paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Move dkim data, vmail and dbs to volumes, changed README

master
andryyy 2016-12-17 20:31:59 +01:00
parent 70fec52fd4
commit 7ef70e4c81
8 changed files with 54 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
README.md
View File

@ -5,32 +5,34 @@ Dovecot, Memcached, Redis, MariaDB, PowerDNS Recursor, PHP-FPM, Postfix, Nginx,
All configurations were written with security in mind. All configurations were written with security in mind.
### Exposed ports: ### Containers and volumes
| Name | Service | Hostname, Alias | External bindings | Internal bindings | | Type | Object name | Network names | External binding | Internal binding | Volumes |
|:------------------|:-------------|:-------------------------------|:---------------------------------------------|:-------------------------------| |-----------|-------------------|------------------------------|----------------------------------------------|----------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| postfix-mailcow | Postfix | ${MAILCOW_HOSTNAME}, postfix | 25/tcp, 465/tcp, 587/tcp | 588/tcp | | Container | postfix-mailcow | ${MAILCOW_HOSTNAME}, postfix | 25/tcp, 465/tcp, 587/tcp | 588/tcp | ./data/conf/postfix:/opt/postfix/conf, ./data/assets/ssl:/etc/ssl/mail/:ro |
| dovecot-mailcow | Dovecot | ${MAILCOW_HOSTNAME}, dovecot | 110/tcp, 143/tcp, 993/tcp, 995/tcp, 4190/tcp | 24/tcp, 10001/tcp | | Container | dovecot-mailcow | ${MAILCOW_HOSTNAME}, dovecot | 110/tcp, 143/tcp, 993/tcp, 995/tcp, 4190/tcp | 24/tcp, 10001/tcp | vmail-vol-1:/var/vmail, ./data/conf/dovecot:/etc/dovecot, ./data/assets/ssl:/etc/ssl/mail/:ro |
| nginx-mailcow | Nginx | nginx | 443/tcp | 80/tcp, 8081/tcp | | Container | nginx-mailcow | nginx | 443/tcp | 80/tcp, 8081/tcp | Mounts from sogo-mailcow, ./data/web:/web:ro, ./data/conf/rspamd/dynmaps:/dynmaps:ro, ./data/assets/ssl/:/etc/ssl/mail/:ro, ./data/conf/nginx/:/etc/nginx/conf.d/:ro |
| pdns-mailcow | PowerDNS | pdns | - | 53/udp | | Container | pdns-mailcow | pdns | - | 53/udp | ./data/conf/pdns/:/etc/powerdns/ |
| rspamd-mailcow | Rspamd | rspamd | - | 11333/tcp, 11334/tcp | | Container | rspamd-mailcow | rspamd | - | 11333/tcp, 11334/tcp | dkim-vol-1:/data/dkim, ./data/conf/rspamd/override.d/:/etc/rspamd/override.d:ro, ./data/conf/rspamd/local.d/:/etc/rspamd/local.d:ro, ./data/conf/rspamd/lua/:/etc/rspamd/lua/:ro |
| mariadb-mailcow | MariaDB | mysql | - | 3306/tcp | | Container | mariadb-mailcow | mysql | - | 3306/tcp | mysql-vol-1:/var/lib/mysql/, ./data/conf/mysql/:/etc/mysql/conf.d/:ro |
| rmilter-mailcow | Rmilter | rmilter | - | 9000/tcp | | Container | rmilter-mailcow | rmilter | - | 9000/tcp | ./data/conf/rmilter/:/etc/rmilter.conf.d/:ro |
| phpfpm-mailcow | PHP FPM | phpfpm | - | 9000/tcp | | Container | phpfpm-mailcow | phpfpm | - | 9000/tcp | dkim-vol-1:/data/dkim, ./data/web:/web:ro, ./data/conf/rspamd/dynmaps:/dynmaps:ro |
| sogo-mailcow | SOGo | sogo | - | 9000/tcp | | Container | sogo-mailcow | sogo | - | 20000/tcp | ./data/conf/sogo/:/etc/sogo/,exposes /usr/lib/GNUstep/SOGo/WebServerResources/ |
| redis-mailcow | Redis | redis | - | 6379/tcp | | Container | redis-mailcow | redis | - | 6379/tcp | redis-vol-1:/data/ |
| memcached-mailcow | Memcached | memcached | - | 11211/tcp | | Container | memcached-mailcow | memcached | - | 11211/tcp | - |
| Volume | vmail-vol-1 | - | - | - | Mounts to dovecot |
| Volume | dkim-vol-1 | - | - | - | Mounts to rspamd + phpfpm |
| Volume | redis-vol-1 | - | - | - | Mounts to redis |
| Volume | mysql-vol-1 | - | - | - | Mounts to mysql |
All containers share a network "mailcow-network" with the subnet 172.22.1.0/24 - if you want to change it, set it in the composer file. All containers share a network "mailcow-network" with the subnet 172.22.1.0/24 - if you want to change it, set it in the composer file.
IPs are dynamic except for PowerDNS resolver which has a static ip address 172.22.1.2. IPs are dynamic except for PowerDNS resolver which has a static ip address 172.22.1.254.
### **FAQ** ### **FAQ**
- rspamd learns mail as spam or ham when you move a message in or out of the junk folder to any mailbox besides trash. - rspamd learns mail as spam or ham when you move a message in or out of the junk folder to any mailbox besides trash.
- rspamd auto-learns mail when a high or low score is detected (see https://rspamd.com/doc/configuration/statistic.html#autolearning) - rspamd auto-learns mail when a high or low score is detected (see https://rspamd.com/doc/configuration/statistic.html#autolearning)
- You can upgrade SOGo by running `docker-compose up -d sogo-mailcow nginx-mailcow`. - You can upgrade containers by running `docker-compose pull && docker-compose up -d`.
- Only Postfix and Rspamd use the PowerDNS resolver for DNSSEC.
- Linking to existing redis and memcached containers will be possible soon
## Installation ## Installation

