diff --git a/stalwart/data/.gitkeep b/stalwart/data/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/stalwart/docker-compose.yml b/stalwart/docker-compose.yml new file mode 100644 index 00000000..03d5e0f2 --- /dev/null +++ b/stalwart/docker-compose.yml @@ -0,0 +1,25 @@ +version: "3.9" + +services: + app_proxy: + environment: + APP_HOST: stalwart_server_1 + APP_PORT: 8080 + PROXY_AUTH_ADD: "false" + + server: + image: stalwartlabs/stalwart:v0.14.1@sha256:54e381c1f6a637fd7b00a8b5778103bcc9763c7073fa72e45795fce275bff610 + user: "1000:1000" + ports: + - 10443:443 # HTTPS + - 10025:25 # SMTP + - 10465:465 # SMTPS + - 10587:587 # SMTP Submission + - 10143:143 # IMAP + - 10993:993 # IMAPS + - 14190:4190 # Sieve + - 10110:110 # POP3 + - 10995:995 # POP3S + volumes: + - ${APP_DATA_DIR}/data:/opt/stalwart + restart: on-failure diff --git a/stalwart/hooks/post-start b/stalwart/hooks/post-start new file mode 100755 index 00000000..9cdcb379 --- /dev/null +++ b/stalwart/hooks/post-start @@ -0,0 +1,86 @@ +#!/usr/bin/env bash +set -euo pipefail + +# This script adapts the default password of Stalwart. + +APP_DIR="$(readlink -f "$(dirname "${BASH_SOURCE[0]}")/..")" +APP_DATA_DIR="$APP_DIR/data" +CONFIG_FILE="$APP_DATA_DIR/etc/config.toml" + +# Sentinel file to check if admin was already initialised +ADMIN_SENTINEL="${APP_DATA_DIR}/.admin_created" + +# Maximum number of retries to check for config file +MAX_RETRIES=10 +RETRY_DELAY=2 + +# Check if the admin password has already been initialized +check_already_processed() { + if [ -f "$ADMIN_SENTINEL" ]; then + echo "Admin already initialized. Skipping..." + exit 0 + fi +} + +# Wait for config file to be available with retries +wait_for_config() { + local retries=0 + while [ $retries -lt $MAX_RETRIES ]; do + if [ -f "$CONFIG_FILE" ]; then + echo "Config file found at $CONFIG_FILE" + return 0 + fi + + retries=$((retries + 1)) + echo "Config file not found. Retry $retries/$MAX_RETRIES in ${RETRY_DELAY}s..." + sleep $RETRY_DELAY + done + + echo "Error: Config file not found at $CONFIG_FILE after $MAX_RETRIES attempts" + exit 1 +} + +# Replace the secret in the config file +update_secret() { + if [ -z "${APP_PASSWORD:-}" ]; then + echo "Error: APP_PASSWORD environment variable not set" + exit 1 + fi + + # Generate new secret using the same salt + NEW_SECRET=$(openssl passwd -6 -salt 8woP51TKJO.JKOp9 "${APP_PASSWORD}") + + # Check if the fallback-admin section exists + if ! grep -q "\[authentication.fallback-admin\]" "$CONFIG_FILE"; then + echo "Error: [authentication.fallback-admin] section not found in config file" + exit 1 + fi + + # Replace the secret value + sed -i.bak "/^\[authentication\.fallback-admin\]/,/^\[/s|^secret = .*|secret = \"$NEW_SECRET\"|" "$CONFIG_FILE" + + # Remove backup file + rm -f "$CONFIG_FILE.bak" + + # Create sentinel file to mark admin as initialized + touch "$ADMIN_SENTINEL" + + echo "Successfully updated admin password in $CONFIG_FILE" + + echo "Restarting app to apply new password..." + "${UMBREL_ROOT}/scripts/app" restart "${APP_ID}" & +} + +# Main execution +echo "Starting Stalwart post-start configuration..." + +# Check if already processed +check_already_processed + +# Wait for config file +wait_for_config + +# Update the secret +update_secret + +echo "Stalwart post-start configuration completed." diff --git a/stalwart/umbrel-app.yml b/stalwart/umbrel-app.yml new file mode 100644 index 00000000..aa61beff --- /dev/null +++ b/stalwart/umbrel-app.yml @@ -0,0 +1,57 @@ +manifestVersion: 1.1 +id: stalwart +name: Stalwart +tagline: All-in-one Mail & Collaboration server +category: files +version: "v0.14.1" +port: 8745 +description: >- + 📧 Stalwart is a fast, secure, and scalable open-source server for email, calendars, contacts, and file sharing, built in Rust for top-tier performance and safety. + + + All-in-One Communication Platform + - Full Email Protocol Support: JMAP, IMAP4, POP3, and SMTP with advanced authentication, security, and filtering. + - Collaboration Tools: CalDAV calendars, CardDAV contacts, WebDAV file storage and sharing. + - Spam & Phishing Protection: AI-powered filtering, DNS blocklists, greylisting, sender reputation tracking, and more. + + + Powerful Features for Any Scale + - Flexible storage backends: PostgreSQL, MySQL, SQLite, S3, Redis, ElasticSearch, and more. + - Built-in encryption, 2FA, and automated TLS certificates. + - Fault-tolerant, cluster-ready design with Kubernetes and Docker support. + - Rich admin dashboard, real-time monitoring, and user self-service tools. + + + Whether you're running a small private server or a large enterprise deployment, Stalwart delivers modern, secure, and efficient communication you can trust. + + + These are the configured external port mappings: + - **10443:443** (HTTPS) + - **10025:25** (SMTP) + - **10465:465** (SMTPS) + - **10587:587** (SMTP Submission) + - **10143:143** (IMAP) + - **10993:993** (IMAPS) + - **14190:4190** (Sieve) + - **10110:110** (POP3) + - **10995:995** (POP3S) + + + You can find more details on how to properly setup your instance here: https://stalw.art/docs/install/platform/docker/ +developer: Stalwart Labs +website: https://stalw.art/ +submitter: al-lac +submission: https://github.com/getumbrel/umbrel-apps/pull/4112 +repo: https://github.com/stalwartlabs/stalwart +support: https://github.com/stalwartlabs/stalwart/issues +gallery: + - 1.jpg + - 2.jpg + - 3.jpg + - 4.jpg + - 5.jpg +releaseNotes: "" +dependencies: [] +path: "" +deterministicPassword: true +defaultUsername: admin