diff --git a/config.demo/docker-compose.override.yml b/config.demo/docker-compose.override.yml index a8f03d84..dea191b3 100644 --- a/config.demo/docker-compose.override.yml +++ b/config.demo/docker-compose.override.yml @@ -1,128 +1,128 @@ version: '3' services: proxy: depends_on: imap: condition: service_healthy postfix: condition: service_healthy webapp: condition: service_healthy build: context: ./docker/proxy/ - args: - APP_WEBSITE_DOMAIN: ${APP_WEBSITE_DOMAIN:?err} - SSL_CERTIFICATE: ${PROXY_SSL_CERTIFICATE:?err} - SSL_CERTIFICATE_KEY: ${PROXY_SSL_CERTIFICATE_KEY:?err} healthcheck: interval: 10s test: "kill -0 $$(cat /run/nginx.pid)" timeout: 5s retries: 30 + environment: + - APP_WEBSITE_DOMAIN=${APP_WEBSITE_DOMAIN:?err} + - SSL_CERTIFICATE=${PROXY_SSL_CERTIFICATE:?err} + - SSL_CERTIFICATE_KEY=${PROXY_SSL_CERTIFICATE_KEY:?err} container_name: kolab-proxy restart: on-failure hostname: proxy image: kolab-proxy extra_hosts: - "meet:${MEET_LISTENING_HOST}" networks: kolab: ipv4_address: 172.18.0.7 tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: - ./docker/certs/:/etc/certs/:ro - /etc/letsencrypt/:/etc/letsencrypt/:ro ports: # - "25:25" # - "80:80" - "443:443" - "465:465" - "587:587" - "143:143" - "993:993" imap: build: context: ./docker/imap/ environment: - APP_DOMAIN=${APP_DOMAIN} - IMAP_ADMIN_LOGIN=${IMAP_ADMIN_LOGIN} - IMAP_ADMIN_PASSWORD=${IMAP_ADMIN_PASSWORD} healthcheck: interval: 10s test: "kill -0 1" timeout: 5s retries: 30 container_name: kolab-imap restart: on-failure hostname: imap image: kolab-imap networks: kolab: ipv4_address: 172.18.0.12 extra_hosts: - "kolab.mgmt.com:127.0.0.1" - "services.${APP_DOMAIN}:172.18.0.4" tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: - ./docker/certs/:/etc/certs/:ro - /etc/letsencrypt/:/etc/letsencrypt/:ro - imap-spool:/var/spool/imap - imap-lib:/var/lib/imap ports: - "11080:11080" - "11143:11143" - "11024:11024" postfix: build: context: ./docker/postfix/ healthcheck: interval: 10s test: "kill -0 1" timeout: 5s retries: 30 environment: - APP_DOMAIN=${APP_DOMAIN} - DB_HOST=mariadb - DB_USERNAME=${DB_USERNAME} - DB_PASSWORD=${DB_PASSWORD} - DB_DATABASE=${DB_DATABASE} - LMTP_DESTINATION="imap:11024" container_name: kolab-postfix restart: on-failure hostname: postfix image: kolab-postfix networks: kolab: ipv4_address: 172.18.0.13 extra_hosts: - "kolab.mgmt.com:127.0.0.1" - "services.${APP_DOMAIN}:172.18.0.4" tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: - ./docker/certs/:/etc/certs/:ro - /etc/letsencrypt/:/etc/letsencrypt/:ro - postfix-spool:/var/spool/postfix - postfix-lib:/var/lib/postfix ports: - "10587:10587" - "10025:10025" volumes: postfix-spool: postfix-lib: imap-spool: imap-lib: diff --git a/docker/proxy/Dockerfile b/docker/proxy/Dockerfile index 7e802a70..0290b144 100644 --- a/docker/proxy/Dockerfile +++ b/docker/proxy/Dockerfile @@ -1,29 +1,27 @@ FROM fedora:35 MAINTAINER Jeroen van Meeuwen ENV container docker RUN dnf -y install \ --setopt 'tsflags=nodocs' \ nginx \ nginx-mod-mail && \ dnf clean all +# ENV APP_WEBSITE_DOMAIN +# ENV SSL_CERTIFICATE +# ENV SSL_CERTIFICATE_KEY + COPY rootfs/ / -ARG APP_WEBSITE_DOMAIN -ARG SSL_CERTIFICATE -ARG SSL_CERTIFICATE_KEY -RUN sed -i -r -e "s|APP_WEBSITE_DOMAIN|$APP_WEBSITE_DOMAIN|g" /etc/nginx/nginx.conf -RUN sed -i -r -e "s|SSL_CERTIFICATE_CERT|$SSL_CERTIFICATE|g" /etc/nginx/nginx.conf -RUN sed -i -r -e "s|SSL_CERTIFICATE_KEY|$SSL_CERTIFICATE_KEY|g" /etc/nginx/nginx.conf # Forward request logs to Docker log collector RUN ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log STOPSIGNAL SIGTERM -CMD ["nginx", "-g", "daemon off;"] +CMD ["/init.sh"] -EXPOSE 80/tcp 443/tcp 465/tcp 587/tcp 143/tcp 144/tcp 993/tcp +EXPOSE 25/tcp 80/tcp 443/tcp 465/tcp 587/tcp 143/tcp 144/tcp 993/tcp diff --git a/docker/proxy/rootfs/init.sh b/docker/proxy/rootfs/init.sh new file mode 100755 index 00000000..4e83bfa0 --- /dev/null +++ b/docker/proxy/rootfs/init.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +sed -i -r \ + -e "s|APP_WEBSITE_DOMAIN|$APP_WEBSITE_DOMAIN|g" \ + -e "s|SSL_CERTIFICATE_CERT|$SSL_CERTIFICATE|g" \ + -e "s|SSL_CERTIFICATE_KEY|$SSL_CERTIFICATE_KEY|g" \ + /etc/nginx/nginx.conf + +exec nginx -g "daemon off;"