dockerfiles/email/dovecot/auth-sql.conf.ext

-passdb {
-  driver = sql
-  args = /etc/dovecot/dovecot-sql.conf.ext
-}
-userdb {
-  driver = static
-  args = uid=mail gid=mail home=/mail/mailboxes/%d/%n
-}
-

dockerfiles/email/dovecot/dovecot-sql.conf.ext

-driver = mysql
-connect = host=##DB_HOST## dbname=servermail user=##DB_USER## password=##DB_PASS##
-default_pass_scheme = SHA512-CRYPT
-password_query = SELECT email as user, password FROM virtual_users WHERE email='%u';
-

dockerfiles/email/dovecot/init.sql

-USE servermail;
-CREATE TABLE `virtual_domains` (
-  `id`  INT NOT NULL AUTO_INCREMENT,
-  `name` VARCHAR(50) NOT NULL,
-  PRIMARY KEY (`id`),
-  UNIQUE KEY `name` (`name`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `virtual_users` (
-  `id` INT NOT NULL AUTO_INCREMENT,
-  `domain_id` INT NOT NULL,
-  `password` VARCHAR(106) NOT NULL,
-  `email` VARCHAR(120) NOT NULL,
-  PRIMARY KEY (`id`),
-  UNIQUE KEY `email` (`email`),
-  FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `virtual_aliases` (
-  `id` INT NOT NULL AUTO_INCREMENT,
-  `domain_id` INT NOT NULL,
-  `source` varchar(100) NOT NULL,
-  `destination` varchar(100) NOT NULL,
-  PRIMARY KEY (`id`),
-  FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-

dockerfiles/email/dovecot/startup.sh

-#!/bin/bash -eux
-
-export DB_PORT=3306
-export DB_HOST=db
-export DB_USER=admin
-echo $HOSTNAME
-
-sed -i "s/##DB_HOST##/$DB_HOST/" /etc/dovecot/dovecot-sql.conf.ext
-sed -i "s/##DB_USER##/$DB_USER/" /etc/dovecot/dovecot-sql.conf.ext
-sed -i "s/##DB_PASS##/$DB_PASS/" /etc/dovecot/dovecot-sql.conf.ext
-
-/opt/editconf.py /etc/dovecot/conf.d/15-lda.conf postmaster_address=postmaster@$HOSTNAME
-
-/opt/mysql-check.sh
-
-DB_EXISTS=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT -e "SHOW DATABASES LIKE 'servermail';" 2>&1 |grep servermail > /dev/null ; echo "$?")
-if [[ DB_EXISTS -eq 1 ]]; then
-  echo "=> Creating database servermail"
-  RET=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT -e "CREATE DATABASE servermail")
-  if [[ RET -ne 0 ]]; then
-    echo "Cannot create database for emails"
-    exit RET
-  fi
-  echo "=> Loading initial database data to servermail"
-  RET=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT servermail < /init.sql)
-  if [[ RET -ne 0 ]]; then
-    echo "Cannot load initial database data for emails"
-    exit RET
-  fi
-  echo "=> Done!"
-else
-  echo "=> Skipped creation of database servermail it already exists."
-fi
-
-dovecot -F
-

dockerfiles/email/dovecot/user.sql

-INSERT INTO `servermail`.`virtual_domains`
-  (`id` ,`name`)
-  VALUES
-    ('1', 'example.com'),
-    ('2', 'hostname.example.com');
-
-INSERT INTO `servermail`.`virtual_users`
-  (`id`, `domain_id`, `password` , `email`)
-  VALUES
-    ('1', '1', ENCRYPT('firstpassword', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))), 'email1@example.com'),
-    ('2', '1', ENCRYPT('secondpassword', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))), 'email2@example.com');
-
-INSERT INTO `servermail`.`virtual_aliases`
-  (`id`, `domain_id`, `source`, `destination`)
-  VALUES
-    ('1', '1', 'alias@example.com', 'email1@example.com');
-

