mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
Cleaned code after live testing and improved documentation
This commit is contained in:
Thomas VIAL
parent
e5719ceacb
commit
fe55350645
2
.gitignore
vendored
2
.gitignore
vendored
|
|
@ -2,4 +2,4 @@
|
||||||
docker-compose.yml
|
docker-compose.yml
|
||||||
postfix/ssl/*
|
postfix/ssl/*
|
||||||
assert.sh*
|
assert.sh*
|
||||||
letsencrypt/
|
letsencrypt/
|
||||||
|
|
|
||||||
24
README.md
24
README.md
|
|
@ -70,19 +70,19 @@ Volumes allow to:
|
||||||
|
|
||||||
# client configuration
|
# client configuration
|
||||||
|
|
||||||
# imap
|
# imap
|
||||||
username: <username1@my-domain.com>
|
username: <username1@my-domain.com>
|
||||||
password: <username1password>
|
password: <username1password>
|
||||||
server: <your-server-ip-or-hostname>
|
server: <your-server-ip-or-hostname>
|
||||||
imap port: 143 or 993 with ssl (recommended)
|
imap port: 143 or 993 with ssl (recommended)
|
||||||
imap path prefix: INBOX
|
imap path prefix: INBOX
|
||||||
auth method: md5 challenge-response
|
auth method: md5 challenge-response
|
||||||
|
|
||||||
# smtp
|
# smtp
|
||||||
smtp port: 25 or 587 with ssl (recommended)
|
smtp port: 25 or 587 with ssl (recommended)
|
||||||
username: <username1@my-domain.com>
|
username: <username1@my-domain.com>
|
||||||
password: <username1password>
|
password: <username1password>
|
||||||
auth method: md5 challenge-response
|
auth method: md5 challenge-response
|
||||||
|
|
||||||
# todo
|
# todo
|
||||||
|
|
||||||
|
|
|
||||||
28
SSL.md
28
SSL.md
|
|
@ -7,14 +7,30 @@ There are multiple options to enable SSL:
|
||||||
|
|
||||||
## let's encrypt
|
## let's encrypt
|
||||||
|
|
||||||
To enable Let's Encrypt on your mail server, you have to add en environment variable `DMS_SSL` with value `letsencrypt`.
|
To enable Let's Encrypt on your mail server, you have to add en environment variable `DMS_SSL` with value `letsencrypt` (see `docker-compose.yml.dist`)
|
||||||
You also have to mount your `letsencrypt` folder to `/etc/letsencrypt`.
|
You also have to mount your `letsencrypt` folder to `/etc/letsencrypt` and it should look like that:
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
TO BE FINISHED WHEN IT WILL BE TESTED
|
|
||||||
|
|
||||||
|
├── etc
|
||||||
|
│ └── letsencrypt
|
||||||
|
│ ├── accounts
|
||||||
|
│ ├── archive
|
||||||
|
│ │ └── mail.domain.com
|
||||||
|
│ │ ├── cert1.pem
|
||||||
|
│ │ ├── chain1.pem
|
||||||
|
│ │ ├── fullchain1.pem
|
||||||
|
│ │ └── privkey1.pem
|
||||||
|
│ ├── csr
|
||||||
|
│ ├── keys
|
||||||
|
│ ├── live
|
||||||
|
│ │ └── mail.domain.com
|
||||||
|
│ │ ├── cert.pem -> ../../archive/mail.domain.com/cert1.pem
|
||||||
|
│ │ ├── chain.pem -> ../../archive/mail.domain.com/chain1.pem
|
||||||
|
│ │ ├── combined.pem
|
||||||
|
│ │ ├── fullchain.pem -> ../../archive/mail.domain.com/fullchain1.pem
|
||||||
|
│ │ └── privkey.pem -> ../../archive/mail.domain.com/privkey1.pem
|
||||||
|
│ └── renewal
|
||||||
|
|
||||||
|
You don't have anything else to do.
|
||||||
|
|
||||||
## self signed certificates
|
## self signed certificates
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@ mail:
|
||||||
# image: tvial/docker-mailserver
|
# image: tvial/docker-mailserver
|
||||||
build: .
|
build: .
|
||||||
hostname: mail
|
hostname: mail
|
||||||
domainname: my-domain.com
|
domainname: domain.com
|
||||||
ports:
|
ports:
|
||||||
- "25:25"
|
- "25:25"
|
||||||
- "143:143"
|
- "143:143"
|
||||||
|
|
@ -11,3 +11,6 @@ mail:
|
||||||
volumes:
|
volumes:
|
||||||
- ./spamassassin:/tmp/spamassassin/
|
- ./spamassassin:/tmp/spamassassin/
|
||||||
- ./postfix:/tmp/postfix/
|
- ./postfix:/tmp/postfix/
|
||||||
|
- ./letsencrypt/etc:/etc/letsencrypt
|
||||||
|
environment:
|
||||||
|
- DMS_SSL=letsencrypt
|
||||||
|
|
|
||||||
|
|
@ -59,13 +59,6 @@ case $DMS_SSL in
|
||||||
"letsencrypt" )
|
"letsencrypt" )
|
||||||
# letsencrypt folders and files mounted in /etc/letsencrypt
|
# letsencrypt folders and files mounted in /etc/letsencrypt
|
||||||
|
|
||||||
# Adding certificates from Letsencrypt and IdenTrust
|
|
||||||
# curl https://letsencrypt.org/certs/isrgrootx1.pem -so /etc/ssl/certs/isrgrootx1.pem
|
|
||||||
# curl https://letsencrypt.org/certs/lets-encrypt-x1-cross-signed.pem -so /etc/ssl/certs/lets-encrypt-x1-cross-signed.pem
|
|
||||||
# curl https://letsencrypt.org/certs/lets-encrypt-x2-cross-signed.pem -so /etc/ssl/certs/lets-encrypt-x2-cross-signed.pem
|
|
||||||
# curl https://letsencrypt.org/certs/letsencryptauthorityx1.pem -so /etc/ssl/certs/letsencryptauthorityx1.pem
|
|
||||||
# curl https://letsencrypt.org/certs/letsencryptauthorityx2.pem -so /etc/ssl/certs/letsencryptauthorityx2.pem
|
|
||||||
|
|
||||||
# Postfix configuration
|
# Postfix configuration
|
||||||
sed -i -r 's/smtpd_tls_cert_file=\/etc\/ssl\/certs\/ssl-cert-snakeoil.pem/smtpd_tls_cert_file=\/etc\/letsencrypt\/live\/'$(hostname)'\/fullchain.pem/g' /etc/postfix/main.cf
|
sed -i -r 's/smtpd_tls_cert_file=\/etc\/ssl\/certs\/ssl-cert-snakeoil.pem/smtpd_tls_cert_file=\/etc\/letsencrypt\/live\/'$(hostname)'\/fullchain.pem/g' /etc/postfix/main.cf
|
||||||
sed -i -r 's/smtpd_tls_key_file=\/etc\/ssl\/private\/ssl-cert-snakeoil.key/smtpd_tls_key_file=\/etc\/letsencrypt\/live\/'$(hostname)'\/privkey.pem/g' /etc/postfix/main.cf
|
sed -i -r 's/smtpd_tls_key_file=\/etc\/ssl\/private\/ssl-cert-snakeoil.key/smtpd_tls_key_file=\/etc\/letsencrypt\/live\/'$(hostname)'\/privkey.pem/g' /etc/postfix/main.cf
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue