Fwd: Help putting cyrus on Docker
nic at nicbernstein.com
Tue Feb 18 12:24:09 EST 2020
Very interesting stuff. I would encourage you to add Readme.md to your
repository, containing at least what you've summarized here. This would
make for a nice addition to the Cyrus documentation, but would need a
bit more explanation on your part, first, so whomever prepares the docs
for the Cyrus project doesn't misrepresent anything you've done.
* You've gone to the trouble to add the certificate infrastructure for
Postfix, but not for Cyrus. Any reason for that?
o What I'm referring to here is the nginx proxy support for the
Let's Encrypt stuff (at least I assume that's what you're using)
* Your Postfix configuration contains support for the deprecated Cyrus
'deliver' program as well as LMTP.
o If Postfix & Cyrus are separate containers, then 'deliver' won't
On 2/18/20 10:16 AM, Fabio Montefuscolo wrote:
> I finally got the basic stuff working on Docker and deployed through
> Docker swarm. That is what I learnt (or I think I learnt)
> * a basic mail solution having Cyrus needs 4 containers (imapd,
> saslauthd, rsyslog and postfix)
> * sharing rsyslog socket on all containers is needed to have logs
> * saslauthd socket needs to be shared on imapd and postfix containers,
> to have authentication
> * imapd exposes lmtp socket, that needs to be shared with postfix, to
> receive emails
> Other stuff
> * Saslauthd is using OpenLDAP
> * Postfix uses letsencrypt generated certificate
> Next challenges
> * Run OpenDKIM container and tie it o Postfix
> * Work with virtualdomains
> * Have a spam solution
> * Convert the docker-compose.yml to a kubernetes equivalent (so scary)
> If anyone have some minutes to take a look at
> and give some thoughts, it would be awesome.
> Thank you!!
> Em qua., 15 de jan. de 2020 às 08:49, Fabio Montefuscolo
> <fabio.montefuscolo at gmail.com <mailto:fabio.montefuscolo at gmail.com>>
> Hi Niels
> Thank you very much for looking into this.
> Initially, I would like to get this working like I got in a real
> CentOS 8. I have here a virtual machine where I did the same steps
> I did in Dockerfile. But in VM I start services "*systemctl start
> cyrus-imapd*" and "*systemctl start saslauthd*" and basic login
> works out of the box. I could telnet on port 143 and "*. login
> cyrus cyrus*". That is not happening on Docker.
> I hope other people using the image can write their own config and
> mount inside the container to achieve their needs. The plan is to
> have some kubernetes recipes I can repeat whenever we get a new
> client wondering to have an email service. Actually I'm testing it
> on DO, but using kubernetes should be simple to move to AWS,
> Linode or any other kubernetes hosting.
> Thank you
> Em qua., 15 de jan. de 2020 às 06:22, Niels Dettenbach via
> Info-cyrus <info-cyrus at lists.andrew.cmu.edu
> <mailto:info-cyrus at lists.andrew.cmu.edu>> escreveu:
> Am Dienstag, 14. Januar 2020, 16:47:52 CET schrieb Fabio
> > I'm trying to build a simple docker image based on CentOS 8,
> which brings
> > cyrus-imapd 3.0.7. I'm having troubles to authenticate on
> cyrus imap
> > service for unknown reasons. There is no syslog facility
> working inside
> > the centos image, so I don't have logs. The final idea is
> deploy this
> > image in a kubernetes cluster. The Dockerfile I'm using is
> > https://github.com/fabiomontefuscolo/docker-cyrusimapd
> > When I jump into console and try to use cyradm, I get 2
> password fields to
> > fulfill and at the ent, that doesn't work
> as far as i can read in that dockerfile on a first view, it
> does only install
> dependencies and "activating" SSL/TLS, but lacks any kind of
> further required
> configuration for cyrus auth etc.
> the flexibility and complexity of cyrus installations are not
> easy to
> "capsule" into a docker file or reciept for a "common usage".
> depending on what kind of authentication subsystem (i.e.
> mysql, pam, ldap,
> pam_mysql, sasl, saslauthd (with pam or other "backend") you
> want to use or
> even active AD or others you have to configure that by hand
> (or extend that
> docker file).
> a typical "easy" way is using saslauthd with -s pam to
> "simply" use pam
> Niels Dettenbach
> Syndicat IT & Internet
> PGP: https://syndicat.com/pub_key.asc
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info:
> To Unsubscribe:
> Cyrus Home Page:http://www.cyrusimap.org/
> List Archives/Info:http://lists.andrew.cmu.edu/pipermail/info-cyrus/
> To Unsubscribe:
Nic Bernstein nic at nicbernstein.com
mobile: +1 414 807 1734
snail: 1111 N Astor St Apt A5, Milwaukee, WI 53202-3319
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Info-cyrus