dockerfiles/email/postfix/Dockerfile

-FROM debian:jessie
-
-# Borrows from https://registry.hub.docker.com/u/previousnext/postfix
-# Borrows from https://registry.hub.docker.com/u/catatnight/postfix
-
-ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update \
-	&& echo "postfix postfix/main_mailer_type string 'Internet site'" | debconf-set-selections \
-	&& echo "postfix postfix/mailname string 'HOSTNAME.EXAMPLE.COM'" | debconf-set-selections \
-	&& echo "postfix postfix/root_address string 'ROOTMAIL@EXAMPLE.COM'" | debconf-set-selections \
-	&& apt-get install -q -y \
-		postfix \
-		supervisor \
-	&& rm -rf /var/lib/apt/lists/*
-
-COPY install.sh install.sh
-
-RUN chmod 755 /install.sh
-
-VOLUME ["/var/spool/postfix/"]
-
-EXPOSE 25
-
-CMD /install.sh;/usr/bin/supervisord -c /etc/supervisor/supervisord.conf
-

dockerfiles/email/postfix/install.sh

-#!/bin/bash
-
-#judgement
-if [[ -a /etc/supervisor/conf.d/supervisord.conf ]]; then
-  exit 0
-fi
-
-#supervisor
-cat > /etc/supervisor/conf.d/supervisord.conf <<EOF
-[supervisord]
-nodaemon=true
-
-[program:postfix]
-process_name = master
-command = /etc/init.d/postfix start
-startsecs = 0
-autorestart = false
-
-EOF
-
-# put the same FQDN in /data/hostname and in reverse DNS
-# for the public IP address on which this server will be
-# receiving smtp traffic.
-cp /data/hostname /etc/mailname
-/usr/sbin/postconf -e "myhostname=`cat /data/hostname`"
-
-# put all relevant domains in /data/destinations.
-/usr/sbin/postconf -e "virtual_alias_domains=`cat /data/destinations`"
-
-# put your forwarding addresses in /data/forwards.
-cp /data/forwards /etc/postfix/virtual
-/usr/sbin/postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual"
-
-# accept mails from docker networked machines:
-/usr/sbin/postconf -e "mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.17.42.0/24"
-
-# configure virtual
-postmap /etc/postfix/virtual
-

dockerfiles/load-balancer/confd/Dockerfile

-FROM debian:jessie
-
-ENV DEBIAN_FRONTEND noninteractive
-
-RUN \
-  apt-get update &&\
-  apt-get install -y \
-    wget \
-    ca-certificates &&\
-  rm -rf /var/lib/apt/lists/*
-
-ADD confd /etc/confd
-
-RUN \
-  wget https://github.com/kelseyhightower/confd/releases/download/v0.7.1/confd-0.7.1-linux-amd64 -O confd && \
-  chmod +x confd
-
-RUN \
-  wget https://get.docker.com/builds/Linux/x86_64/docker-1.2.0 -O docker && \
-  chmod +x docker
-
-VOLUME ["/etc/confd/", "/etc/haproxy"]
-ENTRYPOINT ["/confd"]
-CMD ["-interval=60", "-node=172.17.42.1:4001", "-watch=true", "-verbose=true"]
-

dockerfiles/load-balancer/confd/README.md

-# Confd
-
-The smallest confd docker image in town ;)
-
-## Run
-
-This image will log everything to stdout/stderr.
-
-It was designed to work with HAproxy, but you can use it for anything! There is no configuration, you'll have to mount the config folder. There is a nice example in [indiehosters/confd git repo](https://github.com/indiehosters/dockerfiles/tree/master/server-wide/confd).
-
-```bash
-docker run\
-  -v /haproxy-config:/etc/haproxy/\
-  -v ./confd/:/etc/confd/\
-  -v /var/run/docker.sock:/var/run/docker.sock\
-indiehosters/confd
-```
-
-It works really well with [indiehosters/haproxy](https://registry.hub.docker.com/u/indiehosters/haproxy/) to have automatic configuration of HAproxy backed by `etcd` or `consul`.

dockerfiles/load-balancer/confd/confd/conf.d/crt-list.toml

-[template]
-src  = "crt-list.tmpl"
-dest = "/etc/haproxy/crt-list"
-keys = [
-  "/services"
-]
-reload_cmd = "/docker kill --signal=\"SIGUSR1\" haproxy"

dockerfiles/load-balancer/confd/confd/conf.d/haproxy.toml

-[template]
-src  = "haproxy.cfg.tmpl"
-dest = "/etc/haproxy/haproxy.cfg"
-keys = [
-  "/services"
-]
-reload_cmd = "/docker kill --signal=\"SIGUSR1\" haproxy"

dockerfiles/load-balancer/confd/confd/templates/crt-list.tmpl

-{{range $app := lsdir "/services"}}
-{{$hostnames := printf "/services/%s/*" $app}}
-  {{range gets $hostnames}}
-    {{$hostname := .Key}}
-/etc/haproxy/approved-certs/{{base $hostname}}.pem {{base $hostname}}
-/etc/haproxy/approved-certs/{{base $hostname}}.pem www.{{base $hostname}}
-  {{end}}
-{{end}}

dockerfiles/load-balancer/confd/confd/templates/haproxy.cfg.tmpl

-global
-  log /dev/log local0 info
-  log /dev/log local0 notice
-  maxconn 4096
-  user haproxy
-  group haproxy
-  tune.ssl.default-dh-param 2048
-  ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
-
-defaults
-  log global
-  mode http
-  option forwardfor
-  option httpclose
-  option httplog
-  option dontlognull
-  retries 3
-  timeout connect 5000
-  timeout client 50000
-  timeout server 50000
-
-
-frontend https-in
-mode http
-  bind *:443 ssl no-sslv3 crt-list /etc/haproxy/crt-list crt /etc/haproxy/approved-certs/default.pem
-  # HSTS (15768000 seconds = 6 months)
-  rspadd  Strict-Transport-Security:\ max-age=15768000
-  reqadd X-Forwarded-Proto:\ https
-{{range $app := lsdir "/services"}}
-{{$hostnames := printf "/services/%s/*" $app}}
-  {{range gets $hostnames}}
-    {{$hostname := .Key}}
-    {{$data := json .Value}}
-# {{base $hostname}}:
-  acl https_{{base $hostname}} hdr(host) -i {{base $hostname}}
-  acl https_{{base $hostname}} hdr(host) -i www.{{base $hostname}}
-  use_backend {{base $hostname}} if https_{{base $hostname}}
-  {{end}}
-{{end}}
-
-frontend http-in
-  bind *:80
-  redirect scheme https code 301
-
-{{range $app := lsdir "/services"}}
-{{$hostnames := printf "/services/%s/*" $app}}
-  {{range gets $hostnames}}
-    {{$hostname := .Key}}
-    {{$data := json .Value}}
-# {{base $hostname}}:
-backend {{base $hostname}}
-  cookie SERVERID insert nocache indirect
-  server Server {{$data.ip}}:{{$data.port}} cookie Server
-  {{end}}
-{{end}}

dockerfiles/load-balancer/haproxy/Dockerfile

-FROM debian:jessie
-
-ENV DEBIAN_FRONTEND noninteractive
-
-# Install Haproxy.
-RUN \
-  apt-get update && \
-  apt-get install -y haproxy && \
-  rm -rf /var/lib/apt/lists/*
-
-VOLUME ["/etc/haproxy"]
-ENTRYPOINT ["haproxy"]
-CMD ["-f", "/etc/haproxy/haproxy.cfg"]
-EXPOSE 80
-EXPOSE 443
-

dockerfiles/load-balancer/haproxy/README.md

-# HAproxy
-
-The smallest HAproxy docker image in town ;)
-
-## Run
-
-```bash
-docker run\
-  -v /haproxy-config:/etc/haproxy\
-  -p 80:80\
-  -p 443:443\
-  pierreozoux/haproxy
-```
-
-Have a look to [pierreozoux/confd](https://registry.hub.docker.com/u/pierreozoux/confd/) to have automatic configuration of HAproxy backed by `etcd` or `consul`.

dockerfiles/rsyslog/Dockerfile

-FROM debian:jessie
-
-ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update && \
-    apt-get install -q -y rsyslog && \
-    rm -rf /var/lib/apt/lists/*
-
-ADD haproxy /etc/logrotate.d/haproxy
-ADD postfix /etc/logrotate.d/postfix
-
-VOLUME [ "/dev", "/var/log" ]
-
-ENTRYPOINT [ "rsyslogd", "-n" ]
-

dockerfiles/rsyslog/haproxy

-/var/log/haproxy*.log
-{
-    rotate 4
-    weekly
-    missingok
-    notifempty
-    compress
-    delaycompress
-    sharedscripts
-    postrotate
-        reload rsyslog >/dev/null 2>&1 || true
-    endscript
-}
-

dockerfiles/rsyslog/postfix

-/var/log/mail.*
-{
-    rotate 4
-    weekly
-    missingok
-    notifempty
-    compress
-    delaycompress
-    sharedscripts
-    postrotate
-        reload rsyslog >/dev/null 2>&1 || true
-    endscript
-}
-

dockerfiles/services/apache/Dockerfile

-FROM debian:jessie
-
-ENV DEBIAN_FRONTEND noninteractive
-
-RUN apt-get update \
-	&& apt-get -yq install \
-		apache2 \
-		curl \
-		mysql-client \
-		libapache2-mod-php5 \
-		php-apc \
-		php-pear \
-		php5-curl \
-		php5-gd \
-                php5-json \
-                php5-mcrypt \
-                php5-imagick \
-		php5-mysql \
-		php5-xmlrpc \
-                ssmtp \
-	&& rm -rf /var/lib/apt/lists/*
-
-# Add image configuration and scripts
-ADD default.conf /etc/apache2/sites-enabled/000-default.conf
-ADD run.sh /run.sh
-RUN sed -i "s/variables_order.*/variables_order = \"EGPCS\"/g" /etc/php5/apache2/php.ini && \
-    sed -i "s/.*sendmail_path.*/sendmail_path = \/usr\/sbin\/ssmtp -t/g" /etc/php5/apache2/php.ini \
-	&& mkdir -p /app \
-	&& rm -rf /var/www/html \
-	&& ln -s /app /var/www/html \
-	&& a2enmod rewrite \
-	&& chmod 755 /run.sh
-
-COPY ssmtp.conf /etc/ssmtp/ssmtp.conf
-
-CMD ["/run.sh"]
-EXPOSE 80
-

dockerfiles/services/apache/default.conf

-<VirtualHost *:80>
-  # The ServerName directive sets the request scheme, hostname and port that
-  # the server uses to identify itself. This is used when creating
-  # redirection URLs. In the context of virtual hosts, the ServerName
-  # specifies what hostname must appear in the request's Host: header to
-  # match this virtual host. For the default virtual host (this file) this
-  # value is not decisive as it is used as a last resort host regardless.
-  # However, you must set it for any further virtual host explicitly.
-  #ServerName www.example.com
-
-  ServerAdmin webmaster@localhost
-  DocumentRoot /var/www/html
-
-  # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
-  # error, crit, alert, emerg.
-  # It is also possible to configure the loglevel for particular
-  # modules, e.g.
-  #LogLevel info ssl:warn
-
-  ErrorLog ${APACHE_LOG_DIR}/error.log
-  CustomLog ${APACHE_LOG_DIR}/access.log combined
-
-  # For most configuration files from conf-available/, which are
-  # enabled or disabled at a global level, it is possible to
-  # include a line for only one particular virtual host. For example the
-  # following line enables the CGI configuration for this host only
-  # after it has been globally disabled with "a2disconf".
-  #Include conf-available/serve-cgi-bin.conf
-  <Directory /var/www/html/>
-    Options -Indexes +FollowSymLinks +MultiViews
-    AllowOverride All
-    Order allow,deny
-    allow from all
-  </Directory>
-</VirtualHost>