The Heavy · The Heavy · 296a8142 · 296a8142 · 296a8142 · 296a8142
--- a/README.md
+++ b/README.md
@@ -32,7 +32,9 @@ After signing in you should run 'Re-check and refresh configuration' (should be
 - The Webmin certificate is generated during image build, this means all containers share the same default certificate which is bad for security.
 - The DKIM selector and private key need randomising.
 - Upgrading Webmin within the container fails, need to disable the upgrades somehow?
- Some SysV init scripts have been replaced with 'no-ops' because we don't have an S6 service for them yet, others are hacky links to the S6 equivalents for SysV very rudimentary SysV init compatibility.
+- Some SysV init scripts have been replaced with 'no-ops' because we don't have an S6 service for them yet, others are hacky links to the S6 equivalents for very rudimentary SysV init compatibility.
+- Root password resets if you stop the container.
+- Local IP changes if you stop the container, Virtualmin will whinge but not sure if this actually causes issues yet.
 ## Licence

--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -11,10 +11,10 @@ services:
    volumes:
      - /opt/docker/virtualmin/config:/config
    ports:
-      - 10000:10000  # Webmin port
+      - "10000:10000"  # Webmin port
-      - 20000:20000  # Usermin port
+      - "20000:20000"  # Usermin port
-      - 25:25        # SMTP port
+      - "25:25"        # SMTP port
-      - 143:143      # IMAP port
+      - "143:143"      # IMAP port
-      - 80:80        # HTTP port
+      - "80:80"        # HTTP port
-      - 443:443      # HTTPS port
+      - "443:443"      # HTTPS port
    restart: unless-stopped
--- a/root/etc/init.d/postfix
+++ b/root/etc/init.d/postfix
@@ -14,10 +14,10 @@
 case "$1" in
  start)
-        /usr/bin/s6-svc -uwR /var/run/s6/services/postfix
+        /usr/bin/s6-svc -u /var/run/s6/services/postfix
        ;;
  stop)
-        /usr/bin/s6-svc -dwD /var/run/s6/services/postfix
+        /usr/bin/s6-svc -d /var/run/s6/services/postfix
        ;;
  status)
        /usr/bin/s6-svstat /var/run/s6/services/postfix
@@ -26,7 +26,7 @@ case "$1" in
        /usr/sbin/postfix reload
        ;;
  restart)
-        /usr/bin/s6-svc -ruwR /var/run/s6/services/postfix
+        /usr/bin/s6-svc -r /var/run/s6/services/postfix
        ;;
  *)
        echo "Usage: postfix {start|stop|restart|reload|force-reload}" >&2

--- a/root/etc/opendkim/opendkim.conf
+++ b/root/etc/opendkim/opendkim.conf
@@ -6,7 +6,7 @@ Selector            oolielupebei
 Canonicalization    simple
 Mode                sv
 SubDomains          no
-Socket              inet:8891@localhost
+Socket              local:/run/opendkim/opendkim.sock
 PidFile             /run/opendkim/opendkim.pid
 OversignHeaders     From
 TrustAnchorFile     /usr/share/dns/root.key

--- a/root/etc/postfix/main.cf
+++ b/root/etc/postfix/main.cf
@@ -70,3 +70,10 @@ smtpd_helo_required = yes
 smtpd_sasl_auth_enable = yes
 # from the postfix docs: Enable interoperability with remote SMTP clients that implement an obsolete version of the AUTH command (RFC 4954). Examples of such clients are MicroSoft Outlook Express version 4 and MicroSoft Exchange version 5.0. 
 broken_sasl_auth_clients = yes
+# filter mail through opendkim, which won't open a port under docker for reasons
+smtpd_milters = unix:/run/opendkim/opendkim.sock
+non_smtpd_milters = unix:/run/opendkim/opendkim.sock
+# send logs somewhere we can read them
+maillog_file = /dev/stdout