diff --git a/config.docker-dev/docker-compose.override.yml b/config.docker-dev/docker-compose.override.yml
index cf76dd87..33f8bb04 100644
--- a/config.docker-dev/docker-compose.override.yml
+++ b/config.docker-dev/docker-compose.override.yml
@@ -1,224 +1,359 @@
version: '3'
services:
+ roundcube:
+ build:
+ context: ./docker/roundcube/
+ container_name: kolab-roundcube
+ hostname: roundcube.hosted.com
+ restart: on-failure
+ depends_on:
+ mariadb:
+ condition: service_healthy
+ pdns:
+ condition: service_healthy
+ environment:
+ - APP_DOMAIN=${APP_DOMAIN}
+ - LDAP_HOST=ldap
+ - LDAP_ADMIN_BIND_DN=${LDAP_ADMIN_BIND_DN}
+ - LDAP_ADMIN_BIND_PW=${LDAP_ADMIN_BIND_PW}
+ - LDAP_SERVICE_BIND_PW=${LDAP_SERVICE_BIND_PW}
+ - LDAP_HOSTED_BIND_PW=${LDAP_HOSTED_BIND_PW}
+ - DB_HOST=mariadb
+ - DB_ROOT_PASSWORD=${DB_ROOT_PASSWORD}
+ - DB_RC_DATABASE=roundcube
+ - DB_RC_USERNAME=roundcube
+ - DB_RC_PASSWORD=${DB_PASSWORD:?"DB_PASSWORD is missing"}
+ - IMAP_HOST=tls://haproxy
+ - IMAP_PORT=11143
+ - IMAP_PROXY_PROTOCOL=2
+ - IMAP_ADMIN_LOGIN=${IMAP_ADMIN_LOGIN}
+ - IMAP_ADMIN_PASSWORD=${IMAP_ADMIN_PASSWORD}
+ - MAIL_HOST=tls://kolab
+ - MAIL_PORT=10587
+ # ldap:
+ # build:
+ # context: ./docker/ldap/
+ # container_name: kolab-ldap
+ # restart: on-failure
+ # tty: true
+ # hostname: ldap
+ # privileged: true
+ # environment:
+ # - APP_DOMAIN=${APP_DOMAIN}
+ # - LDAP_ADMIN_ROOT_DN=${LDAP_ADMIN_ROOT_DN}
+ # - LDAP_ADMIN_BIND_DN=${LDAP_ADMIN_BIND_DN}
+ # - LDAP_ADMIN_BIND_PW=${LDAP_ADMIN_BIND_PW}
+ # - LDAP_SERVICE_BIND_PW=${LDAP_SERVICE_BIND_PW}
+ # - LDAP_HOSTED_BIND_PW=${LDAP_HOSTED_BIND_PW}
+ # - IMAP_ADMIN_PASSWORD=${IMAP_ADMIN_PASSWORD}
+ # healthcheck:
+ # interval: 10s
+ # test: "systemctl status dirsrv@kolab || exit 1"
+ # timeout: 5s
+ # retries: 30
+ # start_period: 5m
+ # image: kolab-ldap
+ # networks:
+ # kolab:
+ # ipv4_address: 172.18.0.12
+ # tmpfs:
+ # - /run
+ # - /tmp
+ # - /var/run
+ # - /var/tmp
+ # volumes:
+ # - /sys/fs/cgroup:/sys/fs/cgroup:ro
haproxy:
+ build:
+ context: ./docker/haproxy/
depends_on:
proxy:
condition: service_healthy
+ healthcheck:
+ interval: 10s
+ test: "kill -0 $$(cat /var/run/haproxy.pid)"
+ timeout: 5s
+ retries: 30
+ container_name: kolab-haproxy
+ restart: on-failure
+ hostname: haproxy.hosted.com
+ image: kolab-haproxy
+ networks:
+ kolab:
+ ipv4_address: 172.18.0.6
+ tmpfs:
+ - /run
+ - /tmp
+ - /var/run
+ - /var/tmp
+ volumes:
+ - ./docker/certs/:/etc/certs/:ro
+ - /etc/letsencrypt/:/etc/letsencrypt/:ro
proxy:
depends_on:
- kolab:
- condition: service_healthy
webapp:
condition: service_healthy
build:
context: ./docker/proxy/
args:
APP_WEBSITE_DOMAIN: ${APP_WEBSITE_DOMAIN:?err}
SSL_CERTIFICATE: ${PROXY_SSL_CERTIFICATE:?err}
SSL_CERTIFICATE_KEY: ${PROXY_SSL_CERTIFICATE_KEY:?err}
healthcheck:
interval: 10s
test: "kill -0 $$(cat /run/nginx.pid)"
timeout: 5s
retries: 30
container_name: kolab-proxy
restart: on-failure
hostname: proxy
image: kolab-proxy
extra_hosts:
- "meet:${MEET_LISTENING_HOST}"
networks:
kolab:
ipv4_address: 172.18.0.7
tmpfs:
- /run
- /tmp
- /var/run
- /var/tmp
tty: true
volumes:
- ./docker/certs/:/etc/certs/:ro
- /etc/letsencrypt/:/etc/letsencrypt/:ro
ports:
# - "80:80"
- "443:443"
- "465:465"
- "587:587"
- "143:143"
- "993:993"
- imap-legacy:
+ # centos7 is not compatible with the new docker builder (yum get's to a grinding halt for some reason)
+ # imap-legacy:
+ # build:
+ # context: ./docker/imap-legacy/
+ # args:
+ # IMAP_ADMIN_LOGIN: ${IMAP_ADMIN_LOGIN}
+ # IMAP_ADMIN_PASSWORD: ${IMAP_ADMIN_PASSWORD}
+ # container_name: imap-legacy
+ # privileged: true
+ # depends_on:
+ # pdns:
+ # condition: service_healthy
+ # # This makes docker's dns, resolve via pdns for this container.
+ # # Please note it does not affect /etc/resolv.conf
+ # dns: 172.18.0.11
+ # image: imap-legacy
+ # extra_hosts:
+ # - "services.${APP_DOMAIN}:172.18.0.4"
+ # networks:
+ # kolab:
+ # ipv4_address: 172.18.0.19
+ # ports:
+ # - "9993:993"
+ # - "9143:143"
+ # tmpfs:
+ # - /run
+ # - /tmp
+ # - /var/run
+ # - /var/tmp
+ # tty: true
+ # volumes:
+ # - /etc/letsencrypt/:/etc/letsencrypt/:ro
+ # - ./docker/certs/ca.cert:/etc/pki/tls/certs/ca.cert:ro
+ # - ./docker/certs/ca.cert:/etc/pki/ca-trust/source/anchors/ca.cert:ro
+ # - ./docker/certs/kolab.hosted.com.cert:${KOLAB_SSL_CERTIFICATE:?err}
+ # - ./docker/certs/kolab.hosted.com.chain.pem:${KOLAB_SSL_CERTIFICATE_FULLCHAIN:?err}
+ # - ./docker/certs/kolab.hosted.com.key:${KOLAB_SSL_CERTIFICATE_KEY:?err}
+ # - ./docker/kolab/utils:/root/utils:ro
+ # - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ imap-backend:
build:
- context: ./docker/imap-legacy/
+ context: ./docker/imap-backend/
args:
IMAP_ADMIN_LOGIN: ${IMAP_ADMIN_LOGIN}
IMAP_ADMIN_PASSWORD: ${IMAP_ADMIN_PASSWORD}
- container_name: imap-legacy
+ container_name: imap-backend
privileged: true
depends_on:
pdns:
condition: service_healthy
+ imap-mupdate:
+ condition: service_healthy
# This makes docker's dns, resolve via pdns for this container.
# Please note it does not affect /etc/resolv.conf
dns: 172.18.0.11
- image: imap-legacy
+ healthcheck:
+ interval: 10s
+ test: "systemctl status cyrus-imapd || exit 1"
+ timeout: 5s
+ retries: 30
+ image: imap-backend
extra_hosts:
- "services.${APP_DOMAIN}:172.18.0.4"
networks:
kolab:
- ipv4_address: 172.18.0.19
+ ipv4_address: 172.18.0.20
ports:
- - "9993:993"
- - "9143:143"
+ - "8993:993"
+ - "8143:143"
+ - "8081:80"
+ - "8443:443"
tmpfs:
- /run
- /tmp
- /var/run
- /var/tmp
tty: true
volumes:
- /etc/letsencrypt/:/etc/letsencrypt/:ro
- ./docker/certs/ca.cert:/etc/pki/tls/certs/ca.cert:ro
- ./docker/certs/ca.cert:/etc/pki/ca-trust/source/anchors/ca.cert:ro
- ./docker/certs/kolab.hosted.com.cert:${KOLAB_SSL_CERTIFICATE:?err}
- ./docker/certs/kolab.hosted.com.chain.pem:${KOLAB_SSL_CERTIFICATE_FULLCHAIN:?err}
- ./docker/certs/kolab.hosted.com.key:${KOLAB_SSL_CERTIFICATE_KEY:?err}
- ./docker/kolab/utils:/root/utils:ro
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- imap-backend:
+ - /home/mollekopf/src/cyrus-imapd:/root/cyrus-imapd
+ imap-backend2:
build:
- context: ./docker/imap-backend/
+ context: ./docker/imap-backend2/
args:
IMAP_ADMIN_LOGIN: ${IMAP_ADMIN_LOGIN}
IMAP_ADMIN_PASSWORD: ${IMAP_ADMIN_PASSWORD}
- container_name: imap-backend
+ container_name: imap-backend2
privileged: true
depends_on:
pdns:
condition: service_healthy
imap-mupdate:
