Skip to content

Commit

Permalink
community containers - add stalwart
Browse files Browse the repository at this point in the history 
Signed-off-by: Simon L <[email protected]>
  • Loading branch information
@szaimen
szaimen committed Dec 4, 2023
1 parent c228e38 commit 14f42e0
Show file tree
Hide file tree
Showing 3 changed files with 82 additions and 1 deletion.
3 changes: 2 additions & 1 deletion community-containers/caddy/readme.md
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,11 @@
## Caddy with geoblocking
This container bundles caddy and auto-configures it for you. It also covers https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden by listening on `bw.$NC_DOMAIN`, if installed.
This container bundles caddy and auto-configures it for you. It also covers https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden by listening on `bw.$NC_DOMAIN`, if installed. It also covers https://github.com/nextcloud/all-in-one/tree/main/community-containers/stalwart by listening on `mail.$NC_DOMAIN`, if installed.

### Notes
- This container is incompatible with the [npmplus](https://github.com/nextcloud/all-in-one/tree/main/community-containers/npmplus) community container. So make sure that you do not enable both at the same time!
- Make sure that no other service is using port 443 on your host as otherwise the containers will fail to start. You can check this with `sudo netstat -tulpn | grep 443` before installing AIO.
- If you want to use this with https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden, make sure that you point `bw.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for vaultwarden.
- If you want to use this with https://github.com/nextcloud/all-in-one/tree/main/community-containers/stalwart, make sure that you point `mail.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for stalwart.
- After the container was started the first time, you should see a new `nextcloud-aio-caddy` folder and inside there an `allowed-countries.txt` file when you open the files app with the default `admin` user. In there you can adjust the allowed country codes for caddy by adding them to the first line, e.g. `IT FR` would allow access from italy and france. Private ip-ranges are always allowed. Additionally, in order to activate this config, you need to get an account at https://dev.maxmind.com/geoip/geolite2-free-geolocation-data and download the `GeoLite2-Country.mmdb` and upload it with this exact name into the `nextcloud-aio-caddy` folder. Afterwards restart all containers from the AIO interface and your new config should be active!
- See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack

Expand Down
16 changes: 16 additions & 0 deletions community-containers/stalwart/readme.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
## Stalwart mail server
This container bundles stalwart mail server and auto-configures it for you.

### Notes
- This is only intended to run on a VPS with static ip-address.
- You need to configure a reverse proxy in order to run this container since stalwart needs a dedicated (sub)domain! For that, you might have a look at https://github.com/nextcloud/all-in-one/tree/main/community-containers/caddy.
- Currently, only `mail.$NC_DOMAIN` is supported as subdomain! So if Nextcloud is using `your-domain.com`, vaultwarden will use `mail.your-domain.com`.
- The data of Stalwart will be automatically included in AIOs backup solution!
- After adding and starting the container, you need to run `sudo docker exec -it nextcloud-aio-stalwart configure.sh` and follow https://stalw.art/docs/install/docker/#choose-where-to-store-your-data (1. choose `Local disk`, 2. choose `No, create a new directory for me`, 3. type in your `$NC_DOMAIN` as `domain name` and `mail.$NC_DOMAIN` as `server hostname`. 4. add `DKIM, SPF and DMARC` as adviced, 5. Take note of the administrator credentials, 6. skip https://stalw.art/docs/install/docker/#add-your-tls-certificate as this is done automatically for you, 7. Review the configuration file, 8. run `sudo docker restart nextcloud-aio-stalwart` in order restart the container and enable the config).

Check failure on line 9 in community-containers/stalwart/readme.md

View workflow job for this annotation

GitHub Actions / Check spelling 

adviced ==> advised
- See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack

### Repository
https://github.com/marcoambrosini/aio-stalwart

### Maintainer
https://github.com/marcoambrosini
64 changes: 64 additions & 0 deletions community-containers/stalwart/stalwart.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
{
"aio_services_v1": [
{
"container_name": "nextcloud-aio-stalwart",
"display_name": "Stalwart",
"documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/stalwart",
"image": "marcoambrosini/aio-stalwart",
"image_tag": "v1",
"internal_port": "587",
"restart": "unless-stopped",
"ports": [
{
"ip_binding": "",
"port_number": "25",
"protocol": "tcp"
},
{
"ip_binding": "",
"port_number": "143",
"protocol": "tcp"
},
{
"ip_binding": "",
"port_number": "465",
"protocol": "tcp"
},
{
"ip_binding": "",
"port_number": "587",
"protocol": "tcp"
},
{
"ip_binding": "",
"port_number": "993",
"protocol": "tcp"
},
{
"ip_binding": "",
"port_number": "4190",
"protocol": "tcp"
}
],
"environment": [
"TZ=%TIMEZONE%",
"NC_DOMAIN=%NC_DOMAIN"
],
"volumes": [
{
"source": "nextcloud_aio_stalwart",
"destination": "/opt/stalwart-mail",
"writeable": true
},
{
"source": "nextcloud_aio_caddy",
"destination": "/caddy",
"writeable": false
}
],
"backup_volumes": [
"nextcloud_aio_stalwart"
]
}
]
}

0 comments on commit 14f42e0

Please sign in to comment.