Gitiles
Code Review Sign In
gerrit.benkard.de / kubeia / 0794a064a81c790c124c9605b68e2c3fcb7dfcf0 / . / mailcow / src / mailcow-dockerized / docker-compose.yml
blob: f94581490bc61a0985999dbb42fb973587d91c0d [file] [log] [blame]
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]1version: '2.1'
2services:
3
4 unbound-mailcow:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]5 image: mailcow/unbound:1.13
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]6 environment:
7 - TZ=${TZ}
8 volumes:
9 - ./data/hooks/unbound:/hooks:Z
10 - ./data/conf/unbound/unbound.conf:/etc/unbound/unbound.conf:ro,Z
11 restart: always
12 tty: true
13 networks:
14 mailcow-network:
15 ipv4_address: ${IPV4_NETWORK:-172.22.1}.254
16 aliases:
17 - unbound
18
19 mysql-mailcow:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]20 image: mariadb:10.5
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]21 depends_on:
22 - unbound-mailcow
23 stop_grace_period: 45s
24 volumes:
25 - mysql-vol-1:/var/lib/mysql/:Z
26 - mysql-socket-vol-1:/var/run/mysqld/:z
27 - ./data/conf/mysql/:/etc/mysql/conf.d/:ro,Z
28 environment:
29 - TZ=${TZ}
30 - MYSQL_ROOT_PASSWORD=${DBROOT}
31 - MYSQL_DATABASE=${DBNAME}
32 - MYSQL_USER=${DBUSER}
33 - MYSQL_PASSWORD=${DBPASS}
34 - MYSQL_INITDB_SKIP_TZINFO=1
35 restart: always
36 ports:
37 - "${SQL_PORT:-127.0.0.1:13306}:3306"
38 networks:
39 mailcow-network:
40 aliases:
41 - mysql
42
43 redis-mailcow:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]44 image: redis:6-alpine
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]45 volumes:
46 - redis-vol-1:/data/:Z
47 restart: always
48 ports:
49 - "${REDIS_PORT:-127.0.0.1:7654}:6379"
50 environment:
51 - TZ=${TZ}
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]52 sysctls:
53 - net.core.somaxconn=4096
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]54 networks:
55 mailcow-network:
56 ipv4_address: ${IPV4_NETWORK:-172.22.1}.249
57 aliases:
58 - redis
59
60 clamd-mailcow:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]61 image: mailcow/clamd:1.40
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]62 restart: always
63 dns:
64 - ${IPV4_NETWORK:-172.22.1}.254
65 environment:
66 - TZ=${TZ}
67 - SKIP_CLAMD=${SKIP_CLAMD:-n}
68 volumes:
69 - ./data/conf/clamav/:/etc/clamav/:Z
70 networks:
71 mailcow-network:
72 aliases:
73 - clamd
74
75 rspamd-mailcow:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]76 image: mailcow/rspamd:1.77
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]77 stop_grace_period: 30s
78 depends_on:
79 - dovecot-mailcow
80 environment:
81 - TZ=${TZ}
82 - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
83 - IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
84 - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
85 - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
86 volumes:
87 - ./data/hooks/rspamd:/hooks:Z
88 - ./data/conf/rspamd/custom/:/etc/rspamd/custom:z
89 - ./data/conf/rspamd/override.d/:/etc/rspamd/override.d:Z
90 - ./data/conf/rspamd/local.d/:/etc/rspamd/local.d:Z
91 - ./data/conf/rspamd/plugins.d/:/etc/rspamd/plugins.d:Z
92 - ./data/conf/rspamd/lua/:/etc/rspamd/lua/:ro,Z
93 - ./data/conf/rspamd/rspamd.conf.local:/etc/rspamd/rspamd.conf.local:Z
94 - ./data/conf/rspamd/rspamd.conf.override:/etc/rspamd/rspamd.conf.override:Z
95 - rspamd-vol-1:/var/lib/rspamd:z
96 restart: always
97 hostname: rspamd
98 dns:
99 - ${IPV4_NETWORK:-172.22.1}.254
100 networks:
101 mailcow-network:
102 aliases:
103 - rspamd
