App Submission: Stalwart (#4112)

2025-12-12 17:52:49 +01:00 · 2025-12-12 17:52:49 +01:00 · 04791a3fae
commit 04791a3fae
parent 6e5b374005
4 changed files with 168 additions and 0 deletions
--- a/stalwart/data/.gitkeep
+++ b/stalwart/data/.gitkeep
--- a/stalwart/docker-compose.yml
+++ b/stalwart/docker-compose.yml
@ -0,0 +1,25 @@
+version: "3.9"
+
+services:
+  app_proxy:
+    environment:
+      APP_HOST: stalwart_server_1
+      APP_PORT: 8080
+      PROXY_AUTH_ADD: "false"
+
+  server:
+    image: stalwartlabs/stalwart:v0.14.1@sha256:54e381c1f6a637fd7b00a8b5778103bcc9763c7073fa72e45795fce275bff610
+    user: "1000:1000"
+    ports:
+      - 10443:443  # HTTPS
+      - 10025:25   # SMTP
+      - 10465:465  # SMTPS
+      - 10587:587  # SMTP Submission
+      - 10143:143  # IMAP
+      - 10993:993  # IMAPS
+      - 14190:4190 # Sieve
+      - 10110:110  # POP3
+      - 10995:995  # POP3S
+    volumes:
+      - ${APP_DATA_DIR}/data:/opt/stalwart
+    restart: on-failure
--- a/stalwart/hooks/post-start
+++ b/stalwart/hooks/post-start
@ -0,0 +1,86 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# This script adapts the default password of Stalwart.
+
+APP_DIR="$(readlink -f "$(dirname "${BASH_SOURCE[0]}")/..")"
+APP_DATA_DIR="$APP_DIR/data"
+CONFIG_FILE="$APP_DATA_DIR/etc/config.toml"
+
+# Sentinel file to check if admin was already initialised
+ADMIN_SENTINEL="${APP_DATA_DIR}/.admin_created"
+
+# Maximum number of retries to check for config file
+MAX_RETRIES=10
+RETRY_DELAY=2
+
+# Check if the admin password has already been initialized
+check_already_processed() {
+    if [ -f "$ADMIN_SENTINEL" ]; then
+        echo "Admin already initialized. Skipping..."
+        exit 0
+    fi
+}
+
+# Wait for config file to be available with retries
+wait_for_config() {
+    local retries=0
+    while [ $retries -lt $MAX_RETRIES ]; do
+        if [ -f "$CONFIG_FILE" ]; then
+            echo "Config file found at $CONFIG_FILE"
+            return 0
+        fi
+        
+        retries=$((retries + 1))
+        echo "Config file not found. Retry $retries/$MAX_RETRIES in ${RETRY_DELAY}s..."
+        sleep $RETRY_DELAY
+    done
+    
+    echo "Error: Config file not found at $CONFIG_FILE after $MAX_RETRIES attempts"
+    exit 1
+}
+
+# Replace the secret in the config file
+update_secret() {
+    if [ -z "${APP_PASSWORD:-}" ]; then
+        echo "Error: APP_PASSWORD environment variable not set"
+        exit 1
+    fi
+    
+    # Generate new secret using the same salt
+    NEW_SECRET=$(openssl passwd -6 -salt 8woP51TKJO.JKOp9 "${APP_PASSWORD}")
+    
+    # Check if the fallback-admin section exists
+    if ! grep -q "\[authentication.fallback-admin\]" "$CONFIG_FILE"; then
+        echo "Error: [authentication.fallback-admin] section not found in config file"
+        exit 1
+    fi
+    
+    # Replace the secret value
+    sed -i.bak "/^\[authentication\.fallback-admin\]/,/^\[/s|^secret = .*|secret = \"$NEW_SECRET\"|" "$CONFIG_FILE"
+    
+    # Remove backup file
+    rm -f "$CONFIG_FILE.bak"
+    
+    # Create sentinel file to mark admin as initialized
+    touch "$ADMIN_SENTINEL"
+    
+    echo "Successfully updated admin password in $CONFIG_FILE"
+    
+    echo "Restarting app to apply new password..."
+    "${UMBREL_ROOT}/scripts/app" restart "${APP_ID}" &
+}
+
+# Main execution
+echo "Starting Stalwart post-start configuration..."
+
+# Check if already processed
+check_already_processed
+
+# Wait for config file
+wait_for_config
+
+# Update the secret
+update_secret
+
+echo "Stalwart post-start configuration completed."
--- a/stalwart/umbrel-app.yml
+++ b/stalwart/umbrel-app.yml
@ -0,0 +1,57 @@
+manifestVersion: 1.1
+id: stalwart
+name: Stalwart
+tagline: All-in-one Mail & Collaboration server
+category: files
+version: "v0.14.1"
+port: 8745
+description: >-
+  📧 Stalwart is a fast, secure, and scalable open-source server for email, calendars, contacts, and file sharing, built in Rust for top-tier performance and safety.
+
+
+  All-in-One Communication Platform
+    - Full Email Protocol Support: JMAP, IMAP4, POP3, and SMTP with advanced authentication, security, and filtering.
+    - Collaboration Tools: CalDAV calendars, CardDAV contacts, WebDAV file storage and sharing.
+    - Spam & Phishing Protection: AI-powered filtering, DNS blocklists, greylisting, sender reputation tracking, and more.
+
+
+  Powerful Features for Any Scale
+    - Flexible storage backends: PostgreSQL, MySQL, SQLite, S3, Redis, ElasticSearch, and more.
+    - Built-in encryption, 2FA, and automated TLS certificates.
+    - Fault-tolerant, cluster-ready design with Kubernetes and Docker support.
+    - Rich admin dashboard, real-time monitoring, and user self-service tools.
+
+
+  Whether you're running a small private server or a large enterprise deployment, Stalwart delivers modern, secure, and efficient communication you can trust.
+
+
+  These are the configured external port mappings:
+    - **10443:443** (HTTPS)
+    - **10025:25** (SMTP)
+    - **10465:465** (SMTPS)
+    - **10587:587** (SMTP Submission)
+    - **10143:143** (IMAP)
+    - **10993:993** (IMAPS)
+    - **14190:4190** (Sieve)
+    - **10110:110**  (POP3)
+    - **10995:995**  (POP3S)
+
+
+  You can find more details on how to properly setup your instance here: https://stalw.art/docs/install/platform/docker/
+developer: Stalwart Labs
+website: https://stalw.art/
+submitter: al-lac
+submission: https://github.com/getumbrel/umbrel-apps/pull/4112
+repo: https://github.com/stalwartlabs/stalwart
+support: https://github.com/stalwartlabs/stalwart/issues
+gallery:
+  - 1.jpg
+  - 2.jpg
+  - 3.jpg
+  - 4.jpg
+  - 5.jpg
+releaseNotes: ""
+dependencies: []
+path: ""
+deterministicPassword: true
+defaultUsername: admin