iRedMail container behind Nginx Let's Encrypt notes - lejmr/iredmail-docker GitHub Wiki
docker-compose.nginx-proxy-w-le.yml
(the code below you can use as is, i.e. no personal or project-specific data is used here):
# HOW TO USE:
# 1. Download latest nginx.tmpl (save next to this docker-compose file):
# curl https://raw.githubusercontent.com/jwilder/nginx-proxy/master/nginx.tmpl > ./nginx.tmpl
# 2. Run docker-compose: docker-compose -f ./docker-compose.nginx-proxy-w-le.yml up -d
# Based on: https://github.com/buchdag/letsencrypt-nginx-proxy-companion-compose
version: '3.5'
services:
nginx-proxy:
image: nginx
container_name: nginx-proxy-container
ports:
- "80:80"
- "443:443"
volumes:
- conf:/etc/nginx/conf.d
- vhost:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- certs:/etc/nginx/certs:ro
labels:
- "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy"
restart: always
docker-gen:
image: jwilder/docker-gen
container_name: nginx-proxy-gen-container
command: -notify-sighup nginx-proxy-container -watch /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
depends_on:
- nginx-proxy
volumes:
- conf:/etc/nginx/conf.d
- vhost:/etc/nginx/vhost.d
- certs:/etc/nginx/certs:ro
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl:ro
labels:
- "com.github.jrcs.letsencrypt_nginx_proxy_companion.docker_gen"
restart: always
letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
container_name: nginx-proxy-le-container
depends_on:
- nginx-proxy
- docker-gen
volumes:
- vhost:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- certs:/etc/nginx/certs
- /var/run/docker.sock:/var/run/docker.sock:ro
restart: always
volumes:
conf:
vhost:
html:
certs:
networks:
default:
name: nginx-proxy
docker-compose.iredmail.yml
(need to provide project-specific data):
version: '3.5'
services:
iredmail:
image: lejmr/iredmail:mysql-latest
container_name: iredmail-container
restart: unless-stopped
hostname: host.domain # example: mail.google.com ('mail' is host, ie server name; 'google.com' is domain).
privileged: yes
ports:
# Open ports you need: https://docs.iredmail.org/network.ports.html
# You do not need to open 80 and 443
- "25:25"
- "587:587"
volumes:
- /var/www/mail/mysql:/var/lib/mysql
- /var/www/mail/vmail:/var/vmail
- /var/www/mail/clamav:/var/lib/clamav
- /etc/localtime:/etc/localtime:ro
environment:
- MYSQL_ROOT_PASSWORD=password
- POSTMASTER_PASSWORD={PLAIN}password
- IREDAPD_PLUGINS="['reject_null_sender', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy']"
- VIRTUAL_HOST=host.domain # example: mail.google.com ('mail' is host, ie server name; 'google.com' is domain).
- VIRTUAL_PORT=443
- VIRTUAL_PROTO=https
- LETSENCRYPT_HOST=host.domain # example: mail.google.com ('mail' is host, ie server name; 'google.com' is domain).
- [email protected]
networks:
default:
external:
name: nginx-proxy