104
105 php-fpm-mailcow:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]106 image: mailcow/phpfpm:1.76
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]107 command: "php-fpm -d date.timezone=${TZ} -d expose_php=0"
108 depends_on:
109 - redis-mailcow
110 volumes:
111 - ./data/hooks/phpfpm:/hooks:Z
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]112 - ./data/web:/web:z
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]113 - ./data/conf/rspamd/dynmaps:/dynmaps:ro,z
114 - ./data/conf/rspamd/custom/:/rspamd_custom_maps:z
115 - rspamd-vol-1:/var/lib/rspamd:z
116 - mysql-socket-vol-1:/var/run/mysqld/:z
117 - ./data/conf/sogo/:/etc/sogo/:z
118 - ./data/conf/rspamd/meta_exporter:/meta_exporter:ro,z
119 - ./data/conf/phpfpm/sogo-sso/:/etc/sogo-sso/:z
120 - ./data/conf/phpfpm/php-fpm.d/pools.conf:/usr/local/etc/php-fpm.d/z-pools.conf:Z
121 - ./data/conf/phpfpm/php-conf.d/opcache-recommended.ini:/usr/local/etc/php/conf.d/opcache-recommended.ini:Z
122 - ./data/conf/phpfpm/php-conf.d/upload.ini:/usr/local/etc/php/conf.d/upload.ini:Z
123 - ./data/conf/phpfpm/php-conf.d/other.ini:/usr/local/etc/php/conf.d/zzz-other.ini:Z
124 - ./data/conf/dovecot/global_sieve_before:/global_sieve/before:z
125 - ./data/conf/dovecot/global_sieve_after:/global_sieve/after:z
126 - ./data/assets/templates:/tpls:z
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]127 - ./data/conf/nginx/:/etc/nginx/conf.d/:z
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]128 dns:
129 - ${IPV4_NETWORK:-172.22.1}.254
130 environment:
131 - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
132 - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
133 - LOG_LINES=${LOG_LINES:-9999}
134 - TZ=${TZ}
135 - DBNAME=${DBNAME}
136 - DBUSER=${DBUSER}
137 - DBPASS=${DBPASS}
138 - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
139 - MAILCOW_PASS_SCHEME=${MAILCOW_PASS_SCHEME:-BLF-CRYPT}
140 - IMAP_PORT=${IMAP_PORT:-143}
141 - IMAPS_PORT=${IMAPS_PORT:-993}
142 - POP_PORT=${POP_PORT:-110}
143 - POPS_PORT=${POPS_PORT:-995}
144 - SIEVE_PORT=${SIEVE_PORT:-4190}
145 - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
146 - IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
147 - SUBMISSION_PORT=${SUBMISSION_PORT:-587}
148 - SMTPS_PORT=${SMTPS_PORT:-465}
149 - SMTP_PORT=${SMTP_PORT:-25}
150 - API_KEY=${API_KEY:-invalid}
151 - API_KEY_READ_ONLY=${API_KEY_READ_ONLY:-invalid}
152 - API_ALLOW_FROM=${API_ALLOW_FROM:-invalid}
153 - COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized}
154 - SKIP_SOLR=${SKIP_SOLR:-y}
155 - SKIP_CLAMD=${SKIP_CLAMD:-n}
156 - SKIP_SOGO=${SKIP_SOGO:-n}
157 - ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
158 - MASTER=${MASTER:-y}
159 restart: always
160 networks:
161 mailcow-network:
162 aliases:
163 - phpfpm
164
165 sogo-mailcow:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]166 image: mailcow/sogo:1.101
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]167 environment:
168 - DBNAME=${DBNAME}
169 - DBUSER=${DBUSER}
170 - DBPASS=${DBPASS}
171 - TZ=${TZ}
172 - LOG_LINES=${LOG_LINES:-9999}
173 - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
174 - MAILCOW_PASS_SCHEME=${MAILCOW_PASS_SCHEME:-BLF-CRYPT}
175 - ACL_ANYONE=${ACL_ANYONE:-disallow}
176 - ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
177 - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
178 - SOGO_EXPIRE_SESSION=${SOGO_EXPIRE_SESSION:-480}
179 - SKIP_SOGO=${SKIP_SOGO:-n}
180 - MASTER=${MASTER:-y}
181 - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
