lieuwe/dockerconfig
1
0
Fork 0
mirror of https://github.com/lleene/dockerconfig.git synced 2025-01-23 05:12:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Working Draft

Browse Source
This commit is contained in:
Lieuwe Leene 2022-11-12 16:54:48 +01:00
parent 273cb5f829
commit dde53d3452
6 changed files with 80 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
config/mail/10-custom.conf
View File

@ -1,7 +1,7 @@
# Enables mail_crypt for all services (imap, pop3, etc) # Enables mail_crypt for all services (imap, pop3, etc)
mail_plugins = $mail_plugins mail_crypt mail_plugins = $mail_plugins mail_crypt
plugin { plugin {
mail_crypt_global_private_key = </certs/ecprivkey.pem mail_crypt_global_private_key = </etc/letsencrypt/live/ecprivkey.pem
mail_crypt_global_public_key = </certs/ecpubkey.pem mail_crypt_global_public_key = </etc/letsencrypt/live/ecpubkey.pem
mail_crypt_save_version = 2 mail_crypt_save_version = 2
} }

6
Dockerfile → config/mail/Dockerfile
View File

@ -8,7 +8,7 @@ RUN apk update && \
apk add --no-cache openssl && \ apk add --no-cache openssl && \
rm -rf /var/cache/apk/* rm -rf /var/cache/apk/*
COPY ./mail/certs /certs RUN mkdir -p /etc/letsencrypt/live
RUN openssl ecparam -name ${SSL_ALGO} -genkey | openssl pkey -out /certs/ecprivkey.pem && \ RUN openssl ecparam -name ${SSL_ALGO} -genkey | openssl pkey -out /etc/letsencrypt/live/ecprivkey.pem && \
openssl pkey -in /certs/ecprivkey.pem -pubout -out /certs/ecpubkey.pem openssl pkey -in /etc/letsencrypt/live/ecprivkey.pem -pubout -out /etc/letsencrypt/live/ecpubkey.pem

17
config/nginx/default.conf
View File

@ -1,17 +0,0 @@
server {
index index.php index.html;
server_name php-docker.local;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
root /var/www/html;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass ${NGINX_PHP_CGI};
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}

27
config/nginx/zathura.leene.dev_location Normal file
View File

@ -0,0 +1,27 @@
root /var/www/html/roundcubemail;
index index.php index.html index.htm;
client_max_body_size 128M;
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_keep_conn on;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass zathura.leene.dev;
fastcgi_index index.php;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
deny all;
}
location ~ ^/(bin|SQL)/ {
deny all;
}

