all working except database creation
This commit is contained in:
parent
6db9281d58
commit
a59784e37e
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -1 +1,2 @@
|
||||||
traefik/acme*
|
traefik/acme*
|
||||||
|
deploy/vaultpass
|
||||||
|
|
2
deploy/deploy
Normal file → Executable file
2
deploy/deploy
Normal file → Executable file
|
@ -1 +1 @@
|
||||||
/usr/bin/env ansible-playbook --ask-become -i inventory playbook.yml --vault-password-file vaultpass "$@"
|
/usr/bin/env ansible-playbook -i inventory playbook.yml --vault-password-file vaultpass "$@"
|
||||||
|
|
2
deploy/inventory
Normal file
2
deploy/inventory
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
[servers]
|
||||||
|
club_secure
|
|
@ -1,4 +1,7 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
|
- include_vars: vault.yml
|
||||||
|
|
||||||
- name: Create project folder
|
- name: Create project folder
|
||||||
file:
|
file:
|
||||||
name: "{{ docker_project_folder }}/mailserver"
|
name: "{{ docker_project_folder }}/mailserver"
|
||||||
|
@ -11,7 +14,7 @@
|
||||||
|
|
||||||
- name: Create nginx include folder
|
- name: Create nginx include folder
|
||||||
file:
|
file:
|
||||||
name: "{{ docker_data_folder }}/mailserver/nginx"
|
name: "{{ docker_project_folder }}/mailserver/nginx"
|
||||||
state: directory
|
state: directory
|
||||||
|
|
||||||
- name: Copy nginx config \#1
|
- name: Copy nginx config \#1
|
||||||
|
@ -27,22 +30,31 @@
|
||||||
- name: Copy smtp
|
- name: Copy smtp
|
||||||
copy:
|
copy:
|
||||||
src: smtp
|
src: smtp
|
||||||
dest: "{{ docker_project_folder }}/mailserver/smtp"
|
dest: "{{ docker_project_folder }}/mailserver"
|
||||||
|
|
||||||
|
- name: make start executable in traefik
|
||||||
|
shell: chmod +x "{{ docker_project_folder }}/mailserver/smtp/start.sh"
|
||||||
|
|
||||||
- name: Copy imap
|
- name: Copy imap
|
||||||
copy:
|
copy:
|
||||||
src: imap
|
src: imap
|
||||||
dest: "{{ docker_project_folder }}/mailserver/imap"
|
dest: "{{ docker_project_folder }}/mailserver"
|
||||||
|
|
||||||
|
- name: make start executable imap
|
||||||
|
shell: chmod +x "{{ docker_project_folder }}/mailserver/imap/start.sh"
|
||||||
|
|
||||||
- name: Copy spam
|
- name: Copy spam
|
||||||
copy:
|
copy:
|
||||||
src: spam
|
src: spam
|
||||||
dest: "{{ docker_project_folder }}/mailserver/spam"
|
dest: "{{ docker_project_folder }}/mailserver"
|
||||||
|
|
||||||
|
- name: make start executable in spam
|
||||||
|
shell: chmod +x "{{ docker_project_folder }}/mailserver/spam/start.sh"
|
||||||
|
|
||||||
- name: Copy traefik
|
- name: Copy traefik
|
||||||
copy:
|
copy:
|
||||||
src: traefik
|
src: traefik
|
||||||
dest: "{{ docker_project_folder }}/mailserver/traefik"
|
dest: "{{ docker_project_folder }}/mailserver"
|
||||||
|
|
||||||
- name: Copy mailman-conf
|
- name: Copy mailman-conf
|
||||||
copy:
|
copy:
|
||||||
|
@ -53,10 +65,11 @@
|
||||||
copy:
|
copy:
|
||||||
src: docker-entrypoint.sh
|
src: docker-entrypoint.sh
|
||||||
