diff --git a/docker-compose.yml b/docker-compose.yml index 038535c..627f0ed 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,358 +1,392 @@ version: '3' services: coturn: build: context: ./docker/coturn/ container_name: kolab-coturn healthcheck: interval: 10s test: "kill -0 $$(cat /tmp/turnserver.pid)" timeout: 5s retries: 30 environment: - TURN_PUBLIC_IP=${COTURN_PUBLIC_IP} - TURN_LISTEN_PORT=3478 - TURN_STATIC_SECRET=${COTURN_STATIC_SECRET} hostname: sturn.mgmt.com image: kolab-coturn network_mode: host restart: on-failure tty: true kolab: build: context: ./docker/kolab/ container_name: kolab privileged: true depends_on: mariadb: condition: service_healthy pdns: condition: service_healthy extra_hosts: - "kolab.mgmt.com:127.0.0.1" - "services.${APP_DOMAIN}:172.18.0.4" environment: - APP_DOMAIN=${APP_DOMAIN} - LDAP_HOST=127.0.0.1 - LDAP_ADMIN_BIND_DN="cn=Directory Manager" - LDAP_ADMIN_BIND_PW=Welcome2KolabSystems - DB_HOST=mariadb - DB_ROOT_PASSWORD=Welcome2KolabSystems - DB_HKCCP_DATABASE=${DB_DATABASE} - DB_HKCCP_USERNAME=${DB_USERNAME} - DB_HKCCP_PASSWORD=${DB_PASSWORD} - DB_KOLAB_DATABASE=kolab - DB_KOLAB_USERNAME=kolab - DB_KOLAB_PASSWORD=Welcome2KolabSystems - DB_RC_USERNAME=roundcube - DB_RC_PASSWORD=Welcome2KolabSystems - SSL_CERTIFICATE=${KOLAB_SSL_CERTIFICATE:?err} - SSL_CERTIFICATE_FULLCHAIN=${KOLAB_SSL_CERTIFICATE_FULLCHAIN:?err} - SSL_CERTIFICATE_KEY=${KOLAB_SSL_CERTIFICATE_KEY:?err} - IMAP_HOST=127.0.0.1 - IMAP_PORT=11993 - MAIL_HOST=127.0.0.1 - MAIL_PORT=10587 healthcheck: interval: 10s test: "systemctl is-active kolab-init || exit 1" timeout: 5s retries: 30 start_period: 5m # This makes docker's dns, resolve via pdns for this container. # Please note it does not affect /etc/resolv.conf dns: 172.18.0.11 hostname: kolab.mgmt.com image: kolab networks: kolab: ipv4_address: 172.18.0.5 ports: - "12143:12143" tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: - ./ext/:/src/:ro - /etc/letsencrypt/:/etc/letsencrypt/:ro - ./docker/certs/ca.cert:/etc/pki/tls/certs/ca.cert:ro - ./docker/certs/ca.cert:/etc/pki/ca-trust/source/anchors/ca.cert:ro - ./docker/certs/kolab.hosted.com.cert:${KOLAB_SSL_CERTIFICATE:?err} - ./docker/certs/kolab.hosted.com.chain.pem:${KOLAB_SSL_CERTIFICATE_FULLCHAIN:?err} - ./docker/certs/kolab.hosted.com.key:${KOLAB_SSL_CERTIFICATE_KEY:?err} - ./docker/kolab/utils:/root/utils:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro - imap:/imapdata - ldap:/ldapdata mariadb: container_name: kolab-mariadb environment: - MARIADB_ROOT_PASSWORD=Welcome2KolabSystems - TZ="+02:00" - DB_HKCCP_DATABASE=${DB_DATABASE} - DB_HKCCP_USERNAME=${DB_USERNAME} - DB_HKCCP_PASSWORD=${DB_PASSWORD} healthcheck: interval: 10s test: test -e /var/run/mysqld/mysqld.sock timeout: 5s retries: 30 image: mariadb:latest networks: - kolab volumes: - ./docker/mariadb/mysql-init/:/docker-entrypoint-initdb.d/ - mariadb:/var/lib/mysql haproxy: depends_on: proxy: condition: service_healthy build: context: ./docker/haproxy/ healthcheck: interval: 10s test: "kill -0 $$(cat /var/run/haproxy.pid)" timeout: 5s retries: 30 container_name: kolab-haproxy hostname: haproxy.hosted.com image: kolab-haproxy networks: - kolab tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: - ./docker/certs/:/etc/certs/:ro - /etc/letsencrypt/:/etc/letsencrypt/:ro pdns: build: context: ./docker/pdns/ container_name: kolab-pdns hostname: pdns depends_on: mariadb: condition: service_healthy healthcheck: interval: 10s test: "systemctl status pdns || exit 1" timeout: 5s retries: 30 image: kolab-pdns networks: kolab: ipv4_address: 172.18.0.11 tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro proxy: depends_on: kolab: condition: service_healthy webapp: condition: service_healthy build: context: ./docker/proxy/ args: APP_WEBSITE_DOMAIN: ${APP_WEBSITE_DOMAIN:?err} SSL_CERTIFICATE: ${PROXY_SSL_CERTIFICATE:?err} SSL_CERTIFICATE_KEY: ${PROXY_SSL_CERTIFICATE_KEY:?err} healthcheck: interval: 10s test: "kill -0 $$(cat /run/nginx.pid)" timeout: 5s retries: 30 container_name: kolab-proxy hostname: proxy image: kolab-proxy extra_hosts: - "meet:${MEET_LISTENING_HOST}" networks: kolab: ipv4_address: 172.18.0.7 tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: - ./docker/certs/:/etc/certs/:ro - /etc/letsencrypt/:/etc/letsencrypt/:ro ports: # - "80:80" - "443:443" - "465:465" - "587:587" - "143:143" - "993:993" redis: build: context: ./docker/redis/ healthcheck: interval: 10s test: "redis-cli ping || exit 1" timeout: 5s retries: 30 container_name: kolab-redis hostname: redis image: redis networks: - kolab volumes: - ./docker/redis/redis.conf:/usr/local/etc/redis/redis.conf:ro # ports: # - "6379:6379" webapp: build: context: ./docker/webapp/ container_name: kolab-webapp image: kolab-webapp healthcheck: interval: 10s test: "/src/kolabsrc/artisan octane:status || exit 1" timeout: 5s retries: 30 start_period: 5m depends_on: kolab: condition: service_healthy redis: condition: service_healthy networks: kolab: ipv4_address: 172.18.0.4 volumes: - ./src:/src/kolabsrc.orig:ro ports: - "8000:8000" meet: build: context: ./docker/meet/ healthcheck: interval: 10s test: "curl --insecure -H 'X-AUTH-TOKEN: ${MEET_SERVER_TOKEN}' --fail https://${MEET_LISTENING_HOST}:12443/meetmedia/api/health || exit 1" timeout: 5s retries: 30 start_period: 5m environment: - WEBRTC_LISTEN_IP=${MEET_WEBRTC_LISTEN_IP:?err} - PUBLIC_DOMAIN=${MEET_PUBLIC_DOMAIN:?err} - LISTENING_HOST=${MEET_LISTENING_HOST:?err} - LISTENING_PORT=12443 - TURN_SERVER=${MEET_TURN_SERVER} - TURN_STATIC_SECRET=${COTURN_STATIC_SECRET} - AUTH_TOKEN=${MEET_SERVER_TOKEN:?err} - WEBHOOK_TOKEN=${MEET_WEBHOOK_TOKEN:?err} - WEBHOOK_URL=${APP_PUBLIC_URL:?err}/api/webhooks/meet - SSL_CERT=/etc/pki/tls/certs/meet.${APP_WEBSITE_DOMAIN:?err}.cert - SSL_KEY=/etc/pki/tls/private/meet.${APP_WEBSITE_DOMAIN:?err}.key network_mode: host container_name: kolab-meet image: kolab-meet volumes: - ./meet/server:/src/meet/:ro - ./docker/certs/meet.${APP_WEBSITE_DOMAIN}.cert:/etc/pki/tls/certs/meet.${APP_WEBSITE_DOMAIN}.cert - ./docker/certs/meet.${APP_WEBSITE_DOMAIN}.key:/etc/pki/tls/private/meet.${APP_WEBSITE_DOMAIN}.key imap-backend: build: context: ./docker/imap-backend/ container_name: imap-backend privileged: true depends_on: pdns: condition: service_healthy # This makes docker's dns, resolve via pdns for this container. # Please note it does not affect /etc/resolv.conf dns: 172.18.0.11 hostname: kolab.mgmt.com image: imap-backend extra_hosts: - "services.${APP_DOMAIN}:172.18.0.4" networks: kolab: ipv4_address: 172.18.0.20 ports: - "8993:993" - "8143:143" - "8080:80" - "8443:443" tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: - /etc/letsencrypt/:/etc/letsencrypt/:ro - ./docker/certs/ca.cert:/etc/pki/tls/certs/ca.cert:ro - ./docker/certs/ca.cert:/etc/pki/ca-trust/source/anchors/ca.cert:ro - ./docker/certs/kolab.hosted.com.cert:${KOLAB_SSL_CERTIFICATE:?err} - ./docker/certs/kolab.hosted.com.chain.pem:${KOLAB_SSL_CERTIFICATE_FULLCHAIN:?err} - ./docker/certs/kolab.hosted.com.key:${KOLAB_SSL_CERTIFICATE_KEY:?err} - ./docker/kolab/utils:/root/utils:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro imap-frontend: build: context: ./docker/imap-frontend/ container_name: imap-frontend privileged: true depends_on: pdns: condition: service_healthy # This makes docker's dns, resolve via pdns for this container. # Please note it does not affect /etc/resolv.conf dns: 172.18.0.11 hostname: kolab.mgmt.com image: imap-frontend extra_hosts: - "services.${APP_DOMAIN}:172.18.0.4" # Somehow necessary for caldav because it connects to the backend not via imap-backend but the full hostname imap.backend.${APP_DOMAIN} - "imap-backend.${APP_DOMAIN}:172.18.0.20" networks: kolab: ipv4_address: 172.18.0.21 ports: - "7993:993" - "7143:143" - "7080:80" - "7443:443" tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: - /etc/letsencrypt/:/etc/letsencrypt/:ro - ./docker/certs/ca.cert:/etc/pki/tls/certs/ca.cert:ro - ./docker/certs/ca.cert:/etc/pki/ca-trust/source/anchors/ca.cert:ro - ./docker/certs/kolab.hosted.com.cert:${KOLAB_SSL_CERTIFICATE:?err} - ./docker/certs/kolab.hosted.com.chain.pem:${KOLAB_SSL_CERTIFICATE_FULLCHAIN:?err} - ./docker/certs/kolab.hosted.com.key:${KOLAB_SSL_CERTIFICATE_KEY:?err} - ./docker/kolab/utils:/root/utils:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro - /home/mollekopf/src/cyrus-imapd:/root/cyrus-imapd + imap-mupdate: + build: + context: ./docker/imap-mupdate/ + container_name: imap-mupdate + privileged: true + depends_on: + pdns: + condition: service_healthy + # This makes docker's dns, resolve via pdns for this container. + # Please note it does not affect /etc/resolv.conf + dns: 172.18.0.11 + hostname: kolab.mgmt.com + image: imap-mupdate + extra_hosts: + - "services.${APP_DOMAIN}:172.18.0.4" + networks: + kolab: + ipv4_address: 172.18.0.22 + tmpfs: + - /run + - /tmp + - /var/run + - /var/tmp + tty: true + volumes: + - /etc/letsencrypt/:/etc/letsencrypt/:ro + - ./docker/certs/ca.cert:/etc/pki/tls/certs/ca.cert:ro + - ./docker/certs/ca.cert:/etc/pki/ca-trust/source/anchors/ca.cert:ro + - ./docker/certs/kolab.hosted.com.cert:${KOLAB_SSL_CERTIFICATE:?err} + - ./docker/certs/kolab.hosted.com.chain.pem:${KOLAB_SSL_CERTIFICATE_FULLCHAIN:?err} + - ./docker/certs/kolab.hosted.com.key:${KOLAB_SSL_CERTIFICATE_KEY:?err} + - ./docker/kolab/utils:/root/utils:ro + - /sys/fs/cgroup:/sys/fs/cgroup:ro + - /home/mollekopf/src/cyrus-imapd:/root/cyrus-imapd networks: kolab: driver: bridge ipam: config: - subnet: "172.18.0.0/24" volumes: mariadb: imap: ldap: diff --git a/docker/imap-backend/imapd.conf b/docker/imap-backend/imapd.conf index f11df04..dfd563d 100644 --- a/docker/imap-backend/imapd.conf +++ b/docker/imap-backend/imapd.conf @@ -1,98 +1,98 @@ servername: imap-backend.kolab.local configdirectory: /var/lib/imap defaultpartition: default metapartition_files: annotations cache expunge header index partition-default: /var/spool/imap/ sievedir: /var/lib/imap/sieve autocreate_quota: 5242880 idlesocket: /var/lib/imap/socket/idle disable_shared_namespace: 1 disable_user_namespace: 1 duplicate_db_path: /run/cyrus/db/deliver.db mboxname_lockpath: /run/cyrus/lock proc_path: /run/cyrus/proc # Apparently does not work ##ptscache_db_path: /var/tmp/cyrus-imapd/ptscache.db statuscache_db_path: /run/cyrus/db/statuscache.db temp_path: /tmp tls_sessions_db_path: /run/cyrus/db/tls_sessions.db sendmail: /usr/sbin/sendmail admins: cyrus-admin sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN LOGIN allowplaintext: yes lmtp_over_quota_perm_failure: 1 #tls_server_cert: /etc/pki/tls/private/aphy.app.pem #tls_server_key: /etc/pki/tls/private/aphy.app.pem #tls_server_ca_file: /etc/pki/tls/certs/zrh1.infra.aphy.app.ca.cert tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem tls_client_certs: off tls_ciphers: kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES tls_prefer_server_ciphers: 1 tls_versions: tls1_3 maxlogins_per_user: 50 proxyd_disable_mailbox_referrals: 0 httpmodules: caldav carddav domainkey freebusy ischedule rss webdav unixhierarchysep: 1 virtdomains: userid sieve_extensions: fileinto reject envelope body vacation imap4flags include regex subaddress relational copy date allowallsubscribe: 0 anyoneuseracl: 0 allowusermoves: 1 altnamespace: 1 disconnect_on_vanished_mailbox: 1 hashimapspool: 1 anysievefolder: 1 fulldirhash: 0 sieve_maxscripts: 150 sieve_maxscriptsize: 128 sieveusehomedir: 0 sieve_allowreferrals: 0 sieve_utf8fileinto: 1 lmtp_downcase_rcpt: 1 lmtp_fuzzy_mailbox_match: 1 username_tolower: 1 deletedprefix: DELETED delete_mode: delayed expunge_mode: delayed postuser: shared tcp_keepalive: 1 syslog_prefix: cyrus-imapd # mupdate is enabled mupdate_config: standard -mupdate_server: imap-frontend +mupdate_server: imap-mupdate mupdate_port: 3905 mupdate_authname: cyrus-admin mupdate_username: cyrus-admin mupdate_password: Welcome2KolabSystems # proxy authentication for these users proxyservers: cyrus-admin # sync is enabled #sync_try_imap: 0 #sync_log_chain: false #sync_authname: cyrus #sync_password: simple123 #sync_log: 1 #sync_repeat_interval: 10 #sync_shutdown_file: /var/lib/imap/sync_shutdown diff --git a/docker/imap-frontend/cyrus.conf b/docker/imap-frontend/cyrus.conf index b22f78b..aefb1c1 100644 --- a/docker/imap-frontend/cyrus.conf +++ b/docker/imap-frontend/cyrus.conf @@ -1,26 +1,26 @@ START { # do not delete this entry! recover cmd="ctl_cyrusdb -r" } SERVICES { - mupdate cmd="mupdate -m" listen=3905 prefork=1 + mupdate cmd="mupdate" listen=3905 prefork=1 imap cmd="proxyd" listen="imap" proto="tcp" prefork=1 maxchild=4096 imaps cmd="proxyd -s" listen="imaps" proto="tcp" prefork=1 maxchild=4096 http cmd="httpd" listen="http" prefork=0 https cmd="httpd -s" listen="https" prefork=0 sieve cmd="timsieved" listen="sieve" proto="tcp" prefork=1 lmtp cmd="lmtpd -a" listen="lmtp" proto="tcp" prefork=2 } EVENTS { # this is required checkpoint cmd="ctl_cyrusdb -c" period="30" # this is only necessary if caching TLS sessions tlsprune cmd="tls_prune" at="0400" } diff --git a/docker/imap-frontend/imapd.conf b/docker/imap-frontend/imapd.conf index 183f5cf..97a78cd 100644 --- a/docker/imap-frontend/imapd.conf +++ b/docker/imap-frontend/imapd.conf @@ -1,89 +1,91 @@ servername: imap-frontend.kolab.local configdirectory: /var/lib/imap +defaultpartition: default +partition-default: /var/spool/imap autocreate_quota: 5242880 idlesocket: /var/lib/imap/socket/idle disable_shared_namespace: 1 disable_user_namespace: 1 duplicate_db_path: /var/lib/imap/deliver.db mboxname_lockpath: /var/lib/imap/lock proc_path: /var/lib/imap/proc # Apparently does not work ##ptscache_db_path: /var/tmp/cyrus-imapd/ptscache.db statuscache_db_path: /var/lib/imap/statuscache.db temp_path: /tmp tls_sessions_db_path: /run/cyrus/db/tls_sessions.db sendmail: /usr/sbin/sendmail admins: cyrus-admin sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN LOGIN allowplaintext: yes lmtp_over_quota_perm_failure: 1 #tls_server_cert: /etc/pki/tls/private/aphy.app.pem #tls_server_key: /etc/pki/tls/private/aphy.app.pem #tls_server_ca_file: /etc/pki/tls/certs/zrh1.infra.aphy.app.ca.cert tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem tls_client_certs: off tls_ciphers: kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES tls_prefer_server_ciphers: 1 sieve_tls_versions: tls1_0 tls1_1 tls1_2 tls_versions: tls1_3 maxlogins_per_user: 50 # Disable mailbox referrals for all clients, as the referrals will point # addresses the client cannot reach. proxyd_disable_mailbox_referrals: 1 serverlist: imap-backend httpmodules: caldav carddav domainkey freebusy ischedule rss webdav unixhierarchysep: 1 virtdomains: userid sieve_extensions: fileinto reject envelope body vacation imap4flags include regex subaddress relational copy date allowallsubscribe: 0 anyoneuseracl: 0 allowusermoves: 1 altnamespace: 1 disconnect_on_vanished_mailbox: 1 hashimapspool: 1 anysievefolder: 1 fulldirhash: 0 sieve_maxscripts: 150 sieve_maxscriptsize: 128 sieveusehomedir: 0 sieve_allowreferrals: 0 sieve_utf8fileinto: 1 lmtp_downcase_rcpt: 1 lmtp_fuzzy_mailbox_match: 1 username_tolower: 1 deletedprefix: DELETED delete_mode: delayed expunge_mode: delayed postuser: shared tcp_keepalive: 1 syslog_prefix: cyrus-imapd # mupdate is enabled #mupdate_config: standard -#mupdate_server: mupdate.zrh1.infra.aphy.app -#mupdate_port: 3905 -#mupdate_authname: cyrus-admin -#mupdate_username: cyrus-admin -#mupdate_password: Welcome2KolabSystems +mupdate_server: imap-mupdate +mupdate_port: 3905 +mupdate_authname: cyrus-admin +mupdate_username: cyrus-admin +mupdate_password: Welcome2KolabSystems # proxy authentication against backends proxy_authname: cyrus-admin proxy_password: Welcome2KolabSystems diff --git a/docker/imap-mupdate/Dockerfile b/docker/imap-mupdate/Dockerfile new file mode 100644 index 0000000..9c7a26e --- /dev/null +++ b/docker/imap-mupdate/Dockerfile @@ -0,0 +1,73 @@ +FROM quay.io/centos/centos:stream8 + +LABEL maintainer="contact@apheleia-it.ch" +LABEL dist=centos8 +LABEL tier=${TIER} + +ENV SYSTEMD_PAGER='' +ENV DISTRO=centos8 +ENV LANG=en_US.utf8 +ENV LC_ALL=en_US.utf8 + +# Add EPEL. +RUN dnf config-manager --set-enabled powertools && \ + dnf -y install \ + epel-release epel-next-release && \ + dnf -y module enable 389-directory-server:stable/default && \ + dnf -y module enable mariadb:10.3 && \ + dnf -y install iputils vim-enhanced bind-utils && \ + dnf clean all +RUN rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8 + +# Install kolab +RUN rpm --import https://mirror.apheleia-it.ch/repos/Kolab:/16/key.asc && \ + rpm -Uvh https://mirror.apheleia-it.ch/repos/Kolab:/16/kolab-16-for-el8stream.rpm +RUN sed -i -e '/^ssl/d' /etc/yum.repos.d/kolab*.repo && \ + dnf -y --setopt tsflags= install patch &&\ + dnf clean all + +RUN sed -i -r -e 's/^SELINUX=.*$/SELINUX=permissive/g' /etc/selinux/config 2>/dev/null || : + +WORKDIR /root/ + +RUN dnf -y install git +RUN dnf -y group install "Development Tools" +RUN git clone https://github.com/cyrusimap/cyrus-imapd + +RUN dnf -y install autoconf automake bison cyrus-sasl-devel flex gcc gperf jansson-devel libbsd-devel libtool libicu-devel libuuid-devel openssl-devel pkgconfig sqlite-devel brotli-devel libical-devel libxml2-devel libnghttp2-devel shapelib zlib-devel pcre-devel + +RUN dnf -y install perl-devel +RUN dnf -y install cyrus-imapd cyrus-sasl cyrus-sasl-plain +# wslay-devel +#libchardet-devel + # cld2-devel + # +COPY cyrus.conf /etc/cyrus.conf +COPY imapd.conf /etc/imapd.conf +COPY imapd.annotations.conf /etc/imapd.annotations.conf +COPY saslauthd.conf /etc/saslauthd.conf + +RUN cd cyrus-imapd && \ + git checkout cyrus-imapd-3.4 && \ + autoreconf -i && \ + ./configure CFLAGS="-W -Wno-unused-parameter -g -O0 -Wall -Wextra -Werror -fPIC" --enable-murder --enable-http --enable-calalarmd --enable-autocreate --enable-idled --with-openssl=yes --prefix=/usr && \ + make -j6 && \ + make install + +COPY cyrus-imapd.service /etc/systemd/system/cyrus-imapd.service + + +# RUN useradd -g mail cyrus + +ADD kolab.hosted.com.cert /etc/pki/tls/certs/kolab.hosted.com.cert +ADD kolab.hosted.com.chain.pem /etc/pki/tls/certs/kolab.hosted.com.chain.pem +ADD kolab.hosted.com.key /etc/pki/tls/certs/kolab.hosted.com.key +RUN mkdir -p /etc/pki/cyrus-imapd/ && cat /etc/pki/tls/certs/kolab.hosted.com.cert /etc/pki/tls/certs/kolab.hosted.com.chain.pem /etc/pki/tls/certs/kolab.hosted.com.key > /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem && \ + chown cyrus:mail /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem + +RUN sed -i "s/MECH=.*/MECH=httpform/" /etc/sysconfig/saslauthd +RUN systemctl enable cyrus-imapd && systemctl enable saslauthd + +CMD ["/lib/systemd/systemd"] + +EXPOSE 143/tcp 993/tcp 80/tcp 443/tcp diff --git a/docker/imap-mupdate/cyrus-imapd.service b/docker/imap-mupdate/cyrus-imapd.service new file mode 100644 index 0000000..72ae96f --- /dev/null +++ b/docker/imap-mupdate/cyrus-imapd.service @@ -0,0 +1,22 @@ +[Unit] +Description=Cyrus-imapd IMAP/POP3 email server +After=local-fs.target network-online.target + +#Requires=cyrus-imapd-init.service +#After=cyrus-imapd-init.service + +[Service] +Type=simple +#EnvironmentFile=/etc/sysconfig/cyrus-imapd +#ExecStart=/usr/libexec/cyrus-imapd/cyrus-master $CYRUSOPTIONS +ExecStart=/usr/libexec/master +PrivateTmp=true + +# Cyrus may spawn many processes in normal operation. These figures are higher +# than the defaults, but may still need to be tuned for your local +# configuration. +TasksMax=2048 +LimitNOFILE=16384 + +[Install] +WantedBy=multi-user.target diff --git a/docker/imap-mupdate/cyrus.conf b/docker/imap-mupdate/cyrus.conf new file mode 100644 index 0000000..0ba160d --- /dev/null +++ b/docker/imap-mupdate/cyrus.conf @@ -0,0 +1,13 @@ +START { + # do not delete this entry! + recover cmd="ctl_cyrusdb -r" +} + +SERVICES { + mupdate cmd="mupdate -m" listen=3905 prefork=1 +} + +EVENTS { + # this is required + checkpoint cmd="ctl_cyrusdb -c" period="30" +} diff --git a/docker/imap-mupdate/imapd.annotations.conf b/docker/imap-mupdate/imapd.annotations.conf new file mode 100644 index 0000000..3b03bfa --- /dev/null +++ b/docker/imap-mupdate/imapd.annotations.conf @@ -0,0 +1,11 @@ +/vendor/kolab/activesync,mailbox,string,backend,value.priv,r +/vendor/kolab/color,mailbox,string,backend,value.shared value.priv,a +/vendor/kolab/displayname,mailbox,string,backend,value.shared value.priv,a +/vendor/kolab/folder-test,mailbox,string,backend,value.shared value.priv,a +/vendor/kolab/folder-type,mailbox,string,backend,value.shared value.priv,a +/vendor/kolab/incidences-for,mailbox,string,backend,value.shared value.priv,a +/vendor/kolab/pxfb-readable-for,mailbox,string,backend,value.shared value.priv,a +/vendor/kolab/uniqueid,mailbox,string,backend,value.shared value.priv,a +/vendor/kolab/h-share-attr-desc,mailbox,string,backend,value.shared value.priv,a +/vendor/horde/share-params,mailbox,string,backend,value.shared value.priv,a +/vendor/x-toltec/test,mailbox,string,backend,value.shared value.priv,a diff --git a/docker/imap-frontend/imapd.conf b/docker/imap-mupdate/imapd.conf similarity index 65% copy from docker/imap-frontend/imapd.conf copy to docker/imap-mupdate/imapd.conf index 183f5cf..77ccc23 100644 --- a/docker/imap-frontend/imapd.conf +++ b/docker/imap-mupdate/imapd.conf @@ -1,89 +1,63 @@ -servername: imap-frontend.kolab.local +servername: imap-mupdate.kolab.local configdirectory: /var/lib/imap +defaultpartition: default +partition-default: /var/spool/imap/ autocreate_quota: 5242880 idlesocket: /var/lib/imap/socket/idle disable_shared_namespace: 1 disable_user_namespace: 1 duplicate_db_path: /var/lib/imap/deliver.db mboxname_lockpath: /var/lib/imap/lock proc_path: /var/lib/imap/proc # Apparently does not work ##ptscache_db_path: /var/tmp/cyrus-imapd/ptscache.db statuscache_db_path: /var/lib/imap/statuscache.db temp_path: /tmp tls_sessions_db_path: /run/cyrus/db/tls_sessions.db -sendmail: /usr/sbin/sendmail admins: cyrus-admin sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN LOGIN allowplaintext: yes lmtp_over_quota_perm_failure: 1 -#tls_server_cert: /etc/pki/tls/private/aphy.app.pem -#tls_server_key: /etc/pki/tls/private/aphy.app.pem -#tls_server_ca_file: /etc/pki/tls/certs/zrh1.infra.aphy.app.ca.cert tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem tls_client_certs: off tls_ciphers: kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES tls_prefer_server_ciphers: 1 sieve_tls_versions: tls1_0 tls1_1 tls1_2 tls_versions: tls1_3 -maxlogins_per_user: 50 -# Disable mailbox referrals for all clients, as the referrals will point -# addresses the client cannot reach. -proxyd_disable_mailbox_referrals: 1 - -serverlist: imap-backend - -httpmodules: caldav carddav domainkey freebusy ischedule rss webdav - - unixhierarchysep: 1 virtdomains: userid sieve_extensions: fileinto reject envelope body vacation imap4flags include regex subaddress relational copy date allowallsubscribe: 0 anyoneuseracl: 0 allowusermoves: 1 altnamespace: 1 disconnect_on_vanished_mailbox: 1 hashimapspool: 1 anysievefolder: 1 fulldirhash: 0 sieve_maxscripts: 150 sieve_maxscriptsize: 128 sieveusehomedir: 0 sieve_allowreferrals: 0 sieve_utf8fileinto: 1 lmtp_downcase_rcpt: 1 lmtp_fuzzy_mailbox_match: 1 username_tolower: 1 deletedprefix: DELETED delete_mode: delayed expunge_mode: delayed postuser: shared tcp_keepalive: 1 syslog_prefix: cyrus-imapd - - - -# mupdate is enabled -#mupdate_config: standard -#mupdate_server: mupdate.zrh1.infra.aphy.app -#mupdate_port: 3905 -#mupdate_authname: cyrus-admin -#mupdate_username: cyrus-admin -#mupdate_password: Welcome2KolabSystems - -# proxy authentication against backends -proxy_authname: cyrus-admin -proxy_password: Welcome2KolabSystems diff --git a/docker/imap-mupdate/kolab.hosted.com.cert b/docker/imap-mupdate/kolab.hosted.com.cert new file mode 100644 index 0000000..8f8a52a --- /dev/null +++ b/docker/imap-mupdate/kolab.hosted.com.cert @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIE8jCCAtqgAwIBAgIUPetq90+aimhTrG2eRliFXaWLW14wDQYJKoZIhvcNAQEL +BQAwFTETMBEGA1UECgwKRXhhbXBsZSBDQTAeFw0yMjA5MzAxNTA2MzRaFw0yMjEw +MjgxNTA2MzRaMDAxEzARBgNVBAoMCkV4YW1wbGUgQ0ExGTAXBgNVBAMMEGtvbGFi +Lmhvc3RlZC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCxL844 +iQMUTX43YWQ+U/eDgc5z0kMIFfPayhkL5UFgmefZ8zwii5EwK7KuLd0NK4qFKJOF +RRkphLWAYuhEem7jfbRqrxcKuZdyY67pEWIlVe/9ha9RaAa2ET9utyredFk5MwgQ +ujQA37cpeKRFZQ96YFhZtGGH17x+sbeZQfUQ6Qwoxdc4ZDFj1tQ4WCghTHSlRII4 +VKEA6PRyBBjUyYLrCjyBVijiqV6zb+/5biHxb5ChtDceD+gtAWrGRpQHs2WsSH1M +s7FbT8S2sXT5bg1BNZZRSrcLmLaD62GOmbxiG1V3qU+iJ311FwsUVo6xMfuKmcPI +5X5BC2atQe1zWRzfyM076z+6vBsUjie9skz81CY841PKgx/6VPeCpETYv2kaYqdS +6ASdVVKv/UFU2TAbwUppo2rD10gPaVH4thTDOH68Z5wV5yTeWSJzn7Kqj8ILLQ6c +EPWr1vXqXDnir0bFDhpprqwMkDxbZ2NkVI9gIOsZcEIyvJV5/9pjTdbKWPCUrBDX +iJAlyTx95M/B9UK9h98ZixnpOcDGY2gNhGiWSGANlXnhfIrpra03ov2GXmFnzSez +3mH5vqvufRZvEcBmDW/VUdVADh2bm6UVHAfrjSrlrnSIEPRMplyWJ0VwyG7UUsjp +k81Q1PU/WSmkMyo5an/pwvxXYTjAOm+CVhR1kwIDAQABox8wHTAbBgNVHREEFDAS +ghBrb2xhYi5ob3N0ZWQuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQBSA4QSLZMaDq0f +rnc/nEAKZrHz0UTMqZLY+dlKn6TRqIlNrSa1VV3koPnyF1VxU/3JVJsoqiDJ4f5B +jSPoURUUGLc5/fpUuZfXyOrpjlSAmLFhEZMZi98XSJeB4kt7/s+Fs851OteKQZq2 +8TQPlfTc69FIpgypUYI7Nf6fQY2mf92RoFVRlBu0NR41wt0xrfTVU29tv4EDFQNA +Z+1yPfQt6NjwzILPnHBivyUFG8JIxsuXWUiPQ04qv34iq16jyquhK3EQ7ylCnmrO +6Yd+bROj5VwblcF+hBl28Jcpr2q8/pSv1GtkU+Yw0yFjqYqXAmtZoJYapITY0CDs +kP+XEbHNMkxz0SC7ua2BMRtbPRjAqNkU9V8tZJla+HiVUL1bJHHPtrrJ27e6Nbv+ +2QpW8zqD/EmIAjMBFr0v/VlE4mlm7G6bOOiIppkpe9ZSvBoKCpCPoIyYgflOzkr5 +Myl8p7mAN8CeXgyzOwVFVaYjhGVDBxArcFAwhwdj7RJLHnIholbWEUGGak8yJjGj +RayqSQZxUa1fTqsQwtjOnhFpnl4wsKIDq/6BavUxrcKJdJOz44KDS61l7i5YAYbl +FRr9kUFaw9sZqx0EQI+cbeDdBrdh7XsMTNQ17SZrb6Ck5KqUZ7SYUIKHWvudQlpd +GYjxjUbNtebeeSMAdS7C3FtwBFIxhw== +-----END CERTIFICATE----- diff --git a/docker/imap-mupdate/kolab.hosted.com.chain.pem b/docker/imap-mupdate/kolab.hosted.com.chain.pem new file mode 100644 index 0000000..13e8193 --- /dev/null +++ b/docker/imap-mupdate/kolab.hosted.com.chain.pem @@ -0,0 +1,58 @@ +-----BEGIN CERTIFICATE----- +MIIE8jCCAtqgAwIBAgIUPetq90+aimhTrG2eRliFXaWLW14wDQYJKoZIhvcNAQEL +BQAwFTETMBEGA1UECgwKRXhhbXBsZSBDQTAeFw0yMjA5MzAxNTA2MzRaFw0yMjEw +MjgxNTA2MzRaMDAxEzARBgNVBAoMCkV4YW1wbGUgQ0ExGTAXBgNVBAMMEGtvbGFi +Lmhvc3RlZC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCxL844 +iQMUTX43YWQ+U/eDgc5z0kMIFfPayhkL5UFgmefZ8zwii5EwK7KuLd0NK4qFKJOF +RRkphLWAYuhEem7jfbRqrxcKuZdyY67pEWIlVe/9ha9RaAa2ET9utyredFk5MwgQ +ujQA37cpeKRFZQ96YFhZtGGH17x+sbeZQfUQ6Qwoxdc4ZDFj1tQ4WCghTHSlRII4 +VKEA6PRyBBjUyYLrCjyBVijiqV6zb+/5biHxb5ChtDceD+gtAWrGRpQHs2WsSH1M +s7FbT8S2sXT5bg1BNZZRSrcLmLaD62GOmbxiG1V3qU+iJ311FwsUVo6xMfuKmcPI +5X5BC2atQe1zWRzfyM076z+6vBsUjie9skz81CY841PKgx/6VPeCpETYv2kaYqdS +6ASdVVKv/UFU2TAbwUppo2rD10gPaVH4thTDOH68Z5wV5yTeWSJzn7Kqj8ILLQ6c +EPWr1vXqXDnir0bFDhpprqwMkDxbZ2NkVI9gIOsZcEIyvJV5/9pjTdbKWPCUrBDX +iJAlyTx95M/B9UK9h98ZixnpOcDGY2gNhGiWSGANlXnhfIrpra03ov2GXmFnzSez +3mH5vqvufRZvEcBmDW/VUdVADh2bm6UVHAfrjSrlrnSIEPRMplyWJ0VwyG7UUsjp +k81Q1PU/WSmkMyo5an/pwvxXYTjAOm+CVhR1kwIDAQABox8wHTAbBgNVHREEFDAS +ghBrb2xhYi5ob3N0ZWQuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQBSA4QSLZMaDq0f +rnc/nEAKZrHz0UTMqZLY+dlKn6TRqIlNrSa1VV3koPnyF1VxU/3JVJsoqiDJ4f5B +jSPoURUUGLc5/fpUuZfXyOrpjlSAmLFhEZMZi98XSJeB4kt7/s+Fs851OteKQZq2 +8TQPlfTc69FIpgypUYI7Nf6fQY2mf92RoFVRlBu0NR41wt0xrfTVU29tv4EDFQNA +Z+1yPfQt6NjwzILPnHBivyUFG8JIxsuXWUiPQ04qv34iq16jyquhK3EQ7ylCnmrO +6Yd+bROj5VwblcF+hBl28Jcpr2q8/pSv1GtkU+Yw0yFjqYqXAmtZoJYapITY0CDs +kP+XEbHNMkxz0SC7ua2BMRtbPRjAqNkU9V8tZJla+HiVUL1bJHHPtrrJ27e6Nbv+ +2QpW8zqD/EmIAjMBFr0v/VlE4mlm7G6bOOiIppkpe9ZSvBoKCpCPoIyYgflOzkr5 +Myl8p7mAN8CeXgyzOwVFVaYjhGVDBxArcFAwhwdj7RJLHnIholbWEUGGak8yJjGj +RayqSQZxUa1fTqsQwtjOnhFpnl4wsKIDq/6BavUxrcKJdJOz44KDS61l7i5YAYbl +FRr9kUFaw9sZqx0EQI+cbeDdBrdh7XsMTNQ17SZrb6Ck5KqUZ7SYUIKHWvudQlpd +GYjxjUbNtebeeSMAdS7C3FtwBFIxhw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFCzCCAvOgAwIBAgIUEvYwMxnGZGbpNdlgadZ/BTZhQaswDQYJKoZIhvcNAQEL +BQAwFTETMBEGA1UECgwKRXhhbXBsZSBDQTAeFw0yMDEyMjkxODU0MDdaFw0zMDEy +MjcxODU0MDdaMBUxEzARBgNVBAoMCkV4YW1wbGUgQ0EwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQDHK/c0eG4e1/cAIHmfPKQkt3p+P2+nsXypGEKTNoHj +77vUZzuyafnO+dSW3pHVw1UV1T28a+SWdpC2DCSxD/2JQ0upybilZVRWTuL6AZjC +iIV2yyd662H39/IJz3aQuHMwbgRM4ISzoODqUMWcAUhIYEJcXwG8FYDAhgNbW1sq +DTnnpJmeD87F8mZS4cOz+dZ1bcAkaqGNye4oLjlnkvRmsUMnHeLMhS0I7R0aeca1 +xq/8CnZApnUrHHYiVPhEZqz78/lUlNIb2Gu5U0buhGoQDpeLHpeJmTdFOxtHXic4 +pGczJiEPgpPMECCiPQu6kmerm6/85v10jQNwcQZOvYbpKrow26RRyPV92QfLY5uS +Cnxq51cjefXcRNAs47rBSsJ3ZnLJcTF1BpD69ckPUDobg7vNGwtpMtmi+xyCOxYb +M03v4GyCvEXIQHm6oafcu6yoGPRGH9eR7qrrYA9+laMZFuKhdXxcXPXUgQufL6U6 +cnGIG+31wFYMn2wKufYy+3or73zE45Hzo/lBStI/U6Mkn5jBEsOErNZlAD0zt8Pa +Jw6szEK2r9IXeuv++S4ASxduOZJVQo0NIwjt3AvP/J7TenJ52FawBKM5Qx8UsC/s +cqk0SlLYRCK98dFRc5GEYVXH9WgFeJqVz/Syc73WDzrspF0G0xKIyCst80pQvAlH +wwIDAQABo1MwUTAdBgNVHQ4EFgQUDKT/J+566qUX9mufxvdWiG6o24IwHwYDVR0j +BBgwFoAUDKT/J+566qUX9mufxvdWiG6o24IwDwYDVR0TAQH/BAUwAwEB/zANBgkq +hkiG9w0BAQsFAAOCAgEAaJ+oOp8rHoIEt5qCuoNKb/VlR8sX7YpzfqLb+6W0QoKP +KQjHMVi2z+uwMPjCjJSSm0AYVVVAWcWI/kIW7WJ9vaFQVuutWLF00xL/yYgFcG25 +3qML8BBncHanD6EXanRXoPE/aLXnEgOHYNhg/z94hQ2JNn97UpECbzzQBqPHTC8C +CcmZXM6slYYqoylZIOqU28d7Xo6ElJEQ7AxObwMaCUXid5rUceDwZSi+9OG49kmE +Q9MNZ+d4WSnarZLHAEQh/4bdBVUln5h4l2fqQrQLDMUj2oXPwRxXk57AW+zLFtrS +lC552wbWza6IIf8SJZDy8q47/WfKD1YDmy0NfFZxEf+ZG/7zh5fjm1qlKVoAjxI9 +quG+wK27rhMn6Ddo/DDpQ7+VaszZP+TZol5Hifda3cOPoTpoA/n77L/iVynGXtD8 +dhfAfVqRWhR3JgrQWmOyJ2SAc6Z1Ao68qBG+q9HXdIPjKS3Pj/EexMMVL0Qfbtfz +y26ZSlgQPSc9qmKcAYb9babzdf8ioq0f0UheM4QW0g4u5/TNpa+QcSCmdp5GfqMb +eeCXzExsrvcCUp0bPiXwLYCLYTZNgYW2wMsQVJDmlZuTTWikEcPG6QJYgMUPGyCH +UsAua3te00Dj9ikR8bMaXJc9ZEFPZzLyz1IbDyiRfBLVCKX+dH3VXQ7l0BnBmB8= +-----END CERTIFICATE----- diff --git a/docker/imap-mupdate/kolab.hosted.com.key b/docker/imap-mupdate/kolab.hosted.com.key new file mode 100644 index 0000000..3dcac09 --- /dev/null +++ b/docker/imap-mupdate/kolab.hosted.com.