things work

component/dovecot/buildout.cfg

@@ -12,6 +12,7 @@ recipe = slapos.recipe.cmmi
 url = https://dovecot.org/releases/2.3/dovecot-2.3.20.tar.gz
 md5sum = b8add62d0311dcc95ac25b379e8ba043
 location = @@LOCATION@@
+extra-configure-options =
 configure-options =
   --enable-maintainer-mode
   --prefix=${:location}
@@ -19,11 +20,18 @@ configure-options =
   --with-systemd=no
   --with-lua=yes
   --with-libcrypto=${openssl:location}
+  ${:extra-configure-options}
+extra-ld-flags =
+extra-environment =
+extra-pkg-config =
+extra-c-flags =
 environment =
   PATH=${pkgconfig:location}/bin:%(PATH)s
-  PKG_CONFIG_PATH=${lua:location}/lib/pkgconfig
+  PKG_CONFIG_PATH=${lua:location}/lib/pkgconfig:${:extra-pkg-config}
   LUA_LIBS=-L${lua:location}/lib -Wl,-rpath=${lua:location}/lib -llua -lm
   LUA_CFLAGS=-I${lua:location}/include
-  LDFLAGS=-L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
+  LDFLAGS=-L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib ${:extra-ld-flags}
+  CFLAGS=${:extra-c-flags}
+  ${:extra-environment}
 make-targets = install
 post-install = cp -r ${:location}/share/doc/dovecot/example-config/* ${:location}/etc/dovecot/

component/postfix/buildout.cfg

@@ -24,8 +24,9 @@ patches =
 configure-command = make
 configure-options = makefiles CCARGS=${:configure-options-CCARGS} AUXLIBS=${:configure-options-AUXLIBS}
 configure-options-CCARGS = ${:default-configure-options-CCARGS}
-default-configure-options-CCARGS = '-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DUSE_TLS -DHAS_PCRE -DHAS_DB -I${libdb:location}/include -I${pcre:location}/include -I${openssl:location}/include -I${cyrus-sasl:location}/include/sasl -I${libnsl:location}/include'
-configure-options-AUXLIBS = '-L${openssl:location}/lib -L${pcre:location}/lib -L${libdb:location}/lib -L${cyrus-sasl:location}/lib -L${libtirpc:location}/lib -L${libnsl:location}/lib -lnsl -lssl -lpcre -ldb -lcrypto -lsasl2 -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${libdb:location}/lib -Wl,-rpath=${cyrus-sasl:location}/lib  -Wl,-rpath=${libnsl:location}/lib'
+default-configure-options-CCARGS = -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DUSE_TLS -DHAS_PCRE -DHAS_DB -I${libdb:location}/include -I${pcre:location}/include -I${openssl:location}/include -I${cyrus-sasl:location}/include/sasl -I${libnsl:location}/include
+configure-options-AUXLIBS = ${:default-configure-options-AUXLIBS}
+default-configure-options-AUXLIBS = -L${openssl:location}/lib -L${pcre:location}/lib -L${libdb:location}/lib -L${cyrus-sasl:location}/lib -L${libtirpc:location}/lib -L${libnsl:location}/lib -lnsl -lssl -lpcre -ldb -lcrypto -lsasl2 -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${libdb:location}/lib -Wl,-rpath=${cyrus-sasl:location}/lib  -Wl,-rpath=${libnsl:location}/lib
 make-targets = non-interactive-package install_root=${:location}
 environment =
   PATH=${patch:location}/bin:${m4:location}/bin:%(PATH)s

software/mail-server/buildout.hash.cfg

@@ -15,31 +15,31 @@
 
 [template]
 filename = instance.cfg.in
-md5sum = 3b22160ee34e004983fd17c503391ade
+md5sum = 3ce43e3592a6ff517837205b48192cb6
 
 [template-default]
 _update_hash_filename_ = instance-default.cfg.in
-md5sum = c71a9dca86ef4e2115ecaed12fb9b3e3
+md5sum = 8cba4919b15bc982305d779f7ffc50d1
 
 [dovecot.jinja2.conf]
 _update_hash_filename_ = dovecot.jinja2.conf
-md5sum = a1f695cb881e9be680b7b8a597a4b0c9
-[dovecot-passdb.jinja2.lua]
-_update_hash_filename_ = dovecot-passdb.jinja2.lua
-md5sum = 060107ee6ad0eb9092529bc2bd1ee52f
+md5sum = dbb59cfd09df520f35905c6abfe0f51b
+
+[dovecot-sql.jinja2.conf.ext]
+md5sum = a29b83ff6eba50f47962a9bc904d4f47
 
