-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
6 changed files
with
467 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| .env* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,192 @@ | ||
| # dcape-app-mattermost Makefile | ||
|
|
||
| SHELL = /bin/bash | ||
| CFG ?= .env | ||
|
|
||
| # Site domain | ||
| APP_SITE ?= dev.lan | ||
|
|
||
| # Site host | ||
| APP_HOST ?= mail | ||
|
|
||
| # Use SSL | ||
| #empty => SSL disabled | ||
| #letsencrypt => Enables Let's Encrypt certificates | ||
| SSL_TYPE ?= | ||
|
|
||
| # Vars for `make user-add` | ||
| # Email user name | ||
| MAIL_USER ?= admin@$(APP_SITE) | ||
| # Email user password | ||
| MAIL_PASS ?= $(shell < /dev/urandom tr -dc A-Za-z0-9 | head -c14; echo) | ||
|
|
||
| # Docker image name | ||
| IMAGE ?= tvial/docker-mailserver | ||
| # Docker image tag | ||
| IMAGE_VER ?= latest | ||
| # Docker-compose project name (container name prefix) | ||
| PROJECT_NAME ?= $(APP_SITE) | ||
|
|
||
| # Docker-compose image tag | ||
| DC_VER ?= 1.14.0 | ||
|
|
||
| define CONFIG_DEF | ||
| # ------------------------------------------------------------------------------ | ||
| # Mattermost settings | ||
|
|
||
| # Site domain | ||
| APP_SITE=$(APP_SITE) | ||
|
|
||
| # Site host | ||
| APP_HOST=$(APP_HOST) | ||
|
|
||
| # SSL | ||
| SSL_TYPE=$(SSL_TYPE) | ||
|
|
||
| # Docker details | ||
|
|
||
| # Docker image name | ||
| IMAGE=$(IMAGE) | ||
| # Docker image tag | ||
| IMAGE_VER=$(IMAGE_VER) | ||
| # Docker-compose project name (container name prefix) | ||
| PROJECT_NAME=$(PROJECT_NAME) | ||
|
|
||
| endef | ||
| export CONFIG_DEF | ||
|
|
||
| -include $(CFG) | ||
| export | ||
|
|
||
| .PHONY: all $(CFG) start start-hook stop update up reup down docker-wait db-create db-drop psql dc help | ||
|
|
||
| all: help | ||
|
|
||
| # ------------------------------------------------------------------------------ | ||
| # webhook commands | ||
|
|
||
| start: db-create up | ||
|
|
||
| start-hook: db-create reup | ||
|
|
||
| stop: down | ||
|
|
||
| update: reup | ||
|
|
||
| # ------------------------------------------------------------------------------ | ||
| # docker commands | ||
|
|
||
| ## старт контейнеров | ||
| up: | ||
| up: CMD=up -d | ||
| up: dc | ||
|
|
||
| ## рестарт контейнеров | ||
| reup: | ||
| reup: CMD=up --force-recreate -d | ||
| reup: dc | ||
|
|
||
| ## остановка и удаление всех контейнеров | ||
| down: | ||
| down: CMD=rm -f -s | ||
| down: dc | ||
|
|
||
|
|
||
| # Wait for postgresql container start | ||
| docker-wait: | ||
| @echo -n "Checking PG is ready..." | ||
| @until [[ `docker inspect -f "{{.State.Health.Status}}" $$DCAPE_DB` == healthy ]] ; do sleep 1 ; echo -n "." ; done | ||
| @echo "Ok" | ||
|
|
||
| # ------------------------------------------------------------------------------ | ||
| # DB operations | ||
|
|
||
| # Database import script | ||
| # DCAPE_DB_DUMP_DEST must be set in pg container | ||
|
|
||
| define IMPORT_SCRIPT | ||
| [[ "$$DCAPE_DB_DUMP_DEST" ]] || { echo "DCAPE_DB_DUMP_DEST not set. Exiting" ; exit 1 ; } ; \ | ||
| DB_NAME="$$1" ; DB_USER="$$2" ; DB_PASS="$$3" ; DB_SOURCE="$$4" ; \ | ||
| dbsrc=$$DCAPE_DB_DUMP_DEST/$$DB_SOURCE.tgz ; \ | ||
| if [ -f $$dbsrc ] ; then \ | ||
| echo "Dump file $$dbsrc found, restoring database..." ; \ | ||
