Blame - mailcow/src/mailcow-dockerized/data/Dockerfiles/dovecot/docker-entrypoint.sh - kubeia

blob: 5ea1609dfee4ade0663df0f75d01bf7605cf3a7f [file] [log] [blame]

Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	1	#!/bin/bash
				2	set -e
				3
				4	# Wait for MySQL to warm-up
				5	while ! mysqladmin status --socket=/var/run/mysqld/mysqld.sock -u${DBUSER} -p${DBPASS} --silent; do
				6	echo "Waiting for database to come up..."
				7	sleep 2
				8	done
				9
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	10	until dig +short mailcow.email > /dev/null; do
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	11	echo "Waiting for DNS..."
				12	sleep 1
				13	done
				14
				15	# Do not attempt to write to slave
				16	if [[ ! -z ${REDIS_SLAVEOF_IP} ]]; then
				17	REDIS_CMDLINE="redis-cli -h ${REDIS_SLAVEOF_IP} -p ${REDIS_SLAVEOF_PORT}"
				18	else
				19	REDIS_CMDLINE="redis-cli -h redis -p 6379"
				20	fi
				21
				22	until [[ $(${REDIS_CMDLINE} PING) == "PONG" ]]; do
				23	echo "Waiting for Redis..."
				24	sleep 2
				25	done
				26
				27	${REDIS_CMDLINE} SET DOVECOT_REPL_HEALTH 1 > /dev/null
				28
				29	# Create missing directories
				30	[[ ! -d /etc/dovecot/sql/ ]] && mkdir -p /etc/dovecot/sql/
				31	[[ ! -d /etc/dovecot/lua/ ]] && mkdir -p /etc/dovecot/lua/
				32	[[ ! -d /var/vmail/_garbage ]] && mkdir -p /var/vmail/_garbage
				33	[[ ! -d /var/vmail/sieve ]] && mkdir -p /var/vmail/sieve
				34	[[ ! -d /etc/sogo ]] && mkdir -p /etc/sogo
				35	[[ ! -d /var/volatile ]] && mkdir -p /var/volatile
				36
				37	# Set Dovecot sql config parameters, escape " in db password
				38	DBPASS=$(echo ${DBPASS} \| sed 's/"/\\"/g')
				39
				40	# Create quota dict for Dovecot
				41	if [[ "${MASTER}" =~ ^([yY][eE][sS]\|[yY])+$ ]]; then
				42	QUOTA_TABLE=quota2
				43	else
				44	QUOTA_TABLE=quota2replica
				45	fi
				46	cat <<EOF > /etc/dovecot/sql/dovecot-dict-sql-quota.conf
				47	# Autogenerated by mailcow
				48	connect = "host=/var/run/mysqld/mysqld.sock dbname=${DBNAME} user=${DBUSER} password=${DBPASS}"
				49	map {
				50	pattern = priv/quota/storage
				51	table = ${QUOTA_TABLE}
				52	username_field = username
				53	value_field = bytes
				54	}
				55	map {
				56	pattern = priv/quota/messages
				57	table = ${QUOTA_TABLE}
				58	username_field = username
				59	value_field = messages
				60	}
				61	EOF
				62
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	63	# Create dict used for sieve pre and postfilters
				64	cat <<EOF > /etc/dovecot/sql/dovecot-dict-sql-sieve_before.conf
				65	# Autogenerated by mailcow
				66	connect = "host=/var/run/mysqld/mysqld.sock dbname=${DBNAME} user=${DBUSER} password=${DBPASS}"
				67	map {
				68	pattern = priv/sieve/name/\$script_name
				69	table = sieve_before
				70	username_field = username
				71	value_field = id
				72	fields {
				73	script_name = \$script_name
				74	}
				75	}
				76	map {
				77	pattern = priv/sieve/data/\$id
				78	table = sieve_before
				79	username_field = username
				80	value_field = script_data
				81	fields {
				82	id = \$id
				83	}
				84	}
				85	EOF
				86
				87	cat <<EOF > /etc/dovecot/sql/dovecot-dict-sql-sieve_after.conf
				88	# Autogenerated by mailcow
				89	connect = "host=/var/run/mysqld/mysqld.sock dbname=${DBNAME} user=${DBUSER} password=${DBPASS}"
				90	map {
				91	pattern = priv/sieve/name/\$script_name
				92	table = sieve_after
				93	username_field = username
				94	value_field = id
				95	fields {
				96	script_name = \$script_name
				97	}
				98	}
				99	map {
				100	pattern = priv/sieve/data/\$id
				101	table = sieve_after
				102	username_field = username
				103	value_field = script_data
				104	fields {
				105	id = \$id
				106	}
				107	}
				108	EOF
				109
				110	echo -n ${ACL_ANYONE} > /etc/dovecot/acl_anyone
				111
				112	if [[ "${SKIP_SOLR}" =~ ^([yY][eE][sS]\|[yY])+$ ]]; then
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	113	echo -n 'quota acl zlib mail_crypt mail_crypt_acl mail_log notify listescape replication' > /etc/dovecot/mail_plugins
				114	echo -n 'quota imap_quota imap_acl acl zlib imap_zlib imap_sieve mail_crypt mail_crypt_acl notify listescape replication mail_log' > /etc/dovecot/mail_plugins_imap
				115	echo -n 'quota sieve acl zlib mail_crypt mail_crypt_acl notify listescape replication' > /etc/dovecot/mail_plugins_lmtp
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	116	else
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	117	echo -n 'quota acl zlib mail_crypt mail_crypt_acl mail_log notify fts fts_solr listescape replication' > /etc/dovecot/mail_plugins
				118	echo -n 'quota imap_quota imap_acl acl zlib imap_zlib imap_sieve mail_crypt mail_crypt_acl notify mail_log fts fts_solr listescape replication' > /etc/dovecot/mail_plugins_imap
				119	echo -n 'quota sieve acl zlib mail_crypt mail_crypt_acl fts fts_solr notify listescape replication' > /etc/dovecot/mail_plugins_lmtp
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	120	fi
				121	chmod 644 /etc/dovecot/mail_plugins /etc/dovecot/mail_plugins_imap /etc/dovecot/mail_plugins_lmtp /templates/quarantine.tpl
				122
				123	cat <<EOF > /etc/dovecot/sql/dovecot-dict-sql-userdb.conf
				124	# Autogenerated by mailcow
				125	driver = mysql
				126	connect = "host=/var/run/mysqld/mysqld.sock dbname=${DBNAME} user=${DBUSER} password=${DBPASS}"
				127	user_query = SELECT CONCAT(JSON_UNQUOTE(JSON_VALUE(attributes, '$.mailbox_format')), mailbox_path_prefix, '%d/%n/${MAILDIR_SUB}:VOLATILEDIR=/var/volatile/%u:INDEX=/var/vmail_index/%u') AS mail, '%s' AS protocol, 5000 AS uid, 5000 AS gid, concat('*:bytes=', quota) AS quota_rule FROM mailbox WHERE username = '%u' AND (active = '1' OR active = '2')
				128	iterate_query = SELECT username FROM mailbox WHERE active = '1' OR active = '2';
				129	EOF
				130
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	131	cat <<EOF > /etc/dovecot/lua/passwd-verify.lua
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	132	function auth_password_verify(req, pass)
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	133
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	134	if req.domain == nil then
				135	return dovecot.auth.PASSDB_RESULT_USER_UNKNOWN, "No such user"
				136	end
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	137
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	138	if cur == nil then
				139	script_init()
				140	end
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	141
				142	if req.user == nil then
				143	req.user = ''
				144	end
				145
				146	respbody = {}
				147
				148	-- check against mailbox passwds
				149	local cur,errorString = con:execute(string.format([[SELECT password FROM mailbox
				150	WHERE username = '%s'
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	151	AND active = '1'
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	152	AND domain IN (SELECT domain FROM domain WHERE domain='%s' AND active='1')
				153	AND IFNULL(JSON_UNQUOTE(JSON_VALUE(mailbox.attributes, '$.force_pw_update')), 0) != '1'
				154	AND IFNULL(JSON_UNQUOTE(JSON_VALUE(attributes, '$.%s_access')), 1) = '1']], con:escape(req.user), con:escape(req.domain), con:escape(req.service)))
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	155	local row = cur:fetch ({}, "a")
				156	while row do
				157	if req.password_verify(req, row.password, pass) == 1 then
				158	cur:close()
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	159	con:execute(string.format([[REPLACE INTO sasl_log (service, app_password, username, real_rip)
				160	VALUES ("%s", 0, "%s", "%s")]], con:escape(req.service), con:escape(req.user), con:escape(req.real_rip)))
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	161	return dovecot.auth.PASSDB_RESULT_OK, "password=" .. pass
				162	end
				163	row = cur:fetch (row, "a")
				164	end
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	165
				166	-- check against app passwds
				167	local cur,errorString = con:execute(string.format([[SELECT app_passwd.id, app_passwd.password FROM app_passwd
				168	INNER JOIN mailbox ON mailbox.username = app_passwd.mailbox
				169	WHERE mailbox = '%s'
				170	AND IFNULL(JSON_UNQUOTE(JSON_VALUE(mailbox.attributes, '$.%s_access')), 1) = '1'
				171	AND IFNULL(JSON_UNQUOTE(JSON_VALUE(mailbox.attributes, '$.force_pw_update')), 0) != '1'
				172	AND app_passwd.active = '1'
				173	AND mailbox.active = '1'
				174	AND app_passwd.domain IN (SELECT domain FROM domain WHERE domain='%s' AND active='1')]], con:escape(req.user), con:escape(req.service), con:escape(req.domain)))
				175	local row = cur:fetch ({}, "a")
				176	while row do
				177	if req.password_verify(req, row.password, pass) == 1 then
				178	cur:close()
				179	con:execute(string.format([[REPLACE INTO sasl_log (service, app_password, username, real_rip)
				180	VALUES ("%s", %d, "%s", "%s")]], con:escape(req.service), row.id, con:escape(req.user), con:escape(req.real_rip)))
				181	return dovecot.auth.PASSDB_RESULT_OK, "password=" .. pass
				182	end
				183	row = cur:fetch (row, "a")
				184	end
				185
				186	return dovecot.auth.PASSDB_RESULT_PASSWORD_MISMATCH, "Failed to authenticate"
				187
				188	-- PoC
				189	-- local reqbody = string.format([[{
				190	-- "success":0,
				191	-- "service":"%s",
				192	-- "app_password":false,
				193	-- "username":"%s",
				194	-- "real_rip":"%s"
				195	-- }]], con:escape(req.service), con:escape(req.user), con:escape(req.real_rip))
				196	-- http.request {
				197	-- method = "POST",
				198	-- url = "http://nginx:8081/sasl_log.php",
				199	-- source = ltn12.source.string(reqbody),
				200	-- headers = {
				201	-- ["content-type"] = "application/json",
				202	-- ["content-length"] = tostring(#reqbody)
				203	-- },
				204	-- sink = ltn12.sink.table(respbody)
				205	-- }
				206
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	207	end
				208
				209	function auth_passdb_lookup(req)
				210	return dovecot.auth.PASSDB_RESULT_USER_UNKNOWN, ""
				211	end
				212
				213	function script_init()
				214	mysql = require "luasql.mysql"
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	215	http = require "socket.http"
				216	http.TIMEOUT = 5
				217	ltn12 = require "ltn12"
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	218	env = mysql.mysql()
				219	con = env:connect("__DBNAME__","__DBUSER__","__DBPASS__","localhost")
				220	return 0
				221	end
				222
				223	function script_deinit()
				224	con:close()
				225	env:close()
				226	end
				227	EOF
				228
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	229	# Replace patterns in app-passdb.lua
				230	sed -i "s/__DBUSER__/${DBUSER}/g" /etc/dovecot/lua/passwd-verify.lua
				231	sed -i "s/__DBPASS__/${DBPASS}/g" /etc/dovecot/lua/passwd-verify.lua
				232	sed -i "s/__DBNAME__/${DBNAME}/g" /etc/dovecot/lua/passwd-verify.lua
				233
				234
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	235	# Migrate old sieve_after file
				236	[[ -f /etc/dovecot/sieve_after ]] && mv /etc/dovecot/sieve_after /etc/dovecot/global_sieve_after
				237	# Create global sieve scripts
				238	cat /etc/dovecot/global_sieve_after > /var/vmail/sieve/global_sieve_after.sieve
				239	cat /etc/dovecot/global_sieve_before > /var/vmail/sieve/global_sieve_before.sieve
				240
				241	# Check permissions of vmail/index/garbage directories.
				242	# Do not do this every start-up, it may take a very long time. So we use a stat check here.
