Consider supporting Cloudflare DNS

[springcomp]

@mrehanabbasi https://github.com/springcomp/self-hosted-simplelogin/issues/6#issuecomment-1841552680

TODO:

• add acme.sh DNS plugin for Cloudflare
• update acme.sh Docker entry-point script
• update documentation

[springcomp]

@mrehanabbasi

FYI I have integrated support for Cloudflare. Please, let me know if you would want to provide feedback.

Thanks for your support.

[mrehanabbasi]

The CloudFlare integration is working flawlessly. Great work, man. I just had one question, what changes do I need to make apart from acme.sh/Dockerfiles/docker-entrypoint.sh if I add a custom domain to my SimpleLogin instance? I am asking because none of my emails are getting forwarded via the aliases for that custom domain even though the emails for app.domain.tld (the original domain) are being forwarded without any issue.

[springcomp]

[…] what changes do I need to make […] if I add a custom domain to my SimpleLogin instance? I am asking because none of my emails are getting forwarded via the aliases for that custom domain […].

That’s a great point!

My assumption is that you are able to sucessfully create, verify ownership and properly configure a custom domain from the Simple Login UI.

If that’s the case, you do not actually need any further changes to the acme.sh configuration as this domain does not serve web pages and is only used to receive and send emails. That is, this custom domain does not need a dedicated SSL configuration.

However, you do need to update the postfix/conf.d/master.cf.tpl file and add your custom domain as one of the virtual_alias_domains entries like so:

  maillog_file=/dev/stdout

- virtual_alias_domains = 
+ virtual_alias_domains = my-custom-domain.tld
  virtual_alias_maps = lmdb:/etc/postfix/conf.d/virtual, regexp:/etc/postfix/conf.d/virtual-regexp

I’ll try and update the documentation. Please, let me know if that solves your issue.

[springcomp]

Hum as a matter of fact, this does not work... Seems related to how DNS is handled from within a docker container.

I will need to dig (no pun intended) further.

[mrehanabbasi]

Yeah, please do keep me updated on this. Thanks.

[mrehanabbasi]

Also, IMO the custom domain will also need to be added to acme.sh since postfix uses those certificates as well.

[springcomp]

Also, IMO the custom domain will also need to be added to acme.sh since postfix uses those certificates as well.

I can guarantee that this is not the case. If you have created the custom domain from the Simple Login UI, you can see that the DNS changes are designed to redirect everything back to your master public domain.

• TXT dkim._domainkey.custom-domain.tld -> dkim._domainkey.domain.tld
• MX @ -> 10 app.domain.tld

So senders will never connect to anything but the main public domain.

Let me keep you posted on the progress in the other issue.

[springcomp]

@mrehanabbasi

In fact you do not need to change anything for this to work. It virtually works straight out of the box on a fresh VPS install and a fresh clone of the repository. I have, of course paid extra caution to update the DNS for the primary domain as well as the custom domain as instructed by the Simple Login page.

Please, to make extra sure that it works for you. Can you try the latest 4.6.x-beta branch ?

This takes care of the migration from 3.4.0 to 4.6.5-beta.

[mrehanabbasi]

Please note that I am using the latest beta version.

[mrehanabbasi]

Ah, sorry. I though you meant the version from simplelogin. I will try your branch and see if everything works.

[springcomp]

Ah, sorry. I though you meant the version from simplelogin. I will try your branch and see if everything works.

The pgsql-transport-maps.cf and pgsql-relay-domains.cf files are slightly updated in v4.x. That may or may not explain...

If that still fails for you, can you please post an anonymized portion of the relevant logs from postfix at the time of failure ?

[springcomp]

I’m sorry, I just made a last minute force push. Please be sure to get commit c0548a7.

[mrehanabbasi]

IT'S WORKING!!! Thanks a lot for this.

[springcomp]

Thanks for your support.