Add happyDeliver

cloud-init.yaml

@@ -46,6 +46,12 @@ write_files:
           flush_interval -1
         }
       }
+
+      deliver.happydomain.org {
+        reverse_proxy app-happydeliver:8080 {
+          flush_interval -1
+        }
+      }
     path: /etc/caddy/Caddyfile
   - content: |
       @version:3.30
@@ -273,6 +279,26 @@ write_files:
     permissions: 0o755
   - content: |
       #!/bin/sh
+
+      export HAPPYDELIVER_BIND="0.0.0.0:8080"
+      export HAPPYDELIVER_CUSTOM_HEAD_HTML="<script async defer data-website-id=\"9175a22f-3344-4848-a97b-012727957ea4\" src=\"https://pythagore.p0m.fr/pythagore.js\"></script>"
+      export HAPPYDELIVER_ADDRESS_PREFIX="test-"
+      export HAPPYDELIVER_DOMAIN="deliver.happydomain.org"
+      export HAPPYDELIVER_REPORT_RETENTION="168h"
+
+      [ -z "${HAPPYDELIVER_VERSION}" ] && export HAPPYDELIVER_VERSION=$(cloud-init query ds.metadata.HAPPYDOMAIN_VERSION)
+
+      docker inspect app-happydeliver > /dev/null && {
+        docker pull happydomain/happydeliver:${HAPPYDELIVER_VERSION}
+        docker stop app-happydeliver
+        docker rm app-happydeliver
+      }
+
+      docker run -d --restart unless-stopped --network local -e HAPPYDELIVER_BIND -e HAPPYDELIVER_CUSTOM_HEAD_HTML -e HAPPYDELIVER_ADDRESS_PREFIX -e HAPPYDELIVER_DOMAIN -e HAPPYDELIVER_REPORT_RETENTION --hostname "${HAPPYDELIVER_DOMAIN}" -p "8080:8080" -p 25:25 -v /var/lib/happydeliver/:/var/lib/happydeliver/ --log-driver syslog --log-opt "syslog-address=unixgram:///dev/log" --log-opt syslog-facility=daemon --log-opt tag=app-happydelier --name app-happydeliver --pull always happydomain/happydeliver:${HAPPYDELIVER_VERSION}
+    path: /root/launch_container_deliver.sh
+    permissions: 0o755
+  - content: |
+      #!/bin/sh
       # pdns
       docker inspect pdns-demo-happydomain > /dev/null && {
         docker pull nemunaire/pdns
@@ -321,6 +347,7 @@ runcmd:
   - sed -i '/-A INPUT -j REJECT/i-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT\n-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT' /etc/iptables/rules.v4
   - iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
   - iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
+  - iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
 
   # Retrieve last backups
   - export AWS_ACCESS_KEY_ID=$(cloud-init query ds.metadata.RESTIC_AWS_ACCESS_KEY_ID)
@@ -371,6 +398,7 @@ runcmd:
 
   # Launch container
   - /root/launch_container_app.sh
+  - /root/launch_container_deliver.sh
 
   # Generate listmonk config
   - |

network.go

@@ -54,6 +54,33 @@ func setupNetwork(ctx *pulumi.Context, compartment *identity.Compartment) (*core
 					Min: pulumi.Int(22),
 				},
 			},
+			core.SecurityListIngressSecurityRuleArgs{
+				Protocol:    pulumi.String("6"),
+				Source:      pulumi.String("0.0.0.0/0"),
+				Description: pulumi.String("IPv4 SMTP Port"),
+				TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
+					Max: pulumi.Int(25),
+					Min: pulumi.Int(25),
+				},
+			},
+			core.SecurityListIngressSecurityRuleArgs{
+				Protocol:    pulumi.String("17"),
+				Source:      pulumi.String("0.0.0.0/0"),
+				Description: pulumi.String("IPv4 DNS UDP Port"),
+				UdpOptions: core.SecurityListIngressSecurityRuleUdpOptionsArgs{
+					Max: pulumi.Int(53),
+					Min: pulumi.Int(53),
+				},
+			},
+			core.SecurityListIngressSecurityRuleArgs{
+				Protocol:    pulumi.String("6"),
+				Source:      pulumi.String("0.0.0.0/0"),
+				Description: pulumi.String("IPv4 DNS TCP Port"),
+				TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
+					Max: pulumi.Int(53),
+					Min: pulumi.Int(53),
+				},
+			},
 			core.SecurityListIngressSecurityRuleArgs{
 				Protocol:    pulumi.String("6"),
 				Source:      pulumi.String("0.0.0.0/0"),