2021-05-23 21:35:49 +00:00
|
|
|
version: "3.8"
|
2020-10-05 22:02:20 +00:00
|
|
|
|
|
|
|
x-environment:
|
|
|
|
&default-env
|
2023-09-01 15:34:52 +00:00
|
|
|
- FRONT_ADDRESS=${STACK_NAME}_app
|
2020-10-05 22:02:20 +00:00
|
|
|
- ADMIN
|
|
|
|
- ANTIVIRUS
|
2023-09-04 13:51:33 +00:00
|
|
|
- API
|
2023-09-01 18:39:22 +00:00
|
|
|
- API_TOKEN
|
2023-03-12 21:20:24 +00:00
|
|
|
- AUTH_RATELIMIT_IP
|
|
|
|
- MESSAGE_RATELIMIT
|
2020-10-05 22:02:20 +00:00
|
|
|
- COMPOSE_PROJECT_NAME
|
|
|
|
- COMPRESSION
|
|
|
|
- COMPRESSION_LEVEL
|
|
|
|
- DB_FLAVOR
|
|
|
|
- DISABLE_STATISTICS
|
|
|
|
- DMARC_RUA
|
|
|
|
- DMARC_RUF
|
|
|
|
- DOCKER_CONTEXT
|
|
|
|
- DOMAIN
|
2023-12-04 15:44:36 +00:00
|
|
|
- FETCHMAIL_ENABLED
|
2020-10-05 22:02:20 +00:00
|
|
|
- FETCHMAIL_DELAY
|
|
|
|
- FULL_TEXT_SEARCH
|
|
|
|
- HOSTNAMES
|
|
|
|
- LETS_ENCRYPT_ENV
|
|
|
|
- LOG_DRIVER
|
|
|
|
- LOG_LEVEL
|
|
|
|
- MESSAGE_SIZE_LIMIT
|
2023-03-12 21:20:24 +00:00
|
|
|
- CREDENTIAL_ROUNDS
|
2020-10-05 22:02:20 +00:00
|
|
|
- POSTMASTER
|
|
|
|
- REAL_IP_FROM
|
|
|
|
- REAL_IP_HEADER
|
|
|
|
- RECIPIENT_DELIMITER
|
2023-09-24 17:52:33 +00:00
|
|
|
- REDIS_ADDRESS=db
|
2020-10-05 22:02:20 +00:00
|
|
|
- REJECT_UNLISTED_RECIPIENT
|
|
|
|
- RELAYHOST
|
|
|
|
- RELAYNETS
|
2023-09-24 17:52:19 +00:00
|
|
|
- SECRET_KEY_FILE=/run/secrets/secret_key
|
2020-10-05 22:02:20 +00:00
|
|
|
- SITENAME
|
2023-09-24 17:52:33 +00:00
|
|
|
- SUBNET=192.168.203.0/24
|
2020-10-05 22:02:20 +00:00
|
|
|
- TLS_CERT_FILENAME
|
|
|
|
- TLS_FLAVOR
|
|
|
|
- TLS_KEYPAIR_FILENAME
|
|
|
|
- WEB_ADMIN
|
|
|
|
- WEBDAV
|
|
|
|
- WEBMAIL
|
|
|
|
- WEBROOT_REDIRECT
|
|
|
|
- WEBSITE
|
|
|
|
- WEB_WEBMAIL
|
2023-09-04 13:51:33 +00:00
|
|
|
- WEB_API=/api
|
2020-10-05 22:02:20 +00:00
|
|
|
- WELCOME
|
|
|
|
- WELCOME_BODY
|
|
|
|
- WELCOME_SUBJECT
|
2023-03-12 21:20:24 +00:00
|
|
|
- TZ
|
2020-10-05 22:02:20 +00:00
|
|
|
|
|
|
|
services:
|
2021-10-14 22:05:49 +00:00
|
|
|
app:
|
2023-11-27 12:46:28 +00:00
|
|
|
image: ghcr.io/mailu/nginx:2.0.34
|
2020-10-05 22:02:20 +00:00
|
|
|
logging:
|
|
|
|
driver: json-file
|
|
|
|
networks:
|
|
|
|
- proxy
|
2020-10-20 11:01:45 +00:00
|
|
|
- default
|
2020-10-05 22:02:20 +00:00
|
|
|
environment: *default-env
|
|
|
|
ports:
|
|
|
|
- target: 25
|
|
|
|
published: 25
|
2020-10-20 11:01:45 +00:00
|
|
|
mode: host
|
2020-10-05 22:02:20 +00:00
|
|
|
- target: 465
|
|
|
|
published: 465
|
2020-10-20 11:01:45 +00:00
|
|
|
mode: host
|
|
|
|
- target: 587
|
|
|
|
published: 587
|
|
|
|
mode: host
|
2020-10-05 22:02:20 +00:00
|
|
|
- target: 110
|
|
|
|
published: 110
|
2020-10-20 11:01:45 +00:00
|
|
|
mode: host
|
2020-10-05 22:02:20 +00:00
|
|
|
- target: 995
|
|
|
|
published: 995
|
2020-10-20 11:01:45 +00:00
|
|
|
mode: host
|
2020-10-05 22:02:20 +00:00
|
|
|
- target: 143
|
|
|
|
published: 143
|
2020-10-20 11:01:45 +00:00
|
|
|
mode: host
|
2020-10-05 22:02:20 +00:00
|
|
|
- target: 993
|
|
|
|
published: 993
|
2020-10-20 11:01:45 +00:00
|
|
|
mode: host
|
2020-10-05 22:02:20 +00:00
|
|
|
volumes:
|
|
|
|
- "certs:/certs"
|
2023-09-24 17:52:19 +00:00
|
|
|
secrets:
|
|
|
|
- secret_key
|
2020-10-05 22:02:20 +00:00
|
|
|
deploy:
|
|
|
|
labels:
|
|
|
|
- "traefik.enable=true"
|
|
|
|
- "traefik.docker.network=proxy"
|
|
|
|
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
|
2023-09-24 17:52:33 +00:00
|
|
|
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
|
2020-10-05 22:02:20 +00:00
|
|
|
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
|
|
|
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
2023-11-27 12:46:28 +00:00
|
|
|
- "coop-cloud.${STACK_NAME}.version=1.1.0+2.0.34"
|
2023-09-01 15:34:52 +00:00
|
|
|
|
2020-10-05 22:02:20 +00:00
|
|
|
db:
|
2023-11-27 12:46:28 +00:00
|
|
|
image: redis:7.2.3-alpine
|
2020-10-05 22:02:20 +00:00
|
|
|
volumes:
|
|
|
|
- "redis:/data"
|
|
|
|
|
|
|
|
admin:
|
2023-11-27 12:46:28 +00:00
|
|
|
image: ghcr.io/mailu/admin:2.0.34
|
2020-10-05 22:02:20 +00:00
|
|
|
environment: *default-env
|
|
|
|
healthcheck:
|
|
|
|
disable: true
|
2023-09-24 17:52:19 +00:00
|
|
|
secrets:
|
|
|
|
- secret_key
|
2020-10-05 22:02:20 +00:00
|
|
|
volumes:
|
|
|
|
- "dkim:/dkim"
|
|
|
|
- "mailu:/data"
|
2023-09-01 15:34:52 +00:00
|
|
|
networks:
|
|
|
|
- default
|
2020-10-05 22:02:20 +00:00
|
|
|
|
|
|
|
imap:
|
2023-11-27 12:46:28 +00:00
|
|
|
image: ghcr.io/mailu/dovecot:2.0.34
|
2020-10-05 22:02:20 +00:00
|
|
|
environment: *default-env
|
2023-09-24 17:52:19 +00:00
|
|
|
secrets:
|
|
|
|
- secret_key
|
2020-10-05 22:02:20 +00:00
|
|
|
volumes:
|
|
|
|
- "mail:/mail"
|
|
|
|
healthcheck:
|
|
|
|
disable: true
|
2023-09-01 15:34:52 +00:00
|
|
|
depends_on:
|
|
|
|
- app
|
|
|
|
networks:
|
|
|
|
- default
|
2020-10-05 22:02:20 +00:00
|
|
|
|
|
|
|
smtp:
|
2023-11-27 12:46:28 +00:00
|
|
|
image: ghcr.io/mailu/postfix:2.0.34
|
2020-10-05 22:02:20 +00:00
|
|
|
environment: *default-env
|
2023-09-24 17:52:19 +00:00
|
|
|
secrets:
|
|
|
|
- secret_key
|
2020-10-05 22:02:20 +00:00
|
|
|
volumes:
|
|
|
|
- "mailqueue:/queue"
|
|
|
|
healthcheck:
|
|
|
|
disable: true
|
2023-09-01 15:34:52 +00:00
|
|
|
depends_on:
|
|
|
|
- app
|
2020-10-05 22:02:20 +00:00
|
|
|
|
|
|
|
antispam:
|
2023-11-27 12:46:28 +00:00
|
|
|
image: ghcr.io/mailu/rspamd:2.0.34
|
2020-10-05 22:02:20 +00:00
|
|
|
environment: *default-env
|
2023-09-24 17:52:19 +00:00
|
|
|
