitate configuration.
- Created a new Wol Proxy module with Kubernetes resources for deployment and service management.
2025-10-02 00:19:01 +02:00

77 lines
2.5 KiB
Bash

#!/bin/bash
if [ -z "$SMTP_HOST" ]; then
echo "SMTP_HOST is required"
exit 1
fi
if [ -z "$SMTP_PORT" ]; then
echo "SMTP_PORT is required"
exit 1
fi
if [ -z "$SMTP_USER" ]; then
echo "SMTP_USER is required"
exit 1
fi
if [ -z "$SMTP_PASSWORD" ]; then
echo "SMTP_PASSWORD is required"
exit 1
fi
postconf -e "myhostname=$MAILNAME"
postconf -e "mydomain=$MY_PRIMARY_DOMAIN"
postconf -e "myorigin=$MY_PRIMARY_DOMAIN"
postconf -e "smtpd_banner=\$myhostname ESMTP \$mail_name"
postconf -e "mydestination=$MY_DESTINATION"
# Relay configuration
postconf -e "relayhost=[$SMTP_HOST]:$SMTP_PORT"
postconf -e "smtp_sasl_auth_enable=yes"
postconf -e "smtp_sasl_password_maps=static:$SMTP_USER:$SMTP_PASSWORD"
# clear the password from memory
unset SMTP_USER
unset SMTP_PASSWORD
postconf -e "smtp_sasl_security_options=noanonymous"
postconf -e "smtp_tls_security_level=encrypt"
postconf -e "smtp_use_tls=yes"
postconf -e "smtp_tls_CAfile=/etc/ssl/certs/ca-certificates.crt"
# SASL configuration
postconf -e "smtpd_sasl_type=dovecot"
postconf -e "smtpd_sasl_path=inet:localhost:31000"
postconf -e "smtpd_sasl_auth_enable=yes"
postconf -e "smtpd_sasl_security_options=noanonymous"
postconf -e "smtpd_recipient_restrictions=permit_sasl_authenticated, reject_unauth_destination"
postconf -e "smtpd_relay_restrictions=permit_sasl_authenticated, reject_unauth_destination"
postconf -e "smtpd_sasl_authenticated_header=yes"
postconf -e "smtpd_tls_wrappermode=yes"
# TLS configuration
postconf -e "smtpd_tls_cert_file=/etc/letsencrypt/tls.crt"
postconf -e "smtpd_tls_key_file=/etc/letsencrypt/tls.key"
postconf -e "smtpd_tls_security_level=encrypt"
postconf -e "smtp_tls_wrappermode=yes"
# BCC configuration
postconf -e "virtual_transport=lmtp:[$DOVECOT_LMTP_ADDRESS]:$DOVECOT_LMTP_PORT"
# Other configuration
postconf -e "inet_interfaces=all"
postconf -e "inet_protocols=ipv4"
postconf -e "queue_directory=/var/spool/postfix"
postconf -e "compatibility_level=2"
# Debugging
# postconf -e "debug_peer_list=127.0.0.1"
# postconf -e "debug_peer_level=3"
echo "
smtps inet n - n - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject_unauth_destination
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject_unauth_destination
" | sudo tee -a /etc/postfix/master.cf
/usr/sbin/postfix -c /etc/postfix start
/usr/sbin/postfix -c /etc/postfix abort
exec "$POSTFIX_PATH" -c /etc/postfix -s