diff --git a/docker-compose.yml b/docker-compose.yml index e74f778..fba1917 100755 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -14,6 +14,7 @@ services: networks: mail_infra_network: ipv4_address: 10.222.222.1 + ipv6_address: fd00:bee::1 volumes: - ${HICKORY_DNS_NAMED_CONFIG:-./internal-dns/named.toml}:/etc/named.toml:ro - ./internal-dns/zones/:/var/named/zones/:ro @@ -37,6 +38,7 @@ services: networks: mail_infra_network: ipv4_address: 10.222.222.2 + ipv6_address: fd00:bee::2 aliases: - ${OVERRIDE_HOSTNAME} ports: @@ -80,6 +82,7 @@ services: - ${SASLAUTHD_SOCKET_FILE}:/var/run/saslauthd/mux environment: CONTAINER_NETWORK_V4: 10.222.222.0/28 + CONTAINER_NETWORK_V6: fd00:bee::/127 TZ: UTC OVERRIDE_HOSTNAME: ${OVERRIDE_HOSTNAME} ENABLE_MTA_STS: "1" @@ -212,6 +215,7 @@ services: networks: mail_infra_network: ipv4_address: 10.222.222.3 + ipv6_address: fd00:bee::3 healthcheck: test: 'ldapwhoami -D "cn=$${DOCKER_LDAP_HEALTHCHECK_USERNAME}" -w "$${DOCKER_LDAP_HEALTHCHECK_PASSWORD}"' start_period: 5s @@ -271,6 +275,7 @@ services: networks: mail_infra_network: ipv4_address: 10.222.222.4 + ipv6_address: fd00:bee::4 restart: on-failure:5 environment: PHPLDAPADMIN_LDAP_HOSTS: "#PYTHON2BASH:[{'ldap.mail-server.intranet': [{'server': [{'tls': False}]},{'login': [{'bind_id': 'cn=admin,${LDAP_BASE_DN}'}]}]}]" @@ -309,6 +314,7 @@ services: networks: mail_infra_network: ipv4_address: 10.222.222.5 + ipv6_address: fd00:bee::5 mem_limit: 512M mem_reservation: 10M restart: on-failure:15 @@ -374,10 +380,18 @@ services: networks: mail_infra_network: name: infrastructure_mail_infra_network + enable_ipv6: true ipam: driver: default + # See: __add_to_postfix_mynetworks in user-patches config: - # See: __add_to_postfix_mynetworks in user-patches - subnet: 10.222.222.0/28 + # 14 hosts ip_range: 10.222.222.0/28 gateway: 10.222.222.14 + + - subnet: fd00:bee::/127 + # 16 hosts + # From fd00:bee:: to fd00:bee::f + gateway: fd00:bee::f + diff --git a/internal-dns/named.toml b/internal-dns/named.toml index 7f1d872..3a00747 100644 --- a/internal-dns/named.toml +++ b/internal-dns/named.toml @@ -8,6 +8,11 @@ zone = "222.222.10.in-addr.arpa" zone_type = "Primary" file = "zones/mail-server.intranet.zone" +[[zones]] +zone = "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.e.e.b.0.0.0.d.f.ip6.arpa" +zone_type = "Primary" +file = "zones/mail-server.intranet.zone" + [[zones]] zone = "desportes.corp" zone_type = "Primary" diff --git a/internal-dns/zones/desportes.corp.zone b/internal-dns/zones/desportes.corp.zone index 9372e05..50a8bb9 100644 --- a/internal-dns/zones/desportes.corp.zone +++ b/internal-dns/zones/desportes.corp.zone @@ -12,4 +12,4 @@ ; MX @ 60 IN MX 0 emails.mail-server.intranet. ; SPF -@ 60 IN TXT "v=spf1 mx ip4:10.222.222.13 -all" +@ 60 IN TXT "v=spf1 mx a:testing.mail-server.intranet. -all" diff --git a/internal-dns/zones/mail-server.intranet.zone b/internal-dns/zones/mail-server.intranet.zone index 13291b7..2addc24 100644 --- a/internal-dns/zones/mail-server.intranet.zone +++ b/internal-dns/zones/mail-server.intranet.zone @@ -9,24 +9,47 @@ ; Set the DNS servers for . @ 7200 IN NS ns1 ; NS -ns1 7200 IN A 10.222.222.1 +ns1 7200 IN A 10.222.222.1 +ns1 7200 IN AAAA fd00:bee::1 + ; Hosts -dns 7200 IN A 10.222.222.1 -1 PTR dns.mail-server.intranet. -emails 7200 IN A 10.222.222.2 -2 PTR emails.mail-server.intranet. -ldap 7200 IN A 10.222.222.3 -3 PTR ldap.mail-server.intranet. -phpldapadmin 7200 IN A 10.222.222.4 -4 PTR phpldapadmin.mail-server.intranet. -acme 7200 IN A 10.222.222.5 -5 PTR acme.mail-server.intranet. -crowdsec 7200 IN A 10.222.222.6 -6 PTR crowdsec.mail-server.intranet. +dns 7200 IN A 10.222.222.1 +dns 7200 IN AAAA fd00:bee::1 +1 IN PTR dns.mail-server.intranet. +1 IN PTR dns.mail-server.intranet. + +emails 7200 IN A 10.222.222.2 +emails 7200 IN AAAA fd00:bee::2 +2 IN PTR emails.mail-server.intranet. +2 IN PTR emails.mail-server.intranet. + +ldap 7200 IN A 10.222.222.3 +ldap 7200 IN AAAA fd00:bee::3 +3 IN PTR ldap.mail-server.intranet. +3 IN PTR ldap.mail-server.intranet. + +phpldapadmin 7200 IN A 10.222.222.4 +phpldapadmin 7200 IN AAAA fd00:bee::4 +4 IN PTR phpldapadmin.mail-server.intranet. +4 IN PTR phpldapadmin.mail-server.intranet. + +acme 7200 IN A 10.222.222.5 +acme 7200 IN AAAA fd00:bee::5 +5 IN PTR acme.mail-server.intranet. +5 IN PTR acme.mail-server.intranet. + +crowdsec 7200 IN A 10.222.222.6 +crowdsec 7200 IN AAAA fd00:bee::6 +6 IN PTR crowdsec.mail-server.intranet. +6 IN PTR crowdsec.mail-server.intranet. -testing 7200 IN A 10.222.222.13 -13 PTR testing.mail-server.intranet. +testing 7200 IN A 10.222.222.13 +testing 7200 IN AAAA fd00:bee::13 +13 IN PTR testing.mail-server.intranet. +e IN PTR testing.mail-server.intranet. router 7200 IN A 10.222.222.14 -14 PTR router.mail-server.intranet. +router 7200 IN AAAA fd00:bee::f +14 IN PTR router.mail-server.intranet. +f IN PTR router.mail-server.intranet. ; MX @ 60 IN MX 0 emails.mail-server.intranet. diff --git a/tests/php/docker-compose.yml b/tests/php/docker-compose.yml index 2f056fe..6b03c67 100755 --- a/tests/php/docker-compose.yml +++ b/tests/php/docker-compose.yml @@ -8,6 +8,7 @@ services: networks: mail_infra_network: ipv4_address: 10.222.222.13 + ipv6_address: fd00:bee::e build: ./docker/ volumes: - ./tests:/tests diff --git a/user-patches.sh b/user-patches.sh index a12a1ab..8f99414 100755 --- a/user-patches.sh +++ b/user-patches.sh @@ -29,10 +29,9 @@ printf '\nsmtpd_tls_received_header = yes\n' "localhost" >> /etc/postfix/main.cf sed -i '/^smtp_helo_name =/d' /etc/postfix/main.cf printf '\nsmtp_helo_name = %s\n' "${OVERRIDE_HOSTNAME}" >> /etc/postfix/main.cf -echo "Allow this network (${CONTAINER_NETWORK_V4})" - source /usr/local/bin/helpers/log.sh source /usr/local/bin/helpers/utils.sh + # Copied from /usr/local/bin/setup.d/networking.sh __add_to_postfix_mynetworks() { local NETWORK_TYPE=$1 @@ -45,8 +44,12 @@ __add_to_postfix_mynetworks() { [[ ${ENABLE_OPENDKIM} -eq 1 ]] && echo "${NETWORK}" >>/etc/opendkim/TrustedHosts } +echo "Allow this network (${CONTAINER_NETWORK_V4})" __add_to_postfix_mynetworks 'Container network' "${CONTAINER_NETWORK_V4}" +echo "Allow this network (${CONTAINER_NETWORK_V6})" +__add_to_postfix_mynetworks 'Container network' "${CONTAINER_NETWORK_V6}" + echo 'Add spam check config' cat < /etc/amavis/conf.d/05-domain_id