Hi Nic! I'm super happy with your response!
Honestly, I added that while I was getting 550 from lmtp, but that probably should be removed. But lmtp, do you think I can remove that line from the master? Actually, that line came turned on by default on CentOS 8, that is the base image I'm using. I will turn that off and check if all runs ok. I will write a README for this recipe and all containers I made. I would be very happy to see that in the Cyrus docs :) Em ter., 18 de fev. de 2020 às 14:24, Nic Bernstein <n...@nicbernstein.com> escreveu: > Fabio, > Very interesting stuff. I would encourage you to add Readme.md to your > repository, containing at least what you've summarized here. This would > make for a nice addition to the Cyrus documentation, but would need a bit > more explanation on your part, first, so whomever prepares the docs for the > Cyrus project doesn't misrepresent anything you've done. > > Some questions: > > - You've gone to the trouble to add the certificate infrastructure for > Postfix, but not for Cyrus. Any reason for that? > - What I'm referring to here is the nginx proxy support for the > Let's Encrypt stuff (at least I assume that's what you're using) > - Your Postfix configuration contains support for the deprecated > Cyrus 'deliver' program as well as LMTP. > - If Postfix & Cyrus are separate containers, then 'deliver' won't > work. > > > Nice work! > -nic > > On 2/18/20 10:16 AM, Fabio Montefuscolo wrote: > > Hello! > > I finally got the basic stuff working on Docker and deployed through > Docker swarm. That is what I learnt (or I think I learnt) > > * a basic mail solution having Cyrus needs 4 containers (imapd, saslauthd, > rsyslog and postfix) > * sharing rsyslog socket on all containers is needed to have logs > * saslauthd socket needs to be shared on imapd and postfix containers, to > have authentication > * imapd exposes lmtp socket, that needs to be shared with postfix, to > receive emails > > Other stuff > > * Saslauthd is using OpenLDAP > * Postfix uses letsencrypt generated certificate > > Next challenges > > * Run OpenDKIM container and tie it o Postfix > * Work with virtualdomains > * Have a spam solution > * Convert the docker-compose.yml to a kubernetes equivalent (so scary) > > If anyone have some minutes to take a look at > https://github.com/fabiomontefuscolo/wikisuite-swarm/tree/master/global-services > and give some thoughts, it would be awesome. > > Thank you!! > > > Em qua., 15 de jan. de 2020 às 08:49, Fabio Montefuscolo < > fabio.montefusc...@gmail.com> escreveu: > >> Hi Niels >> >> Thank you very much for looking into this. >> >> Initially, I would like to get this working like I got in a real CentOS >> 8. I have here a virtual machine where I did the same steps I did in >> Dockerfile. But in VM I start services "*systemctl start cyrus-imapd*" >> and "*systemctl start saslauthd*" and basic login works out of the box. >> I could telnet on port 143 and "*. login cyrus cyrus*". That is not >> happening on Docker. >> >> I hope other people using the image can write their own config and mount >> inside the container to achieve their needs. The plan is to have some >> kubernetes recipes I can repeat whenever we get a new client wondering to >> have an email service. Actually I'm testing it on DO, but using kubernetes >> should be simple to move to AWS, Linode or any other kubernetes hosting. >> >> Thank you >> >> Em qua., 15 de jan. de 2020 às 06:22, Niels Dettenbach via Info-cyrus < >> info-cyrus@lists.andrew.cmu.edu> escreveu: >> >>> Am Dienstag, 14. Januar 2020, 16:47:52 CET schrieb Fabio Montefuscolo: >>> > I'm trying to build a simple docker image based on CentOS 8, which >>> brings >>> > cyrus-imapd 3.0.7. I'm having troubles to authenticate on cyrus imap >>> > service for unknown reasons. There is no syslog facility working inside >>> > the centos image, so I don't have logs. The final idea is deploy this >>> > image in a kubernetes cluster. The Dockerfile I'm using is >>> > https://github.com/fabiomontefuscolo/docker-cyrusimapd >>> > >>> > When I jump into console and try to use cyradm, I get 2 password >>> fields to >>> > fulfill and at the ent, that doesn't work >>> >>> >>> as far as i can read in that dockerfile on a first view, it does only >>> install >>> dependencies and "activating" SSL/TLS, but lacks any kind of further >>> required >>> configuration for cyrus auth etc. >>> >>> the flexibility and complexity of cyrus installations are not easy to >>> "capsule" into a docker file or reciept for a "common usage". >>> >>> depending on what kind of authentication subsystem (i.e. mysql, pam, >>> ldap, >>> pam_mysql, sasl, saslauthd (with pam or other "backend") you want to use >>> or >>> even active AD or others you have to configure that by hand (or extend >>> that >>> docker file). >>> >>> a typical "easy" way is using saslauthd with -s pam to "simply" use pam >>> authentication. >>> >>> >>> hth, >>> >>> >>> >>> niels. >>> >>> >>> -- >>> --- >>> Niels Dettenbach >>> Syndicat IT & Internet >>> http://www.syndicat.com >>> PGP: https://syndicat.com/pub_key.asc >>> --- >>> >>> >>> >>> >>> >>> >>> >>> ---- >>> Cyrus Home Page: http://www.cyrusimap.org/ >>> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ >>> To Unsubscribe: >>> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus >>> >> > ---- > Cyrus Home Page: http://www.cyrusimap.org/ > List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ > To Unsubscribe:https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus > > > > -- > Nic Bernstein n...@nicbernstein.com > mobile: +1 414 807 1734 > snail: 1111 N Astor St Apt A5, Milwaukee, WI > 53202-3319https://www.nicbernstein.comhttps://www.linkedin.com/in/nic-b-26577a178/ > >
---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
