systemli · 0x46616c6b · Dec 18, 2024 · Dec 18, 2024
@@ -0,0 +1,45 @@
+FROM debian:12-slim
+
+ENV container=docker \
+    LC_ALL=C
+ARG DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get -y update && apt-get -y install \
+  tini \
+  dovecot-core \
+  dovecot-common \
+  dovecot-imapd \
+  dovecot-pop3d \
+  dovecot-lmtpd \
+  dovecot-sieve \
+  dovecot-managesieved \
+  dovecot-submissiond \
+  dovecot-auth-lua \
+  lua-json \
+  ca-certificates \
+  ssl-cert && \
+  rm -rf /var/lib/apt/lists && \
+  groupadd -g 1000 vmail && \
+  useradd -u 1000 -g 1000 vmail -d /srv/vmail && \
+  passwd -l vmail && \
+  rm -rf /etc/dovecot && \
+  mkdir /srv/mail && \
+  chown vmail:vmail /srv/mail && \
+  make-ssl-cert generate-default-snakeoil && \
+  mkdir /etc/dovecot && \
+  mkdir /etc/dovecot/conf.d && \
+  ln -s /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/dovecot/cert.pem && \
+  ln -s /etc/ssl/private/ssl-cert-snakeoil.key /etc/dovecot/key.pem && \
+  ln -s /usr/share/lua/5.3/json.lua /usr/share/lua/5.4/json.lua && \
+  ln -s /usr/share/lua/5.3/json /usr/share/lua/5.4/json
+
+EXPOSE 24
+EXPOSE 110
+EXPOSE 143
+EXPOSE 587
+EXPOSE 990
+EXPOSE 993
+EXPOSE 4190
+
+ENTRYPOINT ["/usr/bin/tini", "--"]
+CMD ["/usr/sbin/dovecot", "-F"]
@@ -0,0 +1,14 @@
+# Authentication for userli
+
+import_environment=MAIL_CRYPT USERLI_API_ACCESS_TOKEN USERLI_HOST DOVECOT_LUA_DEBUG DOVECOT_LUA_INSECURE
+
+passdb {
+  driver = lua
+  args = file=/usr/local/bin/userli.lua blocking=yes
+}
+
+# The userdb below is used only by lda.
+userdb {
+  driver = lua
+  args = file=/usr/local/bin/userli.lua blocking=yes
+}
@@ -0,0 +1,63 @@
+## You should mount /etc/dovecot if you want to
+## manage this file
+
+mail_home=/srv/mail/%Lu
+mail_location=sdbox:~/Mail
+mail_uid=1000
+mail_gid=1000
+
+protocols = imap pop3 submission sieve lmtp
+
+first_valid_uid = 1000
+last_valid_uid = 1000
+
+ssl=yes
+ssl_cert=<cert.pem
+ssl_key=<key.pem
+
+namespace {
+  inbox = yes
+  separator = /
+}
+
+service lmtp {
+  inet_listener {
+    port = 24
+  }
+}
+
+service imap-login {
+  process_min_avail = 1
+  client_limit = 1000
+  service_count = 0
+}
+
+service pop3-login {
+  process_min_avail = 1
+  client_limit = 1000
+  service_count = 0
+}
+
+service submission-login {
+  process_min_avail = 1
+  client_limit = 1000
+  service_count = 0
+}
+
+service managesieve-login {
+  process_min_avail = 1
+  client_limit = 1000
+  service_count = 0
+}
+
+listen = *
+
+log_path=/dev/stdout
+info_log_path=/dev/stdout
+debug_log_path=/dev/stdout
+
+verbose_proctitle = yes
+
+disable_plaintext_auth = yes
+
+!include conf.d/auth-lua.conf.ext
@@ -25,6 +25,22 @@ services:
     networks:
         - userli
 
+  dovecot:
+    build:
+      context: contrib/docker
+      dockerfile: Dockerfile.dovecot
+    environment:
+      MAIL_CRYPT: 2
+      USERLI_HOST: userli
+      USERLI_API_ACCESS_TOKEN: insecure
+      DOVECOT_LUA_INSECURE: true
+    volumes:
+      - ./contrib/dovecot/dovecot.conf:/etc/dovecot/dovecot.conf:ro
+      - ./contrib/dovecot/conf.d:/etc/dovecot/conf.d:ro
+      - ./contrib/dovecot/userli.lua:/usr/local/bin/userli.lua:ro
+    networks:
+      - userli
+
 networks:
   userli: