mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
Merge pull request #157 from tomav/refactored-documentation-in-readme-and-wiki
Refactored documentation and Wiki Moved docker-compose.yml.dist to version 2 with data volume container Renamed DMS_SSL to SSL_TYPE Refactored start-mailserver to avoid DKIM errors
This commit is contained in:
commit
afe8cfb610
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -1,6 +1,4 @@
|
|||
.DS_Store
|
||||
docker-compose.yml
|
||||
postfix/ssl/*
|
||||
letsencrypt/
|
||||
.idea
|
||||
test/config/empty/
|
||||
|
|
162
README.md
162
README.md
|
@ -1,12 +1,12 @@
|
|||
# docker-mailserver
|
||||
# docker-mailserver [![Build Status](https://travis-ci.org/tomav/docker-mailserver.svg?branch=v2)](https://travis-ci.org/tomav/docker-mailserver)
|
||||
|
||||
|
||||
```
|
||||
#
|
||||
# CURRENTLY IN BETA
|
||||
# CURRENTLY IN RELEASE CANDIDATE
|
||||
#
|
||||
```
|
||||
|
||||
[![Build Status](https://travis-ci.org/tomav/docker-mailserver.svg?branch=v2)](https://travis-ci.org/tomav/docker-mailserver)
|
||||
|
||||
A fullstack but simple mail server (smtp, imap, antispam, antivirus...).
|
||||
Only configuration files, no SQL database. Keep it simple and versioned.
|
||||
|
@ -28,36 +28,46 @@ Includes:
|
|||
|
||||
Why I created this image: [Simple mail server with Docker](http://tvi.al/simple-mail-server-with-docker/)
|
||||
|
||||
Before you open an issue, please have a look this `README`, the [FAQ](https://github.com/tomav/docker-mailserver/wiki/FAQ) and Postfix/Dovecot documentation.
|
||||
Before you open an issue, please have a look this `README`, the [Wiki](https://github.com/tomav/docker-mailserver/wiki/) and Postfix/Dovecot documentation.
|
||||
|
||||
## Project architecture
|
||||
## Usage
|
||||
|
||||
├── config # User: personal configurations
|
||||
├── docker-compose.yml.dist # User: 'docker-compose.yml' example
|
||||
├── target # Developer: default server configurations
|
||||
└── test # Developer: integration tests
|
||||
|
||||
## Basic usage
|
||||
|
||||
# get v2 image
|
||||
#### Get v2 image
|
||||
|
||||
docker pull tvial/docker-mailserver:v2
|
||||
|
||||
# create a "docker-compose.yml" file containing:
|
||||
mail:
|
||||
image: tvial/docker-mailserver:v2
|
||||
hostname: mail
|
||||
domainname: domain.com
|
||||
# your FQDN will be 'mail.domain.com'
|
||||
ports:
|
||||
- "25:v25"
|
||||
- "143:143"
|
||||
- "587:587"
|
||||
- "993:993"
|
||||
volumes:
|
||||
- ./config/:/tmp/docker-mailserver/
|
||||
#### Create a `docker-compose.yml`
|
||||
|
||||
Adapt this file with your FQDN.
|
||||
|
||||
version: '2'
|
||||
|
||||
services:
|
||||
mail:
|
||||
image: tvial/docker-mailserver:v2
|
||||
# build: .
|
||||
hostname: mail
|
||||
domainname: domain.com
|
||||
container_name: mail
|
||||
volumes:
|
||||
- maildata:/var/mail
|
||||
ports:
|
||||
- "25:25"
|
||||
- "143:143"
|
||||
- "587:587"
|
||||
- "993:993"
|
||||
volumes:
|
||||
- ./config/:/tmp/docker-mailserver/
|
||||
- ./opendkim/:/tmp/docker-mailserver/opendkim/
|
||||
|
||||
volumes:
|
||||
maildata:
|
||||
driver: local
|
||||
|
||||
#### Create your mail accounts
|
||||
|
||||
Don't forget to adapt MAIL_USER and MAIL_PASS to your needs
|
||||
|
||||
# Create your first mail account
|
||||
# Don't forget to adapt MAIL_USER and MAIL_PASS to your needs
|
||||
mkdir -p config
|
||||
docker run --rm \
|
||||
-e MAIL_USER=user1@domain.tld \
|
||||
|
@ -65,65 +75,26 @@ Before you open an issue, please have a look this `README`, the [FAQ](https://gi
|
|||
-ti tvial/docker-mailserver:v2 \
|
||||
/bin/sh -c 'echo "$MAIL_USER|$(doveadm pw -s CRAM-MD5 -u $MAIL_USER -p $MAIL_PASS)"' >> config/postfix-accounts.cf
|
||||
|
||||
# start the container
|
||||
#### Generate DKIM keys
|
||||
|
||||
docker run --rm \
|
||||
-v "$(pwd)/config":/tmp/docker-mailserver \
|
||||
-ti tvial/docker-mailserver:v2 generate-dkim-config
|
||||
|
||||
Now the keys are generated, you can configure your DNS server by just pasting the content of `config/opedkim/keys/domain.tld/mail.txt` in your `domain.tld.hosts` zone.
|
||||
|
||||
#### Start the container
|
||||
|
||||
docker-compose up -d mail
|
||||
|
||||
You're done!
|
||||
|
||||
## Managing users and aliases
|
||||
|
||||
### Users
|
||||
|
||||
As you've seen above, users are managed in `config/postfix-accounts.cf`.
|
||||
Just add the full email address and its encrypted password separated by a pipe.
|
||||
|
||||
Example:
|
||||
|
||||
user1@domain.tld|{CRAM-MD5}mypassword-cram-md5-encrypted
|
||||
user2@otherdomain.tld|{CRAM-MD5}myotherpassword-cram-md5-encrypted
|
||||
|
||||
To generate the password you could run for example the following:
|
||||
|
||||
docker run --rm \
|
||||
-e MAIL_USER=user1@domain.tld \
|
||||
-ti tvial/docker-mailserver:v2 \
|
||||
/bin/sh -c 'echo "$MAIL_USER|$(doveadm pw -s CRAM-MD5 -u $MAIL_USER )"'
|
||||
|
||||
You will be asked for a password. Just copy all the output string in the file `config/postfix-accounts.cf`.
|
||||
|
||||
The `doveadm pw` command let you choose between several encryption schemes for the password.
|
||||
Use doveadm pw -l to get a list of the currently supported encryption schemes.
|
||||
|
||||
### Aliases
|
||||
|
||||
Please first read [Postfix documentation on virtual aliases](http://www.postfix.org/VIRTUAL_README.html#virtual_alias).
|
||||
|
||||
Aliases are managed in `config/postfix-virtual.cf`.
|
||||
An alias is a full email address that will be:
|
||||
* delivered to an existing account in `config/postfix-accounts.cf`
|
||||
* redirected to one or more other email addresses
|
||||
|
||||
Alias and target are space separated.
|
||||
|
||||
Example:
|
||||
|
||||
# Alias to existing account
|
||||
alias1@domain.tld user1@domain.tld
|
||||
|
||||
# Forward to external email address
|
||||
alias2@domain.tld external@gmail.com
|
||||
|
||||
## Environment variables
|
||||
|
||||
Please check [how the container starts](https://github.com/tomav/docker-mailserver/blob/v2/start-mailserver.sh) to understand what's expected.
|
||||
|
||||
Value in **bold** is the default value.
|
||||
|
||||
##### DMS_SSL
|
||||
|
||||
- **empty** => SSL disabled
|
||||
- letsencrypt => Enables Let's Encrypt certificates
|
||||
- custom => Enables custom certificates
|
||||
- self-signed => Enables self-signed certificates
|
||||
|
||||
##### ENABLE_POP3
|
||||
|
||||
- **empty** => POP3 service disabled
|
||||
|
@ -163,34 +134,13 @@ Otherwise, `iptables` won't be able to ban IPs.
|
|||
- **empty** => all daemons start
|
||||
- 1 => only launch postfix smtp
|
||||
|
||||
Please check [how the container starts](https://github.com/tomav/docker-mailserver/blob/v2/start-mailserver.sh) to understand what's expected.
|
||||
##### SSL_TYPE
|
||||
|
||||
## OpenDKIM
|
||||
- **empty** => SSL disabled
|
||||
- letsencrypt => Enables Let's Encrypt certificates
|
||||
- custom => Enables custom certificates
|
||||
- self-signed => Enables self-signed certificates
|
||||
|
||||
You have prepared your mail accounts? Now you can generate DKIM keys using the following command:
|
||||
Please read [the SSL page in the wiki](https://github.com/tomav/docker-mailserver/wiki/Configure-SSL) for more information.
|
||||
|
||||
docker run --rm \
|
||||
-v "$(pwd)/config":/tmp/docker-mailserver \
|
||||
-ti tvial/docker-mailserver:v2 generate-dkim-config
|
||||
|
||||
Don't forget to mount `config/opendkim/` to `/tmp/docker-mailserver/opendkim/` in order to use it.
|
||||
|
||||
Now the keys are generated, you can configure your DNS server by just pasting the content of `config/opedkim/keys/domain.tld/mail.txt` in your `domain.tld.hosts` zone.
|
||||
|
||||
## SSL
|
||||
|
||||
Please read [the SSL page in the wiki](https://github.com/tomav/docker-mailserver/wiki/SSL) for more information.
|
||||
|
||||
## Todo
|
||||
|
||||
Things to do or to improve are stored on [Github](https://github.com/tomav/docker-mailserver/issues).
|
||||
Feel free to improve this docker image.
