ci(fix): Normalize for .gitattributes + improve eclint coverage (docker-mailserver#3566)

Author: polarathene

.editorconfig

@@ -8,6 +8,7 @@ root = true
 [*]
 charset = utf-8
 end_of_line = lf
+indent_size = 2
 indent_style = space
 insert_final_newline = true
 trim_trailing_whitespace = true
@@ -16,21 +17,9 @@ trim_trailing_whitespace = true
 # --- Specific ----------------------------------
 # -----------------------------------------------
 
-[*.{yaml,yml,sh,bats}]
-indent_size = 2
-
-[Makefile]
+[{Makefile,.gitmodules}]
 indent_style = tab
 indent_size = 4
 
 [*.md]
 trim_trailing_whitespace = false
-
-# -----------------------------------------------
-# --- Git Submodules ----------------------------
-# -----------------------------------------------
-
-[{test/bats/**,test/test_helper/**}]
-indent_style = none
-indent_size = none
-end_of_line = none

.github/pull_request_template.md

@@ -1,7 +1,9 @@
 # Description
 
-<!-- Include a summary of the change.
-     Please also include relevant motivation and context. -->
+<!--
+  Include a summary of the change.
+  Please also include relevant motivation and context.
+-->
 
 <!-- Link the issue which will be fixed (if any) here: -->
 Fixes #

CHANGELOG.md

@@ -311,8 +311,8 @@ In this release the relay-host support saw [significant internal refactoring](ht
 
 1. **Many** minor improvements were made (cleanup & refactoring). Please refer to the section below to get an overview over all improvements. Moreover, there was a lot of cleanup in the scripts and in the tests. The documentation was adjusted accordingly.
 2. New environment variables were added:
-   1. [`CLAMAV_MESSAGE_SIZE_LIMIT`](https://docker-mailserver.github.io/docker-mailserver/v11.0/config/environment/#clamav_message_size_limit)
-   2. [`TZ`](https://docker-mailserver.github.io/docker-mailserver/v11.0/config/environment/#tz)
+    1. [`CLAMAV_MESSAGE_SIZE_LIMIT`](https://docker-mailserver.github.io/docker-mailserver/v11.0/config/environment/#clamav_message_size_limit)
+    2. [`TZ`](https://docker-mailserver.github.io/docker-mailserver/v11.0/config/environment/#tz)
 3. SpamAssassin KAM was added with [`ENABLE_SPAMASSASSIN_KAM`](https://docker-mailserver.github.io/docker-mailserver/v11.0/config/environment/#enable_spamassassin_kam).
 4. The `fail2ban` command was reworked and can now ban IP addresses as well.
 5. There were a few small fixes, especially when it comes to bugs in scripts and service restart loops (no functionality changes, only fixes of existing functionality). When building an image from the Dockerfile - Installation of Postfix on modern Linux distributions should now always succeed.
@@ -368,8 +368,7 @@ In this release the relay-host support saw [significant internal refactoring](ht
 
 ### Critical Changes
 
-1. This release fixes a critical issue for LDAP users, installing a needed package on Debian 11
-   on build-time. Moreover, a race-condition was eliminated ([#2341](https://github.com/docker-mailserver/docker-mailserver/pull/2341)).
+1. This release fixes a critical issue for LDAP users, installing a needed package on Debian 11 on build-time. Moreover, a race-condition was eliminated ([#2341](https://github.com/docker-mailserver/docker-mailserver/pull/2341)).
 2. A resource leak in `check-for-changes.sh` was fixed ([#2401](https://github.com/docker-mailserver/docker-mailserver/pull/2401))
 
 ### Other Minor Changes

Dockerfile

@@ -134,9 +134,7 @@ EOF
 
 COPY target/postsrsd/postsrsd /etc/default/postsrsd
 COPY target/postgrey/postgrey /etc/default/postgrey
-COPY target/postgrey/postgrey.init /etc/init.d/postgrey
 RUN <<EOF
-  chmod 755 /etc/init.d/postgrey
   mkdir /var/run/postgrey
   chown postgrey:postgrey /var/run/postgrey
   curl -Lsfo /etc/postgrey/whitelist_clients https://postgrey.schweikert.ch/pub/postgrey_whitelist_clients

docs/content/config/advanced/dovecot-master-accounts.md

@@ -18,4 +18,4 @@ Once a master account is configured, it is possible to connect to any users mail
 
 Username: `<EMAIL ADDRESS>*<MASTER ACCOUNT NAME>`
 
-Password: `<MASTER ACCOUNT PASSWORD>`
+Password: `<MASTER ACCOUNT PASSWORD>`

docs/content/config/advanced/ipv6.md

@@ -132,7 +132,7 @@ Next, configure a network with an IPv6 subnet for your container with any of the
 
         !!! warning "This approach is discouraged"
 
-             The [`bridge` network is considered legacy][docker-docs-network-bridge-legacy].
+            The [`bridge` network is considered legacy][docker-docs-network-bridge-legacy].
 
         Add these two extra IPv6 settings to your daemon config. They only apply to the [default `bridge` docker network][docker-docs-ipv6-create-default] aka `docker0` (_which containers are attached to by default when using `docker run`_).
 

docs/content/config/advanced/mail-sieve.md

@@ -69,12 +69,12 @@ It is possible to sort subaddresses such as `[email protected]` int
 require ["envelope", "fileinto", "mailbox", "subaddress", "variables"];
 
 if envelope :detail :matches "to" "*" {
-	set :lower :upperfirst "tag" "${1}";
-	if mailboxexists "INBOX.${1}" {
-		fileinto "INBOX.${1}";
-	} else {
-		fileinto :create "INBOX.${tag}";
-	}
+  set :lower :upperfirst "tag" "${1}";
+  if mailboxexists "INBOX.${1}" {
+    fileinto "INBOX.${1}";
+  } else {
+    fileinto :create "INBOX.${tag}";
+  }
 }
 ```
 

docs/content/config/security/ssl.md

@@ -161,8 +161,9 @@ Obtain a Cloudflare API token:
     dns_cloudflare_api_token = YOUR_CLOUDFLARE_TOKEN_HERE
     ```
 
-   - As this is sensitive data, you should restrict access to it with `chmod 600` and `chown 0:0`.
-   - Store the file in a folder if you like, such as `docker-data/certbot/secrets/`.
+    - As this is sensitive data, you should restrict access to it with `chmod 600` and `chown 0:0`.
+    - Store the file in a folder if you like, such as `docker-data/certbot/secrets/`.
+
 5. Your `compose.yaml` should include the following:
 
     ```yaml
@@ -594,7 +595,7 @@ This setup only comes with one caveat: The domain has to be configured on anothe
         container_name: mailserver
         hostname: mail.example.com
         volumes:
-           - ./docker-data/traefik/acme.json:/etc/letsencrypt/acme.json:ro
+          - ./docker-data/traefik/acme.json:/etc/letsencrypt/acme.json:ro
         environment:
           SSL_TYPE: letsencrypt
           SSL_DOMAIN: mail.example.com
@@ -605,26 +606,26 @@ This setup only comes with one caveat: The domain has to be configured on anothe
         image: docker.io/traefik:latest #v2.5
         container_name: docker-traefik
         ports:
-           - "80:80"
-           - "443:443"
+          - "80:80"
+          - "443:443"
         command:
-           - --providers.docker
-           - --entrypoints.http.address=:80
-           - --entrypoints.http.http.redirections.entryPoint.to=https
-           - --entrypoints.http.http.redirections.entryPoint.scheme=https
-           - --entrypoints.https.address=:443
-           - --entrypoints.https.http.tls.certResolver=letsencrypt
-           - [email protected]
-           - --certificatesresolvers.letsencrypt.acme.storage=/acme.json
-           - --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=http
+          - --providers.docker
+          - --entrypoints.http.address=:80
+          - --entrypoints.http.http.redirections.entryPoint.to=https
+          - --entrypoints.http.http.redirections.entryPoint.scheme=https
+          - --entrypoints.https.address=:443
+          - --entrypoints.https.http.tls.certResolver=letsencrypt
+          - [email protected]
+          - --certificatesresolvers.letsencrypt.acme.storage=/acme.json
+          - --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=http
         volumes:
-           - ./docker-data/traefik/acme.json:/acme.json
-           - /var/run/docker.sock:/var/run/docker.sock:ro
+          - ./docker-data/traefik/acme.json:/acme.json
+          - /var/run/docker.sock:/var/run/docker.sock:ro
 
       whoami:
         image: docker.io/traefik/whoami:latest
         labels:
-           - "traefik.http.routers.whoami.rule=Host(`mail.example.com`)"
+          - "traefik.http.routers.whoami.rule=Host(`mail.example.com`)"
     ```
 
 ### Self-Signed Certificates

docs/content/contributing/tests.md

@@ -85,49 +85,51 @@ In this example, you've made a change to the Rspamd feature support (_or adjuste
 ```console
 $ make clean generate-accounts test/rspamd
 rspamd.bats
- ✓ [Rspamd] Postfix's main.cf was adjusted [12]
- ✓ [Rspamd] normal mail passes fine [44]
- ✓ [Rspamd] detects and rejects spam [122]
- ✓ [Rspamd] detects and rejects virus [189]
+  ✓ [Rspamd] Postfix's main.cf was adjusted [12]
+  ✓ [Rspamd] normal mail passes fine [44]
+  ✓ [Rspamd] detects and rejects spam [122]
+  ✓ [Rspamd] detects and rejects virus [189]
 ```
 
 As your feature work progresses your change for Rspamd also affects ClamAV. As your change now spans more than just the Rspamd test file, you could run multiple test files serially:
 
 ```console
 $ make clean generate-accounts test/rspamd,clamav
 rspamd.bats
- ✓ [Rspamd] Postfix's main.cf was adjusted [12]
- ✓ [Rspamd] normal mail passes fine [44]
- ✓ [Rspamd] detects and rejects spam [122]
- ✓ [Rspamd] detects and rejects virus [189]
+  ✓ [Rspamd] Postfix's main.cf was adjusted [12]
+  ✓ [Rspamd] normal mail passes fine [44]
+  ✓ [Rspamd] detects and rejects spam [122]
+  ✓ [Rspamd] detects and rejects virus [189]
+
 clamav.bats
- ✓ [ClamAV] log files exist at /var/log/mail directory [68]
- ✓ [ClamAV] should be identified by Amavis [67]
- ✓ [ClamAV] freshclam cron is enabled [76]
- ✓ [ClamAV] env CLAMAV_MESSAGE_SIZE_LIMIT is set correctly [63]
- ✓ [ClamAV] rejects virus [60]
+  ✓ [ClamAV] log files exist at /var/log/mail directory [68]
+  ✓ [ClamAV] should be identified by Amavis [67]
+  ✓ [ClamAV] freshclam cron is enabled [76]
+  ✓ [ClamAV] env CLAMAV_MESSAGE_SIZE_LIMIT is set correctly [63]
+  ✓ [ClamAV] rejects virus [60]
 ```
 
 You're almost finished with your change before submitting it as a PR. It's a good idea to run the full parallel set those individual tests belong to (_especially if you've modified any tests_):
 
 ```console
 $ make clean generate-accounts tests/parallel/set1
 default_relay_host.bats
- ✓ [Relay] (ENV) 'DEFAULT_RELAY_HOST' should configure 'main.cf:relayhost' [88]
+  ✓ [Relay] (ENV) 'DEFAULT_RELAY_HOST' should configure 'main.cf:relayhost' [88]
+
 spam_virus/amavis.bats
- ✓ [Amavis] SpamAssassin integration should be active [1165]
+  ✓ [Amavis] SpamAssassin integration should be active [1165]
+
 spam_virus/clamav.bats
- ✓ [ClamAV] log files exist at /var/log/mail directory [73]
- ✓ [ClamAV] should be identified by Amavis [67]
- ✓ [ClamAV] freshclam cron is enabled [76]
+  ✓ [ClamAV] log files exist at /var/log/mail directory [73]
+  ✓ [ClamAV] should be identified by Amavis [67]
+  ✓ [ClamAV] freshclam cron is enabled [76]
 ...
 ```
 
 Even better, before opening a PR run the full test suite:
 
 ```console
 $ make clean tests
-...
 ```
 
 [BATS]: https://github.com/bats-core/bats-core

docs/content/faq.md

@@ -511,8 +511,9 @@ require ["comparator-i;ascii-numeric","relational","fileinto"];
 if header :contains "X-Spam-Flag" "YES" {
   fileinto "Junk";
 } elsif allof (
-   not header :matches "x-spam-score" "-*",
-   header :value "ge" :comparator "i;ascii-numeric" "x-spam-score" "3.75" ) {
+  not header :matches "x-spam-score" "-*",
+  header :value "ge" :comparator "i;ascii-numeric" "x-spam-score" "3.75"
+) {
   fileinto "Junk";
 }
 ```

docs/content/introduction.md

@@ -43,10 +43,10 @@ Here's where DMS's toolchain fits within the delivery chain:
 
 ```txt
                                     docker-mailserver is here:
-                                                         ┏━━━━━━━┓
-Sending an email:    MUA ---> MTA ---> (MTA relays) ---> ┫ MTA ╮ ┃
-Fetching an email:   MUA <------------------------------ ┫ MDA ╯ ┃
-                                                         ┗━━━━━━━┛
+                                                        ┏━━━━━━━┓
+Sending an email:   MUA ---> MTA ---> (MTA relays) ---> ┫ MTA ╮ ┃
+Fetching an email:  MUA <------------------------------ ┫ MDA ╯ ┃
+                                                        ┗━━━━━━━┛
 ```
 
 ??? example "An Example"
@@ -86,18 +86,18 @@ When it comes to the specifics of email exchange, we have to look at protocols a
 The following picture gives a visualization of the interplay of all components and their [respective ports][docs-understandports]:
 
 ```txt
- ┏━━━━━━━━━━ Submission ━━━━━━━━━━━━┓┏━━━━━━━━━━━━━ Transfer/Relay ━━━━━━━━━━━┓
-
-                           ┌─────────────────────┐                    ┌┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┐
-MUA ----- STARTTLS ------> ┤(587)   MTA ╮    (25)├ <-- cleartext ---> ┊ Third-party MTA ┊
-    ----- implicit TLS --> ┤(465)       │        |                    └┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┘
-    ----- cleartext -----> ┤(25)        │        |
-                           |┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄|
-MUA <---- STARTTLS ------- ┤(143)   MDA ╯        |
-    <---- implicit TLS --- ┤(993)                |
-                           └─────────────────────┘
-
- ┗━━━━━━━━━━ Retrieval ━━━━━━━━━━━━━┛
+  ┏━━━━━━━━━━ Submission ━━━━━━━━━━━━━┓┏━━━━━━━━━━━━━ Transfer/Relay ━━━━━━━━━━━┓
+
+                            ┌─────────────────────┐                    ┌┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┐
+MUA ----- STARTTLS -------> ┤(587)   MTA ╮    (25)├ <-- cleartext ---> ┊ Third-party MTA ┊
+    ----- implicit TLS ---> ┤(465)       │        |                    └┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┘
+    ----- cleartext ------> ┤(25)        │        |
+                            |┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄|
+MUA <---- STARTTLS -------- ┤(143)   MDA ╯        |
+    <---- implicit TLS ---- ┤(993)                |
+                            └─────────────────────┘
+
+  ┗━━━━━━━━━━ Retrieval ━━━━━━━━━━━━━━┛
 ```
 
 If you're new to email infrastructure, both that table and the schema may be confusing.
@@ -124,15 +124,15 @@ My MTA will thus have to support two kinds of Submission:
 - Inbound Submission (third-party email has been submitted & relayed, then is accepted "inside" by the MTA)
 
 ```txt
- ┏━━━━ Outbound Submission ━━━━┓
+  ┏━━━ Outbound Submission ━━━┓
 
                     ┌────────────────────┐                    ┌┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┐
 Me ---------------> ┤                    ├ -----------------> ┊                 ┊
                     │       My MTA       │                    ┊ Third-party MTA ┊
                     │                    ├ <----------------- ┊                 ┊
                     └────────────────────┘                    └┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┘
 
-                               ┗━━━━━━━━━━ Inbound Submission ━━━━━━━━━━┛
+                              ┗━━━━━━━━━━ Inbound Submission ━━━━━━━━━━┛
 ```
 
 #### Outbound Submission
@@ -168,7 +168,7 @@ Granted it's still very difficult enforcing encryption between MTAs (Transfer/Re
 Overall, DMS's default configuration for SMTP looks like this:
 
 ```txt
- ┏━━━━ Outbound Submission ━━━━┓
+  ┏━━━ Outbound Submission ━━━┓
 
                     ┌────────────────────┐                    ┌┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┐
 Me -- cleartext --> ┤(25)            (25)├ --- cleartext ---> ┊                 ┊
@@ -177,7 +177,7 @@ Me -- STARTTLS ---> ┤(587)               │                    ┊
                     │                (25)├ <---cleartext ---- ┊                 ┊
                     └────────────────────┘                    └┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┘
 
-                               ┗━━━━━━━━━━ Inbound Submission ━━━━━━━━━━┛
+                              ┗━━━━━━━━━━ Inbound Submission ━━━━━━━━━━┛
 ```
 
 ### Retrieval - IMAP

target/amavis/conf.d/60-dms_default_config

@@ -1,7 +1,7 @@
 use strict;
 
 @local_domains_maps = (
-   read_hash('/etc/postfix/vhost')
+  read_hash('/etc/postfix/vhost')
 );
 
 1;  # ensure a defined return

target/bin/open-dkim

@@ -42,8 +42,8 @@ ${ORANGE}OPTIONS${RESET}
         selector  Set a manual selector for the key.
                   Default: mail
         domain    Provide the domain(s) for which to generate keys for.
-                  Default: The FQDN assigned to DMS, excluding any subdomain.
-                           'ACCOUNT_PROVISIONER=FILE' also sources domains from mail accounts.
+                  Default:  The FQDN assigned to DMS, excluding any subdomain.
+                            'ACCOUNT_PROVISIONER=FILE' also sources domains from mail accounts.
 
 ${ORANGE}EXAMPLES${RESET}
     ${LWHITE}setup config dkim keysize 4096${RESET}