refactor(ssl): Moved /ssl to /certs

As this directory not only contains the SSL Certs,
the dkim certs as well, renamed to make more sense.

MR !2

dockerfile

@@ -94,14 +94,14 @@ RUN chmod +x /docker-entrypoint.sh \
     && chown root:root /backup \
     && chmod 700 /backup \
       # create SSL directory for ssl certificates
-    && mkdir -p /ssl \
+    && mkdir -p /certs \
       # Ensure scripts are executable
     && chmod +x /bin/backup.sh \
       # Dovecot related commands
     && mkdir -p /srv/mail \ 
     && chown vmail:vmail /srv/mail \
     && chmod 765 -R /srv/mail \
-    && mkdir -p /ssl/dovecot \
+    && mkdir -p /certs/dovecot \
     && chown dovecot:dovecot -R /etc/dovecot/ \
     && chgrp postfix -R /etc/dovecot/sieve/ \
     && chmod 0755 -R /etc/dovecot/sieve/ \
@@ -112,7 +112,7 @@ RUN chmod +x /docker-entrypoint.sh \
     && chmod 744 /etc/dovecot/dovecot-acl \
       # Postfix related commands
     && usermod -a -G vmail postfix \
-    && mkdir -p /ssl/postfix \
+    && mkdir -p /certs/postfix \
     && ln -s /etc/dovecot/dovecot-ldap.conf.ext /etc/dovecot/dovecot-ldap-userdb.conf.ext \
       # ensure postfix related scripts are executable
     && chmod +x /bin/postfix.sh \
@@ -133,7 +133,7 @@ RUN chmod +x /docker-entrypoint.sh \
         
 
 # Setup data volumes
-VOLUME /srv/mail /ssl /var/spool/spamassassin /backup /var/log
+VOLUME /srv/mail /certs /var/spool/spamassassin /backup /var/log
 
 # Configure postfix
 RUN postconf -e "maillog_file=/var/log/postfix.log" \
@@ -174,8 +174,8 @@ RUN postconf -e "maillog_file=/var/log/postfix.log" \
   # check quota before delivery
   && postconf -e "smtpd_recipient_restrictions=check_policy_service=inet:localhost:12340" \
   # set tls settings
-  && postconf -e "smtpd_tls_cert_file=/ssl/postfix/cert.pem" \
-  && postconf -e "smtpd_tls_key_file=/ssl/postfix/key.pem" \
+  && postconf -e "smtpd_tls_cert_file=/certs/postfix/cert.pem" \
+  && postconf -e "smtpd_tls_key_file=/certs/postfix/key.pem" \
   && postconf -e "smtpd_helo_required = yes" \
   && postconf -e "smtpd_delay_reject = yes" \
   && postconf -e "disable_vrfy_command = yes" \

include/docker-entrypoint.sh

@@ -39,19 +39,19 @@ if [ "$1" == "setup" ]; then
 postconf -e "myhostname = $(`echo hostname -f`)"
 
 
-    if [ ! -f /ssl/dovecot/key.pem ]; then
+    if [ ! -f /certs/dovecot/key.pem ]; then
 
         echo "[WARNING] Creating Self-signed TLS Cert. Consider using letsencrypt or another trusted CA"
 
-        openssl req  -nodes -new -x509 -keyout /ssl/dovecot/key.pem -out /ssl/dovecot/cert.pem -subj '/CN=localhost'
+        openssl req  -nodes -new -x509 -keyout /certs/dovecot/key.pem -out /certs/dovecot/cert.pem -subj '/CN=localhost'
 
     fi
 
-    if [ ! -f /ssl/dovecot/dh.pem ]; then
+    if [ ! -f /certs/dovecot/dh.pem ]; then
 
         echo "[Information] Creating DHPEM Key"
 
-        openssl dhparam -out /ssl/dovecot/dh.pem 4096
+        openssl dhparam -out /certs/dovecot/dh.pem 4096
 
     fi
 
@@ -68,11 +68,11 @@ postconf -e "myhostname = $(`echo hostname -f`)"
     sed -i -r -e 's/^\$manpage_directory/#$manpage_directory/' /etc/postfix/postfix-files.d/*
 
 
-    if [ ! -f /ssl/postfix/key.pem ]; then
+    if [ ! -f /certs/postfix/key.pem ]; then
 
         echo "[WARNING] Creating Self-signed TLS Cert. Consider using letsencrypt or another trusted CA"
 
-        openssl req  -nodes -new -x509 -keyout /ssl/postfix/key.pem -out /ssl/postfix/cert.pem -subj '/CN=localhost'
+        openssl req  -nodes -new -x509 -keyout /certs/postfix/key.pem -out /certs/postfix/cert.pem -subj '/CN=localhost'
 
     fi
 

include/etc/dovecot/conf.d/10-ssl.conf

@@ -11,7 +11,7 @@ ssl_prefer_server_ciphers = yes
 
 ssl_client_ca_dir = /etc/ssl/certs
 
-ssl_dh = </ssl/dovecot/dh.pem
-ssl_cert = </ssl/dovecot/cert.pem
-ssl_key = </ssl/dovecot/key.pem
+ssl_dh = </certs/dovecot/dh.pem
+ssl_cert = </certs/dovecot/cert.pem
+ssl_key = </certs/dovecot/key.pem