├── Dockerfile ├── README.md └── bin ├── run.sh └── setup /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.10 2 | 3 | LABEL description "PostfixAdmin is a web based interface used to manage mailboxes" \ 4 | maintainer="Hardware " 5 | 6 | ARG VERSION=3.2 7 | 8 | # https://pgp.mit.edu/pks/lookup?search=0xC6A682EA63C82F1C&fingerprint=on&op=index 9 | # pub 4096R/63C82F1C 2005-10-06 Christian Boltz (www.cboltz.de) 10 | ARG GPG_SHORTID="0xC6A682EA63C82F1C" 11 | ARG GPG_FINGERPRINT="70CA A060 DE04 2AAE B1B1 5196 C6A6 82EA 63C8 2F1C" 12 | ARG SHA256_HASH="866d4c0ca870b2cac184e5837a4d201af8fcefecef09bc2c887a6e017a00cefe" 13 | 14 | RUN echo "@community https://nl.alpinelinux.org/alpine/v3.10/community" >> /etc/apk/repositories \ 15 | && apk -U upgrade \ 16 | && apk add -t build-dependencies \ 17 | ca-certificates \ 18 | gnupg \ 19 | && apk add \ 20 | su-exec \ 21 | dovecot \ 22 | tini@community \ 23 | php7@community \ 24 | php7-phar \ 25 | php7-fpm@community \ 26 | php7-imap@community \ 27 | php7-pgsql@community \ 28 | php7-mysqli@community \ 29 | php7-session@community \ 30 | php7-mbstring@community \ 31 | && cd /tmp \ 32 | && PFA_TARBALL="postfixadmin-${VERSION}.tar.gz" \ 33 | && wget -q https://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-${VERSION}/${PFA_TARBALL} \ 34 | && wget -q https://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-${VERSION}/${PFA_TARBALL}.asc \ 35 | && ( \ 36 | gpg --keyserver ha.pool.sks-keyservers.net --recv-keys ${GPG_SHORTID} || \ 37 | gpg --keyserver keyserver.pgp.com --recv-keys ${GPG_SHORTID} || \ 38 | gpg --keyserver pgp.mit.edu --recv-keys ${GPG_SHORTID} \ 39 | ) \ 40 | && CHECKSUM=$(sha256sum ${PFA_TARBALL} | awk '{print $1}') \ 41 | && if [ "${CHECKSUM}" != "${SHA256_HASH}" ]; then echo "ERROR: Checksum does not match!" && exit 1; fi \ 42 | && FINGERPRINT="$(LANG=C gpg --verify ${PFA_TARBALL}.asc ${PFA_TARBALL} 2>&1 | sed -n "s#Primary key fingerprint: \(.*\)#\1#p")" \ 43 | && if [ -z "${FINGERPRINT}" ]; then echo "ERROR: Invalid GPG signature!" && exit 1; fi \ 44 | && if [ "${FINGERPRINT}" != "${GPG_FINGERPRINT}" ]; then echo "ERROR: Wrong GPG fingerprint!" && exit 1; fi \ 45 | && mkdir /postfixadmin && tar xzf ${PFA_TARBALL} -C /postfixadmin && mv /postfixadmin/postfixadmin-$VERSION/* /postfixadmin \ 46 | && apk del build-dependencies \ 47 | && rm -rf /var/cache/apk/* /tmp/* /root/.gnupg /postfixadmin/postfixadmin-$VERSION* 48 | 49 | COPY bin /usr/local/bin 50 | RUN chmod +x /usr/local/bin/* 51 | EXPOSE 8888 52 | CMD ["tini", "--", "run.sh"] 53 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # hardware/postfixadmin 2 | 3 | ![postfixadmin](http://i.imgur.com/UCtvKHR.png "postfixadmin") 4 | 5 | ### What is this ? 6 | 7 | PostfixAdmin is a web based interface used to manage mailboxes, virtual domains and aliases. It also features support for vacation/out-of-the-office messages. 