				243	if [[ $(stat -c %U /var/vmail/) != "vmail" ]] ; then chown -R vmail:vmail /var/vmail ; fi
				244	if [[ $(stat -c %U /var/vmail/_garbage) != "vmail" ]] ; then chown -R vmail:vmail /var/vmail/_garbage ; fi
				245	if [[ $(stat -c %U /var/vmail_index) != "vmail" ]] ; then chown -R vmail:vmail /var/vmail_index ; fi
				246
				247	# Cleanup random user maildirs
				248	rm -rf /var/vmail/mailcow.local/*
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	249	# Cleanup PIDs
				250	[[ -f /tmp/quarantine_notify.pid ]] && rm /tmp/quarantine_notify.pid
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	251
				252	# create sni configuration
				253	echo "" > /etc/dovecot/sni.conf
				254	for cert_dir in /etc/ssl/mail/*/ ; do
				255	if [[ ! -f ${cert_dir}domains ]] \|\| [[ ! -f ${cert_dir}cert.pem ]] \|\| [[ ! -f ${cert_dir}key.pem ]]; then
				256	continue
				257	fi
				258	domains=($(cat ${cert_dir}domains))
				259	for domain in ${domains[@]}; do
				260	echo 'local_name '${domain}' {' >> /etc/dovecot/sni.conf;
				261	echo ' ssl_cert = <'${cert_dir}'cert.pem' >> /etc/dovecot/sni.conf;
				262	echo ' ssl_key = <'${cert_dir}'key.pem' >> /etc/dovecot/sni.conf;
				263	echo '}' >> /etc/dovecot/sni.conf;
				264	done
				265	done
				266
				267	# Create random master for SOGo sieve features
				268	RAND_USER=$(cat /dev/urandom \| tr -dc 'a-z0-9' \| fold -w 16 \| head -n 1)
				269	RAND_PASS=$(cat /dev/urandom \| tr -dc 'a-z0-9' \| fold -w 24 \| head -n 1)
				270
				271	if [[ ! -z ${DOVECOT_MASTER_USER} ]] && [[ ! -z ${DOVECOT_MASTER_PASS} ]]; then
				272	RAND_USER=${DOVECOT_MASTER_USER}
				273	RAND_PASS=${DOVECOT_MASTER_PASS}
				274	fi
				275	echo ${RAND_USER}@mailcow.local:{SHA1}$(echo -n ${RAND_PASS} \| sha1sum \| awk '{print $1}'):::::: > /etc/dovecot/dovecot-master.passwd
				276	echo ${RAND_USER}@mailcow.local::5000:5000:::: > /etc/dovecot/dovecot-master.userdb
				277	echo ${RAND_USER}@mailcow.local:${RAND_PASS} > /etc/sogo/sieve.creds
				278
				279	if [[ -z ${MAILDIR_SUB} ]]; then
				280	MAILDIR_SUB_SHARED=
				281	else
				282	MAILDIR_SUB_SHARED=/${MAILDIR_SUB}
				283	fi
				284	cat <<EOF > /etc/dovecot/shared_namespace.conf
				285	# Autogenerated by mailcow
				286	namespace {
				287	type = shared
				288	separator = /
				289	prefix = Shared/%%u/
				290	location = maildir:%%h${MAILDIR_SUB_SHARED}:INDEX=~${MAILDIR_SUB_SHARED}/Shared/%%u
				291	subscriptions = no
				292	list = children
				293	}
				294	EOF
				295
				296	cat <<EOF > /etc/dovecot/sogo_trusted_ip.conf
				297	# Autogenerated by mailcow
				298	remote ${IPV4_NETWORK}.248 {
				299	disable_plaintext_auth = no
				300	}
				301	EOF
				302
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	303	# Create random master Password for SOGo SSO
				304	RAND_PASS=$(cat /dev/urandom \| tr -dc 'a-z0-9' \| fold -w 32 \| head -n 1)
				305	echo -n ${RAND_PASS} > /etc/phpfpm/sogo-sso.pass
				306	cat <<EOF > /etc/dovecot/sogo-sso.conf
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	307	# Autogenerated by mailcow
				308	passdb {
				309	driver = static
				310	args = allow_real_nets=${IPV4_NETWORK}.248/32 password={plain}${RAND_PASS}
				311	}
				312	EOF
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	313
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	314	if [[ "${MASTER}" =~ ^([nN][oO]\|[nN])+$ ]]; then
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	315	# Toggling MASTER will result in a rebuild of containers, so the quota script will be recreated
				316	cat <<'EOF' > /usr/local/bin/quota_notify.py
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	317	#!/usr/bin/python3
				318	import sys
				319	sys.exit()
				320	EOF
				321	fi
				322
				323	# 401 is user dovecot
				324	if [[ ! -s /mail_crypt/ecprivkey.pem \|\| ! -s /mail_crypt/ecpubkey.pem ]]; then
				325	openssl ecparam -name prime256v1 -genkey \| openssl pkey -out /mail_crypt/ecprivkey.pem
				326	openssl pkey -in /mail_crypt/ecprivkey.pem -pubout -out /mail_crypt/ecpubkey.pem
				327	chown 401 /mail_crypt/ecprivkey.pem /mail_crypt/ecpubkey.pem
