patzm · patzm · Nov 19, 2024 · Nov 24, 2024 · Nov 24, 2024 · Nov 24, 2024
diff --git a/mailu/README.md b/mailu/README.md
@@ -1,6 +1,8 @@
 # Mailu
 
 ## Setup
+Set the following environment variables:
+* `Domain`: the TLD
 
 Set the following (sensitive) environment variables:
 * `RELAYUSER`
@@ -11,6 +13,7 @@ Set the following (sensitive) environment variables:
   apt-get install pwgen
   pwgen 16 1
   ```
+* `API_TOKEN`: a random string of at least 3 characters. Use `pwgen`.
 
 Then upload the `mailu.env` file into Portainer and populate the environment.
 

diff --git a/mailu/docker-compose.yml b/mailu/docker-compose.yml
@@ -1,3 +1,6 @@
+# This file is auto-generated by the Mailu configuration wizard.
+# Please read the documentation before attempting any change.
+# Generated for compose flavor
 networks:
 
   default:
@@ -10,7 +13,11 @@ networks:
   webmail:
     driver: bridge
 
-  noinet:
+  oletools:
+    driver: bridge
+    internal: true
+
+  fts_attachments:
     driver: bridge
     internal: true
 
@@ -32,53 +39,38 @@ services:
     dns:
       - 172.26.0.254
 
-  resolver:
-    image: ghcr.io/mailu/unbound:${MAILU_VERSION}
-    restart: unless-stopped
-    env_file: mailu.env
-    networks:
-      default:
-        ipv4_address: 172.26.0.254
-
-  certdumper:
-    image: ghcr.io/mailu/traefik-certdumper:${MAILU_VERSION}
-    restart: unless-stopped
-    dns:
-      - 172.26.0.254
-    environment:
-      - DOMAIN=${DOMAIN}
-      - TRAEFIK_VERSION=v2
-    volumes:
-      - "/mnt/ssd-1tb/docker/traefik/letsencrypt/patz.family:/traefik"
-      - "/mnt/ssd-1tb/docker/mailu/certs:/output"
-
   # Core services
   front:
-    image: ghcr.io/mailu/nginx:${MAILU_VERSION}
+    image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}nginx:${MAILU_VERSION:-2024.06}
     restart: unless-stopped
-    env_file: ../stack.env
+    env_file:
+      - ../stack.env
+      - mailu.env
     logging:
-      driver: json-file
-    depends_on:
-      - certdumper
-      - resolver
+      driver: journald
+      options:
+        tag: mailu-front
+    ports:
+      - "127.0.0.1:25:25"
+      - "127.0.0.1:465:465"
+      - "127.0.0.1:587:587"
+      - "127.0.0.1:110:110"
+      - "127.0.0.1:995:995"
+      - "127.0.0.1:143:143"
+      - "127.0.0.1:993:993"
+      # - "127.0.0.1:4190:4190" -> Sieve, not needed
     networks:
       - default
       - traefik
       - webmail
-    dns:
-      - 172.26.0.254
-    ports:
-      - "25:25"
-      - "110:110"
-      - "143:143"
-      - "465:465"
-      - "587:587"
-      - "993:993"
-      - "995:995"
     volumes:
       - "/mnt/ssd-1tb/docker/mailu/certs:/certs"
       - "/mnt/ssd-1tb/docker/mailu/overrides/nginx:/overrides:ro"
+    depends_on:
+      - certdumper
+      - resolver
+    dns:
+      - 172.26.0.254
     labels:
       - "traefik.enable=true"
       - "traefik.http.routers.mailu-front.rule=Host(`mail.${DOMAIN}`) || Host(`mail.patz.app`) || Host(`mail.whynot.holdings`)"
@@ -92,10 +84,30 @@ services:
       - "traefik.http.routers.mailu-front.tls.domains[2].sans=mail.whynot.holdings,smtp.whynot.holdings,imap.whynot.holdings"
       - "traefik.http.services.mailu-front.loadbalancer.server.port=80"
 
+  resolver:
+    image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}unbound:${MAILU_VERSION:-2024.06}
+    env_file:
+      - ../stack.env
+      - mailu.env
+    logging:
+      driver: journald
+      options:
+        tag: mailu-resolver
+    restart: unless-stopped
+    networks:
+      default:
+        ipv4_address: 172.26.0.254
+
   admin:
-    image: ghcr.io/mailu/admin:${MAILU_VERSION}
+    image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}admin:${MAILU_VERSION:-2024.06}
     restart: unless-stopped
-    env_file: ../stack.env
+    env_file:
+      - ../stack.env
+      - mailu.env
+    logging:
+      driver: journald
+      options:
+        tag: mailu-admin
     volumes:
       - "/mnt/ssd-1tb/docker/mailu/data:/data"
       - "/mnt/ssd-1tb/docker/mailu/dkim:/dkim"
@@ -106,57 +118,100 @@ services:
       - 172.26.0.254
 
   imap:
-    image: ghcr.io/mailu/dovecot:${MAILU_VERSION}
+    image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-2024.06}
     restart: unless-stopped
-    env_file: ../stack.env
+    env_file:
+      - ../stack.env
+      - mailu.env
+    logging:
+      driver: journald
+      options:
+        tag: mailu-imap
     volumes:
       - "/mnt/ssd-1tb/docker/mailu/mail:/mail"
       - "/mnt/ssd-1tb/docker/mailu/overrides/dovecot:/overrides:ro"
+    networks:
+      - default
+      - fts_attachments
     depends_on:
       - front
+      - fts_attachments
       - resolver
-    networks:
-      - default
     dns:
       - 172.26.0.254
 
   smtp:
-    image: ghcr.io/mailu/postfix:${MAILU_VERSION}
+    image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-2024.06}
     restart: unless-stopped
-    env_file: ../stack.env
+    env_file:
+      - ../stack.env
+      - mailu.env
+    logging:
+      driver: journald
+      options:
+        tag: mailu-smtp
     volumes:
       - "/mnt/ssd-1tb/docker/mailu/mailqueue:/queue"
       - "/mnt/ssd-1tb/docker/mailu/overrides/postfix:/overrides:ro"
-    networks:
-      - default
     depends_on:
       - front
       - resolver
     dns:
       - 172.26.0.254
 
   oletools:
-    image: ghcr.io/mailu/oletools:${MAILU_VERSION}
+    image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}oletools:${MAILU_VERSION:-2024.06}
     hostname: oletools
+    logging:
+      driver: journald
+      options:
+        tag: mailu-oletools
     restart: unless-stopped
     networks:
-      - noinet
+      - oletools
     depends_on:
       - resolver
     dns:
       - 172.26.0.254
 
+  fts_attachments:
+    image: apache/tika:2.9.2.1-full
+    hostname: tika
+    logging:
+      driver: journald
+      options:
+        tag: mailu-tika
+    restart: unless-stopped
+    networks:
+      - fts_attachments
+    depends_on:
+      - resolver
+    dns:
+      - 172.26.0.254
+    healthcheck:
+      test: ["CMD-SHELL", "wget -nv -t1 -O /dev/null http://127.0.0.1:9998/tika || exit 1"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 10s
+
   antispam:
-    image: ghcr.io/mailu/rspamd:${MAILU_VERSION}
+    image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-2024.06}
     hostname: antispam
     restart: unless-stopped
-    env_file: ../stack.env
-    volumes:
-      - "/mnt/ssd-1tb/docker/mailu/filter:/var/lib/rspamd"
-      - "/mnt/ssd-1tb/docker/mailu/overrides/rspamd:/etc/rspamd/override.d"
+    env_file:
+      - ../stack.env
+      - mailu.env
+    logging:
+      driver: journald
+      options:
+        tag: mailu-antispam
     networks:
       - default
-      - noinet
+      - oletools
+    volumes:
+      - "/mnt/ssd-1tb/docker/mailu/filter:/var/lib/rspamd"
+      - "/mnt/ssd-1tb/docker/mailu/overrides/rspamd:/overrides:ro"
     depends_on:
       - front
       - redis
@@ -165,16 +220,38 @@ services:
     dns:
       - 172.26.0.254
 
+  # Optional services
+
+
+
+  # Webmail
   webmail:
-    image: ghcr.io/mailu/webmail:${MAILU_VERSION}
+    image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}webmail:${MAILU_VERSION:-2024.06}
     restart: unless-stopped
-    env_file: ../stack.env
-    networks:
-      - webmail
+    env_file:
+      - ../stack.env
+      - mailu.env
+    logging:
+      driver: journald
+      options:
+        tag: mailu-webmail
     volumes:
       - "/mnt/ssd-1tb/docker/mailu/webmail:/data"
       - "/mnt/ssd-1tb/docker/mailu/overrides/roundcube:/overrides:ro"
+    networks:
+      - webmail
     depends_on:
       - front
+
+  # Certdumper from Traefik
+  certdumper:
+    image: ghcr.io/mailu/traefik-certdumper:${MAILU_VERSION}
+    restart: unless-stopped
     dns:
       - 172.26.0.254
+    environment:
+      - DOMAIN=${DOMAIN}
+      - TRAEFIK_VERSION=v2
+    volumes:
+      - "/mnt/ssd-1tb/docker/traefik/letsencrypt/patz.family:/traefik"
+      - "/mnt/ssd-1tb/docker/mailu/certs:/output"