Git Product home page Git Product logo

Comments (5)

AviiNL avatar AviiNL commented on August 22, 2024 1

Looking at Traefik, that is an amazing piece of software, it looks like I can specify custom certs via that, I'll try that route so I can still leverage the awesomeness of Traefik :)

from wildduck-dockerized.

louis-lau avatar louis-lau commented on August 22, 2024

Heya,

For wildduck you can set them here:
https://github.com/nodemailer/wildduck/blob/master/config/tls.toml

Haraka and zonemta have similar config lines.

However, wildduck-dockerized uses traefik to automatically fetch certificates for you from let's encrypt. There's no need to manually mess with certificates.

from wildduck-dockerized.

AviiNL avatar AviiNL commented on August 22, 2024

If I specify a path on my host system in tls.toml, it won't be available inside the container, how am I supposed to map this?

Also due to the fact that I'm behind a bunch of proxies, I am unable to use automated letsencrypt stuff inside my vms.
My proxy server creates certificates and shares them via a shared vmdk to all the other vms that require certs.

from wildduck-dockerized.

louis-lau avatar louis-lau commented on August 22, 2024

That's more of a docker question! Specify bindmounts in your docker-compose file to make files from your host system available inside containers:
https://docs.docker.com/storage/bind-mounts/
https://docs.docker.com/compose/compose-file/compose-file-v3/#volumes

I am unable to use automated letsencrypt stuff inside my vms.

Fair enough. In that case you can remove Traefik and all the traefik labels from your docker-compose and expose the ports directly. These are the ports Traefik exposes:

      - 80:80/tcp   <- redirect to https
      - 443:443/tcp <- wildduck-webmail (port 80 on the wildduck-webmail container itself)
      - 993:993/tcp <- wildduck IMAPS
      - 995:995/tcp <- wildduck POP3S
      - 465:465/tcp <- zonemta SMTPS

Docker experience would be good for a custom setup. Given you currently don't know how to expose files from the host system inside your containers, I'd recommend first learning more about docker 😁

from wildduck-dockerized.

louis-lau avatar louis-lau commented on August 22, 2024

Oh, and in the default config TLS is disabled in all applications, because Traefik handles it. Aside from specifying the certificates you'll also have to enable it. For example in wildduck for imap:
https://github.com/nodemailer/wildduck-dockerized/blob/master/default-config/wildduck/imap.toml#L3-L8

from wildduck-dockerized.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.