8 | 9 | ### Features 10 | 11 | - Lightweight & secure image (no root process) 12 | - Based on Alpine Linux 13 | - Latest Postfixadmin version (3.2) 14 | - MariaDB/PostgreSQL driver 15 | - With PHP7 16 | 17 | ### Built-time variables 18 | 19 | - **VERSION** : version of postfixadmin 20 | - **GPG_SHORTID** : short gpg key ID 21 | - **GPG_FINGERPRINT** : fingerprint of signing key 22 | - **SHA256_HASH** : SHA256 hash of Postfixadmin archive 23 | 24 | ### Ports 25 | 26 | - **8888** 27 | 28 | ### Environment variables 29 | 30 | | Variable | Description | Type | Default value | 31 | | -------- | ----------- | ---- | ------------- | 32 | | **UID** | postfixadmin user id | *optional* | 991 33 | | **GID** | postfixadmin group id | *optional* | 991 34 | | **DBDRIVER** | Database type: mysql, pgsql | *optional* | mysql 35 | | **DBHOST** | Database instance ip/hostname | *optional* | mariadb 36 | | **DBPORT** | Database instance port | *optional* | 3306 37 | | **DBUSER** | Database database username | *optional* | postfix 38 | | **DBNAME** | Database database name | *optional* | postfix 39 | | **DBPASS** | Database database password or location of a file containing it | **required** | null 40 | | **SMTPHOST** | SMTP server ip/hostname | *optional* | mailserver 41 | | **DOMAIN** | Mail domain | *optional* | `domainname` value 42 | | **ENCRYPTION** | Passwords encryption method | *optional* | `dovecot:SHA512-CRYPT` 43 | | **PASSVAL_MIN_LEN** | Passwords validation: minimum password length | *optional* | 5 44 | | **PASSVAL_MIN_CHAR** | Passwords validation: must contain at least characters | *optional* | 3 45 | | **PASSVAL_MIN_DIGIT** | Passwords validation: must contain at least digits | *optional* | 2 46 | | **PAGE_SIZE** | Number of entries (mailboxes, alias, etc) that you would like to see in one page. | *optional* | 10 47 | | **QUOTA_MULTIPLIER** | Number of bytes required to represent a single quota unit. You can either use '1000000', '1024000' or '1048576' | *optional* | 1024000 48 | | **FETCHMAIL_EXTRA_OPTIONS** | Allows to pass additional options to fetchmail | *optional* | NO 49 | 50 | * If you use this docker image and [hardware/mailserver](https://github.com/hardware/mailserver) with fetchmail support enabled, a dedicated port (10025) is available with less restrictions for delivery. Use `FETCHMAIL_EXTRA_OPTIONS` environment variable for that purpose. Example : 51 | 52 | ```yml 53 | postfixadmin: 54 | environment: 55 | FETCHMAIL_EXTRA_OPTIONS="smtp localhost/10025" 56 | ``` 57 | 58 | ### Docker-compose.yml 59 | 60 | ```yml 61 | # Full example : 62 | # https://github.com/hardware/mailserver/blob/master/docker-compose.sample.yml 63 | 64 | postfixadmin: 65 | image: hardware/postfixadmin 66 | container_name: postfixadmin 67 | domainname: domain.tld 68 | hostname: mail 69 | environment: 70 | - DBPASS=xxxxxxx 71 | depends_on: 72 | - mailserver 73 | - mariadb # postgres (adjust accordingly) 74 | ``` 75 | 76 | ### How to setup 77 | 78 | https://github.com/hardware/mailserver/wiki/Postfixadmin-initial-configuration 79 | -------------------------------------------------------------------------------- /bin/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | GID=${GID:-991} 