Fwd: Help putting cyrus on Docker

Tue Feb 18 11:16:44 EST 2020

Hello!

I finally got the basic stuff working on Docker and deployed through Docker
swarm. That is what I learnt (or I think I learnt)

* a basic mail solution having Cyrus needs 4 containers (imapd, saslauthd,
rsyslog and postfix)
* sharing rsyslog socket on all containers is needed to have logs
* saslauthd socket needs to be shared on imapd and postfix containers, to
have authentication
* imapd exposes lmtp socket, that needs to be shared with postfix, to
receive emails

Other stuff

* Saslauthd is using OpenLDAP
* Postfix uses letsencrypt generated certificate

Next challenges

* Run OpenDKIM container and tie it o Postfix
* Work with virtualdomains
* Have a spam solution
* Convert the docker-compose.yml to a kubernetes equivalent (so scary)

If anyone have some minutes to take a look at
https://github.com/fabiomontefuscolo/wikisuite-swarm/tree/master/global-services
and give some thoughts, it would be awesome.

Thank you!!

Em qua., 15 de jan. de 2020 às 08:49, Fabio Montefuscolo <
fabio.montefuscolo at gmail.com> escreveu:

> Hi Niels
>
> Thank you very much for looking into this.
>
> Initially, I would like to get this working like I got in a real CentOS 8.
> I have here a virtual machine where I did the same steps I did in
> Dockerfile. But in VM I start services "*systemctl start cyrus-imapd*"
> and "*systemctl start saslauthd*" and basic login works out of the box. I
> could telnet on port 143 and "*. login cyrus cyrus*". That is not
> happening on Docker.
>
> I hope other people using the image can write their own config and mount
> inside the container to achieve their needs. The plan is to have some
> kubernetes recipes I can repeat whenever we get a new client wondering to
> have an email service. Actually I'm testing it on DO, but using kubernetes
> should be simple to move to AWS, Linode or any other kubernetes hosting.
>
> Thank you
>
> Em qua., 15 de jan. de 2020 às 06:22, Niels Dettenbach via Info-cyrus <
> info-cyrus at lists.andrew.cmu.edu> escreveu:
>
>> Am Dienstag, 14. Januar 2020, 16:47:52 CET schrieb Fabio Montefuscolo:
>> > I'm trying to build a simple docker image based on CentOS 8, which
>> brings
>> > cyrus-imapd 3.0.7. I'm having troubles to authenticate on cyrus imap
>> > service for unknown reasons. There is no syslog facility working inside
>> > the centos image, so I don't have logs. The final idea is deploy this
>> > image in a kubernetes cluster. The Dockerfile I'm using is
>> > https://github.com/fabiomontefuscolo/docker-cyrusimapd
>> >
>> > When I jump into console and try to use cyradm, I get 2 password fields
>> to
>> > fulfill and at the ent, that doesn't work
>>
>>
>> as far as i can read in that dockerfile on a first view, it does only
>> install
>> dependencies and "activating" SSL/TLS, but lacks any kind of further
>> required
>> configuration for cyrus auth etc.
>>
>> the flexibility and complexity of cyrus installations are not easy to
>> "capsule" into a docker file or reciept for a "common usage".
>>
>> depending on what kind of authentication subsystem (i.e. mysql, pam,
>> ldap,
>> pam_mysql, sasl, saslauthd (with pam or other "backend") you want to use
>> or
>> even active AD or others you have to configure that by hand (or extend
>> that
>> docker file).
>>
>> a typical "easy" way is using saslauthd with -s pam to "simply" use pam
>> authentication.
>>
>>
>> hth,
>>
>>
>>
>> niels.
>>
>>
>> --
>>  ---
>>  Niels Dettenbach
>>  Syndicat IT & Internet
>>  http://www.syndicat.com
>>  PGP: https://syndicat.com/pub_key.asc
>>  ---
>>
>>
>>
>>
>>
>>
>>
>> ----
>> Cyrus Home Page: http://www.cyrusimap.org/
>> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
>> To Unsubscribe:
>> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20200218/25ed1153/attachment-0001.html>