docker/mailu
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'refactor-nginx'

Browse Source
This commit is contained in:
kaiyou
2017-10-21 15:23:17 +02:00
parent 3e2dfee431 5786bb3e1b
commit 9dd4150e7c
148 changed files with 496 additions and 429 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
.env.dist
View File

@@ -23,9 +23,7 @@ BIND_ADDRESS=127.0.0.1
# Main mail domain # Main mail domain
DOMAIN=mailu.io DOMAIN=mailu.io
# Main hostname for announces, and list of all available hostnames, separated # Hostnames for this server, separated with comas
# by comas
HOSTNAME=mail.mailu.io
HOSTNAMES=mail.mailu.io,alternative.mailu.io,yetanother.mailu.io HOSTNAMES=mail.mailu.io,alternative.mailu.io,yetanother.mailu.io
# Postmaster local part (will append the main mail domain) # Postmaster local part (will append the main mail domain)
@@ -38,8 +36,8 @@ TLS_FLAVOR=cert
# Optional features # Optional features
################################### ###################################
# Choose which frontend Web server to run if any (value: traefik, none) # Expose the admin interface (value: true, false)
FRONTEND=none ADMIN=false
# Choose which webmail to run if any (values: roundcube, rainloop, none) # Choose which webmail to run if any (values: roundcube, rainloop, none)
WEBMAIL=none WEBMAIL=none
@@ -76,6 +74,16 @@ RECIPIENT_DELIMITER=+
DMARC_RUA=admin DMARC_RUA=admin
DMARC_RUF=admin DMARC_RUF=admin
###################################
# Web settings
###################################
# Path to the admin interface if enabled
WEB_ADMIN=/admin
# Path to the webmail if enabled
WEB_WEBMAIL=/webmail
################################### ###################################
# Advanced settings # Advanced settings
################################### ###################################
@@ -87,6 +95,3 @@ COMPOSE_PROJECT_NAME=mailu
# (value: SHA512-CRYPT, SHA256-CRYPT, MD5-CRYPT, CRYPT) # (value: SHA512-CRYPT, SHA256-CRYPT, MD5-CRYPT, CRYPT)
PASSWORD_SCHEME=SHA512-CRYPT PASSWORD_SCHEME=SHA512-CRYPT
# SSL DHPARAM Bits
NGINX_SSL_DHPARAM_BITS=2048

1
admin/Dockerfile
View File

@@ -5,7 +5,6 @@ WORKDIR /app
COPY requirements-prod.txt requirements.txt COPY requirements-prod.txt requirements.txt
RUN apk --update add --virtual build-dep openssl-dev libffi-dev python-dev build-base \ RUN apk --update add --virtual build-dep openssl-dev libffi-dev python-dev build-base \
&& apk add openssl \
&& pip install -r requirements.txt \ && pip install -r requirements.txt \
&& apk del build-dep && apk del build-dep

19
admin/mailu/__init__.py
View File

@@ -9,18 +9,15 @@ import flask_babel
import os import os
import docker import docker
from apscheduler.schedulers import background
# Create application # Create application
app = flask.Flask(__name__, static_url_path='/admin/app_static') app = flask.Flask(__name__)
default_config = { default_config = {
'SQLALCHEMY_DATABASE_URI': 'sqlite:////data/main.db', 'SQLALCHEMY_DATABASE_URI': 'sqlite:////data/main.db',
'SQLALCHEMY_TRACK_MODIFICATIONS': False, 'SQLALCHEMY_TRACK_MODIFICATIONS': False,
'SECRET_KEY': 'changeMe', 'SECRET_KEY': 'changeMe',
'DOCKER_SOCKET': 'unix:///var/run/docker.sock', 'DOCKER_SOCKET': 'unix:///var/run/docker.sock',
'HOSTNAME': 'mail.mailu.io', 'HOSTNAMES': 'mail.mailu.io',
'DOMAIN': 'mailu.io', 'DOMAIN': 'mailu.io',
'POSTMASTER': 'postmaster', 'POSTMASTER': 'postmaster',
'DEBUG': False, 'DEBUG': False,
@@ -50,14 +47,6 @@ migrate = flask_migrate.Migrate(app, db)
manager = flask_script.Manager(app) manager = flask_script.Manager(app)
manager.add_command('db', flask_migrate.MigrateCommand) manager.add_command('db', flask_migrate.MigrateCommand)
# Task scheduling
scheduler = background.BackgroundScheduler({
'apscheduler.timezone': 'UTC'
})
if not app.debug or os.environ.get('WERKZEUG_RUN_MAIN') == 'true':
scheduler.start()
from mailu import tlstasks
# Babel configuration # Babel configuration
babel = flask_babel.Babel(app) babel = flask_babel.Babel(app)
translations = list(map(str, babel.list_translations())) translations = list(map(str, babel.list_translations()))
@@ -82,7 +71,9 @@ def inject_user():
return dict(current_user=flask_login.current_user) return dict(current_user=flask_login.current_user)
# Import views # Import views
from mailu.views import * from mailu import ui, internal
app.register_blueprint(ui.ui, url_prefix='/ui')
app.register_blueprint(internal.internal, url_prefix='/internal')
# Create the prefix middleware # Create the prefix middleware
class PrefixMiddleware(object): class PrefixMiddleware(object):

6
admin/mailu/internal/__init__.py Normal file
View File

@@ -0,0 +1,6 @@
from flask import Blueprint
internal = Blueprint('internal', __name__)
from mailu.internal import views

70
admin/mailu/internal/nginx.py Normal file
View File

@@ -0,0 +1,70 @@
from mailu import db, models
import socket
SUPPORTED_AUTH_METHODS = ["none", "plain"]
STATUSES = {
"authentication": ("Authentication credentials invalid", {
"imap": "AUTHENTICATIONFAILED",
"smtp": "535 5.7.8",
"pop3": ""
}),
}
SERVER_MAP = {
"imap": ("imap", 143),
"smtp": ("smtp", 25)
}
def handle_authentication(headers):
""" Handle an HTTP nginx authentication request
See: http://nginx.org/en/docs/mail/ngx_mail_auth_http_module.html#protocol
"""
method = headers["Auth-Method"]
protocol = headers["Auth-Protocol"]
server, port = get_server(headers["Auth-Protocol"])
# Incoming mail, no authentication
if method == "none" and protocol == "smtp":
return {
"Auth-Status": "OK",
"Auth-Server": server,
"Auth-Port": port
}
# Authenticated user
elif method == "plain":
user_email = headers["Auth-User"]
password = headers["Auth-Pass"]
user = models.User.query.get(user_email)
if user and user.check_password(password):
return {
"Auth-Status": "OK",
"Auth-Server": server,
"Auth-Port": port
}
else:
status, code = get_status(protocol, "authentication")
return {
"Auth-Status": status,
"Auth-Error-Code": code,
"Auth-Wait": 0
}
# Unexpected
else:
return {}
def get_status(protocol, status):
""" Return the proper error code depending on the protocol
"""
status, codes = STATUSES[status]
return status, codes[protocol]
def get_server(protocol):
hostname, port = SERVER_MAP[protocol]
address = socket.gethostbyname(hostname)
return address, port

13
admin/mailu/internal/views.py Normal file
View File

@@ -0,0 +1,13 @@
from mailu import db, models
from mailu.internal import internal, nginx
import flask
@internal.route("/nginx")
def nginx_authentication():
headers = nginx.handle_authentication(flask.request.headers)
response = flask.Response()
for key, value in headers.items():
response.headers[key] = str(value)
return response

68
admin/mailu/tlstasks.py
View File

@@ -1,68 +0,0 @@
from mailu import app, scheduler, dockercli
import urllib3
import json
import os
import base64
import subprocess
def install_certs(domain):
""" Extract certificates from the given domain and install them
to the certificate path.
"""
path = app.config["CERTS_PATH"]
acme_path = os.path.join(path, "acme.json")
key_path = os.path.join(path, "key.pem")
cert_path = os.path.join(path, "cert.pem")
if not os.path.exists(acme_path):
print("Could not find traefik acme configuration")
return
with open(acme_path, "r") as handler:
data = json.loads(handler.read())
for item in data["DomainsCertificate"]["Certs"]:
if domain == item["Domains"]["Main"]:
cert = base64.b64decode(item["Certificate"]["Certificate"])
key = base64.b64decode(item["Certificate"]["PrivateKey"])
break
else:
print("Could not find the proper certificate from traefik")
return
if os.path.exists(cert_path):
with open(cert_path, "rb") as handler:
if handler.read() == cert:
return
print("Installing the new certificate from traefik")
with open(cert_path, "wb") as handler:
handler.write(cert)
with open(key_path, "wb") as handler:
handler.write(key)
def restart_services():
print("Reloading services using TLS")
dockercli.reload("http", "smtp", "imap")
@scheduler.scheduled_job('date')
def create_dhparam():
path = app.config["CERTS_PATH"]
dhparam_path = os.path.join(path, "dhparam.pem")
if not os.path.exists(dhparam_path):
print("Creating DH params")
subprocess.call(["openssl", "dhparam", "-out", dhparam_path, "2048"])
restart_services()
@scheduler.scheduled_job('date')
@scheduler.scheduled_job('cron', day='*/4', hour=0, minute=0)
def refresh_certs():
if not app.config["TLS_FLAVOR"] == "letsencrypt":
return
if not app.config["FRONTEND"] == "traefik":
print("Letsencrypt certificates are compatible with traefik only")
return
print("Requesting traefik to make sure the certificate is fresh")
hostname = app.config["HOSTNAME"]
urllib3.PoolManager().request("GET", "https://{}".format(hostname))
install_certs(hostname)

6
admin/mailu/ui/__init__.py Normal file
View File

@@ -0,0 +1,6 @@
from flask import Blueprint
ui = Blueprint('ui', __name__, static_folder='static', template_folder='templates')
from mailu.ui.views import *

3
admin/mailu/access.py → admin/mailu/ui/access.py
View File

@@ -1,4 +1,5 @@
from mailu import db, models, forms from mailu import db, models
from mailu.ui import forms
import flask import flask
import flask_login import flask_login

0
admin/mailu/forms.py → admin/mailu/ui/forms.py
View File

0
admin/mailu/static/adminlte/css/AdminLTE.min.css → admin/mailu/ui/static/adminlte/css/AdminLTE.min.css vendored
View File

0
admin/mailu/static/adminlte/css/skin-blue.min.css → admin/mailu/ui/static/adminlte/css/skin-blue.min.css vendored
View File

0
admin/mailu/static/adminlte/js/app.min.js → admin/mailu/ui/static/adminlte/js/app.min.js vendored
View File

0
admin/mailu/static/app.css → admin/mailu/ui/static/app.css
View File

0
admin/mailu/static/bootstrap/css/bootstrap.css.map → admin/mailu/ui/static/bootstrap/css/bootstrap.css.map
View File

0
admin/mailu/static/bootstrap/css/bootstrap.min.css → admin/mailu/ui/static/bootstrap/css/bootstrap.min.css vendored
View File

0
admin/mailu/static/bootstrap/fonts/glyphicons-halflings-regular.eot → admin/mailu/ui/static/bootstrap/fonts/glyphicons-halflings-regular.eot
View File

0
admin/mailu/static/bootstrap/fonts/glyphicons-halflings-regular.svg → admin/mailu/ui/static/bootstrap/fonts/glyphicons-halflings-regular.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 106 KiB

After

Width:  |  Height:  |  Size: 106 KiB

0
admin/mailu/static/bootstrap/fonts/glyphicons-halflings-regular.ttf → admin/mailu/ui/static/bootstrap/fonts/glyphicons-halflings-regular.ttf
View File

0
admin/mailu/static/bootstrap/fonts/glyphicons-halflings-regular.woff → admin/mailu/ui/static/bootstrap/fonts/glyphicons-halflings-regular.woff
View File

0
admin/mailu/static/bootstrap/fonts/glyphicons-halflings-regular.woff2 → admin/mailu/ui/static/bootstrap/fonts/glyphicons-halflings-regular.woff2
View File

0
admin/mailu/static/bootstrap/js/bootstrap.min.js → admin/mailu/ui/static/bootstrap/js/bootstrap.min.js vendored
View File

0
admin/mailu/static/jquery/js/jquery-2.2.2.min.js → admin/mailu/ui/static/jquery/js/jquery-2.2.2.min.js vendored
View File

0
admin/mailu/static/select2/css/select2.min.css → admin/mailu/ui/static/select2/css/select2.min.css vendored
View File

0
admin/mailu/static/select2/js/i18n/ar.js → admin/mailu/ui/static/select2/js/i18n/ar.js vendored
View File

0
admin/mailu/static/select2/js/i18n/az.js → admin/mailu/ui/static/select2/js/i18n/az.js vendored
View File

0
admin/mailu/static/select2/js/i18n/bg.js → admin/mailu/ui/static/select2/js/i18n/bg.js vendored
View File

0
admin/mailu/static/select2/js/i18n/ca.js → admin/mailu/ui/static/select2/js/i18n/ca.js vendored
View File

0
admin/mailu/static/select2/js/i18n/cs.js → admin/mailu/ui/static/select2/js/i18n/cs.js vendored
View File

0
admin/mailu/static/select2/js/i18n/da.js → admin/mailu/ui/static/select2/js/i18n/da.js vendored
View File

0
admin/mailu/static/select2/js/i18n/de.js → admin/mailu/ui/static/select2/js/i18n/de.js vendored
View File

0
admin/mailu/static/select2/js/i18n/el.js → admin/mailu/ui/static/select2/js/i18n/el.js vendored
View File

0
admin/mailu/static/select2/js/i18n/en.js → admin/mailu/ui/static/select2/js/i18n/en.js vendored
View File

0
admin/mailu/static/select2/js/i18n/es.js → admin/mailu/ui/static/select2/js/i18n/es.js vendored
View File

0
admin/mailu/static/select2/js/i18n/et.js → admin/mailu/ui/static/select2/js/i18n/et.js vendored
View File

0
admin/mailu/static/select2/js/i18n/eu.js → admin/mailu/ui/static/select2/js/i18n/eu.js vendored
View File

0
admin/mailu/static/select2/js/i18n/fa.js → admin/mailu/ui/static/select2/js/i18n/fa.js vendored
View File

0
admin/mailu/static/select2/js/i18n/fi.js → admin/mailu/ui/static/select2/js/i18n/fi.js vendored
View File

0
admin/mailu/static/select2/js/i18n/fr.js → admin/mailu/ui/static/select2/js/i18n/fr.js vendored
View File

0
admin/mailu/static/select2/js/i18n/gl.js → admin/mailu/ui/static/select2/js/i18n/gl.js vendored
View File

0
admin/mailu/static/select2/js/i18n/he.js → admin/mailu/ui/static/select2/js/i18n/he.js vendored
View File

0
admin/mailu/static/select2/js/i18n/hi.js → admin/mailu/ui/static/select2/js/i18n/hi.js vendored
View File

0
admin/mailu/static/select2/js/i18n/hr.js → admin/mailu/ui/static/select2/js/i18n/hr.js vendored
View File

0
admin/mailu/static/select2/js/i18n/hu.js → admin/mailu/ui/static/select2/js/i18n/hu.js vendored
View File

0
admin/mailu/static/select2/js/i18n/id.js → admin/mailu/ui/static/select2/js/i18n/id.js vendored
View File

0
admin/mailu/static/select2/js/i18n/is.js → admin/mailu/ui/static/select2/js/i18n/is.js vendored
View File

0
admin/mailu/static/select2/js/i18n/it.js → admin/mailu/ui/static/select2/js/i18n/it.js vendored
View File

0
admin/mailu/static/select2/js/i18n/ja.js → admin/mailu/ui/static/select2/js/i18n/ja.js vendored
View File

0
admin/mailu/static/select2/js/i18n/km.js → admin/mailu/ui/static/select2/js/i18n/km.js vendored
View File

0
admin/mailu/static/select2/js/i18n/ko.js → admin/mailu/ui/static/select2/js/i18n/ko.js vendored
View File

0
admin/mailu/static/select2/js/i18n/lt.js → admin/mailu/ui/static/select2/js/i18n/lt.js vendored
View File

0
admin/mailu/static/select2/js/i18n/lv.js → admin/mailu/ui/static/select2/js/i18n/lv.js vendored
View File

0
admin/mailu/static/select2/js/i18n/mk.js → admin/mailu/ui/static/select2/js/i18n/mk.js vendored
View File

0
admin/mailu/static/select2/js/i18n/ms.js → admin/mailu/ui/static/select2/js/i18n/ms.js vendored
View File

0
admin/mailu/static/select2/js/i18n/nb.js → admin/mailu/ui/static/select2/js/i18n/nb.js vendored
View File

0
admin/mailu/static/select2/js/i18n/nl.js → admin/mailu/ui/static/select2/js/i18n/nl.js vendored
View File

0
admin/mailu/static/select2/js/i18n/pl.js → admin/mailu/ui/static/select2/js/i18n/pl.js vendored
View File

0
admin/mailu/static/select2/js/i18n/pt-BR.js → admin/mailu/ui/static/select2/js/i18n/pt-BR.js vendored
View File

0
admin/mailu/static/select2/js/i18n/pt.js → admin/mailu/ui/static/select2/js/i18n/pt.js vendored
View File

0
admin/mailu/static/select2/js/i18n/ro.js → admin/mailu/ui/static/select2/js/i18n/ro.js vendored
View File

0
admin/mailu/static/select2/js/i18n/ru.js → admin/mailu/ui/static/select2/js/i18n/ru.js vendored
View File

0
admin/mailu/static/select2/js/i18n/sk.js → admin/mailu/ui/static/select2/js/i18n/sk.js vendored
View File

0
admin/mailu/static/select2/js/i18n/sr-Cyrl.js → admin/mailu/ui/static/select2/js/i18n/sr-Cyrl.js vendored
View File

0
admin/mailu/static/select2/js/i18n/sr.js → admin/mailu/ui/static/select2/js/i18n/sr.js vendored
View File

0
admin/mailu/static/select2/js/i18n/sv.js → admin/mailu/ui/static/select2/js/i18n/sv.js vendored
View File

0
admin/mailu/static/select2/js/i18n/th.js → admin/mailu/ui/static/select2/js/i18n/th.js vendored
View File

0
admin/mailu/static/select2/js/i18n/tr.js → admin/mailu/ui/static/select2/js/i18n/tr.js vendored
View File

0
admin/mailu/static/select2/js/i18n/uk.js → admin/mailu/ui/static/select2/js/i18n/uk.js vendored
View File

0
admin/mailu/static/select2/js/i18n/vi.js → admin/mailu/ui/static/select2/js/i18n/vi.js vendored
View File

0
admin/mailu/static/select2/js/i18n/zh-CN.js → admin/mailu/ui/static/select2/js/i18n/zh-CN.js vendored
View File

0
admin/mailu/static/select2/js/i18n/zh-TW.js → admin/mailu/ui/static/select2/js/i18n/zh-TW.js vendored
View File

0
admin/mailu/static/select2/js/select2.full.min.js → admin/mailu/ui/static/select2/js/select2.full.min.js vendored
View File

0
admin/mailu/static/select2/js/select2.min.js → admin/mailu/ui/static/select2/js/select2.min.js vendored
View File

