Merge branch 'master' of github.com:Mailu/Mailu

master
Pierre Jaury 8 years ago
commit 14f30b300f

@ -36,7 +36,7 @@ COMPOSE_PROJECT_NAME=mailu
# Optional features # Optional features
################################### ###################################
# Choose which frontend Web server to run if any (value: nginx, none) # Choose which frontend Web server to run if any (value: nginx, nginx-no-https, none)
FRONTEND=none FRONTEND=none
# Choose which webmail to run if any (values: roundcube, rainloop, none) # Choose which webmail to run if any (values: roundcube, rainloop, none)
@ -69,6 +69,13 @@ RELAYHOST=
# Fetchmail delay # Fetchmail delay
FETCHMAIL_DELAY=600 FETCHMAIL_DELAY=600
###################################
# Nginx settings
###################################
# SSL DHPARAM Bits
NGINX_SSL_DHPARAM_BITS=2048
################################### ###################################
# Developers # Developers
################################### ###################################

@ -10,3 +10,4 @@ Other contributors:
- Angedestenebres - Tests on development version & Current version - Angedestenebres - Tests on development version & Current version
- Stefan Auditor - German translation on POEditor.com - Stefan Auditor - German translation on POEditor.com
- [Carlos Bernárdez](https://github.com/jkarlosb) - [[Contributions in Mailu]](https://github.com/Mailu/Mailu/commits?author=jkarlosb)

@ -0,0 +1,9 @@
FROM nginx:alpine
RUN apk add --no-cache nginx-lua openssl
COPY nginx.conf.default /etc/nginx/nginx.conf.default
COPY start.sh /start.sh
CMD ["/start.sh"]

@ -0,0 +1,14 @@
Mailu NGINX container
=====================
NGINX is a popular and highly efficient webserver and reverse proxy server
commonly used to power high performance websites. In the Mailu stack it is
used as the HTTP frontend tunneling requests to the public web services
provided by other containers.
Resources
---------
* [Report issues](https://github.com/Mailu/Mailu/issues) and
[send Pull Requests](https://github.com/Mailu/Mailu/pulls)
in the [main Mailu repository](https://github.com/Mailu/Mailu)

@ -0,0 +1,79 @@
# Basic configuration
user nginx;
worker_processes 1;
error_log /dev/stderr info;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
# Environment variables used in the configuration
env WEBMAIL;
env WEBDAV;
env EXPOSE_ADMIN;
http {
# Standard HTTP configuration with slight hardening
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /dev/stdout;
sendfile on;
keepalive_timeout 65;
server_tokens off;
server {
listen 80;
# Load Lua variables
set_by_lua $webmail 'return os.getenv("WEBMAIL")';
set_by_lua $webdav 'return os.getenv("WEBDAV")';
set_by_lua $expose_admin 'return os.getenv("EXPOSE_ADMIN")';
# Actual logic
location / {
if ($webmail != none) {
return 301 $scheme://$host/webmail/;
}
if ($webmail = none) {
return 403;
}
}
location /webmail {
if ($webmail != none) {
proxy_pass http://webmail;
}
if ($webmail = none) {
return 403;
}
}
location /admin {
if ($expose_admin = yes) {
proxy_pass http://admin;
}
if ($expose_admin != yes) {
return 403;
}
}
location /webdav {
if ($webdav != none) {
proxy_pass http://webdav:5232;
}
if ($webdav = none) {
return 403;
}
}
location /.well-known/acme-challenge {
proxy_pass http://admin:8081;
}
}
}

@ -0,0 +1,5 @@
#!/bin/sh
cp /etc/nginx/nginx.conf.default /etc/nginx/nginx.conf
nginx -g 'daemon off;'

@ -35,6 +35,7 @@ http {
ssl_session_cache shared:SSL:50m; ssl_session_cache shared:SSL:50m;
ssl_certificate /certs/cert.pem; ssl_certificate /certs/cert.pem;
ssl_certificate_key /certs/key.pem; ssl_certificate_key /certs/key.pem;
ssl_dhparam /etc/nginx/dhparam.pem;
add_header Strict-Transport-Security max-age=15768000; add_header Strict-Transport-Security max-age=15768000;

@ -30,6 +30,7 @@ http {
ssl_session_cache shared:SSL:50m; ssl_session_cache shared:SSL:50m;
ssl_certificate /tmp/snakeoil.pem; ssl_certificate /tmp/snakeoil.pem;
ssl_certificate_key /tmp/snakeoil.pem; ssl_certificate_key /tmp/snakeoil.pem;
ssl_dhparam /etc/nginx/dhparam.pem;
add_header Strict-Transport-Security max-age=15768000; add_header Strict-Transport-Security max-age=15768000;

@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
if [ -z ENABLE_CERTBOT ] || [ -f /certs/cert.pem ] if [ -z $ENABLE_CERTBOT ] || [ -f /certs/cert.pem ]
then then
cp /etc/nginx/nginx.conf.default /etc/nginx/nginx.conf cp /etc/nginx/nginx.conf.default /etc/nginx/nginx.conf
else else
@ -8,4 +8,8 @@ else
cp /etc/nginx/nginx.conf.fallback /etc/nginx/nginx.conf cp /etc/nginx/nginx.conf.fallback /etc/nginx/nginx.conf
fi fi
if [ ! -r /etc/nginx/dhparam.pem ]; then
openssl dhparam -out /etc/nginx/dhparam.pem $NGINX_SSL_DHPARAM_BITS
fi
nginx -g 'daemon off;' nginx -g 'daemon off;'

@ -1,7 +1,7 @@
FROM alpine:edge FROM alpine:edge
RUN echo "@testing http://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \ RUN echo "@testing http://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \
&& apk add --no-cache radicale@testing && apk add --no-cache radicale@testing py-dulwich@testing
COPY radicale.conf /radicale.conf COPY radicale.conf /radicale.conf

Loading…
Cancel
Save