Init

Author: N.Mikhail

.env

@@ -0,0 +1,45 @@
+#####################
+#  Project setting  #
+#####################
+
+COMPOSE_PROJECT_NAME=mailserver
+PROJECT_IP_MASK=172.23.1
+
+####################
+#    PostgreSQL    #
+####################
+
+POSTGRES_DB=DB_NAME
+POSTGRES_USER=DB_USER
+POSTGRES_PASSWORD=DB_PASSWORD
+
+####################
+#   PostfixAdmin   #
+####################
+
+POSTFIXADMIN_DB_TYPE=pgsql
+POSTFIXADMIN_DB_HOST=172.23.1.2
+POSTFIXADMIN_DB_USER=DB_USER
+POSTFIXADMIN_DB_NAME=DB_NAME
+POSTFIXADMIN_DB_PASSWORD=DB_PASSWORD
+
+###################
+#     Dovecot     #
+###################
+
+DOVECOT_VERSION=CHANGE_ME
+
+###################
+#      Redis      #
+###################
+
+REDIS_PASSWORD=REDIS_PASSWORD
+REDIS_PORT=6379
+REDIS_PRODECTED_MODE=yes
+
+###################
+#      Rspam      #
+###################
+
+RSPAM_enable_password=yes
+RSPAM_password=RSPAM_password

build/dovecot/Dockerfile

@@ -0,0 +1,115 @@
+FROM alpine:3.17 as build
+
+ARG vmail_gid
+ARG VMAIL_GROUP
+ARG VMAIL_USER
+ARG vmail_uid
+ARG dovecot_tag
+ARG dovecot_branch=main
+ARG pigeonhole_branch
+ARG DOVECOT_PREFIX=/usr/local/dovecot
+
+#
+#  ARG ACCESS_FIX="/run/dovecot /var/run/dovecot"
+#
+
+# build options
+ARG dovecot_config="--without-pam \
+          --without-cdb \
+          --with-zlib \
+          --with-bzlib \
+          --with-storages=maildir \
+          --without-ldap \
+          --with-ssl=openssl \
+          --sysconfdir=/etc \
+          --prefix=${DOVECOT_PREFIX}  \
+          --with-sql=yes \
+          --without-sqlite \
+          --without-apparmor \
+          --without-mysql \
+          --with-pgsql \
+          --without-docs \
+          --without-libcap \
+          --without-sql-drivers \
+          --without-mysql \
+          --without-sodium \
+          --without-systemd \
+          --localstatedir=/var/lib/dovecot \
+          --enable-dependency-tracking"
+
+ARG pigeonhole_config="--with-dovecot=../dovecot --sysconfdir=/etc --prefix=${DOVECOT_PREFIX} --localstatedir=/var/lib/dovecot \
+    --with-managesieve=yes \
+        --with-ldap=no"
+
+RUN addgroup -S -g ${vmail_gid} vmail || export VMAIL_GROUP=root  && adduser -S -D -H -u $vmail_uid -G $VMAIL_GROUP -g "Dovecot Vmail" ${VMAIL_USER} && \
+    set -x && \
+    apk update && \
+    apk add --no-cache --virtual .build-deps \
+        bzip2-dev lz4-dev xz-dev zlib-dev \
+        runc \
+        postgresql-dev mariadb-dev sqlite-dev \
+        openldap-dev \
+        heimdal-dev \
+        gnu-libiconv \
+        linux-headers git automake cmake \
+            gawk \
+            g++ \
+            make \
+            openldap-dev zlib-dev bzip2-dev autoconf libtool libc-dev gettext gcc bison flex gnutls-dev gettext-dev rpcgen openssl-dev file && \
+    mkdir -p /opt/dovecot && cd /opt/dovecot && \
+    git init . && \
+    git remote add -t ${dovecot_branch} origin https://github.com/dovecot/core && \
+    git fetch --depth 1 && git checkout ${dovecot_tag} && \
+    ./autogen.sh && \
+    mkdir -p ${DOVECOT_PREFIX} && \
+    PANDOC=false  ./configure ${dovecot_config} ### &&  \
+RUN set -x && \
+    cd /opt/dovecot && \
+    make -s -j$(nproc)
+RUN set -x && \
+    cd /opt/dovecot && \
+    make install && \
+    mkdir /opt/pigeonhole/ && \
+    cd /opt/pigeonhole && \
+    git init . && git remote add -t ${pigeonhole_branch} origin https://github.com/dovecot/pigeonhole.git && \
+    git fetch --depth=1 && git checkout ${pigeonhole_branch} && ./autogen.sh && \
+    ./configure ${pigeonhole_config} && \
+    make -s -j$(nproc) && make install && \
+### Setup Container for Dovecot
+    rm -rf /etc/dovecot/* && \
+    mkdir -p /var/lib/dovecot && \
+    chown -R ${VMAIL_USER}:${VMAIL_GROUP} /var/mail && \
+    chown -R ${VMAIL_USER}:${VMAIL_GROUP} /var/lib/dovecot/  ${DOVECOT_PREFIX}
+
+### Networking Configuration
+EXPOSE 1143 2525 1024 1587 1993 4190
+
+
+FROM alpine:3.17
+
+ARG vmail_gid
+ARG VMAIL_GROUP
+ARG VMAIL_USER
+ARG vmail_uid
+
+COPY --from=build /usr/local/dovecot /usr/local/dovecot
+
+RUN apk update && \
+    apk add zlib wget \
+    bzip2 \
+    lz4 \
+    rspamd-client \
+    bzip2-dev lz4-dev xz-dev zlib-dev libpq-dev && \
+    addgroup -S -g ${vmail_gid} vmail || export VMAIL_GROUP=root  && adduser -S -D -H -u $vmail_uid -G $VMAIL_GROUP -g "Dovecot Vmail" ${VMAIL_USER} && \
+    mkdir -p /var/lib/dovecot && \
+    mkdir -p /etc/dovecot && \
+    mkdir -p /var/run/dovecot && \
+    chown -R ${VMAIL_USER}:${VMAIL_GROUP} /var/lib/dovecot/ /var/run/dovecot/ ${DOVECOT_PREFIX} && \
+    chown -R ${VMAIL_USER}:${VMAIL_GROUP} /etc/dovecot && \
+    chmod u+x /usr/local/dovecot/libexec/dovecot/dovecot-lda && \
+    adduser vmail mem
+
+USER ${VMAIL_USER}
+
+CMD ["/usr/local/dovecot/sbin/dovecot", "-F"]
+# CMD ["/bin/sh"]

build/exim/Dockerfile

@@ -0,0 +1,93 @@
+FROM debian:bullseye-slim as build
+
+ARG EXIM_GID
+ARG EXIM_GROUP
+ARG EXIM_USER
+ARG EXIM_UID
+
+ARG EXIM_IP=0.0.0.0
+ARG EXIM_VERSION=4.98
+# EXIM_VERSION_GITHUB [4.96.2 | 4.97-RC2 | 4.96.1]
+# ARG EXIM_VERSION=master
+
+# ARG EXIM_SOURCE=https://github.com/Exim/exim/archive/refs/tags/exim-4.96.2.tar.gz - Working
+ARG EXIM_SOURCE=http://exim.mirror.iphh.net/ftp/exim/exim4/exim-${EXIM_VERSION}.tar.gz
+
+ENV EXIM_PORTS="25 : 465 : 587"
+ENV EXIM_TLS_ON_CONNECT_PORTS=465
+# ENV DOMAIN=TakeItFromDotEnv
+
+
+RUN set -x && \
+    addgroup --system --gid ${EXIM_GID} ${EXIM_GROUP} || export EXIM_GROUP=root  && \
+    adduser --disabled-login --no-create-home  --uid $EXIM_UID --ingroup $EXIM_GROUP --gecos EXIM $EXIM_USER && \
+    adduser --disabled-login --no-create-home  --uid 501 --ingroup $EXIM_GROUP --gecos EXIM exim && \
+    apt-get -y update \
+    && apt-get -y upgrade \
+    && apt-get install -y libldap2-dev tzdata  \
+      wget libpcre2-dev build-essential libdb-dev libpq-dev \
+      libopendmarc-dev  libspf2-dev  \
+      libldap2-dev libldap-common \
+      libdkim-dev  \
+      libssl-dev  \
+      libidn11-dev && \
+    dpkg-reconfigure -f noninteractive tzdata
+
+
+RUN set -eux; \
+      mkdir -p /usr/src && cd /usr/src && \
+      # git clone https://github.com/exim/exim -b $EXIM_VERSION exim && \
+      # echo "$EXIM_DOWNLOAD_SHA *exim.tar.gz" | sha256sum -c -; \ TBD!
+      wget ${EXIM_SOURCE} && tar -zxvf exim-${EXIM_VERSION}.tar.gz  && mv exim-${EXIM_VERSION} exim && \
+      # mkdir -p /usr/src/exim/Local && \
+      mkdir -p /etc/exim4
+
+
+ADD Makefile /usr/src/exim/Local/
+
+RUN set -eux; \
+    cd /usr/src/exim && \
+    sed -i "s/EXIM_LOCAL_USER/${EXIM_USER}/g" Local/Makefile && \
+    sed -i "s/EXIM_LOCAL_GROUP/${EXIM_GROUP}/g" Local/Makefile && \
+    make && make install && \
+    rm -rf /usr/src && \
+    apt-get remove -y build-essential  libpcre3-dev libdkim-dev git && \
+    apt-get -y autoremove --purge  && apt-get clean  && rm -rf /var/lib/apt/lists/*
+
+FROM debian:bullseye-slim
+
+ARG EXIM_GID
+ARG EXIM_GROUP
+ARG EXIM_USER
+ARG EXIM_UID
+ARG DOMAIN
+ARG EXIM_IP=0.0.0.0
+
+ENV EXIM_PORTS="25 : 465 : 587"
+ENV EXIM_TLS_ON_CONNECT_PORTS=465
+
+RUN set -x && \
+    apt-get -y update \
+    && apt-get -y upgrade \
+    && apt-get install -y libspf2-2 ca-certificates minicpan libgetopt-complete-perl libpq-dev && \
+    addgroup --system --gid ${EXIM_GID} ${EXIM_GROUP} || export EXIM_GROUP=root  && \
+    adduser --disabled-login --no-create-home  --uid $EXIM_UID --ingroup $EXIM_GROUP --gecos EXIM $EXIM_USER && \
+    adduser --disabled-login --no-create-home  --uid 501 --ingroup $EXIM_GROUP --gecos EXIM exim && \
+    yes | perl -MCPAN -e getopt::std
+COPY --from=build /usr/exim /usr/exim
+ADD exim.conf /etc/exim4/exim.conf
+ADD update-exim4.conf.conf /etc/exim4/update-exim4.conf.conf
+
+ARG ACCESS_FIX="/etc/exim4 /var/log/exim /var/spool/exim"
+# fix access, log to stderr
+RUN set -x && \
+    for d in ${ACCESS_FIX} ; do mkdir -p $d ; done && \
+    chown -R ${EXIM_USER}:${EXIM_GROUP} ${ACCESS_FIX} && \
+    find ${ACCESS_FIX} -type d -exec chmod g+wx {} \;
+
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
+RUN chmod +x /usr/local/bin/entrypoint.sh
+USER ${EXIM_USER}
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
+
+CMD ["/bin/bash"]