WIP: trying mailserver

2025-01-23 05:12:20 +01:00 · 2022-11-05 15:00:31 +01:00 · 2022-11-05 15:00:31 +01:00 · f95536338b
commit f95536338b
parent b7f215d3bf
5 changed files with 93 additions and 15 deletions
--- a/14
+++ b/14
@ -0,0 +1,14 @@
 FROM alpine
 MAINTAINER Lieuwe Leene
 ARG SSL_ALGO=secp521r1
 RUN apk update && \
  apk add --no-cache openssl && \
  rm -rf /var/cache/apk/*
 COPY ./mail/certs /certs
 RUN openssl ecparam -name ${SSL_ALGO} -genkey | openssl pkey -out /certs/ecprivkey.pem && \
    openssl pkey -in /certs/ecprivkey.pem -pubout -out /certs/ecpubkey.pem
--- a/config/mail/10-custom.conf
+++ b/config/mail/10-custom.conf
@ -0,0 +1,7 @@
 # Enables mail_crypt for all services (imap, pop3, etc)
 mail_plugins = $mail_plugins mail_crypt
 plugin {
  mail_crypt_global_private_key = </certs/ecprivkey.pem
  mail_crypt_global_public_key = </certs/ecpubkey.pem
  mail_crypt_save_version = 2
 }
--- a/config/pg-init-scripts/init_db.sh
+++ b/config/pg-init-scripts/init_db.sh
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -2,7 +2,7 @@ version: "3.8"
 networks:
  internalnet:
-    external: false
+
 x-mail: &defaults
  env_file: local.env
@ -23,20 +23,29 @@ services:
    volumes:
      - type: bind
        source: ./pgsql
-        target: /var/lib/postgresql/data
+        target: /var/lib/postgresql/data:z
-      - ./pg-init-scripts:/docker-entrypoint-initdb.d
+      - ./config/pg-init-scripts:/docker-entrypoint-initdb.d
    restart: always
    ports:
      - "5432:5432"
  adminer:
    <<: *defaults
    image: adminer
    restart: always
    depends_on:
      - database
    ports:
      - "8080:8080"
  roundcubemail:
    <<: *defaults
    image: roundcube/roundcubemail:latest-fpm
    container_name: roundcube
    depends_on:
-      - roundcubedb
+      - database
    links:
-      - roundcubedb
+      - database
    ports:
      - 9000:9000
    volumes:
@ -44,6 +53,7 @@ services:
  mailserver:
    build: .
    <<: *defaults
    image: docker.io/mailserver/docker-mailserver:latest
    container_name: mailserver
@ -55,23 +65,48 @@ services:
      - "587:587"
      - "993:993"
    volumes:
-      - ./mail/mail-data/:/var/mail/
+      - ./mail/letsencrypt:/etc/letsencrypt:z
-      - ./mail/mail-state/:/var/mail-state/
+      - ./mail/mail-data/:/var/mail/:z
-      - ./mail/mail-logs/:/var/log/mail/
+      - ./mail/mail-state/:/var/mail-state/:z
-      - ./mail/config/:/tmp/docker-mailserver/
+      - ./mail/mail-logs/:/var/log/mail/:z
      - ./mail/config/:/tmp/docker-mailserver/:z
      - ./mail/certs/:/certs:z
      - /etc/localtime:/etc/localtime:ro
    cap_add:
      - NET_ADMIN
    depends_on:
      - ddnsgd
    restart: always
-
+  reverse-proxy:
  adminer:
    <<: *defaults
-    image: adminer
+    image: nginxproxy/nginx-proxy
    container_name: nginx-proxy
    restart: always
    depends_on:
      - database
    ports:
-      - "8080:8080"
+      - "80:80"
      - "443:443"
    volumes:
      - ./nginx/conf/:/etc/nginx/conf.d:z
      - ./nginx/html/:/usr/share/nginx/html/:z
      - ./nginx/vhost/:/etc/nginx/vhost.d/:z
      - ./nginx/certs/:/etc/nginx/certs/:ro
      - ./nginx/dhparam:/etc/nginx/dhparam:z
      - /var/run/docker.sock:/tmp/docker.sock:ro
    depends_on:
      - ddnsgd
  acme-companion:
    <<: *defaults
    image: nginxproxy/acme-companion
    container_name: nginx-proxy-acme
    restart: always
    volumes_from:
      - reverse-proxy
    volumes:
      - ./nginx/certs/:/etc/nginx/certs/:rw
      - ./nginx/acme-state/:/etc/acme.sh/:z
      - /var/run/docker.sock:/var/run/docker.sock:ro
    depends_on:
      - ddnsgd
--- a/local.env
+++ b/local.env
@ -1,3 +1,5 @@
 DEBUG=1
 DOCKER_HOST_ROOTLESS_PATH=/run/user/1000/docker.sock
 ## Google Dynamic DNS
@ -8,13 +10,23 @@ PASSWORD="Enl0rRgqBsZPVupA"
 ## Mail Server Env
 POSTFIX_INET_PROTOCOLS=ipv4
 TZ=NL
 ENABLE_SPAMASSASSIN=1
 SPAMASSASSIN_SPAM_TO_INBOX=1
 ENABLE_CLAMAV=1
 ENABLE_DNSBL=1
 ENABLE_FAIL2BAN=1
 ENABLE_POSTGREY=1
 ENABLE_SASLAUTHD=0
 ONE_DIR=1
 TLS_LEVEL=modern
 POSTMASTER_ADDRESS=admin@leene.dev
 ENABLE_UPDATE_CHECK=1
 SSL_TYPE=letsencrypt
 VIRTUAL_HOST=mail.zathura.leene.dev
 LETSENCRYPT_HOST=mail.zathura.leene.dev
 ## SQL Server Env
@ -33,3 +45,13 @@ ROUNDCUBEMAIL_DB_PASSWORD=hear397sew
 ROUNDCUBEMAIL_SKIN=elastic
 ROUNDCUBEMAIL_DEFAULT_HOST=tls://mail.zathura.leene.dev
 ROUNDCUBEMAIL_SMTP_SERVER=tls://mail.zathura.leene.dev
 ## NGINX Reverse Proxy
 NGINX_PROXY_CONTAINER=nginx-proxy
 LETSENCRYPT_TEST=true
 LETSENCRYPT_RESTART_CONTAINER=true
 DEFAULT_EMAIL=lieuwe@leene.dev
 NGINX_HOST=zathura.leene.dev
 NGINX_PHP_CGI=roundcubemail:9000