| zcat $$dbsrc | PGPASSWORD=$$DB_PASS pg_restore -h localhost -U $$DB_USER -O -Ft -d $$DB_NAME || exit 1 ; \ | ||
| else \ | ||
| echo "Dump file $$dbsrc not found" ; \ | ||
| exit 2 ; \ | ||
| fi | ||
| endef | ||
| export IMPORT_SCRIPT | ||
|
|
||
| # create user, db and load dump | ||
| db-create: docker-wait | ||
| @echo "*** $@ ***" ; \ | ||
| docker exec -i $$DCAPE_DB psql -U postgres -c "CREATE USER \"$$DB_USER\" WITH PASSWORD '$$DB_PASS';" || true ; \ | ||
| docker exec -i $$DCAPE_DB psql -U postgres -c "CREATE DATABASE \"$$DB_NAME\" OWNER \"$$DB_USER\";" || db_exists=1 ; \ | ||
| if [[ ! "$$db_exists" ]] ; then \ | ||
| if [[ "$$DB_SOURCE" ]] ; then \ | ||
| echo "$$IMPORT_SCRIPT" | docker exec -i $$DCAPE_DB bash -s - $$DB_NAME $$DB_USER $$DB_PASS $$DB_SOURCE \ | ||
| && docker exec -i $$DCAPE_DB psql -U postgres -c "COMMENT ON DATABASE \"$$DB_NAME\" IS 'SOURCE $$DB_SOURCE';" \ | ||
| || true ; \ | ||
| fi \ | ||
| fi | ||
|
|
||
| ## drop database and user | ||
| db-drop: docker-wait | ||
| @echo "*** $@ ***" | ||
| @docker exec -it $$DCAPE_DB psql -U postgres -c "DROP DATABASE \"$$DB_NAME\";" || true | ||
| @docker exec -it $$DCAPE_DB psql -U postgres -c "DROP USER \"$$DB_USER\";" || true | ||
|
|
||
| psql: docker-wait | ||
| @docker exec -it $$DCAPE_DB psql -U $$DB_USER -d $$DB_NAME | ||
|
|
||
| # ------------------------------------------------------------------------------ | ||
|
|
||
| # $$PWD используется для того, чтобы текущий каталог был доступен в контейнере по тому же пути | ||
| # и относительные тома новых контейнеров могли его использовать | ||
| ## run docker-compose | ||
| dc: docker-compose.yml | ||
| @docker run --rm \ | ||
| -v /var/run/docker.sock:/var/run/docker.sock \ | ||
| -v $$PWD:$$PWD \ | ||
| -w $$PWD \ | ||
| docker/compose:$(DC_VER) \ | ||
| -p $$PROJECT_NAME \ | ||
| $(CMD) | ||
|
|
||
| # ------------------------------------------------------------------------------ | ||
|
|
||
| user-add: | ||
| docker run --rm \ | ||
| -e MAIL_USER=$(MAIL_USER) \ | ||
| -e MAIL_PASS=$(MAIL_PASS) \ | ||
| -ti $$IMAGE:$$IMAGE_VER \ | ||
| /bin/sh -c 'echo "$$MAIL_USER|$$(doveadm pw -s SHA512-CRYPT -u $$MAIL_USER -p $$MAIL_PASS)"' >> ../../data/mail/config/postfix-accounts.cf | ||
|
|
||
| # ------------------------------------------------------------------------------ | ||
|
|
||
| dkim-add: | ||
| docker run --rm \ | ||
| -v $$PWD/../../data/mail/config:/tmp/docker-mailserver \ | ||
| -ti $$IMAGE:$$IMAGE_VER generate-dkim-config | ||
|
|
||
| # ------------------------------------------------------------------------------ | ||
|
|
||
| certs: | ||
| [ -f dumpcerts.sh ] || wget https://raw.githubusercontent.com/containous/traefik/master/contrib/scripts/dumpcerts.sh && chmod +x dumpcerts.sh | ||
| [ -d ../../data/mail/certs/ ] || mkdir ../../data/mail/certs/ | ||
| ./dumpcerts.sh ../../data/acme/certs.json ../../data/mail/certs/ | ||
| # ------------------------------------------------------------------------------ | ||
|
|
||
| $(CFG): | ||
| @[ -f $@ ] || { echo "$$CONFIG_DEF" > $@ ; echo "Warning: Created default $@" ; } | ||
|
|
||
| # ------------------------------------------------------------------------------ | ||
|
|
||
| ## List Makefile targets | ||
| help: | ||
| @grep -A 1 "^##" Makefile | less | ||
|
|
||
| ## | ||
| ## Press 'q' for exit | ||
| ## |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,56 @@ | ||
| # dcape-app-mailserver | ||
|
|
||
| [![GitHub Release][1]][2] [![GitHub code size in bytes][3]]() [![GitHub license][4]][5] | ||
|
|
||
| [1]: https://img.shields.io/github/release/dopos/dcape-app-mailserver.svg | ||
| [2]: https://github.com/dopos/dcape-app-mailserver/releases | ||
| [3]: https://img.shields.io/github/languages/code-size/dopos/dcape-app-mailserver.svg | ||
| [4]: https://img.shields.io/github/license/dopos/dcape-app-mailserver.svg | ||
| [5]: LICENSE | ||
|
|
||
| Mail server application package for [dcape](https://github.com/dopos/dcape). | ||
|
|
||
| ## Docker image used | ||
|
|
||
| * [tomav/docker-mailserver](https://github.com/tomav/docker-mailserver) | ||
|
|
||
| ## Requirements | ||
|
|
||
| * linux 64bit (git, make, wget, gawk, openssl) | ||
| * [docker](http://docker.io) | ||
| * [dcape](https://github.com/dopos/dcape) | ||
| * Git service ([github](https://github.com), [gitea](https://gitea.io) or [gogs](https://gogs.io)) | ||
|
|
||
| ## Usage | ||
|
|
||
| * Fork this repo in your Git service | ||
| * Setup deploy hook | ||
| * Run "Test delivery" (config sample will be created in dcape) | ||
| * Edit and save config (enable deploy etc) | ||
| * Run "Test delivery" again (app will be installed and started on webhook host) | ||
| * Fork [dopos/dcape-dns-config](https://github/com/dopos/dcape-dns-config) and cook your zones | ||
|
|
||
| See also: [Deploy setup](https://github.com/dopos/dcape/blob/master/DEPLOY.md) (in Russian) | ||
|
|
||
|
|
||
| ### Add user | ||
|
|
||
| ``` | ||
| sudo make user-add MAIL_USER=user@domain | ||
| ``` | ||
|
|
||
| ### Setup DKIM | ||
|
|
||
| ``` | ||
| sudo make dkim-add | ||
| ``` | ||
|
|
||
| ### Letsencrypt | ||
|
|
||
| Based on https://github.com/tomav/docker-mailserver/issues/728 | ||
|
|
||
| ## License | ||
|
|
||
| The MIT License (MIT), see [LICENSE](LICENSE). | ||
|
|
||
| Copyright (c) 2017 Alexey Kovrizhkin <lekovr+dopos@gmail.com> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,41 @@ | ||
| version: '2.1' | ||
|
|
||
| services: | ||
| mail: | ||
| image: ${IMAGE}:${IMAGE_VER} | ||
| restart: always | ||
| hostname: ${APP_HOST} | ||
| domainname: ${APP_SITE} | ||
| container_name: mail | ||
| labels: | ||
| - "traefik.enable=true" | ||
| - "traefik.port=587" | ||
| - "traefik.frontend.rule=Host:${APP_HOST}.${APP_SITE}" | ||
| ports: | ||
| - "25:25" | ||
| - "143:143" | ||
| - "587:587" | ||
| - "993:993" | ||
| - "4190:4190" | ||
| volumes: | ||
| - /etc/timezone:/etc/timezone:ro | ||
| - /etc/localtime:/etc/localtime:ro | ||
| - ../../data/mail/data:/var/mail | ||
| - ../../data/mail/state:/var/mail-state | ||
| - ../../data/mail/config:/tmp/docker-mailserver | ||
| - ../../data/mail/certs:/certs | ||
| environment: | ||
| - ENABLE_SPAMASSASSIN=1 | ||
| - ENABLE_CLAMAV=1 | ||
| - ENABLE_FAIL2BAN=1 | ||
| - ENABLE_POSTGREY=1 | ||
| - ENABLE_MANAGESIEVE=1 | ||
| - ONE_DIR=1 | ||
| - DMS_DEBUG=1 | ||
| - SSL_TYPE=manual | ||
| - SSL_CERT_PATH=/certs/certs/${APP_HOST}.${APP_SITE}.crt | ||
| - SSL_KEY_PATH=/certs/private/${APP_HOST}.${APP_SITE}.key | ||
| cap_add: | ||
| - NET_ADMIN | ||
| - SYS_PTRACE | ||
|
|
Oops, something went wrong.