Browse Source

Test mixnet running several docker containers

- Move scripts to docker dir
- Build docker images in multi stages
- Add data for the test
- Add script to run the test (to be replaced by docker compose)
gns
juga 1 year ago
parent
commit
1be24f14c1
8 changed files with 178 additions and 44 deletions
  1. +1
    -4
      .dockerignore
  2. +45
    -14
      Dockerfile
  3. +43
    -0
      docker/configure_postfix.sh
  4. +29
    -0
      docker/run_test.sh
  5. +7
    -0
      docker/start_postfix.sh
  6. +0
    -26
      scripts/configure_postfix.sh
  7. +41
    -0
      tests/data/bob@openpgp.example.asc
  8. +12
    -0
      tests/data/plain_from_alice_to_bob.eml

+ 1
- 4
.dockerignore View File

@ -1,6 +1,3 @@
.git/
Dockerfile
CONTRIBUTING.md
install_debian.sh
maintainers.md
tests/
docs

+ 45
- 14
Dockerfile View File

@ -1,20 +1,51 @@
FROM registry.gitlab.com/juga0/peppythonadapter_git/sync-docker:latest
FROM registry.gitlab.com/juga0/peppythonadapter_git/sync-docker:latest as mixnet
# XXX: This should be removed in the Dockerfiles used to build the images
RUN rm -rf sequoia; rm -rf /usr/local/cargo; rm -rf /usr/local/rustup; \
rm -rf /root/.cargo \
rm -rf build*; rm *.py *.sh *.cc *.hh *.o *.txt *.md \
rm -rf /libetpan /asn1c /.git /asn.1 /yml2
COPY . .
RUN python3 setup.py install
MAINTAINER juga <juga at riseup dot net>
FROM mixnet as postfix
ENV DEBIAN_FRONTEND noninteractive
RUN apt update -y
RUN apt install -y postfix sudo
# Use syslog-ng to get Postfix logs (rsyslog uses upstart which does not seem
# to run within Docker).
RUN apt install -y syslog-ng
RUN apt install -yqq swaks procps net-tools telnet iputils-ping vim ncdu
COPY . .
ENV DOMAIN=remailer.openpgp.example
FROM postfix as node
ARG PORT=25
ARG DOMAIN=pep.example
ARG MYNAMEADDR=""
ARG MYFP=""
ARG USER=remailer
ENV PORT=${PORT}
ENV DOMAIN=${DOMAIN}
ENV MYNAMEADDR=${MYNAMEADDR}
ENV MYFP=${MYFP}
ENV USER=${USER}
# The user that will run postfix pipe
RUN adduser --system ${USER}
# To be able to se domain and port at runtime
ENTRYPOINT ["docker/configure_postfix.sh"]
CMD ["docker/start_postfix.sh"]
RUN apt update -yqq
RUN echo "postfix postfix/main_mailer_type string 'Internet Site'" | debconf-set-selections
RUN echo "postfix postfix/mailname string ${DOMAIN}" | debconf-set-selections
RUN apt install -yqq postfix
RUN scripts/configure_postfix.sh
# XXX: take into account user for the path
RUN python3 setup.py install
FROM node as alice
RUN gpg --import /tests/data/alice@openpgp.example.sec.asc \
/tests/data/bob@openpgp.example.asc \
/tests/data/root@n3.pep.example.asc \
/tests/data/root@n2.pep.example.asc \
/tests/data/root@n1.pep.example.asc
CMD client -d -p $MYFP -f $FILE
# VOLUME /var/log
EXPOSE 25
FROM node as remailer
ARG KEY=""
RUN sudo -u ${USER} gpg --import ${KEY}
CMD ["/usr/sbin/postfix", "start-fg"]
FROM node as bob
RUN postconf -e transport_maps=
RUN service postfix restart

