Skip to content
Hide whitespace changes
Inline Side-by-side
dockerfiles/email/dovecot/auth-sql.conf.ext deleted 100644 → 0
View file @ d89e0ac8
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
driver = static
args = uid=mail gid=mail home=/mail/mailboxes/%d/%n
}
dockerfiles/email/dovecot/dovecot-sql.conf.ext deleted 100644 → 0
View file @ d89e0ac8
driver = mysql
connect = host=##DB_HOST## dbname=servermail user=##DB_USER## password=##DB_PASS##
default_pass_scheme = SHA512-CRYPT
password_query = SELECT email as user, password FROM virtual_users WHERE email='%u';
dockerfiles/email/dovecot/init.sql deleted 100644 → 0
View file @ d89e0ac8
USE servermail;
CREATE TABLE `virtual_domains` (
`id` INT NOT NULL AUTO_INCREMENT,
`name` VARCHAR(50) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `name` (`name`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `virtual_users` (
`id` INT NOT NULL AUTO_INCREMENT,
`domain_id` INT NOT NULL,
`password` VARCHAR(106) NOT NULL,
`email` VARCHAR(120) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `email` (`email`),
FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `virtual_aliases` (
`id` INT NOT NULL AUTO_INCREMENT,
`domain_id` INT NOT NULL,
`source` varchar(100) NOT NULL,
`destination` varchar(100) NOT NULL,
PRIMARY KEY (`id`),
FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
dockerfiles/email/dovecot/startup.sh deleted 100644 → 0
View file @ d89e0ac8
#!/bin/bash -eux
export DB_PORT=3306
export DB_HOST=db
export DB_USER=admin
echo $HOSTNAME
sed -i "s/##DB_HOST##/$DB_HOST/" /etc/dovecot/dovecot-sql.conf.ext
sed -i "s/##DB_USER##/$DB_USER/" /etc/dovecot/dovecot-sql.conf.ext
sed -i "s/##DB_PASS##/$DB_PASS/" /etc/dovecot/dovecot-sql.conf.ext
/opt/editconf.py /etc/dovecot/conf.d/15-lda.conf postmaster_address=postmaster@$HOSTNAME
/opt/mysql-check.sh
DB_EXISTS=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT -e "SHOW DATABASES LIKE 'servermail';" 2>&1 |grep servermail > /dev/null ; echo "$?")
if [[ DB_EXISTS -eq 1 ]]; then
echo "=> Creating database servermail"
RET=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT -e "CREATE DATABASE servermail")
if [[ RET -ne 0 ]]; then
echo "Cannot create database for emails"
exit RET
fi
echo "=> Loading initial database data to servermail"
RET=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT servermail < /init.sql)
if [[ RET -ne 0 ]]; then
echo "Cannot load initial database data for emails"
exit RET
fi
echo "=> Done!"
else
echo "=> Skipped creation of database servermail it already exists."
fi
dovecot -F
dockerfiles/email/dovecot/user.sql deleted 100644 → 0
View file @ d89e0ac8
INSERT INTO `servermail`.`virtual_domains`
(`id` ,`name`)
VALUES
('1', 'example.com'),
('2', 'hostname.example.com');
INSERT INTO `servermail`.`virtual_users`
(`id`, `domain_id`, `password` , `email`)
VALUES
('1', '1', ENCRYPT('firstpassword', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))), 'email1@example.com'),
('2', '1', ENCRYPT('secondpassword', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))), 'email2@example.com');
INSERT INTO `servermail`.`virtual_aliases`
(`id`, `domain_id`, `source`, `destination`)
VALUES
('1', '1', 'alias@example.com', 'email1@example.com');
dockerfiles/email/postfix/Dockerfile deleted 100644 → 0
View file @ d89e0ac8
FROM debian:jessie
# Borrows from https://registry.hub.docker.com/u/previousnext/postfix
# Borrows from https://registry.hub.docker.com/u/catatnight/postfix
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update \
&& echo "postfix postfix/main_mailer_type string 'Internet site'" | debconf-set-selections \
&& echo "postfix postfix/mailname string 'HOSTNAME.EXAMPLE.COM'" | debconf-set-selections \
&& echo "postfix postfix/root_address string 'ROOTMAIL@EXAMPLE.COM'" | debconf-set-selections \
&& apt-get install -q -y \
postfix \
supervisor \
&& rm -rf /var/lib/apt/lists/*
COPY install.sh install.sh
RUN chmod 755 /install.sh
VOLUME ["/var/spool/postfix/"]
EXPOSE 25
CMD /install.sh;/usr/bin/supervisord -c /etc/supervisor/supervisord.conf
dockerfiles/email/postfix/install.sh deleted 100755 → 0
View file @ d89e0ac8
#!/bin/bash
#judgement
if [[ -a /etc/supervisor/conf.d/supervisord.conf ]]; then
exit 0
fi
#supervisor
cat > /etc/supervisor/conf.d/supervisord.conf <<EOF
[supervisord]
nodaemon=true
[program:postfix]
process_name = master
command = /etc/init.d/postfix start
startsecs = 0
autorestart = false
EOF
# put the same FQDN in /data/hostname and in reverse DNS
# for the public IP address on which this server will be
# receiving smtp traffic.
cp /data/hostname /etc/mailname
/usr/sbin/postconf -e "myhostname=`cat /data/hostname`"
# put all relevant domains in /data/destinations.
/usr/sbin/postconf -e "virtual_alias_domains=`cat /data/destinations`"
# put your forwarding addresses in /data/forwards.
cp /data/forwards /etc/postfix/virtual
/usr/sbin/postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual"
# accept mails from docker networked machines:
/usr/sbin/postconf -e "mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.17.42.0/24"
# configure virtual
postmap /etc/postfix/virtual
dockerfiles/load-balancer/confd/Dockerfile deleted 100644 → 0
View file @ d89e0ac8
FROM debian:jessie
ENV DEBIAN_FRONTEND noninteractive
RUN \
apt-get update &&\
apt-get install -y \
wget \
ca-certificates &&\
rm -rf /var/lib/apt/lists/*
ADD confd /etc/confd
RUN \
wget https://github.com/kelseyhightower/confd/releases/download/v0.7.1/confd-0.7.1-linux-amd64 -O confd && \
chmod +x confd
RUN \
wget https://get.docker.com/builds/Linux/x86_64/docker-1.2.0 -O docker && \
chmod +x docker
VOLUME ["/etc/confd/", "/etc/haproxy"]
ENTRYPOINT ["/confd"]
CMD ["-interval=60", "-node=172.17.42.1:4001", "-watch=true", "-verbose=true"]
dockerfiles/load-balancer/confd/README.md deleted 100644 → 0
View file @ d89e0ac8
# Confd
The smallest confd docker image in town ;)
## Run
This image will log everything to stdout/stderr.
It was designed to work with HAproxy, but you can use it for anything! There is no configuration, you'll have to mount the config folder. There is a nice example in [indiehosters/confd git repo](https://github.com/indiehosters/dockerfiles/tree/master/server-wide/confd).
```bash
docker run\
-v /haproxy-config:/etc/haproxy/\
-v ./confd/:/etc/confd/\
-v /var/run/docker.sock:/var/run/docker.sock\
indiehosters/confd
```
It works really well with [indiehosters/haproxy](https://registry.hub.docker.com/u/indiehosters/haproxy/) to have automatic configuration of HAproxy backed by `etcd` or `consul`.
dockerfiles/load-balancer/confd/confd/conf.d/crt-list.toml deleted 100644 → 0
View file @ d89e0ac8
[template]
src = "crt-list.tmpl"
dest = "/etc/haproxy/crt-list"
keys = [
"/services"
]
reload_cmd = "/docker kill --signal=\"SIGUSR1\" haproxy"
dockerfiles/load-balancer/confd/confd/conf.d/haproxy.toml deleted 100644 → 0
View file @ d89e0ac8
[template]
src = "haproxy.cfg.tmpl"
dest = "/etc/haproxy/haproxy.cfg"
keys = [
"/services"
]
reload_cmd = "/docker kill --signal=\"SIGUSR1\" haproxy"
dockerfiles/load-balancer/confd/confd/templates/crt-list.tmpl deleted 100644 → 0
View file @ d89e0ac8
{{range $app := lsdir "/services"}}
{{$hostnames := printf "/services/%s/*" $app}}
{{range gets $hostnames}}
{{$hostname := .Key}}
/etc/haproxy/approved-certs/{{base $hostname}}.pem {{base $hostname}}
/etc/haproxy/approved-certs/{{base $hostname}}.pem www.{{base $hostname}}
{{end}}
{{end}}
dockerfiles/load-balancer/confd/confd/templates/haproxy.cfg.tmpl deleted 100644 → 0
View file @ d89e0ac8
global
log /dev/log local0 info
log /dev/log local0 notice
maxconn 4096
user haproxy
group haproxy
tune.ssl.default-dh-param 2048
ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
defaults
log global
mode http
option forwardfor
option httpclose
option httplog
option dontlognull
retries 3
timeout connect 5000
timeout client 50000
timeout server 50000
frontend https-in
mode http
bind *:443 ssl no-sslv3 crt-list /etc/haproxy/crt-list crt /etc/haproxy/approved-certs/default.pem
# HSTS (15768000 seconds = 6 months)
rspadd Strict-Transport-Security:\ max-age=15768000
reqadd X-Forwarded-Proto:\ https
{{range $app := lsdir "/services"}}
{{$hostnames := printf "/services/%s/*" $app}}
{{range gets $hostnames}}
{{$hostname := .Key}}
{{$data := json .Value}}
# {{base $hostname}}:
acl https_{{base $hostname}} hdr(host) -i {{base $hostname}}
acl https_{{base $hostname}} hdr(host) -i www.{{base $hostname}}
use_backend {{base $hostname}} if https_{{base $hostname}}
{{end}}
{{end}}
frontend http-in
bind *:80
redirect scheme https code 301
{{range $app := lsdir "/services"}}
{{$hostnames := printf "/services/%s/*" $app}}
{{range gets $hostnames}}
{{$hostname := .Key}}
{{$data := json .Value}}
# {{base $hostname}}:
backend {{base $hostname}}
cookie SERVERID insert nocache indirect
server Server {{$data.ip}}:{{$data.port}} cookie Server
{{end}}
{{end}}
dockerfiles/load-balancer/haproxy/Dockerfile deleted 100644 → 0
View file @ d89e0ac8
FROM debian:jessie
ENV DEBIAN_FRONTEND noninteractive
# Install Haproxy.
RUN \
apt-get update && \
apt-get install -y haproxy && \
rm -rf /var/lib/apt/lists/*
VOLUME ["/etc/haproxy"]
ENTRYPOINT ["haproxy"]
CMD ["-f", "/etc/haproxy/haproxy.cfg"]
EXPOSE 80
EXPOSE 443
dockerfiles/load-balancer/haproxy/README.md deleted 100644 → 0
View file @ d89e0ac8
# HAproxy
The smallest HAproxy docker image in town ;)
## Run
```bash
docker run\
-v /haproxy-config:/etc/haproxy\
-p 80:80\
-p 443:443\
pierreozoux/haproxy
```
Have a look to [pierreozoux/confd](https://registry.hub.docker.com/u/pierreozoux/confd/) to have automatic configuration of HAproxy backed by `etcd` or `consul`.
dockerfiles/rsyslog/Dockerfile deleted 100644 → 0
View file @ d89e0ac8
FROM debian:jessie
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && \
apt-get install -q -y rsyslog && \
rm -rf /var/lib/apt/lists/*
ADD haproxy /etc/logrotate.d/haproxy
ADD postfix /etc/logrotate.d/postfix
VOLUME [ "/dev", "/var/log" ]
ENTRYPOINT [ "rsyslogd", "-n" ]
dockerfiles/rsyslog/haproxy deleted 100644 → 0
View file @ d89e0ac8
/var/log/haproxy*.log
{
rotate 4
weekly
missingok
notifempty
compress
delaycompress
sharedscripts
postrotate
reload rsyslog >/dev/null 2>&1 || true
endscript
}
dockerfiles/rsyslog/postfix deleted 100644 → 0
View file @ d89e0ac8
/var/log/mail.*
{
rotate 4
weekly
missingok
notifempty
compress
delaycompress
sharedscripts
postrotate
reload rsyslog >/dev/null 2>&1 || true
endscript
}
dockerfiles/services/apache/Dockerfile deleted 100644 → 0
View file @ d89e0ac8
FROM debian:jessie
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update \
&& apt-get -yq install \
apache2 \
curl \
mysql-client \
libapache2-mod-php5 \
php-apc \
php-pear \
php5-curl \
php5-gd \
php5-json \
php5-mcrypt \
php5-imagick \
php5-mysql \
php5-xmlrpc \
ssmtp \
&& rm -rf /var/lib/apt/lists/*
# Add image configuration and scripts
ADD default.conf /etc/apache2/sites-enabled/000-default.conf
ADD run.sh /run.sh
RUN sed -i "s/variables_order.*/variables_order = \"EGPCS\"/g" /etc/php5/apache2/php.ini && \
sed -i "s/.*sendmail_path.*/sendmail_path = \/usr\/sbin\/ssmtp -t/g" /etc/php5/apache2/php.ini \
&& mkdir -p /app \
&& rm -rf /var/www/html \
&& ln -s /app /var/www/html \
&& a2enmod rewrite \
&& chmod 755 /run.sh
COPY ssmtp.conf /etc/ssmtp/ssmtp.conf
CMD ["/run.sh"]
EXPOSE 80
dockerfiles/services/apache/default.conf deleted 100644 → 0
View file @ d89e0ac8
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
<Directory /var/www/html/>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>