condition: service_healthy
# This makes docker's dns, resolve via pdns for this container.
# Please note it does not affect /etc/resolv.conf
dns: 172.18.0.11
healthcheck:
interval: 10s
test: "systemctl status cyrus-imapd || exit 1"
timeout: 5s
retries: 30
- image: imap-backend
+ image: imap-backend2
extra_hosts:
- "services.${APP_DOMAIN}:172.18.0.4"
networks:
kolab:
- ipv4_address: 172.18.0.20
+ ipv4_address: 172.18.0.23
ports:
- - "8993:993"
- - "8143:143"
- - "8080:80"
- - "8443:443"
+ - "9993:993"
+ - "9143:143"
+ - "9081:80"
+ - "9443:443"
tmpfs:
- /run
- /tmp
- /var/run
- /var/tmp
tty: true
volumes:
- /etc/letsencrypt/:/etc/letsencrypt/:ro
- ./docker/certs/ca.cert:/etc/pki/tls/certs/ca.cert:ro
- ./docker/certs/ca.cert:/etc/pki/ca-trust/source/anchors/ca.cert:ro
- ./docker/certs/kolab.hosted.com.cert:${KOLAB_SSL_CERTIFICATE:?err}
- ./docker/certs/kolab.hosted.com.chain.pem:${KOLAB_SSL_CERTIFICATE_FULLCHAIN:?err}
- ./docker/certs/kolab.hosted.com.key:${KOLAB_SSL_CERTIFICATE_KEY:?err}
- ./docker/kolab/utils:/root/utils:ro
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- /home/mollekopf/src/cyrus-imapd:/root/cyrus-imapd
imap-frontend:
build:
context: ./docker/imap-frontend/
args:
IMAP_ADMIN_LOGIN: ${IMAP_ADMIN_LOGIN}
IMAP_ADMIN_PASSWORD: ${IMAP_ADMIN_PASSWORD}
container_name: imap-frontend
privileged: true
depends_on:
pdns:
condition: service_healthy
# This makes docker's dns, resolve via pdns for this container.
# Please note it does not affect /etc/resolv.conf
dns: 172.18.0.11
healthcheck:
interval: 10s
test: "systemctl status cyrus-imapd || exit 1"
timeout: 5s
retries: 30
image: imap-frontend
extra_hosts:
- "services.${APP_DOMAIN}:172.18.0.4"
# Somehow necessary for caldav because it connects to the backend not via imap-backend but the full hostname imap.backend.${APP_DOMAIN}
- "imap-backend.${APP_DOMAIN}:172.18.0.20"
- "imap-frontend.${APP_DOMAIN}:172.18.0.21"
networks:
kolab:
ipv4_address: 172.18.0.21
ports:
- "7993:993"
- "7143:143"
- - "7080:80"
+ - "7081:80"
- "7443:443"
tmpfs:
- /run
- /tmp
- /var/run
- /var/tmp
tty: true
volumes:
- /etc/letsencrypt/:/etc/letsencrypt/:ro
- ./docker/certs/ca.cert:/etc/pki/tls/certs/ca.cert:ro
- ./docker/certs/ca.cert:/etc/pki/ca-trust/source/anchors/ca.cert:ro
- ./docker/certs/kolab.hosted.com.cert:${KOLAB_SSL_CERTIFICATE:?err}
- ./docker/certs/kolab.hosted.com.chain.pem:${KOLAB_SSL_CERTIFICATE_FULLCHAIN:?err}
- ./docker/certs/kolab.hosted.com.key:${KOLAB_SSL_CERTIFICATE_KEY:?err}
- ./docker/kolab/utils:/root/utils:ro
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- /home/mollekopf/src/cyrus-imapd:/root/cyrus-imapd
imap-mupdate:
build:
context: ./docker/imap-mupdate/
args:
IMAP_ADMIN_LOGIN: ${IMAP_ADMIN_LOGIN}
IMAP_ADMIN_PASSWORD: ${IMAP_ADMIN_PASSWORD}
container_name: imap-mupdate
privileged: true
depends_on:
pdns:
condition: service_healthy
+ # For authentication
+ webapp:
+ condition: service_healthy
# This makes docker's dns, resolve via pdns for this container.
# Please note it does not affect /etc/resolv.conf
dns: 172.18.0.11
healthcheck:
interval: 10s
test: "systemctl status cyrus-imapd || exit 1"
timeout: 5s
retries: 30
image: imap-mupdate
extra_hosts:
- "services.${APP_DOMAIN}:172.18.0.4"
networks:
kolab:
ipv4_address: 172.18.0.22
tmpfs:
- /run
- /tmp
- /var/run
- /var/tmp
tty: true
volumes:
- /etc/letsencrypt/:/etc/letsencrypt/:ro
- ./docker/certs/ca.cert:/etc/pki/tls/certs/ca.cert:ro
- ./docker/certs/ca.cert:/etc/pki/ca-trust/source/anchors/ca.cert:ro
- ./docker/certs/kolab.hosted.com.cert:${KOLAB_SSL_CERTIFICATE:?err}
- ./docker/certs/kolab.hosted.com.chain.pem:${KOLAB_SSL_CERTIFICATE_FULLCHAIN:?err}
- ./docker/certs/kolab.hosted.com.key:${KOLAB_SSL_CERTIFICATE_KEY:?err}
- ./docker/kolab/utils:/root/utils:ro
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- /home/mollekopf/src/cyrus-imapd:/root/cyrus-imapd
diff --git a/config.docker-dev/docker/imap-backend/Dockerfile b/config.docker-dev/docker/imap-backend/Dockerfile
index 18f82b07..64a4bdd6 100644
--- a/config.docker-dev/docker/imap-backend/Dockerfile
+++ b/config.docker-dev/docker/imap-backend/Dockerfile
@@ -1,82 +1,72 @@
FROM almalinux:8
LABEL maintainer="contact@apheleia-it.ch"
LABEL dist=centos8
LABEL tier=${TIER}
ENV SYSTEMD_PAGER=''
ENV DISTRO=centos8
ENV LANG=en_US.utf8
ENV LC_ALL=en_US.utf8
# Add EPEL.
RUN dnf -y install dnf-plugin-config-manager && \
dnf config-manager --set-enabled powertools && \
dnf -y install epel-release && \
dnf -y module enable 389-ds:1.4/default && \
dnf -y module enable mariadb:10.3 && \
dnf -y install iputils vim-enhanced bind-utils && \
dnf clean all
RUN rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8
# Install kolab
RUN rpm --import https://mirror.apheleia-it.ch/repos/Kolab:/16/key.asc && \
rpm -Uvh https://mirror.apheleia-it.ch/repos/Kolab:/16/kolab-16-for-el8.rpm
RUN sed -i -e '/^ssl/d' /etc/yum.repos.d/kolab*.repo && \
dnf config-manager --enable kolab-16-testing &&\
dnf -y --setopt tsflags= install patch &&\
dnf clean all
RUN sed -i -r -e 's/^SELINUX=.*$/SELINUX=permissive/g' /etc/selinux/config 2>/dev/null || :
WORKDIR /root/
-RUN dnf -y install git
-RUN dnf -y group install "Development Tools"
-RUN git clone https://github.com/cmollekopf/cyrus-imapd
+RUN dnf -y install git autoconf automake bison cyrus-sasl-devel flex gcc gperf jansson-devel libbsd-devel libtool libicu-devel libuuid-devel openssl-devel pkgconfig sqlite-devel brotli-devel libical-devel libxml2-devel libnghttp2-devel shapelib zlib-devel pcre-devel perl-devel && \
+ dnf -y install cyrus-imapd cyrus-sasl cyrus-sasl-plain && \
+ dnf -y group install "Development Tools"
+RUN git clone https://git.kolab.org/source/cyrus-imapd.git
-RUN dnf -y install autoconf automake bison cyrus-sasl-devel flex gcc gperf jansson-devel libbsd-devel libtool libicu-devel libuuid-devel openssl-devel pkgconfig sqlite-devel brotli-devel libical-devel libxml2-devel libnghttp2-devel shapelib zlib-devel pcre-devel
-
-RUN dnf -y install perl-devel
-RUN dnf -y install cyrus-imapd cyrus-sasl cyrus-sasl-plain
-# wslay-devel
-#libchardet-devel
- # cld2-devel
- #
COPY cyrus.conf /etc/cyrus.conf
COPY imapd.conf /etc/imapd.conf
COPY imapd.annotations.conf /etc/imapd.annotations.conf
COPY saslauthd.conf /etc/saslauthd.conf
ARG IMAP_ADMIN_LOGIN
ARG IMAP_ADMIN_PASSWORD
RUN sed -i -r \
-e "s|IMAP_ADMIN_LOGIN|$IMAP_ADMIN_LOGIN|g" \
-e "s|IMAP_ADMIN_PASSWORD|$IMAP_ADMIN_PASSWORD|g" \
/etc/imapd.conf
RUN cd cyrus-imapd && \
git checkout dev/kolab-3.6 && \
autoreconf -i && \
./configure CFLAGS="-W -Wno-unused-parameter -g -O0 -Wall -Wextra -Werror -fPIC" --enable-murder --enable-http --enable-calalarmd --enable-autocreate --enable-idled --with-openssl=yes --enable-replication --prefix=/usr && \
make -j6 && \
make install
COPY cyrus-imapd.service /etc/systemd/system/cyrus-imapd.service
-
-# RUN useradd -g mail cyrus
-
ADD kolab.hosted.com.cert /etc/pki/tls/certs/kolab.hosted.com.cert
ADD kolab.hosted.com.chain.pem /etc/pki/tls/certs/kolab.hosted.com.chain.pem
ADD kolab.hosted.com.key /etc/pki/tls/certs/kolab.hosted.com.key
RUN mkdir -p /etc/pki/cyrus-imapd/ && cat /etc/pki/tls/certs/kolab.hosted.com.cert /etc/pki/tls/certs/kolab.hosted.com.chain.pem /etc/pki/tls/certs/kolab.hosted.com.key > /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem && \
chown cyrus:mail /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
RUN sed -i "s/MECH=.*/MECH=httpform/" /etc/sysconfig/saslauthd
RUN systemctl enable cyrus-imapd && systemctl enable saslauthd
RUN echo "csync 2005/tcp" >> /etc/services
CMD ["/lib/systemd/systemd"]
EXPOSE 143/tcp 993/tcp 80/tcp 443/tcp
