diff --git a/README.md b/README.md index d1b495b..f4b73d8 100644 --- a/README.md +++ b/README.md @@ -42,6 +42,18 @@ Any additional configuration should be done through environment variables and no The compose file itself is part of the git repository and should not be edited directly. Instead a `docker-compose.override.yml` (will be ignored by git) file can be created to override and extend the default one. See https://docs.docker.com/compose/extends/ for more information. +#### Why is my compose override file ignored? + +This project uses the `COMPOSE_FILE` environment variable to allow users to override the ports exposed by each container (for example when using a different front facing proxy). When using a `docker-compose.override.yml` file make sure this is included in this variable in the `.env` file. For example like this: + +``` +COMPOSE_FILE=docker-compose.yml:docker-compose.portmapping.yml:docker-compose.override.yml +``` + +#### I've pulled in the latest version, but now I cannot reach Kopano over the network any longer! + +This project switched to specifying `COMPOSE_FILE` in `.env` to allow users to easily disable individual ports exposed. Please rerun `setup.sh` to add this variable to your `.env` file or add it manually. + ### How to use a newer version than the one available from the Docker Hub? In this repository you can also find a Makefile that automates the process of building newer images. @@ -91,6 +103,10 @@ While using kweb is recommended, this is of course possible. Please check the individual web containers (kDAV, WebApp and Z-Push for individual instructions). +### How can I prevent e.g. `kopano-gateway` to be reachable from the network? + +The exposed ports of each container are defined in `docker-compose.ports.yml`. If you do not want to expose some of the containers to the network, it is recommended to copy this file to `docker-compose.override.yml`and just remove all entries that you do not want to have exposed. + ### I want to use these Docker images outside of an evaluation environment. What do I need to adjust to make this possible? To get a quick impression of Kopano this git repository bundles a locally build ldap image with some example users. When using the docker-compose.yml in a production environment make sure to: diff --git a/docker-compose.ports.yml b/docker-compose.ports.yml new file mode 100644 index 0000000..6d76061 --- /dev/null +++ b/docker-compose.ports.yml @@ -0,0 +1,32 @@ +version: "3.5" + +services: + web: + ports: + - "${CADDY:-2015}:2015" + - "${HTTP:-80}:80" + - "${HTTPS:-443}:443" + + ldap: + ports: + - ${LDAPPORT:-389}:389 + + mail: + ports: + - "${SMTPPORT:-25}:25" + - "${SMTPSPORT:-465}:465" + - "${MSAPORT:-587}:587" + + kopano_server: + ports: + - ${KOPANOPORT:-236}:236 + - ${KOPANOSPORT:-237}:237 + + kopano_gateway: + ports: + - "${POP3PORT:-110}:110" + - "${IMAPPORT:-143}:143" + + kopano_ical: + ports: + - "${ICALPORT:-8080}:8080" diff --git a/docker-compose.yml b/docker-compose.yml index 9c9e68c..705ec9e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -4,10 +4,6 @@ services: web: image: ${docker_repo:-zokradonh}/kopano_web:${KWEB_VERSION:-latest} restart: unless-stopped - ports: - - "${CADDY:-2015}:2015" - - "${HTTP:-80}:80" - - "${HTTPS:-443}:443" environment: - EMAIL=${EMAIL:-off} - FQDN=${FQDN?err} @@ -30,8 +26,6 @@ services: image: ${docker_repo:-zokradonh}/${LDAP_CONTAINER:-kopano_ldap_demo}:${LDAP_VERSION:-latest} restart: unless-stopped container_name: ${COMPOSE_PROJECT_NAME}_ldap - ports: - - ${LDAPPORT:-389}:389 environment: - LDAP_ORGANISATION=${LDAP_ORGANISATION} - LDAP_DOMAIN=${LDAP_DOMAIN} @@ -105,10 +99,6 @@ services: container_name: ${COMPOSE_PROJECT_NAME}_mail depends_on: - ldap - ports: - - "${SMTPPORT:-25}:25" - - "${SMTPSPORT:-465}:465" - - "${MSAPORT:-587}:587" volumes: - maildata:/var/mail - mailstate:/var/mail-state @@ -196,9 +186,6 @@ services: - ldap - kopano_ssl - kopano_konnect - ports: - - ${KOPANOPORT:-236}:236 - - ${KOPANOSPORT:-237}:237 environment: - SERVICE_TO_START=server - TZ=${TZ} @@ -365,9 +352,6 @@ services: image: ${docker_repo:-zokradonh}/kopano_core:${CORE_VERSION:-latest} depends_on: - kopano_server - ports: - - "${POP3PORT:-110}:110" - - "${IMAPPORT:-143}:143" volumes: - kopanossl/:/kopano/ssl - kopanosocket/:/run/kopano @@ -385,8 +369,6 @@ services: image: ${docker_repo:-zokradonh}/kopano_core:${CORE_VERSION:-latest} depends_on: - kopano_server - ports: - - "${ICALPORT:-8080}:8080" volumes: - kopanossl/:/kopano/ssl - kopanosocket/:/run/kopano diff --git a/setup.sh b/setup.sh index 4e3eb1a..8ec6ebd 100755 --- a/setup.sh +++ b/setup.sh @@ -314,9 +314,11 @@ KOPANOSPORT=237 # Settings for test environments INSECURE=$INSECURE +# Docker and docker-compose settings # Docker Repository to push to/pull from docker_repo=zokradonh COMPOSE_PROJECT_NAME=kopano +COMPOSE_FILE=docker-compose.yml:docker-compose.ports.yml # Modify below to build a different version, than the kopano nightly release #KOPANO_CORE_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/core:/final/Debian_9.0/ @@ -335,6 +337,12 @@ ADDITIONAL_KOPANO_WEBAPP_PLUGINS=$ADDITIONAL_KOPANO_WEBAPP_PLUGINS EOF else - echo "config already exists, doing nothing" - echo "if you want to change the configuration, please edit .env directly" + + if ! grep -q COMPOSE_FILE ./.env; then + echo "Adding COMPOSE_FILE setting to .env" + echo "COMPOSE_FILE=docker-compose.yml:docker-compose.ports.yml" >> ./.env + fi + + echo ".env already exists with initial configuration" + echo "If you want to change the configuration, please edit .env directly" fi