eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-12-22 07:26:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

Merge pull request #3866 from nextcloud/enh/356/mail-server

Browse source 
community containers - add stalwart
This commit is contained in:
Simon L 2023-12-04 11:45:26 +01:00 committed by GitHub
commit 87d3f371c1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 83 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
community-containers/caddy/readme.md
View file

@ -1,10 +1,11 @@
## Caddy with geoblocking ## Caddy with geoblocking
This container bundles caddy and auto-configures it for you. It also covers https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden by listening on `bw.$NC_DOMAIN`, if installed. This container bundles caddy and auto-configures it for you. It also covers https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden by listening on `bw.$NC_DOMAIN`, if installed. It also covers https://github.com/nextcloud/all-in-one/tree/main/community-containers/stalwart by listening on `mail.$NC_DOMAIN`, if installed.
### Notes ### Notes
- This container is incompatible with the [npmplus](https://github.com/nextcloud/all-in-one/tree/main/community-containers/npmplus) community container. So make sure that you do not enable both at the same time! - This container is incompatible with the [npmplus](https://github.com/nextcloud/all-in-one/tree/main/community-containers/npmplus) community container. So make sure that you do not enable both at the same time!
- Make sure that no other service is using port 443 on your host as otherwise the containers will fail to start. You can check this with `sudo netstat -tulpn | grep 443` before installing AIO. - Make sure that no other service is using port 443 on your host as otherwise the containers will fail to start. You can check this with `sudo netstat -tulpn | grep 443` before installing AIO.
- If you want to use this with https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden, make sure that you point `bw.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for vaultwarden. - If you want to use this with https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden, make sure that you point `bw.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for vaultwarden.
- If you want to use this with https://github.com/nextcloud/all-in-one/tree/main/community-containers/stalwart, make sure that you point `mail.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for stalwart.
- After the container was started the first time, you should see a new `nextcloud-aio-caddy` folder and inside there an `allowed-countries.txt` file when you open the files app with the default `admin` user. In there you can adjust the allowed country codes for caddy by adding them to the first line, e.g. `IT FR` would allow access from italy and france. Private ip-ranges are always allowed. Additionally, in order to activate this config, you need to get an account at https://dev.maxmind.com/geoip/geolite2-free-geolocation-data and download the `GeoLite2-Country.mmdb` and upload it with this exact name into the `nextcloud-aio-caddy` folder. Afterwards restart all containers from the AIO interface and your new config should be active! - After the container was started the first time, you should see a new `nextcloud-aio-caddy` folder and inside there an `allowed-countries.txt` file when you open the files app with the default `admin` user. In there you can adjust the allowed country codes for caddy by adding them to the first line, e.g. `IT FR` would allow access from italy and france. Private ip-ranges are always allowed. Additionally, in order to activate this config, you need to get an account at https://dev.maxmind.com/geoip/geolite2-free-geolocation-data and download the `GeoLite2-Country.mmdb` and upload it with this exact name into the `nextcloud-aio-caddy` folder. Afterwards restart all containers from the AIO interface and your new config should be active!
- See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack

17
community-containers/stalwart/readme.md Normal file
View file

@ -0,0 +1,17 @@
## Stalwart mail server
This container bundles stalwart mail server and auto-configures it for you.
### Notes
- This is only intended to run on a VPS with static ip-address.
- Check with `sudo netstat -tulpn` that no other service is using port 25, 143, 465, 578, 993 nor 4190 yet as otherwise the container will fail to start.
- You need to configure a reverse proxy in order to run this container since stalwart needs a dedicated (sub)domain! For that, you might have a look at https://github.com/nextcloud/all-in-one/tree/main/community-containers/caddy.
- Currently, only `mail.$NC_DOMAIN` is supported as subdomain! So if Nextcloud is using `your-domain.com`, vaultwarden will use `mail.your-domain.com`.
- The data of Stalwart will be automatically included in AIOs backup solution!
- After adding and starting the container, you need to run `sudo docker exec -it nextcloud-aio-stalwart configure.sh` and follow https://stalw.art/docs/install/docker/#choose-where-to-store-your-data (1. choose `Local disk`, 2. choose `No, create a new directory for me`, 3. type in your `$NC_DOMAIN` as `domain name` and `mail.$NC_DOMAIN` as `server hostname`. 4. add `DKIM, SPF and DMARC` as advised, 5. Take note of the administrator credentials, 6. skip https://stalw.art/docs/install/docker/#add-your-tls-certificate as this is done automatically for you, 7. Review the configuration file, 8. run `sudo docker restart nextcloud-aio-stalwart` in order restart the container and enable the config).
- See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack
### Repository
https://github.com/marcoambrosini/aio-stalwart
### Maintainer
https://github.com/marcoambrosini

64
community-containers/stalwart/stalwart.json Normal file
View file

@ -0,0 +1,64 @@
{
"aio_services_v1": [
{
"container_name": "nextcloud-aio-stalwart",
"display_name": "Stalwart",
"documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/stalwart",
"image": "marcoambrosini/aio-stalwart",
"image_tag": "v1",
"internal_port": "587",
"restart": "unless-stopped",
"ports": [
{
"ip_binding": "",
"port_number": "25",
"protocol": "tcp"
},
{
"ip_binding": "",
"port_number": "143",
"protocol": "tcp"
},
{
"ip_binding": "",
"port_number": "465",
"protocol": "tcp"
},
{
"ip_binding": "",
"port_number": "587",
"protocol": "tcp"
},
{
"ip_binding": "",
"port_number": "993",
"protocol": "tcp"
},
{
"ip_binding": "",
"port_number": "4190",
"protocol": "tcp"
}
],
"environment": [
"TZ=%TIMEZONE%",
"NC_DOMAIN=%NC_DOMAIN"
],
"volumes": [
{
"source": "nextcloud_aio_stalwart",
"destination": "/opt/stalwart-mail",
"writeable": true
},
{
"source": "nextcloud_aio_caddy",
"destination": "/caddy",
"writeable": false
}
],
"backup_volumes": [
"nextcloud_aio_stalwart"
]
}
]
}