diff --git a/dockerfile b/dockerfile index 16211cc..78927b9 100644 --- a/dockerfile +++ b/dockerfile @@ -94,14 +94,14 @@ RUN chmod +x /docker-entrypoint.sh \ && chown root:root /backup \ && chmod 700 /backup \ # create SSL directory for ssl certificates - && mkdir -p /ssl \ + && mkdir -p /certs \ # Ensure scripts are executable && chmod +x /bin/backup.sh \ # Dovecot related commands && mkdir -p /srv/mail \ && chown vmail:vmail /srv/mail \ && chmod 765 -R /srv/mail \ - && mkdir -p /ssl/dovecot \ + && mkdir -p /certs/dovecot \ && chown dovecot:dovecot -R /etc/dovecot/ \ && chgrp postfix -R /etc/dovecot/sieve/ \ && chmod 0755 -R /etc/dovecot/sieve/ \ @@ -112,7 +112,7 @@ RUN chmod +x /docker-entrypoint.sh \ && chmod 744 /etc/dovecot/dovecot-acl \ # Postfix related commands && usermod -a -G vmail postfix \ - && mkdir -p /ssl/postfix \ + && mkdir -p /certs/postfix \ && ln -s /etc/dovecot/dovecot-ldap.conf.ext /etc/dovecot/dovecot-ldap-userdb.conf.ext \ # ensure postfix related scripts are executable && chmod +x /bin/postfix.sh \ @@ -133,7 +133,7 @@ RUN chmod +x /docker-entrypoint.sh \ # Setup data volumes -VOLUME /srv/mail /ssl /var/spool/spamassassin /backup /var/log +VOLUME /srv/mail /certs /var/spool/spamassassin /backup /var/log # Configure postfix RUN postconf -e "maillog_file=/var/log/postfix.log" \ @@ -174,8 +174,8 @@ RUN postconf -e "maillog_file=/var/log/postfix.log" \ # check quota before delivery && postconf -e "smtpd_recipient_restrictions=check_policy_service=inet:localhost:12340" \ # set tls settings - && postconf -e "smtpd_tls_cert_file=/ssl/postfix/cert.pem" \ - && postconf -e "smtpd_tls_key_file=/ssl/postfix/key.pem" \ + && postconf -e "smtpd_tls_cert_file=/certs/postfix/cert.pem" \ + && postconf -e "smtpd_tls_key_file=/certs/postfix/key.pem" \ && postconf -e "smtpd_helo_required = yes" \ && postconf -e "smtpd_delay_reject = yes" \ && postconf -e "disable_vrfy_command = yes" \ diff --git a/include/docker-entrypoint.sh b/include/docker-entrypoint.sh index 0bb9ea0..9d23c76 100644 --- a/include/docker-entrypoint.sh +++ b/include/docker-entrypoint.sh @@ -39,19 +39,19 @@ if [ "$1" == "setup" ]; then postconf -e "myhostname = $(`echo hostname -f`)" - if [ ! -f /ssl/dovecot/key.pem ]; then + if [ ! -f /certs/dovecot/key.pem ]; then echo "[WARNING] Creating Self-signed TLS Cert. Consider using letsencrypt or another trusted CA" - openssl req -nodes -new -x509 -keyout /ssl/dovecot/key.pem -out /ssl/dovecot/cert.pem -subj '/CN=localhost' + openssl req -nodes -new -x509 -keyout /certs/dovecot/key.pem -out /certs/dovecot/cert.pem -subj '/CN=localhost' fi - if [ ! -f /ssl/dovecot/dh.pem ]; then + if [ ! -f /certs/dovecot/dh.pem ]; then echo "[Information] Creating DHPEM Key" - openssl dhparam -out /ssl/dovecot/dh.pem 4096 + openssl dhparam -out /certs/dovecot/dh.pem 4096 fi @@ -68,11 +68,11 @@ postconf -e "myhostname = $(`echo hostname -f`)" sed -i -r -e 's/^\$manpage_directory/#$manpage_directory/' /etc/postfix/postfix-files.d/* - if [ ! -f /ssl/postfix/key.pem ]; then + if [ ! -f /certs/postfix/key.pem ]; then echo "[WARNING] Creating Self-signed TLS Cert. Consider using letsencrypt or another trusted CA" - openssl req -nodes -new -x509 -keyout /ssl/postfix/key.pem -out /ssl/postfix/cert.pem -subj '/CN=localhost' + openssl req -nodes -new -x509 -keyout /certs/postfix/key.pem -out /certs/postfix/cert.pem -subj '/CN=localhost' fi diff --git a/include/etc/dovecot/conf.d/10-ssl.conf b/include/etc/dovecot/conf.d/10-ssl.conf index 072c442..2d9812d 100644 --- a/include/etc/dovecot/conf.d/10-ssl.conf +++ b/include/etc/dovecot/conf.d/10-ssl.conf @@ -11,7 +11,7 @@ ssl_prefer_server_ciphers = yes ssl_client_ca_dir = /etc/ssl/certs -ssl_dh =