dest: "{{ docker_project_folder }}/mailserver/docker-entrypoint.sh"
|
dest: "{{ docker_project_folder }}/mailserver/docker-entrypoint.sh"
|
||||||
|
mode: "+x"
|
||||||
|
|
||||||
- name: Copy docker-compose
|
- name: Copy docker-compose
|
||||||
copy:
|
template:
|
||||||
src: docker-compose.yml
|
src: docker-compose.yml.j2
|
||||||
dest: "{{ docker_project_folder }}/mailserver/docker-compose.yml"
|
dest: "{{ docker_project_folder }}/mailserver/docker-compose.yml"
|
||||||
|
|
||||||
- name: Start mailserver
|
- name: Start mailserver
|
||||||
|
|
|
@ -17,9 +17,15 @@ services:
|
||||||
volumes:
|
volumes:
|
||||||
- ./smtp/main.cf:/etc/postfix/main.cf:ro
|
- ./smtp/main.cf:/etc/postfix/main.cf:ro
|
||||||
- ./smtp/master.cf:/etc/postfix/master.cf:ro
|
- ./smtp/master.cf:/etc/postfix/master.cf:ro
|
||||||
- /data/mailserver/mailman/data:/mailman
|
- {{ docker_data_folder }}/mailserver/mailman/data:/mailman
|
||||||
- mails:/home/vmail
|
- mails:/home/vmail
|
||||||
- certs:/certs
|
- certs:/certs
|
||||||
|
environment:
|
||||||
|
- DATABASE_USER=mail
|
||||||
|
- DATABASE_PASSWORD={{ DB_PASSWORD }}
|
||||||
|
- DATABASE_NAME=postfix
|
||||||
|
- MYORIGIN={{ DOMAIN }}
|
||||||
|
- MYHOSTNAME=mail.{{ DOMAIN }}
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=false"
|
- "traefik.enable=false"
|
||||||
|
|
||||||
|
@ -42,6 +48,11 @@ services:
|
||||||
volumes:
|
volumes:
|
||||||
- mails:/home/vmail
|
- mails:/home/vmail
|
||||||
- certs:/certs
|
- certs:/certs
|
||||||
|
environment:
|
||||||
|
- "DATABASE_USER=mail"
|
||||||
|
- "DATABASE_PASSWORD={{ DB_PASSWORD }}"
|
||||||
|
- "DATABASE_NAME=postfix"
|
||||||
|
- "MAILDOMAIN=mail.{{ DOMAIN }}"
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=false"
|
- "traefik.enable=false"
|
||||||
|
|
||||||
|
@ -52,10 +63,13 @@ services:
|
||||||
expose:
|
expose:
|
||||||
- 11334
|
- 11334
|
||||||
volumes:
|
volumes:
|
||||||
- spam:/data
|
- spam:{{ docker_data_folder }}
|
||||||
- /etc/localtime:/etc/localtime:ro
|
- /etc/localtime:/etc/localtime:ro
|
||||||
|
environment:
|
||||||
|
- PASSWORD={{ WEB_PASSWORD }}
|
||||||
|
- PORT=11334
|
||||||
labels:
|
labels:
|
||||||
- "traefik.frontend.rule=Host:spam.creditcards.bayern"
|
- "traefik.frontend.rule=Host:spam.{{ DOMAIN }}"
|
||||||
- "traefik.port=11334"
|
- "traefik.port=11334"
|
||||||
|
|
||||||
webmail:
|
webmail:
|
||||||
|
@ -69,8 +83,18 @@ services:
|
||||||
links:
|
links:
|
||||||
- imap:imap
|
- imap:imap
|
||||||
- smtp:smtp
|
- smtp:smtp
|
||||||
|
environment:
|
||||||
|
ROUNDCUBEMAIL_DEFAULT_HOST: imap
|
||||||
|
ROUNDCUBEMAIL_SMTP_SERVER: smtp
|
||||||
|
ROUNDCUBEMAIL_PLUGINS: archive,zipdownload,managesieve,password
|
||||||
|
ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE: 100M
|
||||||
|
ROUNDCUBEMAIL_DB_TYPE: mysql
|
||||||
|
ROUNDCUBEMAIL_DB_HOST: db
|
||||||
|
ROUNDCUBEMAIL_DB_USER: mail
|
||||||
|
ROUNDCUBEMAIL_DB_PASSWORD: {{ DB_PASSWORD }}
|
||||||
|
ROUNDCUBEMAIL_DB_NAME: postfix
|
||||||
labels:
|
labels:
|
||||||
- "traefik.frontend.rule=Host:mail.creditcards.bayern"
|
- "traefik.frontend.rule=Host:mail.{{ DOMAIN }}"
|
||||||
- "traefik.port=80"
|
- "traefik.port=80"
|
||||||
|
|
||||||
admin:
|
admin:
|
||||||
|
@ -83,16 +107,29 @@ services:
|
||||||
expose:
|
expose:
|
||||||
- "8888"
|
- "8888"
|
||||||
restart: always
|
restart: always
|
||||||
|
environment:
|
||||||
|
DBTYPPE: mysql
|
||||||
|
DBHOST: db
|
||||||
|
DBUSER: mail
|
||||||
|
DBNAME: postfix
|
||||||
|
DBPASS: {{ DB_PASSWORD }}
|
||||||
|
SMTPHOST: smtp
|
||||||
|
DOMAIN: {{ DOMAIN }}
|
||||||
labels:
|
labels:
|
||||||
- "traefik.frontend.rule=Host:admin.creditcards.bayern"
|
- "traefik.frontend.rule=Host:admin.{{ DOMAIN }}"
|
||||||
- "traefik.port=8888"
|
- "traefik.port=8888"
|
||||||
|
|
||||||
db:
|
db:
|
||||||
container_name: mariadb
|
container_name: mariadb
|
||||||
image: mariadb:10.3
|
image: mariadb:10.3
|
||||||
restart: always
|
restart: always
|
||||||
|
environment:
|
||||||
|
MYSQL_ROOT_PASSWORD: {{ DB_ROOT_PASSWORD }}
|
||||||
|
MYSQL_DATABASES: "postfix mailman"
|
||||||
|
MYSQL_USER: mail
|
||||||
|
MYSQL_PASSWORD: {{ DB_PASSWORD }}
|
||||||
volumes:
|
volumes:
|
||||||
- database:/var/lib/mysql
|
- {{ docker_data_fodler }}:/var/lib/mysql
|
||||||
- ./docker-entrypoint.sh:/docker-entrypoint.sh
|
- ./docker-entrypoint.sh:/docker-entrypoint.sh
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=false"
|
- "traefik.enable=false"
|
||||||
|
@ -102,14 +139,19 @@ services:
|
||||||
container_name: mailman-core
|
container_name: mailman-core
|
||||||
hostname: mailman-core
|
hostname: mailman-core
|
||||||
volumes:
|
volumes:
|
||||||
- /data/mailserver/mailman/core:/opt/mailman/
|
- {{ docker_data_folder }}/mailserver/mailman/core:/opt/mailman/
|
||||||
- ./mailman-extra.cfg:/opt/mailman/core/mailman-extra.cfg
|
- ./mailman-extra.cfg:/opt/mailman/core/mailman-extra.cfg
|
||||||
links:
|
links:
|
||||||
- db
|
- db:db
|
||||||
- smtp
|
- smtp:smtp
|
||||||
- imap
|
- imap:imap
|
||||||
depends_on:
|
depends_on:
|
||||||
- db
|
- db
|
||||||
|
environment:
|
||||||
|
- DATABASE_URL=mysql://mail:{{ DB_PASSWORD }}@db/mailman
|
||||||
|
- DATABASE_TYPE=mysql
|
||||||
|
- DATABASE_CLASS=mailman.database.mysql.MySQLDatabase
|
||||||
|
- HYPERKITTY_API_KEY=someapikey
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=false"
|
- "traefik.enable=false"
|
||||||
|
|
||||||
|
@ -126,9 +168,20 @@ services:
|
||||||
- mailman-core:mailman-core
|
- mailman-core:mailman-core
|
||||||
- db:db
|
- db:db
|
||||||
volumes:
|
volumes:
|
||||||
- /data/mailserver/mailman/web:/opt/mailman-web-data
|
- {{ docker_data_folder }}/mailserver/mailman/web:/opt/mailman-web-data
|
||||||
|
environment:
|
||||||
|
- DATABASE_URL=mysql://mail:{{ DB_PASSWORD }}@db/mailman
|
||||||
|
- DATABASE_TYPE=mysql
|
||||||
|
- HYPERKITTY_API_KEY=someapikey
|
||||||
|
- SECRET_KEY={{ WEB_PASSWORD }}
|
||||||
|
- DYLD_LIBRARY_PATH=/usr/local/mysql/lib/
|
||||||
|
- SERVE_FROM_DOMAIN=lists.{{ DOMAIN }}
|
||||||
|
- DJANGO_ALLOWED_HOSTS=mailman.{{ DOMAIN }}
