diff --git a/.dockerignore b/.dockerignore index 5cd92bcc..485540e2 100644 --- a/.dockerignore +++ b/.dockerignore @@ -4,4 +4,6 @@ venv/ __pycache__ *.pyc *.orig +*.ini .pytest_cache +.env diff --git a/docker-compose.yaml b/docker-compose.yaml index c0e57477..bae645fe 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -20,18 +20,12 @@ services: max-size: "10m" max-file: "3" environment: - CHANGE_KERNEL_SETTINGS: "False" MAIL_DOMAIN: $MAIL_DOMAIN - ACME_EMAIL: $ACME_EMAIL - WWW_FOLDER: /opt/chatmail-www - MAX_MESSAGE_SIZE: $MAX_MESSAGE_SIZE - DEBUG_COMMANDS_ENABLED: $DEBUG_COMMANDS_ENABLED - FORCE_REINIT_INI_FILE: $FORCE_REINIT_INI_FILE - USE_FOREIGN_CERT_MANAGER: $USE_FOREIGN_CERT_MANAGER - ENABLE_CERTS_MONITORING: $ENABLE_CERTS_MONITORING - CERTS_MONITORING_TIMEOUT: $CERTS_MONITORING_TIMEOUT - IS_DEVELOPMENT_INSTANCE: $IS_DEVELOPMENT_INSTANCE CMDEPLOY_STAGES: ${CMDEPLOY_STAGES:-} + # Certificate monitoring (only needed with USE_FOREIGN_CERT_MANAGER) + USE_FOREIGN_CERT_MANAGER: ${USE_FOREIGN_CERT_MANAGER:-} + ENABLE_CERTS_MONITORING: ${ENABLE_CERTS_MONITORING:-} + CERTS_MONITORING_TIMEOUT: ${CERTS_MONITORING_TIMEOUT:-} network_mode: "host" volumes: ## system @@ -49,4 +43,3 @@ services: ## debug # - ./docker/files/setup_chatmail_docker.sh:/setup_chatmail_docker.sh # - ./docker/files/entrypoint.sh:/entrypoint.sh - # - ./docker/files/update_ini.sh:/update_ini.sh diff --git a/docker/chatmail_relay.dockerfile b/docker/chatmail_relay.dockerfile index 9a0e352e..859b39c9 100644 --- a/docker/chatmail_relay.dockerfile +++ b/docker/chatmail_relay.dockerfile @@ -84,7 +84,6 @@ COPY ./docker/files/setup_chatmail.service "$SETUP_CHATMAIL_SERVICE_PATH" RUN ln -sf "$SETUP_CHATMAIL_SERVICE_PATH" "/etc/systemd/system/multi-user.target.wants/setup_chatmail.service" COPY --chmod=555 ./docker/files/setup_chatmail_docker.sh /setup_chatmail_docker.sh -COPY --chmod=555 ./docker/files/update_ini.sh /update_ini.sh COPY --chmod=555 ./docker/files/entrypoint.sh /entrypoint.sh VOLUME ["/sys/fs/cgroup", "/home"] diff --git a/docker/example.env b/docker/example.env index c5263123..2d022279 100644 --- a/docker/example.env +++ b/docker/example.env @@ -1,10 +1,9 @@ MAIL_DOMAIN="chat.example.com" -# ACME_EMAIL="" -# MAX_MESSAGE_SIZE="50M" -# DEBUG_COMMANDS_ENABLED="true" -# FORCE_REINIT_INI_FILE="true" + +# CMDEPLOY_STAGES - default: "configure,activate". Set to "install,configure,activate" to force full reinstall. +# CMDEPLOY_STAGES="configure,activate" + +# Certificate monitoring (only needed with USE_FOREIGN_CERT_MANAGER) # USE_FOREIGN_CERT_MANAGER="True" # ENABLE_CERTS_MONITORING="true" -# CERTS_MONITORING_TIMEOUT=10 -# IS_DEVELOPMENT_INSTANCE="True" -# CMDEPLOY_STAGES - default: "configure,activate". Set to "install,configure,activate" to force full reinstall. +# CERTS_MONITORING_TIMEOUT=60 diff --git a/docker/files/setup_chatmail_docker.sh b/docker/files/setup_chatmail_docker.sh index 27b5bc67..398873a6 100755 --- a/docker/files/setup_chatmail_docker.sh +++ b/docker/files/setup_chatmail_docker.sh @@ -5,7 +5,6 @@ export CHATMAIL_INI="${CHATMAIL_INI:-/etc/chatmail/chatmail.ini}" export ENABLE_CERTS_MONITORING="${ENABLE_CERTS_MONITORING:-true}" export CERTS_MONITORING_TIMEOUT="${CERTS_MONITORING_TIMEOUT:-60}" export PATH_TO_SSL="${PATH_TO_SSL:-/var/lib/acme/live/${MAIL_DOMAIN}}" -export CHANGE_KERNEL_SETTINGS=${CHANGE_KERNEL_SETTINGS:-"False"} CMDEPLOY=/opt/cmdeploy/bin/cmdeploy @@ -43,20 +42,15 @@ monitor_certificates() { ### MAIN -if [ "$FORCE_REINIT_INI_FILE" = true ]; then - INI_CMD_ARGS=--force -fi - if [ ! -f /etc/dkimkeys/opendkim.private ]; then /usr/sbin/opendkim-genkey -D /etc/dkimkeys -d $MAIL_DOMAIN -s opendkim fi chown opendkim:opendkim /etc/dkimkeys/opendkim.private chown opendkim:opendkim /etc/dkimkeys/opendkim.txt -# Create chatmail.ini from env vars (skips if file already exists, e.g. volume-mounted) +# Create chatmail.ini (skips if file already exists, e.g. volume-mounted) mkdir -p "$(dirname "$CHATMAIL_INI")" -$CMDEPLOY init --config "$CHATMAIL_INI" $INI_CMD_ARGS $MAIL_DOMAIN || true -INI_FILE="$CHATMAIL_INI" bash /update_ini.sh +$CMDEPLOY init --config "$CHATMAIL_INI" $MAIL_DOMAIN || true export CMDEPLOY_STAGES="${CMDEPLOY_STAGES:-configure,activate}" $CMDEPLOY run --ssh-host @docker diff --git a/docs/DOCKER_INSTALLATION_EN.md b/docs/DOCKER_INSTALLATION_EN.md index edd701ae..21aafd29 100644 --- a/docs/DOCKER_INSTALLATION_EN.md +++ b/docs/DOCKER_INSTALLATION_EN.md @@ -64,19 +64,12 @@ If you are running from the cloned repo directory, just copy the env file: cp ./docker/example.env .env ``` -2. Configure environment variables in the `.env` file. - Below is the list of variables used during deployment: +2. Configure the `.env` file. Only `MAIL_DOMAIN` is required: - `MAIL_DOMAIN` – The domain name of the future server. (required) -- `DEBUG_COMMANDS_ENABLED` – Run debug commands before installation. (default: `false`) -- `FORCE_REINIT_INI_FILE` – Recreate the ini configuration file on startup. (default: `false`) -- `USE_FOREIGN_CERT_MANAGER` – Use a third-party certificate manager. (default: `false`) -- `PATH_TO_SSL` – Path to where the certificates are stored. (default: `/var/lib/acme/live/${MAIL_DOMAIN}`) -- `ENABLE_CERTS_MONITORING` – Enable certificate monitoring if `USE_FOREIGN_CERT_MANAGER=true`. If certificates change, services will be automatically restarted. (default: `false`) -- `CERTS_MONITORING_TIMEOUT` – Interval in seconds to check if certificates have changed. (default: `60`) - `CMDEPLOY_STAGES` – Deployment stages to run on container start. (default: `"configure,activate"`). Set to `"install,configure,activate"` to force a full reinstall. -You can also use any variables from the [ini configuration file](https://github.com/chatmail/relay/blob/main/chatmaild/src/chatmaild/ini/chatmail.ini.f); they must be in uppercase. +The container generates a `chatmail.ini` with defaults from `MAIL_DOMAIN` on first start. To customize chatmail settings, mount your own `chatmail.ini` instead (see [Customization](#custom-chatmailini) below). 3. Start the container: @@ -134,9 +127,21 @@ docker compose up -d ### Custom chatmail.ini -Instead of using environment variables, you can mount your own `chatmail.ini` configuration file. This is useful if you prefer managing the full ini file directly or want to share one configuration across environments. +There are two configuration modes: -1. In `docker-compose.yaml`, uncomment or add the ini volume mount: +**Simple (default):** Set `MAIL_DOMAIN` in `.env`. The container auto-generates `chatmail.ini` with defaults on first start. This is sufficient for most deployments. + +**Advanced:** Generate a `chatmail.ini`, edit it, and mount it into the container. This gives you full control over all chatmail settings. + +1. Extract the generated config from a running container: + +```shell +docker cp chatmail:/etc/chatmail/chatmail.ini ./chatmail.ini +``` + +2. Edit `chatmail.ini` as needed. + +3. In `docker-compose.yaml`, uncomment or add the ini volume mount: ```yaml services: @@ -146,7 +151,7 @@ services: - ./chatmail.ini:/etc/chatmail/chatmail.ini ``` -2. Environment variables from `.env` are still applied on top of the mounted file at container start, so you can combine both approaches. +4. Restart the container. The mounted file is used directly — the container skips generating a new one. ## Migrating from a bare-metal install @@ -163,14 +168,12 @@ systemctl disable postfix dovecot doveauth nginx opendkim unbound acmetool-redir lastlogin mtail ``` -2. Convert your existing `chatmail.ini` to the Docker `.env` format: +2. Copy your existing `chatmail.ini` and mount it into the container (see [Custom chatmail.ini](#custom-chatmailini) above): ```shell -python3 docker/cm_ini_to_env.py /usr/local/lib/chatmaild/chatmail.ini .env +cp /usr/local/lib/chatmaild/chatmail.ini ./chatmail.ini ``` -or mount it (see above). - 3. Copy persistent data into the `./data/` subdirectories: ```shell