From 41be68c5029b73af216ab3a0703693a35484beae Mon Sep 17 00:00:00 2001 From: Pierre-Olivier Mercier Date: Mon, 20 Oct 2025 11:38:53 +0700 Subject: [PATCH] Add happyDeliver --- cloud-init.yaml | 28 ++++++++++++++++++++++++++++ network.go | 27 +++++++++++++++++++++++++++ 2 files changed, 55 insertions(+) diff --git a/cloud-init.yaml b/cloud-init.yaml index 97fb229..22392f3 100644 --- a/cloud-init.yaml +++ b/cloud-init.yaml @@ -46,6 +46,12 @@ write_files: flush_interval -1 } } + + deliver.happydomain.org { + reverse_proxy app-happydeliver:8080 { + flush_interval -1 + } + } path: /etc/caddy/Caddyfile - content: | @version:3.30 @@ -273,6 +279,26 @@ write_files: permissions: 0o755 - content: | #!/bin/sh + + export HAPPYDELIVER_BIND="0.0.0.0:8080" + export HAPPYDELIVER_CUSTOM_HEAD_HTML="" + export HAPPYDELIVER_ADDRESS_PREFIX="test-" + export HAPPYDELIVER_DOMAIN="deliver.happydomain.org" + export HAPPYDELIVER_REPORT_RETENTION="168h" + + [ -z "${HAPPYDELIVER_VERSION}" ] && export HAPPYDELIVER_VERSION=$(cloud-init query ds.metadata.HAPPYDOMAIN_VERSION) + + docker inspect app-happydeliver > /dev/null && { + docker pull happydomain/happydeliver:${HAPPYDELIVER_VERSION} + docker stop app-happydeliver + docker rm app-happydeliver + } + + docker run -d --restart unless-stopped --network local -e HAPPYDELIVER_BIND -e HAPPYDELIVER_CUSTOM_HEAD_HTML -e HAPPYDELIVER_ADDRESS_PREFIX -e HAPPYDELIVER_DOMAIN -e HAPPYDELIVER_REPORT_RETENTION --hostname "${HAPPYDELIVER_DOMAIN}" -p "8080:8080" -p 25:25 -v /var/lib/happydeliver/:/var/lib/happydeliver/ --log-driver syslog --log-opt "syslog-address=unixgram:///dev/log" --log-opt syslog-facility=daemon --log-opt tag=app-happydelier --name app-happydeliver --pull always happydomain/happydeliver:${HAPPYDELIVER_VERSION} + path: /root/launch_container_deliver.sh + permissions: 0o755 + - content: | + #!/bin/sh # pdns docker inspect pdns-demo-happydomain > /dev/null && { docker pull nemunaire/pdns @@ -321,6 +347,7 @@ runcmd: - sed -i '/-A INPUT -j REJECT/i-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT\n-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT' /etc/iptables/rules.v4 - iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT - iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT + - iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT # Retrieve last backups - export AWS_ACCESS_KEY_ID=$(cloud-init query ds.metadata.RESTIC_AWS_ACCESS_KEY_ID) @@ -371,6 +398,7 @@ runcmd: # Launch container - /root/launch_container_app.sh + - /root/launch_container_deliver.sh # Generate listmonk config - | diff --git a/network.go b/network.go index 72fe1fd..c60b3b5 100644 --- a/network.go +++ b/network.go @@ -54,6 +54,33 @@ func setupNetwork(ctx *pulumi.Context, compartment *identity.Compartment) (*core Min: pulumi.Int(22), }, }, + core.SecurityListIngressSecurityRuleArgs{ + Protocol: pulumi.String("6"), + Source: pulumi.String("0.0.0.0/0"), + Description: pulumi.String("IPv4 SMTP Port"), + TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{ + Max: pulumi.Int(25), + Min: pulumi.Int(25), + }, + }, + core.SecurityListIngressSecurityRuleArgs{ + Protocol: pulumi.String("17"), + Source: pulumi.String("0.0.0.0/0"), + Description: pulumi.String("IPv4 DNS UDP Port"), + UdpOptions: core.SecurityListIngressSecurityRuleUdpOptionsArgs{ + Max: pulumi.Int(53), + Min: pulumi.Int(53), + }, + }, + core.SecurityListIngressSecurityRuleArgs{ + Protocol: pulumi.String("6"), + Source: pulumi.String("0.0.0.0/0"), + Description: pulumi.String("IPv4 DNS TCP Port"), + TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{ + Max: pulumi.Int(53), + Min: pulumi.Int(53), + }, + }, core.SecurityListIngressSecurityRuleArgs{ Protocol: pulumi.String("6"), Source: pulumi.String("0.0.0.0/0"),