 [postfix_main.jinja2.cf]
 _update_hash_filename_ = postfix_main.jinja2.cf
-md5sum = 83a7729f9911b21d0a01bcb3217b4d33
+md5sum = 29e7e65dd2926a5187dcd837fede1897
 [postfix_master.jinja2.cf]
 _update_hash_filename_ = postfix_master.jinja2.cf
 md5sum = 7752a8b4af5c18dc404e0a862af89272
 [postfix_mysql_mailbox.jinja2.cf]
 _update_hash_filename_ = postfix_mysql_mailbox.jinja2.cf
-md5sum = c1917289b0039059948a3fa96fa5f686
+md5sum = 4130e8e13cc98a75db098d38d8f369d6
 [postfix_mysql_aliases.jinja2.cf]
 _update_hash_filename_ = postfix_mysql_aliases.jinja2.cf
-md5sum = 0627b00d6112f01eaf9284c84291546e
+md5sum = 85e1d6c8ed15d3e6d58d9479d5ea7d55
 
 [template-apache.conf]
 filename = apache.conf.in

software/mail-server/dovecot-passdb.jinja2.lua

-function auth_passdb_lookup(req)
-  return dovecot.auth.PASSDB_RESULT_OK, string.format("password=%s", req.password)
-end
-
-function script_init()
-  return 0
-end
-
-function script_deinit()
-end
-
-function auth_userdb_iterate()
-  return {"alpha"}
-end

software/mail-server/dovecot-sql.jinja2.conf.ext

+driver = pgsql
+connect = host={{ postgresql_host }} port={{ postgresql_port }} dbname={{ postgresql_dbname }} user={{ postgresql_user }} password={{ postgresql_pass }}
+default_pass_scheme = SHA512-CRYPT
+password_query = \
+   SELECT email as username, passwd AS password FROM addresses WHERE email = '%u'
+user_query = \
+   SELECT '{{ slap_configuration['user-name'] }}' AS uid, '{{ slap_configuration['user-name'] }}' as gid, email, '{{ directory['home-dovecot'] }}/%d/%n' AS home \
+   FROM addresses WHERE email = '%u'
+iterate_query = SELECT email AS user FROM addresses
\ No newline at end of file

software/mail-server/dovecot.jinja2.conf

 protocols = " imap lmtp pop3"
 auth_debug = yes
 auth_mechanisms = plain login
-auth_username_format = %n
+auth_username_format = %Lu
 auth_verbose = yes
 base_dir = {{ directory['run-dovecot'] }}
 state_dir = {{directory['var-dovecot'] }}
@@ -79,10 +79,11 @@ namespace inbox {
 ssl = no
 
 passdb {
-  driver = lua
-  args = file={{ dovecot_passdb_lua }} blocking=yes
+   driver = sql
+   args = {{ dovecot_sql }}
 }
+
 userdb {
-  driver = static
-  args = uid={{ slap_configuration['user-name'] }} gid={{ slap_configuration['user-name'] }} home={{ directory['home-dovecot'] }}/%u
-}
+   driver = sql
+   args = {{ dovecot_sql }}
+}
\ No newline at end of file

software/mail-server/instance-default.cfg.in

@@ -79,14 +79,20 @@ context =
 url = {{ dovecot_conf_template }}
 output = ${directory:etc}/dovecot.conf
 extra-context =
-  key dovecot_passdb_lua dovecot-passdb-lua:output
+  key dovecot_sql dovecot-sql:output
   raw postfix_auth ${directory:var-spool-postfix-private}/auth
   raw postfix_dovecot_lmtp ${directory:var-spool-postfix-private}/dovecot-lmtp
 
-[dovecot-passdb-lua]
+[dovecot-sql]
 <= config-base
-url = {{ dovecot_passdb_lua_template }}
-output = ${directory:etc}/dovecot-passdb.lua
+url = {{ dovecot_sql_template }}
+output = ${directory:etc}/dovecot-sql.conf.ext
+extra-context =
+  raw postgresql_user ${postgresql:superuser}
+  raw postgresql_pass ${postgresql:password}
+  raw postgresql_dbname ${postgresql:dbname}
+  raw postgresql_host ${postgresql:ipv4}
+  raw postgresql_port ${postgresql:port}
 
 [userinfo]
 recipe = slapos.cookbook:userinfo
@@ -148,12 +154,20 @@ url = {{ postfix_vmailbox_template }}
 output = ${directory:etc-postfix}/mysql_virtual_mailbox_maps.cf
 extra-context =
   key mail_domain request-dns-entry:connection-domain
+  raw postgresql_user ${postgresql:superuser}
+  raw postgresql_pass ${postgresql:password}
+  raw postgresql_dbname ${postgresql:dbname}
+  raw postgresql_host ${postgresql:ipv4}:${postgresql:port}
 [postfix-virtual]
 <= config-base
 url = {{ postfix_virtual_template }}
 output = ${directory:etc-postfix}/mysql_virtual_aliases.cf
 extra-context =
   key mail_domain request-dns-entry:connection-domain
+  raw postgresql_user ${postgresql:superuser}
+  raw postgresql_pass ${postgresql:password}
+  raw postgresql_dbname ${postgresql:dbname}
+  raw postgresql_host ${postgresql:ipv4}:${postgresql:port}
 
 [dovecot-wrapper]
 recipe = slapos.recipe.template
@@ -432,33 +446,33 @@ recipe = slapos.cookbook:generate.password
 recipe = slapos.cookbook:postgres
 bin = {{ postgresql_location }}/bin
 services = ${directory:service}
-dbname  = dependency-track_db
-superuser = dependency-track-psql
+dbname  = postfix
+superuser = postfix-psql
 password = ${postgresql-password:passwd}
 pgdata-directory = ${directory:srv}/postgresql
 
-ipv4 =
+ipv4 = ${slap-configuration:ipv4-random}
 # disable listening on ipv6
 ipv6 = ${slap-configuration:ipv6-random}
 port = 5432
 
-promises = $${postgresql-promise:name}
+promises = ${postgresql-promise:name}
 
 
 [postgresql-psql]
 recipe = slapos.cookbook:wrapper
-wrapper-path = $${directory:bin}/$${:_buildout_section_name_}
+wrapper-path = ${directory:bin}/${:_buildout_section_name_}
 command-line =
-    $${postgresql:bin}/psql
-        -h $${postgresql:pgdata-directory}
-        -U $${postgresql:superuser}
-        -d $${postgresql:dbname}
+    ${postgresql:bin}/psql
+        -h ${postgresql:pgdata-directory}
+        -U ${postgresql:superuser}
+        -d ${postgresql:dbname}
 
 [postgresql-promise]
 <= monitor-promise-base
 promise = check_command_execute
 name = promise-postgresql.py
-config-command = $${postgresql-psql:wrapper-path} -c '\q'
+config-command = ${postgresql-psql:wrapper-path} -c '\q'
 
 #[mariadb-urlparse]
 #recipe = slapos.cookbook:urlparse

software/mail-server/instance.cfg.in

@@ -33,7 +33,7 @@ url = {{ template_default }}
 filename = instance-default.cfg
 extra-context =
     raw dovecot_conf_template {{ dovecot_conf_template }}
-    raw dovecot_passdb_lua_template {{ dovecot_passdb_lua_template }}
+    raw dovecot_sql_template {{ dovecot_sql_template }}
     raw dovecot_binary {{ dovecot_binary }}
     raw postfix_main_template {{ postfix_main_template }}
     raw postfix_master_template {{ postfix_master_template }}
@@ -47,7 +47,6 @@ extra-context =
     key ipv6_set slap-configuration:ipv6
     raw bin_directory {{ bin_directory }}
     raw postgresql_location {{ postgresql_location }}
-    section mariadb_parameter_dict dynamic-template-mariadb-parameters
 
 
 [dynamic-template-apache-php-parameters]
@@ -77,28 +76,3 @@ smtp-port = 10025
 [switch-softwaretype]
 recipe = slapos.cookbook:switch-softwaretype
 default = dynamic-template-default:output
-#mariadb = dynamic-template-mariadb:output
-#apache = dynamic-template-apache-php:output
-
-[dynamic-template-mariadb-parameters]
-bash = {{ bash_location }}
-coreutils-location = {{ coreutils_location }}
-dash-location = {{ dash_location }}
-mariadb-location = {{ mariadb_location }}
-template-my-cnf = {{ template_my_cnf }}
-template-mariadb-initial-setup = {{ template_mariadb_initial_setup }}
-template-mysqld-wrapper = {{ template_mysqld_wrapper }}
-link-binary = {{ dumps(mariadb_link_binary) }}
-mariadb-resiliency-after-import-script = {{ mariadb_resiliency_after_import_script }}
-mariadb-slow-query-report-script = {{ mariadb_slow_query_report_script }}
-mariadb-start-clone-from-backup = {{ mariadb_start_clone_from_backup }}
-promise-check-slow-queries-digest-result = {{ bin_directory }}/check-slow-queries-digest-result
-percona-tools-location = {{ percona_toolkit_location }}
-unixodbc-location = {{ unixodbc_location }}
-mroonga-mariadb-install-sql = {{ mroonga_mariadb_install_sql }}
-mroonga-mariadb-plugin-dir = {{ mroonga_mariadb_plugin_dir }}
-groonga-plugins-path = {{ groonga_plugin_dir }}:{{ groonga_mysql_normalizer_plugin_dir }}
-check-computer-memory-binary = {{ bin_directory }}/check-computer-memory
-bin-directory = {{ bin_directory }}
-
-