2
data/Dockerfiles/dovecot/docker-entrypoint.sh
View File

@ -3,4 +3,6 @@ set -e
sed -i "/^connect/c\connect = \"host=mysql dbname=${DBNAME} user=${DBUSER} password=${DBPASS}\"" /etc/dovecot/sql/* sed -i "/^connect/c\connect = \"host=mysql dbname=${DBNAME} user=${DBUSER} password=${DBPASS}\"" /etc/dovecot/sql/*
if [[ $(stat -c %U /var/vmail/) != "vmail" ]] ; then chown -R vmail:vmail /var/vmail ; fi
exec "$@" exec "$@"

4
data/Dockerfiles/php-fpm/Dockerfile
View File

@ -9,7 +9,9 @@ RUN apt-get update \
RUN docker-php-ext-configure intl RUN docker-php-ext-configure intl
RUN docker-php-ext-install intl pdo pdo_mysql RUN docker-php-ext-install intl pdo pdo_mysql
WORKDIR /var/www/html COPY ./docker-entrypoint.sh /
EXPOSE 9000 EXPOSE 9000
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["php-fpm"] CMD ["php-fpm"]

7
data/Dockerfiles/php-fpm/docker-entrypoint.sh 100755
View File

@ -0,0 +1,7 @@
#!/bin/bash
set -e
if [[ ! -d "/data/dkim/txt" || ! -d "/data/dkim/keys" ]] ; then mkdir -p /data/dkim/{txt,keys} ; chown -R www-data:www-data /data/dkim; fi
if [[ $(stat -c %U /data/dkim/) != "www-data" ]] ; then chown -R www-data:www-data /data/dkim ; fi
exec "$@"

