Skip to content

Commit 3bccb70

Browse files
brongerbronger
committed
Revert "Make it possible to have additional DNS names for Postfix"
This reverts commit 1c0a2a7. It causes the certificate to change at every container restart, which effectively disconnects clients.
1 parent 1c0a2a7 commit 3bccb70

4 files changed

Lines changed: 6 additions & 20 deletions

File tree

Dockerfile

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,11 @@ RUN mkdir /etc/sigh
6464
COPY sigh.cfg /etc/sigh/
6565
RUN mkdir "$SIGH_ROOT"; chown filter "$SIGH_ROOT"
6666

67-
COPY csr.conf /opt/
67+
COPY csr.conf /tmp
68+
RUN openssl req -x509 -days 3650 -key /etc/ssl/private/ssl-cert-snakeoil.key \
69+
-out /etc/ssl/certs/ssl-cert-snakeoil-postfix.pem -config /tmp/csr.conf -extensions v3_req && \
70+
rm /tmp/csr.conf
71+
RUN openssl x509 -in /etc/ssl/certs/ssl-cert-snakeoil-postfix.pem -text
6872

6973
RUN postconf -e "smtp_sasl_auth_enable=yes" && \
7074
postconf -e "smtp_tls_security_level=may" && \

README.rst

Lines changed: 0 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -48,11 +48,6 @@ There are five environment variables:
4848
Defaults to ``postfix sigh``, i.e. both. Mind to quote it properly,
4949
depending on context.
5050

51-
``POSTFIX_EXTRA_DNS_NAMES``
52-
Space-separated list of additional DNS names for the self-signed certificate
53-
for Postfix. “postfix” is always set, but by using this environment
54-
variable, you can add e.g. ``postfix.default.svc.cluster.local``.
55-
5651

5752
So, for example, you could say::
5853

@@ -113,8 +108,6 @@ this:
113108
value:
114109
- name: TZ
115110
value:
116-
- name: POSTFIX_EXTRA_DNS_NAMES
117-
value: postfix.default.svc.cluster.local
118111
- name: sigh
119112
image: bronger/postfix
120113
command: [/opt/entrypoints/entrypoint-sigh.sh]

csr.conf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,4 +6,4 @@ CN = localhost
66
[v3_req]
77
subjectAltName = @alt_names
88
[alt_names]
9-
DNS.1 = postfix
9+
DNS = postfix

entrypoints/configure-common.sh

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -7,14 +7,3 @@ echo "$TZ" > /etc/timezone
77

88
: "${LOG_OUTPUT:=sigh postfix}"
99
export LOG_OUTPUT
10-
11-
index=2
12-
for name in $POSTFIX_EXTRA_DNS_NAMES
13-
do
14-
printf "DNS.%d = %s\n" $index "$name" >> /opt/csr.conf
15-
index=$((index+1))
16-
done
17-
18-
openssl req -x509 -days 3650 -key /etc/ssl/private/ssl-cert-snakeoil.key \
19-
-out /etc/ssl/certs/ssl-cert-snakeoil-postfix.pem -config /opt/csr.conf -extensions v3_req
20-
openssl x509 -in /etc/ssl/certs/ssl-cert-snakeoil-postfix.pem -text

0 commit comments

Comments
 (0)