From 1ffed58956486e4ece00eb0dfb9947f9e4d85fdd Mon Sep 17 00:00:00 2001 From: andryyy Date: Mon, 11 Sep 2017 21:51:17 +0200 Subject: [PATCH 1/2] [ACME] New version, better IPv4 detection --- data/Dockerfiles/acme/docker-entrypoint.sh | 20 +++++++++++++++++++- docker-compose.yml | 2 +- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/data/Dockerfiles/acme/docker-entrypoint.sh b/data/Dockerfiles/acme/docker-entrypoint.sh index a69a1ca4..c5e6bc36 100755 --- a/data/Dockerfiles/acme/docker-entrypoint.sh +++ b/data/Dockerfiles/acme/docker-entrypoint.sh @@ -26,6 +26,24 @@ verify_hash_match(){ fi } +get_ipv4(){ + local IPV4= + local IPV4_SRCS= + local TRY= + IPV4_SRCS[0]="api.ipify.org" + IPV4_SRCS[1]="ifconfig.co" + IPV4_SRCS[2]="icanhazip.com" + IPV4_SRCS[3]="v4.ident.me" + IPV4_SRCS[4]="ipecho.net/plain" + IPV4_SRCS[5]="mailcow.email/ip.php" + until [[ ! -z ${IPV4} ]] || [[ ${TRY} -ge 100 ]]; do + IPV4=$(curl --connect-timeout 3 -m 10 -L4s ${IPV4_SRCS[$RANDOM % ${#IPV4_SRCS[@]} ]} | grep -E "^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$") + [[ ! -z ${TRY} ]] && sleep 1 + TRY=$((TRY+1)) + done + echo ${IPV4} +} + [[ ! -f ${ACME_BASE}/dhparams.pem ]] && cp ${SSL_EXAMPLE}/dhparams.pem ${ACME_BASE}/dhparams.pem if [[ -f ${ACME_BASE}/cert.pem ]] && [[ -f ${ACME_BASE}/key.pem ]]; then @@ -73,7 +91,7 @@ while true; do declare -a VALIDATED_CONFIG_DOMAINS declare -a ADDITIONAL_VALIDATED_SAN IFS=',' read -r -a ADDITIONAL_SAN_ARR <<< "${ADDITIONAL_SAN}" - IPV4=$(curl -4s https://mailcow.email/ip.php) + IPV4=$(get_ipv4) # Container ids may have changed CONTAINERS_RESTART=($(curl --silent --unix-socket /var/run/docker.sock http/containers/json | jq -rc 'map(select(.Names[] | contains ("nginx-mailcow") or contains ("postfix-mailcow") or contains ("dovecot-mailcow"))) | .[] .Id' | tr "\n" " ")) diff --git a/docker-compose.yml b/docker-compose.yml index 172dc5d5..c497a6f0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -283,7 +283,7 @@ services: acme-mailcow: depends_on: - nginx-mailcow - image: mailcow/acme:1.15 + image: mailcow/acme:1.16 build: ./data/Dockerfiles/acme dns: - 172.22.1.254 From 9a504de1f8bd008c7adc896cd623da0014545e1f Mon Sep 17 00:00:00 2001 From: andryyy Date: Tue, 12 Sep 2017 07:57:09 +0200 Subject: [PATCH 2/2] [ClamAV] Restart only on failure --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index c497a6f0..8704abb1 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -68,7 +68,7 @@ services: clamd-mailcow: image: mailcow/clamd:1.2 build: ./data/Dockerfiles/clamd - restart: always + restart: on-failure environment: - SKIP_CLAMD=${SKIP_CLAMD:-n} dns: