Add database conf files and scripts

scripts/root/etc/apache2/sites-available/apache.com.conf

@@ -0,0 +1,64 @@
+<VirtualHost *:80>
+   ServerName alovoa.com
+   Redirect permanent / https://alovoa.com/
+RewriteEngine on
+RewriteCond %{SERVER_NAME} =alovoa.com
+RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
+ </VirtualHost>
+  <VirtualHost *:80>
+   ServerName www.alovoa.com
+   Redirect permanent / https://alovoa.com/
+RewriteEngine on
+RewriteCond %{SERVER_NAME} =www.alovoa.com
+RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
+ </VirtualHost>
+<VirtualHost *:443>
+   ServerName alovoa.com
+   SSLEngine On
+   SSLProxyEngine On
+   SSLProxyVerify none
+   SSLProxyCheckPeerCN off
+   SSLProxyCheckPeerName off
+   ProxyPass / https://127.0.0.1:8843/
+   ProxyPassReverse / https://127.0.0.1:8843/
+   RequestHeader set X-Forwarded-Proto https
+   RequestHeader set X-Forwarded-Port 443
+   ProxyPreserveHost On
+   Include /etc/letsencrypt/options-ssl-apache.conf
+   SSLCertificateFile /etc/letsencrypt/live/alovoa.com/fullchain.pem
+   SSLCertificateKeyFile /etc/letsencrypt/live/alovoa.com/privkey.pem
+ </VirtualHost>
+<VirtualHost *:80>
+   ServerName mail.alovoa.com
+   ServerAlias autodiscover.*
+   ServerAlias autoconfig.*
+   ServerAlias www.mail.alovoa.com
+   RewriteEngine on
+   RewriteCond %{HTTPS} off
+   RewriteRule ^/?(.*) https://%{HTTP_HOST}/$1 [R=301,L]
+   ProxyPass / http://127.0.0.1:8080/
+   ProxyPassReverse / http://127.0.0.1:8080/
+   ProxyPreserveHost On
+   ProxyAddHeaders On
+   RequestHeader set X-Forwarded-Proto "http"
+RewriteCond %{SERVER_NAME} =autodiscover.* [OR]
+RewriteCond %{SERVER_NAME} =mail.alovoa.com [OR]
+RewriteCond %{SERVER_NAME} =www.mail.alovoa.com [OR]
+RewriteCond %{SERVER_NAME} =autoconfig.*
+RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
+ </VirtualHost>
+ <VirtualHost *:443>
+   ServerName mail.alovoa.com
+   ServerAlias www.mail.alovoa.com
+   ServerAlias autodiscover.*
+   ServerAlias autoconfig.*
+   ProxyPass / http://127.0.0.1:8080/
+   ProxyPassReverse / http://127.0.0.1:8080/
+   ProxyPreserveHost On
+   ProxyAddHeaders On
+   RequestHeader set X-Forwarded-Proto "https"
+   Include /etc/letsencrypt/options-ssl-apache.conf
+   SSLCertificateFile /etc/letsencrypt/live/alovoa.com/fullchain.pem
+SSLCertificateKeyFile /etc/letsencrypt/live/alovoa.com/privkey.pem
+ </VirtualHost>
+

scripts/root/etc/letsencrypt/renewal-hooks/deploy/auto_pfx.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+# Adjust these variables as necessary
+
+# Where you want to final PKCS12 file to be stored.
+CERT_PATH="/opt/alovoa/alovoa.pfx"
+
+# Password to encrypt the PKCS12 file.
+CERT_PW="your-password-here"
+
+# Path to LE files, RENEWED_LINEAGE provided by CertBot
+PRIV_KEY_PEM="$RENEWED_LINEAGE/privkey.pem"
+CERT_PEM="$RENEWED_LINEAGE/cert.pem"
+CHAIN_PEM="$RENEWED_LINEAGE/chain.pem"
+
+# If there's already a .pfx file, back it up
+if [[ -f "$CERT_PATH" ]]; then
+    now=`date +%Y-%m-%d-%T`
+    mv $CERT_PATH $CERT_PATH.bak.$now
+fi
+
+# Le Conversion
+openssl pkcs12 -export -out $CERT_PATH -inkey $PRIV_KEY_PEM -in $CERT_PEM -certfile $CHAIN_PEM -password pass:$CERT_PW
+

scripts/root/etc/letsencrypt/renewal-hooks/deploy/mailcow.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+cp /etc/letsencrypt/live/alovoa.com/fullchain.pem /opt/mailcow-dockerized/data/assets/ssl/cert.pem
+cp /etc/letsencrypt/live/alovoa.com/privkey.pem /opt/mailcow-dockerized/data/assets/ssl/key.pem
+postfix_c=$(docker ps -qaf name=postfix-mailcow)
+dovecot_c=$(docker ps -qaf name=dovecot-mailcow)
+nginx_c=$(docker ps -qaf name=nginx-mailcow)
+docker restart ${postfix_c} ${dovecot_c} ${nginx_c}
+
+

src/main/resources/application.properties

@@ -46,6 +46,7 @@ spring.jpa.properties.hibernate.enable_lazy_load_no_trans=true
 ### KEYS AND CREDENTIALS ###
 #spring.datasource.password=
 #spring.datasource.username=
+#keys for transparent database encryption
 #app.text.key= #key must be 16, 24 or 32 bytes long
 #app.text.salt= #salt must be 16 bytes long
 #app.admin.email=