Introduction of docer-mailserver behind traefik.

2022-09-15 05:32:12 +02:00
parent f911c7e4fe
commit 1f662126a4
2 changed files with 84 additions and 0 deletions
--- a/common/docker-compose.yaml
+++ b/common/docker-compose.yaml
@@ -25,6 +25,10 @@ services:
      - --providers.docker.swarmMode=false
      - --entryPoints.web.address=:80
      - --entryPoints.websecure.address=:443
+      - --entryPoints.smtp.address=:25
+      - --entryPoints.smtp-ssl.address=:465
+      - --entryPoints.imap-ssl.address=:993
+      - --entryPoints.sieve.address=:4190
      - --certificatesresolvers.infomaniak.acme.dnschallenge=true
      - --certificatesresolvers.infomaniak.acme.email=christiansteinle@arcor.de
      - --certificatesresolvers.infomaniak.acme.dnschallenge.provider=infomaniak
@@ -36,8 +40,12 @@ services:
    environment:
      - INFOMANIAK_ACCESS_TOKEN=5IraYq8HK9qur57Mj_TnHQ9pS9G79NPvjF8ID17n-EvfYO7TU6Fi0ZmDKSX6mIhTQJbyYegRd1hfmM-t
    ports:
+      - "25:25"
      - "80:80"
      - "443:443"
+      - "465:465"
+      - "993:993"
+      - "4190:4190"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - letsencrypt:/letsencrypt
--- a/mail/docker-compose.yaml
+++ b/mail/docker-compose.yaml
@@ -0,0 +1,76 @@
+version: "3.8"
+
+networks:
+  proxy:
+    external: true
+  mail:
+    name: mail
+    external: false
+
+volumes:
+  letsencrypt:
+    external: true
+  mail-data:
+    name: mail-data
+  mail-state:
+    name: mail-stat
+  mail-logs:
+    name: mail-logs
+  mail-config:
+    name: mail-config
+
+services:
+  mailserver:
+    image: mailserver/docker-mailserver:latest
+    container_name: mailserver
+    hostname: mail
+    domainname: steinle-computer.de
+    volumes:
+      - mail-data:/var/mail/
+      - mail-state:/var/mail-state/
+      - mail-logs:/var/log/mail/
+      - mail-config:/tmp/docker-mailserver/
+      - letsencrypt:/etc/letsencrypt/
+    restart: always
+    stop_grace_period: 1m
+    cap_add:
+      - NET_ADMIN
+    environment:
+      - ENABLE_FAIL2BAN=1
+      - SSL_TYPE=letsencrypt
+      - PERMIT_DOCKER=none
+      - ONE_DIR=1
+      - ENABLE_POSTGREY=1
+      - ENABLE_CLAMAV=1
+      - ENABLE_SPAMASSASSIN=1
+      - SPOOF_PROTECTION=1
+      - ENABLE_MANAGESIEVE=1
+    healthcheck:
+      test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1"
+      timeout: 3s
+      retries: 0
+    networks:
+       - proxy
+    labels:
+      - "traefik.enable=true"
+      - "traefik.tcp.routers.smtp.rule=HostSNI(`*`)"
+      - "traefik.tcp.routers.smtp.entrypoints=smtp"
+      - "traefik.tcp.routers.smtp.service=smtp"
+      - "traefik.tcp.services.smtp.loadbalancer.server.port=25"
+      - "traefik.tcp.services.smtp.loadbalancer.proxyProtocol.version=1"
+      - "traefik.tcp.routers.smtp-ssl.rule=HostSNI(`*`)"
+      - "traefik.tcp.routers.smtp-ssl.tls=false"
+      - "traefik.tcp.routers.smtp-ssl.entrypoints=smtp-ssl"
+      - "traefik.tcp.routers.smtp-ssl.service=smtp-ssl"
+      - "traefik.tcp.services.smtp-ssl.loadbalancer.server.port=465"
+      - "traefik.tcp.services.smtp-ssl.loadbalancer.proxyProtocol.version=1"
+      - "traefik.tcp.routers.imap-ssl.rule=HostSNI(`*`)"
+      - "traefik.tcp.routers.imap-ssl.entrypoints=imap-ssl"
+      - "traefik.tcp.routers.imap-ssl.service=imap-ssl"
+      - "traefik.tcp.services.imap-ssl.loadbalancer.server.port=10993"
+      - "traefik.tcp.services.imap-ssl.loadbalancer.proxyProtocol.version=2"
+      - "traefik.tcp.routers.sieve.rule=HostSNI(`*`)"
+      - "traefik.tcp.routers.sieve.entrypoints=sieve"
+      - "traefik.tcp.routers.sieve.service=sieve"
+      - "traefik.tcp.services.sieve.loadbalancer.server.port=4190"
+