Add proper Dockerfile

.dockerignore

@@ -0,0 +1,14 @@
+.DS_Store
+*.sw*
+*.log
+.idea
+node_modules
+coverage
+.nyc_output
+dkim-public.key
+dkim-private.key
+mx1.forwardemail.net.ca
+mx1.forwardemail.net.cert
+mx1.forwardemail.net.csr
+mx1.forwardemail.net.key
+package-lock.json

.gitignore

@@ -1,5 +1,6 @@
 .DS_Store
 *.log
+*.sw*
 .idea
 node_modules
 coverage

Dockerfile

@@ -0,0 +1,45 @@
+FROM node:10-stretch
+
+WORKDIR /app
+
+RUN \
+  apt-get -y update && \
+  apt-get -y upgrade && \
+  apt-get install -y software-properties-common redis-server spamassassin spamc python openssl python-pip curl && \
+  pip install pyspf pydns ipaddr dkimpy pynacl authres dnspython pydns
+
+RUN \
+  openssl genrsa -out dkim-private.key 1024 && \
+  openssl rsa -in dkim-private.key -pubout -out dkim-public.key && \
+  echo "Add this to your DNS zonefile:" && \
+  sed '3,3!d' dkim-public.key | sed ':a;N;$!ba;s/\n//g' | xargs -I{} echo "default._domainkey 14400 IN TXT \"v=DKIM1; k=rsa; p={}\"" | tee DKIM-TXT-record
+
+COPY package.json yarn.lock /app/
+RUN yarn
+
+COPY * /app/
+
+EXPOSE 25
+
+ENV IP_ADDRESS ""
+ENV EXCHANGES ""
+ENV SECURE "false"
+ENV SSL_KEY ""
+ENV SSL_KEY_FILE ""
+ENV SSL_CERT ""
+ENV SSL_CERT_FILE ""
+ENV SSL_CA ""
+ENV SSL_CA_FILE ""
+ENV DKIM_PRIVATE_KEY ""
+ENV DKIM_KEY_SELECTOR "default"
+ENV DKIM_PRIVATE_KEY_FILE /app/dkim-private.key
+
+CMD \
+  /usr/sbin/spamd -d --pidfile=/var/run/spamd.pid && \
+  /usr/bin/redis-server /etc/redis/redis.conf && \
+  /app/index.js
+
+#docker run --network host --hostname <yourdomain.com> --name <container name> -d forward-email:latest
+
+# Add the following line to your DNS zonefile:
+#docker exec <container name> cat /app/DKIM-TXT-record

README.md

@@ -326,6 +326,19 @@ You'll also need the following dependencies installed:
 
 * Nameservers - we highly recommend you set your server's nameservers to `1.1.1.1` (see ["How do you perform DNS lookups on domain names"](#how-do-you-perform-dns-lookups-on-domain-names) below and here is a [Digital Ocean guide][do-guide])
 
+### Docker deployment
+
+Instead of installing the server and all its dependencies manually on a server,
+you can use [Docker](https://docker.com).
+
+Clone this repo, then:
+
+```bash
+docker build -t forward-email:latest .
+docker run --network host --hostname <yourdomain.com> --name <container name> -d forward-email:latest
+```
+
+Then, you'll need to add the DKIM public key that was generated for you as a TXT record to your zonefile. Run ```docker exec <container name> cat /app/DKIM-TXT-record``` to print it out.
 
 ## Programmatic Usage
 

index.js

@@ -1,3 +1,5 @@
+#!/usr/bin/env node
+
 const crypto = require('crypto');
 const dns = require('dns');
 const fs = require('fs');
@@ -466,7 +468,7 @@ class ForwardEmail {
 
         // get the fully qualified domain name ("FQDN") of this server
         const ipAddress =
-          process.env.NODE_ENV === 'test' ? '178.128.149.101' : ip.address();
+          process.env.NODE_ENV === 'test' ? '178.128.149.101' : (this.config.ipAddress || ip.address());
         const name =
           process.env.NODE_ENV === 'test'
             ? 'mx1.forwardemail.net'
@@ -1115,25 +1117,35 @@ class ForwardEmail {
 }
 
 if (!module.parent) {
+  const hostname = process.env.HOSTNAME || 'forwardemail.net';
+  const defaultDeployment = hostname === 'forwardemail.net';
+
   const config = {
-    noReply: '[email protected]',
-    exchanges: ['mx1.forwardemail.net', 'mx2.forwardemail.net'],
+    noReply: `no-reply@${hostname}`,
+    exchanges: process.env.EXCHANGES
+      ? process.env.EXCHANGES.split(',')
+      : (defaultDeployment ?  ['mx1.forwardemail.net', 'mx2.forwardemail.net'] : [hostname]),
     ssl: {},
-    dkim: {}
+    dkim: {},
+    ipAddress: process.env.IP_ADDRESS || undefined,
   };
 
-  if (process.env.NODE_ENV === 'production') {
-    // needsUpgrade = true;
+  const readKey = (key, keyFile) => key || (keyFile && fs.readFileSync(keyFile, 'utf8')) || undefined;
+
+  if (process.env.SECURE === 'true') {
     config.ssl = {
-      secure: process.env.SECURE === 'true',
-      key: fs.readFileSync('/home/deploy/mx1.forwardemail.net.key', 'utf8'),
-      cert: fs.readFileSync('/home/deploy/mx1.forwardemail.net.cert', 'utf8'),
-      ca: fs.readFileSync('/home/deploy/mx1.forwardemail.net.ca', 'utf8')
+      secure: true,
+      key: readKey(process.env.SSL_KEY, process.env.SSL_KEY_FILE || '/home/deploy/mx1.forwardemail.net.key'),
+      cert: readKey(process.env.SSL_CERT, process.env.SSL_CERT_FILE || '/home/deploy/mx1.forwardemail.net.cert'),
+      ca: readKey(process.env.SSL_CA, process.env.SSL_CA_FILE || '/home/deploy/mx1.forwardemail.net.ca'),
     };
+  }
+
+  if (process.env.DKIM_PRIVATE_KEY || process.env.DKIM_PRIVATE_KEY_FILE || (defaultDeployment && process.env.NODE_ENV === 'production')) {
     config.dkim = {
-      domainName: 'forwardemail.net',
-      keySelector: 'default',
-      privateKey: fs.readFileSync('/home/deploy/dkim-private.key', 'utf8'),
+      domainName: hostname,
+      keySelector: process.env.DKIM_KEY_SELECTOR || 'default',
+      privateKey: readKey(process.env.DKIM_PRIVATE_KEY, process.env.DKIM_PRIVATE_KEY_FILE || '/home/deploy/dkim-private.key'),
       cacheDir: os.tmpdir()
     };
   }