diff --git a/config.docker-dev/docker/imap-backend/imapd.conf b/config.docker-dev/docker/imap-backend/imapd.conf
index 9ce698d4..e5bc7d63 100644
--- a/config.docker-dev/docker/imap-backend/imapd.conf
+++ b/config.docker-dev/docker/imap-backend/imapd.conf
@@ -1,106 +1,106 @@
servername: imap-backend
configdirectory: /var/lib/imap
defaultpartition: default
metapartition_files: annotations cache expunge header index
partition-default: /var/spool/imap/
sievedir: /var/lib/imap/sieve
annotation_definitions: /etc/imapd.annotations.conf
autocreate_quota: 5242880
autocreate_inbox_folders: Drafts | Trash | Sent
autocreate_subscribe_folders: Drafts | Trash | Sent
# Set specialuse flags
xlist-drafts: Drafts
xlist-sent: Sent
xlist-trash: Trash
idlesocket: /var/lib/imap/socket/idle
-disable_shared_namespace: 1
-disable_user_namespace: 1
+disable_shared_namespace: 0
+disable_user_namespace: 0
duplicate_db_path: /run/cyrus/db/deliver.db
mboxname_lockpath: /run/cyrus/lock
proc_path: /run/cyrus/proc
# Apparently does not work
##ptscache_db_path: /var/tmp/cyrus-imapd/ptscache.db
statuscache_db_path: /run/cyrus/db/statuscache.db
temp_path: /tmp
tls_sessions_db_path: /run/cyrus/db/tls_sessions.db
sendmail: /usr/sbin/sendmail
admins: IMAP_ADMIN_LOGIN
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN LOGIN
allowplaintext: yes
lmtp_over_quota_perm_failure: 1
#tls_server_cert: /etc/pki/tls/private/aphy.app.pem
#tls_server_key: /etc/pki/tls/private/aphy.app.pem
#tls_server_ca_file: /etc/pki/tls/certs/zrh1.infra.aphy.app.ca.cert
tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
tls_client_certs: off
tls_ciphers: kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES
tls_prefer_server_ciphers: 1
tls_versions: tls1_3
maxlogins_per_user: 50
proxyd_disable_mailbox_referrals: 0
httpmodules: caldav carddav domainkey freebusy ischedule rss webdav
unixhierarchysep: 1
virtdomains: userid
sieve_extensions: fileinto reject envelope body vacation imap4flags include regex subaddress relational copy date
allowallsubscribe: 0
anyoneuseracl: 0
allowusermoves: 1
altnamespace: 1
disconnect_on_vanished_mailbox: 1
hashimapspool: 1
anysievefolder: 1
fulldirhash: 0
sieve_maxscripts: 150
sieve_maxscriptsize: 128
sieveusehomedir: 0
sieve_allowreferrals: 0
sieve_utf8fileinto: 1
lmtp_downcase_rcpt: 1
lmtp_fuzzy_mailbox_match: 1
username_tolower: 1
deletedprefix: DELETED
delete_mode: delayed
expunge_mode: delayed
postuser: shared
tcp_keepalive: 1
syslog_prefix: cyrus-imapd
calendar_default_displayname: test
addressbook_default_displayname: test
# mupdate is enabled
mupdate_config: standard
mupdate_server: imap-mupdate
mupdate_port: 3905
mupdate_authname: IMAP_ADMIN_LOGIN
mupdate_username: IMAP_ADMIN_LOGIN
mupdate_password: IMAP_ADMIN_PASSWORD
# proxy authentication for these users
proxyservers: IMAP_ADMIN_LOGIN
# sync is enabled
#sync_try_imap: 0
#sync_log_chain: false
#sync_authname: cyrus
#sync_password: simple123
#sync_log: 1
#sync_repeat_interval: 10
#sync_shutdown_file: /var/lib/imap/sync_shutdown
diff --git a/config.docker-dev/docker/imap-backend/Dockerfile b/config.docker-dev/docker/imap-backend2/Dockerfile
similarity index 81%
copy from config.docker-dev/docker/imap-backend/Dockerfile
copy to config.docker-dev/docker/imap-backend2/Dockerfile
index 18f82b07..64a4bdd6 100644
--- a/config.docker-dev/docker/imap-backend/Dockerfile
+++ b/config.docker-dev/docker/imap-backend2/Dockerfile
@@ -1,82 +1,72 @@
FROM almalinux:8
LABEL maintainer="contact@apheleia-it.ch"
LABEL dist=centos8
LABEL tier=${TIER}
ENV SYSTEMD_PAGER=''
ENV DISTRO=centos8
ENV LANG=en_US.utf8
ENV LC_ALL=en_US.utf8
# Add EPEL.
RUN dnf -y install dnf-plugin-config-manager && \
dnf config-manager --set-enabled powertools && \
dnf -y install epel-release && \
dnf -y module enable 389-ds:1.4/default && \
dnf -y module enable mariadb:10.3 && \
dnf -y install iputils vim-enhanced bind-utils && \
dnf clean all
RUN rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8
# Install kolab
RUN rpm --import https://mirror.apheleia-it.ch/repos/Kolab:/16/key.asc && \
rpm -Uvh https://mirror.apheleia-it.ch/repos/Kolab:/16/kolab-16-for-el8.rpm
RUN sed -i -e '/^ssl/d' /etc/yum.repos.d/kolab*.repo && \
dnf config-manager --enable kolab-16-testing &&\
dnf -y --setopt tsflags= install patch &&\
dnf clean all
RUN sed -i -r -e 's/^SELINUX=.*$/SELINUX=permissive/g' /etc/selinux/config 2>/dev/null || :
WORKDIR /root/
-RUN dnf -y install git
-RUN dnf -y group install "Development Tools"
-RUN git clone https://github.com/cmollekopf/cyrus-imapd
+RUN dnf -y install git autoconf automake bison cyrus-sasl-devel flex gcc gperf jansson-devel libbsd-devel libtool libicu-devel libuuid-devel openssl-devel pkgconfig sqlite-devel brotli-devel libical-devel libxml2-devel libnghttp2-devel shapelib zlib-devel pcre-devel perl-devel && \
+ dnf -y install cyrus-imapd cyrus-sasl cyrus-sasl-plain && \
+ dnf -y group install "Development Tools"
+RUN git clone https://git.kolab.org/source/cyrus-imapd.git
-RUN dnf -y install autoconf automake bison cyrus-sasl-devel flex gcc gperf jansson-devel libbsd-devel libtool libicu-devel libuuid-devel openssl-devel pkgconfig sqlite-devel brotli-devel libical-devel libxml2-devel libnghttp2-devel shapelib zlib-devel pcre-devel
-
-RUN dnf -y install perl-devel
-RUN dnf -y install cyrus-imapd cyrus-sasl cyrus-sasl-plain
-# wslay-devel
-#libchardet-devel
- # cld2-devel
- #
COPY cyrus.conf /etc/cyrus.conf
COPY imapd.conf /etc/imapd.conf
COPY imapd.annotations.conf /etc/imapd.annotations.conf
COPY saslauthd.conf /etc/saslauthd.conf
ARG IMAP_ADMIN_LOGIN
ARG IMAP_ADMIN_PASSWORD
RUN sed -i -r \
-e "s|IMAP_ADMIN_LOGIN|$IMAP_ADMIN_LOGIN|g" \
-e "s|IMAP_ADMIN_PASSWORD|$IMAP_ADMIN_PASSWORD|g" \
/etc/imapd.conf
RUN cd cyrus-imapd && \
git checkout dev/kolab-3.6 && \
autoreconf -i && \
./configure CFLAGS="-W -Wno-unused-parameter -g -O0 -Wall -Wextra -Werror -fPIC" --enable-murder --enable-http --enable-calalarmd --enable-autocreate --enable-idled --with-openssl=yes --enable-replication --prefix=/usr && \
make -j6 && \
make install
COPY cyrus-imapd.service /etc/systemd/system/cyrus-imapd.service
-
-# RUN useradd -g mail cyrus
-
ADD kolab.hosted.com.cert /etc/pki/tls/certs/kolab.hosted.com.cert
ADD kolab.hosted.com.chain.pem /etc/pki/tls/certs/kolab.hosted.com.chain.pem
ADD kolab.hosted.com.key /etc/pki/tls/certs/kolab.hosted.com.key
RUN mkdir -p /etc/pki/cyrus-imapd/ && cat /etc/pki/tls/certs/kolab.hosted.com.cert /etc/pki/tls/certs/kolab.hosted.com.chain.pem /etc/pki/tls/certs/kolab.hosted.com.key > /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem && \
chown cyrus:mail /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
RUN sed -i "s/MECH=.*/MECH=httpform/" /etc/sysconfig/saslauthd
RUN systemctl enable cyrus-imapd && systemctl enable saslauthd
RUN echo "csync 2005/tcp" >> /etc/services
CMD ["/lib/systemd/systemd"]
EXPOSE 143/tcp 993/tcp 80/tcp 443/tcp
diff --git a/config.docker-dev/docker/imap-backend2/cyrus-imapd.service b/config.docker-dev/docker/imap-backend2/cyrus-imapd.service
new file mode 100644
index 00000000..72ae96f1
--- /dev/null
+++ b/config.docker-dev/docker/imap-backend2/cyrus-imapd.service
@@ -0,0 +1,22 @@
+[Unit]
+Description=Cyrus-imapd IMAP/POP3 email server
+After=local-fs.target network-online.target
+
+#Requires=cyrus-imapd-init.service
+#After=cyrus-imapd-init.service
+
+[Service]
+Type=simple
+#EnvironmentFile=/etc/sysconfig/cyrus-imapd
+#ExecStart=/usr/libexec/cyrus-imapd/cyrus-master $CYRUSOPTIONS
+ExecStart=/usr/libexec/master
+PrivateTmp=true
+
+# Cyrus may spawn many processes in normal operation. These figures are higher
+# than the defaults, but may still need to be tuned for your local
+# configuration.
