diff --git a/config.docker-dev/docker-compose.override.yml b/config.docker-dev/docker-compose.override.yml index ca5c339b..b57ed6ad 100644 --- a/config.docker-dev/docker-compose.override.yml +++ b/config.docker-dev/docker-compose.override.yml @@ -1,350 +1,351 @@ version: '3' services: roundcube: build: context: ./docker/roundcube/ container_name: kolab-roundcube hostname: roundcube.hosted.com restart: on-failure depends_on: mariadb: condition: service_healthy pdns: condition: service_healthy environment: - APP_DOMAIN=${APP_DOMAIN} - LDAP_HOST=ldap - LDAP_ADMIN_BIND_DN=${LDAP_ADMIN_BIND_DN} - LDAP_ADMIN_BIND_PW=${LDAP_ADMIN_BIND_PW} - LDAP_SERVICE_BIND_PW=${LDAP_SERVICE_BIND_PW} - LDAP_HOSTED_BIND_PW=${LDAP_HOSTED_BIND_PW} - DB_HOST=mariadb - DB_ROOT_PASSWORD=${DB_ROOT_PASSWORD} - DB_RC_DATABASE=roundcube - DB_RC_USERNAME=roundcube - DB_RC_PASSWORD=${DB_PASSWORD:?"DB_PASSWORD is missing"} - IMAP_HOST=tls://haproxy - IMAP_PORT=11143 - IMAP_PROXY_PROTOCOL=2 - IMAP_ADMIN_LOGIN=${IMAP_ADMIN_LOGIN} - IMAP_ADMIN_PASSWORD=${IMAP_ADMIN_PASSWORD} - MAIL_HOST=tls://kolab - MAIL_PORT=10587 # ldap: # build: # context: ./docker/ldap/ # container_name: kolab-ldap # restart: on-failure # tty: true # hostname: ldap # privileged: true # environment: # - APP_DOMAIN=${APP_DOMAIN} # - LDAP_ADMIN_ROOT_DN=${LDAP_ADMIN_ROOT_DN} # - LDAP_ADMIN_BIND_DN=${LDAP_ADMIN_BIND_DN} # - LDAP_ADMIN_BIND_PW=${LDAP_ADMIN_BIND_PW} # - LDAP_SERVICE_BIND_PW=${LDAP_SERVICE_BIND_PW} # - LDAP_HOSTED_BIND_PW=${LDAP_HOSTED_BIND_PW} # - IMAP_ADMIN_PASSWORD=${IMAP_ADMIN_PASSWORD} # healthcheck: # interval: 10s # test: "systemctl status dirsrv@kolab || exit 1" # timeout: 5s # retries: 30 # start_period: 5m # image: kolab-ldap # networks: # kolab: # ipv4_address: 172.18.0.12 # tmpfs: # - /run # - /tmp # - /var/run # - /var/tmp # volumes: # - /sys/fs/cgroup:/sys/fs/cgroup:ro haproxy: build: context: ./docker/haproxy/ depends_on: proxy: condition: service_healthy healthcheck: interval: 10s test: "kill -0 $$(cat /var/run/haproxy.pid)" timeout: 5s retries: 30 container_name: kolab-haproxy restart: on-failure hostname: haproxy.hosted.com image: kolab-haproxy networks: kolab: ipv4_address: 172.18.0.6 tmpfs: - /run - /tmp - /var/run - /var/tmp volumes: - ./docker/certs/:/etc/certs/:ro - /etc/letsencrypt/:/etc/letsencrypt/:ro proxy: depends_on: webapp: condition: service_healthy build: context: ./docker/proxy/ - args: - APP_WEBSITE_DOMAIN: ${APP_WEBSITE_DOMAIN:?err} - SSL_CERTIFICATE_CERT: ${PROXY_SSL_CERTIFICATE:?err} - SSL_CERTIFICATE_KEY: ${PROXY_SSL_CERTIFICATE_KEY:?err} + user: 0:0 healthcheck: interval: 10s test: "kill -0 $$(cat /run/nginx.pid)" timeout: 5s retries: 30 + environment: + - APP_WEBSITE_DOMAIN=${APP_WEBSITE_DOMAIN:?err} + - SSL_CERTIFICATE=${PROXY_SSL_CERTIFICATE:?err} + - SSL_CERTIFICATE_KEY=${PROXY_SSL_CERTIFICATE_KEY:?err} container_name: kolab-proxy restart: on-failure hostname: proxy image: kolab-proxy extra_hosts: - "meet:${MEET_LISTENING_HOST}" networks: kolab: ipv4_address: 172.18.0.7 tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: - ./docker/certs/:/etc/certs/:ro - /etc/letsencrypt/:/etc/letsencrypt/:ro ports: # - "80:80" - - "443:443" - - "465:465" - - "587:587" - - "143:143" - - "993:993" + - "443:6443" + - "465:6465" + - "587:6587" + - "143:6143" + - "993:6993" # centos7 is not compatible with the new docker builder (yum get's to a grinding halt for some reason) # imap-legacy: # build: # context: ./docker/imap-legacy/ # args: # IMAP_ADMIN_LOGIN: ${IMAP_ADMIN_LOGIN} # IMAP_ADMIN_PASSWORD: ${IMAP_ADMIN_PASSWORD} # container_name: imap-legacy # privileged: true # depends_on: # pdns: # condition: service_healthy # # This makes docker's dns, resolve via pdns for this container. # # Please note it does not affect /etc/resolv.conf # dns: 172.18.0.11 # image: imap-legacy # extra_hosts: # - "services.${APP_DOMAIN}:172.18.0.4" # networks: # kolab: # ipv4_address: 172.18.0.19 # ports: # - "9993:993" # - "9143:143" # tmpfs: # - /run # - /tmp # - /var/run # - /var/tmp # tty: true # volumes: # - /etc/letsencrypt/:/etc/letsencrypt/:ro # - ./docker/certs/ca.cert:/etc/pki/tls/certs/ca.cert:ro # - ./docker/certs/ca.cert:/etc/pki/ca-trust/source/anchors/ca.cert:ro # - ./docker/certs/kolab.hosted.com.cert:${KOLAB_SSL_CERTIFICATE:?err} # - ./docker/certs/kolab.hosted.com.chain.pem:${KOLAB_SSL_CERTIFICATE_FULLCHAIN:?err} # - ./docker/certs/kolab.hosted.com.key:${KOLAB_SSL_CERTIFICATE_KEY:?err} # - ./docker/kolab/utils:/root/utils:ro # - /sys/fs/cgroup:/sys/fs/cgroup:ro imap-backend: build: context: ./docker/imap/ depends_on: imap-mupdate: condition: service_healthy environment: - APP_SERVICES_DOMAIN=services.${APP_DOMAIN} - SERVICES_PORT=8000 - IMAP_ADMIN_LOGIN=${IMAP_ADMIN_LOGIN} - IMAP_ADMIN_PASSWORD=${IMAP_ADMIN_PASSWORD} - IMAPD_CONF=/etc/imapd-backend.conf - CYRUS_CONF=/etc/cyrus-backend.conf - SSL_CERTIFICATE=${KOLAB_SSL_CERTIFICATE:?"KOLAB_SSL_CERTIFICATE is missing"} - SSL_CERTIFICATE_FULLCHAIN=${KOLAB_SSL_CERTIFICATE_FULLCHAIN:?"KOLAB_SSL_CERTIFICATE_FULLCHAIN is missing"} - SSL_CERTIFICATE_KEY=${KOLAB_SSL_CERTIFICATE_KEY:?"KOLAB_SSL_CERTIFICATE_KEY is missing"} healthcheck: interval: 10s test: "test -e /run/saslauthd/mux && kill -0 $$(cat /var/run/master.pid)" timeout: 5s retries: 30 # This makes docker's dns, resolve via pdns for this container. # Please note it does not affect /etc/resolv.conf dns: 172.18.0.11 image: kolab-imap container_name: imap-backend extra_hosts: - "services.${APP_DOMAIN}:172.18.0.4" networks: kolab: ipv4_address: 172.18.0.20 tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: - ./docker/certs/:/etc/certs/:ro - /etc/letsencrypt/:/etc/letsencrypt/:ro - imap-spool:/var/spool/imap - imap-lib:/var/lib/imap - ./ext/:/src.orig/:ro ports: - "9080:11080" - "9143:11143" - "9024:11024" # imap-backend2: # build: # context: ./docker/imap-backend2/ # args: # IMAP_ADMIN_LOGIN: ${IMAP_ADMIN_LOGIN} # IMAP_ADMIN_PASSWORD: ${IMAP_ADMIN_PASSWORD} # container_name: imap-backend2 # privileged: true # depends_on: # pdns: # condition: service_healthy # imap-mupdate: # condition: service_healthy # # This makes docker's dns, resolve via pdns for this container. # # Please note it does not affect /etc/resolv.conf # dns: 172.18.0.11 # healthcheck: # interval: 10s # test: "systemctl status cyrus-imapd || exit 1" # timeout: 5s # retries: 30 # image: imap-backend2 # extra_hosts: # - "services.