-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
40 lines (31 loc) · 1.55 KB
/
Dockerfile
File metadata and controls
40 lines (31 loc) · 1.55 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
FROM alpine:3.23.4
LABEL \
maintainer="github@compuix.com" \
version="2026.04.21" \
description="SMTP relay server for local subnets."
#checkov:skip=CKV_DOCKER_3: "Ensure that a user for the container has been created"
# Let's Encrypt Certiciates - https://letsencrypt.org/certificates/
RUN set -xe \
&& addgroup -g 587 postfix && adduser -D -H -h /etc/postfix -g postfix -u 587 -G postfix postfix \
&& addgroup -g 465 postdrop && adduser -D -H -h /var/mail/domains -g postdrop -u 465 -G postdrop vmail \
&& apk add --no-cache bash ca-certificates libsasl cyrus-sasl-login postfix tzdata openssl \
&& ln -sfn /usr/share/zoneinfo/America/New_York /etc/localtime \
&& touch /var/log/maillog \
&& postalias /etc/postfix/aliases \
&& sed -i -r -e 's/^#submission/submission/' /etc/postfix/master.cf \
&& chown root:root /var/spool/postfix /var/spool/postfix/pid \
&& wget -q -P /usr/local/share/ca-certificates/ \
https://letsencrypt.org/certs/2024/e5.pem \
https://letsencrypt.org/certs/2024/e5-cross.pem \
https://letsencrypt.org/certs/2024/e6.pem \
https://letsencrypt.org/certs/2024/e6-cross.pem \
https://letsencrypt.org/certs/2024/r10.pem \
https://letsencrypt.org/certs/2024/r11.pem \
&& update-ca-certificates
COPY ["header_checks", "/staging/header_checks"]
COPY ["run_postfix", "healthcheck", "/"]
RUN chmod +x /run_postfix /healthcheck
EXPOSE 25/tcp 587/tcp
STOPSIGNAL SIGKILL
ENTRYPOINT ["/run_postfix"]
HEALTHCHECK --start-period=10s --interval=60s --timeout=30s --retries=3 CMD [ "/healthcheck" ]