mailcow/src/mailcow-dockerized/data/Dockerfiles/rspamd/docker-entrypoint.sh - kubeia - Gitiles

 #!/bin/bash

 until nc phpfpm 9001 -z; do
   echo "Waiting for PHP on port 9001..."
   sleep 3
 done

 until nc phpfpm 9002 -z; do
   echo "Waiting for PHP on port 9002..."
   sleep 3
 done

 mkdir -p /etc/rspamd/plugins.d \
   /etc/rspamd/custom

 touch /etc/rspamd/rspamd.conf.local \
   /etc/rspamd/rspamd.conf.override

 chmod 755 /var/lib/rspamd


 [[ ! -f /etc/rspamd/override.d/worker-controller-password.inc ]] && echo '# Autogenerated by mailcow' > /etc/rspamd/override.d/worker-controller-password.inc

 echo ${IPV4_NETWORK}.0/24 > /etc/rspamd/custom/mailcow_networks.map
 echo ${IPV6_NETWORK} >> /etc/rspamd/custom/mailcow_networks.map

 DOVECOT_V4=
 DOVECOT_V6=
 until [[ ! -z ${DOVECOT_V4} ]]; do
   DOVECOT_V4=$(dig a dovecot +short)
   DOVECOT_V6=$(dig aaaa dovecot +short)
   [[ ! -z ${DOVECOT_V4} ]] && break;
   echo "Waiting for Dovecot..."
   sleep 3
 done
 echo ${DOVECOT_V4}/32 > /etc/rspamd/custom/dovecot_trusted.map
 if [[ ! -z ${DOVECOT_V6} ]]; then
   echo ${DOVECOT_V6}/128 >> /etc/rspamd/custom/dovecot_trusted.map
 fi

 RSPAMD_V4=
 RSPAMD_V6=
 until [[ ! -z ${RSPAMD_V4} ]]; do
   RSPAMD_V4=$(dig a rspamd +short)
   RSPAMD_V6=$(dig aaaa rspamd +short)
   [[ ! -z ${RSPAMD_V4} ]] && break;
   echo "Waiting for Rspamd..."
   sleep 3
 done
 echo ${RSPAMD_V4}/32 > /etc/rspamd/custom/rspamd_trusted.map
 if [[ ! -z ${RSPAMD_V6} ]]; then
   echo ${RSPAMD_V6}/128 >> /etc/rspamd/custom/rspamd_trusted.map
 fi

 if [[ ! -z ${REDIS_SLAVEOF_IP} ]]; then
   cat <<EOF > /etc/rspamd/local.d/redis.conf
 read_servers = "redis:6379";
 write_servers = "${REDIS_SLAVEOF_IP}:${REDIS_SLAVEOF_PORT}";
 timeout = 10;
 EOF
   until [[ $(redis-cli -h redis-mailcow PING) == "PONG" ]]; do
     echo "Waiting for Redis @redis-mailcow..."
     sleep 2
   done
   until [[ $(redis-cli -h ${REDIS_SLAVEOF_IP} -p ${REDIS_SLAVEOF_PORT} PING) == "PONG" ]]; do
     echo "Waiting for Redis @${REDIS_SLAVEOF_IP}..."
     sleep 2
   done
   redis-cli -h redis-mailcow SLAVEOF ${REDIS_SLAVEOF_IP} ${REDIS_SLAVEOF_PORT}
 else
   cat <<EOF > /etc/rspamd/local.d/redis.conf
 servers = "redis:6379";
 timeout = 10;
 EOF
   until [[ $(redis-cli -h redis-mailcow PING) == "PONG" ]]; do
     echo "Waiting for Redis slave..."
     sleep 2
   done
   redis-cli -h redis-mailcow SLAVEOF NO ONE
 fi

 chown -R _rspamd:_rspamd /var/lib/rspamd \
   /etc/rspamd/local.d \
   /etc/rspamd/override.d \
   /etc/rspamd/rspamd.conf.local \
   /etc/rspamd/rspamd.conf.override \
   /etc/rspamd/plugins.d

 # Fix missing default global maps, if any
 # These exists in mailcow UI and should not be removed
 touch /etc/rspamd/custom/global_mime_from_blacklist.map \
   /etc/rspamd/custom/global_rcpt_blacklist.map \
   /etc/rspamd/custom/global_smtp_from_blacklist.map \
   /etc/rspamd/custom/global_mime_from_whitelist.map \
   /etc/rspamd/custom/global_rcpt_whitelist.map \
   /etc/rspamd/custom/global_smtp_from_whitelist.map \
   /etc/rspamd/custom/bad_languages.map \
   /etc/rspamd/custom/sa-rules \
   /etc/rspamd/custom/dovecot_trusted.map \
   /etc/rspamd/custom/rspamd_trusted.map \
   /etc/rspamd/custom/mailcow_networks.map \
   /etc/rspamd/custom/ip_wl.map \
   /etc/rspamd/custom/fishy_tlds.map \
   /etc/rspamd/custom/bad_words.map \
   /etc/rspamd/custom/bad_asn.map \
   /etc/rspamd/custom/bad_words_de.map \
   /etc/rspamd/custom/bulk_header.map \
   /etc/rspamd/custom/bad_header.map

 # www-data (82) group needs to write to these files
 chown _rspamd:_rspamd /etc/rspamd/custom/
 chmod 0755 /etc/rspamd/custom/.
 chown -R 82:82 /etc/rspamd/custom/*
 chmod 644 -R /etc/rspamd/custom/*

