mirror of
https://blitiri.com.ar/repos/chasquid
synced 2026-01-26 20:35:56 +00:00
docker: Add Dockerfile for running chasquid+dovecot+letsencrypt
This patch adds a new docker directory, which contains a Dockerfile plus some additional configuration for creating a container that runs chasquid+dovecot+letsencrypt. It also updates the gitlab CI pipeline to automatically build and publish an image on each commit. This is experimental and likely to break.
This commit is contained in:
Alberto Bertogli
134
docker/dovecot.conf
Normal file
134
docker/dovecot.conf
Normal file
@@ -0,0 +1,134 @@
|
||||
|
||||
#
|
||||
# Logging
|
||||
#
|
||||
log_path = /data/dovecot/dovecot.log
|
||||
|
||||
#
|
||||
# Email storage
|
||||
#
|
||||
|
||||
# Store emails in /data/mail/home/domain/user, which will be inside the
|
||||
# container's volume.
|
||||
mail_home = /data/mail/home/%d/%n
|
||||
|
||||
# Use Dovecot's native format.
|
||||
mail_location = mdbox:~/mdbox
|
||||
|
||||
# User and group used to store and access mailboxes.
|
||||
mail_uid = dovecot
|
||||
mail_gid = dovecot
|
||||
|
||||
# As we're using virtual mailboxes, the system user will be "dovecot", which
|
||||
# has uid in the 100-500 range. By default using uids <500 is blocked, so we
|
||||
# need to explicitly lower the value to allow storage of mail as "dovecot".
|
||||
first_valid_uid = 100
|
||||
first_valid_gid = 100
|
||||
|
||||
#
|
||||
# Authentication
|
||||
#
|
||||
|
||||
# Static file, in /data/dovecot/users.
|
||||
auth_mechanisms = plain
|
||||
passdb {
|
||||
driver = passwd-file
|
||||
args = scheme=CRYPT username_format=%u /data/dovecot/users
|
||||
}
|
||||
userdb {
|
||||
driver = passwd-file
|
||||
args = /data/dovecot/users
|
||||
}
|
||||
|
||||
|
||||
#
|
||||
# TLS
|
||||
#
|
||||
|
||||
# TLS is mandatory.
|
||||
# The entrypoint generates auto-ssl.conf, with all the certificates.
|
||||
ssl = required
|
||||
!include_try /etc/dovecot/auto-ssl.conf
|
||||
|
||||
# Only allow TLS 1.2 and up.
|
||||
ssl_min_protocol = TLSv1.2
|
||||
|
||||
|
||||
#
|
||||
# Protocols
|
||||
#
|
||||
protocols = lmtp imap pop3 sieve
|
||||
|
||||
#
|
||||
# IMAP
|
||||
#
|
||||
service imap-login {
|
||||
inet_listener imap {
|
||||
# Disable plain text IMAP, just in case.
|
||||
port = 0
|
||||
}
|
||||
inet_listener imaps {
|
||||
port = 993
|
||||
ssl = yes
|
||||
}
|
||||
}
|
||||
|
||||
service imap {
|
||||
}
|
||||
|
||||
#
|
||||
# POP3
|
||||
#
|
||||
service pop3-login {
|
||||
inet_listener pop3 {
|
||||
# Disable plain text POP3, just in case.
|
||||
port = 0
|
||||
}
|
||||
inet_listener pop3s {
|
||||
port = 995
|
||||
ssl = yes
|
||||
}
|
||||
}
|
||||
|
||||
service pop3 {
|
||||
}
|
||||
|
||||
#
|
||||
# Sieve/managesieve
|
||||
#
|
||||
service managesieve-login {
|
||||
}
|
||||
service managesieve {
|
||||
}
|
||||
protocol sieve {
|
||||
}
|
||||
plugin {
|
||||
sieve = file:~/sieve;active=~/.dovecot.sieve
|
||||
}
|
||||
|
||||
#
|
||||
# Internal services
|
||||
#
|
||||
service auth {
|
||||
unix_listener auth-userdb {
|
||||
}
|
||||
|
||||
# Grant chasquid access to request user authentication.
|
||||
unix_listener auth-chasquid-userdb {
|
||||
mode = 0660
|
||||
user = chasquid
|
||||
}
|
||||
unix_listener auth-chasquid-client {
|
||||
mode = 0660
|
||||
user = chasquid
|
||||
}
|
||||
}
|
||||
service auth-worker {
|
||||
}
|
||||
dict {
|
||||
}
|
||||
service lmtp {
|
||||
# This is used by mda-lmtp.
|
||||
unix_listener lmtp {
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user