Comments (12)
It seems there is an issue with your nginx configuration. Can you post the content of systemctl status nginx.service
?
from dokku-posteio.
I have the same issue, is there any solution?
from dokku-posteio.
It seems to be an error with the reverse proxy config, but I have no idea what exactly without the logs.
@vitalii-bulyzhyn same as above, can you publish the contents of systemctl status nginx.service
or journalctl -xe
, like the error message says ?
from dokku-posteio.
I think HTTPS support really should use dokku's letsencrypt (and therefore also proxy) plugin.
Otherwise, AFAICS, this can only work if the dokku host does not run any other dokku HTTP application. If it does then a connection to 443 will be handled by dokku's web server, and that will present the certificate of one of the other apps (i.e. with a different name.)
In order to prevent this poste.io's certificate would have to be synchronized between the host nginx and the container nginx as well, which at least gets complicated.
Using dokku's letsencrypt and proxy plugin would mean:
- set up a "mail" application on the dokku host
- adjust poste.io image to listen on 80 and 443 only on an internal network interface; 443 could even be disabled;
- remove the SSL cert page from the poste.io admin area
(..but correct me if I am wrong..)
from dokku-posteio.
Hello,
AFAICS, this can only work if the dokku host does not run any other dokku HTTP application ... and that will present the certificate of one of the other apps
I'll try to look into this...
Using dokku's letsencrypt and proxy plugin would mean:
- set up a "mail" application on the dokku host
- adjust poste.io image to listen on 80 and 443 only on an internal network interface; 443 could even be disabled;
- remove the SSL cert page from the poste.io admin area
I think the app version should be in another repository. This repository uses the dokku plugin system, changing it by creating an app is a completely different thing, knowing that when I created this plugin, opening the SMTP, POP3 and IMAP ports for an app was much more of a pain in the ass than handling HTTPS with the plugin version. (maybe I lack knowledge, cf: https://poste.io/doc/network-schemes)
- remove the SSL cert page from the poste.io admin area
Poste.io is not an opensource software and should not be modified.
from dokku-posteio.
no prob. I am aware that a plugin is not an app :) but, again, if your plugin manages a mail.
subdomain then if a server is handling requests on 443 on the dokku host (i.e. deploying other apps apart from the plugin) it must present the mail.host.name
cert, which is managed by poste.io, if a request comes in for that subdomain.
This didn't work for me.
I am just trying to get poste.io into an app; here you see how ports can be managed (note: this is not tested)
dokku apps:create mail
# SMTP ports
dokku docker-options:add mail deploy,run -p 0.0.0.0:25:25/tcp
dokku docker-options:add mail deploy,run -p 0.0.0.0:587:587/tcp
# IMAP ports
dokku docker-options:add mail deploy,run -p 0.0.0.0:143:143/tcp
# POP3: still relevant?
# dokku docker-options:add mail deploy,run -p 0.0.0.0:110:110/tcp
# dokku docker-options:add mail deploy,run -p 0.0.0.0:995:995/tcp
dokku docker-options:add mail deploy,run -e TZ=Europe/Berlin
dokku docker-options:add mail deploy,run -h mail.your.doma.in
dokku docker-options:add mail deploy,run -e HTTP_PORT=5000
dokku docker-options:add mail deploy,run -e HTTPS=OFF
dokku proxy:ports-set mail http:80:5000
# storage
mkdir /var/lib/dokku/data/storage/mail
dokku storage:mount mail /var/lib/dokku/data/storage/mail:/data
# get and deploy image
docker pull analogic/poste.io
docker tag analogic/poste.io:latest dokku/mail:latest
dokku tags:deploy mail latest
dokku letsencrypt:enable mail
from dokku-posteio.
on a sidenote: whichever way you look at this: certs must be available on the host and inside the poste.io container. If you need any support debugging, the installation I am playing with is non-critical; I can play around and break things, if that helps :)
from dokku-posteio.
Now with the additional details, I'm not sure I understand the problem...
Normally, as written in the plugin documentation, once the certificate is generated by Poste.io you have to toggle the SSL in the plugin to tell it to serve the generated certificate (command: dokku posteio:toggle-ssl
). Normally if the generation goes well (what I had the impression that does not work) everything works, I have several instances without any problem with other web apps managed by dokku and with the right certificate for mail.example.com.
Is the problem due to the transition being a bit shaky while generating the certificate? Or a desire not to use SSL? Or is it just that it doesn't work even though the plugin has SSL enabled?
from dokku-posteio.
thanks, I will have a closer look again
from dokku-posteio.
@d1ceward now it seems to have resolved itself. I am not sure what the difference is between this and the first attempt. The only thing that is different from what I can see in the README is that I could not connect to http://mail.example.com/admin/settings/#certificate
but via HSTS was redirected to https://mail.example.com/admin/settings/#certificate
which warned of an invalid cert (because I have other apps running first, so maybe HSTS is enabled on all subdomains?)
long story short: this works as advertised, thank you for your help @d1ceward
from dokku-posteio.
Glad to hear it, but I'll still try to improve the SSL certificate generation step, to make it easier
from dokku-posteio.
Fixed with v1.6, more info: #7 (comment)
from dokku-posteio.
Related Issues (5)
- DNS configuration to prevent emails being spam HOT 3
- [Reset Data] HOT 1
- installation breaks nginx HOT 3
- Error on start HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dokku-posteio.