2
data/Dockerfiles/sogo/docker-entrypoint.sh
View File

@ -3,7 +3,7 @@ set -e
AS_SOGO="gosu sogo" AS_SOGO="gosu sogo"
${AS_SOGO} sogo defaults write sogod SOGoUserSources "({type = sql;id = directory;viewURL = mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_view;canAuthenticate = YES;isAddressBook = YES;displayName = \"GAL\";MailFieldNames = (aliases, ad_aliases, senderacl);userPasswordAlgorithm = ssha256;})" ${AS_SOGO} defaults write sogod SOGoUserSources "({type = sql;id = directory;viewURL = mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_view;canAuthenticate = YES;isAddressBook = YES;displayName = \"GAL\";MailFieldNames = (aliases, ad_aliases, senderacl);userPasswordAlgorithm = ssha256;})"
${AS_SOGO} defaults write sogod SOGoProfileURL "mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_user_profile" ${AS_SOGO} defaults write sogod SOGoProfileURL "mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_user_profile"
${AS_SOGO} defaults write sogod OCSFolderInfoURL "mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_folder_info" ${AS_SOGO} defaults write sogod OCSFolderInfoURL "mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_folder_info"
${AS_SOGO} defaults write sogod OCSEMailAlarmsFolderURL "mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_alarms_folder" ${AS_SOGO} defaults write sogod OCSEMailAlarmsFolderURL "mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_alarms_folder"

