diff --git a/community-containers/caddy/readme.md b/community-containers/caddy/readme.md index b1767210..c26b39a5 100644 --- a/community-containers/caddy/readme.md +++ b/community-containers/caddy/readme.md @@ -1,10 +1,11 @@ ## Caddy with geoblocking -This container bundles caddy and auto-configures it for you. It also covers https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden by listening on `bw.$NC_DOMAIN`, if installed. +This container bundles caddy and auto-configures it for you. It also covers https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden by listening on `bw.$NC_DOMAIN`, if installed. It also covers https://github.com/nextcloud/all-in-one/tree/main/community-containers/stalwart by listening on `mail.$NC_DOMAIN`, if installed. ### Notes - This container is incompatible with the [npmplus](https://github.com/nextcloud/all-in-one/tree/main/community-containers/npmplus) community container. So make sure that you do not enable both at the same time! - Make sure that no other service is using port 443 on your host as otherwise the containers will fail to start. You can check this with `sudo netstat -tulpn | grep 443` before installing AIO. - If you want to use this with https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden, make sure that you point `bw.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for vaultwarden. +- If you want to use this with https://github.com/nextcloud/all-in-one/tree/main/community-containers/stalwart, make sure that you point `mail.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for stalwart. - After the container was started the first time, you should see a new `nextcloud-aio-caddy` folder and inside there an `allowed-countries.txt` file when you open the files app with the default `admin` user. In there you can adjust the allowed country codes for caddy by adding them to the first line, e.g. `IT FR` would allow access from italy and france. Private ip-ranges are always allowed. Additionally, in order to activate this config, you need to get an account at https://dev.maxmind.com/geoip/geolite2-free-geolocation-data and download the `GeoLite2-Country.mmdb` and upload it with this exact name into the `nextcloud-aio-caddy` folder. Afterwards restart all containers from the AIO interface and your new config should be active! - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack diff --git a/community-containers/stalwart/readme.md b/community-containers/stalwart/readme.md new file mode 100644 index 00000000..034d8fb1 --- /dev/null +++ b/community-containers/stalwart/readme.md @@ -0,0 +1,17 @@ +## Stalwart mail server +This container bundles stalwart mail server and auto-configures it for you. + +### Notes +- This is only intended to run on a VPS with static ip-address. +- Check with `sudo netstat -tulpn` that no other service is using port 25, 143, 465, 578, 993 nor 4190 yet as otherwise the container will fail to start. +- You need to configure a reverse proxy in order to run this container since stalwart needs a dedicated (sub)domain! For that, you might have a look at https://github.com/nextcloud/all-in-one/tree/main/community-containers/caddy. +- Currently, only `mail.$NC_DOMAIN` is supported as subdomain! So if Nextcloud is using `your-domain.com`, vaultwarden will use `mail.your-domain.com`. +- The data of Stalwart will be automatically included in AIOs backup solution! +- After adding and starting the container, you need to run `sudo docker exec -it nextcloud-aio-stalwart configure.sh` and follow https://stalw.art/docs/install/docker/#choose-where-to-store-your-data (1. choose `Local disk`, 2. choose `No, create a new directory for me`, 3. type in your `$NC_DOMAIN` as `domain name` and `mail.$NC_DOMAIN` as `server hostname`. 4. add `DKIM, SPF and DMARC` as advised, 5. Take note of the administrator credentials, 6. skip https://stalw.art/docs/install/docker/#add-your-tls-certificate as this is done automatically for you, 7. Review the configuration file, 8. run `sudo docker restart nextcloud-aio-stalwart` in order restart the container and enable the config). +- See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack + +### Repository +https://github.com/marcoambrosini/aio-stalwart + +### Maintainer +https://github.com/marcoambrosini diff --git a/community-containers/stalwart/stalwart.json b/community-containers/stalwart/stalwart.json new file mode 100644 index 00000000..9da8e12e --- /dev/null +++ b/community-containers/stalwart/stalwart.json @@ -0,0 +1,64 @@ +{ + "aio_services_v1": [ + { + "container_name": "nextcloud-aio-stalwart", + "display_name": "Stalwart", + "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/stalwart", + "image": "marcoambrosini/aio-stalwart", + "image_tag": "v1", + "internal_port": "587", + "restart": "unless-stopped", + "ports": [ + { + "ip_binding": "", + "port_number": "25", + "protocol": "tcp" + }, + { + "ip_binding": "", + "port_number": "143", + "protocol": "tcp" + }, + { + "ip_binding": "", + "port_number": "465", + "protocol": "tcp" + }, + { + "ip_binding": "", + "port_number": "587", + "protocol": "tcp" + }, + { + "ip_binding": "", + "port_number": "993", + "protocol": "tcp" + }, + { + "ip_binding": "", + "port_number": "4190", + "protocol": "tcp" + } + ], + "environment": [ + "TZ=%TIMEZONE%", + "NC_DOMAIN=%NC_DOMAIN" + ], + "volumes": [ + { + "source": "nextcloud_aio_stalwart", + "destination": "/opt/stalwart-mail", + "writeable": true + }, + { + "source": "nextcloud_aio_caddy", + "destination": "/caddy", + "writeable": false + } + ], + "backup_volumes": [ + "nextcloud_aio_stalwart" + ] + } + ] +}