lostakj/opendkim-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
Files
18ba6035f305df8e71af3744c1a65a0376c2136e
opendkim-docker/entrypoint.sh
Jan Lošťák 18ba6035f3
All checks were successful
Build and push Docker image on tag / docker (push) Successful in 7s
Details
Reverted
2026-03-28 07:29:43 +01:00

123 lines
4.1 KiB
Bash
Raw Blame History

#!/bin/bash
# Core defaults.
: "${OPENDKIM_USER:=opendkim}"
: "${OPENDKIM_GROUP:=opendkim}"
: "${OPENDKIM_USERID:=${OPENDKIM_USER}:${OPENDKIM_GROUP}}"
: "${OPENDKIM_SOCKET:=inet:8892@0.0.0.0}"
# Signing defaults.
: "${OPENDKIM_DOMAIN:=*}"
: "${OPENDKIM_SELECTOR:=dkim}"
: "${OPENDKIM_KEYFILE:=/opt/opendkim/keys/dkim.private}"
: "${OPENDKIM_CANONICALIZATION:=relaxed/simple}"
: "${OPENDKIM_MODE:=sv}"
: "${OPENDKIM_SUBDOMAINS:=true}"
: "${OPENDKIM_OVERSIGNHEADERS:=From}"
# DNS / trust defaults.
: "${OPENDKIM_TRUSTANCHORFILE:=}"
: "${OPENDKIM_INTERNALHOSTS:=127.0.0.1,localhost,127.0.0.0/8,192.168.0.0/16,172.16.0.0/12,10.0.0.0/8}"
: "${OPENDKIM_EXTERNALIGNORELIST:=}"
# Table files.
: "${OPENDKIM_KEYTABLE:=/etc/opendkim/KeyTable}"
: "${OPENDKIM_SIGNINGTABLE:=refile:/etc/opendkim/SigningTable}"
: "${OPENDKIM_PIDFILE:=/run/opendkim/opendkim.pid}"
# Behavior.
: "${OPENDKIM_UMASK:=002}"
: "${OPENDKIM_BACKGROUND:=no}"
: "${OPENDKIM_AUTO_RESTART:=no}"
: "${OPENDKIM_AUTO_RESTART_RATE:=10/1h}"
: "${OPENDKIM_DNS_TIMEOUT:=5}"
: "${OPENDKIM_SIGNATURE_ALGORITHM:=rsa-sha256}"
# Optional extras.
: "${OPENDKIM_REQUIRE_SAFE_KEYS:=yes}"
: "${OPENDKIM_REMOVE_OLD_SIGNATURES:=no}"
: "${OPENDKIM_LOGRESULTS:=yes}"
: "${OPENDKIM_MILTER_DEBUG:=6}"
: "${OPENDKIM_NAMESERVERS:=}"
mkdir -p \
/etc/opendkim \
/run/opendkim \
/var/lib/opendkim \
/var/opendkim
touch /etc/opendkim/KeyTable /etc/opendkim/SigningTable
chown -R "${OPENDKIM_USER}:${OPENDKIM_GROUP}" /run/opendkim /var/lib/opendkim /var/opendkim
chmod 0755 /run/opendkim /var/lib/opendkim /var/opendkim
# Copy private key to runtime location with safe permissions.
if [ -f "${OPENDKIM_KEYFILE}" ]; then
cp "${OPENDKIM_KEYFILE}" /var/opendkim/dkim.private
chown "${OPENDKIM_USER}:${OPENDKIM_GROUP}" /var/opendkim/dkim.private
chmod 0600 /var/opendkim/dkim.private
fi
# Generate KeyTable from env if file is empty.
if [ ! -s /etc/opendkim/KeyTable ]; then
printf '%s._domainkey.%s %s:%s:/var/opendkim/dkim.private\n' \
"${OPENDKIM_SELECTOR}" \
"${OPENDKIM_DOMAIN}" \
"${OPENDKIM_DOMAIN}" \
"${OPENDKIM_SELECTOR}" \
> /etc/opendkim/KeyTable
fi
# Generate SigningTable from env if file is empty.
if [ ! -s /etc/opendkim/SigningTable ]; then
printf '*@%s %s._domainkey.%s\n' \
"${OPENDKIM_DOMAIN}" \
"${OPENDKIM_SELECTOR}" \
"${OPENDKIM_DOMAIN}" \
> /etc/opendkim/SigningTable
fi
chown "${OPENDKIM_USER}:${OPENDKIM_GROUP}" /etc/opendkim/TrustedHosts /etc/opendkim/KeyTable /etc/opendkim/SigningTable
cat > /etc/opendkim.conf <<EOF
Syslog yes
LogWhy yes
UMask ${OPENDKIM_UMASK}
Canonicalization ${OPENDKIM_CANONICALIZATION}
Mode ${OPENDKIM_MODE}
SubDomains ${OPENDKIM_SUBDOMAINS}
OversignHeaders ${OPENDKIM_OVERSIGNHEADERS}
UserID ${OPENDKIM_USERID}
Socket ${OPENDKIM_SOCKET}
PidFile ${OPENDKIM_PIDFILE}
KeyTable ${OPENDKIM_KEYTABLE}
SigningTable ${OPENDKIM_SIGNINGTABLE}
InternalHosts ${OPENDKIM_INTERNALHOSTS}
AutoRestart ${OPENDKIM_AUTO_RESTART}
AutoRestartRate ${OPENDKIM_AUTO_RESTART_RATE}
DNSTimeout ${OPENDKIM_DNS_TIMEOUT}
SignatureAlgorithm ${OPENDKIM_SIGNATURE_ALGORITHM}
RequireSafeKeys ${OPENDKIM_REQUIRE_SAFE_KEYS}
RemoveOldSignatures ${OPENDKIM_REMOVE_OLD_SIGNATURES}
MilterDebug ${OPENDKIM_MILTER_DEBUG}
EOF
if [ -n "${OPENDKIM_TRUSTANCHORFILE}" ] && [ -f "${OPENDKIM_TRUSTANCHORFILE}" ]; then
echo "TrustAnchorFile ${OPENDKIM_TRUSTANCHORFILE}" >> /etc/opendkim.conf
fi
if [ -n "${OPENDKIM_EXTERNALIGNORELIST}" ] && [ -f "${OPENDKIM_EXTERNALIGNORELIST}" ]; then
echo "ExternalIgnoreList ${OPENDKIM_EXTERNALIGNORELIST}" >> /etc/opendkim.conf
fi
if [ "${OPENDKIM_LOGRESULTS}" = "yes" ]; then
echo "SoftwareHeader yes" >> /etc/opendkim.conf
fi
if [ -n "${OPENDKIM_NAMESERVERS}" ]; then
echo "Nameservers ${OPENDKIM_NAMESERVERS}" >> /etc/opendkim.conf
fi
./usr/sbin/opendkim -x /etc/opendkim.conf
syslogd -n -f /etc/rsyslog.d/stdout.conf
Reference in New Issue View Git Blame Copy Permalink