software/mail-server/postfix_main.jinja2.cf

@@ -20,13 +20,11 @@ setgid_group = {{ setgid_group }}
 
 virtual_mailbox_domains = {{ mail_domain }}
 virtual_mailbox_base = {{ vhosts_directory }}
-virtual_mailbox_maps = hash:{{ vmailbox_file }}
 virtual_minimum_uid = 100
 virtual_uid_maps = static:1001
 virtual_gid_maps = static:1022
-virtual_alias_maps = hash:{{ virtual_file }}
-virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
-virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_aliases.cf
+virtual_mailbox_maps = pgsql:{{ vmailbox_file }}
+virtual_alias_maps = pgsql:{{ virtual_file }}
 virtual_transport = lmtp:unix:private/dovecot-lmtp
 
 inet_interfaces = all

software/mail-server/postfix_mysql_aliases.jinja2.cf

-user = postfix
-password = MonMotDePasseBaseDeDonnees
-hosts = 127.0.0.1
-dbname = postfix
+user = {{ postgresql_user }}
+password = {{ postgresql_pass }}
+hosts = {{ postgresql_host }}
+dbname = {{ postgresql_dbname }}
 query = SELECT 1 FROM aliases WHERE source = '%s'
\ No newline at end of file

software/mail-server/postfix_mysql_mailbox.jinja2.cf

-user = postfix
-password = MonMotDePasseBaseDeDonnees
-hosts = 127.0.0.1
-dbname = postfix
+user = {{ postgresql_user }}
+password = {{ postgresql_pass }}
+hosts = {{ postgresql_host }}
+dbname = {{ postgresql_dbname }}
 query = SELECT 1 FROM addresses WHERE email = '%s'
\ No newline at end of file

software/mail-server/software.cfg

@@ -9,6 +9,7 @@ extends =
   ../../stack/monitor/buildout.cfg
   ../../stack/erp5/buildout.cfg
   ../../component/apache-php/buildout.cfg
+  ../../component/nginx/buildout.cfg
   buildout.hash.cfg
 
 
@@ -18,11 +19,23 @@ parts =
   dovecot
   postgresql
   postfix
+  nginx
 
 
 [postfix]
-configure-options-CCARGS = '-DHAS_MYSQL -I${mariadb:location}/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DUSE_TLS -DHAS_PCRE -DHAS_DB -I${libdb:location}/include -I${pcre:location}/include -I${openssl:location}/include -I${cyrus-sasl:location}/include/sasl -I${libnsl:location}/include'
-configure-options-AUXLIBS = '-L${mariadb:location}/lib -Wl,-rpath=${mariadb:location}/lib -lmysqlclient -lmariadb -L${openssl:location}/lib -L${pcre:location}/lib -L${libdb:location}/lib -L${cyrus-sasl:location}/lib -L${libtirpc:location}/lib -L${libnsl:location}/lib -lnsl -lssl -lpcre -ldb -lcrypto -lsasl2 -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${libdb:location}/lib -Wl,-rpath=${cyrus-sasl:location}/lib  -Wl,-rpath=${libnsl:location}/lib'
+configure-options-CCARGS = '-DHAS_PGSQL -I${postgresql:location}/include ${postfix:default-configure-options-CCARGS}'
+#configure-options-CCARGS = '-DHAS_PGSQL -I${postgresql:location}/include -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DUSE_TLS -DHAS_PCRE -DHAS_DB -I${libdb:location}/include -I${pcre:location}/include -I${openssl:location}/include -I${cyrus-sasl:location}/include/sasl -I${libnsl:location}/include'
+configure-options-AUXLIBS = '-L${postgresql:location}/lib -Wl,-rpath=${postgresql:location}/lib -lpq ${postfix:default-configure-options-AUXLIBS}'
+
+[dovecot]
+extra-pkg-config=${postgresql:location}/lib/pkgconfig
+extra-configure-options =
+  --with-pgsql=yes
+extra-environment =
+  PGSQL_LIBS=-L${postgresql:location}/lib -Wl,-rpath=${postgresql:location}/lib
+  PGSQL_CFLAGS=-I${postgresql:location}/include
+extra-ld-flags=-L${postgresql:location}/lib -Wl,-rpath=${postgresql:location}/lib
+extra-c-flags=-I${postgresql:location}/include
 
