<div dir="ltr"><div class="gmail_default" style="font-family:monospace,monospace">Hi Nic!</div><div class="gmail_default" style="font-family:monospace,monospace"><br></div><div class="gmail_default" style="font-family:monospace,monospace">I'm super happy with your response!</div><div class="gmail_default" style="font-family:monospace,monospace"><br></div><div class="gmail_default" style="font-family:monospace,monospace">Honestly, I added that while I was getting 550 from lmtp, but that probably should be removed. But lmtp, do you think I can remove that line from the master? Actually, that line came turned on by default on CentOS 8, that is the base image I'm using. I will turn that off and check if all runs ok.</div><div class="gmail_default" style="font-family:monospace,monospace"><br></div><div class="gmail_default" style="font-family:monospace,monospace">I will write a README for this recipe and all containers I made. I would be very happy to see that in the Cyrus docs :)</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Em ter., 18 de fev. de 2020 às 14:24, Nic Bernstein <<a href="mailto:nic@nicbernstein.com">nic@nicbernstein.com</a>> escreveu:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<font size="-1">Fabio,<br>
Very interesting stuff. I would encourage you to add Readme.md to
your repository, containing at least what you've summarized here.
This would make for a nice addition to the Cyrus documentation,
but would need a bit more explanation on your part, first, so
whomever prepares the docs for the Cyrus project doesn't
misrepresent anything you've done.<br>
<br>
Some questions:<br>
</font>
<ul>
<li><font size="-1">You've gone to the trouble to add the
certificate infrastructure for Postfix, but not for Cyrus.
Any reason for that?</font></li>
<ul>
<li><font size="-1">What I'm referring to here is the nginx
proxy support for the Let's Encrypt stuff (at least I assume
that's what you're using)<br>
</font></li>
</ul>
<li><font size="-1">Your Postfix configuration contains support
for the deprecated Cyrus 'deliver' program as well as LMTP. <br>
</font></li>
<ul>
<li><font size="-1">If Postfix & Cyrus are separate
containers, then 'deliver' won't work.<br>
</font></li>
</ul>
</ul>
<br>
Nice work!<br>
-nic<br>
<br>
<div>On 2/18/20 10:16 AM, Fabio Montefuscolo
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div class="gmail_default" style="font-family:monospace,monospace">Hello!</div>
<div class="gmail_default" style="font-family:monospace,monospace"><br>
</div>
<div class="gmail_default" style="font-family:monospace,monospace">I finally got the
basic stuff working on Docker and deployed through Docker
swarm. That is what I learnt (or I think I learnt)</div>
<div class="gmail_default" style="font-family:monospace,monospace"><br>
</div>
<div class="gmail_default" style="font-family:monospace,monospace">* a basic mail
solution having Cyrus needs 4 containers (imapd, saslauthd,
rsyslog and postfix)</div>
<div class="gmail_default" style="font-family:monospace,monospace">* sharing rsyslog
socket on all containers is needed to have logs</div>
<div class="gmail_default" style="font-family:monospace,monospace">* saslauthd socket
needs to be shared on imapd and postfix containers, to have
authentication</div>
<div class="gmail_default" style="font-family:monospace,monospace">* imapd exposes lmtp
socket, that needs to be shared with postfix, to receive
emails</div>
<div class="gmail_default" style="font-family:monospace,monospace"><br>
</div>
<div class="gmail_default" style="font-family:monospace,monospace">Other stuff</div>
<div class="gmail_default" style="font-family:monospace,monospace"><br>
</div>
<div class="gmail_default" style="font-family:monospace,monospace">* Saslauthd is using
OpenLDAP</div>
<div class="gmail_default" style="font-family:monospace,monospace">* Postfix uses
letsencrypt generated certificate</div>
<div class="gmail_default" style="font-family:monospace,monospace"><br>
</div>
<div class="gmail_default" style="font-family:monospace,monospace">Next challenges</div>
<div class="gmail_default" style="font-family:monospace,monospace"><br>
</div>
<div class="gmail_default" style="font-family:monospace,monospace">* Run OpenDKIM
container and tie it o Postfix</div>
<div class="gmail_default" style="font-family:monospace,monospace">* Work with
virtualdomains</div>
<div class="gmail_default" style="font-family:monospace,monospace">* Have a spam solution</div>
<div class="gmail_default" style="font-family:monospace,monospace">* Convert the
docker-compose.yml to a kubernetes equivalent (so scary)</div>
<div class="gmail_default" style="font-family:monospace,monospace"><br>
</div>
<div class="gmail_default" style="font-family:monospace,monospace">If anyone have some
minutes to take a look at <a href="https://github.com/fabiomontefuscolo/wikisuite-swarm/tree/master/global-services" target="_blank">https://github.com/fabiomontefuscolo/wikisuite-swarm/tree/master/global-services</a>
and give some thoughts, it would be awesome.</div>
<div class="gmail_default" style="font-family:monospace,monospace"><br>
</div>
<div class="gmail_default" style="font-family:monospace,monospace">Thank you!!</div>
<div class="gmail_default" style="font-family:monospace,monospace"><br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">Em qua., 15 de jan. de 2020 às
08:49, Fabio Montefuscolo <<a href="mailto:fabio.montefuscolo@gmail.com" target="_blank">fabio.montefuscolo@gmail.com</a>>
escreveu:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div class="gmail_default" style="font-family:monospace,monospace">Hi N<span style="font-family:Arial,Helvetica,sans-serif">iels</span></div>
<div class="gmail_default" style="font-family:monospace,monospace"><span style="font-family:Arial,Helvetica,sans-serif"><br>
</span></div>
<div class="gmail_default" style="font-family:monospace,monospace"><span style="font-family:Arial,Helvetica,sans-serif">Thank you
very much for looking into this. </span></div>
<div class="gmail_default" style="font-family:monospace,monospace"><span style="font-family:Arial,Helvetica,sans-serif"><br>
</span></div>
<div class="gmail_default" style="font-family:monospace,monospace"><span style="font-family:Arial,Helvetica,sans-serif">Initially,
I would like to get this working like I got in a real
CentOS 8. I have here a virtual machine where I did the
same steps I did in Dockerfile. But in VM I start
services "<b>systemctl start cyrus-imapd</b>" and "<b>systemctl
start saslauthd</b>" and basic login works out of the
box. I could telnet on port 143 and "<b>. login cyrus
cyrus</b>". That is not happening on Docker.</span></div>
<div class="gmail_default" style="font-family:monospace,monospace"><span style="font-family:Arial,Helvetica,sans-serif"><br>
</span></div>
<div class="gmail_default">I hope other people using the
image can write their own config and mount inside the
container to achieve their needs. The plan is to have some
kubernetes recipes I can repeat whenever we get a new
client wondering to have an email service. Actually I'm
testing it on DO, but using kubernetes should be simple to
move to AWS, Linode or any other kubernetes hosting.</div>
<div class="gmail_default"><br>
</div>
<div class="gmail_default">Thank you</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">Em qua., 15 de jan. de
2020 às 06:22, Niels Dettenbach via Info-cyrus <<a href="mailto:info-cyrus@lists.andrew.cmu.edu" target="_blank">info-cyrus@lists.andrew.cmu.edu</a>>
escreveu:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Am Dienstag, 14. Januar
2020, 16:47:52 CET schrieb Fabio Montefuscolo:<br>
> I'm trying to build a simple docker image based on
CentOS 8, which brings<br>
> cyrus-imapd 3.0.7. I'm having troubles to
authenticate on cyrus imap<br>
> service for unknown reasons. There is no syslog
facility working inside<br>
> the centos image, so I don't have logs. The final
idea is deploy this<br>
> image in a kubernetes cluster. The Dockerfile I'm
using is<br>
> <a href="https://github.com/fabiomontefuscolo/docker-cyrusimapd" rel="noreferrer" target="_blank">https://github.com/fabiomontefuscolo/docker-cyrusimapd</a><br>
> <br>
> When I jump into console and try to use cyradm, I get
2 password fields to<br>
> fulfill and at the ent, that doesn't work<br>
<br>
<br>
as far as i can read in that dockerfile on a first view,
it does only install <br>
dependencies and "activating" SSL/TLS, but lacks any kind
of further required <br>
configuration for cyrus auth etc.<br>
<br>
the flexibility and complexity of cyrus installations are
not easy to <br>
"capsule" into a docker file or reciept for a "common
usage".<br>
<br>
depending on what kind of authentication subsystem (i.e.
mysql, pam, ldap, <br>
pam_mysql, sasl, saslauthd (with pam or other "backend")
you want to use or <br>
even active AD or others you have to configure that by
hand (or extend that <br>
docker file).<br>
<br>
a typical "easy" way is using saslauthd with -s pam to
"simply" use pam <br>
authentication.<br>
<br>
<br>
hth,<br>
<br>
<br>
<br>
niels.<br>
<br>
<br>
-- <br>
---<br>
Niels Dettenbach<br>
Syndicat IT & Internet<br>
<a href="http://www.syndicat.com" rel="noreferrer" target="_blank">http://www.syndicat.com</a><br>
PGP: <a href="https://syndicat.com/pub_key.asc" rel="noreferrer" target="_blank">https://syndicat.com/pub_key.asc</a><br>
---<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
----<br>
Cyrus Home Page: <a href="http://www.cyrusimap.org/" rel="noreferrer" target="_blank">http://www.cyrusimap.org/</a><br>
List Archives/Info: <a href="http://lists.andrew.cmu.edu/pipermail/info-cyrus/" rel="noreferrer" target="_blank">http://lists.andrew.cmu.edu/pipermail/info-cyrus/</a><br>
To Unsubscribe:<br>
<a href="https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus" rel="noreferrer" target="_blank">https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus</a><br>
</blockquote>
</div>
</blockquote>
</div>
<br>
<fieldset></fieldset>
<pre>----
Cyrus Home Page: <a href="http://www.cyrusimap.org/" target="_blank">http://www.cyrusimap.org/</a>
List Archives/Info: <a href="http://lists.andrew.cmu.edu/pipermail/info-cyrus/" target="_blank">http://lists.andrew.cmu.edu/pipermail/info-cyrus/</a>
To Unsubscribe:
<a href="https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus" target="_blank">https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus</a></pre>
</blockquote>
<br>
<br>
<pre cols="72">--
Nic Bernstein <a href="mailto:nic@nicbernstein.com" target="_blank">nic@nicbernstein.com</a>
mobile: +1 414 807 1734
snail: 1111 N Astor St Apt A5, Milwaukee, WI 53202-3319
<a href="https://www.nicbernstein.com" target="_blank">https://www.nicbernstein.com</a>
<a href="https://www.linkedin.com/in/nic-b-26577a178/" target="_blank">https://www.linkedin.com/in/nic-b-26577a178/</a>
</pre>
</div>
</blockquote></div>