a3x/mailserver
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

all working except database creation

Browse source
This commit is contained in:
Aeris 2018-11-21 05:55:19 +01:00
parent 6db9281d58
commit a59784e37e
7 changed files with 99 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -1 +1,2 @@
traefik/acme* traefik/acme*
deploy/vaultpass

2
deploy/deploy Normal file → Executable file
View file

@ -1 +1 @@
/usr/bin/env ansible-playbook --ask-become -i inventory playbook.yml --vault-password-file vaultpass "$@" /usr/bin/env ansible-playbook -i inventory playbook.yml --vault-password-file vaultpass "$@"

2
deploy/inventory Normal file
View file

@ -0,0 +1,2 @@
[servers]
club_secure

27
deploy/roles/mailserver/tasks/main.yml
View file

@ -1,4 +1,7 @@
--- ---
- include_vars: vault.yml
- name: Create project folder - name: Create project folder
file: file:
name: "{{ docker_project_folder }}/mailserver" name: "{{ docker_project_folder }}/mailserver"
@ -11,7 +14,7 @@
- name: Create nginx include folder - name: Create nginx include folder
file: file:
name: "{{ docker_data_folder }}/mailserver/nginx" name: "{{ docker_project_folder }}/mailserver/nginx"
state: directory state: directory
- name: Copy nginx config \#1 - name: Copy nginx config \#1
@ -27,22 +30,31 @@
- name: Copy smtp - name: Copy smtp
copy: copy:
src: smtp src: smtp
dest: "{{ docker_project_folder }}/mailserver/smtp" dest: "{{ docker_project_folder }}/mailserver"
- name: make start executable in traefik
shell: chmod +x "{{ docker_project_folder }}/mailserver/smtp/start.sh"
- name: Copy imap - name: Copy imap
copy: copy:
src: imap src: imap
dest: "{{ docker_project_folder }}/mailserver/imap" dest: "{{ docker_project_folder }}/mailserver"
- name: make start executable imap
shell: chmod +x "{{ docker_project_folder }}/mailserver/imap/start.sh"
- name: Copy spam - name: Copy spam
copy: copy:
src: spam src: spam
dest: "{{ docker_project_folder }}/mailserver/spam" dest: "{{ docker_project_folder }}/mailserver"
- name: make start executable in spam
shell: chmod +x "{{ docker_project_folder }}/mailserver/spam/start.sh"
- name: Copy traefik - name: Copy traefik
copy: copy:
src: traefik src: traefik
dest: "{{ docker_project_folder }}/mailserver/traefik" dest: "{{ docker_project_folder }}/mailserver"
- name: Copy mailman-conf - name: Copy mailman-conf
copy: copy:
@ -53,10 +65,11 @@
copy: copy:
src: docker-entrypoint.sh src: docker-entrypoint.sh
dest: "{{ docker_project_folder }}/mailserver/docker-entrypoint.sh" dest: "{{ docker_project_folder }}/mailserver/docker-entrypoint.sh"
mode: "+x"
- name: Copy docker-compose - name: Copy docker-compose
copy: template:
src: docker-compose.yml src: docker-compose.yml.j2
dest: "{{ docker_project_folder }}/mailserver/docker-compose.yml" dest: "{{ docker_project_folder }}/mailserver/docker-compose.yml"
- name: Start mailserver - name: Start mailserver

94
deploy/roles/mailserver/files/docker-compose.yml → deploy/roles/mailserver/templates/docker-compose.yml.j2
View file

@ -17,9 +17,15 @@ services:
volumes: volumes:
- ./smtp/main.cf:/etc/postfix/main.cf:ro - ./smtp/main.cf:/etc/postfix/main.cf:ro
- ./smtp/master.cf:/etc/postfix/master.cf:ro - ./smtp/master.cf:/etc/postfix/master.cf:ro
- /data/mailserver/mailman/data:/mailman - {{ docker_data_folder }}/mailserver/mailman/data:/mailman
- mails:/home/vmail - mails:/home/vmail
- certs:/certs - certs:/certs
environment:
- DATABASE_USER=mail
- DATABASE_PASSWORD={{ DB_PASSWORD }}
- DATABASE_NAME=postfix
- MYORIGIN={{ DOMAIN }}
- MYHOSTNAME=mail.{{ DOMAIN }}
labels: labels:
- "traefik.enable=false" - "traefik.enable=false"
@ -42,6 +48,11 @@ services:
volumes: volumes:
- mails:/home/vmail - mails:/home/vmail
- certs:/certs - certs:/certs
environment:
- "DATABASE_USER=mail"
- "DATABASE_PASSWORD={{ DB_PASSWORD }}"
- "DATABASE_NAME=postfix"
- "MAILDOMAIN=mail.{{ DOMAIN }}"
labels: labels:
- "traefik.enable=false" - "traefik.enable=false"
@ -52,10 +63,13 @@ services:
expose: expose:
- 11334 - 11334
volumes: volumes:
- spam:/data - spam:{{ docker_data_folder }}
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
environment:
- PASSWORD={{ WEB_PASSWORD }}
- PORT=11334
labels: labels:
- "traefik.frontend.rule=Host:spam.creditcards.bayern" - "traefik.frontend.rule=Host:spam.{{ DOMAIN }}"
- "traefik.port=11334" - "traefik.port=11334"
webmail: webmail:
@ -69,8 +83,18 @@ services:
links: links:
- imap:imap - imap:imap
- smtp:smtp - smtp:smtp
environment:
ROUNDCUBEMAIL_DEFAULT_HOST: imap
ROUNDCUBEMAIL_SMTP_SERVER: smtp
ROUNDCUBEMAIL_PLUGINS: archive,zipdownload,managesieve,password
ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE: 100M
ROUNDCUBEMAIL_DB_TYPE: mysql
ROUNDCUBEMAIL_DB_HOST: db
ROUNDCUBEMAIL_DB_USER: mail
ROUNDCUBEMAIL_DB_PASSWORD: {{ DB_PASSWORD }}
ROUNDCUBEMAIL_DB_NAME: postfix
labels: labels:
- "traefik.frontend.rule=Host:mail.creditcards.bayern" - "traefik.frontend.rule=Host:mail.{{ DOMAIN }}"
- "traefik.port=80" - "traefik.port=80"
admin: admin:
@ -83,16 +107,29 @@ services:
expose: expose:
- "8888" - "8888"
restart: always restart: always
environment:
DBTYPPE: mysql
DBHOST: db
DBUSER: mail
DBNAME: postfix
DBPASS: {{ DB_PASSWORD }}
SMTPHOST: smtp
DOMAIN: {{ DOMAIN }}
labels: labels:
- "traefik.frontend.rule=Host:admin.creditcards.bayern" - "traefik.frontend.rule=Host:admin.{{ DOMAIN }}"
- "traefik.port=8888" - "traefik.port=8888"
db: db:
container_name: mariadb container_name: mariadb
image: mariadb:10.3 image: mariadb:10.3
restart: always restart: always
environment:
MYSQL_ROOT_PASSWORD: {{ DB_ROOT_PASSWORD }}
MYSQL_DATABASES: "postfix mailman"
MYSQL_USER: mail
MYSQL_PASSWORD: {{ DB_PASSWORD }}
volumes: volumes:
- database:/var/lib/mysql - {{ docker_data_fodler }}:/var/lib/mysql
- ./docker-entrypoint.sh:/docker-entrypoint.sh - ./docker-entrypoint.sh:/docker-entrypoint.sh
labels: labels:
- "traefik.enable=false" - "traefik.enable=false"
@ -102,14 +139,19 @@ services:
container_name: mailman-core container_name: mailman-core
hostname: mailman-core hostname: mailman-core
volumes: volumes:
- /data/mailserver/mailman/core:/opt/mailman/ - {{ docker_data_folder }}/mailserver/mailman/core:/opt/mailman/
- ./mailman-extra.cfg:/opt/mailman/core/mailman-extra.cfg - ./mailman-extra.cfg:/opt/mailman/core/mailman-extra.cfg
links: links:
- db - db:db
- smtp - smtp:smtp
- imap - imap:imap
depends_on: depends_on:
- db - db
environment:
- DATABASE_URL=mysql://mail:{{ DB_PASSWORD }}@db/mailman
- DATABASE_TYPE=mysql
- DATABASE_CLASS=mailman.database.mysql.MySQLDatabase
- HYPERKITTY_API_KEY=someapikey
labels: labels:
- "traefik.enable=false" - "traefik.enable=false"
@ -126,9 +168,20 @@ services:
- mailman-core:mailman-core - mailman-core:mailman-core
- db:db - db:db
volumes: volumes:
- /data/mailserver/mailman/web:/opt/mailman-web-data - {{ docker_data_folder }}/mailserver/mailman/web:/opt/mailman-web-data
environment:
- DATABASE_URL=mysql://mail:{{ DB_PASSWORD }}@db/mailman
- DATABASE_TYPE=mysql
- HYPERKITTY_API_KEY=someapikey
- SECRET_KEY={{ WEB_PASSWORD }}
- DYLD_LIBRARY_PATH=/usr/local/mysql/lib/
- SERVE_FROM_DOMAIN=lists.{{ DOMAIN }}
- DJANGO_ALLOWED_HOSTS=mailman.{{ DOMAIN }}
- MAILMAN_ADMIN_USER=admin
- MAILMAN_ADMIN_EMAIL=a3x@eris.cc
- UWSGI_STATIC_MAP=/static=/opt/mailman-web-data/static
labels: labels:
#- "traefik.frontend.rule=Host:mailman.creditcards.bayern" #- "traefik.frontend.rule=Host:mailman.{{ DOMAIN }}"
#- "traefik.port=8000" #- "traefik.port=8000"
- "traefik.enable=false" - "traefik.enable=false"
@ -143,9 +196,9 @@ services:
- mailman-web:mailman-web - mailman-web:mailman-web
volumes: volumes:
- ./nginx/:/etc/nginx/conf.d/ - ./nginx/:/etc/nginx/conf.d/
- /data/mailserver/mailman/web:/opt/mailman/ - {{ docker_data_folder }}/mailserver/mailman/web:/opt/mailman/
labels: labels:
- "traefik.frontend.rule=Host:mailman.creditcards.bayern" - "traefik.frontend.rule=Host:mailman.{{ DOMAIN }}"
- "traefik.port=80" - "traefik.port=80"
@ -153,24 +206,24 @@ services:
traefik: traefik:
container_name: traefik container_name: traefik
image: traefik # The official Traefik docker image image: traefik
command: --api --docker # Enables the web UI and tells Traefik to listen to docker command: --api --docker # Enables the web UI and tells Traefik to listen to docker
restart: always restart: always
ports: ports:
- "80:80" # The HTTP port - "80:80"
- "443:443" - "443:443"
- "8080:8080" # The Web UI (enabled by --api) - "8080:8080"
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events - /var/run/docker.sock:/var/run/docker.sock
- ./traefik/:/etc/traefik - ./traefik/:/etc/traefik
labels: labels:
- "traefik.frontend.rule=Host:traefik.creditcards.bayern" - "traefik.frontend.rule=Host:traefik.{{ DOMAIN }}"
extractor: extractor:
container_name: extractor container_name: extractor
image: danielhuisman/traefik-certificate-extractor image: danielhuisman/traefik-certificate-extractor
volumes: volumes:
- /data/mailserver/traefik:/app/data - {{ docker_data_folder }}/mailserver/traefik:/app/data
- certs:/app/certs_flat - certs:/app/certs_flat
labels: labels:
- "traefik.enable=false" - "traefik.enable=false"
@ -178,7 +231,6 @@ services:
volumes: volumes:
database:
mails: mails:
certs: certs:
spam: spam:

2
deploy/roles/mailserver/templates/env.j2
View file

@ -9,7 +9,7 @@ MYHOSTNAME=mail.{{ DOMAIN }}
MAILDOMAIN=mail.{{ DOMAIN }} MAILDOMAIN=mail.{{ DOMAIN }}
#spam #spam
PORT=11334 PORT=11334
PASSWORD= {{ WEB_PASSWORD }} PASSWORD={{ WEB_PASSWORD }}
#roundcube #roundcube
ROUNDCUBEMAIL_DEFAULT_HOST=imap ROUNDCUBEMAIL_DEFAULT_HOST=imap
ROUNDCUBEMAIL_SMTP_SERVER=smtp ROUNDCUBEMAIL_SMTP_SERVER=smtp

2
deploy/roles/mailserver/vars/all.yml → deploy/roles/mailserver/vars/main.yml
View file

@ -1,7 +1,7 @@
--- ---
become_method: sudo become_method: sudo
ansible_ask_become_pass: yes ansible_ask_become_pass: yes
docker_data_folder: /data docker_data_folder: /data_ansible
docker_project_folder: /var/docker docker_project_folder: /var/docker
DOMAIN: creditcards.bayern DOMAIN: creditcards.bayern