 # Run hooks
 for file in /hooks/*; do
   if [ -x "${file}" ]; then
     echo "Running hook ${file}"
     "${file}"
   fi
 done

 exec "$@"
	#!/bin/bash

	until nc phpfpm 9001 -z; do
	echo "Waiting for PHP on port 9001..."
	sleep 3
	done

	until nc phpfpm 9002 -z; do
	echo "Waiting for PHP on port 9002..."
	sleep 3
	done

	mkdir -p /etc/rspamd/plugins.d \
	/etc/rspamd/custom

	touch /etc/rspamd/rspamd.conf.local \
	/etc/rspamd/rspamd.conf.override

	chmod 755 /var/lib/rspamd


	[[ ! -f /etc/rspamd/override.d/worker-controller-password.inc ]] && echo '# Autogenerated by mailcow' > /etc/rspamd/override.d/worker-controller-password.inc

	echo ${IPV4_NETWORK}.0/24 > /etc/rspamd/custom/mailcow_networks.map
	echo ${IPV6_NETWORK} >> /etc/rspamd/custom/mailcow_networks.map

	DOVECOT_V4=
	DOVECOT_V6=
	until [[ ! -z ${DOVECOT_V4} ]]; do
	DOVECOT_V4=$(dig a dovecot +short)
	DOVECOT_V6=$(dig aaaa dovecot +short)
	[[ ! -z ${DOVECOT_V4} ]] && break;
	echo "Waiting for Dovecot..."
	sleep 3
	done
	echo ${DOVECOT_V4}/32 > /etc/rspamd/custom/dovecot_trusted.map
	if [[ ! -z ${DOVECOT_V6} ]]; then
	echo ${DOVECOT_V6}/128 >> /etc/rspamd/custom/dovecot_trusted.map
	fi

	RSPAMD_V4=
	RSPAMD_V6=
	until [[ ! -z ${RSPAMD_V4} ]]; do
	RSPAMD_V4=$(dig a rspamd +short)
	RSPAMD_V6=$(dig aaaa rspamd +short)
	[[ ! -z ${RSPAMD_V4} ]] && break;
	echo "Waiting for Rspamd..."
	sleep 3
	done
	echo ${RSPAMD_V4}/32 > /etc/rspamd/custom/rspamd_trusted.map
	if [[ ! -z ${RSPAMD_V6} ]]; then
	echo ${RSPAMD_V6}/128 >> /etc/rspamd/custom/rspamd_trusted.map
	fi

	if [[ ! -z ${REDIS_SLAVEOF_IP} ]]; then
	cat <<EOF > /etc/rspamd/local.d/redis.conf
	read_servers = "redis:6379";
	write_servers = "${REDIS_SLAVEOF_IP}:${REDIS_SLAVEOF_PORT}";
	timeout = 10;
	EOF
	until [[ $(redis-cli -h redis-mailcow PING) == "PONG" ]]; do
	echo "Waiting for Redis @redis-mailcow..."
	sleep 2
	done
	until [[ $(redis-cli -h ${REDIS_SLAVEOF_IP} -p ${REDIS_SLAVEOF_PORT} PING) == "PONG" ]]; do
	echo "Waiting for Redis @${REDIS_SLAVEOF_IP}..."
	sleep 2
	done
	redis-cli -h redis-mailcow SLAVEOF ${REDIS_SLAVEOF_IP} ${REDIS_SLAVEOF_PORT}
	else
	cat <<EOF > /etc/rspamd/local.d/redis.conf
	servers = "redis:6379";
	timeout = 10;
	EOF
	until [[ $(redis-cli -h redis-mailcow PING) == "PONG" ]]; do
	echo "Waiting for Redis slave..."
	sleep 2
	done
	redis-cli -h redis-mailcow SLAVEOF NO ONE
	fi

	chown -R _rspamd:_rspamd /var/lib/rspamd \
	/etc/rspamd/local.d \
	/etc/rspamd/override.d \
	/etc/rspamd/rspamd.conf.local \
	/etc/rspamd/rspamd.conf.override \
	/etc/rspamd/plugins.d

	# Fix missing default global maps, if any
	# These exists in mailcow UI and should not be removed
	touch /etc/rspamd/custom/global_mime_from_blacklist.map \
	/etc/rspamd/custom/global_rcpt_blacklist.map \
	/etc/rspamd/custom/global_smtp_from_blacklist.map \
	/etc/rspamd/custom/global_mime_from_whitelist.map \
	/etc/rspamd/custom/global_rcpt_whitelist.map \
	/etc/rspamd/custom/global_smtp_from_whitelist.map \
	/etc/rspamd/custom/bad_languages.map \
	/etc/rspamd/custom/sa-rules \
	/etc/rspamd/custom/dovecot_trusted.map \
	/etc/rspamd/custom/rspamd_trusted.map \
	/etc/rspamd/custom/mailcow_networks.map \
	/etc/rspamd/custom/ip_wl.map \
	/etc/rspamd/custom/fishy_tlds.map \
	/etc/rspamd/custom/bad_words.map \
	/etc/rspamd/custom/bad_asn.map \
	/etc/rspamd/custom/bad_words_de.map \
	/etc/rspamd/custom/bulk_header.map \
	/etc/rspamd/custom/bad_header.map

	# www-data (82) group needs to write to these files
	chown _rspamd:_rspamd /etc/rspamd/custom/
	chmod 0755 /etc/rspamd/custom/.
	chown -R 82:82 /etc/rspamd/custom/*
	chmod 644 -R /etc/rspamd/custom/*

	# Run hooks
	for file in /hooks/*; do
	if [ -x "${file}" ]; then
	echo "Running hook ${file}"
	"${file}"
	fi
	done

	exec "$@"