${APP_DOMAIN}:172.18.0.4" # networks: # kolab: # ipv4_address: 172.18.0.23 # ports: # - "9993:993" # - "9143:143" # - "9081:80" # - "9443:443" # tmpfs: # - /run # - /tmp # - /var/run # - /var/tmp # tty: true # volumes: # - /etc/letsencrypt/:/etc/letsencrypt/:ro # - ./docker/certs/ca.cert:/etc/pki/tls/certs/ca.cert:ro # - ./docker/certs/ca.cert:/etc/pki/ca-trust/source/anchors/ca.cert:ro # - ./docker/certs/kolab.hosted.com.cert:${KOLAB_SSL_CERTIFICATE:?err} # - ./docker/certs/kolab.hosted.com.chain.pem:${KOLAB_SSL_CERTIFICATE_FULLCHAIN:?err} # - ./docker/certs/kolab.hosted.com.key:${KOLAB_SSL_CERTIFICATE_KEY:?err} # - ./docker/kolab/utils:/root/utils:ro # - /sys/fs/cgroup:/sys/fs/cgroup:ro # - /home/mollekopf/src/cyrus-imapd:/root/cyrus-imapd imap-frontend: build: context: ./docker/imap/ environment: - APP_SERVICES_DOMAIN=services.${APP_DOMAIN} - SERVICES_PORT=8000 - IMAP_ADMIN_LOGIN=${IMAP_ADMIN_LOGIN} - IMAP_ADMIN_PASSWORD=${IMAP_ADMIN_PASSWORD} - IMAPD_CONF=/etc/imapd-frontend.conf - CYRUS_CONF=/etc/cyrus-frontend.conf - SSL_CERTIFICATE=${KOLAB_SSL_CERTIFICATE:?"KOLAB_SSL_CERTIFICATE is missing"} - SSL_CERTIFICATE_FULLCHAIN=${KOLAB_SSL_CERTIFICATE_FULLCHAIN:?"KOLAB_SSL_CERTIFICATE_FULLCHAIN is missing"} - SSL_CERTIFICATE_KEY=${KOLAB_SSL_CERTIFICATE_KEY:?"KOLAB_SSL_CERTIFICATE_KEY is missing"} healthcheck: interval: 10s test: "test -e /run/saslauthd/mux && kill -0 $$(cat /var/run/master.pid)" timeout: 5s retries: 30 # This makes docker's dns, resolve via pdns for this container. # Please note it does not affect /etc/resolv.conf dns: 172.18.0.11 image: kolab-imap container_name: imap-frontend extra_hosts: - "services.${APP_DOMAIN}:172.18.0.4" # Somehow necessary for caldav because it connects to the backend not via imap-backend but the full hostname imap.backend.${APP_DOMAIN} - "imap-backend.${APP_DOMAIN}:172.18.0.20" - "imap-frontend.${APP_DOMAIN}:172.18.0.21" networks: kolab: ipv4_address: 172.18.0.21 tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: - ./docker/certs/:/etc/certs/:ro - /etc/letsencrypt/:/etc/letsencrypt/:ro - ./ext/:/src.orig/:ro ports: - "7080:11080" - "7143:11143" imap-mupdate: build: context: ./docker/imap/ environment: - APP_SERVICES_DOMAIN=services.${APP_DOMAIN} - SERVICES_PORT=8000 - IMAP_ADMIN_LOGIN=${IMAP_ADMIN_LOGIN} - IMAP_ADMIN_PASSWORD=${IMAP_ADMIN_PASSWORD} - IMAPD_CONF=/etc/imapd-master.conf - CYRUS_CONF=/etc/cyrus-master.conf - SSL_CERTIFICATE=${KOLAB_SSL_CERTIFICATE:?"KOLAB_SSL_CERTIFICATE is missing"} - SSL_CERTIFICATE_FULLCHAIN=${KOLAB_SSL_CERTIFICATE_FULLCHAIN:?"KOLAB_SSL_CERTIFICATE_FULLCHAIN is missing"} - SSL_CERTIFICATE_KEY=${KOLAB_SSL_CERTIFICATE_KEY:?"KOLAB_SSL_CERTIFICATE_KEY is missing"} healthcheck: interval: 10s test: "test -e /run/saslauthd/mux && kill -0 $$(cat /var/run/master.pid)" timeout: 5s retries: 30 # This makes docker's dns, resolve via pdns for this container. # Please note it does not affect /etc/resolv.conf dns: 172.18.0.11 image: kolab-imap container_name: imap-mupdate extra_hosts: - "services.${APP_DOMAIN}:172.18.0.4" networks: kolab: ipv4_address: 172.18.0.22 tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: - ./docker/certs/:/etc/certs/:ro - /etc/letsencrypt/:/etc/letsencrypt/:ro - ./ext/:/src.orig/:ro volumes: imap-spool: imap-lib: