Commit badf8679 authored by Nolan's avatar Nolan

Add TLS support to roundcube.

parent ecffb38e
......@@ -5,7 +5,8 @@
"networks": [ "post-spam" ],
"hostname": "mail",
"PUBDNS": [ "A:mail", "MX:mail:10" ],
"env": [ "SMTP=1" ]
"env": [ "SMTP=1" ],
"TLSCert": { "keydir":"/keys", "change":"/cert_change" }
},
"spamassassin": {
"networks": [ "post-spam", "spam-dove" ],
......@@ -15,20 +16,23 @@
"networks": [ "spam-dove", "private"],
"hostname": "imap",
"storagedirs": [ "/home/" ],
"PRIVDNS": [ "imap" ]
"PRIVDNS": [ "imap" ],
"TLSCert": { "keydir":"/keys", "change":"/cert_change" }
},
"roundcube": {
"networks": [ "private" ],
"hostname": "webmail",
"storagedirs": [ "/var/lib/dbconfig-common/sqlite3/roundcube/" ],
"PRIVDNS": [ "webmail" ]
"PRIVDNS": [ "webmail" ],
"TLSCert": { "keydir":"/keys", "change":"/cert_change" }
},
"submission": {
"networks": [ "private" ],
"hostname": "submission",
"PRIVDNS": [ "submission" ],
"env": [ "SUBMISSION=1" ],
"reuse": "postfix"
"reuse": "postfix",
"TLSCert": { "keydir":"/keys", "change":"/cert_change" }
}
}
}
......@@ -3,14 +3,22 @@ ARG FROM_PREFIX
FROM ${FROM_PREFIX}python3
#XXX Switch to nginx. May not be easy thanks for debian's deps.
#XXX --no-install-recommends?
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y roundcube roundcube-sqlite3 \
&& sed -i 's|/var/www/html|/var/lib/roundcube|g' /etc/apache2/sites-enabled/000-default.conf \
&& rm -rf /var/lib/apt/lists/*
COPY config.inc.php /etc/roundcube/
COPY php.ini /etc/php/7.0/apache2/conf.d/99-local.ini
RUN dpkg-reconfigure -f noninteractive roundcube-core \
RUN sed -i 's|/var/www/html|/var/lib/roundcube|g' /etc/apache2/sites-available/000-default.conf \
&& sed -i 's|/var/www/html|/var/lib/roundcube|g' /etc/apache2/sites-available/default-ssl.conf \
&& sed -i 's|/etc/ssl/certs/ssl-cert-snakeoil.pem|/keys/fullchain.pem|g' \
/etc/apache2/sites-available/default-ssl.conf \
&& sed -i 's|/etc/ssl/private/ssl-cert-snakeoil.key|/keys/privkey.pem|g' \
/etc/apache2/sites-available/default-ssl.conf \
&& a2ensite default-ssl \
&& a2enmod ssl \
&& dpkg-reconfigure -f noninteractive roundcube-core \
&& cat /var/lib/dbconfig-common/sqlite3/roundcube/roundcube | gzip > /rcdb.gz \
&& rm /var/lib/dbconfig-common/sqlite3/roundcube/roundcube
COPY start.sh /
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment