Unified installer.sh

2025-12-17 21:36:19 +00:00 · 2024-08-10 03:13:59 +00:00 · 2024-08-10 03:13:59 +00:00 · b88b91ba6f
commit b88b91ba6f
parent a8bcc85fa5
4 changed files with 44 additions and 515 deletions
--- a/build/Dockerfile.alpine
+++ b/build/Dockerfile.alpine
@ -12,15 +12,33 @@ ENV MYVEMAIL_OPENDMARC_CONF=/etc/opendmarc/opendmarc.conf
 # Copy required files folders
 ADD run/bin /usr/local/bin/
 ADD run/docker-entrypoint /docker-entrypoint/
-COPY run/installer-alpine.sh /tmp/installer.sh
+ADD run/installer.sh /tmp/

 # Update Ubuntu Software repository and install requisites
 RUN printf '%s\n' 'https://dl-cdn.alpinelinux.org/alpine/edge/main/' \
    'https://dl-cdn.alpinelinux.org/alpine/edge/community/' >/etc/apk/repositories \
+    # Pre-create vmail user
+    && addgroup -g 600 vmail \
+    && adduser -S -D -h /var/vmail -u 600 -G vmail vmail \
    && apk update \
    && apk upgrade \
    && apk add --no-cache \
        bash bash-completion ncurses \
+        nginx \
+        mariadb mariadb-client \
+        ca-certificates acl \
+        git wget bind-tools \
+        postfix postfix-mysql postfix-pcre \
+        dovecot dovecot-mysql dovecot-lmtpd \
+        postfix-policyd-spf-perl opendkim opendkim-utils \
+        opendmarc \
+        php php-fpm php-imap php-mbstring php-mysqli php-curl php-zip php-xml php-bz2 php-intl php-gmp php-ldap php-common php-gd php-sqlite3 \
+        php-session php-pdo_mysql php-dom php-ctype \
+    # Nginx
+    && sed '/^http {/a\ \
+        types_hash_max_size 4096;\n\ \
+        server_names_hash_bucket_size 128;\n' -i /etc/nginx/nginx.conf \
+    # Installer
    && /tmp/installer.sh \
    && rm /tmp/installer.sh

--- a/build/Dockerfile.ubuntu
+++ b/build/Dockerfile.ubuntu
@ -15,10 +15,32 @@ ENV MYVEMAIL_OPENDMARC_CONF=/etc/opendmarc.conf
 # Copy required files folders
 ADD run/bin /usr/local/bin/
 ADD run/docker-entrypoint /docker-entrypoint/
-COPY run/installer-ubuntu.sh /tmp/installer.sh
+ADD run/installer.sh /tmp/

 # Update Ubuntu Software repository and install requisites
-RUN /tmp/installer.sh \
+RUN apt remove -y nano* exim*; \
+    && apt update \
+    && apt upgrade -y \
+    && apt dist-upgrade -y \
+    && bash -c "echo \"postfix postfix/main_mailer_type string 'Internet Site'\" | debconf-set-selections" \
+    && apt install -y \
+        ca-certificates \
+        git wget bind9-host acl dbconfig-no-thanks \
+        rsyslog \
+        nginx \
+        mariadb-server mariadb-client postfix-mysql dovecot-mysql \
+        php php-fpm php-imap php-mbstring php-mysql php-json php-curl php-zip php-xml php-bz2 php-intl php-gmp php-net-ldap3 php-imagick php-common php-gd php-sqlite3 php-cli \
+        postfix postfix-pcre \
+        dovecot-core dovecot-imapd dovecot-lmtpd \
+        postfix-policyd-spf-python opendkim opendkim-tools \
+        opendmarc \
+    && apt autoremove -y \
+    && apt clean \
+    && rm -r -f /var/lib/apt/lists \
+    # Create vmail user
+    && adduser vmail --system --group --uid 600 --disabled-login --home /var/vmail/ --quiet \
+    # Installer
+    && /tmp/installer.sh \
    && rm /tmp/installer.sh

 # Expose ports
--- a/build/run/installer-ubuntu.sh
+++ b/build/run/installer-ubuntu.sh
@ -1,511 +0,0 @@
-#!/usr/bin/env bash
-
-###############
-#//
-#// Ubuntu specific
-#//
-###############
-# Update and install
-apt remove -y nano* exim*
-apt update
-apt upgrade -y
-apt dist-upgrade -y
-debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'"
-apt install -y \
-    ca-certificates \
-    git wget bind9-host acl dbconfig-no-thanks \
-    rsyslog \
-    nginx \
-    mariadb-server mariadb-client postfix-mysql dovecot-mysql \
-    php php-fpm php-imap php-mbstring php-mysql php-json php-curl php-zip php-xml php-bz2 php-intl php-gmp php-net-ldap3 php-imagick php-common php-gd php-sqlite3 php-cli \
-    postfix postfix-pcre \
-    dovecot-core dovecot-imapd dovecot-lmtpd \
-    postfix-policyd-spf-python opendkim opendkim-tools \
-    opendmarc
-apt autoremove -y
-apt clean
-rm -r -f /var/lib/apt/lists
-
-# Create vmail user
-adduser vmail --system --group --uid 600 --disabled-login --home /var/vmail/ --quiet
-
-###############
-#//
-#// Users and directories
-#//
-###############
-# Add users to groups
-adduser dovecot mail >/dev/null
-adduser ${MYVEMAIL_NGINX_USERGROUP} dovecot >/dev/null
-adduser postfix opendkim >/dev/null
-
-# Virtual mailboxes
-mkdir /etc/postfix/sql
-
-# MariaDB
-install -m 1777 -d /run/mysqld
-
-# DKIM/DMARC
-mkdir /{run,etc}/{opendkim,opendmarc}
-install -o opendkim -g postfix -d /var/spool/postfix/opendkim/
-install -m 750 -o opendmarc -g postfix -d /var/spool/postfix/opendmarc/
-
-###############
-#//
-#// PHP
-#//
-###############
-sed -e '/upload_max_filesize =/c upload_max_filesize = 0' \
-    -e '/post_max_size =/c post_max_size = 0' \
-    -e '/memory_limit =/c memory_limit = 4096M' \
-    -i $(find /etc/php*/ -name 'php.ini')
-
-###############
-#//
-#//  Postfix
-#//
-###############
-postconf -e 'relay_domains = $mydestination'
-postconf -e 'smtp_tls_security_level = may'
-postconf -e 'smtp_tls_loglevel = 1'
-postconf -e 'smtpd_tls_security_level = may'
-postconf -e 'smtpd_tls_loglevel = 1'
-postconf -e 'mailbox_size_limit = 0'
-postconf -e 'message_size_limit = 0'
-postconf -e "authorized_submit_users = root,${MYVEMAIL_NGINX_USERGROUP}"
-
-postconf -e 'smtpd_tls_session_cache_database = lmdb:${data_directory}/smtpd_scache'
-postconf -e 'smtp_tls_session_cache_database = lmdb:${data_directory}/smtp_scache'
-
-postconf -e 'smtp_tls_note_starttls_offer = yes'
-postconf -e 'smtpd_tls_received_header = yes'
-
-postconf -e 'inet_interfaces = all'
-postconf -e 'inet_protocols = ipv4'
-postconf -e 'smtp_address_preference = ipv4'
-postconf -e 'myorigin = $mydomain'
-postconf -e 'mydestination = $myhostname, localhost.$mydomain, localhost'
-
-postconf -e "smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt"
-postconf -e "smtpd_tls_key_file = /etc/ssl/dovecot/tls.key"
-postconf -e "smtpd_tls_cert_file = /etc/ssl/dovecot/tls.pem"
-
-# Enforce TLSv1.2 or TLSv1.2
-postconf -e "smtpd_tls_mandatory_protocols = >=TLSv1.2"
-postconf -e "smtp_tls_mandatory_protocols = >=TLSv1.2"
-postconf -e "smtpd_tls_protocols = >=TLSv1.2"
-postconf -e "smtp_tls_protocols = >=TLSv1.2"
-
-# Logging
-postconf -e "maillog_file = /var/log/postfix.log"
-
-# Virtual mailboxes
-postconf -e "mailbox_transport = lmtp:unix:private/dovecot-lmtp"
-postconf -e "smtputf8_enable = no"
-
-postconf -e "virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/virtual_domains_maps.cf"
-postconf -e "virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/sql/virtual_alias_domain_mailbox_maps.cf"
-postconf -e "virtual_alias_maps = proxy:mysql:/etc/postfix/sql/virtual_alias_maps.cf, proxy:mysql:/etc/postfix/sql/virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/sql/virtual_alias_domain_catchall_maps.cf"