secrets:
|
|
|
|
- secret_key
|
2020-10-05 22:02:20 +00:00
|
|
|
volumes:
|
|
|
|
- "rspamd:/var/lib/rspamd"
|
|
|
|
- "dkim:/dkim:ro"
|
|
|
|
healthcheck:
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
webmail:
|
2023-11-27 12:46:28 +00:00
|
|
|
image: ghcr.io/mailu/webmail:2.0.34
|
2020-10-05 22:02:20 +00:00
|
|
|
environment: *default-env
|
2023-03-12 21:20:24 +00:00
|
|
|
networks:
|
|
|
|
- default
|
2020-10-05 22:02:20 +00:00
|
|
|
volumes:
|
|
|
|
- "webmail:/data"
|
2023-09-24 17:52:19 +00:00
|
|
|
secrets:
|
|
|
|
- secret_key
|
2020-10-05 22:02:20 +00:00
|
|
|
deploy:
|
|
|
|
replicas: 1
|
|
|
|
healthcheck:
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
certdumper:
|
2023-09-04 14:22:57 +00:00
|
|
|
image: ldez/traefik-certs-dumper:v2.8.1
|
2020-10-05 22:02:20 +00:00
|
|
|
entrypoint: sh -c '
|
|
|
|
apk add jq
|
2023-09-23 00:42:04 +00:00
|
|
|
; while ! [ -e /traefik/${ACME_JSON} ]
|
|
|
|
|| ! [ `jq ".production.Certificates | length" /traefik/${ACME_JSON}` != 0 ]; do
|
2020-10-05 22:02:20 +00:00
|
|
|
sleep 1
|
|
|
|
; done
|
2023-09-23 00:42:04 +00:00
|
|
|
&& traefik-certs-dumper file --watch --source /traefik/${ACME_JSON}
|
|
|
|
--dest /output --domain-subdir=true --version v2
|
|
|
|
--post-hook "sh /usr/bin/certdumper_post.sh"'
|
2020-10-05 22:02:20 +00:00
|
|
|
environment:
|
2023-09-24 17:52:33 +00:00
|
|
|
- DOMAIN=$DOMAIN
|
2020-10-05 22:02:20 +00:00
|
|
|
volumes:
|
|
|
|
# Folder, which contains the acme.json
|
2023-09-04 14:16:35 +00:00
|
|
|
- type: volume
|
|
|
|
read_only: true
|
|
|
|
source: traefik_letsencrypt
|
|
|
|
target: "/traefik"
|
2020-10-05 22:02:20 +00:00
|
|
|
# Folder, where cert.pem and key.pem will be written
|
|
|
|
- "certs:/output"
|
|
|
|
configs:
|
|
|
|
- source: certdumper_post
|
|
|
|
target: /usr/bin/certdumper_post.sh
|
|
|
|
mode: 0555
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
mailu:
|
|
|
|
rspamd:
|
|
|
|
dkim:
|
|
|
|
webmail:
|
|
|
|
redis:
|
|
|
|
mail:
|
|
|
|
certs:
|
|
|
|
mailqueue:
|
|
|
|
traefik_letsencrypt:
|
2023-09-04 14:16:35 +00:00
|
|
|
name: "${TRAEFIK_STACK_NAME}_letsencrypt"
|
2020-10-05 22:02:20 +00:00
|
|
|
external: true
|
|
|
|
|
|
|
|
networks:
|
|
|
|
default:
|
|
|
|
driver: overlay
|
|
|
|
ipam:
|
|
|
|
driver: default
|
|
|
|
config:
|
|
|
|
- subnet: 192.168.203.0/24
|
|
|
|
proxy:
|
|
|
|
external: true
|
|
|
|
|
|
|
|
configs:
|
|
|
|
certdumper_post:
|
|
|
|
name: ${STACK_NAME}_certdumper_post_${CERTDUMPER_POST_VERSION}
|
|
|
|
file: certdumper_post.sh
|
2023-09-24 17:52:19 +00:00
|
|
|
|
|
|
|
secrets:
|
|
|
|
secret_key:
|
|
|
|
external: true
|
|
|
|
name: ${STACK_NAME}_secret_key_${SECRET_SECRET_KEY_VERSION}
|