0
data/db/mysql/.mysql_data
View File

0
data/db/redis/.redis_data
View File

54
docker-compose.yml
View File

@ -8,7 +8,7 @@ services:
restart: always restart: always
networks: networks:
mailcow-network: mailcow-network:
ipv4_address: 172.22.1.2 ipv4_address: 172.22.1.254
aliases: aliases:
- pdns - pdns
@ -17,10 +17,10 @@ services:
depends_on: depends_on:
- pdns-mailcow - pdns-mailcow
volumes: volumes:
- ./data/db/mysql/:/var/lib/mysql/ - mysql-vol-1:/var/lib/mysql/
- ./data/conf/mysql/:/etc/mysql/conf.d/:ro - ./data/conf/mysql/:/etc/mysql/conf.d/:ro
dns: dns:
- 172.22.1.2 - 172.22.1.254
dns_search: mailcow-network dns_search: mailcow-network
environment: environment:
- MYSQL_ROOT_PASSWORD=${DBROOT} - MYSQL_ROOT_PASSWORD=${DBROOT}
@ -38,10 +38,10 @@ services:
depends_on: depends_on:
- pdns-mailcow - pdns-mailcow
volumes: volumes:
- ./data/db/redis/:/data/ - redis-vol-1:/data/
restart: always restart: always
dns: dns:
- 172.22.1.2 - 172.22.1.254
dns_search: mailcow-network dns_search: mailcow-network
networks: networks:
mailcow-network: mailcow-network:
@ -56,11 +56,10 @@ services:
- ./data/conf/rspamd/override.d/:/etc/rspamd/override.d:ro - ./data/conf/rspamd/override.d/:/etc/rspamd/override.d:ro
- ./data/conf/rspamd/local.d/:/etc/rspamd/local.d:ro - ./data/conf/rspamd/local.d/:/etc/rspamd/local.d:ro
- ./data/conf/rspamd/lua/:/etc/rspamd/lua/:ro - ./data/conf/rspamd/lua/:/etc/rspamd/lua/:ro
volumes_from: - dkim-vol-1:/data/dkim
- data-container-dkim
restart: always restart: always
dns: dns:
- 172.22.1.2 - 172.22.1.254
dns_search: mailcow-network dns_search: mailcow-network
networks: networks:
mailcow-network: mailcow-network:
@ -74,10 +73,9 @@ services:
volumes: volumes:
- ./data/web:/web:ro - ./data/web:/web:ro
- ./data/conf/rspamd/dynmaps:/dynmaps:ro - ./data/conf/rspamd/dynmaps:/dynmaps:ro
volumes_from: - dkim-vol-1:/data/dkim
- data-container-dkim
dns: dns:
- 172.22.1.2 - 172.22.1.254
dns_search: mailcow-network dns_search: mailcow-network
environment: environment:
- DBNAME=${DBNAME} - DBNAME=${DBNAME}
@ -99,7 +97,7 @@ services:
- DBUSER=${DBUSER} - DBUSER=${DBUSER}
- DBPASS=${DBPASS} - DBPASS=${DBPASS}
dns: dns:
- 172.22.1.2 - 172.22.1.254
dns_search: mailcow-network dns_search: mailcow-network
volumes: volumes:
- ./data/conf/sogo/:/etc/sogo/ - ./data/conf/sogo/:/etc/sogo/
@ -118,7 +116,7 @@ services:
- ./data/conf/rmilter/:/etc/rmilter.conf.d/:ro - ./data/conf/rmilter/:/etc/rmilter.conf.d/:ro
restart: always restart: always
dns: dns:
- 172.22.1.2 - 172.22.1.254
dns_search: mailcow-network dns_search: mailcow-network
networks: networks:
mailcow-network: mailcow-network:
@ -132,8 +130,7 @@ services:
volumes: volumes:
- ./data/conf/dovecot:/etc/dovecot - ./data/conf/dovecot:/etc/dovecot
- ./data/assets/ssl:/etc/ssl/mail/:ro - ./data/assets/ssl:/etc/ssl/mail/:ro
volumes_from: - vmail-vol-1:/var/vmail
- data-container-vmail
environment: environment:
- DBNAME=${DBNAME} - DBNAME=${DBNAME}
- DBUSER=${DBUSER} - DBUSER=${DBUSER}
@ -145,7 +142,7 @@ services:
- "${POPS_PORT}:995" - "${POPS_PORT}:995"
- "${SIEVE_PORT}:4190" - "${SIEVE_PORT}:4190"
dns: dns:
- 172.22.1.2 - 172.22.1.254
dns_search: mailcow-network dns_search: mailcow-network
restart: always restart: always
hostname: ${MAILCOW_HOSTNAME} hostname: ${MAILCOW_HOSTNAME}
@ -172,7 +169,7 @@ services:
restart: always restart: always
hostname: ${MAILCOW_HOSTNAME} hostname: ${MAILCOW_HOSTNAME}
dns: dns:
- 172.22.1.2 - 172.22.1.254
dns_search: mailcow-network dns_search: mailcow-network
networks: networks:
mailcow-network: mailcow-network:
@ -185,7 +182,7 @@ services:
- pdns-mailcow - pdns-mailcow
restart: always restart: always
dns: dns:
- 172.22.1.2 - 172.22.1.254
dns_search: mailcow-network dns_search: mailcow-network
networks: networks:
mailcow-network: mailcow-network:
@ -207,7 +204,7 @@ services:
- ./data/assets/ssl/:/etc/ssl/mail/:ro - ./data/assets/ssl/:/etc/ssl/mail/:ro
- ./data/conf/nginx/:/etc/nginx/conf.d/:ro - ./data/conf/nginx/:/etc/nginx/conf.d/:ro
dns: dns:
- 172.22.1.2 - 172.22.1.254
dns_search: mailcow-network dns_search: mailcow-network
ports: ports:
- "443:443" - "443:443"
@ -217,20 +214,6 @@ services:
aliases: aliases:
- nginx - nginx
data-container-dkim:
build: ./data/Dockerfiles/data-container-dkim
depends_on:
- pdns-mailcow
networks:
mailcow-network:
data-container-vmail:
build: ./data/Dockerfiles/data-container-vmail
depends_on:
- pdns-mailcow
networks:
mailcow-network:
networks: networks:
mailcow-network: mailcow-network:
driver: bridge driver: bridge
@ -240,3 +223,8 @@ networks:
- subnet: 172.22.1.0/24 - subnet: 172.22.1.0/24
gateway: 172.22.1.1 gateway: 172.22.1.1
volumes:
vmail-vol-1:
mysql-vol-1:
dkim-vol-1:
redis-vol-1: