From 1f662126a47384c80717d07fcff30308226fa71c Mon Sep 17 00:00:00 2001 From: Christian Steinle Date: Thu, 15 Sep 2022 05:32:12 +0200 Subject: [PATCH] Introduction of docer-mailserver behind traefik. --- common/docker-compose.yaml | 8 ++++ mail/docker-compose.yaml | 76 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 84 insertions(+) create mode 100644 mail/docker-compose.yaml diff --git a/common/docker-compose.yaml b/common/docker-compose.yaml index ad639bf..04c1f6a 100644 --- a/common/docker-compose.yaml +++ b/common/docker-compose.yaml @@ -25,6 +25,10 @@ services: - --providers.docker.swarmMode=false - --entryPoints.web.address=:80 - --entryPoints.websecure.address=:443 + - --entryPoints.smtp.address=:25 + - --entryPoints.smtp-ssl.address=:465 + - --entryPoints.imap-ssl.address=:993 + - --entryPoints.sieve.address=:4190 - --certificatesresolvers.infomaniak.acme.dnschallenge=true - --certificatesresolvers.infomaniak.acme.email=christiansteinle@arcor.de - --certificatesresolvers.infomaniak.acme.dnschallenge.provider=infomaniak @@ -36,8 +40,12 @@ services: environment: - INFOMANIAK_ACCESS_TOKEN=5IraYq8HK9qur57Mj_TnHQ9pS9G79NPvjF8ID17n-EvfYO7TU6Fi0ZmDKSX6mIhTQJbyYegRd1hfmM-t ports: + - "25:25" - "80:80" - "443:443" + - "465:465" + - "993:993" + - "4190:4190" volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - letsencrypt:/letsencrypt diff --git a/mail/docker-compose.yaml b/mail/docker-compose.yaml new file mode 100644 index 0000000..2f05904 --- /dev/null +++ b/mail/docker-compose.yaml @@ -0,0 +1,76 @@ +version: "3.8" + +networks: + proxy: + external: true + mail: + name: mail + external: false + +volumes: + letsencrypt: + external: true + mail-data: + name: mail-data + mail-state: + name: mail-stat + mail-logs: + name: mail-logs + mail-config: + name: mail-config + +services: + mailserver: + image: mailserver/docker-mailserver:latest + container_name: mailserver + hostname: mail + domainname: steinle-computer.de + volumes: + - mail-data:/var/mail/ + - mail-state:/var/mail-state/ + - mail-logs:/var/log/mail/ + - mail-config:/tmp/docker-mailserver/ + - letsencrypt:/etc/letsencrypt/ + restart: always + stop_grace_period: 1m + cap_add: + - NET_ADMIN + environment: + - ENABLE_FAIL2BAN=1 + - SSL_TYPE=letsencrypt + - PERMIT_DOCKER=none + - ONE_DIR=1 + - ENABLE_POSTGREY=1 + - ENABLE_CLAMAV=1 + - ENABLE_SPAMASSASSIN=1 + - SPOOF_PROTECTION=1 + - ENABLE_MANAGESIEVE=1 + healthcheck: + test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1" + timeout: 3s + retries: 0 + networks: + - proxy + labels: + - "traefik.enable=true" + - "traefik.tcp.routers.smtp.rule=HostSNI(`*`)" + - "traefik.tcp.routers.smtp.entrypoints=smtp" + - "traefik.tcp.routers.smtp.service=smtp" + - "traefik.tcp.services.smtp.loadbalancer.server.port=25" + - "traefik.tcp.services.smtp.loadbalancer.proxyProtocol.version=1" + - "traefik.tcp.routers.smtp-ssl.rule=HostSNI(`*`)" + - "traefik.tcp.routers.smtp-ssl.tls=false" + - "traefik.tcp.routers.smtp-ssl.entrypoints=smtp-ssl" + - "traefik.tcp.routers.smtp-ssl.service=smtp-ssl" + - "traefik.tcp.services.smtp-ssl.loadbalancer.server.port=465" + - "traefik.tcp.services.smtp-ssl.loadbalancer.proxyProtocol.version=1" + - "traefik.tcp.routers.imap-ssl.rule=HostSNI(`*`)" + - "traefik.tcp.routers.imap-ssl.entrypoints=imap-ssl" + - "traefik.tcp.routers.imap-ssl.service=imap-ssl" + - "traefik.tcp.services.imap-ssl.loadbalancer.server.port=10993" + - "traefik.tcp.services.imap-ssl.loadbalancer.proxyProtocol.version=2" + - "traefik.tcp.routers.sieve.rule=HostSNI(`*`)" + - "traefik.tcp.routers.sieve.entrypoints=sieve" + - "traefik.tcp.routers.sieve.service=sieve" + - "traefik.tcp.services.sieve.loadbalancer.server.port=4190" +