Introduction of docer-mailserver behind traefik.

2022-09-15 05:32:12 +02:00
parent f911c7e4fe
commit 1f662126a4
2 changed files with 84 additions and 0 deletions
--- a/mail/docker-compose.yaml
+++ b/mail/docker-compose.yaml
@@ -0,0 +1,76 @@
+version: "3.8"
+
+networks:
+  proxy:
+    external: true
+  mail:
+    name: mail
+    external: false
+
+volumes:
+  letsencrypt:
+    external: true
+  mail-data:
+    name: mail-data
+  mail-state:
+    name: mail-stat
+  mail-logs:
+    name: mail-logs
+  mail-config:
+    name: mail-config
+
+services:
+  mailserver:
+    image: mailserver/docker-mailserver:latest
+    container_name: mailserver
+    hostname: mail
+    domainname: steinle-computer.de
+    volumes:
+      - mail-data:/var/mail/
+      - mail-state:/var/mail-state/
+      - mail-logs:/var/log/mail/
+      - mail-config:/tmp/docker-mailserver/
+      - letsencrypt:/etc/letsencrypt/
+    restart: always
+    stop_grace_period: 1m
+    cap_add:
+      - NET_ADMIN
+    environment:
+      - ENABLE_FAIL2BAN=1
+      - SSL_TYPE=letsencrypt
+      - PERMIT_DOCKER=none
+      - ONE_DIR=1
+      - ENABLE_POSTGREY=1
+      - ENABLE_CLAMAV=1
+      - ENABLE_SPAMASSASSIN=1
+      - SPOOF_PROTECTION=1
+      - ENABLE_MANAGESIEVE=1
+    healthcheck:
+      test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1"
+      timeout: 3s
+      retries: 0
+    networks:
+       - proxy
+    labels:
+      - "traefik.enable=true"
+      - "traefik.tcp.routers.smtp.rule=HostSNI(`*`)"
+      - "traefik.tcp.routers.smtp.entrypoints=smtp"
+      - "traefik.tcp.routers.smtp.service=smtp"
+      - "traefik.tcp.services.smtp.loadbalancer.server.port=25"
+      - "traefik.tcp.services.smtp.loadbalancer.proxyProtocol.version=1"
+      - "traefik.tcp.routers.smtp-ssl.rule=HostSNI(`*`)"
+      - "traefik.tcp.routers.smtp-ssl.tls=false"
+      - "traefik.tcp.routers.smtp-ssl.entrypoints=smtp-ssl"
+      - "traefik.tcp.routers.smtp-ssl.service=smtp-ssl"
+      - "traefik.tcp.services.smtp-ssl.loadbalancer.server.port=465"
+      - "traefik.tcp.services.smtp-ssl.loadbalancer.proxyProtocol.version=1"
+      - "traefik.tcp.routers.imap-ssl.rule=HostSNI(`*`)"
+      - "traefik.tcp.routers.imap-ssl.entrypoints=imap-ssl"
+      - "traefik.tcp.routers.imap-ssl.service=imap-ssl"
+      - "traefik.tcp.services.imap-ssl.loadbalancer.server.port=10993"
+      - "traefik.tcp.services.imap-ssl.loadbalancer.proxyProtocol.version=2"
+      - "traefik.tcp.routers.sieve.rule=HostSNI(`*`)"
+      - "traefik.tcp.routers.sieve.entrypoints=sieve"
+      - "traefik.tcp.routers.sieve.service=sieve"
+      - "traefik.tcp.services.sieve.loadbalancer.server.port=4190"
+