|
||||
|
||||
## Contribute
|
||||
|
||||
- Fork
|
||||
- Improve
|
||||
- Add integration tests in `test/tests.bats`
|
||||
- Build image and run tests using `make`
|
||||
- Document your improvements
|
||||
- Commit, push and make a pull-request
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
# Place you custom Spamassasin rules here
|
|
@ -1,14 +1,26 @@
|
|||
mail:
|
||||
image: tvial/docker-mailserver:v2
|
||||
# build: .
|
||||
hostname: mail
|
||||
domainname: domain.com
|
||||
volumes_from:
|
||||
- maildata
|
||||
ports:
|
||||
- "25:25"
|
||||
- "143:143"
|
||||
- "587:587"
|
||||
- "993:993"
|
||||
volumes:
|
||||
- ./config/:/tmp/docker-mailserver/
|
||||
version: '2'
|
||||
|
||||
services:
|
||||
mail:
|
||||
image: tvial/docker-mailserver:v2
|
||||
hostname: mail
|
||||
domainname: domain.com
|
||||
container_name: mail
|
||||
volumes:
|
||||
- maildata:/var/mail
|
||||
ports:
|
||||
- "25:25"
|
||||
- "143:143"
|
||||
- "587:587"
|
||||
- "993:993"
|
||||
volumes:
|
||||
- ./config/:/tmp/docker-mailserver/
|
||||
- ./opendkim/:/tmp/docker-mailserver/opendkim/
|
||||
environment:
|
||||
- ENABLE_FAIL2BAN=1
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
|
||||
volumes:
|
||||
maildata:
|
||||
driver: local
|
||||
|
|
|
@ -49,7 +49,6 @@ if [ -f /tmp/docker-mailserver/postfix-accounts.cf ]; then
|
|||
maildirmake.dovecot "/var/mail/${domain}/${user}/.Drafts"
|
||||
echo -e "INBOX\nSent\nTrash\nDrafts" >> "/var/mail/${domain}/${user}/subscriptions"
|
||||
touch "/var/mail/${domain}/${user}/.Sent/maildirfolder"
|
||||
|
||||
fi
|
||||
echo ${domain} >> /tmp/vhost.tmp
|
||||
done < /tmp/docker-mailserver/postfix-accounts.cf
|
||||
|
@ -89,16 +88,15 @@ if [ -e "/tmp/docker-mailserver/opendkim/KeyTable" ]; then
|
|||
mkdir -p /etc/opendkim
|
||||
cp -a /tmp/docker-mailserver/opendkim/* /etc/opendkim/
|
||||
echo "DKIM keys added for: `ls -C /etc/opendkim/keys/`"
|
||||
echo "Changing permissions on /etc/opendkim"
|
||||
# chown entire directory
|
||||
chown -R opendkim:opendkim /etc/opendkim/
|
||||
# And make sure permissions are right
|
||||
chmod -R 0700 /etc/opendkim/keys/
|
||||
else
|
||||
echo "No DKIM key provided. Check the documentation to find how to get your keys."
|
||||
fi
|
||||
|
||||
echo "Changing permissions on /etc/opendkim"
|
||||
# chown entire directory
|
||||
chown -R opendkim:opendkim /etc/opendkim/
|
||||
# And make sure permissions are right
|
||||
chmod -R 0700 /etc/opendkim/keys/
|
||||
|
||||
# DMARC
|
||||
# if there is no AuthservID create it
|
||||
if [ `cat /etc/opendmarc.conf | grep -w AuthservID | wc -l` -eq 0 ]; then
|
||||
|
@ -113,7 +111,7 @@ if [ ! -f "/etc/opendmarc/ignore.hosts" ]; then
|
|||
fi
|
||||
|
||||
# SSL Configuration
|
||||
case $DMS_SSL in
|
||||
case $SSL_TYPE in
|
||||
"letsencrypt" )
|
||||
# letsencrypt folders and files mounted in /etc/letsencrypt
|
||||
if [ -e "/etc/letsencrypt/live/$(hostname)/cert.pem" ] \
|
||||
|
@ -225,7 +223,7 @@ SA_KILL=${SA_KILL:="6.31"} && sed -i -r 's/^\$sa_kill_level_deflt (.*);/\$sa_kil
|
|||
test -e /tmp/docker-mailserver/spamassassin-rules.cf && cp /tmp/docker-mailserver/spamassassin-rules.cf /etc/spamassassin/
|
||||
|
||||
# Disable logrotate config for fail2ban if not enabled
|
||||
test -z "$ENABLE_FAIL2BAN"&& rm -f /etc/logrotate.d/fail2ban
|
||||
test -z "$ENABLE_FAIL2BAN" && rm -f /etc/logrotate.d/fail2ban
|
||||
# Fix cron.daily for spamassassin
|
||||
sed -i -e 's/invoke-rc.d spamassassin reload/\/etc\/init\.d\/spamassassin reload/g' /etc/cron.daily/spamassassin
|
||||
|
||||
|
|
Loading…
Reference in a new issue