networks: proxy: external: true mail: name: mail external: false volumes: letsencrypt: external: true mail-data: name: mail-data mail-state: name: mail-stat mail-logs: name: mail-logs mail-config: name: mail-config roundcube-config: name: roundcube-config roundcube-db: name: roundcube-db rainloop: name: rainloop services: mailserver: image: mailserver/docker-mailserver:latest container_name: mailserver hostname: mail domainname: steinle-computer.de volumes: - mail-data:/var/mail/ - mail-state:/var/mail-state/ - mail-logs:/var/log/mail/ - mail-config:/tmp/docker-mailserver/ - letsencrypt:/etc/letsencrypt/ restart: always stop_grace_period: 1m cap_add: - NET_ADMIN environment: - ENABLE_FAIL2BAN=1 - SSL_TYPE=letsencrypt - PERMIT_DOCKER=mail - ONE_DIR=1 - ENABLE_POSTGREY=1 - ENABLE_CLAMAV=1 - ENABLE_SPAMASSASSIN=1 - SPOOF_PROTECTION=1 - ENABLE_MANAGESIEVE=1 - POSTFIX_MESSAGE_SIZE_LIMIT=40960000 healthcheck: test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1" timeout: 3s retries: 1 networks: - proxy - mail labels: - "traefik.enable=true" - "traefik.tcp.routers.smtp.rule=HostSNI(`*`)" - "traefik.tcp.routers.smtp.entrypoints=smtp" - "traefik.tcp.routers.smtp.service=smtp" - "traefik.tcp.services.smtp.loadbalancer.server.port=25" - "traefik.tcp.services.smtp.loadbalancer.proxyProtocol.version=1" - "traefik.tcp.routers.smtp-ssl.rule=HostSNI(`*`)" - "traefik.tcp.routers.smtp-ssl.tls=false" - "traefik.tcp.routers.smtp-ssl.entrypoints=smtp-ssl" - "traefik.tcp.routers.smtp-ssl.service=smtp-ssl" - "traefik.tcp.services.smtp-ssl.loadbalancer.server.port=465" - "traefik.tcp.services.smtp-ssl.loadbalancer.proxyProtocol.version=1" - "traefik.tcp.routers.imap-ssl.rule=HostSNI(`*`)" - "traefik.tcp.routers.imap-ssl.entrypoints=imap-ssl" - "traefik.tcp.routers.imap-ssl.service=imap-ssl" - "traefik.tcp.services.imap-ssl.loadbalancer.server.port=10993" - "traefik.tcp.services.imap-ssl.loadbalancer.proxyProtocol.version=2" - "traefik.tcp.routers.sieve.rule=HostSNI(`*`)" - "traefik.tcp.routers.sieve.entrypoints=sieve" - "traefik.tcp.routers.sieve.service=sieve" - "traefik.tcp.services.sieve.loadbalancer.server.port=4190" roundcube: image: roundcube/roundcubemail:latest-apache container_name: roundcube hostname: roundcube domainname: steinle-computer.de dns: - '8.8.8.8' environment: - ROUNDCUBEMAIL_DEFAULT_HOST=ssl://mail.steinle-computer.de - ROUNDCUBEMAIL_DEFAULT_PORT=993 - ROUNDCUBEMAIL_SMTP_SERVER=tls://mail.steinle-computer.de - ROUNDCUBEMAIL_SMTP_PORT=465 - ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE=30M - ROUNDCUBEMAIL_DB_TYPE=mysql - ROUNDCUBEMAIL_DB_HOST=roundcube-db - ROUNDCUBEMAIL_DB_PORT=3306 - ROUNDCUBEMAIL_DB_USER=roundcube - ROUNDCUBEMAIL_DB_PASSWORD=6mqqZP4pSKnbxF8HQYGrb6fnyQw4Bf - ROUNDCUBEMAIL_DB_NAME=roundcube restart: unless-stopped volumes: - roundcube-config:/var/roundcube/config - letsencrypt:/etc/letsencrypt/ networks: - proxy - mail labels: - "traefik.enable=true" - "traefik.http.routers.roundcube.rule=Host(`webmail.steinle-computer.de`)" - "traefik.http.routers.roundcube.entrypoints=web" - "traefik.http.routers.roundcube.middlewares=roundcube" - "traefik.http.middlewares.roundcube.redirectscheme.scheme=https" - "traefik.http.routers.roundcube-secure.rule=Host(`webmail.steinle-computer.de`)" - "traefik.http.routers.roundcube-secure.entrypoints=websecure" - "traefik.http.routers.roundcube-secure.tls=true" - "traefik.http.routers.roundcube-secure.tls.certresolver=cs" - "traefik.http.routers.roundcube-secure.service=roundcube-secure" - "traefik.http.services.roundcube-secure.loadbalancer.server.port=80" roundcube-db: image: mysql:8 container_name: roundcube-db hostname: roundcube-db restart: unless-stopped environment: MYSQL_ROOT_PASSWORD: 6mqqZP4pSKnbxF8HQYGrb6fnyQw4Bf MYSQL_USER: roundcube MYSQL_PASSWORD: 6mqqZP4pSKnbxF8HQYGrb6fnyQw4Bf MYSQL_DATABASE: roundcube volumes: - roundcube-db:/var/lib/mysql networks: - mail healthcheck: test: ["CMD-SHELL", "mysqladmin ping -uroundcube -p6mqqZP4pSKnbxF8HQYGrb6fnyQw4Bf"]