mirror of
https://github.com/the-djmaze/snappymail.git
synced 2024-11-15 04:04:50 +08:00
25bd3d441e
This allows `Require verification of SSL certificate` to work as expected.
151 lines
4.4 KiB
YAML
151 lines
4.4 KiB
YAML
#
|
|
# Note: Before starting, ensure you run gulp once, to generate static assets in ./snappymail/v/0.0.0/static/css and ./snappymail/v/0.0.0/static/js
|
|
#
|
|
version: '3.0'
|
|
services:
|
|
|
|
# Generate self-signed certs
|
|
# See: https://docker-mailserver.github.io/docker-mailserver/latest/config/security/ssl/#self-signed-certificates
|
|
step-ca:
|
|
image: smallstep/step-ca:latest
|
|
working_dir: /certs
|
|
volumes:
|
|
- certs:/certs
|
|
entrypoint:
|
|
- /bin/sh
|
|
user: 0:0
|
|
command:
|
|
- -c
|
|
- |
|
|
set -eu
|
|
if [ ! -d demoCA ]; then
|
|
mkdir -p demoCA
|
|
|
|
step certificate create "Smallstep Root CA" "demoCA/cacert.pem" "demoCA/cakey.pem" \
|
|
--no-password --insecure \
|
|
--profile root-ca \
|
|
--not-before "2021-01-01T00:00:00+00:00" \
|
|
--not-after "2031-01-01T00:00:00+00:00" \
|
|
--san "example.com" \
|
|
--san "mail.example.com" \
|
|
--kty RSA --size 2048
|
|
|
|
step certificate create "Smallstep Leaf" mail.example.com-cert.pem mail.example.com-key.pem \
|
|
--no-password --insecure \
|
|
--profile leaf \
|
|
--ca "demoCA/cacert.pem" \
|
|
--ca-key "demoCA/cakey.pem" \
|
|
--not-before "2021-01-01T00:00:00+00:00" \
|
|
--not-after "2031-01-01T00:00:00+00:00" \
|
|
--san "example.com" \
|
|
--san "mail.example.com" \
|
|
--san "imap.example.com" \
|
|
--san "smtp.example.com" \
|
|
--kty RSA --size 2048
|
|
fi
|
|
|
|
# Mail server
|
|
# See: https://docker-mailserver.github.io/docker-mailserver/latest
|
|
# Add an account: echo 'test' | docker exec -i $( docker-compose ps -q docker-mailserver ) setup email add test@example.com
|
|
docker-mailserver:
|
|
image: docker.io/mailserver/docker-mailserver:12
|
|
domainname: mail.example.com
|
|
environment:
|
|
- ENABLE_SPAMASSASSIN=0
|
|
- ENABLE_CLAMAV=0
|
|
- ENABLE_FAIL2BAN=0
|
|
- ENABLE_POSTGREY=0
|
|
- ENABLE_MANAGESIEVE=1
|
|
- ONE_DIR=1
|
|
- DMS_DEBUG=0
|
|
- POSTFIX_INET_PROTOCOLS=ipv4
|
|
- DOVECOT_INET_PROTOCOLS=ipv4
|
|
- SSL_TYPE=manual
|
|
- SSL_CERT_PATH=/certs/mail.example.com-cert.pem
|
|
- SSL_KEY_PATH=/certs/mail.example.com-key.pem
|
|
volumes:
|
|
- certs:/certs
|
|
- dms-mail-data:/var/mail
|
|
- dms-mail-state:/var/mail-state
|
|
- dms-mail-logs:/var/log/mail
|
|
- dms-config:/tmp/docker-mailserver
|
|
networks:
|
|
default:
|
|
aliases:
|
|
- example.com
|
|
- mail.example.com
|
|
- imap.example.com
|
|
- smtp.example.com
|
|
depends_on:
|
|
step-ca:
|
|
condition: service_completed_successfully
|
|
entrypoint:
|
|
- /bin/sh
|
|
command:
|
|
- -c
|
|
- |
|
|
set -eu
|
|
echo "Trusting demoCA certificate"
|
|
cp -v /certs/demoCA/cacert.pem /usr/local/share/ca-certificates/cacert.crt # Debian expects certs to end with .crt
|
|
update-ca-certificates
|
|
exec supervisord -c /etc/supervisor/supervisord.conf
|
|
|
|
# Snappymail: http://localhost:8888
|
|
# Admin panel: http://localhost:8888/?admin
|
|
# Get the Admin Panel password: docker exec -it $( docker-compose ps -q snappymail ) cat /var/lib/snappymail/_data_/_default_/admin_password.txt
|
|
snappymail:
|
|
build:
|
|
dockerfile: ./.docker/release/Dockerfile
|
|
context: .
|
|
# environment:
|
|
# - DEBUG=true
|
|
volumes:
|
|
- certs:/certs:ro
|
|
- ./snappymail:/snappymail/snappymail:ro
|
|
- ./index.php:/snappymail/index.php:ro
|
|
- snappymail:/var/lib/snappymail
|
|
ports:
|
|
- 8888:8888
|
|
networks:
|
|
- default
|
|
depends_on:
|
|
step-ca:
|
|
condition: service_completed_successfully
|
|
db:
|
|
condition: service_started
|
|
entrypoint:
|
|
- /bin/sh
|
|
command:
|
|
- -c
|
|
- |
|
|
set -eu
|
|
echo "Trusting demoCA certificate"
|
|
cp -v /certs/demoCA/cacert.pem /usr/local/share/ca-certificates/
|
|
update-ca-certificates
|
|
exec /entrypoint.sh
|
|
|
|
# MySQL database
|
|
db:
|
|
image: mysql:5.7
|
|
restart: always
|
|
environment:
|
|
- MYSQL_ROOT_PASSWORD=root
|
|
- MYSQL_USER=snappymail
|
|
- MYSQL_PASSWORD=snappymail
|
|
- MYSQL_DATABASE=snappymail
|
|
volumes:
|
|
- mysql:/var/lib/mysql
|
|
networks:
|
|
- default
|
|
|
|
volumes:
|
|
certs:
|
|
dms-mail-data:
|
|
dms-mail-state:
|
|
dms-mail-logs:
|
|
dms-config:
|
|
snappymail:
|
|
mysql:
|
|
|
|
networks:
|
|
default:
|