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAsS/OOIkDFE1+N2FkPlP3g4HOc9JDCBXz2soZC+VBYJnn2fM8 +IouRMCuyri3dDSuKhSiThUUZKYS1gGLoRHpu4320aq8XCrmXcmOu6RFiJVXv/YWv +UWgGthE/brcq3nRZOTMIELo0AN+3KXikRWUPemBYWbRhh9e8frG3mUH1EOkMKMXX +OGQxY9bUOFgoIUx0pUSCOFShAOj0cgQY1MmC6wo8gVYo4qles2/v+W4h8W+QobQ3 +Hg/oLQFqxkaUB7NlrEh9TLOxW0/EtrF0+W4NQTWWUUq3C5i2g+thjpm8YhtVd6lP +oid9dRcLFFaOsTH7ipnDyOV+QQtmrUHtc1kc38jNO+s/urwbFI4nvbJM/NQmPONT +yoMf+lT3gqRE2L9pGmKnUugEnVVSr/1BVNkwG8FKaaNqw9dID2lR+LYUwzh+vGec +Feck3lkic5+yqo/CCy0OnBD1q9b16lw54q9GxQ4aaa6sDJA8W2djZFSPYCDrGXBC +MryVef/aY03WyljwlKwQ14iQJck8feTPwfVCvYffGYsZ6TnAxmNoDYRolkhgDZV5 +4XyK6a2tN6L9hl5hZ80ns95h+b6r7n0WbxHAZg1v1VHVQA4dm5ulFRwH640q5a50 +iBD0TKZclidFcMhu1FLI6ZPNUNT1P1kppDMqOWp/6cL8V2E4wDpvglYUdZMCAwEA +AQKCAgACxLx0Ja/moU9Xji4Cy00SwPR42tAxUCZ/RKkfhnV/DOiSfzpxT7z1A7nG +/vB1RDjl27xyWKIMBAbR+rmmWENjSpOHFzVE9aFoKCaTfbIK40zcqToUC4wPTDWx +hSsmTqsWObXmjQJDATvbagcnDm0vfFHlFOxxMu2/DQfRXTZ3DS0jdfPm7anX5YNr +XfVCj+9Cpc9jEe9yFDG9llLNAFkLUx2e57m70Omp5BXbz9y36QZZgHdcAOOf0GXa +sz+c3zC3gGp0yFn9E0H/mMY7H30Vh8DRhFlX1QsFBKiBkeVfow2y0PJtljBfo/yI +VNHl8uH7SGvGt89BNOxlyKHtK3dIASx3z2E+hJMHIVrxReJS1ySf+cnhfONkCx6g +R+HcvD9dMyJtpyrTQmFsVaYBXWoJMYoRuEbXtYT7JwA2PWPcSr66J8S3WrkbbrWW +pI8gHofJrz63AJ7l3Da/90hNCrqd6AzlLmaK3q2Ev2Fd0sLrQ6a3fnZDyyLZwUyv +0IHwR1lnzLUHGh4QevMTOmU3aqUYt+dCXSG8uD9U3N0SFTpAE5q/AcQJciqxcdqW +J0kWfwVHA7OQIgGFdCk9ZbL/uOrUQ+3yPBJwbYaHk9GXkEekolEmbg2ZcUJ1fql+ +vX2prJkb7Zy4F5CiI5hBaI/VS5Fb3ysCqT+lExsMJXsbN+BgAQKCAQEA6QnAWhfT +gHMgoaPlDweDMKf3mNxhKXgACEopOo/yfZhCoSF1rwGA3c/1m4afFZzVT94m0XUt +/pJkQVCFmGapBVqfUUQZ15VVA6D0pOTs6LoryIUgkRm3H+wQl/IRWXm4iZU/Jx8z +5WSf6EX2l/DAv8SMGUOC3+HeIrJB5Vlew0JTBjeFTNNVkS7pJHDh3g68RsVn3OhA +k0koDZiZqsDiE3/m9c2CQ9rrSM2o9g2w2zsr5Zbn5JW1xYqdttJFnAdoj8E+SCaK +2uzvQ4JlIbMLT+QZxF/fjfcPZ0BxeAmQ74Y3tCrVjwE1zd/o0p8H6/IfNAPxCrUg +PvtqApI7kslNdwKCAQEAwqU8muRtx0UG0/8wbl9LRaB9sACXqG++rAJ/ySu+usp7 +IZ2q0uSBKlcMnST06LmfjJtyO9GWwYmAKSojtyeujGLjdqA0M3H/YUAocVySPQ3R +om/rqmJV7+LOQja8k+Lj2dHbtJ6HXL7gRZYgtG8dvKfEC44fgwpi04vaHA05Q0J4 +HqRecnIp9yoJYkJsIBMqARsglSsyJ3RXSVO3RpJgvit/fumRq6cXQd2ONSBjfDS5 +qOvWlWJmjXTtCirOexWxzSEMiIOVNXNlwdfXgoelv9ScHRLIzAOM91zK8CIVSDZ6 +8HSm8p2t+HwWUjslbY4+FMODp7OicjWGFg0aBGUvxQKCAQB5EoDmDdTrumSsthru +mQeWwt2HhI/SXK8fn3AWJe1lRTLwxhJ/TvelxkKjf+is8ON+cDuYvRmdVm9R48TU +7hlIV9HIBeqrL8GQdhJEjU9shjTzI/9Mg6C5rAre9nv/EZdHm8vIxpROzN2rbpX0 +ULfDqhjjk0iuiom/Wv+TacArEA1UgIn35SBioo2sSh1/Iga9ehhBFEVggDSYA71q +knWijePvtsrD+DwfggITe/9zlyVyTdnCz+k1bZQNBOf3bX3smgiCscuYfFq+p0Nl +o8Dvy+F7PhhGiKJvEXMiW036s6/DIjH77zQF9xveOZODCTMe8iFMX9gWAMcN+O2M +kJt3AoIBAQCxPPz+ndpIhVY+XDShjCxibk2EokV2nqokvvHVIPw/4nhUl9kgx+nF +wBZAUZKhB8V8p19RkPuRp78HvNNgx8VtF+6/6gkef0NoLp+k+gI/jgHBw9/3+ir+ +kKv4Jxd4IjYP9cP1qBTiIvzc4GNPaY7OZoVhcDzJef+bWdF1kaT+1dvDKzDFTadg +5Oo+ivUiD9FDyIvWyMqWmp2Qq6ZLoKZvA/TIf66hezj2RORlA+UTCH+2jWmMBVoU +nM/rXic+dPa+LsXW2NpZHYcfB4e52ALZtqOg5aXp/6Gw7NHt71spslIn+lC6w1HS +3ksE/c6K/+cPyShs4GmfTZWXJr72GZ1xAoIBAAK7gQb3/WCQpTiPh/v7Qnl6hQZD +y+T8fprWBXskU5A7NbIE44DdltPe4LLsVMHpNlqRpYCz+3bHTmPDHd+IHJHZm9Ik +4gUXjPMzzkF9qQ2lyNWvnH2bHlSeHUg/3ZCXpmc8l0pmAeRxhOxzBaFgjt8N3Z5n +FIc25xJ9ki3stySf6baWmTWFscCFn8eBJrQ8mNLXpBM2iXM1e5D8Bu2VZK6nJGtz +QCChvsHspsTmRsGvemBk27gkvKAG0K8u84T5XBRwog7MWx8XThVqNcns6kejeYQs +CNRvuLj7gEQwMPzW2p/tLbSU82oDKQTICeyPwfS/fMl/6NYRaTdABc6KIME= +-----END RSA PRIVATE KEY----- diff --git a/docker/imap-mupdate/saslauthd.conf b/docker/imap-mupdate/saslauthd.conf new file mode 100644 index 0000000..2bfbc09 --- /dev/null +++ b/docker/imap-mupdate/saslauthd.conf @@ -0,0 +1,4 @@ +httpform_host: services.kolab.local +httpform_port: 8000 +httpform_uri: /api/webhooks/cyrus-sasl/ +httpform_data: %u %r %p