+ 43
- 0
docker/configure_postfix.sh View File

@ -0,0 +1,43 @@
#!/bin/bash
set -exuo pipefail
echo 'Configuring postfix'
# Configure a local domain
# XXX: replace lines instead of adding
echo '127.0.0.1' $DOMAIN >> /etc/hosts
echo '::1 '$DOMAIN >> /etc/hosts
echo '# Make the host solve these domains:'>> /etc/hosts
echo '172.17.0.1 n1.pep.example n2.pep.example n3.pep.example openpgp.example'>> /etc/hosts
# Configure postfix master.cf
postconf -F '*/*/chroot = n'
# postconf -F 'smtp/inet/service='$PORT
# the command in pip do not run with the user in `user`, but as `postfix` user,
# therefore, pass it to the application
postconf -M remailer/unix='remailer unix - n n - - pipe user='$USER' argv=/usr/local/bin/remailer -p '$MYFP
# Add transport and virtual files
echo $DOMAIN' remailer:' >> /etc/postfix/transport
echo '# To be able to deliver email to remote hosts in a different port' >> /etc/postfix/transport
echo 'n1.pep.example smtp:n1.pep.example:2501' >> /etc/postfix/transport
echo 'n2.pep.example smtp:n2.pep.example:2502' >> /etc/postfix/transport
echo 'n3.pep.example smtp:n3.pep.example:2503' >> /etc/postfix/transport
echo 'openpgp.example smtp:openpgp.example:2504' >> /etc/postfix/transport
echo '@'$DOMAIN' root@'$DOMAIN >> /etc/postfix/virtual
# Configure postfix main.cf
postconf -e myhostname=$DOMAIN
# Don't add 0.0.0.0 in a production server, it will become an open relay!!
# It's added here so that it can send email to other domains without authentication
postconf -e mynetworks="0.0.0.0/0 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128"
postconf -e transport_maps=hash:/etc/postfix/transport
postconf -e virtual_alias_maps=hash:/etc/postfix/virtual
postconf -e smtp_host_lookup=dns,native
# Create postfix dbs
postmap /etc/postfix/transport
postmap /etc/postfix/virtual
exec "$@"

+ 29
- 0
docker/run_test.sh View File

@ -0,0 +1,29 @@
#!/bin/bash
set -x
RELEASE_IMAGE=node
# Run docker containers
docker run -d -e USER=remailer -e DOMAIN=whatever.example -p 2500:25 --name alice $RELEASE_IMAGE
docker run -d -e USER=remailer -e MYFP=44CF7B7252148BE970F53FF8BF378725BCA73C60 -e DOMAIN=n1.pep.example -p 2501:25 --name n1 $RELEASE_IMAGE
docker run -d -e USER=remailer -e MYFP=EEA6C082CA652EE1F6297F569CFD11A518CD28F8 -e DOMAIN=n2.pep.example -p 2502:25 --name n2 $RELEASE_IMAGE
docker run -d -e USER=remailer -e MYFP=5CF81E8377654F1BD1D5A02B4854BBDC9957C746 -e DOMAIN=n3.pep.example -p 2503:25 --name n3 $RELEASE_IMAGE
docker run -d -e USER=remailer -e DOMAIN=openpgp.example -p 2504:25 --name bob $RELEASE_IMAGE
# Import keys
docker exec alice gpg --import /tests/data/alice@openpgp.example.sec.asc \
/tests/data/bob@openpgp.example.asc \
/tests/data/root@n3.pep.example.asc \
/tests/data/root@n2.pep.example.asc \
/tests/data/root@n1.pep.example.asc
docker exec bob gpg --import /tests/data/bob@openpgp.example.sec.asc
docker exec bob postconf -e transport_maps=
docker exec bob service postfix restart
# docker exec bob adduser bob
docker exec n3 sudo -u remailer gpg --import /tests/data/root@n3.pep.example.sec.asc
docker exec n2 sudo -u remailer gpg --import /tests/data/root@n2.pep.example.sec.asc
docker exec n1 sudo -u remailer gpg --import /tests/data/root@n1.pep.example.sec.asc
# Send a message
docker exec alice client -d -p EB85BB5FA33A75E15E944E63F231550C4F47E38E -f /tests/data/plain_from_alice_to_bob.eml

