From 507292080388420da6da4cf8b32743a0f25dea06 Mon Sep 17 00:00:00 2001 From: hcornet Date: Thu, 28 Nov 2024 20:13:48 +0100 Subject: [PATCH] sync --- .env | 6 +++--- docker-compose.yml | 26 ++++++++++++++++++++++---- 2 files changed, 25 insertions(+), 7 deletions(-) diff --git a/.env b/.env index 06c53cd..7165d2a 100644 --- a/.env +++ b/.env @@ -238,12 +238,12 @@ SMTP_ONLY= # custom => Enables custom certificates # manual => Let's you manually specify locations of your SSL certificates for non-standard cases # self-signed => Enables self-signed certificates -SSL_TYPE= +SSL_TYPE=manual # These are only supported with `SSL_TYPE=manual`. # Provide the path to your cert and key files that you've mounted access to within the container. -SSL_CERT_PATH= -SSL_KEY_PATH= +SSL_CERT_PATH=/certs/cert.crt +SSL_KEY_PATH=/certs/cert.key # Optional: A 2nd certificate can be supported as fallback (dual cert support), eg ECDSA with an RSA fallback. # Useful for additional compatibility with older MTA and MUA (eg pre-2015). SSL_ALT_CERT_PATH= diff --git a/docker-compose.yml b/docker-compose.yml index 10e8c8d..18f5fc3 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -30,12 +30,30 @@ services: restart: always stop_grace_period: 1m # Uncomment if using `ENABLE_FAIL2BAN=1`: - # cap_add: - # - NET_ADMIN + cap_add: + - NET_ADMIN healthcheck: test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1" timeout: 3s retries: 0 networks: - - back_network_mailserver - + - traefik_front_network + labels: + - "traefik.enable=true" + - "traefik.docker.network=traefik_front_network" +# HTTP + - "traefik.http.routers.mailserver-http.rule=Host(`mailserver.tips-of-mine.com`)" + - "traefik.http.routers.mailserver-http.entrypoints=http" + - "traefik.http.routers.mailserver-http.priority=49" +# HTTPS + - "traefik.http.routers.mailserver-https.rule=Host(`mailserver.tips-of-mine.com`)" + - "traefik.http.routers.mailserver-https.entrypoints=https" + - "traefik.http.routers.mailserver-https.tls=true" + - "traefik.http.routers.mailserver-https.priority=50" + - "traefik.http.routers.mailserver.service=mailserver-https-service" +# Middleware + - "traefik.http.routers.mailserver.middlewares=redirect-webmail@docker" +# - "traefik.http.middlewares.redirect-webmail.redirectregex.regex=.*" +# - "traefik.http.middlewares.redirect-webmail.redirectregex.replacement=https://webmail.tips-of-mine.com/" +# Service + - "traefik.http.services.mailserver-https-service.loadbalancer.server.port=443"