forked from RainLoop/rainloop-webmail
-
-
Notifications
You must be signed in to change notification settings - Fork 128
/
docker-compose.yml
151 lines (143 loc) · 4.39 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
#
# Note: Before starting, ensure you run gulp once, to generate static assets in ./snappymail/v/0.0.0/static/css and ./snappymail/v/0.0.0/static/js
#
version: '3.0'
services:
# Generate self-signed certs
# See: https://docker-mailserver.github.io/docker-mailserver/latest/config/security/ssl/#self-signed-certificates
step-ca:
image: smallstep/step-ca:latest
working_dir: /certs
volumes:
- certs:/certs
entrypoint:
- /bin/sh
user: 0:0
command:
- -c
- |
set -eu
if [ ! -d demoCA ]; then
mkdir -p demoCA
step certificate create "Smallstep Root CA" "demoCA/cacert.pem" "demoCA/cakey.pem" \
--no-password --insecure \
--profile root-ca \
--not-before "2021-01-01T00:00:00+00:00" \
--not-after "2031-01-01T00:00:00+00:00" \
--san "example.com" \
--san "mail.example.com" \
--kty RSA --size 2048
step certificate create "Smallstep Leaf" mail.example.com-cert.pem mail.example.com-key.pem \
--no-password --insecure \
--profile leaf \
--ca "demoCA/cacert.pem" \
--ca-key "demoCA/cakey.pem" \
--not-before "2021-01-01T00:00:00+00:00" \
--not-after "2031-01-01T00:00:00+00:00" \
--san "example.com" \
--san "mail.example.com" \
--san "imap.example.com" \
--san "smtp.example.com" \
--kty RSA --size 2048
fi
# Mail server
# See: https://docker-mailserver.github.io/docker-mailserver/latest
# Add an account: echo 'test' | docker exec -i $( docker-compose ps -q docker-mailserver ) setup email add [email protected]
docker-mailserver:
image: docker.io/mailserver/docker-mailserver:12
domainname: mail.example.com
environment:
- ENABLE_SPAMASSASSIN=0
- ENABLE_CLAMAV=0
- ENABLE_FAIL2BAN=0
- ENABLE_POSTGREY=0
- ENABLE_MANAGESIEVE=1
- ONE_DIR=1
- DMS_DEBUG=0
- POSTFIX_INET_PROTOCOLS=ipv4
- DOVECOT_INET_PROTOCOLS=ipv4
- SSL_TYPE=manual
- SSL_CERT_PATH=/certs/mail.example.com-cert.pem
- SSL_KEY_PATH=/certs/mail.example.com-key.pem
volumes:
- certs:/certs
- dms-mail-data:/var/mail
- dms-mail-state:/var/mail-state
- dms-mail-logs:/var/log/mail
- dms-config:/tmp/docker-mailserver
networks:
default:
aliases:
- example.com
- mail.example.com
- imap.example.com
- smtp.example.com
depends_on:
step-ca:
condition: service_completed_successfully
entrypoint:
- /bin/sh
command:
- -c
- |
set -eu
echo "Trusting demoCA certificate"
cp -v /certs/demoCA/cacert.pem /usr/local/share/ca-certificates/cacert.crt # Debian expects certs to end with .crt
update-ca-certificates
exec supervisord -c /etc/supervisor/supervisord.conf
# Snappymail: http://localhost:8888
# Admin panel: http://localhost:8888/?admin
# Get the Admin Panel password: docker exec -it $( docker-compose ps -q snappymail ) cat /var/lib/snappymail/_data_/_default_/admin_password.txt
snappymail:
build:
dockerfile: ./.docker/release/Dockerfile
context: .
# environment:
# - DEBUG=true
volumes:
- certs:/certs:ro
- ./snappymail:/snappymail/snappymail:ro
- ./index.php:/snappymail/index.php:ro
- snappymail:/var/lib/snappymail
ports:
- 8888:8888
networks:
- default
depends_on:
step-ca:
condition: service_completed_successfully
db:
condition: service_started
entrypoint:
- /bin/sh
command:
- -c
- |
set -eu
echo "Trusting demoCA certificate"
cp -v /certs/demoCA/cacert.pem /usr/local/share/ca-certificates/
update-ca-certificates
exec /entrypoint.sh
# MySQL database
db:
image: mysql:5.7
restart: always
environment:
- MYSQL_ROOT_PASSWORD=root
- MYSQL_USER=snappymail
- MYSQL_PASSWORD=snappymail
- MYSQL_DATABASE=snappymail
volumes:
- mysql:/var/lib/mysql
networks:
- default
volumes:
certs:
dms-mail-data:
dms-mail-state:
dms-mail-logs:
dms-config:
snappymail:
mysql:
networks:
default: