From 9d7873850d1da85c468b8e18bbd000760d2925fd Mon Sep 17 00:00:00 2001 From: Erik Wramner Date: Sat, 10 Aug 2019 10:15:35 +0200 Subject: [PATCH] Move dovecot cert generation to startup --- Dockerfile | 2 -- target/start-mailserver.sh | 20 +++++++++++++++++++- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 22dcf253..4c30fd08 100644 --- a/Dockerfile +++ b/Dockerfile @@ -119,8 +119,6 @@ RUN sed -i -e 's/include_try \/usr\/share\/dovecot\/protocols\.d/include_try \/e # stretch-backport of dovecot needs this folder mkdir /etc/dovecot/ssl && \ chmod 755 /etc/dovecot/ssl && \ - cd /usr/share/dovecot && \ - ./mkcert.sh && \ mkdir -p /usr/lib/dovecot/sieve-pipe /usr/lib/dovecot/sieve-filter /usr/lib/dovecot/sieve-global && \ chmod 755 -R /usr/lib/dovecot/sieve-pipe /usr/lib/dovecot/sieve-filter /usr/lib/dovecot/sieve-global diff --git a/target/start-mailserver.sh b/target/start-mailserver.sh index b289df04..d5562f0d 100644 --- a/target/start-mailserver.sh +++ b/target/start-mailserver.sh @@ -507,6 +507,25 @@ function _setup_dovecot_hostname() { function _setup_dovecot() { notify 'task' 'Setting up Dovecot' + # Moved from docker file, copy or generate default self-signed cert + if [ -f /var/mail-state/lib-dovecot/dovecot.pem -a "$ONE_DIR" = 1 ]; then + notify 'inf' "Copying default dovecot cert" + cp /var/mail-state/lib-dovecot/dovecot.key /etc/dovecot/ssl/ + cp /var/mail-state/lib-dovecot/dovecot.pem /etc/dovecot/ssl/ + fi + if [ ! -f /etc/dovecot/ssl/dovecot.pem ]; then + notify 'inf' "Generating default dovecot cert" + pushd /usr/share/dovecot + ./mkcert.sh + popd + + if [ "$ONE_DIR" = 1 ];then + mkdir -p /var/mail-state/lib-dovecot + cp /etc/dovecot/ssl/dovecot.key /var/mail-state/lib-dovecot/ + cp /etc/dovecot/ssl/dovecot.pem /var/mail-state/lib-dovecot/ + fi + fi + cp -a /usr/share/dovecot/protocols.d /etc/dovecot/ # Disable pop3 (it will be eventually enabled later in the script, if requested) mv /etc/dovecot/protocols.d/pop3d.protocol /etc/dovecot/protocols.d/pop3d.protocol.disab @@ -1003,7 +1022,6 @@ function _setup_ssl() { ;; * ) # Unknown option, default behavior, no action is required - notify 'warn' "SSL configured by default" ;; esac