allow set path for ssl cert/key
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
9701d0bfdb
commit
e09a9d5c39
@ -33,7 +33,9 @@ ENV \
|
|||||||
LDAP_DEFAULT_PASS_SCHEME=CRYPT \
|
LDAP_DEFAULT_PASS_SCHEME=CRYPT \
|
||||||
ANTISPAM_ENABLE=yes \
|
ANTISPAM_ENABLE=yes \
|
||||||
IMAP_URLAUTH_HOST="*" \
|
IMAP_URLAUTH_HOST="*" \
|
||||||
SSL_CLIENT_CA_DIR="/etc/ssl/certs"
|
SSL_CLIENT_CA_DIR="/etc/ssl/certs" \
|
||||||
|
SSL_CERT="/ssl/cert.pem" \
|
||||||
|
SSL_KEY="/ssl/key.pem"
|
||||||
|
|
||||||
RUN groupadd -g 5000 vmail && useradd -g vmail -u 5000 vmail -d /vmail \
|
RUN groupadd -g 5000 vmail && useradd -g vmail -u 5000 vmail -d /vmail \
|
||||||
&& mkdir -p /vmail && chown vmail:vmail /vmail \
|
&& mkdir -p /vmail && chown vmail:vmail /vmail \
|
||||||
|
|||||||
@ -9,8 +9,8 @@ ssl = yes
|
|||||||
# dropping root privileges, so keep the key file unreadable by anyone but
|
# dropping root privileges, so keep the key file unreadable by anyone but
|
||||||
# root. Included doc/mkcert.sh can be used to easily generate self-signed
|
# root. Included doc/mkcert.sh can be used to easily generate self-signed
|
||||||
# certificate, just make sure to update the domains in dovecot-openssl.cnf
|
# certificate, just make sure to update the domains in dovecot-openssl.cnf
|
||||||
ssl_cert = </ssl/cert.pem
|
{{ with getv "/ssl/cert" }}ssl_cert = <{{.}}{{ end }}
|
||||||
ssl_key = </ssl/key.pem
|
{{ with getv "/ssl/key" }}ssl_key = <{{.}}{{ end }}
|
||||||
|
|
||||||
# If key file is password protected, give the password here. Alternatively
|
# If key file is password protected, give the password here. Alternatively
|
||||||
# give it when starting dovecot with -p parameter. Since this file is often
|
# give it when starting dovecot with -p parameter. Since this file is often
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user