73
docker-compose.yaml
View File

@ -12,24 +12,17 @@ x-mail: &defaults
- internalnet - internalnet
services: services:
ddnsgd:
<<: *defaults
container_name: "ddnsgd"
image: "ghcr.io/dominickbrasileiro/ddnsgd"
restart: "always"
pgsqlserver: pgsqlserver:
<<: *defaults <<: *defaults
container_name: pgsqlserver container_name: pgsqlserver
image: postgres:15 image: postgres:15
volumes: volumes:
- type: bind - sql_data:/var/lib/postgresql/data/:z
source: ./pgsql - ./config/pg-init-scripts:/docker-entrypoint-initdb.d:ro
target: /var/lib/postgresql/data:z
- ./config/pg-init-scripts:/docker-entrypoint-initdb.d:z
restart: always restart: always
ports: expose:
- "5432:5432" - "5432"
roundcubemail: roundcubemail:
<<: *defaults <<: *defaults
@ -37,17 +30,20 @@ services:
container_name: roundcubemail container_name: roundcubemail
environment: environment:
- ROUNDCUBEMAIL_DB_HOST=pgsqlserver - ROUNDCUBEMAIL_DB_HOST=pgsqlserver
- VIRTUAL_HOST=zathura.leene.dev
- LETSENCRYPT_HOST=zathura.leene.dev
- LETSENCRYPT_EMAIL=admin@zathura.leene.dev
depends_on: depends_on:
- pgsqlserver - pgsqlserver
links: links:
- pgsqlserver - pgsqlserver
ports: expose:
- "9000:9000" - "9000"
volumes: volumes:
- ./nginx/html/:/var/www/html/:z - nginx_html/roundcubemail:/var/www/html
mailserver: mailserver:
build: . build: ./config/mail
<<: *defaults <<: *defaults
image: mailserver/docker-mailserver:latest image: mailserver/docker-mailserver:latest
container_name: mailserver container_name: mailserver
@ -59,40 +55,43 @@ services:
- "587:587" - "587:587"
- "993:993" - "993:993"
volumes: volumes:
- ./nginx/certs/:/etc/letsencrypt/live/:z - nginx_certs:/etc/letsencrypt/live/
- ./mail/mail-data/:/var/mail/:z - mail_data:/var/mail/:z
- ./mail/mail-state/:/var/mail-state/:z - mail_state:/var/mail-state/:z
- ./mail/mail-logs/:/var/log/mail/:z - mail_config:/tmp/docker-mailserver/:z
- ./mail/config/:/tmp/docker-mailserver/:z
- ./nginx/certs/:/certs/:z
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN
depends_on: depends_on:
- ddnsgd - ddnsgd
restart: always restart: always
reverse-proxy: reverse-proxy:
<<: *defaults <<: *defaults
image: nginxproxy/nginx-proxy image: nginxproxy/nginx-proxy
container_name: nginx-proxy container_name: nginx-proxy
environment:
- NGINX_PHP_CGI=roundcubemail:9000
restart: always restart: always
ports: ports:
- "80:80" - "80:80"
- "443:443" - "443:443"
volumes: volumes:
- ./nginx/conf/:/etc/nginx/conf.d:z - nginx_dhparam:/etc/nginx/dhparam:z
- ./nginx/html/:/usr/share/nginx/html/:z - nginx_certs:/etc/nginx/certs/:z
- ./nginx/vhost/:/etc/nginx/vhost.d/:z - nginx_conf:/etc/nginx/conf.d/:z
- ./nginx/certs/:/etc/nginx/certs/:z - nginx_vhost:/etc/nginx/vhost.d/:z
- ./nginx/dhparam:/etc/nginx/dhparam:z - nginx_html:/usr/share/nginx/html/:z
- ./config/nginx/zathura.leene.dev_location:/etc/nginx/vhost.d/zathura.leene.dev_location:ro
- /var/run/docker.sock:/tmp/docker.sock:z - /var/run/docker.sock:/tmp/docker.sock:z
depends_on: depends_on:
- ddnsgd - ddnsgd
ddnsgd:
<<: *defaults
container_name: "ddnsgd"
image: "ghcr.io/dominickbrasileiro/ddnsgd"
restart: "always"
acme-companion: acme-companion:
<<: *defaults <<: *defaults
image: nginxproxy/acme-companion image: nginxproxy/acme-companion
@ -101,8 +100,20 @@ services:
volumes_from: volumes_from:
- reverse-proxy - reverse-proxy
volumes: volumes:
- ./nginx/certs/:/etc/nginx/certs/:z - acme-state:/etc/acme.sh
- ./nginx/acme-state/:/etc/acme.sh/:z
- /var/run/docker.sock:/var/run/docker.sock:z - /var/run/docker.sock:/var/run/docker.sock:z
depends_on: depends_on:
- ddnsgd - ddnsgd
build: ./config/nginx
volumes:
sql_data:
acme-state:
nginx_certs:
nginx_dhparam:
nginx_html:
nginx_conf:
nginx_vhost:
mail_data:
mail_config:
mail_state:

14
local.env
View File

@ -7,12 +7,11 @@ PASSWORD="Enl0rRgqBsZPVupA"
## Docker Env ## Docker Env
DEBUG=1
PERMIT_DOCKER=network PERMIT_DOCKER=network
## Google Dynamic DNS ## Google Dynamic DNS
INTERVAL=30 INTERVAL=900
HOSTNAME="zathura.leene.dev" HOSTNAME="zathura.leene.dev"
## Mail Server Env ## Mail Server Env
@ -32,8 +31,7 @@ POSTMASTER_ADDRESS=admin@leene.dev
ENABLE_UPDATE_CHECK=1 ENABLE_UPDATE_CHECK=1
SSL_TYPE=letsencrypt SSL_TYPE=letsencrypt
VIRTUAL_HOST=zathura.leene.dev,mail.zathura.leene.dev,git.zathura.leene.dev
LETSENCRYPT_HOST=zathura.leene.dev,mail.zathura.leene.dev,git.zathura.leene.dev
## SQL Server Env ## SQL Server Env
@ -47,13 +45,13 @@ ROUNDCUBEMAIL_DB_TYPE=pgsql
ROUNDCUBEMAIL_DB_NAME=roundcube ROUNDCUBEMAIL_DB_NAME=roundcube
ROUNDCUBEMAIL_DB_USER=roundcube ROUNDCUBEMAIL_DB_USER=roundcube
ROUNDCUBEMAIL_SKIN=elastic ROUNDCUBEMAIL_SKIN=elastic
ROUNDCUBEMAIL_DEFAULT_HOST=tls://mail.zathura.leene.dev ROUNDCUBEMAIL_DEFAULT_HOST=tls://zathura.leene.dev
ROUNDCUBEMAIL_SMTP_SERVER=tls://mail.zathura.leene.dev ROUNDCUBEMAIL_SMTP_SERVER=tls://zathura.leene.dev
ROUNDCUBEMAIL_ASPELL_DICTS=en
## NGINX Reverse Proxy ## NGINX Reverse Proxy
NGINX_HOST=zathura.leene.dev NGINX_HOST=zathura.leene.dev
NGINX_PROXY_CONTAINER=nginx-proxy NGINX_PROXY_CONTAINER=nginx-proxy
LETSENCRYPT_TEST=true
LETSENCRYPT_RESTART_CONTAINER=true LETSENCRYPT_RESTART_CONTAINER=true
DEFAULT_EMAIL=lieuwe@leene.dev DEFAULT_EMAIL=lieuwe@leene.dev