+TasksMax=2048
+LimitNOFILE=16384
+
+[Install]
+WantedBy=multi-user.target
diff --git a/config.docker-dev/docker/imap-backend2/cyrus.conf b/config.docker-dev/docker/imap-backend2/cyrus.conf
new file mode 100644
index 00000000..36bcad4c
--- /dev/null
+++ b/config.docker-dev/docker/imap-backend2/cyrus.conf
@@ -0,0 +1,42 @@
+START {
+ # do not delete this entry!
+ recover cmd="ctl_cyrusdb -r"
+
+ mupdatepush cmd="ctl_mboxlist -m"
+}
+
+SERVICES {
+
+ http cmd="httpd" listen="http" proto="tcp" prefork=5
+ imap cmd="imapd" listen="imap" proto="tcp" prefork=5
+ https cmd="httpd -s" listen="https" proto="tcp" prefork=5
+ imaps cmd="imapd -s" listen="imaps" proto="tcp" prefork=1
+ sieve cmd="timsieved" listen="sieve" proto="tcp" prefork=0
+ lmtp cmd="lmtpd" listen="lmtp" proto="tcp" prefork=1
+ lmtpunix cmd="lmtpd" listen="/run/cyrus/socket/lmtp" prefork=1
+ syncserver cmd="sync_server" listen="csync"
+}
+
+EVENTS {
+ # this is required
+ checkpoint cmd="ctl_cyrusdb -c" period="39"
+
+ # Expire deleted folders older than 28 days.
+ deleteprune cmd="cyr_expire -E 4 -D 28" at="0400"
+
+ # Expire deleted messages older than 28 days.
+ expungeprune cmd="cyr_expire -E 4 -X 28" at="0132"
+
+ # this is only necessary if caching TLS sessions
+ tlsprune cmd="tls_prune" at="0400"
+
+ # this is only necessary if using duplicate delivery suppression
+ delprune cmd="cyr_expire -E 3" at="0400"
+
+}
+
+DAEMON {
+ # this is only necessary if using idled for IMAP IDLE
+ idled cmd="idled"
+
+}
diff --git a/config.docker-dev/docker/imap-backend2/imapd.annotations.conf b/config.docker-dev/docker/imap-backend2/imapd.annotations.conf
new file mode 100644
index 00000000..3b03bfad
--- /dev/null
+++ b/config.docker-dev/docker/imap-backend2/imapd.annotations.conf
@@ -0,0 +1,11 @@
+/vendor/kolab/activesync,mailbox,string,backend,value.priv,r
+/vendor/kolab/color,mailbox,string,backend,value.shared value.priv,a
+/vendor/kolab/displayname,mailbox,string,backend,value.shared value.priv,a
+/vendor/kolab/folder-test,mailbox,string,backend,value.shared value.priv,a
+/vendor/kolab/folder-type,mailbox,string,backend,value.shared value.priv,a
+/vendor/kolab/incidences-for,mailbox,string,backend,value.shared value.priv,a
+/vendor/kolab/pxfb-readable-for,mailbox,string,backend,value.shared value.priv,a
+/vendor/kolab/uniqueid,mailbox,string,backend,value.shared value.priv,a
+/vendor/kolab/h-share-attr-desc,mailbox,string,backend,value.shared value.priv,a
+/vendor/horde/share-params,mailbox,string,backend,value.shared value.priv,a
+/vendor/x-toltec/test,mailbox,string,backend,value.shared value.priv,a
diff --git a/config.docker-dev/docker/imap-backend/imapd.conf b/config.docker-dev/docker/imap-backend2/imapd.conf
similarity index 97%
copy from config.docker-dev/docker/imap-backend/imapd.conf
copy to config.docker-dev/docker/imap-backend2/imapd.conf
index 9ce698d4..68b8cdf1 100644
--- a/config.docker-dev/docker/imap-backend/imapd.conf
+++ b/config.docker-dev/docker/imap-backend2/imapd.conf
@@ -1,106 +1,106 @@
-servername: imap-backend
+servername: imap-backend2
configdirectory: /var/lib/imap
defaultpartition: default
metapartition_files: annotations cache expunge header index
partition-default: /var/spool/imap/
sievedir: /var/lib/imap/sieve
annotation_definitions: /etc/imapd.annotations.conf
autocreate_quota: 5242880
autocreate_inbox_folders: Drafts | Trash | Sent
autocreate_subscribe_folders: Drafts | Trash | Sent
# Set specialuse flags
xlist-drafts: Drafts
xlist-sent: Sent
xlist-trash: Trash
idlesocket: /var/lib/imap/socket/idle
-disable_shared_namespace: 1
-disable_user_namespace: 1
+disable_shared_namespace: 0
+disable_user_namespace: 0
duplicate_db_path: /run/cyrus/db/deliver.db
mboxname_lockpath: /run/cyrus/lock
proc_path: /run/cyrus/proc
# Apparently does not work
##ptscache_db_path: /var/tmp/cyrus-imapd/ptscache.db
statuscache_db_path: /run/cyrus/db/statuscache.db
temp_path: /tmp
tls_sessions_db_path: /run/cyrus/db/tls_sessions.db
sendmail: /usr/sbin/sendmail
admins: IMAP_ADMIN_LOGIN
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN LOGIN
allowplaintext: yes
lmtp_over_quota_perm_failure: 1
#tls_server_cert: /etc/pki/tls/private/aphy.app.pem
#tls_server_key: /etc/pki/tls/private/aphy.app.pem
#tls_server_ca_file: /etc/pki/tls/certs/zrh1.infra.aphy.app.ca.cert
tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
tls_client_certs: off
tls_ciphers: kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES
tls_prefer_server_ciphers: 1
tls_versions: tls1_3
maxlogins_per_user: 50
proxyd_disable_mailbox_referrals: 0
httpmodules: caldav carddav domainkey freebusy ischedule rss webdav
unixhierarchysep: 1
virtdomains: userid
sieve_extensions: fileinto reject envelope body vacation imap4flags include regex subaddress relational copy date
allowallsubscribe: 0
anyoneuseracl: 0
allowusermoves: 1
altnamespace: 1
disconnect_on_vanished_mailbox: 1
hashimapspool: 1
anysievefolder: 1
fulldirhash: 0
sieve_maxscripts: 150
sieve_maxscriptsize: 128
sieveusehomedir: 0
sieve_allowreferrals: 0
sieve_utf8fileinto: 1
lmtp_downcase_rcpt: 1
lmtp_fuzzy_mailbox_match: 1
username_tolower: 1
deletedprefix: DELETED
delete_mode: delayed
expunge_mode: delayed
postuser: shared
tcp_keepalive: 1
syslog_prefix: cyrus-imapd
calendar_default_displayname: test
addressbook_default_displayname: test
# mupdate is enabled
mupdate_config: standard
mupdate_server: imap-mupdate
mupdate_port: 3905
mupdate_authname: IMAP_ADMIN_LOGIN
mupdate_username: IMAP_ADMIN_LOGIN
mupdate_password: IMAP_ADMIN_PASSWORD
# proxy authentication for these users
proxyservers: IMAP_ADMIN_LOGIN
# sync is enabled
#sync_try_imap: 0
#sync_log_chain: false
#sync_authname: cyrus
#sync_password: simple123
#sync_log: 1
#sync_repeat_interval: 10
#sync_shutdown_file: /var/lib/imap/sync_shutdown
diff --git a/config.docker-dev/docker/imap-backend2/kolab.hosted.com.cert b/config.docker-dev/docker/imap-backend2/kolab.hosted.com.cert
new file mode 100644
index 00000000..8f8a52a2
--- /dev/null
+++ b/config.docker-dev/docker/imap-backend2/kolab.hosted.com.cert
@@ -0,0 +1,29 @@
+-----BEGIN CERTIFICATE-----
+MIIE8jCCAtqgAwIBAgIUPetq90+aimhTrG2eRliFXaWLW14wDQYJKoZIhvcNAQEL
+BQAwFTETMBEGA1UECgwKRXhhbXBsZSBDQTAeFw0yMjA5MzAxNTA2MzRaFw0yMjEw
+MjgxNTA2MzRaMDAxEzARBgNVBAoMCkV4YW1wbGUgQ0ExGTAXBgNVBAMMEGtvbGFi
+Lmhvc3RlZC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCxL844
+iQMUTX43YWQ+U/eDgc5z0kMIFfPayhkL5UFgmefZ8zwii5EwK7KuLd0NK4qFKJOF
+RRkphLWAYuhEem7jfbRqrxcKuZdyY67pEWIlVe/9ha9RaAa2ET9utyredFk5MwgQ
+ujQA37cpeKRFZQ96YFhZtGGH17x+sbeZQfUQ6Qwoxdc4ZDFj1tQ4WCghTHSlRII4
+VKEA6PRyBBjUyYLrCjyBVijiqV6zb+/5biHxb5ChtDceD+gtAWrGRpQHs2WsSH1M
+s7FbT8S2sXT5bg1BNZZRSrcLmLaD62GOmbxiG1V3qU+iJ311FwsUVo6xMfuKmcPI
+5X5BC2atQe1zWRzfyM076z+6vBsUjie9skz81CY841PKgx/6VPeCpETYv2kaYqdS
+6ASdVVKv/UFU2TAbwUppo2rD10gPaVH4thTDOH68Z5wV5yTeWSJzn7Kqj8ILLQ6c
+EPWr1vXqXDnir0bFDhpprqwMkDxbZ2NkVI9gIOsZcEIyvJV5/9pjTdbKWPCUrBDX
+iJAlyTx95M/B9UK9h98ZixnpOcDGY2gNhGiWSGANlXnhfIrpra03ov2GXmFnzSez
+3mH5vqvufRZvEcBmDW/VUdVADh2bm6UVHAfrjSrlrnSIEPRMplyWJ0VwyG7UUsjp
+k81Q1PU/WSmkMyo5an/pwvxXYTjAOm+CVhR1kwIDAQABox8wHTAbBgNVHREEFDAS
+ghBrb2xhYi5ob3N0ZWQuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQBSA4QSLZMaDq0f
+rnc/nEAKZrHz0UTMqZLY+dlKn6TRqIlNrSa1VV3koPnyF1VxU/3JVJsoqiDJ4f5B
+jSPoURUUGLc5/fpUuZfXyOrpjlSAmLFhEZMZi98XSJeB4kt7/s+Fs851OteKQZq2
+8TQPlfTc69FIpgypUYI7Nf6fQY2mf92RoFVRlBu0NR41wt0xrfTVU29tv4EDFQNA
+Z+1yPfQt6NjwzILPnHBivyUFG8JIxsuXWUiPQ04qv34iq16jyquhK3EQ7ylCnmrO
+6Yd+bROj5VwblcF+hBl28Jcpr2q8/pSv1GtkU+Yw0yFjqYqXAmtZoJYapITY0CDs
+kP+XEbHNMkxz0SC7ua2BMRtbPRjAqNkU9V8tZJla+HiVUL1bJHHPtrrJ27e6Nbv+
+2QpW8zqD/EmIAjMBFr0v/VlE4mlm7G6bOOiIppkpe9ZSvBoKCpCPoIyYgflOzkr5
+Myl8p7mAN8CeXgyzOwVFVaYjhGVDBxArcFAwhwdj7RJLHnIholbWEUGGak8yJjGj
+RayqSQZxUa1fTqsQwtjOnhFpnl4wsKIDq/6BavUxrcKJdJOz44KDS61l7i5YAYbl
+FRr9kUFaw9sZqx0EQI+cbeDdBrdh7XsMTNQ17SZrb6Ck5KqUZ7SYUIKHWvudQlpd
+GYjxjUbNtebeeSMAdS7C3FtwBFIxhw==
+-----END CERTIFICATE-----
diff --git a/config.docker-dev/docker/imap-backend2/kolab.hosted.com.chain.pem b/config.docker-dev/docker/imap-backend2/kolab.hosted.com.chain.pem
new file mode 100644
index 00000000..13e8193d
--- /dev/null
+++ b/config.docker-dev/docker/imap-backend2/kolab.hosted.com.chain.pem
@@ -0,0 +1,58 @@
+-----BEGIN CERTIFICATE-----
+MIIE8jCCAtqgAwIBAgIUPetq90+aimhTrG2eRliFXaWLW14wDQYJKoZIhvcNAQEL
+BQAwFTETMBEGA1UECgwKRXhhbXBsZSBDQTAeFw0yMjA5MzAxNTA2MzRaFw0yMjEw
+MjgxNTA2MzRaMDAxEzARBgNVBAoMCkV4YW1wbGUgQ0ExGTAXBgNVBAMMEGtvbGFi
+Lmhvc3RlZC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCxL844
+iQMUTX43YWQ+U/eDgc5z0kMIFfPayhkL5UFgmefZ8zwii5EwK7KuLd0NK4qFKJOF
+RRkphLWAYuhEem7jfbRqrxcKuZdyY67pEWIlVe/9ha9RaAa2ET9utyredFk5MwgQ
+ujQA37cpeKRFZQ96YFhZtGGH17x+sbeZQfUQ6Qwoxdc4ZDFj1tQ4WCghTHSlRII4
+VKEA6PRyBBjUyYLrCjyBVijiqV6zb+/5biHxb5ChtDceD+gtAWrGRpQHs2WsSH1M
+s7FbT8S2sXT5bg1BNZZRSrcLmLaD62GOmbxiG1V3qU+iJ311FwsUVo6xMfuKmcPI
+5X5BC2atQe1zWRzfyM076z+6vBsUjie9skz81CY841PKgx/6VPeCpETYv2kaYqdS
+6ASdVVKv/UFU2TAbwUppo2rD10gPaVH4thTDOH68Z5wV5yTeWSJzn7Kqj8ILLQ6c
+EPWr1vXqXDnir0bFDhpprqwMkDxbZ2NkVI9gIOsZcEIyvJV5/9pjTdbKWPCUrBDX
+iJAlyTx95M/B9UK9h98ZixnpOcDGY2gNhGiWSGANlXnhfIrpra03ov2GXmFnzSez
+3mH5vqvufRZvEcBmDW/VUdVADh2bm6UVHAfrjSrlrnSIEPRMplyWJ0VwyG7UUsjp
+k81Q1PU/WSmkMyo5an/pwvxXYTjAOm+CVhR1kwIDAQABox8wHTAbBgNVHREEFDAS
+ghBrb2xhYi5ob3N0ZWQuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQBSA4QSLZMaDq0f
+rnc/nEAKZrHz0UTMqZLY+dlKn6TRqIlNrSa1VV3koPnyF1VxU/3JVJsoqiDJ4f5B
+jSPoURUUGLc5/fpUuZfXyOrpjlSAmLFhEZMZi98XSJeB4kt7/s+Fs851OteKQZq2
+8TQPlfTc69FIpgypUYI7Nf6fQY2mf92RoFVRlBu0NR41wt0xrfTVU29tv4EDFQNA
+Z+1yPfQt6NjwzILPnHBivyUFG8JIxsuXWUiPQ04qv34iq16jyquhK3EQ7ylCnmrO
+6Yd+bROj5VwblcF+hBl28Jcpr2q8/pSv1GtkU+Yw0yFjqYqXAmtZoJYapITY0CDs
+kP+XEbHNMkxz0SC7ua2BMRtbPRjAqNkU9V8tZJla+HiVUL1bJHHPtrrJ27e6Nbv+
+2QpW8zqD/EmIAjMBFr0v/VlE4mlm7G6bOOiIppkpe9ZSvBoKCpCPoIyYgflOzkr5
+Myl8p7mAN8CeXgyzOwVFVaYjhGVDBxArcFAwhwdj7RJLHnIholbWEUGGak8yJjGj
+RayqSQZxUa1fTqsQwtjOnhFpnl4wsKIDq/6BavUxrcKJdJOz44KDS61l7i5YAYbl
+FRr9kUFaw9sZqx0EQI+cbeDdBrdh7XsMTNQ17SZrb6Ck5KqUZ7SYUIKHWvudQlpd
+GYjxjUbNtebeeSMAdS7C3FtwBFIxhw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFCzCCAvOgAwIBAgIUEvYwMxnGZGbpNdlgadZ/BTZhQaswDQYJKoZIhvcNAQEL
+BQAwFTETMBEGA1UECgwKRXhhbXBsZSBDQTAeFw0yMDEyMjkxODU0MDdaFw0zMDEy
+MjcxODU0MDdaMBUxEzARBgNVBAoMCkV4YW1wbGUgQ0EwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDHK/c0eG4e1/cAIHmfPKQkt3p+P2+nsXypGEKTNoHj
+77vUZzuyafnO+dSW3pHVw1UV1T28a+SWdpC2DCSxD/2JQ0upybilZVRWTuL6AZjC
+iIV2yyd662H39/IJz3aQuHMwbgRM4ISzoODqUMWcAUhIYEJcXwG8FYDAhgNbW1sq
+DTnnpJmeD87F8mZS4cOz+dZ1bcAkaqGNye4oLjlnkvRmsUMnHeLMhS0I7R0aeca1
+xq/8CnZApnUrHHYiVPhEZqz78/lUlNIb2Gu5U0buhGoQDpeLHpeJmTdFOxtHXic4
+pGczJiEPgpPMECCiPQu6kmerm6/85v10jQNwcQZOvYbpKrow26RRyPV92QfLY5uS
+Cnxq51cjefXcRNAs47rBSsJ3ZnLJcTF1BpD69ckPUDobg7vNGwtpMtmi+xyCOxYb
+M03v4GyCvEXIQHm6oafcu6yoGPRGH9eR7qrrYA9+laMZFuKhdXxcXPXUgQufL6U6
+cnGIG+31wFYMn2wKufYy+3or73zE45Hzo/lBStI/U6Mkn5jBEsOErNZlAD0zt8Pa
+Jw6szEK2r9IXeuv++S4ASxduOZJVQo0NIwjt3AvP/J7TenJ52FawBKM5Qx8UsC/s
+cqk0SlLYRCK98dFRc5GEYVXH9WgFeJqVz/Syc73WDzrspF0G0xKIyCst80pQvAlH
+wwIDAQABo1MwUTAdBgNVHQ4EFgQUDKT/J+566qUX9mufxvdWiG6o24IwHwYDVR0j
+BBgwFoAUDKT/J+566qUX9mufxvdWiG6o24IwDwYDVR0TAQH/BAUwAwEB/zANBgkq
+hkiG9w0BAQsFAAOCAgEAaJ+oOp8rHoIEt5qCuoNKb/VlR8sX7YpzfqLb+6W0QoKP
+KQjHMVi2z+uwMPjCjJSSm0AYVVVAWcWI/kIW7WJ9vaFQVuutWLF00xL/yYgFcG25
+3qML8BBncHanD6EXanRXoPE/aLXnEgOHYNhg/z94hQ2JNn97UpECbzzQBqPHTC8C
+CcmZXM6slYYqoylZIOqU28d7Xo6ElJEQ7AxObwMaCUXid5rUceDwZSi+9OG49kmE
+Q9MNZ+d4WSnarZLHAEQh/4bdBVUln5h4l2fqQrQLDMUj2oXPwRxXk57AW+zLFtrS
+lC552wbWza6IIf8SJZDy8q47/WfKD1YDmy0NfFZxEf+ZG/7zh5fjm1qlKVoAjxI9
+quG+wK27rhMn6Ddo/DDpQ7+VaszZP+TZol5Hifda3cOPoTpoA/n77L/iVynGXtD8
+dhfAfVqRWhR3JgrQWmOyJ2SAc6Z1Ao68qBG+q9HXdIPjKS3Pj/EexMMVL0Qfbtfz
+y26ZSlgQPSc9qmKcAYb9babzdf8ioq0f0UheM4QW0g4u5/TNpa+QcSCmdp5GfqMb
+eeCXzExsrvcCUp0bPiXwLYCLYTZNgYW2wMsQVJDmlZuTTWikEcPG6QJYgMUPGyCH
+UsAua3te00Dj9ikR8bMaXJc9ZEFPZzLyz1IbDyiRfBLVCKX+dH3VXQ7l0BnBmB8=
+-----END CERTIFICATE-----
diff --git a/config.docker-dev/docker/imap-backend2/kolab.hosted.com.key b/config.docker-dev/docker/imap-backend2/kolab.hosted.com.key
new file mode 100644
index 00000000..3dcac097
--- /dev/null
+++ b/config.docker-dev/docker/imap-backend2/kolab.hosted.com.key
@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKAIBAAKCAgEAsS/OOIkDFE1+N2FkPlP3g4HOc9JDCBXz2soZC+VBYJnn2fM8
+IouRMCuyri3dDSuKhSiThUUZKYS1gGLoRHpu4320aq8XCrmXcmOu6RFiJVXv/YWv
+UWgGthE/brcq3nRZOTMIELo0AN+3KXikRWUPemBYWbRhh9e8frG3mUH1EOkMKMXX
+OGQxY9bUOFgoIUx0pUSCOFShAOj0cgQY1MmC6wo8gVYo4qles2/v+W4h8W+QobQ3
+Hg/oLQFqxkaUB7NlrEh9TLOxW0/EtrF0+W4NQTWWUUq3C5i2g+thjpm8YhtVd6lP
+oid9dRcLFFaOsTH7ipnDyOV+QQtmrUHtc1kc38jNO+s/urwbFI4nvbJM/NQmPONT
+yoMf+lT3gqRE2L9pGmKnUugEnVVSr/1BVNkwG8FKaaNqw9dID2lR+LYUwzh+vGec
+Feck3lkic5+yqo/CCy0OnBD1q9b16lw54q9GxQ4aaa6sDJA8W2djZFSPYCDrGXBC
+MryVef/aY03WyljwlKwQ14iQJck8feTPwfVCvYffGYsZ6TnAxmNoDYRolkhgDZV5
+4XyK6a2tN6L9hl5hZ80ns95h+b6r7n0WbxHAZg1v1VHVQA4dm5ulFRwH640q5a50
+iBD0TKZclidFcMhu1FLI6ZPNUNT1P1kppDMqOWp/6cL8V2E4wDpvglYUdZMCAwEA
+AQKCAgACxLx0Ja/moU9Xji4Cy00SwPR42tAxUCZ/RKkfhnV/DOiSfzpxT7z1A7nG
+/vB1RDjl27xyWKIMBAbR+rmmWENjSpOHFzVE9aFoKCaTfbIK40zcqToUC4wPTDWx
+hSsmTqsWObXmjQJDATvbagcnDm0vfFHlFOxxMu2/DQfRXTZ3DS0jdfPm7anX5YNr
+XfVCj+9Cpc9jEe9yFDG9llLNAFkLUx2e57m70Omp5BXbz9y36QZZgHdcAOOf0GXa
+sz+c3zC3gGp0yFn9E0H/mMY7H30Vh8DRhFlX1QsFBKiBkeVfow2y0PJtljBfo/yI
+VNHl8uH7SGvGt89BNOxlyKHtK3dIASx3z2E+hJMHIVrxReJS1ySf+cnhfONkCx6g
+R+HcvD9dMyJtpyrTQmFsVaYBXWoJMYoRuEbXtYT7JwA2PWPcSr66J8S3WrkbbrWW
+pI8gHofJrz63AJ7l3Da/90hNCrqd6AzlLmaK3q2Ev2Fd0sLrQ6a3fnZDyyLZwUyv
+0IHwR1lnzLUHGh4QevMTOmU3aqUYt+dCXSG8uD9U3N0SFTpAE5q/AcQJciqxcdqW
+J0kWfwVHA7OQIgGFdCk9ZbL/uOrUQ+3yPBJwbYaHk9GXkEekolEmbg2ZcUJ1fql+
+vX2prJkb7Zy4F5CiI5hBaI/VS5Fb3ysCqT+lExsMJXsbN+BgAQKCAQEA6QnAWhfT
+gHMgoaPlDweDMKf3mNxhKXgACEopOo/yfZhCoSF1rwGA3c/1m4afFZzVT94m0XUt
+/pJkQVCFmGapBVqfUUQZ15VVA6D0pOTs6LoryIUgkRm3H+wQl/IRWXm4iZU/Jx8z
+5WSf6EX2l/DAv8SMGUOC3+HeIrJB5Vlew0JTBjeFTNNVkS7pJHDh3g68RsVn3OhA
+k0koDZiZqsDiE3/m9c2CQ9rrSM2o9g2w2zsr5Zbn5JW1xYqdttJFnAdoj8E+SCaK
+2uzvQ4JlIbMLT+QZxF/fjfcPZ0BxeAmQ74Y3tCrVjwE1zd/o0p8H6/IfNAPxCrUg
+PvtqApI7kslNdwKCAQEAwqU8muRtx0UG0/8wbl9LRaB9sACXqG++rAJ/ySu+usp7
+IZ2q0uSBKlcMnST06LmfjJtyO9GWwYmAKSojtyeujGLjdqA0M3H/YUAocVySPQ3R
+om/rqmJV7+LOQja8k+Lj2dHbtJ6HXL7gRZYgtG8dvKfEC44fgwpi04vaHA05Q0J4
+HqRecnIp9yoJYkJsIBMqARsglSsyJ3RXSVO3RpJgvit/fumRq6cXQd2ONSBjfDS5
+qOvWlWJmjXTtCirOexWxzSEMiIOVNXNlwdfXgoelv9ScHRLIzAOM91zK8CIVSDZ6
+8HSm8p2t+HwWUjslbY4+FMODp7OicjWGFg0aBGUvxQKCAQB5EoDmDdTrumSsthru
+mQeWwt2HhI/SXK8fn3AWJe1lRTLwxhJ/TvelxkKjf+is8ON+cDuYvRmdVm9R48TU
+7hlIV9HIBeqrL8GQdhJEjU9shjTzI/9Mg6C5rAre9nv/EZdHm8vIxpROzN2rbpX0
+ULfDqhjjk0iuiom/Wv+TacArEA1UgIn35SBioo2sSh1/Iga9ehhBFEVggDSYA71q
+knWijePvtsrD+DwfggITe/9zlyVyTdnCz+k1bZQNBOf3bX3smgiCscuYfFq+p0Nl
+o8Dvy+F7PhhGiKJvEXMiW036s6/DIjH77zQF9xveOZODCTMe8iFMX9gWAMcN+O2M
+kJt3AoIBAQCxPPz+ndpIhVY+XDShjCxibk2EokV2nqokvvHVIPw/4nhUl9kgx+nF
+wBZAUZKhB8V8p19RkPuRp78HvNNgx8VtF+6/6gkef0NoLp+k+gI/jgHBw9/3+ir+
+kKv4Jxd4IjYP9cP1qBTiIvzc4GNPaY7OZoVhcDzJef+bWdF1kaT+1dvDKzDFTadg
+5Oo+ivUiD9FDyIvWyMqWmp2Qq6ZLoKZvA/TIf66hezj2RORlA+UTCH+2jWmMBVoU
+nM/rXic+dPa+LsXW2NpZHYcfB4e52ALZtqOg5aXp/6Gw7NHt71spslIn+lC6w1HS
+3ksE/c6K/+cPyShs4GmfTZWXJr72GZ1xAoIBAAK7gQb3/WCQpTiPh/v7Qnl6hQZD
+y+T8fprWBXskU5A7NbIE44DdltPe4LLsVMHpNlqRpYCz+3bHTmPDHd+IHJHZm9Ik
+4gUXjPMzzkF9qQ2lyNWvnH2bHlSeHUg/3ZCXpmc8l0pmAeRxhOxzBaFgjt8N3Z5n
+FIc25xJ9ki3stySf6baWmTWFscCFn8eBJrQ8mNLXpBM2iXM1e5D8Bu2VZK6nJGtz
+QCChvsHspsTmRsGvemBk27gkvKAG0K8u84T5XBRwog7MWx8XThVqNcns6kejeYQs
+CNRvuLj7gEQwMPzW2p/tLbSU82oDKQTICeyPwfS/fMl/6NYRaTdABc6KIME=
+-----END RSA PRIVATE KEY-----
diff --git a/config.docker-dev/docker/imap-backend2/saslauthd.conf b/config.docker-dev/docker/imap-backend2/saslauthd.conf
new file mode 100644
index 00000000..2bfbc097
--- /dev/null
+++ b/config.docker-dev/docker/imap-backend2/saslauthd.conf
@@ -0,0 +1,4 @@
+httpform_host: services.kolab.local
+httpform_port: 8000
+httpform_uri: /api/webhooks/cyrus-sasl/
+httpform_data: %u %r %p
diff --git a/config.docker-dev/docker/imap-frontend/Dockerfile b/config.docker-dev/docker/imap-frontend/Dockerfile
index d1af7c7b..1e436051 100644
--- a/config.docker-dev/docker/imap-frontend/Dockerfile
+++ b/config.docker-dev/docker/imap-frontend/Dockerfile
@@ -1,82 +1,71 @@
FROM almalinux:8
LABEL maintainer="contact@apheleia-it.ch"
LABEL dist=centos8
LABEL tier=${TIER}
ENV SYSTEMD_PAGER=''
ENV DISTRO=centos8
ENV LANG=en_US.utf8
ENV LC_ALL=en_US.utf8
# Add EPEL.
RUN dnf -y install dnf-plugin-config-manager && \
dnf config-manager --set-enabled powertools && \
dnf -y install epel-release && \
dnf -y module enable 389-ds:1.4/default && \
dnf -y module enable mariadb:10.3 && \
dnf -y install iputils vim-enhanced bind-utils && \
dnf clean all
RUN rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8
# Install kolab
RUN rpm --import https://mirror.apheleia-it.ch/repos/Kolab:/16/key.asc && \
rpm -Uvh https://mirror.apheleia-it.ch/repos/Kolab:/16/kolab-16-for-el8.rpm
RUN sed -i -e '/^ssl/d' /etc/yum.repos.d/kolab*.repo && \
dnf config-manager --enable kolab-16-testing &&\
dnf -y --setopt tsflags= install patch &&\
dnf clean all
RUN sed -i -r -e 's/^SELINUX=.*$/SELINUX=permissive/g' /etc/selinux/config 2>/dev/null || :
WORKDIR /root/
-RUN dnf -y install git
-RUN dnf -y group install "Development Tools"
-RUN git clone https://github.com/cmollekopf/cyrus-imapd
+RUN dnf -y install git autoconf automake bison cyrus-sasl-devel flex gcc gperf jansson-devel libbsd-devel libtool libicu-devel libuuid-devel openssl-devel pkgconfig sqlite-devel brotli-devel libical-devel libxml2-devel libnghttp2-devel shapelib zlib-devel pcre-devel perl-devel && \
+ dnf -y install cyrus-imapd cyrus-sasl cyrus-sasl-plain && \
+ dnf -y group install "Development Tools"
+RUN git clone https://git.kolab.org/source/cyrus-imapd.git
-RUN dnf -y install autoconf automake bison cyrus-sasl-devel flex gcc gperf jansson-devel libbsd-devel libtool libicu-devel libuuid-devel openssl-devel pkgconfig sqlite-devel brotli-devel libical-devel libxml2-devel libnghttp2-devel shapelib zlib-devel pcre-devel
-
-RUN dnf -y install perl-devel
-RUN dnf -y install cyrus-imapd cyrus-sasl cyrus-sasl-plain
-# wslay-devel
-#libchardet-devel
- # cld2-devel
- #
COPY cyrus.conf /etc/cyrus.conf
COPY imapd.conf /etc/imapd.conf
COPY imapd.annotations.conf /etc/imapd.annotations.conf
COPY saslauthd.conf /etc/saslauthd.conf
-
ARG IMAP_ADMIN_LOGIN
ARG IMAP_ADMIN_PASSWORD
RUN sed -i -r \
-e "s|IMAP_ADMIN_LOGIN|$IMAP_ADMIN_LOGIN|g" \
-e "s|IMAP_ADMIN_PASSWORD|$IMAP_ADMIN_PASSWORD|g" \
/etc/imapd.conf
RUN cd cyrus-imapd && \
git checkout dev/kolab-3.6 && \
autoreconf -i && \
./configure CFLAGS="-W -Wno-unused-parameter -g -O0 -Wall -Wextra -Werror -fPIC" --enable-murder --enable-http --enable-calalarmd --enable-autocreate --enable-idled --with-openssl=yes --prefix=/usr && \
make -j6 && \
make install
COPY cyrus-imapd.service /etc/systemd/system/cyrus-imapd.service
-
-# RUN useradd -g mail cyrus
-
ADD kolab.hosted.com.cert /etc/pki/tls/certs/kolab.hosted.com.cert
ADD kolab.hosted.com.chain.pem /etc/pki/tls/certs/kolab.hosted.com.chain.pem
ADD kolab.hosted.com.key /etc/pki/tls/certs/kolab.hosted.com.key
RUN mkdir -p /etc/pki/cyrus-imapd/ && cat /etc/pki/tls/certs/kolab.hosted.com.cert /etc/pki/tls/certs/kolab.hosted.com.chain.pem /etc/pki/tls/certs/kolab.hosted.com.key > /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem && \
chown cyrus:mail /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
RUN sed -i "s/MECH=.*/MECH=httpform/" /etc/sysconfig/saslauthd
RUN systemctl enable cyrus-imapd && systemctl enable saslauthd
CMD ["/lib/systemd/systemd"]
EXPOSE 143/tcp 993/tcp 80/tcp 443/tcp
diff --git a/config.docker-dev/docker/imap-frontend/imapd.conf b/config.docker-dev/docker/imap-frontend/imapd.conf
index dfeccd84..f66f855e 100644
--- a/config.docker-dev/docker/imap-frontend/imapd.conf
+++ b/config.docker-dev/docker/imap-frontend/imapd.conf
@@ -1,90 +1,90 @@
servername: imap-frontend
configdirectory: /var/lib/imap
autocreate_quota: 5242880
idlesocket: /var/lib/imap/socket/idle
-disable_shared_namespace: 1
-disable_user_namespace: 1
+disable_shared_namespace: 0
+disable_user_namespace: 0
duplicate_db_path: /var/lib/imap/deliver.db
mboxname_lockpath: /var/lib/imap/lock
proc_path: /var/lib/imap/proc
# Apparently does not work
##ptscache_db_path: /var/tmp/cyrus-imapd/ptscache.db
statuscache_db_path: /var/lib/imap/statuscache.db
temp_path: /tmp
tls_sessions_db_path: /run/cyrus/db/tls_sessions.db
annotation_definitions: /etc/imapd.annotations.conf
sendmail: /usr/sbin/sendmail
admins: IMAP_ADMIN_LOGIN
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN LOGIN
allowplaintext: yes
lmtp_over_quota_perm_failure: 1
#tls_server_cert: /etc/pki/tls/private/aphy.app.pem
#tls_server_key: /etc/pki/tls/private/aphy.app.pem
#tls_server_ca_file: /etc/pki/tls/certs/zrh1.infra.aphy.app.ca.cert
tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
tls_client_certs: off
tls_ciphers: kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES
tls_prefer_server_ciphers: 1
sieve_tls_versions: tls1_0 tls1_1 tls1_2
tls_versions: tls1_3
maxlogins_per_user: 50
# Disable mailbox referrals for all clients, as the referrals will point
# addresses the client cannot reach.
proxyd_disable_mailbox_referrals: 1
serverlist: imap-backend
httpmodules: caldav carddav domainkey freebusy ischedule rss webdav
unixhierarchysep: 1
virtdomains: userid
sieve_extensions: fileinto reject envelope body vacation imap4flags include regex subaddress relational copy date
allowallsubscribe: 0
anyoneuseracl: 0
allowusermoves: 1
altnamespace: 1
disconnect_on_vanished_mailbox: 1
hashimapspool: 1
anysievefolder: 1
fulldirhash: 0
sieve_maxscripts: 150
sieve_maxscriptsize: 128
sieveusehomedir: 0
sieve_allowreferrals: 0
sieve_utf8fileinto: 1
lmtp_downcase_rcpt: 1
lmtp_fuzzy_mailbox_match: 1
username_tolower: 1
deletedprefix: DELETED
delete_mode: delayed
expunge_mode: delayed
postuser: shared
tcp_keepalive: 1
syslog_prefix: cyrus-imapd
# mupdate is enabled
#mupdate_config: standard
mupdate_server: imap-mupdate
mupdate_port: 3905
mupdate_authname: IMAP_ADMIN_LOGIN
mupdate_username: IMAP_ADMIN_LOGIN
mupdate_password: IMAP_ADMIN_PASSWORD
# proxy authentication against backends
proxy_authname: IMAP_ADMIN_LOGIN
proxy_password: IMAP_ADMIN_PASSWORD
diff --git a/config.docker-dev/docker/imap-mupdate/Dockerfile b/config.docker-dev/docker/imap-mupdate/Dockerfile
index 94b91dd9..1e436051 100644
--- a/config.docker-dev/docker/imap-mupdate/Dockerfile
+++ b/config.docker-dev/docker/imap-mupdate/Dockerfile
@@ -1,81 +1,71 @@
FROM almalinux:8
LABEL maintainer="contact@apheleia-it.ch"
LABEL dist=centos8
LABEL tier=${TIER}
ENV SYSTEMD_PAGER=''
ENV DISTRO=centos8
ENV LANG=en_US.utf8
ENV LC_ALL=en_US.utf8
# Add EPEL.
RUN dnf -y install dnf-plugin-config-manager && \
dnf config-manager --set-enabled powertools && \
dnf -y install epel-release && \
dnf -y module enable 389-ds:1.4/default && \
dnf -y module enable mariadb:10.3 && \
dnf -y install iputils vim-enhanced bind-utils && \
dnf clean all
RUN rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8
# Install kolab
RUN rpm --import https://mirror.apheleia-it.ch/repos/Kolab:/16/key.asc && \
rpm -Uvh https://mirror.apheleia-it.ch/repos/Kolab:/16/kolab-16-for-el8.rpm
RUN sed -i -e '/^ssl/d' /etc/yum.repos.d/kolab*.repo && \
dnf config-manager --enable kolab-16-testing &&\
dnf -y --setopt tsflags= install patch &&\
dnf clean all
RUN sed -i -r -e 's/^SELINUX=.*$/SELINUX=permissive/g' /etc/selinux/config 2>/dev/null || :
WORKDIR /root/
-RUN dnf -y install git
-RUN dnf -y group install "Development Tools"
-RUN git clone https://github.com/cmollekopf/cyrus-imapd
+RUN dnf -y install git autoconf automake bison cyrus-sasl-devel flex gcc gperf jansson-devel libbsd-devel libtool libicu-devel libuuid-devel openssl-devel pkgconfig sqlite-devel brotli-devel libical-devel libxml2-devel libnghttp2-devel shapelib zlib-devel pcre-devel perl-devel && \
+ dnf -y install cyrus-imapd cyrus-sasl cyrus-sasl-plain && \
+ dnf -y group install "Development Tools"
+RUN git clone https://git.kolab.org/source/cyrus-imapd.git
-RUN dnf -y install autoconf automake bison cyrus-sasl-devel flex gcc gperf jansson-devel libbsd-devel libtool libicu-devel libuuid-devel openssl-devel pkgconfig sqlite-devel brotli-devel libical-devel libxml2-devel libnghttp2-devel shapelib zlib-devel pcre-devel
-
-RUN dnf -y install perl-devel
-RUN dnf -y install cyrus-imapd cyrus-sasl cyrus-sasl-plain
-# wslay-devel
-#libchardet-devel
- # cld2-devel
- #
COPY cyrus.conf /etc/cyrus.conf
COPY imapd.conf /etc/imapd.conf
COPY imapd.annotations.conf /etc/imapd.annotations.conf
COPY saslauthd.conf /etc/saslauthd.conf
ARG IMAP_ADMIN_LOGIN
ARG IMAP_ADMIN_PASSWORD
RUN sed -i -r \
-e "s|IMAP_ADMIN_LOGIN|$IMAP_ADMIN_LOGIN|g" \
-e "s|IMAP_ADMIN_PASSWORD|$IMAP_ADMIN_PASSWORD|g" \
/etc/imapd.conf
RUN cd cyrus-imapd && \
git checkout dev/kolab-3.6 && \
autoreconf -i && \
./configure CFLAGS="-W -Wno-unused-parameter -g -O0 -Wall -Wextra -Werror -fPIC" --enable-murder --enable-http --enable-calalarmd --enable-autocreate --enable-idled --with-openssl=yes --prefix=/usr && \
make -j6 && \
make install
COPY cyrus-imapd.service /etc/systemd/system/cyrus-imapd.service
-
-# RUN useradd -g mail cyrus
-
ADD kolab.hosted.com.cert /etc/pki/tls/certs/kolab.hosted.com.cert
ADD kolab.hosted.com.chain.pem /etc/pki/tls/certs/kolab.hosted.com.chain.pem
ADD kolab.hosted.com.key /etc/pki/tls/certs/kolab.hosted.com.key
RUN mkdir -p /etc/pki/cyrus-imapd/ && cat /etc/pki/tls/certs/kolab.hosted.com.cert /etc/pki/tls/certs/kolab.hosted.com.chain.pem /etc/pki/tls/certs/kolab.hosted.com.key > /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem && \
chown cyrus:mail /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
RUN sed -i "s/MECH=.*/MECH=httpform/" /etc/sysconfig/saslauthd
RUN systemctl enable cyrus-imapd && systemctl enable saslauthd
CMD ["/lib/systemd/systemd"]
EXPOSE 143/tcp 993/tcp 80/tcp 443/tcp
diff --git a/config.docker-dev/docker/imap-mupdate/imapd.conf b/config.docker-dev/docker/imap-mupdate/imapd.conf
index 367d5704..787912b7 100644
--- a/config.docker-dev/docker/imap-mupdate/imapd.conf
+++ b/config.docker-dev/docker/imap-mupdate/imapd.conf
@@ -1,64 +1,64 @@
servername: imap-mupdate
configdirectory: /var/lib/imap
defaultpartition: default
partition-default: /var/spool/imap/
annotation_definitions: /etc/imapd.annotations.conf
autocreate_quota: 5242880
idlesocket: /var/lib/imap/socket/idle
-disable_shared_namespace: 1
-disable_user_namespace: 1
+disable_shared_namespace: 0
+disable_user_namespace: 0
duplicate_db_path: /var/lib/imap/deliver.db
mboxname_lockpath: /var/lib/imap/lock
proc_path: /var/lib/imap/proc
# Apparently does not work
##ptscache_db_path: /var/tmp/cyrus-imapd/ptscache.db
statuscache_db_path: /var/lib/imap/statuscache.db
temp_path: /tmp
tls_sessions_db_path: /run/cyrus/db/tls_sessions.db
admins: IMAP_ADMIN_LOGIN
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN LOGIN
allowplaintext: yes
lmtp_over_quota_perm_failure: 1
tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
tls_client_certs: off
tls_ciphers: kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES
tls_prefer_server_ciphers: 1
sieve_tls_versions: tls1_0 tls1_1 tls1_2
tls_versions: tls1_3
unixhierarchysep: 1
virtdomains: userid
sieve_extensions: fileinto reject envelope body vacation imap4flags include regex subaddress relational copy date
allowallsubscribe: 0
anyoneuseracl: 0
allowusermoves: 1
altnamespace: 1
disconnect_on_vanished_mailbox: 1
hashimapspool: 1
anysievefolder: 1
fulldirhash: 0
sieve_maxscripts: 150
sieve_maxscriptsize: 128
sieveusehomedir: 0
sieve_allowreferrals: 0
sieve_utf8fileinto: 1
lmtp_downcase_rcpt: 1
lmtp_fuzzy_mailbox_match: 1
username_tolower: 1
deletedprefix: DELETED
delete_mode: delayed
expunge_mode: delayed
postuser: shared
tcp_keepalive: 1
syslog_prefix: cyrus-imapd
diff --git a/config.docker-dev/testimap.sh b/config.docker-dev/testimap.sh
new file mode 100644
index 00000000..c34a0421
--- /dev/null
+++ b/config.docker-dev/testimap.sh
@@ -0,0 +1,56 @@
+#!/bin/bash
+
+set -e
+
+trap 'echo "Error on $LINENO"' ERR
+
+ADMIN_USER="cyrus-admin"
+ADMIN_PASSWORD="Welcome2KolabSystems"
+USER="admin@kolab.local"
+PASSWORD="simple123"
+CREDENTIALS="$USER:$PASSWORD"
+
+ADMIN_FRONTEND_COMMAND="imtest -p 7143 -a $ADMIN_USER -u $ADMIN_USER -w $ADMIN_PASSWORD -v 127.0.0.1"
+ADMIN_BACKEND1_COMMAND="imtest -p 8143 -a $ADMIN_USER -u $ADMIN_USER -w $ADMIN_PASSWORD -v 127.0.0.1"
+ADMIN_BACKEND2_COMMAND="imtest -p 9143 -a $ADMIN_USER -u $ADMIN_USER -w $ADMIN_PASSWORD -v 127.0.0.1"
+
+
+# We expect to be able to create folders under the shared/ prefix from multiple backends.
+# This only works because of a hardcoded exception, as folder hierarchies are not normally allowed to span backends.
+echo 'a01 create shared/test1@kolab.local' | $ADMIN_BACKEND1_COMMAND
+echo 'a01 create shared/test2@kolab.local' | $ADMIN_BACKEND1_COMMAND
+echo 'a01 create shared/test3@kolab.local' | $ADMIN_BACKEND2_COMMAND
+echo 'a01 create shared/test4@kolab.local' | $ADMIN_BACKEND2_COMMAND
+echo 'a01 create shared/test5@kolab.local' | $ADMIN_FRONTEND_COMMAND
+
+# Make sure no shared folder was created
+docker compose exec -ti imap-mupdate ctl_mboxlist -d | grep -v '"shared":' > /dev/null 2>&1
+
+# Make sure the folders exist
+echo 'a01 list "" "*"' | $ADMIN_FRONTEND_COMMAND | grep "shared/test1@kolab.local"
+echo 'a01 list "" "*"' | $ADMIN_FRONTEND_COMMAND | grep "shared/test2@kolab.local"
+echo 'a01 list "" "*"' | $ADMIN_FRONTEND_COMMAND | grep "shared/test3@kolab.local"
+echo 'a01 list "" "*"' | $ADMIN_FRONTEND_COMMAND | grep "shared/test4@kolab.local"
+echo 'a01 list "" "*"' | $ADMIN_FRONTEND_COMMAND | grep "shared/test5@kolab.local"
+
+# echo 'a01 list "" "*"' | imtest -p 7143 -a $USER -u $USER -w $PASSWORD -v 127.0.0.1
+# echo 'a01 list "" "*"' | $ADMIN_FRONTEND_COMMAND
+
+
+# echo 'a01 list "" "*"' | $ADMIN_FRONTEND_COMMAND
+# docker compose exec -ti imap-mupdate ctl_mboxlist -d | grep '"shared":'
+# echo 'a01 setacl shared anyone +x' | $ADMIN_FRONTEND_COMMAND > /dev/null 2>&1
+# echo 'a01 delete shared' | $ADMIN_FRONTEND_COMMAND > /dev/null 2>&1
+# echo 'a01 setacl shared/test4@kolab.local anyone +x' | $ADMIN_FRONTEND_COMMAND > /dev/null 2>&1
+# echo 'a01 delete shared/test4@kolab.local' | $ADMIN_FRONTEND_COMMAND > /dev/null 2>&1
+# # docker compose exec -ti imap-mupdate ctl_mboxlist -d
+
+# # cyradm --user cyrus-admin --password $(awk '/mupdate_password/ {print $2}' /etc/imapd.conf) --authz cyrus-admin localhost
+
+# # curl -u $CREDENTIALS -i -X PROPFIND -H 'Depth: 1' $DAVSERVER/principals/user/$USER/
+
+# # curl --user "$CREDENTIALS" -sD /dev/stderr -H "Content-Type: application/xml" -X PROPFIND -H "Depth: infinity" --data '' $DAVSERVER/principals/user/$USER/
+# # | xmllint -format -
+
+# # curl --user "$CREDENTIALS" -sD /dev/stderr -H "Content-Type: application/xml" -X PROPFIND -H "Depth: infinity" --data '' $DAVSERVER/calendars/user/$USER/ | xmllint -format -
+