Skip to content

Commit 2891883

Browse files
committed
additional improvements
added rootCA to the mail server and changed setpwd Signed-off-by: Marc Ahlgrim <[email protected]>
1 parent 11ae1b0 commit 2891883

File tree

2 files changed

+4
-1
lines changed

2 files changed

+4
-1
lines changed

deploy-sandbox.sh

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -148,7 +148,8 @@ echo -e "\n ##### configuring the containers \n"
148148

149149
# create a non-root user
150150
pct exec $CLIENTID -- useradd -m -s /bin/bash -G sudo $NONROOTUSER
151-
pct exec $CLIENTID -- bash -c "echo -e '$NONROOTPASSWD\n$NONROOTPASSWD\n' | passwd $NONROOTUSER"
151+
#pct exec $CLIENTID -- bash -c "echo -e '$NONROOTPASSWD\n$NONROOTPASSWD\n' | passwd $NONROOTUSER"
152+
pct exec $CLIENTID -- bash -c "echo '$NONROOTUSER:$NONROOTPASSWD' | chpasswd"
152153

153154
# push dhcp settings to avoid routing over the ingress interface
154155
pct push $CLIENTID exc-client/dhclient.conf /etc/dhcp/dhclient.conf

exc-docker/init-script.sh

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -55,6 +55,7 @@ docker compose create
5555
# copy certificates to the docker cert volume
5656
docker cp /etc/certificates/${DOMAIN}/imap_fullchain.crt imap:/etc/ssl/certs/ssl-cert-imap.pem
5757
docker cp /etc/certificates/${DOMAIN}/imap.key imap:/etc/ssl/private/ssl-cert-imap.key
58+
docker cp /etc/certificates/${DOMAIN}/rootCA.crt imap:/etc/ssl/certs/rootCA.pem
5859

5960
# bring up the mail server
6061
docker compose up -d
@@ -65,6 +66,7 @@ sleep 10
6566
# just fix the certificate location for postfix
6667
docker exec imap postconf -e smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-imap.pem
6768
docker exec imap postconf -e smtpd_tls_key_file=/etc/ssl/private/ssl-cert-imap.key
69+
docker exec imap postconf -e smtp_tls_CApath=/etc/ssl/certs/rootCA.pem
6870
docker exec imap /etc/init.d/postfix reload
6971

7072
# last but not least let's enable root ssh access with username and password.

0 commit comments

Comments
 (0)