mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
Cleaned code after live testing and improved documentation
This commit is contained in:
parent
e5719ceacb
commit
fe55350645
28
SSL.md
28
SSL.md
|
@ -7,14 +7,30 @@ There are multiple options to enable SSL:
|
|||
|
||||
## let's encrypt
|
||||
|
||||
To enable Let's Encrypt on your mail server, you have to add en environment variable `DMS_SSL` with value `letsencrypt`.
|
||||
You also have to mount your `letsencrypt` folder to `/etc/letsencrypt`.
|
||||
|
||||
|
||||
|
||||
TO BE FINISHED WHEN IT WILL BE TESTED
|
||||
To enable Let's Encrypt on your mail server, you have to add en environment variable `DMS_SSL` with value `letsencrypt` (see `docker-compose.yml.dist`)
|
||||
You also have to mount your `letsencrypt` folder to `/etc/letsencrypt` and it should look like that:
|
||||
|
||||
├── etc
|
||||
│ └── letsencrypt
|
||||
│ ├── accounts
|
||||
│ ├── archive
|
||||
│ │ └── mail.domain.com
|
||||
│ │ ├── cert1.pem
|
||||
│ │ ├── chain1.pem
|
||||
│ │ ├── fullchain1.pem
|
||||
│ │ └── privkey1.pem
|
||||
│ ├── csr
|
||||
│ ├── keys
|
||||
│ ├── live
|
||||
│ │ └── mail.domain.com
|
||||
│ │ ├── cert.pem -> ../../archive/mail.domain.com/cert1.pem
|
||||
│ │ ├── chain.pem -> ../../archive/mail.domain.com/chain1.pem
|
||||
│ │ ├── combined.pem
|
||||
│ │ ├── fullchain.pem -> ../../archive/mail.domain.com/fullchain1.pem
|
||||
│ │ └── privkey.pem -> ../../archive/mail.domain.com/privkey1.pem
|
||||
│ └── renewal
|
||||
|
||||
You don't have anything else to do.
|
||||
|
||||
## self signed certificates
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@ mail:
|
|||
# image: tvial/docker-mailserver
|
||||
build: .
|
||||
hostname: mail
|
||||
domainname: my-domain.com
|
||||
domainname: domain.com
|
||||
ports:
|
||||
- "25:25"
|
||||
- "143:143"
|
||||
|
@ -11,3 +11,6 @@ mail:
|
|||
volumes:
|
||||
- ./spamassassin:/tmp/spamassassin/
|
||||
- ./postfix:/tmp/postfix/
|
||||
- ./letsencrypt/etc:/etc/letsencrypt
|
||||
environment:
|
||||
- DMS_SSL=letsencrypt
|
||||
|
|
|
@ -59,13 +59,6 @@ case $DMS_SSL in
|
|||
"letsencrypt" )
|
||||
# letsencrypt folders and files mounted in /etc/letsencrypt
|
||||
|
||||
# Adding certificates from Letsencrypt and IdenTrust
|
||||
# curl https://letsencrypt.org/certs/isrgrootx1.pem -so /etc/ssl/certs/isrgrootx1.pem
|
||||
# curl https://letsencrypt.org/certs/lets-encrypt-x1-cross-signed.pem -so /etc/ssl/certs/lets-encrypt-x1-cross-signed.pem
|
||||
# curl https://letsencrypt.org/certs/lets-encrypt-x2-cross-signed.pem -so /etc/ssl/certs/lets-encrypt-x2-cross-signed.pem
|
||||
# curl https://letsencrypt.org/certs/letsencryptauthorityx1.pem -so /etc/ssl/certs/letsencryptauthorityx1.pem
|
||||
# curl https://letsencrypt.org/certs/letsencryptauthorityx2.pem -so /etc/ssl/certs/letsencryptauthorityx2.pem
|
||||
|
||||
# Postfix configuration
|
||||
sed -i -r 's/smtpd_tls_cert_file=\/etc\/ssl\/certs\/ssl-cert-snakeoil.pem/smtpd_tls_cert_file=\/etc\/letsencrypt\/live\/'$(hostname)'\/fullchain.pem/g' /etc/postfix/main.cf
|
||||
sed -i -r 's/smtpd_tls_key_file=\/etc\/ssl\/private\/ssl-cert-snakeoil.key/smtpd_tls_key_file=\/etc\/letsencrypt\/live\/'$(hostname)'\/privkey.pem/g' /etc/postfix/main.cf
|
||||
|
|
Loading…
Reference in a new issue