allow set path for ssl cert/key

2020-02-03 00:38:19 -03:00 · 2020-02-03 00:38:19 -03:00 · e09a9d5c39
commit e09a9d5c39
parent 9701d0bfdb
2 changed files with 5 additions and 3 deletions
--- a/4
+++ b/4
@ -33,7 +33,9 @@ ENV \
    LDAP_DEFAULT_PASS_SCHEME=CRYPT \
    ANTISPAM_ENABLE=yes \
    IMAP_URLAUTH_HOST="*" \
-    SSL_CLIENT_CA_DIR="/etc/ssl/certs"
+    SSL_CLIENT_CA_DIR="/etc/ssl/certs" \
+    SSL_CERT="/ssl/cert.pem" \
+    SSL_KEY="/ssl/key.pem"

 RUN groupadd -g 5000 vmail && useradd -g vmail -u 5000 vmail -d /vmail \
  && mkdir -p /vmail && chown vmail:vmail /vmail \
--- a/confd/templates/10-ssl.conf.tmpl
+++ b/confd/templates/10-ssl.conf.tmpl
@ -9,8 +9,8 @@ ssl = yes
 # dropping root privileges, so keep the key file unreadable by anyone but
 # root. Included doc/mkcert.sh can be used to easily generate self-signed
 # certificate, just make sure to update the domains in dovecot-openssl.cnf
-ssl_cert = </ssl/cert.pem
-ssl_key = </ssl/key.pem
+{{ with getv "/ssl/cert" }}ssl_cert = <{{.}}{{ end }}
+{{ with getv "/ssl/key" }}ssl_key = <{{.}}{{ end }}

 # If key file is password protected, give the password here. Alternatively
 # give it when starting dovecot with -p parameter. Since this file is often