bugfix use ssl cert provided by acme-helper for mailserver.

^
WIP need to add README
2025-07-19 07:18:32 +02:00 · 2022-11-25 16:19:44 +01:00 · 2022-11-20 17:36:25 +01:00 · 2022-11-20 17:35:57 +01:00 · 2022-11-20 17:35:28 +01:00 · 2022-11-20 13:58:27 +01:00
8 changed files with 44 additions and 106 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,2 @@
--- a/TODO.md
+++ b/TODO.md
@ -1,6 +1,12 @@
 # Notes
 Next cloud reccomends you install imagemagic:
 docker-compose exec nextcloud apt -y update
 docker-compose exec nextcloud apt -y install libmagickcore-6.q16-6-extra
 # Startup after docker compose
 - Create admin email account
 - Update dkim and DNS records
-
+ - Get and configure SendGrid SMTP relay
--- a/config/gitea.ini
+++ b/config/gitea.ini
@ -1,94 +0,0 @@
 APP_NAME = Gitea: Git with a cup of tea
 RUN_MODE = prod
 RUN_USER = git
 [repository]
 ROOT = /data/git/repositories
 [repository.local]
 LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
 [repository.upload]
 TEMP_PATH = /data/gitea/uploads
 [server]
 APP_DATA_PATH    = /data/gitea
 DOMAIN           = localhost
 SSH_DOMAIN       = localhost
 HTTP_PORT        = 3000
 ROOT_URL         = http://localhost:3000/
 DISABLE_SSH      = false
 SSH_PORT         = 22
 SSH_LISTEN_PORT  = 22
 LFS_START_SERVER = true
 LFS_JWT_SECRET   = 13R03sc6ZlnDkBFwKup2PoeT3eOggjn2oEmkOSjkQsE
 OFFLINE_MODE     = false
 [database]
 PATH     = /data/gitea/gitea.db
 DB_TYPE  = postgres
 HOST     = database:5432
 NAME     = gitea
 USER     = gitea
 PASSWD   = "hear397sew"
 LOG_SQL  = false
 SCHEMA   = 
 SSL_MODE = disable
 CHARSET  = utf8
 [indexer]
 ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
 [session]
 PROVIDER_CONFIG = /data/gitea/sessions
 PROVIDER        = file
 [picture]
 AVATAR_UPLOAD_PATH            = /data/gitea/avatars
 REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
 ENABLE_FEDERATED_AVATAR       = false
 [attachment]
 PATH = /data/gitea/attachments
 [log]
 MODE      = console
 LEVEL     = info
 ROUTER    = console
 ROOT_PATH = /data/gitea/log
 [security]
 INSTALL_LOCK                  = true
 SECRET_KEY                    = 
 REVERSE_PROXY_LIMIT           = 1
 REVERSE_PROXY_TRUSTED_PROXIES = *
 INTERNAL_TOKEN                = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NjcxMjI4NDN9.2POH2B9XRVJQx5Ixymbz1iNT7D8OOPiaJNnk1ELTM8s
 PASSWORD_HASH_ALGO            = pbkdf2
 [service]
 DISABLE_REGISTRATION              = false
 REQUIRE_SIGNIN_VIEW               = false
 REGISTER_EMAIL_CONFIRM            = false
 ENABLE_NOTIFY_MAIL                = false
 ALLOW_ONLY_EXTERNAL_REGISTRATION  = false
 ENABLE_CAPTCHA                    = false
 DEFAULT_KEEP_EMAIL_PRIVATE        = false
 DEFAULT_ALLOW_CREATE_ORGANIZATION = true
 DEFAULT_ENABLE_TIMETRACKING       = true
 NO_REPLY_ADDRESS                  = noreply.localhost
 [lfs]
 PATH = /data/git/lfs
 [mailer]
 ENABLED = false
 [openid]
 ENABLE_OPENID_SIGNIN = true
 ENABLE_OPENID_SIGNUP = true
 [repository.pull-request]
 DEFAULT_MERGE_STYLE = merge
 [repository.signing]
 DEFAULT_TRUST_MODEL = committer
--- a/config/nginx/gitea_location
+++ b/config/nginx/gitea_location
@ -0,0 +1,6 @@
 proxy_redirect off;
 proxy_set_header Host $http_host;
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_set_header X-Forwarded-Proto $scheme;
--- a/config/nginx/inbox_location
+++ b/config/nginx/inbox_location
@ -11,7 +11,7 @@ location ~ \.php$ {
    fastcgi_keep_conn on;
    fastcgi_split_path_info ^(.+\.php)(.*)$;
    fastcgi_index index.php;
-    fastcgi_pass inbox.zathura.leene.dev;
+    fastcgi_pass inbox.leene.dev;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;
--- a/config/nginx/nextcloud_location
+++ b/config/nginx/nextcloud_location
@ -49,7 +49,7 @@ location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|u
    fastcgi_param modHeadersAvailable true;
    # Enable pretty urls
    fastcgi_param front_controller_active true;
-    fastcgi_pass nextcloud.zathura.leene.dev;
+    fastcgi_pass nextcloud.leene.dev;
    fastcgi_intercept_errors on;
    fastcgi_request_buffering off;
 }
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -1,6 +1,5 @@
 version: "3.8"
 networks:
  internalnet:
    driver: bridge
@ -92,8 +91,15 @@ services:
      - VIRTUAL_HOST=git.${NGINX_HOST}
      - VIRTUAL_PORT=3000
      - LETSENCRYPT_HOST=git.${NGINX_HOST}
      - GITEA__mailer__PASSWD=${SQL_PSWD}
      - GITEA__server__DOMAIN=git.${NGINX_HOST}
      - GITEA__server__SSH_DOMAIN=git.${NGINX_HOST}
      - GITEA__server__ROOT_URL=https://git.${NGINX_HOST}/
      - GITEA__server__CERT_FILE=/etc/letsencrypt/live/git.${NGINX_HOST}.crt
      - GITEA__server__KEY_FILE=/etc/letsencrypt/live/git.${NGINX_HOST}.key
    volumes:
      - gitea_data:/data:z
      - nginx_certs:/etc/letsencrypt/live:ro,z
    expose:
      - "3000"
    ports:
@ -133,6 +139,11 @@ services:
    hostname: inbox
    domainname: ${NGINX_HOST}
    environment:
      - VIRTUAL_HOST=mail.${NGINX_HOST}
      - LETSENCRYPT_HOST=mail.${NGINX_HOST}
      - SSL_TYPE=manual
      - SSL_CERT_PATH=/etc/letsencrypt/live/mail.${NGINX_HOST}.crt
      - SSL_KEY_PATH=/etc/letsencrypt/live/mail.${NGINX_HOST}.key
      - POSTMASTER_ADDRESS=admin@${NGINX_HOST}
      - RELAY_PASSWORD=${SENDGRID_APIKEY}
    ports:
@ -194,6 +205,7 @@ services:
      - HOSTNAME=${NGINX_HOST}
      - USERNAME=${GDNS_USERNAME}
      - PASSWORD=${GDNS_PASSWORD}
      - INTERVAL=9000
  autodiscover:
    <<: *defaults
@ -205,11 +217,8 @@ services:
      - LETSENCRYPT_HOST=autodiscover.${NGINX_HOST},autoconfig.${NGINX_HOST}
      - DOMAIN=${NGINX_HOST}
      - IMAP_HOST=mail.${NGINX_HOST}
-      - IMAP_PORT=993
+      - IMAP_PORT=1993
      - IMAP_SOCKET=SSL
      - POP_HOST=mail.${NGINX_HOST}
      - POP_PORT=995
      - POP_SOCKET=SSL
      - SMTP_HOST=mail.${NGINX_HOST}
      - SMTP_PORT=587
      - SMTP_SOCKET=STARTTLS
--- a/local.env
+++ b/local.env
@ -1,8 +1,6 @@
 ## Docker Env
 PERMIT_DOCKER=network
 ## Google Dynamic DNS
 INTERVAL=900
 ## Mail Server Env
 POSTFIX_INET_PROTOCOLS=ipv4
@ -16,12 +14,11 @@ ENABLE_SASLAUTHD=0
 ONE_DIR=1
 TLS_LEVEL=modern
 ENABLE_UPDATE_CHECK=1
 SSL_TYPE=letsencrypt
 SPOOF_PROTECTION=1
 ENABLE_POP3=1
 POSTSCREEN_ACTION=ignore
 ENABLE_DNSBL=0
 ENABLE_QUOTAS=0
 ENABLE_POP3=0
 RELAY_HOST=smtp.sendgrid.net
 RELAY_PORT=587
@ -42,3 +39,15 @@ ROUNDCUBEMAIL_ASPELL_DICTS=en
 ## NGINX Reverse Proxy
 NGINX_PROXY_CONTAINER=nginx-proxy
 LETSENCRYPT_RESTART_CONTAINER=true
 ## GITEA Setup
 GITEA__server__HTTP_PORT        = 3000
 GITEA__server__DISABLE_SSH      = false
 GITEA__server__SSH_PORT         = 222
 GITEA__server__SSH_LISTEN_PORT  = 222
 GITEA__mailer__ENABLED                 = true
 GITEA__mailer__PROTOCOL                = smtp
 GITEA__mailer__SMTP_ADDR               = mailserver
 GITEA__mailer__SMTP_PORT               = 25
Author	SHA1	Message	Date
Lieuwe Leene	dcf714e224	bugfix use ssl cert provided by acme-helper for mailserver.	2022-11-25 16:19:44 +01:00
Lieuwe Leene	4f2e128589	^	2022-11-20 17:36:25 +01:00
Lieuwe Leene	1ab05a05d3	WIP need to add README	2022-11-20 17:35:57 +01:00
Lieuwe Leene	3c2af70341	Fix gitea ENV variables and config smtp.	2022-11-20 17:35:28 +01:00
Lieuwe Leene	5f65170a3e	Merge from roundcube setup.	2022-11-20 13:58:27 +01:00
Lieuwe Leene	ceec13aaee	serve static files using nginx	2022-11-18 11:05:32 +01:00
Lieuwe Leene	f6d570d3f6	use nginx	2022-11-13 17:58:23 +01:00
Lieuwe Leene	6428a9f841	use volumer	2022-11-13 12:36:43 +01:00