From 1e26049110eeda51fd36fee9361bb91ea382cc38 Mon Sep 17 00:00:00 2001 From: hoyohayo Date: Sat, 7 Oct 2023 14:24:09 +0200 Subject: [PATCH 1/2] Update procedure of selfhosting --- README.md | 41 ++++++++++++++++++++++++----------------- 1 file changed, 24 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index a49ac5de3..4d251a3d6 100644 --- a/README.md +++ b/README.md @@ -74,9 +74,10 @@ Setting up DKIM is highly recommended to reduce the chance your emails ending up First you need to generate a private and public key for DKIM: ```bash -openssl genrsa -out dkim.key 1024 +openssl genrsa -traditional -out dkim.key 1024 openssl rsa -in dkim.key -pubout -out dkim.pub.key ``` +Note: the `-traditional` flag is only needed if using an openssl version > 3. You will need the files `dkim.key` and `dkim.pub.key` for the next steps. @@ -240,7 +241,7 @@ docker run -d \ -v $(pwd)/sl/db:/var/lib/postgresql/data \ --restart always \ --network="sl-network" \ - postgres:12.1 + postgres:13 ``` To test whether the database operates correctly or not, run the following command: @@ -299,9 +300,9 @@ mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.0.0.0/24 # Set your domain here mydestination = -myhostname = app.mydomain.com -mydomain = mydomain.com -myorigin = mydomain.com +myhostname = sl.example.com +mydomain = example.com +myorigin = example.com relay_domains = pgsql:/etc/postfix/pgsql-relay-domains.cf transport_maps = pgsql:/etc/postfix/pgsql-transport-maps.cf @@ -329,8 +330,8 @@ smtpd_recipient_restrictions = reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, - reject_rbl_client zen.spamhaus.org, - reject_rbl_client bl.spamcop.net, + reject_rbl_client zen.spamhaus.org=127.0.0.[2..11], + reject_rbl_client bl.spamcop.net=127.0.0.2, permit ``` @@ -351,7 +352,8 @@ password = mypassword dbname = simplelogin query = SELECT domain FROM custom_domain WHERE domain='%s' AND verified=true - UNION SELECT '%s' WHERE '%s' = 'mydomain.com' LIMIT 1; + UNION SELECT domain FROM public_domain WHERE domain='%s' + UNION SELECT '%s' WHERE '%s' = 'example.com' LIMIT 1; ``` Create the `/etc/postfix/pgsql-transport-maps.cf` file with the following content. @@ -366,7 +368,8 @@ dbname = simplelogin # forward to smtp:127.0.0.1:20381 for custom domain AND email domain query = SELECT 'smtp:127.0.0.1:20381' FROM custom_domain WHERE domain = '%s' AND verified=true - UNION SELECT 'smtp:127.0.0.1:20381' WHERE '%s' = 'mydomain.com' LIMIT 1; + UNION SELECT 'smtp:127.0.0.1:20381' FROM public_domain WHERE domain = '%s' + UNION SELECT 'smtp:127.0.0.1:20381' WHERE '%s' = 'example.com' LIMIT 1; ``` Finally, restart Postfix @@ -380,7 +383,7 @@ sudo systemctl restart postfix To run SimpleLogin, you need a config file at `$(pwd)/simplelogin.env`. Below is an example that you can use right away, make sure to - replace `mydomain.com` by your domain, -- set `FLASK_SECRET` to a secret string, +- set `FLASK_SECRET` to a secret string (e.g. generated by pwgen `pwgen -B -s -y 64 -N 1`), - update 'myuser' and 'mypassword' with your database credentials used in previous step. All possible parameters can be found in [config example](example.env). Some are optional and are commented out by default. @@ -418,6 +421,12 @@ LOCAL_FILE_UPLOAD=1 POSTFIX_SERVER=10.0.0.1 ``` +Now it is time to build the latest docker. Replace the tag by latest version released (as of writing 4.35.2). +```bash +docker build https://github.com/simple-login/app.git -t simplelogin/app:tag +``` + +This command could take a while to build the `simplelogin/app` docker image. Before running the webapp, you need to prepare the database by running the migration: @@ -430,11 +439,9 @@ docker run --rm \ -v $(pwd)/dkim.pub.key:/dkim.pub.key \ -v $(pwd)/simplelogin.env:/code/.env \ --network="sl-network" \ - simplelogin/app:3.4.0 flask db upgrade + simplelogin/app:4.35.2 alembic upgrade head ``` -This command could take a while to download the `simplelogin/app` docker image. - Init data ```bash @@ -445,7 +452,7 @@ docker run --rm \ -v $(pwd)/dkim.key:/dkim.key \ -v $(pwd)/dkim.pub.key:/dkim.pub.key \ --network="sl-network" \ - simplelogin/app:3.4.0 python init_app.py + simplelogin/app:4.35.2 python init_app.py ``` Now, it's time to run the `webapp` container! @@ -461,7 +468,7 @@ docker run -d \ -p 127.0.0.1:7777:7777 \ --restart always \ --network="sl-network" \ - simplelogin/app:3.4.0 + simplelogin/app:4.35.2 ``` Next run the `email handler` @@ -477,7 +484,7 @@ docker run -d \ -p 127.0.0.1:20381:20381 \ --restart always \ --network="sl-network" \ - simplelogin/app:3.4.0 python email_handler.py + simplelogin/app:4.35.2 python email_handler.py ``` And finally the `job runner` @@ -492,7 +499,7 @@ docker run -d \ -v $(pwd)/dkim.pub.key:/dkim.pub.key \ --restart always \ --network="sl-network" \ - simplelogin/app:3.4.0 python job_runner.py + simplelogin/app:4.35.2 python job_runner.py ``` ### Nginx From e8c67a1b44edacc6c251ec57eff9193979c679b6 Mon Sep 17 00:00:00 2001 From: HoyoHayo <36436027+hoyohayo@users.noreply.github.com> Date: Sat, 7 Oct 2023 14:27:52 +0200 Subject: [PATCH 2/2] Update README.md --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 4d251a3d6..1e4ba562f 100644 --- a/README.md +++ b/README.md @@ -300,9 +300,9 @@ mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.0.0.0/24 # Set your domain here mydestination = -myhostname = sl.example.com -mydomain = example.com -myorigin = example.com +myhostname = app.mydomain.com +mydomain = mydomain.com +myorigin = mydomain.com relay_domains = pgsql:/etc/postfix/pgsql-relay-domains.cf transport_maps = pgsql:/etc/postfix/pgsql-transport-maps.cf