-
-postconf -e "virtual_transport = lmtp:unix:private/dovecot-lmtp"
-
-postconf -e "virtual_mailbox_base = /var/vmail"
-postconf -e "virtual_uid_maps = static:600"
-postconf -e "virtual_gid_maps = static:600"
-postconf -e "virtual_minimum_uid = 600"
-postconf -e "virtual_mailbox_limit = 0"
-
-postconf -e "smtp_header_checks = pcre:/etc/postfix/smtp_header_checks"
-
-# SPF and DKIM checks
-postconf -e "policy_time_limit = 3600"
-postconf -e "smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_policy_service unix:private/policy, check_client_access lmdb:/etc/postfix/rbl_override"
-
-# Milter configuration
-postconf -e "milter_default_action = accept"
-postconf -e "milter_protocol = 6"
-postconf -e "smtpd_milters = local:opendkim/opendkim.sock, local:opendmarc/opendmarc.sock"
-postconf -e 'non_smtpd_milters = $smtpd_milters'
-
-# Blocking spam
-postconf -e "smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_sender_domain, reject_unknown_reverse_client_hostname, reject_unknown_client_hostname"
-postconf -e "smtpd_helo_required = yes"
-postconf -e "smtpd_helo_restrictions =, permit_mynetworks, permit_sasl_authenticated, check_helo_access lmdb:/etc/postfix/helo_access, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_helo_hostname"
-
-# Postscreen spambots
-postconf -e "postscreen_access_list = permit_mynetworks cidr:/etc/postfix/postscreen_access.cidr cidr:/etc/postfix/postscreen_spf_whitelist.cidr"
-postconf -e "postscreen_blacklist_action = drop"
-
-postconf -e "postscreen_greet_action = enforce"
-
-postconf -e "postscreen_dnsbl_threshold = 3"
-postconf -e "postscreen_dnsbl_action = enforce"
-postconf -e "postscreen_dnsbl_sites = zen.spamhaus.org*3, bl.spameatingmonkey.net*2, bl.spamcop.net, dnsbl.sorbs.net"
-
-postconf -e "postscreen_dnsbl_whitelist_threshold = -2"
-
-postconf -e "header_checks = pcre:/etc/postfix/header_checks"
-postconf -e "body_checks = pcre:/etc/postfix/body_checks"
-
-# master.cf
-sed -e 's/^smtp .*smtpd$/# &/' \
-    -e '/#smtp\|#smtpd\|#dnsblog\|#tlsproxy/ s/^#//' -i /etc/postfix/master.cf
-tee -a /etc/postfix/master.cf >/dev/null <<- 'master.cf'
-
-# Enable submission
-submission inet n       -       y       -       -       smtpd
-  -o syslog_name=postfix/submission
-  -o smtpd_tls_security_level=encrypt
-  -o smtpd_tls_wrappermode=no
-  -o smtpd_sasl_auth_enable=yes
-  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-  -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-  -o smtpd_sasl_type=dovecot
-  -o smtpd_sasl_path=private/auth
-
-# SPF Policy
-policy       unix  -       n       n       -       0       spawn
-    user=nobody argv=/usr/bin/postfix-policyd-spf-perl
-master.cf
-
-# Deleting Email Headers For Outgoing Emails
-echo -e '/^X-Spam-Status:/               IGNORE
-/^X-Spam-Checker-Version:/      IGNORE
-/^Received:.*/                  IGNORE
-/^User-Agent:.*/                IGNORE' | tee /etc/postfix/smtp_header_checks >/dev/null
-
-# Header checks
-echo "/free mortgage quote/    DISCARD
-/repair your credit/     DISCARD
-/lose weight/     DISCARD
-/To:.*<>/           DISCARD
-/From:.*<>/         DISCARD" | tee -a /etc/postfix/header_checks >/dev/null
-
-# Body checks
-echo "/free mortgage quote/    DISCARD
-/repair your credit/     DISCARD
-/lose weight/            DISCARD" | tee -a /etc/postfix/body_checks >/dev/null
-
-# Whitelist localhost
-tee /etc/postfix/postscreen_access.cidr >/dev/null <<- postscreen_access.cidr
-# Permit my own IP addresses
-{{LOCAL_IPADDRESS}}/32    permit
-postscreen_access.cidr
-
-# Touch aliases db
-newaliases
-
-###############
-#//
-#//  Dovecot
-#//
-###############
-# dovecot.conf
-tee -a /etc/dovecot/dovecot.conf >/dev/null <<- dovecot.conf
-
-!include_try ssl-keys.conf
-protocols = imap lmtp
-dovecot.conf
-
-# Logging
-echo "log_path = /var/log/dovecot.log" >/etc/dovecot/conf.d/10-logging.conf
-
-# 10-auth.conf
-sed '/include auth-sql.conf.ext\|disable_plaintext_auth =\|auth_username_format =\|auth_mechanisms =\|auth_default_realm =\|include auth-system.conf.ext/d' \
-    -i /etc/dovecot/conf.d/10-auth.conf
-tee -a /etc/dovecot/conf.d/10-auth.conf >/dev/null <<- '10-auth.conf'
-
-!include auth-sql.conf.ext
-disable_plaintext_auth = yes
-auth_username_format = %Lu
-auth_mechanisms = plain login
-auth_default_realm = {{MYVEMAIL_DOMAIN}}
-
-auth_debug = yes
-auth_debug_passwords = yes
-10-auth.conf
-
-# dovecot-sql.conf.ext
-tee -a /etc/dovecot/dovecot-sql.conf.ext >/dev/null <<- 'dovecot'
-
-# Virtual mailboxes
-driver = mysql
-connect = host=localhost dbname={{MYVEMAIL_POSTFIXADMIN_DBNAME}} user={{MYVEMAIL_POSTFIXADMIN_DBUSER}} password={{MYVEMAIL_POSTFIXADMIN_DBPASS}}
-default_pass_scheme = ARGON2I
-password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND active='1'
-user_query = SELECT maildir, 600 AS uid, 600 AS gid FROM mailbox WHERE username = '%u' AND active='1'
-iterate_query = SELECT username AS user FROM mailbox
-dovecot
-
-# 10-mail.conf
-sed '/mail_location =\|mail_home =\|mail_privileged_group =/d' \
-    -i /etc/dovecot/conf.d/10-mail.conf
-tee -a /etc/dovecot/conf.d/10-mail.conf >/dev/null <<- '10-mail.conf'
-
-mail_privileged_group = mail
-mail_location = maildir:~/Maildir
-mail_home = /var/vmail/%d/%n/
-10-mail.conf
-
-# 10-master.conf
-sed -e 's|unix_listener lmtp {|unix_listener /var/spool/postfix/private/dovecot-lmtp {\
-     mode = 0600\
-     user = postfix\
-     group = postfix|' \
-    -e 's|unix_listener auth-userdb {|unix_listener /var/spool/postfix/private/auth {\
-    mode = 0660\
-    user = postfix\
-    group = postfix|' \
-    -i /etc/dovecot/conf.d/10-master.conf
-
-# 10-ssl.conf
-rm -f /etc/ssl/dovecot/*
-install -m 0600 /dev/stdin /etc/dovecot/ssl-keys.conf <<- ssl-keys.conf
-ssl_dh   = </etc/ssl/dovecot/dh.pem
-ssl_cert = </etc/ssl/dovecot/tls.pem
-ssl_key  = </etc/ssl/dovecot/tls.key
-ssl-keys.conf
-sed '/ssl_dh =\|ssl_cert =\|ssl_key\|ssl =\|ssl_prefer_server_ciphers =\|ssl_min_protocol =/d' -i /etc/dovecot/conf.d/10-ssl.conf
-tee -a /etc/dovecot/conf.d/10-ssl.conf >/dev/null <<- '10-ssl.conf'
-
-ssl = required
-ssl_prefer_server_ciphers = yes
-ssl_min_protocol = TLSv1.2
-10-ssl.conf
-
-# Stats service
-tee -a /etc/dovecot/conf.d/10-master.conf >/dev/null <<- 10-master.conf
-
-service stats {
-    unix_listener stats-reader {
-    user = ${MYVEMAIL_NGINX_USERGROUP}
-    group = ${MYVEMAIL_NGINX_USERGROUP}
-    mode = 0660
-}
-
-unix_listener stats-writer {
-    user = ${MYVEMAIL_NGINX_USERGROUP}
-    group = ${MYVEMAIL_NGINX_USERGROUP}
-    mode = 0660
-  }
-}
-10-master.conf
-
-# Mailboxes
-sed -i 's/namespace inbox {/&\
-  # Archive folder\
-  mailbox Archive {\
-    special_use = \\Archive\
-  }/' /etc/dovecot/conf.d/15-mailboxes.conf
-sed -i '/Sent Messages/! s/^  mailbox.*{/&\
-    auto = subscribe/' /etc/dovecot/conf.d/15-mailboxes.conf
-
-# Virtual mailboxes
