version: "3" services: web: build: caddy/ #image: abiosoft/caddy:0.10.4 container_name: web restart: always privileged: true links: - kwebapp #- kzpush ports: - "2015:2015" - "${HTTP}:80" - "${HTTPS}:443" volumes: - /var/run/docker.sock:/var/run/docker.sock - ./data/web:/root/.caddy networks: - web ldap: build: ldap/ #image: osixia/openldap:1.2.2 container_name: ldap ports: - 389:389 environment: - LDAP_ORGANISATION=${LDAP_ORGANISATION} - LDAP_DOMAIN=${LDAP_DOMAIN} - LDAP_BASE_DN=${LDAP_BASE_DN} - LDAP_ADMIN_PASSWORD=${LDAP_ADMIN_PASSWORD} - LDAP_READONLY_USER=true - LDAP_READONLY_USER_PASSWORD=${LDAP_READONLY_USER_PASSWORD} command: "--loglevel debug --copy-service" volumes: - ./data/ldap/var/lib/ldap:/var/lib/ldap - ./data/ldap/etc/ldap/slapd.d:/etc/ldap/slapd.d networks: - kopanonet ldap-admin: image: osixia/phpldapadmin:0.7.2 container_name: ldap-admin depends_on: - ldap environment: - PHPLDAPADMIN_LDAP_HOSTS=ldap - PHPLDAPADMIN_HTTPS=false - CADDY_HOST=${LDAP_HOST} - CADDY_PORT=80 - CADDY_PROXY_PARAMS=transparent - CADDY_TLS_SELFSIGNED command: -l debug links: - ldap networks: - web mail: image: tvial/docker-mailserver:release-v6.1.0 restart: always hostname: mail domainname: ${LDAP_DOMAIN} container_name: mail depends_on: - ldap links: - ldap ports: - "25:25" volumes: - ./data/mail/data:/var/mail - ./data/mail/state:/var/mail-state - ./data/mtaconfig:/tmp/docker-mailserver/ environment: - TZ=${TZ} - ENABLE_SPAMASSASSIN=1 - ENABLE_CLAMAV=1 - ENABLE_FAIL2BAN=1 - ENABLE_POSTGREY=1 - ONE_DIR=1 - DMS_DEBUG=0 - SSL_TYPE=self-signed - ENABLE_LDAP=1 - LDAP_SERVER_HOST=${LDAP_SERVER} - LDAP_SEARCH_BASE=${LDAP_SEARCH_BASE} - LDAP_BIND_DN=${LDAP_BIND_DN} - LDAP_BIND_PW=${LDAP_BIND_PW} - LDAP_QUERY_FILTER_USER=${LDAP_QUERY_FILTER_USER} - LDAP_QUERY_FILTER_GROUP=${LDAP_QUERY_FILTER_GROUP} - LDAP_QUERY_FILTER_ALIAS=${LDAP_QUERY_FILTER_ALIAS} - LDAP_QUERY_FILTER_DOMAIN=${LDAP_QUERY_FILTER_DOMAIN} - ENABLE_SASLAUTHD=1 - SASLAUTHD_LDAP_SERVER=${LDAP_SERVER} - SASLAUTHD_LDAP_BIND_DN=${LDAP_BIND_DN} - SASLAUTHD_LDAP_PASSWORD=${LDAP_BIND_PW} - SASLAUTHD_LDAP_SEARCH_BASE=${LDAP_SEARCH_BASE} - SASLAUTHD_LDAP_FILTER=${SASLAUTHD_LDAP_FILTER} - SASLAUTHD_MECHANISMS=ldap - POSTMASTER_ADDRESS=${POSTMASTER_ADDRESS} - SMTP_ONLY=1 - PERMIT_DOCKER=host - ENABLE_POSTFIX_VIRTUAL_TRANSPORT=1 - POSTFIX_DAGENT=lmtp:kdagent:2003 - REPORT_RECIPIENT=1 networks: - kopanonet cap_add: - NET_ADMIN - SYS_PTRACE db: image: mariadb:10.3.10-bionic restart: always container_name: kopano_db volumes: - ./data/mysql/:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} - MYSQL_USER=${MYSQL_USER} - MYSQL_PASSWORD=${MYSQL_PASSWORD} - MYSQL_DATABASE=${MYSQL_DATABASE} healthcheck: test: ["CMD-SHELL", 'mysql --database=$$MYSQL_DATABASE --password=$$MYSQL_ROOT_PASSWORD --execute="SELECT count(table_name) > 0 FROM information_schema.tables;" --skip-column-names -B'] interval: 30s timeout: 10s retries: 4 networks: - kopanonet kssl: image: ${docker_repo:?err}/kopano_ssl container_name: kopano_ssl volumes: - ./data/ssl/:/kopano/ssl kserver: image: ${docker_repo}/kopano_core:${CORE_VERSION} hostname: kserver container_name: kopano_server links: - db - ldap depends_on: - db - ldap - kssl environment: - SERVICE_TO_START=server - TZ=${TZ} - KCCONF_SERVER_COREDUMP_ENABLED=no - KCCONF_SERVER_LOG_LEVEL=4 - KCCONF_SERVER_MYSQL_HOST=${MYSQL_HOST} - KCCONF_SERVER_MYSQL_PORT=3306 - KCCONF_SERVER_MYSQL_DATABASE=${MYSQL_DATABASE} - KCCONF_SERVER_MYSQL_USER=${MYSQL_USER} - KCCONF_SERVER_MYSQL_PASSWORD=${MYSQL_PASSWORD} - KCCONF_SERVER_SERVER_SSL_KEY_FILE=/kopano/ssl/kserver.pem - KCCONF_SERVER_SERVER_SSL_CA_FILE=/kopano/ssl/ca.pem - KCCONF_SERVER_SERVER_NAME=Kopano - KCCONF_SERVER_SSLKEYS_PATH=/kopano/ssl/clients - KCCONF_SERVER_PROXY_HEADER=* # delete line if webapp is not behind reverse proxy - KCCONF_SERVER_SYSTEM_EMAIL_ADDRESS=${POSTMASTER_ADDRESS} - KCCONF_LDAP_LDAP_URI=${LDAP_SERVER} - KCCONF_LDAP_LDAP_BIND_USER=${LDAP_BIND_DN} - KCCONF_LDAP_LDAP_BIND_PASSWD=${LDAP_BIND_PW} - KCCONF_LDAP_LDAP_SEARCH_BASE=${LDAP_SEARCH_BASE} - KCUNCOMMENT_LDAP_1=${KCUNCOMMENT_LDAP_1} - KCCOMMENT_LDAP_1=${KCCOMMENT_LDAP_1} #- ADDITIONAL_KOPANO_PACKAGES=kopano-migration-imap networks: - kopanonet volumes: - ./data/kopano/:/kopano/data - ./data/ssl/:/kopano/ssl - ./data/socket/:/run/kopano kwebapp: image: ${docker_repo:?err}/kopano_webapp:${WEBAPP_VERSION} hostname: kwebapp container_name: kopano_webapp links: - kserver volumes: - ./data/z-push-states/:/var/lib/z-push/ - ./data/ssl/:/kopano/ssl - ./data/socket/:/run/kopano environment: - TZ=${TZ} - CADDY_HOST=${WEBAPP_HOST} - CADDY_PROXY_PARAMS=transparent - CADDY_TLS_SELFSIGNED networks: - web - kopanonet kdagent: image: ${docker_repo:?err}/kopano_core:${CORE_VERSION} container_name: kopano_dagent links: - kserver volumes: - ./data/ssl/:/kopano/ssl - ./data/socket/:/run/kopano environment: - SERVICE_TO_START=dagent - TZ=${TZ} - KCCONF_DAGENT_LOG_LEVEL=6 - KCCONF_DAGENT_SSLKEY_FILE=/kopano/ssl/kdagent.pem networks: - kopanonet kspooler: image: ${docker_repo:?err}/kopano_core:${CORE_VERSION} container_name: kopano_spooler hostname: spooler domainname: ${LDAP_DOMAIN} links: - kserver volumes: - ./data/ssl/:/kopano/ssl - ./data/socket/:/run/kopano environment: - SERVICE_TO_START=spooler - TZ=${TZ} - KCCONF_SPOOLER_LOG_LEVEL=4 - KCCONF_SPOOLER_SMTP_SERVER=mail - KCCONF_SPOOLER_SSLKEY_FILE=/kopano/ssl/kspooler.pem networks: - kopanonet kgateway: image: ${docker_repo:?err}/kopano_core:${CORE_VERSION} container_name: kopano_gateway links: - kserver volumes: - ./data/ssl/:/kopano/ssl - ./data/socket/:/run/kopano environment: - SERVICE_TO_START=gateway - TZ=${TZ} - KCCONF_GATEWAY_SERVER_SOCKET=http://kserver:236/ - KCCONF_GATEWAY_SSL_PRIVATE_KEY_FILE=/kopano/certs/yourcert.key # change here - KCCONF_GATEWAY_SSL_CERTIFICATE_FILE=/kopano/certs/yourcert.pem # change here networks: - kopanonet kical: image: ${docker_repo:?err}/kopano_core:${CORE_VERSION} container_name: kopano_ical links: - kserver volumes: - ./data/ssl/:/kopano/ssl - ./data/socket/:/run/kopano environment: - SERVICE_TO_START=ical - TZ=${TZ} - KCCONF_ICAL_SERVER_SOCKET=http://kserver:236/ networks: - kopanonet kmonitor: image: ${docker_repo:?err}/kopano_core:${CORE_VERSION} container_name: kopano_monitor links: - kserver volumes: - ./data/ssl/:/kopano/ssl - ./data/socket/:/run/kopano environment: - SERVICE_TO_START=monitor - TZ=${TZ} networks: - kopanonet ksearch: image: ${docker_repo:?err}/kopano_core:${CORE_VERSION} container_name: kopano_search links: - kserver volumes: - ./data/ssl/:/kopano/ssl - ./data/socket/:/run/kopano environment: - SERVICE_TO_START=search - TZ=${TZ} networks: - kopanonet networks: web: kopanonet: driver: bridge