182 - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
183 dns:
184 - ${IPV4_NETWORK:-172.22.1}.254
185 volumes:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]186 - ./data/hooks/sogo:/hooks:Z
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]187 - ./data/conf/sogo/:/etc/sogo/:z
188 - ./data/web/inc/init_db.inc.php:/init_db.inc.php:Z
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]189 - ./data/conf/sogo/custom-favicon.ico:/usr/lib/GNUstep/SOGo/WebServerResources/img/sogo.ico:z
190 - ./data/conf/sogo/custom-theme.js:/usr/lib/GNUstep/SOGo/WebServerResources/js/theme.js:z
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]191 - ./data/conf/sogo/custom-sogo.js:/usr/lib/GNUstep/SOGo/WebServerResources/js/custom-sogo.js:z
192 - mysql-socket-vol-1:/var/run/mysqld/:z
193 - sogo-web-vol-1:/sogo_web:z
194 - sogo-userdata-backup-vol-1:/sogo_backup:Z
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]195 labels:
196 ofelia.enabled: "true"
197 ofelia.job-exec.sogo_sessions.schedule: "@every 1m"
198 ofelia.job-exec.sogo_sessions.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-tool expire-sessions $${SOGO_EXPIRE_SESSION} || exit 0\""
199 ofelia.job-exec.sogo_ealarms.schedule: "@every 1m"
200 ofelia.job-exec.sogo_ealarms.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-ealarms-notify -p /etc/sogo/sieve.creds || exit 0\""
201 ofelia.job-exec.sogo_eautoreply.schedule: "@every 24h"
202 ofelia.job-exec.sogo_eautoreply.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-tool update-autoreply -p /etc/sogo/sieve.creds || exit 0\""
203 ofelia.job-exec.sogo_backup.schedule: "@every 24h"
204 ofelia.job-exec.sogo_backup.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-tool backup /sogo_backup ALL || exit 0\""
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]205 restart: always
206 networks:
207 mailcow-network:
208 ipv4_address: ${IPV4_NETWORK:-172.22.1}.248
209 aliases:
210 - sogo
211
212 dovecot-mailcow:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]213 image: mailcow/dovecot:1.155
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]214 depends_on:
215 - mysql-mailcow
216 dns:
217 - ${IPV4_NETWORK:-172.22.1}.254
218 cap_add:
219 - NET_BIND_SERVICE
220 volumes:
221 - ./data/hooks/dovecot:/hooks:Z
222 - ./data/conf/dovecot:/etc/dovecot:z
223 - ./data/assets/ssl:/etc/ssl/mail/:ro,z
224 - ./data/conf/sogo/:/etc/sogo/:z
225 - ./data/conf/phpfpm/sogo-sso/:/etc/phpfpm/:z
226 - vmail-vol-1:/var/vmail:Z
227 - vmail-index-vol-1:/var/vmail_index:Z
228 - crypt-vol-1:/mail_crypt/:z
229 - ./data/conf/rspamd/custom/:/etc/rspamd/custom:z
230 - ./data/assets/templates:/templates:z
231 - rspamd-vol-1:/var/lib/rspamd:z
232 - mysql-socket-vol-1:/var/run/mysqld/:z
233 environment:
234 - DOVECOT_MASTER_USER=${DOVECOT_MASTER_USER:-}
235 - DOVECOT_MASTER_PASS=${DOVECOT_MASTER_PASS:-}
236 - LOG_LINES=${LOG_LINES:-9999}
237 - DBNAME=${DBNAME}
238 - DBUSER=${DBUSER}
239 - DBPASS=${DBPASS}
240 - TZ=${TZ}
241 - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
242 - MAILCOW_PASS_SCHEME=${MAILCOW_PASS_SCHEME:-BLF-CRYPT}
243 - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
244 - ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
245 - MAILDIR_GC_TIME=${MAILDIR_GC_TIME:-1440}
246 - ACL_ANYONE=${ACL_ANYONE:-disallow}
247 - SKIP_SOLR=${SKIP_SOLR:-y}
248 - MAILDIR_SUB=${MAILDIR_SUB:-}
249 - MASTER=${MASTER:-y}
250 - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
251 - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
252 - COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized}
253 ports:
254 - "${DOVEADM_PORT:-127.0.0.1:19991}:12345"
255 - "${IMAP_PORT:-143}:143"
256 - "${IMAPS_PORT:-993}:993"
257 - "${POP_PORT:-110}:110"
258 - "${POPS_PORT:-995}:995"
259 - "${SIEVE_PORT:-4190}:4190"
260 restart: always
261 tty: true
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]262 labels:
263 ofelia.enabled: "true"
264 ofelia.job-exec.dovecot_imapsync_runner.schedule: "@every 1m"
265 ofelia.job-exec.dovecot_imapsync_runner.no-overlap: "true"
266 ofelia.job-exec.dovecot_imapsync_runner.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu nobody /usr/local/bin/imapsync_runner.pl || exit 0\""
267 ofelia.job-exec.dovecot_trim_logs.schedule: "@every 1m"
268 ofelia.job-exec.dovecot_trim_logs.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu vmail /usr/local/bin/trim_logs.sh || exit 0\""
269 ofelia.job-exec.dovecot_quarantine.schedule: "@every 20m"
270 ofelia.job-exec.dovecot_quarantine.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu vmail /usr/local/bin/quarantine_notify.py || exit 0\""
271 ofelia.job-exec.dovecot_clean_q_aged.schedule: "@every 24h"
272 ofelia.job-exec.dovecot_clean_q_aged.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu vmail /usr/local/bin/clean_q_aged.sh || exit 0\""
273 ofelia.job-exec.dovecot_maildir_gc.schedule: "@every 30m"
274 ofelia.job-exec.dovecot_maildir_gc.command: "/bin/bash -c \"source /source_env.sh ; /usr/local/bin/gosu vmail /usr/local/bin/maildir_gc.sh\""
275 ofelia.job-exec.dovecot_sarules.schedule: "@every 24h"
276 ofelia.job-exec.dovecot_sarules.command: "/bin/bash -c \"/usr/local/bin/sa-rules.sh\""
277 ofelia.job-exec.dovecot_fts.schedule: "@every 24h"
278 ofelia.job-exec.dovecot_fts.command: "/usr/bin/curl http://solr:8983/solr/dovecot-fts/update?optimize=true"
279 ofelia.job-exec.dovecot_repl_health.schedule: "@every 5m"
280 ofelia.job-exec.dovecot_repl_health.command: "/bin/bash -c \"/usr/local/bin/gosu vmail /usr/local/bin/repl_health.sh\""
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]281 ulimits:
282 nproc: 65535
283 nofile:
284 soft: 20000
285 hard: 40000
286 networks:
287 mailcow-network:
288 ipv4_address: ${IPV4_NETWORK:-172.22.1}.250
289 aliases:
290 - dovecot
291
292 postfix-mailcow:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]293 image: mailcow/postfix:1.65
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]294 depends_on:
295 - mysql-mailcow
296 volumes:
297 - ./data/hooks/postfix:/hooks:Z
298 - ./data/conf/postfix:/opt/postfix/conf:z
299 - ./data/assets/ssl:/etc/ssl/mail/:ro,z
300 - postfix-vol-1:/var/spool/postfix:z
301 - crypt-vol-1:/var/lib/zeyple:z
302 - rspamd-vol-1:/var/lib/rspamd:z
303 - mysql-socket-vol-1:/var/run/mysqld/:z
304 environment:
305 - LOG_LINES=${LOG_LINES:-9999}
306 - TZ=${TZ}
307 - DBNAME=${DBNAME}
308 - DBUSER=${DBUSER}
309 - DBPASS=${DBPASS}
310 - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
311 - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
312 - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
313 cap_add:
314 - NET_BIND_SERVICE
315 ports:
316 - "${SMTP_PORT:-25}:25"
317 - "${SMTPS_PORT:-465}:465"
318 - "${SUBMISSION_PORT:-587}:587"
319 restart: always
320 dns:
321 - ${IPV4_NETWORK:-172.22.1}.254
322 networks:
323 mailcow-network:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]324 ipv4_address: ${IPV4_NETWORK:-172.22.1}.253
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]325 aliases:
326 - postfix
327
328 memcached-mailcow:
329 image: memcached:alpine
330 restart: always
331 environment:
332 - TZ=${TZ}
333 networks:
334 mailcow-network:
335 aliases:
336 - memcached
337
338 nginx-mailcow:
339 depends_on:
340 - sogo-mailcow
341 - php-fpm-mailcow
342 - redis-mailcow
Matthias Andreas Benkardd2337bf2021-08-12 21:45:20 +0200[diff] [blame]343 image: nginx:1.19-alpine
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]344 dns:
345 - ${IPV4_NETWORK:-172.22.1}.254
346 command: /bin/sh -c "envsubst < /etc/nginx/conf.d/templates/listen_plain.template > /etc/nginx/conf.d/listen_plain.active &&
347 envsubst < /etc/nginx/conf.d/templates/listen_ssl.template > /etc/nginx/conf.d/listen_ssl.active &&
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]348 envsubst < /etc/nginx/conf.d/templates/sogo.template > /etc/nginx/conf.d/sogo.active &&
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]349 . /etc/nginx/conf.d/templates/server_name.template.sh > /etc/nginx/conf.d/server_name.active &&
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]350 . /etc/nginx/conf.d/templates/sites.template.sh > /etc/nginx/conf.d/sites.active &&
351 . /etc/nginx/conf.d/templates/sogo_eas.template.sh > /etc/nginx/conf.d/sogo_eas.active &&
352 nginx -qt &&
353 until ping phpfpm -c1 > /dev/null; do sleep 1; done &&
354 until ping sogo -c1 > /dev/null; do sleep 1; done &&
355 until ping redis -c1 > /dev/null; do sleep 1; done &&
356 until ping rspamd -c1 > /dev/null; do sleep 1; done &&
357 exec nginx -g 'daemon off;'"
358 environment:
359 - HTTPS_PORT=${HTTPS_PORT:-443}
360 - HTTP_PORT=${HTTP_PORT:-80}
361 - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
362 - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
363 - TZ=${TZ}
364 - SKIP_SOGO=${SKIP_SOGO:-n}
365 - ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]366 - ADDITIONAL_SERVER_NAMES=${ADDITIONAL_SERVER_NAMES:-}
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]367 volumes:
368 - ./data/web:/web:ro,z
369 - ./data/conf/rspamd/dynmaps:/dynmaps:ro,z
370 - ./data/assets/ssl/:/etc/ssl/mail/:ro,z
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]371 - ./data/conf/nginx/:/etc/nginx/conf.d/:z
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]372 - ./data/conf/rspamd/meta_exporter:/meta_exporter:ro,z
373 - sogo-web-vol-1:/usr/lib/GNUstep/SOGo/:z
374 ports:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]375 - "${HTTPS_BIND:-:}:${HTTPS_PORT:-443}:${HTTPS_PORT:-443}"
376 - "${HTTP_BIND:-:}:${HTTP_PORT:-80}:${HTTP_PORT:-80}"
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]377 restart: always
378 networks:
379 mailcow-network:
380 aliases:
381 - nginx
382
383 acme-mailcow:
384 depends_on:
385 - nginx-mailcow
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]386 image: mailcow/acme:1.79
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]387 dns:
388 - ${IPV4_NETWORK:-172.22.1}.254
389 environment:
390 - LOG_LINES=${LOG_LINES:-9999}
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]391 - ACME_CONTACT=${ACME_CONTACT:-}
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]392 - ADDITIONAL_SAN=${ADDITIONAL_SAN}
393 - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
394 - DBNAME=${DBNAME}
395 - DBUSER=${DBUSER}
396 - DBPASS=${DBPASS}
397 - SKIP_LETS_ENCRYPT=${SKIP_LETS_ENCRYPT:-n}
398 - COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized}
399 - DIRECTORY_URL=${DIRECTORY_URL:-}