|
||||||
|
- MAILMAN_ADMIN_USER=admin
|
||||||
|
- MAILMAN_ADMIN_EMAIL=a3x@eris.cc
|
||||||
|
- UWSGI_STATIC_MAP=/static=/opt/mailman-web-data/static
|
||||||
labels:
|
labels:
|
||||||
#- "traefik.frontend.rule=Host:mailman.creditcards.bayern"
|
#- "traefik.frontend.rule=Host:mailman.{{ DOMAIN }}"
|
||||||
#- "traefik.port=8000"
|
#- "traefik.port=8000"
|
||||||
- "traefik.enable=false"
|
- "traefik.enable=false"
|
||||||
|
|
||||||
|
@ -143,9 +196,9 @@ services:
|
||||||
- mailman-web:mailman-web
|
- mailman-web:mailman-web
|
||||||
volumes:
|
volumes:
|
||||||
- ./nginx/:/etc/nginx/conf.d/
|
- ./nginx/:/etc/nginx/conf.d/
|
||||||
- /data/mailserver/mailman/web:/opt/mailman/
|
- {{ docker_data_folder }}/mailserver/mailman/web:/opt/mailman/
|
||||||
labels:
|
labels:
|
||||||
- "traefik.frontend.rule=Host:mailman.creditcards.bayern"
|
- "traefik.frontend.rule=Host:mailman.{{ DOMAIN }}"
|
||||||
- "traefik.port=80"
|
- "traefik.port=80"
|
||||||
|
|
||||||
|
|
||||||
|
@ -153,24 +206,24 @@ services:
|
||||||
|
|
||||||
traefik:
|
traefik:
|
||||||
container_name: traefik
|
container_name: traefik
|
||||||
image: traefik # The official Traefik docker image
|
image: traefik
|
||||||
command: --api --docker # Enables the web UI and tells Traefik to listen to docker
|
command: --api --docker # Enables the web UI and tells Traefik to listen to docker
|
||||||
restart: always
|
restart: always
|
||||||
ports:
|
ports:
|
||||||
- "80:80" # The HTTP port
|
- "80:80"
|
||||||
- "443:443"
|
- "443:443"
|
||||||
- "8080:8080" # The Web UI (enabled by --api)
|
- "8080:8080"
|
||||||
volumes:
|
volumes:
|
||||||
- /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
- ./traefik/:/etc/traefik
|
- ./traefik/:/etc/traefik
|
||||||
labels:
|
labels:
|
||||||
- "traefik.frontend.rule=Host:traefik.creditcards.bayern"
|
- "traefik.frontend.rule=Host:traefik.{{ DOMAIN }}"
|
||||||
|
|
||||||
extractor:
|
extractor:
|
||||||
container_name: extractor
|
container_name: extractor
|
||||||
image: danielhuisman/traefik-certificate-extractor
|
image: danielhuisman/traefik-certificate-extractor
|
||||||
volumes:
|
volumes:
|
||||||
- /data/mailserver/traefik:/app/data
|
- {{ docker_data_folder }}/mailserver/traefik:/app/data
|
||||||
- certs:/app/certs_flat
|
- certs:/app/certs_flat
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=false"
|
- "traefik.enable=false"
|
||||||
|
@ -178,7 +231,6 @@ services:
|
||||||
|
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
database:
|
|
||||||
mails:
|
mails:
|
||||||
certs:
|
certs:
|
||||||
spam:
|
spam:
|
|
@ -1,7 +1,7 @@
|
||||||
---
|
---
|
||||||
become_method: sudo
|
become_method: sudo
|
||||||
ansible_ask_become_pass: yes
|
ansible_ask_become_pass: yes
|
||||||
docker_data_folder: /data
|
docker_data_folder: /data_ansible
|
||||||
docker_project_folder: /var/docker
|
docker_project_folder: /var/docker
|
||||||
DOMAIN: creditcards.bayern
|
DOMAIN: creditcards.bayern
|
||||||
|
|
Loading…
Reference in a new issue