-
Notifications
You must be signed in to change notification settings - Fork 181
Conversation
index.js
Outdated
cert: fs.readFileSync('/home/deploy/mx1.forwardemail.net.cert', 'utf8'), | ||
ca: fs.readFileSync('/home/deploy/mx1.forwardemail.net.ca', 'utf8') | ||
secure: true, | ||
key: fs.readFileSync(process.env.SSL_KEY || '/home/deploy/mx1.forwardemail.net.key', 'utf8'), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shouldn't this be...
key: process.env.SSL_KEY || fs.readFileSync('/home/deploy/mx1.forwardemail.net.key', 'utf8'),
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess it depends wether you want to provide it in an env var directly or read it from a file. I think both options are valid. Maybe I should add both. (SSL_KEY and SSK_KEY_FILE)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
And that way, it will also be easier to add the keys from Docker. You just specify them as env vars when running docker run
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed
I have updated the configuration to support a dotenv configuration. See The DKIM_PRIVATE_KEY_PATH=/home/deploy/.dkim.key
SMTP_SSL_KEY_PATH=/home/deploy/certbot/config/live/mx1.forwardemail.net/privkey.pem
SMTP_SSL_CERT_PATH=/home/deploy/certbot/config/live/mx1.forwardemail.net/fullchain.pem
SMTP_EXCHANGE_DOMAINS=mx1.forwardemail.net,mx2.forwardemail.net
CERTBOT_WELL_KNOWN_NAME=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
CERTBOT_WELL_KNOWN_CONTENTS=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX |
The Dockerfile that @UnoSD posted had a number of issues (like using an ancient version of node and reading the dkim key from the wrong path). I cleaned it up.
Additionally, I added some more configurability in
index.js
via environment variables. Currently, most of the stuff in the init section at the end was hardcoded for theforwardemail.net
domain. I tried to keep it backwards compatible, so as not to break your deployment, but I honestly think a few things, like the paths to the keys should live outside of the repo, in the pm2 environment, as they are deployment-specific.I also added an IP_ADDRESS environment variable to make this work from behind a NAT.
Stuff that the Dockerfile still can't do properly:
Fixes #111