-install -m 0640 /dev/stdin /etc/postfix/sql/virtual_domains_maps.cf <<- eof
-hosts = localhost
-dbname = {{MYVEMAIL_POSTFIXADMIN_DBNAME}}
-user = {{MYVEMAIL_POSTFIXADMIN_DBUSER}}
-password = {{MYVEMAIL_POSTFIXADMIN_DBPASS}}
-query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'
-#query = SELECT domain FROM domain WHERE domain='%s'
-#optional query to use when relaying for backup MX
-#query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '0' AND active = '1'
-#expansion_limit = 100
-eof
-
-install -m 0640 /dev/stdin /etc/postfix/sql/virtual_mailbox_maps.cf <<- eof
-hosts = localhost
-dbname = {{MYVEMAIL_POSTFIXADMIN_DBNAME}}
-user = {{MYVEMAIL_POSTFIXADMIN_DBUSER}}
-password = {{MYVEMAIL_POSTFIXADMIN_DBPASS}}
-query = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'
-#expansion_limit = 100
-eof
-
-install -m 0640 /dev/stdin /etc/postfix/sql/virtual_alias_domain_mailbox_maps.cf <<- eof
-hosts = localhost
-dbname = {{MYVEMAIL_POSTFIXADMIN_DBNAME}}
-user = {{MYVEMAIL_POSTFIXADMIN_DBUSER}}
-password = {{MYVEMAIL_POSTFIXADMIN_DBPASS}}
-query = SELECT maildir FROM mailbox,alias_domain WHERE alias_domain.alias_domain = '%d' and mailbox.username = CONCAT('%u', '@', alias_domain.target_domain) AND mailbox.active = 1 AND alias_domain.active='1'
-eof
-
-install -m 0640 /dev/stdin /etc/postfix/sql/virtual_alias_maps.cf <<- eof
-hosts = localhost
-dbname = {{MYVEMAIL_POSTFIXADMIN_DBNAME}}
-user = {{MYVEMAIL_POSTFIXADMIN_DBUSER}}
-password = {{MYVEMAIL_POSTFIXADMIN_DBPASS}}
-query = SELECT goto FROM alias WHERE address='%s' AND active = '1'
-#expansion_limit = 100
-eof
-
-install -m 0640 /dev/stdin /etc/postfix/sql/virtual_alias_domain_maps.cf <<- eof
-hosts = localhost
-dbname = {{MYVEMAIL_POSTFIXADMIN_DBNAME}}
-user = {{MYVEMAIL_POSTFIXADMIN_DBUSER}}
-password = {{MYVEMAIL_POSTFIXADMIN_DBPASS}}
-query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('%u', '@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
-eof
-
-install -m 0640 /dev/stdin /etc/postfix/sql/virtual_alias_domain_catchall_maps.cf <<- eof
-# handles catch-all settings of target-domain
-hosts = localhost
-dbname = {{MYVEMAIL_POSTFIXADMIN_DBNAME}}
-user = {{MYVEMAIL_POSTFIXADMIN_DBUSER}}
-password = {{MYVEMAIL_POSTFIXADMIN_DBPASS}}
-query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
-eof
-
-###############
-#//
-#//  OpenDKIM
-#//
-###############
-# sed -i 's\^SOCKET=local:$RUNDIR/opendkim.sock\SOCKET="local:/var/spool/postfix/opendkim/opendkim.sock"\' /etc/default/opendkim
-sed -i "/Canonicalization\|Mode\|SubDomains\|Socket\|SoftwareHeader\|UserID\|UMask/d" ${MYVEMAIL_OPENDKIM_CONF}
-tee -a ${MYVEMAIL_OPENDKIM_CONF} >/dev/null <<- 'opendkim.conf'
-
-Canonicalization    relaxed/simple
-Mode                sv
-SubDomains          no
-Socket              local:/var/spool/postfix/opendkim/opendkim.sock
-SoftwareHeader      yes
-
-UserID              opendkim
-UMask               007
-
-# Map domains in "from" addresses to keys used to sign messages
-KeyTable           refile:/etc/opendkim/KeyTable
-SigningTable       refile:/etc/opendkim/SigningTable
-
-# Hosts to ignore when verifying signatures
-ExternalIgnoreList  /etc/opendkim/trusted.hosts
-
-# A set of internal hosts whose mail should be signed
-InternalHosts       /etc/opendkim/trusted.hosts
-opendkim.conf
-
-# trusted.hosts
-cat >/etc/opendkim/trusted.hosts <<- trusted.hosts
-127.0.0.1
-localhost
-
-trusted.hosts
-
-###############
-#//
-#//  OpenDMARC
-#//
-###############
-sed '/TrustedAuthservIDs\|AuthservID\|RejectFailures\|IgnoreAuthenticatedClients\|RequiredHeaders\|SPFSelfValidate\|Socket\|IgnoreHosts\|UMask\|UserID/d' \
-    -i ${MYVEMAIL_OPENDMARC_CONF}
-
-tee -a ${MYVEMAIL_OPENDMARC_CONF} >/dev/null <<- 'opendmarc.conf'
-
-TrustedAuthservIDs {{HOSTNAME}}
-AuthservID OpenDMARC
-RejectFailures true
-IgnoreAuthenticatedClients true
-RequiredHeaders true
-SPFSelfValidate true
-
-Socket local:/var/spool/postfix/opendmarc/opendmarc.sock
-IgnoreHosts  /etc/opendmarc/ignore.hosts
-
-UserID opendmarc
-UMask 0002
-opendmarc.conf
-
-echo '127.0.0.1' | tee -a /etc/opendmarc/ignore.hosts >/dev/null
-
-###############
-#//
-#//  Nginx
-#//
-###############
-# php-fpm sock
-cat >$(find /etc/php* -type d \( -name "pool.d" -o -name "php-fpm.d" \))/zz-listen.conf <<- php-fpm.sock
-listen = 127.0.0.1:9000
-user = ${MYVEMAIL_NGINX_USERGROUP}
-group = ${MYVEMAIL_NGINX_USERGROUP}
-listen.owner = ${MYVEMAIL_NGINX_USERGROUP}
-listen.group = ${MYVEMAIL_NGINX_USERGROUP}
-listen.mode = 0660
-php-fpm.sock
-
-# proxy_params
-tee /etc/nginx/proxy_params >/dev/null <<'PROXY'
-proxy_set_header Host $http_host;
-proxy_set_header X-Real-IP $remote_addr;
-proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-proxy_set_header X-Forwarded-Proto $scheme;
-PROXY
-
-# Roundcube/Postfixadmin virtual proxy
-tee $(find /etc/nginx -type f -name "default*") >/dev/null <<- 'nginx'
-upstream php-handler {
-    server 127.0.0.1:9000;
-}
-
-server {
-    listen 80 default_server;
-    server_name _;
-
-    index index.php index.html;
-
-    error_log  /var/log/nginx/roundcube_error.log;
-    access_log /var/log/nginx/roundcube_access.log;
-
-    root /usr/share/webapps/roundcube;
-
-    # Postfixadmin
-    location ^~ /admin/ {
-        proxy_pass http://127.0.0.1:12000/;
-        include proxy_params;
-    }
-
-    # Roundcube
-    location ~ \.php$ {
-        client_max_body_size 0;
-
-        try_files $uri =404;
-        fastcgi_split_path_info ^(.+\.php)(/.+)$;
-        fastcgi_pass php-handler;
-        fastcgi_index index.php;
-        include fastcgi_params;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_param PATH_INFO $fastcgi_path_info;
-    }
-}
-
-server {
-    listen 12000;
-    root /usr/share/webapps/postfixadmin/public/;
-    index index.php index.html;
-
-    error_log  /var/log/nginx/postfixadmin_error.log;
-    access_log /var/log/nginx/postfixadmin_access.log;
-
-    location / {
-        try_files $uri $uri/ /index.php;
-    }
-
-    location ~ ^/(.+\.php)$ {
-        try_files $uri =404;
-        fastcgi_pass php-handler;
-        fastcgi_index index.php;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        include /etc/nginx/fastcgi_params;
-    }
-}
-nginx
-
-###############
-#//
-#//  Postwhite
-#//
-###############
-cd /usr/local/bin
-git clone --quiet https://github.com/spf-tools/spf-tools.git
-git clone --quiet https://github.com/stevejenkins/postwhite.git
-cp /usr/local/bin/postwhite/postwhite.conf /etc
--- a/build/run/installer-alpine.sh
+++ b/build/run/installer-alpine.sh
@ -44,7 +44,7 @@ mkdir /etc/postfix/sql
 install -m 1777 -d /run/mysqld

 # DKIM/DMARC
-mkdir /{run,etc}/{opendkim,opendmarc}
+mkdir /{run,etc}/{opendkim,opendmarc} >/dev/null 2>&1
 install -o opendkim -g postfix -d /var/spool/postfix/opendkim/
 install -m 750 -o opendmarc -g postfix -d /var/spool/postfix/opendmarc/