0
admin/mailu/templates/admin/create.html → admin/mailu/ui/templates/admin/create.html
View File

0
admin/mailu/templates/admin/list.html → admin/mailu/ui/templates/admin/list.html
View File

0
admin/mailu/templates/alias/create.html → admin/mailu/ui/templates/alias/create.html
View File

0
admin/mailu/templates/alias/edit.html → admin/mailu/ui/templates/alias/edit.html
View File

0
admin/mailu/templates/alias/list.html → admin/mailu/ui/templates/alias/list.html
View File

0
admin/mailu/templates/alternative/create.html → admin/mailu/ui/templates/alternative/create.html
View File

0
admin/mailu/templates/alternative/list.html → admin/mailu/ui/templates/alternative/list.html
View File

0
admin/mailu/templates/announcement.html → admin/mailu/ui/templates/announcement.html
View File

0
admin/mailu/templates/base.html → admin/mailu/ui/templates/base.html
View File

0
admin/mailu/templates/confirm.html → admin/mailu/ui/templates/confirm.html
View File

0
admin/mailu/templates/docker-error.html → admin/mailu/ui/templates/docker-error.html
View File

0
admin/mailu/templates/domain/create.html → admin/mailu/ui/templates/domain/create.html
View File

5
admin/mailu/templates/domain/details.html → admin/mailu/ui/templates/domain/details.html
View File

@@ -15,6 +15,7 @@
{% endblock %} {% endblock %}
{% block box %} {% block box %}
{% let hostname = config["HOSTNAMES"].split(",")[0] %}
<table class="table table-bordered"> <table class="table table-bordered">
<tbody> <tbody>
<tr> <tr>
@@ -28,8 +29,8 @@
<tr> <tr>
<th>{% trans %}DNS SPF entries{% endtrans %}</th> <th>{% trans %}DNS SPF entries{% endtrans %}</th>
<td><pre> <td><pre>
{{ domain.name }}. 600 IN TXT "v=spf1 mx a:{{ config["HOSTNAME"] }} -all" {{ domain.name }}. 600 IN TXT "v=spf1 mx a:{{ hostname }} -all"
{{ domain.name }}. 600 IN SPF "v=spf1 mx a:{{ config["HOSTNAME"] }} -all"</pre></td> {{ domain.name }}. 600 IN SPF "v=spf1 mx a:{{ hostname }} -all"</pre></td>
</tr> </tr>
{% if domain.dkim_publickey %} {% if domain.dkim_publickey %}
<tr> <tr>

0
admin/mailu/templates/domain/edit.html → admin/mailu/ui/templates/domain/edit.html
View File

0
admin/mailu/templates/domain/list.html → admin/mailu/ui/templates/domain/list.html
View File

0
admin/mailu/templates/fetch/create.html → admin/mailu/ui/templates/fetch/create.html
View File

0
admin/mailu/templates/fetch/edit.html → admin/mailu/ui/templates/fetch/edit.html
View File

0
admin/mailu/templates/fetch/list.html → admin/mailu/ui/templates/fetch/list.html
View File

0
admin/mailu/templates/form.html → admin/mailu/ui/templates/form.html
View File

0
admin/mailu/templates/helpers.html → admin/mailu/ui/templates/helpers.html
View File

0
admin/mailu/templates/index.html → admin/mailu/ui/templates/index.html
View File

0
admin/mailu/templates/login.html → admin/mailu/ui/templates/login.html
View File

0
admin/mailu/templates/macros.html → admin/mailu/ui/templates/macros.html
View File

0
admin/mailu/templates/manager/create.html → admin/mailu/ui/templates/manager/create.html
View File

0
admin/mailu/templates/manager/list.html → admin/mailu/ui/templates/manager/list.html
View File

0
admin/mailu/templates/relay/create.html → admin/mailu/ui/templates/relay/create.html
View File

0
admin/mailu/templates/relay/edit.html → admin/mailu/ui/templates/relay/edit.html
View File

Some files were not shown because too many files have changed in this diff Show More