400 - ENABLE_SSL_SNI=${ENABLE_SSL_SNI:-n}
401 - SKIP_IP_CHECK=${SKIP_IP_CHECK:-n}
402 - SKIP_HTTP_VERIFICATION=${SKIP_HTTP_VERIFICATION:-n}
403 - ONLY_MAILCOW_HOSTNAME=${ONLY_MAILCOW_HOSTNAME:-n}
404 - LE_STAGING=${LE_STAGING:-n}
405 - TZ=${TZ}
406 - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
407 - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
408 - SNAT_TO_SOURCE=${SNAT_TO_SOURCE:-n}
409 - SNAT6_TO_SOURCE=${SNAT6_TO_SOURCE:-n}
410 volumes:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]411 - ./data/web/.well-known/acme-challenge:/var/www/acme:z
412 - ./data/assets/ssl:/var/lib/acme/:z
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]413 - ./data/assets/ssl-example:/var/lib/ssl-example/:ro,Z
414 - mysql-socket-vol-1:/var/run/mysqld/:z
415 restart: always
416 networks:
417 mailcow-network:
418 aliases:
419 - acme
420
421 netfilter-mailcow:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]422 image: mailcow/netfilter:1.43
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]423 stop_grace_period: 30s
424 depends_on:
425 - dovecot-mailcow
426 - postfix-mailcow
427 - sogo-mailcow
428 - php-fpm-mailcow
429 - redis-mailcow
430 restart: always
431 privileged: true
432 environment:
433 - TZ=${TZ}
434 - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
435 - IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
436 - SNAT_TO_SOURCE=${SNAT_TO_SOURCE:-n}
437 - SNAT6_TO_SOURCE=${SNAT6_TO_SOURCE:-n}
438 - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
439 - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
440 network_mode: "host"
441 volumes:
442 - /lib/modules:/lib/modules:ro
443
444 watchdog-mailcow:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]445 image: mailcow/watchdog:1.92
Matthias Andreas Benkarda8468162021-01-02 11:12:15 +0100[diff] [blame]446 # Debug
447 #command: /watchdog.sh
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]448 dns:
449 - ${IPV4_NETWORK:-172.22.1}.254
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]450 tmpfs:
451 - /tmp
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]452 volumes:
453 - rspamd-vol-1:/var/lib/rspamd:z
454 - mysql-socket-vol-1:/var/run/mysqld/:z
455 - postfix-vol-1:/var/spool/postfix:z
456 - ./data/assets/ssl:/etc/ssl/mail/:ro,z
457 restart: always
458 environment:
459 - IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
460 - LOG_LINES=${LOG_LINES:-9999}
461 - TZ=${TZ}
462 - DBNAME=${DBNAME}
463 - DBUSER=${DBUSER}
464 - DBPASS=${DBPASS}
465 - DBROOT=${DBROOT}
466 - USE_WATCHDOG=${USE_WATCHDOG:-n}
467 - WATCHDOG_NOTIFY_EMAIL=${WATCHDOG_NOTIFY_EMAIL}
468 - WATCHDOG_NOTIFY_BAN=${WATCHDOG_NOTIFY_BAN:-y}
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]469 - WATCHDOG_SUBJECT=${WATCHDOG_SUBJECT:-Watchdog ALERT}
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]470 - WATCHDOG_EXTERNAL_CHECKS=${WATCHDOG_EXTERNAL_CHECKS:-n}
471 - WATCHDOG_MYSQL_REPLICATION_CHECKS=${WATCHDOG_MYSQL_REPLICATION_CHECKS:-n}
472 - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
473 - COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized}
474 - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
475 - IP_BY_DOCKER_API=${IP_BY_DOCKER_API:-0}
476 - CHECK_UNBOUND=${CHECK_UNBOUND:-1}
477 - SKIP_CLAMD=${SKIP_CLAMD:-n}
478 - SKIP_LETS_ENCRYPT=${SKIP_LETS_ENCRYPT:-n}
479 - SKIP_SOGO=${SKIP_SOGO:-n}
480 - HTTPS_PORT=${HTTPS_PORT:-443}
481 - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
482 - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
