refs #31595: add Chaperone; use Centos 7

Dockerfile

-FROM centos:6
+FROM centos:7
 
-RUN yum -y install postfix mailx cyrus-sasl cyrus-sasl-plain python-setuptools python-pip rsyslog
+RUN rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 && \
+    yum updateinfo -y && \
+    yum install -y epel-release && \
+    rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 && \
+    yum install -y python34-devel postfix cyrus-sasl cyrus-sasl-plain mailx && \
+    yum clean all
 
-VOLUME ["/var/log"]
+RUN curl https://bootstrap.pypa.io/get-pip.py | python3.4 && \
+    pip3 install chaperone
 
-ADD postfix.sh /postfix.sh
+RUN mkdir -p /etc/chaperone.d
+COPY chaperone.conf /etc/chaperone.d/chaperone.conf
 
-CMD ["sh", "-c", "/postfix.sh"]
+COPY docker-setup.sh /docker-setup.sh
+RUN chmod +x /docker-setup.sh
+
+ENTRYPOINT ["/usr/bin/chaperone"]

chaperone.conf

+setup.service: {
+  service_groups: INIT,
+  command: "/docker-setup.sh"
+}
+
+postfix.service: {
+  service_groups: IDLE,
+  command: "postfix start"
+}
+
+console.logging: {
+  selector: "*.warn",
+  stdout: true
+}

docker-setup.sh

+#!/bin/bash
+
+# configure postfix
+
+function setup_conf_and_secret {
+    postconf -e 'smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.trust.crt'
+    postconf -e "relayhost = [$MTP_RELAY]:$MTP_PORT"
+    postconf -e 'smtp_sasl_auth_enable = yes'
+    postconf -e 'smtp_sasl_password_maps = hash:/etc/postfix/relay_passwd'
+    postconf -e 'smtp_sasl_security_options = noanonymous'
+    postconf -e 'smtp_tls_security_level = may'
+    postconf -e 'mynetworks = 127.0.0.0/8 172.17.0.0/16'
+
+    echo "$MTP_RELAY   $MTP_USER:$MTP_PASS" > /etc/postfix/relay_passwd
+    postmap /etc/postfix/relay_passwd
+}
+
+postconf -e "myhostname = $MTP_HOST"
+postconf -e 'inet_interfaces = all'
+
+if [ ! -z "$MTP_RELAY" -a ! -z "$MTP_PORT" -a ! -z "$MTP_USER" -a ! -z "$MTP_PASS" ]; then
+    setup_conf_and_secret
+else
+    postconf -e 'mynetworks = 127.0.0.1/32 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8'
+fi
+
+newaliases