Mailcow: Remove any traces of IPv6.
In the Kata container pod that is used to run Mailcow, ip6tables fails
with messages such as:
ipv6nat-mailcow_1 running [/sbin/ip6tables -t filter -S --wait]: exit status 3: ip6tables v1.8.4 (legacy): can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
ipv6nat-mailcow_1 Perhaps ip6tables or your kernel needs to be upgraded.
This is causing the Netfilter service to fail, breaking fail2ban.
diff --git a/mailcow/src/mailcow-dockerized/docker-compose.yml b/mailcow/src/mailcow-dockerized/docker-compose.yml
index ff1e5eb..72c8a20 100644
--- a/mailcow/src/mailcow-dockerized/docker-compose.yml
+++ b/mailcow/src/mailcow-dockerized/docker-compose.yml
@@ -382,7 +382,7 @@
- acme
netfilter-mailcow:
- image: mailcow/netfilter:1.38
+ build: ./data/Dockerfiles/netfilter
stop_grace_period: 30s
depends_on:
- dovecot-mailcow
@@ -517,36 +517,6 @@
aliases:
- olefy
- ipv6nat-mailcow:
- depends_on:
- - unbound-mailcow
- - mysql-mailcow
- - redis-mailcow
- - clamd-mailcow
- - rspamd-mailcow
- - php-fpm-mailcow
- - sogo-mailcow
- - dovecot-mailcow
- - postfix-mailcow
- - memcached-mailcow
- - nginx-mailcow
- - acme-mailcow
- - netfilter-mailcow
- - watchdog-mailcow
- - dockerapi-mailcow
- - solr-mailcow
- environment:
- - TZ=${TZ}
- image: robbertkl/ipv6nat
- security_opt:
- - label=disable
- restart: always
- privileged: true
- network_mode: "host"
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock:ro
- - /lib/modules:/lib/modules:ro
-
networks:
mailcow-network:
driver: bridge