iRedMail container behind Nginx Let's Encrypt notes - lejmr/iredmail-docker GitHub Wiki

  1. docker-compose.nginx-proxy-w-le.yml (the code below you can use as is, i.e. no personal or project-specific data is used here):
# HOW TO USE:
# 1. Download latest nginx.tmpl (save next to this docker-compose file):
#    curl https://raw.githubusercontent.com/jwilder/nginx-proxy/master/nginx.tmpl > ./nginx.tmpl
# 2. Run docker-compose: docker-compose -f ./docker-compose.nginx-proxy-w-le.yml up -d

# Based on: https://github.com/buchdag/letsencrypt-nginx-proxy-companion-compose

version: '3.5'
services:
  nginx-proxy:
    image: nginx
    container_name: nginx-proxy-container
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - conf:/etc/nginx/conf.d
      - vhost:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - certs:/etc/nginx/certs:ro
    labels:
      - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy"
    restart: always

  docker-gen:
    image: jwilder/docker-gen
    container_name: nginx-proxy-gen-container
    command: -notify-sighup nginx-proxy-container -watch /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
    depends_on:
      - nginx-proxy
    volumes:
      - conf:/etc/nginx/conf.d
      - vhost:/etc/nginx/vhost.d
      - certs:/etc/nginx/certs:ro
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - ./nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl:ro
    labels:
      - "com.github.jrcs.letsencrypt_nginx_proxy_companion.docker_gen"
    restart: always

  letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    container_name: nginx-proxy-le-container
    depends_on:
      - nginx-proxy
      - docker-gen
    volumes:
      - vhost:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - certs:/etc/nginx/certs
      - /var/run/docker.sock:/var/run/docker.sock:ro
    restart: always

volumes:
  conf:
  vhost:
  html:
  certs:

networks:
  default:
    name: nginx-proxy
  1. docker-compose.iredmail.yml (need to provide project-specific data):
version: '3.5'
services:
  iredmail:
    image: lejmr/iredmail:mysql-latest
    container_name: iredmail-container
    restart: unless-stopped
    hostname: host.domain  # example: mail.google.com ('mail' is host, ie server name; 'google.com' is domain).
    privileged: yes
    ports:
      # Open ports you need: https://docs.iredmail.org/network.ports.html
      # You do not need to open 80 and 443
      - "25:25"
      - "587:587"
    volumes:
      - /var/www/mail/mysql:/var/lib/mysql
      - /var/www/mail/vmail:/var/vmail
      - /var/www/mail/clamav:/var/lib/clamav
      - /etc/localtime:/etc/localtime:ro
    environment:
      - MYSQL_ROOT_PASSWORD=password
      - POSTMASTER_PASSWORD={PLAIN}password
      - IREDAPD_PLUGINS="['reject_null_sender', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy']"
      - VIRTUAL_HOST=host.domain  # example: mail.google.com ('mail' is host, ie server name; 'google.com' is domain).
      - VIRTUAL_PORT=443
      - VIRTUAL_PROTO=https
      - LETSENCRYPT_HOST=host.domain  # example: mail.google.com ('mail' is host, ie server name; 'google.com' is domain).
      - [email protected]

networks:
  default:
    external:
      name: nginx-proxy