diff options
| author | James Z.M. Gao <gaozhm@mvad.com> | 2016-05-04 05:14:13 +0800 |
|---|---|---|
| committer | James Z.M. Gao <gaozhm@mvad.com> | 2016-05-04 05:14:13 +0800 |
| commit | 0d532221d14c9e8f0e4315b10a18f3d0dbf94e4e (patch) | |
| tree | bf007255f19c5b03efaa4082e74473d3ceb4527b | |
| parent | b328c9674f4b8fd43dc4fb9360b2624edacd3b83 (diff) | |
| download | davmail-0d532221d14c9e8f0e4315b10a18f3d0dbf94e4e.tar.gz davmail-0d532221d14c9e8f0e4315b10a18f3d0dbf94e4e.tar.bz2 davmail-0d532221d14c9e8f0e4315b10a18f3d0dbf94e4e.tar.xz davmail-0d532221d14c9e8f0e4315b10a18f3d0dbf94e4e.zip | |
add support for secure ports
| -rw-r--r-- | Dockerfile | 3 | ||||
| -rw-r--r-- | README.md | 5 | ||||
| -rw-r--r-- | content/etc/davmail/davmail.properties.template | 8 | ||||
| -rwxr-xr-x | content/opt/davmail/entrypoint.sh | 9 |
4 files changed, 21 insertions, 4 deletions
@@ -17,6 +17,9 @@ RUN apk --update upgrade && \ USER davmail +# if $DAVMAIL_SSL_PASS is not empty, use this file as keystoreFile of type PKCS12 +VOLUME ["/etc/davmail/davmail.p12"] + EXPOSE 1080 EXPOSE 1143 EXPOSE 1389 @@ -18,6 +18,7 @@ Accepted docker environment variables: * DAVMAIL_SERVER_CERTIFICATE_HASH: optional, cirtificate hash, like 11:22:... * DAVMAIL_NTLM_DOMAIN: optional, windows domain * DAVMAIL_CONFIG_URL: a url for downloading a specific configuration, this can override all other options +* DAVMAIL_SSL_PASS: optional, set to the password of a PKCS12 SSL file Listened ports: @@ -26,3 +27,7 @@ Listened ports: * ldap port: 1389 * pop3 port: 1110 * smtp port: 1025 + +Volume: + +* "/etc/davmail/davmail.p12": if DAVMAIL_SSL_PASS is not empty, use this as the keystore file of type PKCS12 diff --git a/content/etc/davmail/davmail.properties.template b/content/etc/davmail/davmail.properties.template index 74b9584..c37be5b 100644 --- a/content/etc/davmail/davmail.properties.template +++ b/content/etc/davmail/davmail.properties.template @@ -39,10 +39,10 @@ davmail.bindAddress= davmail.clientSoTimeout= # DavMail listeners SSL configuration -davmail.ssl.keystoreType= -davmail.ssl.keystoreFile= -davmail.ssl.keystorePass= -davmail.ssl.keyPass= +davmail.ssl.keystoreType=${DAVMAIL_SSL_PASS:+PKCS12} +davmail.ssl.keystoreFile=${DAVMAIL_SSL_PASS:+/etc/davmail/davmail.p12} +davmail.ssl.keystorePass=${DAVMAIL_SSL_PASS} +davmail.ssl.keyPass=${DAVMAIL_SSL_PASS} # Accept specified certificate even if invalid according to trust store davmail.server.certificate.hash=${DAVMAIL_SERVER_CERTIFICATE_HASH} diff --git a/content/opt/davmail/entrypoint.sh b/content/opt/davmail/entrypoint.sh index 7b3b518..6555503 100755 --- a/content/opt/davmail/entrypoint.sh +++ b/content/opt/davmail/entrypoint.sh @@ -13,6 +13,15 @@ elif [ -n "$DAVMAIL_URL" ]; then done < /etc/davmail/davmail.properties.template > $CONFIG fi +if [ -n "$DAVMAIL_SSL_PASS" ]; then + if [ ! -r /etc/davmail/davmail.p12 ] || [ ! -s /etc/davmail/davmail.p12 ]; then + echo "ERROR: can't read ssl keystore [/etc/davmail/davmail.p12]!" + return 2 + fi +fi + +if [ -z "$DAVMAIL_SSL_PASS" ] || [ ! -s /etc/davmail/davmail.p12 ] + if [ -r "$CONFIG" ]; then exec /opt/davmail/davmail.sh "$CONFIG" else |