From fd644cd67fd66d2ddbf755207708ff948ada0bd1 Mon Sep 17 00:00:00 2001 From: Val Date: Wed, 3 Dec 2014 10:34:50 +0000 Subject: [PATCH] Cleanup --- Dockerfile | 62 ++++++++++++++ Makefile | 14 ++-- README.md | 77 +++++++++--------- {dovecot => config}/dovecot.auth | 0 {dovecot => config}/dovecot.imap | 0 {dovecot => config}/dovecot.lda | 0 {dovecot => config}/dovecot.logging | 0 {dovecot => config}/dovecot.mail | 0 {dovecot => config}/dovecot.master | 0 {dovecot => config}/dovecot.ssl | 0 {dovecot => config}/example/aliases | 0 {dovecot => config}/example/domains | 0 {dovecot => config}/example/myhostname | 0 {dovecot => config}/example/opendkim.conf | 0 {dovecot => config}/example/passwords | 0 {dovecot => config}/postfix.main.cf | 0 {dovecot => config}/postfix.master.cf.append | 0 dovecot/Dockerfile | 86 -------------------- dovecot/process_settings => process_settings | 0 19 files changed, 106 insertions(+), 133 deletions(-) create mode 100644 Dockerfile rename {dovecot => config}/dovecot.auth (100%) rename {dovecot => config}/dovecot.imap (100%) rename {dovecot => config}/dovecot.lda (100%) rename {dovecot => config}/dovecot.logging (100%) rename {dovecot => config}/dovecot.mail (100%) rename {dovecot => config}/dovecot.master (100%) rename {dovecot => config}/dovecot.ssl (100%) rename {dovecot => config}/example/aliases (100%) rename {dovecot => config}/example/domains (100%) rename {dovecot => config}/example/myhostname (100%) rename {dovecot => config}/example/opendkim.conf (100%) rename {dovecot => config}/example/passwords (100%) rename {dovecot => config}/postfix.main.cf (100%) rename {dovecot => config}/postfix.master.cf.append (100%) delete mode 100644 dovecot/Dockerfile rename dovecot/process_settings => process_settings (100%) diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..dbaaf0c --- /dev/null +++ b/Dockerfile @@ -0,0 +1,62 @@ +FROM ubuntu:14.04 + +ENV DEBIAN_FRONTEND noninteractive +RUN locale-gen en_GB en_GB.UTF-8 && dpkg-reconfigure locales + +RUN apt-get update + +RUN apt-get -y -q autoclean +RUN apt-get -y -q autoremove +RUN apt-get clean + +# Prerequisites +# install self-signed ssl certs +RUN apt-get install -y --force-yes ssl-cert + +# Install postfix as MTA +RUN apt-get install -y --force-yes postfix + +# Install dovecot as IMAP server +RUN apt-get install -y --force-yes dovecot-imapd + +# Install OpenDKIM domain signing server +RUN apt-get install -y --force-yes opendkim + +# postfix configuration +ADD ./config/postfix.main.cf /etc/postfix/main.cf +ADD ./condig/postfix.master.cf.append /etc/postfix/master-additional.cf +RUN cat /etc/postfix/master-additional.cf >> /etc/postfix/master.cf + +# configure settings script +VOLUME ["/mail_config"] +COPY process_settings /process_settings +RUN chmod 755 /process_settings + +# add user vmail who own all mail folders +VOLUME ["/vmail"] +RUN groupadd -g 5000 vmail +RUN useradd -g vmail -u 5000 vmail -d /vmail -m + +# dovecot configuration +ADD ./config/dovecot.mail /etc/dovecot/conf.d/10-mail.conf +ADD ./config/dovecot.ssl /etc/dovecot/conf.d/10-ssl.conf +ADD ./config/dovecot.auth /etc/dovecot/conf.d/10-auth.conf +ADD ./config/dovecot.master /etc/dovecot/conf.d/10-master.conf +ADD ./config/dovecot.lda /etc/dovecot/conf.d/15-lda.conf +ADD ./config/dovecot.imap /etc/dovecot/conf.d/20-imap.conf +# add verbose logging +#ADD ./config/dovecot.logging /etc/dovecot/conf.d/10-logging.conf + +# smtp port for incoming mail +EXPOSE 25 +# imap port +EXPOSE 143 +# smtp port for outgoing +EXPOSE 587 + +# todo: enable port 587 for outgoing mail, separate ports 25 and 587 +# http://www.synology-wiki.de/index.php/Zusaetzliche_Ports_fuer_Postfix + +# start necessary services for operation (dovecot -F starts dovecot in the foreground to prevent container exit) +ENTRYPOINT /process_settings; service rsyslog start; service opendkim start; service postfix start; dovecot -F + diff --git a/Makefile b/Makefile index a2c0da6..06e4084 100644 --- a/Makefile +++ b/Makefile @@ -1,11 +1,9 @@ -all: dovecot +all: build -.PHONY: dovecot +.PHONY: build -dovecot: - cd dovecot; docker build -t dovecot_made_special:2.1.7 . +build: + docker build -t dockermail_made_special:2.1.7 . -run-dovecot: - docker run -d -p 25:25 -p 587:587 -p 143:143 -v /opt/dockermail/settings:/mail_settings -v /opt/dockermail/vmail:/vmail dovecot_made_special:2.1.7 - -run-all: run-dovecot +run: + docker run -name dockermail -d -p 25:25 -p 587:587 -p 143:143 -v /opt/dockermail/settings:/mail_settings -v /opt/dockermail/vmail:/vmail dockermail_made_special:2.1.7 diff --git a/README.md b/README.md index ae818bb..985698d 100644 --- a/README.md +++ b/README.md @@ -5,63 +5,62 @@ Based on https://github.com/lava/dockermail A secure, minimal-configuration mail server in a docker container. -This repository is tailored to small private servers, where you own some domain(s) and -want to receive the mail for and send mail from this domain. +This repository is tailored to small private servers, where you own a domain and want to host your own mail. -The SMTP and IMAP server. This container uses postfix as MTA and dovecot as IMAP server. -All incoming mail to your own domains is accepted. For outgoing mail, only authenticated -(logged in with username and password) clients can send messages via STARTTLS on port 587. -Outgoing mail is configured to get OpenDKIM signature, you need to generate a key and set up your domain records. -Also you should add PTR record to your IP (aka reverse DNS) which is done by your server provider and add an SPF record to your domain - otherwise you may get your mail spam filtered. +This container uses postfix as MTA and dovecot as IMAP server. +All incoming mail to your domains is accepted. +For outgoing mail, only authenticated (logged in with username and password) clients can send messages via STARTTLS. + +SPAM stuff +===== +Outgoing mail is signed by OpenDKIM, you need to generate a key and set up your domain records (see step 5). +You should add PTR record to your IP (aka reverse DNS) which is done by your server provider. +And finally, generate and add an SPF record to your domain, search for instructions on this - there are a few generator site around and the setup steps depend on your domain name provider. Setup ===== Create 2 folders: one for mail configuration (`/opt/dockermail/settings`), another for mail storage (`/opt/dockermail/vmail`). -Use the the example config files in `dovecot/example` of this repo. +Use the the example config files in `config/example` of this repo. -1) Add all domains you want to receive mail for to the file `/opt/dockermail/settings/domains`, like this: +1. Add all domains you want to receive mail for to the file `/opt/dockermail/settings/domains`, like this: - example.org - example.net + example.org + example.net -2) Add user aliases to the file `/opt/dockermail/settings/aliases`, like +2. Add user aliases to the file `/opt/dockermail/settings/aliases`, like - johndoe@example.org john.doe@example.org - john.doe@example.org john.doe@example.org - admin@forum.example.org forum-admin@example.org - @example.net catch-all@example.net + johndoe@example.org john.doe@example.org + john.doe@example.org john.doe@example.org + admin@forum.example.org forum-admin@example.org + @example.net catch-all@example.net -An IMAP mail account is created for each entry on the right hand side. -Every mail sent to one of the addresses in the left column will -be delivered to the corresponding account in the right column. + An IMAP mail account is created for each entry on the right hand side. + Every mail sent to one of the addresses in the left column will be delivered to the corresponding account in the right column. -3) Add user passwords to the file `/opt/dockermail/settings/passwords` like this +3. Add user passwords to the file `/opt/dockermail/settings/passwords` like this - john.doe@example.org:{PLAIN}password123 - admin@example.org:{SHA256-CRYPT}$5$ojXGqoxOAygN91er$VQD/8dDyCYOaLl2yLJlRFXgl.NSrB3seZGXBRMdZAr6 + john.doe@example.org:{PLAIN}password123 + admin@example.org:{SHA256-CRYPT}$5$ojXGqoxOAygN91er$VQD/8dDyCYOaLl2yLJlRFXgl.NSrB3seZGXBRMdZAr6 -To get the hash values, you can either install dovecot locally or use `docker exec -it dockermail bash` to attach to the running -container and run `doveadm pw -s ` inside. + To get the hash values, you can either install dovecot locally or use `docker exec -it dockermail bash` to attach to the running container (step 7) and run `doveadm pw -s ` inside. -4) Change the hostname in file `/opt/dockermail/settings/myhostname` to the correct fully qualified domain of your server. +4. Change the hostname in file `/opt/dockermail/settings/myhostname` to the correct fully qualified domain of your server. -5) Add DKIM settings files: `/opt/dockermail/settings/opendkim.conf` and `/opt/dockermail/settings/mail.private` - See https://help.ubuntu.com/community/Postfix/DKIM on the info about these settings. - You will need to generate your own `mail.private` key and set up your domain records, the `opendkim.conf` from `dovecot/examples` - is ready to use. +5. Add DKIM settings files: `/opt/dockermail/settings/opendkim.conf` and `/opt/dockermail/settings/mail.private` + See https://help.ubuntu.com/community/Postfix/DKIM on the info about these settings. + You will need to generate your own `mail.private` key and set up your domain records, the `opendkim.conf` from `config/example` + is ready to use. -6) Build container +6. Build container - make + make -7) Run container and map ports 25 and 143 from the host to the container. - To store your mail outside the container, map `/opt/dockermail/vmail/` to - a directory on your host. (This is recommended, otherwise - you have to remember to backup your mail when you want to restart the container) +7. Run container and map ports 25 and 143 from the host to the container. + To store your mail outside the container, map `/opt/dockermail/vmail/` to + a directory on your host. (This is recommended, otherwise + you have to remember to backup your mail when you want to restart the container) - `docker run -d -p 25:25 -p 587:587 -p 143:143 -v /opt/dockermail/settings:/mail_settings -v /opt/dockermail/vmail:/vmail dovecot_made_special/2.1.7` + `docker run -name dockermail -d -p 25:25 -p 587:587 -p 143:143 -v /opt/dockermail/settings:/mail_settings -v /opt/dockermail/vmail:/vmail dockermail_made_special/2.1.7` -8) Enjoy. - -Patches welcome! +8. Enjoy! \ No newline at end of file diff --git a/dovecot/dovecot.auth b/config/dovecot.auth similarity index 100% rename from dovecot/dovecot.auth rename to config/dovecot.auth diff --git a/dovecot/dovecot.imap b/config/dovecot.imap similarity index 100% rename from dovecot/dovecot.imap rename to config/dovecot.imap diff --git a/dovecot/dovecot.lda b/config/dovecot.lda similarity index 100% rename from dovecot/dovecot.lda rename to config/dovecot.lda diff --git a/dovecot/dovecot.logging b/config/dovecot.logging similarity index 100% rename from dovecot/dovecot.logging rename to config/dovecot.logging diff --git a/dovecot/dovecot.mail b/config/dovecot.mail similarity index 100% rename from dovecot/dovecot.mail rename to config/dovecot.mail diff --git a/dovecot/dovecot.master b/config/dovecot.master similarity index 100% rename from dovecot/dovecot.master rename to config/dovecot.master diff --git a/dovecot/dovecot.ssl b/config/dovecot.ssl similarity index 100% rename from dovecot/dovecot.ssl rename to config/dovecot.ssl diff --git a/dovecot/example/aliases b/config/example/aliases similarity index 100% rename from dovecot/example/aliases rename to config/example/aliases diff --git a/dovecot/example/domains b/config/example/domains similarity index 100% rename from dovecot/example/domains rename to config/example/domains diff --git a/dovecot/example/myhostname b/config/example/myhostname similarity index 100% rename from dovecot/example/myhostname rename to config/example/myhostname diff --git a/dovecot/example/opendkim.conf b/config/example/opendkim.conf similarity index 100% rename from dovecot/example/opendkim.conf rename to config/example/opendkim.conf diff --git a/dovecot/example/passwords b/config/example/passwords similarity index 100% rename from dovecot/example/passwords rename to config/example/passwords diff --git a/dovecot/postfix.main.cf b/config/postfix.main.cf similarity index 100% rename from dovecot/postfix.main.cf rename to config/postfix.main.cf diff --git a/dovecot/postfix.master.cf.append b/config/postfix.master.cf.append similarity index 100% rename from dovecot/postfix.master.cf.append rename to config/postfix.master.cf.append diff --git a/dovecot/Dockerfile b/dovecot/Dockerfile deleted file mode 100644 index 53260db..0000000 --- a/dovecot/Dockerfile +++ /dev/null @@ -1,86 +0,0 @@ -FROM ubuntu:14.04 - -ENV DEBIAN_FRONTEND noninteractive - -RUN echo 'deb http://archive.ubuntu.com/ubuntu/ trusty main' | tee /etc/apt/sources.list -RUN echo 'deb-src http://archive.ubuntu.com/ubuntu/ trusty main' | tee -a /etc/apt/sources.list -RUN echo 'deb http://archive.ubuntu.com/ubuntu/ trusty-updates main' | tee -a /etc/apt/sources.list -RUN echo 'deb-src http://archive.ubuntu.com/ubuntu/ trusty-updates main' | tee -a /etc/apt/sources.list -RUN echo 'deb http://archive.ubuntu.com/ubuntu/ trusty universe' | tee -a /etc/apt/sources.list -RUN echo 'deb-src http://archive.ubuntu.com/ubuntu/ trusty universe' | tee -a /etc/apt/sources.list -RUN echo 'deb http://archive.ubuntu.com/ubuntu/ trusty-updates universe' | tee -a /etc/apt/sources.list -RUN echo 'deb-src http://archive.ubuntu.com/ubuntu/ trusty-updates universe' | tee -a /etc/apt/sources.list -RUN echo 'deb http://archive.ubuntu.com/ubuntu/ trusty multiverse' | tee -a /etc/apt/sources.list -RUN echo 'deb-src http://archive.ubuntu.com/ubuntu/ trusty multiverse' | tee -a /etc/apt/sources.list -RUN echo 'deb http://archive.ubuntu.com/ubuntu/ trusty-updates multiverse' | tee -a /etc/apt/sources.list -RUN echo 'deb-src http://archive.ubuntu.com/ubuntu/ trusty-updates multiverse' | tee -a /etc/apt/sources.list -RUN echo 'deb http://archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe multiverse' | tee -a /etc/apt/sources.list -RUN echo 'deb-src http://archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe multiverse' | tee -a /etc/apt/sources.list -RUN echo 'deb http://security.ubuntu.com/ubuntu trusty-security main' | tee -a /etc/apt/sources.list -RUN echo 'deb-src http://security.ubuntu.com/ubuntu trusty-security main' | tee -a /etc/apt/sources.list -RUN echo 'deb http://security.ubuntu.com/ubuntu trusty-security universe' | tee -a /etc/apt/sources.list -RUN echo 'deb-src http://security.ubuntu.com/ubuntu trusty-security universe' | tee -a /etc/apt/sources.list -RUN echo 'deb http://security.ubuntu.com/ubuntu trusty-security multiverse' | tee -a /etc/apt/sources.list -RUN echo 'deb-src http://security.ubuntu.com/ubuntu trusty-security multiverse' | tee -a /etc/apt/sources.list - -RUN locale-gen en_GB en_GB.UTF-8 && dpkg-reconfigure locales - -RUN apt-get update - -RUN apt-get -y -q autoclean -RUN apt-get -y -q autoremove -RUN apt-get clean - -# prerequisites -RUN apt-get update - -# install self-signed ssl certs -RUN apt-get install -y --force-yes ssl-cert - -# Install postfix as MTA -RUN apt-get install -y --force-yes postfix - -# Install dovecot as IMAP server -RUN apt-get install -y --force-yes dovecot-imapd - -# Install OpenDKIM domain signing server -RUN apt-get install -y --force-yes opendkim - -# postfix configuration -ADD ./postfix.main.cf /etc/postfix/main.cf -ADD ./postfix.master.cf.append /etc/postfix/master-additional.cf -RUN cat /etc/postfix/master-additional.cf >> /etc/postfix/master.cf - -# configure settings script -VOLUME ["/mail_config"] -COPY process_settings /process_settings -RUN chmod 755 /process_settings - -# add user vmail who own all mail folders -VOLUME ["/vmail"] -RUN groupadd -g 5000 vmail -RUN useradd -g vmail -u 5000 vmail -d /vmail -m - -# dovecot configuration -ADD ./dovecot.mail /etc/dovecot/conf.d/10-mail.conf -ADD ./dovecot.ssl /etc/dovecot/conf.d/10-ssl.conf -ADD ./dovecot.auth /etc/dovecot/conf.d/10-auth.conf -ADD ./dovecot.master /etc/dovecot/conf.d/10-master.conf -ADD ./dovecot.lda /etc/dovecot/conf.d/15-lda.conf -ADD ./dovecot.imap /etc/dovecot/conf.d/20-imap.conf -# add verbose logging -#ADD ./internal/dovecot.logging /etc/dovecot/conf.d/10-logging.conf - -# smtp port for incoming mail -EXPOSE 25 -# imap port -EXPOSE 143 -# smtp port for outgoing -EXPOSE 587 - -# todo: enable port 587 for outgoing mail, separate ports 25 and 587 -# http://www.synology-wiki.de/index.php/Zusaetzliche_Ports_fuer_Postfix - -# start necessary services for operation (dovecot -F starts dovecot in the foreground to prevent container exit) -ENTRYPOINT /process_settings; service rsyslog start; service opendkim start; service postfix start; dovecot -F - diff --git a/dovecot/process_settings b/process_settings similarity index 100% rename from dovecot/process_settings rename to process_settings