Home

Awesome

<p align="center"><a href="https://github.com/anonaddy/docker" target="_blank"><img height="128" src="https://raw.githubusercontent.com/anonaddy/docker/master/.github/docker-anonaddy.jpg"></a></p> <p align="center"> <a href="https://hub.docker.com/r/anonaddy/anonaddy/tags?page=1&ordering=last_updated"><img src="https://img.shields.io/github/v/tag/anonaddy/docker?label=version&style=flat-square" alt="Latest Version"></a> <a href="https://github.com/anonaddy/docker/actions?workflow=build"><img src="https://img.shields.io/github/actions/workflow/status/anonaddy/docker/build.yml?branch=master&label=build&logo=github&style=flat-square" alt="Build Status"></a> <a href="https://hub.docker.com/r/anonaddy/anonaddy/"><img src="https://img.shields.io/docker/stars/anonaddy/anonaddy.svg?style=flat-square&logo=docker" alt="Docker Stars"></a> <a href="https://hub.docker.com/r/anonaddy/anonaddy/"><img src="https://img.shields.io/docker/pulls/anonaddy/anonaddy.svg?style=flat-square&logo=docker" alt="Docker Pulls"></a> <br /><a href="https://github.com/sponsors/crazy-max"><img src="https://img.shields.io/badge/sponsor-crazy--max-181717.svg?logo=github&style=flat-square" alt="Become a sponsor"></a> <a href="https://www.paypal.me/crazyws"><img src="https://img.shields.io/badge/donate-paypal-00457c.svg?logo=paypal&style=flat-square" alt="Donate Paypal"></a> </p>

About

Docker image for addy.io, an anonymous email forwarding service.

[!TIP] Want to be notified of new releases? Check out 🔔 Diun (Docker Image Update Notifier) project!


Features

Build locally

git clone https://github.com/anonaddy/docker.git docker-addy
cd docker-addy

# Build image and output to docker (default)
docker buildx bake

# Build multi-platform image
docker buildx bake image-all

Image

Following platforms for this image are available:

$ docker run --rm mplatform/mquery anonaddy/anonaddy:latest
Image: anonaddy/anonaddy:latest
 * Manifest List: Yes
 * Supported platforms:
   - linux/amd64
   - linux/arm/v6
   - linux/arm/v7
   - linux/arm64

Environment variables

General

App

[!NOTE] APP_KEY_FILE, ANONADDY_SECRET_FILE and ANONADDY_SIGNING_KEY_FINGERPRINT_FILE can be used to fill in the value from a file, especially for Docker's secrets feature.

Database

[!NOTE] DB_USERNAME_FILE and DB_PASSWORD_FILE can be used to fill in the value from a file, especially for Docker's secrets feature.

Redis

[!NOTE] REDIS_PASSWORD_FILE can be used to fill in the value from a file, especially for Docker's secrets feature.

Mail

Postfix

[!NOTE] POSTFIX_RELAYHOST_USERNAME_FILE and POSTFIX_RELAYHOST_PASSWORD_FILE can be used to fill in the value from a file, especially for Docker's secrets feature.

RSPAMD

[!NOTE] RSPAMD_WEB_PASSWORD_FILE can be used to fill in the value from a file, especially for Docker's secrets feature.

[!WARNING] DKIM private key must be located in /data/dkim/${ANONADDY_DOMAIN}.private. You can generate a DKIM private/public keypair by following this note.

[!WARNING] Rspamd service is disabled if DKIM private key is not found

[!WARNING] Rspamd service needs to be enabled for the reply anonymously feature to work.
See #169 for more details.

Volumes

[!WARNING] Note that the volume should be owned by the user/group with the specified PUID and PGID. If you don't give the volume correct permissions, the container may not start.

Ports

Usage

Docker Compose

Docker compose is the recommended way to run this image. You can use the following docker compose template, then run the container:

docker compose up -d
docker compose logs -f

Upgrade

docker compose pull
docker compose up -d

Notes

anonaddy command

If you want to use the artisan command to perform common server operations like manage users, passwords and more, type:

docker compose exec addy anonaddy <command>

For example to list all available commands:

docker compose exec addy anonaddy list

Create user

docker compose exec addy anonaddy anonaddy:create-user "username" "webmaster@example.com"

Generate DKIM private/public keypair

docker compose run --entrypoint '' addy gen-dkim
generating private and storing in data/dkim/example.com.private
generating DNS TXT record with public key and storing it in data/dkim/example.com.txt

default._domainkey IN TXT ( "v=DKIM1; k=rsa; "
        "p=***"
        "***"
) ;

The keypair will be available in /data/dkim.

Generate GPG key

If you don't have an existing GPG key, you can generate a new GPG key with the following command:

docker compose exec --user anonaddy addy gpg --full-gen-key

Keys will be stored in /data/.gnupg folder.

Define additional env vars

You can define additional environment variables that will be used by the app by creating a file named .env in /data.

Override Postfix main configuration

In some cases you may want to override the default Postfix main configuration to fit your infrastructure. To do so, you can create a file named postfix-main.alt.cf in /data and it will be used instead of the generated configuration. Use at your own risk.

[!WARNING] Container has to be restarted to propagate changes

Spamhaus DQS configuration

If a public DNS resolver is used, it may be blocked by Spamhaus and return a 'non-existent domain' (NXDOMAIN), and soon will start to return an error code:

Aug  3 10:15:40 mail01 postfix/smtpd[23645]: NOQUEUE: reject: RCPT from sender.example.com[xx.xx.xx.xx]: 554 5.7.1 Service unavailable;
Client host [xx.xx.xx.xx] blocked using zen.spamhaus.org; Error: open resolver; https://www.spamhaus.org/returnc/pub/162.158.148.77;
from=<sender@example.com> to=<recipient@example.com> proto=ESMTP helo=<icinga2.infiniroot.net>

To fix this issue, you can register a DQS key here and complete the registration procedure. After you register an account, you can find the DQS key in the "Access" section of this page.

Contributing

Want to contribute? Awesome! The most basic way to show your support is to star the project, or to raise issues. You can also support this project by becoming a sponsor on GitHub or by making a PayPal donation to ensure this journey continues indefinitely!

Thanks again for your support, it is much appreciated! :pray:

License

MIT. See LICENSE for more details.