+ 7
- 0
docker/start_postfix.sh View File

@ -0,0 +1,7 @@
#!/bin/bash
set -x
/usr/sbin/syslog-ng
/usr/sbin/postfix start-fg
/usr/bin/tail -f /var/log/mail.log

+ 0
- 26
scripts/configure_postfix.sh View File

@ -1,26 +0,0 @@
#!/bin/bash
set -x
# export DOMAIN=$1
# Configure a local domain
# XXX: replace lines instead of adding
echo '127.0.0.1 '$DOMAIN >> /etc/hosts
echo '::1 '$DOMAIN >> /etc/hosts
cat <<EOF >> /etc/postfix/master.cf
remailer unix - n n - - pipe
flags=FR user=user argv=/usr/local/bin/remailer
EOF
echo $DOMAIN' remailer:' >> /etc/postfix/transport
echo '@'$DOMAIN' pep@'$DOMAIN >> /etc/postfix/virtual
echo "transport_maps = hash:/etc/postfix/transport" >> /etc/postfix/main.cf
echo "virtual_alias_maps = hash:/etc/postfix/virtual" >> /etc/postfix/main.cf
echo "smtp_host_lookup = dns, native" >> /etc/postfix/main.cf
postmap /etc/postfix/transport
postmap /etc/postfix/virtual
service postfix restart

