Skip to content
This repository has been archived by the owner on Dec 12, 2024. It is now read-only.

Add proper Dockerfile #170

Closed
wants to merge 6 commits into from
Closed

Conversation

dapetcu21
Copy link

@dapetcu21 dapetcu21 commented Sep 19, 2019

The Dockerfile that @UnoSD posted had a number of issues (like using an ancient version of node and reading the dkim key from the wrong path). I cleaned it up.

Additionally, I added some more configurability in index.js via environment variables. Currently, most of the stuff in the init section at the end was hardcoded for the forwardemail.net domain. I tried to keep it backwards compatible, so as not to break your deployment, but I honestly think a few things, like the paths to the keys should live outside of the repo, in the pm2 environment, as they are deployment-specific.

I also added an IP_ADDRESS environment variable to make this work from behind a NAT.

Stuff that the Dockerfile still can't do properly:

  • SpamAssassin calls time out (I'll dig a bit further into this)
  • SSL (shouldn't be hard to add, if anyone needs it)

Fixes #111

index.js Outdated
cert: fs.readFileSync('/home/deploy/mx1.forwardemail.net.cert', 'utf8'),
ca: fs.readFileSync('/home/deploy/mx1.forwardemail.net.ca', 'utf8')
secure: true,
key: fs.readFileSync(process.env.SSL_KEY || '/home/deploy/mx1.forwardemail.net.key', 'utf8'),

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this be...

key: process.env.SSL_KEY || fs.readFileSync('/home/deploy/mx1.forwardemail.net.key', 'utf8'),

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess it depends wether you want to provide it in an env var directly or read it from a file. I think both options are valid. Maybe I should add both. (SSL_KEY and SSK_KEY_FILE)

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And that way, it will also be easier to add the keys from Docker. You just specify them as env vars when running docker run.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

@niftylettuce
Copy link
Collaborator

I have updated the configuration to support a dotenv configuration.

See .env.schema, .env.defaults, and you can add a .env of your own with overrides. My local .env file has just one property needed of DKIM_PRIVATE_KEY_PATH, however you will need others to override defaults specified in .env.defaults. This makes using this package much easier for you I would think. There is also a new app.js and proxy.jsfile which should help you with graceful reloading, pm2 deployment, and certbot. See the updatedecosystem.json` file as well. If you wish to submit a new PR with a Dockerfile considering all this, I would gladly accept immediately.

The mx1.forwardemail.net and mx2.forwardemail.net servers contain a .env file that looks like this, if it is helpful as a resource for you for production:

DKIM_PRIVATE_KEY_PATH=/home/deploy/.dkim.key
SMTP_SSL_KEY_PATH=/home/deploy/certbot/config/live/mx1.forwardemail.net/privkey.pem
SMTP_SSL_CERT_PATH=/home/deploy/certbot/config/live/mx1.forwardemail.net/fullchain.pem
SMTP_EXCHANGE_DOMAINS=mx1.forwardemail.net,mx2.forwardemail.net
CERTBOT_WELL_KNOWN_NAME=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
CERTBOT_WELL_KNOWN_CONTENTS=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[docs] self-hosting + Docker guide
3 participants