 [template]
 recipe = slapos.recipe.template:jinja2
@@ -73,7 +86,7 @@ context =
     key default_frontend custom-application-deployment:default-frontend
     key lamp_apache_httpd template-apache-httpd:target
     raw dovecot_conf_template ${dovecot.jinja2.conf:target}
-    raw dovecot_passdb_lua_template ${dovecot-passdb.jinja2.lua:target}
+    raw dovecot_sql_template ${dovecot-sql.jinja2.conf.ext:target}
     raw dovecot_binary ${dovecot:location}/sbin/dovecot
     raw postfix_main_template ${postfix_main.jinja2.cf:target}
     raw postfix_master_template ${postfix_master.jinja2.cf:target}
@@ -119,7 +132,7 @@ filename = ${:_buildout_section_name_}
 
 [dovecot.jinja2.conf]
 < = copy-to-instance
-[dovecot-passdb.jinja2.lua]
+[dovecot-sql.jinja2.conf.ext]
 < = copy-to-instance
 
 [postfix_main.jinja2.cf]

software/mail-server/template-nginx-service.sh.in

+#!${dash-output:dash}
+# BEWARE: This file is operated by slapos node
+# BEWARE: It will be overwritten automatically
+
+if [ ! -e $${nginx-configuration:ssl_crt} ]
+then
+  ${openssl-output:openssl} genrsa -out $${nginx-configuration:ssl_key} 2048
+  ${openssl-output:openssl} req -new \
+    -subj "/C=AA/ST=Denial/L=Nowhere/O=Dis/CN=$${nginx-configuration:ip}" \
+    -key $${nginx-configuration:ssl_key} -out $${nginx-configuration:ssl_csr}
+  ${openssl-output:openssl} x509 -req -days 365 \
+    -in $${nginx-configuration:ssl_csr} \
+    -signkey $${nginx-configuration:ssl_key} \
+    -out $${nginx-configuration:ssl_crt}
+fi
+
+exec ${nginx-output:nginx} \
+  -c $${nginx-configuration:output}

software/mail-server/template-nginx.cfg.in

+daemon off; # run in the foreground so supervisord can look after it
+
+worker_processes 4;
+pid $${directory:run}/nginx.pid;
+
+events {
+  worker_connections 768;
+  # multi_accept on;
+}
+
+error_log $${nginx-configuration:error_log};
+
+http {  
+  
+  ##
+  # Basic Settings
+  ##
+  
+  sendfile on;
+  tcp_nopush on;
+  tcp_nodelay on;
+  keepalive_timeout 65;
+  types_hash_max_size 2048;
+  server_tokens off;
+
+  # server_names_hash_bucket_size 64;
+  # server_name_in_redirect off;
+
+  default_type application/octet-stream;
+  include ${nginx-output:mime};
+
+  ##
+  # Logging Settings
+  ##
+  
+  access_log $${nginx-configuration:access_log};
+  error_log $${nginx-configuration:error_log};
+
+  ##
+  # Gzip Settings
+  ##
+  
+  gzip on;
+  gzip_disable "msie6";
+
+  gzip_vary on;
+  gzip_proxied any;
+  gzip_comp_level 6;
+  gzip_buffers 16 8k;
+  gzip_http_version 1.1;
+  gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
+
+server {
+  listen [$${nginx-configuration:ip}]:$${nginx-configuration:port} ssl;
+
+  ssl_certificate $${nginx-configuration:ssl_crt};
+  ssl_certificate_key $${nginx-configuration:ssl_key};
+
+  fastcgi_temp_path  $${directory:varnginx} 1 2;
+  uwsgi_temp_path  $${directory:varnginx} 1 2;
+  scgi_temp_path  $${directory:varnginx} 1 2;
+
+  client_body_temp_path $${directory:varnginx} 1 2;
+  proxy_temp_path $${directory:varnginx} 1 2;
+
+  ## Only allow GET and HEAD request methods
+  if ($request_method !~ ^(GET|HEAD)$ ) {
+     return 444;
+  }
+
+  ## Serve an error 204 (No Content) for favicon.ico
+  location = /favicon.ico {
+    return 204;
+  }
+  location /
+  {   
+      root $${directory:www};
+#       index index.html;
+  }
+}
+
+}