updated mail container to use fail2ban again, added notes, reduced logs, also using correct/newer image location
This commit is contained in:
@@ -109,8 +109,21 @@ services:
|
|||||||
# devices:
|
# devices:
|
||||||
# - /dev/dri:/dev/dri
|
# - /dev/dri:/dev/dri
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# fail2ban is a bit jumpy from memory, so I've added a whitelist
|
||||||
|
# but its not going to survive a pull... and it seems if I mount
|
||||||
|
# the docker container before its initialised it ends up empty
|
||||||
|
# (timing?) so I have done this by hand
|
||||||
|
# for now, until I work out a solution:
|
||||||
|
## sudo docker exec -it mail bash
|
||||||
|
## root@mail:/etc/fail2ban/jail.d# cat > whitelist.conf
|
||||||
|
## [DEFAULT]
|
||||||
|
## ignoreip = 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
|
||||||
|
# sudo docker-compose restart mail
|
||||||
|
#
|
||||||
mail:
|
mail:
|
||||||
image: tvial/docker-mailserver:latest
|
image: docker.io/mailserver/docker-mailserver:latest
|
||||||
hostname: mail
|
hostname: mail
|
||||||
domainname: depaoli.id.au
|
domainname: depaoli.id.au
|
||||||
container_name: mail
|
container_name: mail
|
||||||
@@ -126,15 +139,20 @@ services:
|
|||||||
- /srv/docker/container/mail/log:/var/log/mail
|
- /srv/docker/container/mail/log:/var/log/mail
|
||||||
- /srv/docker/container/mail/config/:/tmp/docker-mailserver/
|
- /srv/docker/container/mail/config/:/tmp/docker-mailserver/
|
||||||
- /srv/docker/container/letsencrypt/etc:/etc/letsencrypt
|
- /srv/docker/container/letsencrypt/etc:/etc/letsencrypt
|
||||||
|
# - /srv/docker/container/mail/fail2ban/etc:/etc/fail2ban
|
||||||
- /etc/localtime:/etc/localtime:ro
|
- /etc/localtime:/etc/localtime:ro
|
||||||
environment:
|
environment:
|
||||||
- ENABLE_SPAMASSASSIN=1
|
- ENABLE_SPAMASSASSIN=1
|
||||||
- ENABLE_CLAMAV=1
|
- ENABLE_CLAMAV=1
|
||||||
- ENABLE_FAIL2BAN=0
|
- ENABLE_FAIL2BAN=1
|
||||||
- ENABLE_POSTGREY=0
|
- ENABLE_POSTGREY=0
|
||||||
- SPOOF_PROTECTION=1
|
- SPOOF_PROTECTION=1
|
||||||
- ONE_DIR=1
|
- ONE_DIR=1
|
||||||
- DMS_DEBUG=0
|
- DMS_DEBUG=0
|
||||||
|
- AMAVIS_LOGLEVEL=-1
|
||||||
|
# in theory these next 2 being empty disables them, but that does not seem to work
|
||||||
|
- ENABLE_POP3
|
||||||
|
- ENABLE_MANAGESIEVE
|
||||||
- ENABLE_LDAP=1
|
- ENABLE_LDAP=1
|
||||||
- LDAP_SERVER_HOST=openldap # your ldap container/IP/ServerName
|
- LDAP_SERVER_HOST=openldap # your ldap container/IP/ServerName
|
||||||
- LDAP_SEARCH_BASE=dc=depaoli,dc=id,dc=au
|
- LDAP_SEARCH_BASE=dc=depaoli,dc=id,dc=au
|
||||||
@@ -167,12 +185,12 @@ services:
|
|||||||
labels:
|
labels:
|
||||||
- "com.centurylinklabs.watchtower.enable=true"
|
- "com.centurylinklabs.watchtower.enable=true"
|
||||||
environment:
|
environment:
|
||||||
LDAP_LOG_LEVEL: "256"
|
LDAP_LOG_LEVEL: "32768"
|
||||||
LDAP_ORGANISATION: "Depaoli home ldap"
|
LDAP_ORGANISATION: "Depaoli home ldap"
|
||||||
LDAP_DOMAIN: "depaoli.id.au"
|
LDAP_DOMAIN: "depaoli.id.au"
|
||||||
LDAP_BASE_DN: ""
|
LDAP_BASE_DN: ""
|
||||||
LDAP_ADMIN_PASSWORD: "a_real_admin_pass_word_for_2o20"
|
LDAP_ADMIN_PASSWORD: "a_real_admin_pass_word_for_2o20"
|
||||||
LDAP_CONFIG_PASSWORD: "config"
|
LDAP_CONFIG_PASSWORD: "in_2021_yet_another_real_pwd_for_adm"
|
||||||
LDAP_READONLY_USER: "false"
|
LDAP_READONLY_USER: "false"
|
||||||
LDAP_RFC2307BIS_SCHEMA: "false"
|
LDAP_RFC2307BIS_SCHEMA: "false"
|
||||||
LDAP_BACKEND: "mdb"
|
LDAP_BACKEND: "mdb"
|
||||||
|
|||||||
Reference in New Issue
Block a user