+ 41
- 0
tests/data/bob@openpgp.example.asc View File

@ -0,0 +1,41 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGNBF2lnPIBDAC5cL9PQoQLTMuhjbYvb4Ncuuo0bfmgPRFywX53jPhoFf4Zg6mv
/seOXpgecTdOcVttfzC8ycIKrt3aQTiwOG/ctaR4Bk/t6ayNFfdUNxHWk4WCKzdz
/56fW2O0F23qIRd8UUJp5IIlN4RDdRCtdhVQIAuzvp2oVy/LaS2kxQoKvph/5pQ/
5whqsyroEWDJoSV0yOb25B/iwk/pLUFoyhDG9bj0kIzDxrEqW+7Ba8nocQlecMF3
X5KMN5kp2zraLv9dlBBpWW43XktjcCZgMy20SouraVma8Je/ECwUWYUiAZxLIlMv
9CurEOtxUw6N3RdOtLmYZS9uEnn5y1UkF88o8Nku890uk6BrewFzJyLAx5wRZ4F0
qV/yq36UWQ0JB/AUGhHVPdFf6pl6eaxBwT5GXvbBUibtf8YI2og5RsgTWtXfU7eb
SGXrl5ZMpbA6mbfhd0R8aPxWfmDWiIOhBufhMCvUHh1sApMKVZnvIff9/0Dca3wb
vLIwa3T4CyshfT0AEQEAAbQhQm9iIEJhYmJhZ2UgPGJvYkBvcGVucGdwLmV4YW1w
bGU+iQHOBBMBCgA4AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAFiEE0aZuGiOx
gsmYD3iM+/zIKgFeczAFAl2lnvoACgkQ+/zIKgFeczBvbAv/VNk90a6hG8Od9xTz
XxH5YRFUSGfIA1yjPIVOnKqhMwps2U+sWE3urL+MvjyQRlyRV8oY9IOhQ5Esm6DO
ZYrTnE7qVETm1ajIAP2OFChEc55uH88x/anpPOXOJY7S8jbn3naC9qad75BrZ+3g
9EBUWiy5p8TykP05WSnSxNRt7vFKLfEB4nGkehpwHXOVF0CRNwYle42bg8lpmdXF
DcCZCi+qEbafmTQzkAqyzS3nCh3IAqq6Y0kBuaKLm2tSNUOlZbD+OHYQNZ5Jix7c
ZUzs6Xh4+I55NRWl5smrLq66yOQoFPy9jot/Qxikx/wP3MsAzeGaZSEPc0fHp5G1
6rlGbxQ3vl8/usUV7W+TMEMljgwd5x8POR6HC8EaCDfVnUBCPi/Gv+egLjsIbPJZ
ZEroiE40e6/UoCiQtlpQB5exPJYSd1Q1txCwueih99PHepsDhmUQKiACszNU+RRo
zAYau2VdHqnRJ7QYdxHDiH49jPK4NTMyb/tJh2TiIwcmsIpGuQGNBF2lnPIBDADW
ML9cbGMrp12CtF9b2P6z9TTT74S8iyBOzaSvdGDQY/sUtZXRg21HWamXnn9sSXvI
DEINOQ6A9QxdxoqWdCHrOuW3ofneYXoG+zeKc4dC86wa1TR2q9vW+RMXSO4uImA+
Uzula/6k1DogDf28qhCxMwG/i/m9g1c/0aApuDyKdQ1PXsHHNlgd/Dn6rrd5y2AO
baifV7wIhEJnvqgFXDN2RXGjLeCOHV4Q2WTYPg/S4k1nMXVDwZXrvIsA0YwIMgIT
86Rafp1qKlgPNbiIlC1g9RY/iFaGN2b4Ir6GDohBQSfZW2+LXoPZuVE/wGlQ01rh
827KVZW4lXvqsge+wtnWlszcselGATyzqOK9LdHPdZGzROZYI2e8c+paLNDdVPL6
vdRBUnkCaEkOtl1mr2JpQi5nTU+gTX4IeInC7E+1a9UDF/Y85ybUz8XV8rUnR76U
qVC7KidNepdHbZjjXCt8/Zo+Tec9JNbYNQB/e9ExmDntmlHEsSEQzFwzj8sxH48A
EQEAAYkBtgQYAQoAIBYhBNGmbhojsYLJmA94jPv8yCoBXnMwBQJdpZzyAhsMAAoJ
EPv8yCoBXnMw6f8L/26C34dkjBffTzMj5Bdzm8MtF67OYneJ4TQMw7+41IL4rVcS
KhIhk/3Ud5knaRtP2ef1+5F66h9/RPQOJ5+tvBwhBAcUWSupKnUrdVaZQanYmtSx
cVV2PL9+QEiNN3tzluhaWO//rACxJ+K/ZXQlIzwQVTpNhfGzAaMVV9zpf3u0k14i
tcv6alKY8+rLZvO1wIIeRZLmU0tZDD5HtWDvUV7rIFI1WuoLb+KZgbYn3OWjCPHV
dTrdZ2CqnZbG3SXw6awH9bzRLV9EXkbhIMez0deCVdeo+wFFklh8/5VK2b0vk/+w
qMJxfpa1lHvJLobzOP9fvrswsr92MA2+k901WeISR7qEzcI0Fdg8AyFAExaEK6Vy
jP7SXGLwvfisw34OxuZr3qmx1Sufu4toH3XrB7QJN8XyqqbsGxUCBqWif9RSK4xj
zRTe56iPeiSJJOIciMP9i2ldI+KgLycyeDvGoBj0HCLO3gVaBe4ubVrj5KjhX2PV
NEJd3XZRzaXZE2aAMQ==
=NXei
-----END PGP PUBLIC KEY BLOCK-----

+ 12
- 0
tests/data/plain_from_alice_to_bob.eml View File

@ -0,0 +1,12 @@
From: Alice Lovelace <alice@openpgp.example>
To: Bob Babagge <bob@openpgp.example>
Subject: Example Email to be sent from Bob to Carol
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline; filename="msg.txt"
Hi Bob,
Cheers,
Alice.

Loading…
Cancel
Save