Integrate Nextcloud with Protonmail Bridge

[blumberg]

I would like to use Protonmail as the mail server. To do so, I need to use the Protonmail Bridge. I found this docker and was wondering how can I integrate both. I don´t have much experience with Dockers, but don´t mind messing around.

I don´t know if there are others with the same interest, and maybe it can be added in this playbook or if anyone could give me some hints from where I can start.

[ReinerNippes]

several ways:

without ansible:

• just use docker run ... as described in https://hub.docker.com/r/shenxn/protonmail-bridge
• create a docker-compose file

with ansible:

• add a file protonmailbridge.yml to the folder roles/docker_container/tasks

- name: "Create protonmail bridge container"
  docker_container:
    name: protonmail-bridge
    image: shenxn/protonmail-bridge:{{ docker_protonmail_image | default('latest') }}
    restart_policy: always
    networks:
      - name: backend
    networks_cli_compatible: true
    volumes:
      - 'protonmail-data-vol:/root:rw'
    labels:
      com.centurylinklabs.watchtower.enable:         "true"

and add

- name: docker protonmail bridge
  include_tasks: protonmailbridge.yml
  when: 
    - protonmail_bridge_enabled|bool

to roles/docker_container/tasks/main.yml

and finally you have to define two variables

protonmail_bridge_enabled=true in the inventory
and
docker_protonmail_image: latest in group_vars/all.yml (~ line 30)

please not that container won't be reachable from the internet since no ports are exposed and it is only connected to the backend network. if you want to change this you would have to create another network in roles/docker_container/tasks/network.yml and connect the nextcloud container as well to it.

[blumberg]

Thanks for your support @ReinerNippes!

I managed to make it work with a few tweaks.

To open the Protonmail Bridge and connect wasn´t that easy.

Installing with Ansible

I use your command, but added the ports that needed to be opened to a config file similar to turn_server ports. I opened only port 25 as I only need SMTP.

ports:
  - 127.0.0.1:1025:25/tcp

To be able to login on protonmail-bridge, I accessed the docker using this: (I don´t know how to do it through Ansible)

docker exec -it protonmail-bridge bash

Then on another window I opened htop to kill any protonmail-bridge running process (apart from the docker itself). This allowed me to run inside the docker:

chmod +x entrypoint.sh
./entrypoint.sh init

This generates a gpg key which can take a while and initiate protonmail-bridge cli to interact with, however I couldn´t interact with that. So I killed all protonmail-bridge process again and run straight from terminal (as all keys had being generated already):

protonmail-bridge --cli

From there I could login and show my details with info.

Once it was configured, then I run ./entrypoint.sh to let it running as it should.

I had to restart the container for it to run properly. I don´t remember if I had to reboot as well.

Without ansible

I created the container with:

docker run --network=backend -it --name=protonmail-bridge -v protonmail:/root -p 127.0.0.1:1025:25/tcp -p 127.0.0.1:1143:143/tcp --restart=unless-stopped --label com.centurylinklabs.watchtower.enable=true shenxn/protonmail-bridge init

This connects the container to backend network and added watchtower label (I copied from Ansible). This creates the docker and allowed me to connect to protonmail-bridge (running login and after info).

Once connected, for some reason it wasn´t running as it should, so I workedaround removing the docker and creating it again on background:

docker stop protonmail-bridge
docker rm protonmail-bridge
docker run --network=backend -d --name=protonmail-bridge -v protonmail:/root -p 127.0.0.1:1025:25/tcp -p 127.0.0.1:1143:143/tcp --restart=unless-stopped --label com.centurylinklabs.watchtower.enable=true shenxn/protonmail-bridge

From there it worked perfect.

Nextcloud Email Server configuration

On Nextcloud I configured it as:

• Send Mode: SMTP
• Encryption: None
• From address: <emailaddress>@<domain.com>
• Authentication method: Login
• Authentiication required: checked
• Server address: protonmail-bridge : 25
• Credentials: <provided by info>

Hope that helps anyone trying to do the same as me.

It wasn´t the cleanest way, but it worked.

[captainnapalm]

Just commenting to thank @blumberg for the above. Got me out of a pickle.

[ttrakker]

is there any 'for dummies' guides to the above? I have no idea where to start.

[joskapista44]

That would be really good. But it would be best if the mail app included the bridge by default or if you could install the bridge as a separate app. Until then, it's just a game for IT guys.

[bozzio83]

Thanks for your support @ReinerNippes!

I managed to make it work with a few tweaks.

To open the Protonmail Bridge and connect wasn´t that easy.

Installing with Ansible

I use your command, but added the ports that needed to be opened to a config file similar to turn_server ports. I opened only port 25 as I only need SMTP.

ports:
  - 127.0.0.1:1025:25/tcp

To be able to login on protonmail-bridge, I accessed the docker using this: (I don´t know how to do it through Ansible)

docker exec -it protonmail-bridge bash

Then on another window I opened htop to kill any protonmail-bridge running process (apart from the docker itself). This allowed me to run inside the docker:

chmod +x entrypoint.sh
./entrypoint.sh init

This generates a gpg key which can take a while and initiate protonmail-bridge cli to interact with, however I couldn´t interact with that. So I killed all protonmail-bridge process again and run straight from terminal (as all keys had being generated already):

protonmail-bridge --cli

From there I could login and show my details with info.

Once it was configured, then I run ./entrypoint.sh to let it running as it should.

I had to restart the container for it to run properly. I don´t remember if I had to reboot as well.

Without ansible

I created the container with:

docker run --network=backend -it --name=protonmail-bridge -v protonmail:/root -p 127.0.0.1:1025:25/tcp -p 127.0.0.1:1143:143/tcp --restart=unless-stopped --label com.centurylinklabs.watchtower.enable=true shenxn/protonmail-bridge init

This connects the container to backend network and added watchtower label (I copied from Ansible). This creates the docker and allowed me to connect to protonmail-bridge (running login and after info).

Once connected, for some reason it wasn´t running as it should, so I workedaround removing the docker and creating it again on background:

docker stop protonmail-bridge
docker rm protonmail-bridge
docker run --network=backend -d --name=protonmail-bridge -v protonmail:/root -p 127.0.0.1:1025:25/tcp -p 127.0.0.1:1143:143/tcp --restart=unless-stopped --label com.centurylinklabs.watchtower.enable=true shenxn/protonmail-bridge

From there it worked perfect.

Nextcloud Email Server configuration

On Nextcloud I configured it as:

* **Send Mode:** SMTP

* **Encryption:** None

* **From address:** <emailaddress>@<domain.com>

* **Authentication method:** Login

* **Authentiication required:** _checked_

* **Server address:** protonmail-bridge : 25

* **Credentials:** <provided by `info`>

Hope that helps anyone trying to do the same as me.

It wasn´t the cleanest way, but it worked.

I'm still getting this error.

time="2023-09-28T21:09:16Z" level=warning msg="Failed to add test credentials to keychain" error="failed to open dbus connection: exec: "dbus-launch": executable file not found in $PATH" helper="*keychain.SecretServiceDBusHelper"
time="2023-09-28T21:09:16Z" level=info msg="Migrating keychain helper"

Any ideas?