4 | UID=${UID:-991} 5 | DOMAIN=${DOMAIN:-$(hostname -d)} 6 | DBDRIVER=${DBDRIVER:-mysql} 7 | DBHOST=${DBHOST:-mariadb} 8 | DBPORT=${DBPORT:-3306} 9 | DBUSER=${DBUSER:-postfix} 10 | DBNAME=${DBNAME:-postfix} 11 | DBPASS=$([ -f "$DBPASS" ] && cat "$DBPASS" || echo "${DBPASS:-}") 12 | SMTPHOST=${SMTPHOST:-mailserver} 13 | ENCRYPTION=${ENCRYPTION:-"dovecot:SHA512-CRYPT"} 14 | FETCHMAIL_EXTRA_OPTIONS=${FETCHMAIL_EXTRA_OPTIONS:-"NO"} 15 | # Password validation 16 | PASSVAL_MIN_LEN=${PASSVAL_MIN_LEN:-5} 17 | PASSVAL_MIN_CHAR=${PASSVAL_MIN_CHAR:-3} 18 | PASSVAL_MIN_DIGIT=${PASSVAL_MIN_DIGIT:-2} 19 | # Page size 20 | PAGE_SIZE=${PAGE_SIZE:-10} 21 | # Quota 22 | QUOTA_MULTIPLIER=${QUOTA_MULTIPLIER:-1024000} 23 | 24 | if [ -z "$DBPASS" ]; then 25 | echo "MariaDB/PostgreSQL database password must be set !" 26 | exit 1 27 | fi 28 | 29 | # Create smarty cache folder 30 | mkdir -p /postfixadmin/templates_c 31 | 32 | # Set permissions 33 | chown -R $UID:$GID /postfixadmin 34 | 35 | # MySQL/MariaDB should use mysqli driver 36 | case "$DBDRIVER" in 37 | mysql) DBDRIVER=mysqli; 38 | esac 39 | 40 | # Local postfixadmin configuration file 41 | cat > /postfixadmin/config.local.php < 'abuse@${DOMAIN}', 67 | 'hostmaster' => 'hostmaster@${DOMAIN}', 68 | 'postmaster' => 'postmaster@${DOMAIN}', 69 | 'webmaster' => 'webmaster@${DOMAIN}' 70 | ); 71 | 72 | \$CONF['quota'] = 'YES'; 73 | \$CONF['domain_quota'] = 'YES'; 74 | \$CONF['quota_multiplier'] = '${QUOTA_MULTIPLIER}'; 75 | \$CONF['used_quotas'] = 'YES'; 76 | \$CONF['new_quota_table'] = 'YES'; 77 | 78 | \$CONF['aliases'] = '0'; 79 | \$CONF['mailboxes'] = '0'; 80 | \$CONF['maxquota'] = '0'; 81 | \$CONF['domain_quota_default'] = '0'; 82 | 83 | \$CONF['password_validation'] = array( 84 | '/.{${PASSVAL_MIN_LEN}}/' => 'password_too_short ${PASSVAL_MIN_LEN}', 85 | '/([a-zA-Z].*){${PASSVAL_MIN_CHAR}}/' => 'password_no_characters ${PASSVAL_MIN_CHAR}', 86 | '/([0-9].*){${PASSVAL_MIN_DIGIT}}/' => 'password_no_digits ${PASSVAL_MIN_DIGIT}', 87 | ); 88 | 89 | \$CONF['page_size'] = '${PAGE_SIZE}'; 90 | ?> 91 | EOF 92 | 93 | # RUN ! 94 | exec su-exec $UID:$GID php7 -S 0.0.0.0:8888 -t /postfixadmin/public 95 | -------------------------------------------------------------------------------- /bin/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | CSI="\033[" 4 | CEND="${CSI}0m" 5 | CRED="${CSI}1;31m" 6 | CGREEN="${CSI}1;32m" 7 | 8 | read -rp "> Postfixadmin setup hash : " HASH 9 | 10 | # MD5(salt) : SHA1( MD5(salt) : PASSWORD ); 11 | # 32 1 40 12 | # Exemple : ffdeb741c58db80d060ddb170af4623a:54e0ac9a55d69c5e53d214c7ad7f1e3df40a3caa 13 | while [ ${#HASH} -ne 73 ]; do 14 | echo -e "${CRED}\n/!\ Invalid HASH !${CEND}" 1>&2 15 | read -rp "> Postfixadmin setup hash : " HASH 16 | echo "" 17 | done 18 | 19 | sed -i "s|\($CONF\['setup_password'\].*=\).*|\1 '${HASH}';|" /postfixadmin/config.inc.php 20 | 21 | echo -e "${CGREEN}Setup done.${CEND}" --------------------------------------------------------------------------------