Allow own certificates

[nelfer]

Skip generation of certificates if one already exists. This will allow the use of your own certificates via volume mounting

[huan]

It looks great!

could you add a brief user document into README? for example:

1. how to generate SSL cert through letsencrypt(you had already written in the issue)
2. how to start SMF with using an existing SSL cert by --volume .

that would be sweet for new users.

thanks for the contribution! 👍

[nelfer]

OK I will do that (probably tomorrow)
I'm running it now to test it, and everything seems to work.
And I agree, that is better if the pull request includes the documentation of how to use the new feature.

[huan]

great document!
merged.

[bcardiff]

I want to say thanks again :-)
We are using this PR with letsencrypt certificates.

I took me a little while to notice that:

1. letsencrypt generated privkey.pem is smtp.key and letsencrypt generated fullchain.pem is smtp.cert (newbie with certificates)
2. when mounting the symlinked files, these are not readable in the container. And letsencrypt suggest not to copy files around.

So we are now doing:

# in host
ln -s /data/cert/etc/letsencrypt/live/__DOMAIN__/privkey.pem /data/mail/certs/smtp.key
ln -s /data/cert/etc/letsencrypt/live/__DOMAIN__/fullchain.pem /data/mail/certs/smtp.cert

(where /data/cert/etc/letsencrypt is the mounted /etc/letsencrypt in certbot container. )

And this image is mounted with the following volumes so the symlinks are accessible and we don't need to copy cert around.

...
volumes:
    - '/data/mail/certs:/etc/postfix/cert'
    - '/data/cert/etc/letsencrypt:/data/cert/etc/letsencrypt:ro'

[huan]

Thanks to point this out!

Could you please make a PR to document it in the readme so it can help others in the future ?