483 - EXTERNAL_CHECKS_THRESHOLD=${EXTERNAL_CHECKS_THRESHOLD:-1}
484 - NGINX_THRESHOLD=${NGINX_THRESHOLD:-5}
485 - UNBOUND_THRESHOLD=${UNBOUND_THRESHOLD:-5}
486 - REDIS_THRESHOLD=${REDIS_THRESHOLD:-5}
487 - MYSQL_THRESHOLD=${MYSQL_THRESHOLD:-5}
488 - MYSQL_REPLICATION_THRESHOLD=${MYSQL_REPLICATION_THRESHOLD:-1}
489 - SOGO_THRESHOLD=${SOGO_THRESHOLD:-3}
490 - POSTFIX_THRESHOLD=${POSTFIX_THRESHOLD:-8}
491 - CLAMD_THRESHOLD=${CLAMD_THRESHOLD:-15}
492 - DOVECOT_THRESHOLD=${DOVECOT_THRESHOLD:-12}
493 - DOVECOT_REPL_THRESHOLD=${DOVECOT_REPL_THRESHOLD:-20}
494 - PHPFPM_THRESHOLD=${PHPFPM_THRESHOLD:-5}
495 - RATELIMIT_THRESHOLD=${RATELIMIT_THRESHOLD:-1}
496 - FAIL2BAN_THRESHOLD=${FAIL2BAN_THRESHOLD:-1}
497 - ACME_THRESHOLD=${ACME_THRESHOLD:-1}
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]498 - RSPAMD_THRESHOLD=${RSPAMD_THRESHOLD:-5}
499 - OLEFY_THRESHOLD=${OLEFY_THRESHOLD:-5}
500 - MAILQ_THRESHOLD=${MAILQ_THRESHOLD:-20}
501 - MAILQ_CRIT=${MAILQ_CRIT:-30}
502 networks:
503 mailcow-network:
504 aliases:
505 - watchdog
506
507 dockerapi-mailcow:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]508 image: mailcow/dockerapi:1.38
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]509 security_opt:
510 - label=disable
511 restart: always
512 oom_kill_disable: true
513 dns:
514 - ${IPV4_NETWORK:-172.22.1}.254
515 environment:
516 - DBROOT=${DBROOT}
517 - TZ=${TZ}
518 volumes:
519 - /var/run/docker.sock:/var/run/docker.sock:ro
520 networks:
521 mailcow-network:
522 aliases:
523 - dockerapi
524
525 solr-mailcow:
526 image: mailcow/solr:1.7
527 restart: always
528 volumes:
529 - solr-vol-1:/opt/solr/server/solr/dovecot-fts/data:Z
530 ports:
531 - "${SOLR_PORT:-127.0.0.1:18983}:8983"
532 environment:
533 - TZ=${TZ}
534 - SOLR_HEAP=${SOLR_HEAP:-1024}
535 - SKIP_SOLR=${SKIP_SOLR:-y}
536 networks:
537 mailcow-network:
538 aliases:
539 - solr
540
541 olefy-mailcow:
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]542 image: mailcow/olefy:1.7
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]543 restart: always
544 environment:
545 - TZ=${TZ}
546 - OLEFY_BINDADDRESS=0.0.0.0
547 - OLEFY_BINDPORT=10055
548 - OLEFY_TMPDIR=/tmp
549 - OLEFY_PYTHON_PATH=/usr/bin/python3
550 - OLEFY_OLEVBA_PATH=/usr/bin/olevba3
551 - OLEFY_LOGLVL=20
552 - OLEFY_MINLENGTH=500
553 - OLEFY_DEL_TMP=1
554 networks:
555 mailcow-network:
556 aliases:
557 - olefy
558
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]559 ofelia-mailcow:
560 image: mcuadros/ofelia:latest
561 restart: always
562 command: daemon --docker
563 - TZ=${TZ}
564 depends_on:
565 - sogo-mailcow
566 - dovecot-mailcow
567 labels:
568 ofelia.enabled: "true"
569 volumes:
570 - /var/run/docker.sock:/var/run/docker.sock:ro
571 networks:
572 mailcow-network:
573 aliases:
574 - ofelia
575
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]576networks:
577 mailcow-network:
578 driver: bridge
579 driver_opts:
580 com.docker.network.bridge.name: br-mailcow
Matthias Andreas Benkardc55bfae2021-01-02 07:35:21 +0100[diff] [blame]581 enable_ipv6: false
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]582 ipam:
583 driver: default
584 config:
585 - subnet: ${IPV4_NETWORK:-172.22.1}.0/24
586 - subnet: ${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
587
588volumes:
589 vmail-vol-1:
590 vmail-index-vol-1:
591 mysql-vol-1:
592 mysql-socket-vol-1:
593 redis-vol-1:
594 rspamd-vol-1:
595 solr-vol-1:
596 postfix-vol-1:
597 crypt-vol-1:
598 sogo-web-vol-1:
599 sogo-userdata-backup-vol-1: