Add email support

8 files changed, 101 insertions, 0 deletions

diff --git a/cluster/prod/app/email/build/dovecot/.gitignore b/cluster/prod/app/email/build/dovecot/.gitignore
new file mode 100644
index 0000000..71a04e2
--- /dev/null
+++ b/cluster/prod/app/email/build/dovecot/.gitignore
@@ -0,0 +1 @@
+dovecot-ldap.conf
diff --git a/cluster/prod/app/email/build/dovecot/Dockerfile b/cluster/prod/app/email/build/dovecot/Dockerfile
new file mode 100644
index 0000000..cd1fd0d
--- /dev/null
+++ b/cluster/prod/app/email/build/dovecot/Dockerfile
@@ -0,0 +1,16 @@
+FROM amd64/debian:bullseye
+
+RUN apt-get update && \
+    apt-get install -y \
+      dovecot-antispam \
+      dovecot-core \
+      dovecot-imapd \
+      dovecot-ldap \
+      dovecot-managesieved \
+      dovecot-sieve \
+      dovecot-lmtpd && \
+    rm -rf /etc/dovecot/*
+RUN useradd mailstore
+COPY entrypoint.sh /usr/local/bin/entrypoint
+
+ENTRYPOINT ["/usr/local/bin/entrypoint"]
diff --git a/cluster/prod/app/email/build/dovecot/README.md b/cluster/prod/app/email/build/dovecot/README.md
new file mode 100644
index 0000000..8c9f372
--- /dev/null
+++ b/cluster/prod/app/email/build/dovecot/README.md
@@ -0,0 +1,18 @@
+```
+sudo docker build -t superboum/amd64_dovecot:v2 .
+```
+
+
+```
+sudo docker run -t -i \
+  -e TLSINFO="/C=FR/ST=Bretagne/L=Rennes/O=Deuxfleurs/CN=www.deuxfleurs.fr" \
+  -p 993:993 \
+  -p 143:143 \
+  -p 24:24 \
+  -p 1337:1337 \
+  -v /mnt/glusterfs/email/ssl:/etc/ssl/ \
+  -v /mnt/glusterfs/email/mail:/var/mail \
+  -v `pwd`/dovecot-ldap.conf:/etc/dovecot/dovecot-ldap.conf \
+  superboum/amd64_dovecot:v1 \
+  dovecot -F
+```
diff --git a/cluster/prod/app/email/build/dovecot/entrypoint.sh b/cluster/prod/app/email/build/dovecot/entrypoint.sh
new file mode 100755
index 0000000..2165d8f
--- /dev/null
+++ b/cluster/prod/app/email/build/dovecot/entrypoint.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+if [[ ! -f /etc/ssl/certs/dovecot.crt || ! -f /etc/ssl/private/dovecot.key ]]; then
+  cd /root
+  openssl req \
+    -new \
+    -newkey rsa:4096 \
+    -days 3650 \
+    -nodes \
+    -x509 \
+    -subj ${TLSINFO} \
+    -keyout dovecot.key \
+    -out dovecot.crt
+  
+  mkdir -p /etc/ssl/{certs,private}/
+
+  cp dovecot.crt /etc/ssl/certs/dovecot.crt 
+  cp dovecot.key /etc/ssl/private/dovecot.key 
+  chmod 400 /etc/ssl/certs/dovecot.crt 
+  chmod 400 /etc/ssl/private/dovecot.key
+fi
+
+if [[ $(stat -c '%U' /var/mail/) != "mailstore" ]]; then
+  chown -R mailstore /var/mail
+fi
+
+exec "$@"
diff --git a/cluster/prod/app/email/build/dovecot/legacy/all_before.sieve b/cluster/prod/app/email/build/dovecot/legacy/all_before.sieve
new file mode 100644
index 0000000..7d2e57e
--- /dev/null
+++ b/cluster/prod/app/email/build/dovecot/legacy/all_before.sieve
@@ -0,0 +1,5 @@
+require ["fileinto", "mailbox"];
+if header :contains "X-Spam-Flag" "YES" {
+    fileinto :create "Junk";
+}
+
diff --git a/cluster/prod/app/email/build/dovecot/legacy/dovecot-ldap.sample.conf b/cluster/prod/app/email/build/dovecot/legacy/dovecot-ldap.sample.conf
new file mode 100644
index 0000000..472d5e8
--- /dev/null
+++ b/cluster/prod/app/email/build/dovecot/legacy/dovecot-ldap.sample.conf
@@ -0,0 +1,8 @@
+hosts = ldap.example.com
+dn = cn=admin,dc=example,dc=com
+dnpass = s3cr3t
+base = dc=example,dc=com
+scope = subtree
+user_filter = (&(mail=%u)(&(objectClass=inetOrgPerson)(memberOf=cn=email,ou=groups,dc=example,dc=com)))
+pass_filter = (&(mail=%u)(&(objectClass=inetOrgPerson)(memberOf=cn=email,ou=groups,dc=example,dc=com)))
+user_attrs = mail=/var/mail/%{ldap:mail}
diff --git a/cluster/prod/app/email/build/dovecot/legacy/report-ham.sieve b/cluster/prod/app/email/build/dovecot/legacy/report-ham.sieve
new file mode 100644
index 0000000..c5a994a
--- /dev/null
+++ b/cluster/prod/app/email/build/dovecot/legacy/report-ham.sieve
@@ -0,0 +1,17 @@
+require ["vnd.dovecot.pipe", "copy", "imapsieve", "environment", "variables", "vnd.dovecot.debug"];
+
+if environment :matches "imap.mailbox" "*" {
+  set "mailbox" "${1}";
+}
+
+if string "${mailbox}" "Trash" {
+  stop;
+}
+
+if environment :matches "imap.user" "*" {
+  set "username" "${1}";
+}
+
+pipe :copy "sa-learn" [ "--ham", "-u", "debian-spamd" ];
+debug_log "ham reported by ${username}";
+
diff --git a/cluster/prod/app/email/build/dovecot/legacy/report-spam.sieve b/cluster/prod/app/email/build/dovecot/legacy/report-spam.sieve
new file mode 100644
index 0000000..1be7389
--- /dev/null
+++ b/cluster/prod/app/email/build/dovecot/legacy/report-spam.sieve
@@ -0,0 +1,9 @@
+require ["vnd.dovecot.pipe", "copy", "imapsieve", "environment", "variables", "vnd.dovecot.debug"];
+
+if environment :matches "imap.user" "*" {
+  set "username" "${1}";
+}
+
+pipe :copy "sa-learn" [ "--spam", "-u", "debian-spamd"];
+debug_log "spam reported by ${username}";
+