[英]Mail server docker with certbot
我拉https://github.com/tomav/docker-mailserver來設置郵件服務器。 我想添加讓我們加密支持,所以我也拉https://hub.docker.com/r/certbot/certbot/~/dockerfile/
我用這個2容器做一個Docker compose文件:
version: '2'
services:
nginx:
image: pixelfordinner/nginx
container_name: pixelcloud-nginx_proxy-nginx
restart: always
ports:
- "80:80"
- "443:443"
volumes:
- "./volumes/conf.d:/etc/nginx/conf.d:ro"
- "./volumes/vhost.d:/etc/nginx/vhost.d:ro"
- "./volumes/certs:/etc/nginx/certs:ro"
- "/usr/share/nginx/html"
nginx-proxy:
image: jwilder/docker-gen
container_name: nginx-proxy
depends_on:
- nginx
volumes_from:
- nginx
volumes:
- "/var/run/docker.sock:/tmp/docker.sock:ro"
- "./data/templates:/etc/docker-gen/templates:ro"
- "./volumes/conf.d:/etc/nginx/conf.d:rw"
entrypoint: /usr/local/bin/docker-gen -notify-sighup pixelcloud-nginx_proxy-nginx -watch -wait 5s:30s /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
letsencrypt-nginx-proxy:
restart: always
image: jrcs/letsencrypt-nginx-proxy-companion
container_name: ssl
depends_on:
- nginx
- nginx-proxy
volumes_from:
- nginx
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./volumes/vhost.d:/etc/nginx/vhost.d:rw"
- "./volumes/certs:/etc/nginx/certs:rw"
environment:
- "NGINX_DOCKER_GEN_CONTAINER=nginx-proxy"
mail:
image: tvial/docker-mailserver:2.1
hostname: mail
domainname: example.com
container_name: mail
ports:
- "25:25"
- "143:143"
- "587:587"
- "993:993"
volumes:
- maildata:/var/mail
- mailstate:/var/mail-state
- ./config/:/tmp/docker-mailserver/
- "$PWD/etc/:/etc/letsencrypt/"
- "$PWD/log/:/var/log/letsencrypt/"
environment:
- ENABLE_SPAMASSASSIN=1
- ENABLE_CLAMAV=1
- ENABLE_FAIL2BAN=1
- ENABLE_POSTGREY=1
- ONE_DIR=1
- DMS_DEBUG=0
- SSL_TYPE=letsencrypt
cap_add:
- NET_ADMIN
certbot:
image: certbot/certbot
container_name: certbot
command: certbot certonly --standalone -d mail.example.com
ports:
- "8083:80"
- "4432:443"
volumes:
- /etc/letsencrypt:/etc/letsencrypt
- /var/lib/letsencrypt:/var/lib/letsencrypt
但是certbot不會創建任何證書。 使用443端口的Nginx和certbot容器之間存在沖突。
如果我將443端口用於certbot,則無法訪問我的域,因此certbot域驗證失敗。 如果我將443用於nginx,則certbot無法正常工作。 我不知道該怎么辦...
讓我們加密(certbot)需要現有的tld,該tld可通過端口80訪問以實際執行操作。 您需要創建一些真實的域,例如dev.existingdomain.com,然后使用它。
https://typo3worx.eu/2016/11/lets-encrypt-on-localhost/
對於本地環境,您通常使用自簽名證書...
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.