				328	else
				329	chown 401 /mail_crypt/ecprivkey.pem /mail_crypt/ecpubkey.pem
				330	fi
				331
				332	# Compile sieve scripts
				333	sievec /var/vmail/sieve/global_sieve_before.sieve
				334	sievec /var/vmail/sieve/global_sieve_after.sieve
				335	sievec /usr/lib/dovecot/sieve/report-spam.sieve
				336	sievec /usr/lib/dovecot/sieve/report-ham.sieve
				337
				338	# Fix permissions
				339	chown root:root /etc/dovecot/sql/*.conf
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	340	chown root:dovecot /etc/dovecot/sql/dovecot-dict-sql-sieve* /etc/dovecot/sql/dovecot-dict-sql-quota* /etc/dovecot/lua/passwd-verify.lua
				341	chmod 640 /etc/dovecot/sql/*.conf /etc/dovecot/lua/passwd-verify.lua
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	342	chown -R vmail:vmail /var/vmail/sieve
				343	chown -R vmail:vmail /var/volatile
				344	chown -R vmail:vmail /var/vmail_index
				345	adduser vmail tty
				346	chmod g+rw /dev/console
				347	chown root:tty /dev/console
				348	chmod +x /usr/lib/dovecot/sieve/rspamd-pipe-ham \
				349	/usr/lib/dovecot/sieve/rspamd-pipe-spam \
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	350	/usr/local/bin/imapsync_runner.pl \
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	351	/usr/local/bin/imapsync \
				352	/usr/local/bin/trim_logs.sh \
				353	/usr/local/bin/sa-rules.sh \
				354	/usr/local/bin/clean_q_aged.sh \
				355	/usr/local/bin/maildir_gc.sh \
				356	/usr/local/sbin/stop-supervisor.sh \
				357	/usr/local/bin/quota_notify.py \
				358	/usr/local/bin/repl_health.sh
				359
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	360	# Prepare environment file for cronjobs
				361	printenv \| sed 's/^$.*$$/export \1/g' > /source_env.sh
				362
				363	# Clean old PID if any
				364	[[ -f /var/run/dovecot/master.pid ]] && rm /var/run/dovecot/master.pid
				365
				366	# Clean stopped imapsync jobs
				367	rm -f /tmp/imapsync_busy.lock
				368	IMAPSYNC_TABLE=$(mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SHOW TABLES LIKE 'imapsync'" -Bs)
				369	[[ ! -z ${IMAPSYNC_TABLE} ]] && mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "UPDATE imapsync SET is_running='0'"
				370
				371	# Envsubst maildir_gc
				372	echo "$(envsubst < /usr/local/bin/maildir_gc.sh)" > /usr/local/bin/maildir_gc.sh
				373
				374	# GUID generation
				375	while [[ ${VERSIONS_OK} != 'OK' ]]; do
				376	if [[ ! -z $(mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} -B -e "SELECT 'OK' FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA = \"${DBNAME}\" AND TABLE_NAME = 'versions'") ]]; then
				377	VERSIONS_OK=OK
				378	else
				379	echo "Waiting for versions table to be created..."
				380	sleep 3
				381	fi
				382	done
				383	PUBKEY_MCRYPT=$(doveconf -P 2> /dev/null \| grep -i mail_crypt_global_public_key \| cut -d '<' -f2)
				384	if [ -f ${PUBKEY_MCRYPT} ]; then
				385	GUID=$(cat <(echo ${MAILCOW_HOSTNAME}) /mail_crypt/ecpubkey.pem \| sha256sum \| cut -d ' ' -f1 \| tr -cd "[a-fA-F0-9.:/] ")
				386	if [ ${#GUID} -eq 64 ]; then
				387	mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} << EOF
				388	REPLACE INTO versions (application, version) VALUES ("GUID", "${GUID}");
				389	EOF
				390	else
				391	mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} << EOF
				392	REPLACE INTO versions (application, version) VALUES ("GUID", "INVALID");
				393	EOF
				394	fi
				395	fi
				396
				397	# Collect SA rules once now
				398	/usr/local/bin/sa-rules.sh
				399
				400	# Run hooks
				401	for file in /hooks/*; do
				402	if [ -x "${file}" ]; then
				403	echo "Running hook ${file}"
				404	"${file}"
				405	fi
				406	done
				407
				408	# For some strange, unknown and stupid reason, Dovecot may run into a race condition, when this file is not touched before it is read by dovecot/auth
				409	# May be related to something inside Docker, I seriously don't know
Matthias Andreas Benkard	7b2a3a1	2021-08-16 10:57:25 +0200	[diff] [blame^]	410	touch /etc/dovecot/lua/passwd-verify.lua
Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	411
				412	exec "$@"