diff options
| author | Malfurious <m@lfurio.us> | 2024-06-08 14:55:47 -0400 |
|---|---|---|
| committer | Malfurious <m@lfurio.us> | 2024-06-09 14:16:42 -0400 |
| commit | f70fb0720d2a643905ba8263253b16b973f6bc36 (patch) | |
| tree | 27c057db3858b8d4f0c3c730dab905fd4b1efb0e /Dockerfile | |
| parent | 26dab860bd733e4f110fc837e1f3d8c682248502 (diff) | |
| download | mailnode-f70fb0720d2a643905ba8263253b16b973f6bc36.tar.gz mailnode-f70fb0720d2a643905ba8263253b16b973f6bc36.zip | |
Create docker image and services
As hinted by the previous commit, the mailnode system is built in a
single docker image for simplicity. Defining multiple Dockerfiles would
lead to many redundant tasks and be harder to maintain. So a common
image for all services is built.
However, the compose file spawns a unique container for each service,
and communication occurs via the filesystem, through volumes. Note also
that some fields in docker-compose.yml are required to be set by the
end-user.
The mail system is oriented around virtual users, so that nobody needs
their own unix system account. However, best security practice is to
create a dedicated user to own the mails - this user shouldn't be used
for any other purpose. For this, the Dockerfile creates the user
"vmailbox".
The reason for declaring port exposure for TCP/80 is to enable automated
TLS encryption with nginx-proxy-acme. This port is not actually opened
by the compose file.
Signed-off-by: Malfurious <m@lfurio.us>
Diffstat (limited to 'Dockerfile')
| -rw-r--r-- | Dockerfile | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..7eafaf1 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,42 @@ +FROM debian + +ARG HOSTNAME +ARG VIRTUAL_DOMAINS +ENV DEBIAN_FRONTEND=noninteractive + +# Create system users with fixed, well-known UID/GIDs +RUN useradd \ + --uid 2000 --system \ + --shell /usr/sbin/nologin \ + --home-dir /var/mail/vhost \ + --skel /dev/null --create-home \ + vmailbox + +RUN useradd \ + --uid 2001 --system \ + --shell /usr/sbin/nologin \ + --home-dir /var/spool/postfix \ + postfix + +# Install packages +RUN apt update \ + && apt full-upgrade --yes \ + && apt install --yes \ + dovecot-core \ + dovecot-imapd \ + postfix \ + && apt clean + +# Install files +COPY dovecot /etc/dovecot/ +COPY postfix /etc/postfix/ +COPY userconfig /etc/userconfig/ + +RUN find /etc/dovecot /etc/postfix -type f | xargs sed -i \ + "s/ENV_HOSTNAME/${HOSTNAME}/g; s/ENV_VIRTUAL_DOMAINS/${VIRTUAL_DOMAINS}/g" + +EXPOSE 25 +EXPOSE 80 +EXPOSE 465 +EXPOSE 993 +# CMD set by docker-compose.yml |