coop-cloud/roundcube
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
roundcube/compose.yml

127 lines
4.1 KiB
YAML
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

services:
app:
image: roundcube/roundcubemail:${ROUNDCUBE_VERSION:-1.6.11-apache}
# Use Coop-Cloud wrapper entrypoint to resolve _FILE envs
environment:
# IMAP/SMTP pulled from .env
ROUNDCUBEMAIL_DEFAULT_HOST: ${ROUNDCUBEMAIL_DEFAULT_HOST}
ROUNDCUBEMAIL_DEFAULT_PORT: ${ROUNDCUBEMAIL_DEFAULT_PORT}
ROUNDCUBEMAIL_SMTP_SERVER: ${ROUNDCUBEMAIL_SMTP_SERVER}
ROUNDCUBEMAIL_SMTP_PORT: ${ROUNDCUBEMAIL_SMTP_PORT}
# Database (production default: MariaDB)
ROUNDCUBEMAIL_DB_TYPE: mysql
ROUNDCUBEMAIL_DB_HOST: db
ROUNDCUBEMAIL_DB_USER: ${MYSQL_USER}
ROUNDCUBEMAIL_DB_NAME: ${MYSQL_DATABASE}
# We keep *_FILE for secrets; our entrypoint resolves it to ROUNDCUBEMAIL_DB_PASSWORD
ROUNDCUBEMAIL_DB_PASSWORD_FILE: /run/secrets/db_password
# Optional tuning
ROUNDCUBEMAIL_SKIN: ${ROUNDCUBEMAIL_SKIN}
ROUNDCUBEMAIL_PLUGINS: ${ROUNDCUBEMAIL_PLUGINS}
ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE: ${ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE}
ROUNDCUBEMAIL_SPELLCHECK_URI: ${ROUNDCUBEMAIL_SPELLCHECK_URI}
secrets:
- db_password
volumes:
- html:/var/www/html
- config:/var/roundcube/config
# Mount the wrapper entrypoint as a config (read-only)
configs:
- source: app_entrypoint
target: /custom-entrypoint.sh
mode: 0555
entrypoint: /custom-entrypoint.sh
networks:
- proxy
- internal
deploy:
restart_policy:
condition: on-failure
labels:
- "traefik.enable=true"
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
# Redirect from EXTRA_DOMAINS to DOMAIN
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
# Redirect HTTP to HTTPS
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectscheme.scheme=https"
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectscheme.permanent=true"
- "coop-cloud.${STACK_NAME}.version=0.1.0+1.6.11-apache"
# Backups
- "backupbot.backup=true"
- "backupbot.backup.path=/var/www/html /var/roundcube/config"
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost/"]
interval: 30s
timeout: 10s
retries: 10
start_period: 1m
db:
image: mariadb:${MARIADB_VERSION:-10.11}
command: >
--character-set-server=utf8mb4
--collation-server=utf8mb4_unicode_ci
environment:
MYSQL_DATABASE: ${MYSQL_DATABASE}
MYSQL_USER: ${MYSQL_USER}
MYSQL_PASSWORD_FILE: /run/secrets/db_password
MYSQL_ROOT_PASSWORD_FILE: /run/secrets/db_root_password
volumes:
- mariadb:/var/lib/mysql
networks:
- internal
deploy:
restart_policy:
condition: on-failure
labels:
- "backupbot.backup=true"
- "backupbot.backup.pre-hook=mysqldump --single-transaction -u root -p\"$$(cat /run/secrets/db_root_password)\" ${MYSQL_DATABASE} > /var/lib/mysql/backup.sql"
- "backupbot.backup.volumes.mariadb.path=backup.sql"
- "backupbot.restore.post-hook=mariadb -u root -p\"$$(cat /run/secrets/db_root_password)\" ${MYSQL_DATABASE} < /var/lib/mysql/backup.sql"
secrets:
- db_password
- db_root_password
healthcheck:
test: ["CMD-SHELL", "mysqladmin ping -h 127.0.0.1 -uroot -p$$(cat /run/secrets/db_root_password) --silent"]
interval: 20s
timeout: 5s
retries: 10
start_period: 40s
configs:
app_entrypoint:
name: ${STACK_NAME}_entrypoint_${APP_ENTRYPOINT_VERSION}
file: entrypoint.sh.tmpl
template_driver: golang
volumes:
html:
config:
mariadb:
networks:
proxy:
external: true
internal:
secrets:
db_password:
external: true
name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
db_root_password:
external: true
name: ${STACK_NAME}_db_root_password_${SECRET_DB_ROOT_PASSWORD_VERSION}
Reference in New Issue View Git Blame Copy Permalink