Move dkim data, vmail and dbs to volumes, changed README

README.md

@@ -5,32 +5,34 @@ Dovecot, Memcached, Redis, MariaDB, PowerDNS Recursor, PHP-FPM, Postfix, Nginx,
 
 All configurations were written with security in mind.
 
-### Exposed ports:
-
-| Name              | Service      | Hostname, Alias                | External bindings                            | Internal bindings              |
-|:------------------|:-------------|:-------------------------------|:---------------------------------------------|:-------------------------------|
-| postfix-mailcow   | Postfix      | ${MAILCOW_HOSTNAME}, postfix   | 25/tcp, 465/tcp, 587/tcp                     | 588/tcp                        |
-| dovecot-mailcow   | Dovecot      | ${MAILCOW_HOSTNAME}, dovecot   | 110/tcp, 143/tcp, 993/tcp, 995/tcp, 4190/tcp | 24/tcp, 10001/tcp              |
-| nginx-mailcow     | Nginx        | nginx                          | 443/tcp                                      | 80/tcp, 8081/tcp               |
-| pdns-mailcow      | PowerDNS     | pdns                           | -                                            | 53/udp                         |
-| rspamd-mailcow    | Rspamd       | rspamd                         | -                                            | 11333/tcp, 11334/tcp           |
-| mariadb-mailcow   | MariaDB      | mysql                          | -                                            | 3306/tcp                       |
-| rmilter-mailcow   | Rmilter      | rmilter                        | -                                            | 9000/tcp                       |
-| phpfpm-mailcow    | PHP FPM      | phpfpm                         | -                                            | 9000/tcp                       |
-| sogo-mailcow      | SOGo         | sogo                           | -                                            | 9000/tcp                       |
-| redis-mailcow     | Redis        | redis                          | -                                            | 6379/tcp                       |
-| memcached-mailcow | Memcached    | memcached                      | -                                            | 11211/tcp                      |
+### Containers and volumes
+
+| Type      | Object name       | Network names                | External binding                             | Internal binding     | Volumes                                                                                                                                                                          |
+|-----------|-------------------|------------------------------|----------------------------------------------|----------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| Container | postfix-mailcow   | ${MAILCOW_HOSTNAME}, postfix | 25/tcp, 465/tcp, 587/tcp                     | 588/tcp              | ./data/conf/postfix:/opt/postfix/conf, ./data/assets/ssl:/etc/ssl/mail/:ro                                                                                                       |
+| Container | dovecot-mailcow   | ${MAILCOW_HOSTNAME}, dovecot | 110/tcp, 143/tcp, 993/tcp, 995/tcp, 4190/tcp | 24/tcp, 10001/tcp    | vmail-vol-1:/var/vmail, ./data/conf/dovecot:/etc/dovecot, ./data/assets/ssl:/etc/ssl/mail/:ro                                                                                    |
+| Container | nginx-mailcow     | nginx                        | 443/tcp                                      | 80/tcp, 8081/tcp     | Mounts from sogo-mailcow, ./data/web:/web:ro, ./data/conf/rspamd/dynmaps:/dynmaps:ro, ./data/assets/ssl/:/etc/ssl/mail/:ro, ./data/conf/nginx/:/etc/nginx/conf.d/:ro             |
+| Container | pdns-mailcow      | pdns                         | -                                            | 53/udp               | ./data/conf/pdns/:/etc/powerdns/                                                                                                                                                 |
+| Container | rspamd-mailcow    | rspamd                       | -                                            | 11333/tcp, 11334/tcp | dkim-vol-1:/data/dkim, ./data/conf/rspamd/override.d/:/etc/rspamd/override.d:ro, ./data/conf/rspamd/local.d/:/etc/rspamd/local.d:ro, ./data/conf/rspamd/lua/:/etc/rspamd/lua/:ro |
+| Container | mariadb-mailcow   | mysql                        | -                                            | 3306/tcp             | mysql-vol-1:/var/lib/mysql/, ./data/conf/mysql/:/etc/mysql/conf.d/:ro                                                                                                            |
+| Container | rmilter-mailcow   | rmilter                      | -                                            | 9000/tcp             | ./data/conf/rmilter/:/etc/rmilter.conf.d/:ro                                                                                                                                     |
+| Container | phpfpm-mailcow    | phpfpm                       | -                                            | 9000/tcp             | dkim-vol-1:/data/dkim, ./data/web:/web:ro, ./data/conf/rspamd/dynmaps:/dynmaps:ro                                                                                                |
+| Container | sogo-mailcow      | sogo                         | -                                            | 20000/tcp            | ./data/conf/sogo/:/etc/sogo/,exposes /usr/lib/GNUstep/SOGo/WebServerResources/                                                                                                   |
+| Container | redis-mailcow     | redis                        | -                                            | 6379/tcp             | redis-vol-1:/data/                                                                                                                                                               |
+| Container | memcached-mailcow | memcached                    | -                                            | 11211/tcp            | -                                                                                                                                                                                |
+| Volume    | vmail-vol-1       | -                            | -                                            | -                    | Mounts to dovecot                                                                                                                                                                |
+| Volume    | dkim-vol-1        | -                            | -                                            | -                    | Mounts to rspamd + phpfpm                                                                                                                                                        |
+| Volume    | redis-vol-1       | -                            | -                                            | -                    | Mounts to redis                                                                                                                                                                  |
+| Volume    | mysql-vol-1       | -                            | -                                            | -                    | Mounts to mysql                                                                                                                                                                  |
 
 All containers share a network "mailcow-network" with the subnet 172.22.1.0/24 - if you want to change it, set it in the composer file.
-IPs are dynamic except for PowerDNS resolver which has a static ip address 172.22.1.2.
+IPs are dynamic except for PowerDNS resolver which has a static ip address 172.22.1.254.
 
 ### **FAQ**
 
 - rspamd learns mail as spam or ham when you move a message in or out of the junk folder to any mailbox besides trash.
 - rspamd auto-learns mail when a high or low score is detected (see https://rspamd.com/doc/configuration/statistic.html#autolearning)
-- You can upgrade SOGo by running `docker-compose up -d sogo-mailcow nginx-mailcow`.
-- Only Postfix and Rspamd use the PowerDNS resolver for DNSSEC. 
-- Linking to existing redis and memcached containers will be possible soon
+- You can upgrade containers by running `docker-compose pull && docker-compose up -d`.
 
 ## Installation
 

data/Dockerfiles/dovecot/docker-entrypoint.sh

@@ -3,4 +3,6 @@ set -e
 
 sed -i "/^connect/c\connect = \"host=mysql dbname=${DBNAME} user=${DBUSER} password=${DBPASS}\"" /etc/dovecot/sql/*
 
+if [[ $(stat -c %U /var/vmail/) != "vmail" ]] ; then chown -R vmail:vmail /var/vmail ; fi
+
 exec "$@"

data/Dockerfiles/php-fpm/Dockerfile

@@ -9,7 +9,9 @@ RUN apt-get update \
 RUN docker-php-ext-configure intl
 RUN docker-php-ext-install intl pdo pdo_mysql
 
-WORKDIR /var/www/html
+COPY ./docker-entrypoint.sh /
 
 EXPOSE 9000
+
+ENTRYPOINT ["/docker-entrypoint.sh"]
 CMD ["php-fpm"]

data/Dockerfiles/php-fpm/docker-entrypoint.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+set -e
+
+if [[ ! -d "/data/dkim/txt" || ! -d "/data/dkim/keys" ]] ; then	mkdir -p /data/dkim/{txt,keys} ; chown -R www-data:www-data /data/dkim; fi
+if [[ $(stat -c %U /data/dkim/) != "www-data" ]] ; then chown -R www-data:www-data /data/dkim ; fi
+
+exec "$@"

data/Dockerfiles/sogo/docker-entrypoint.sh

@@ -3,7 +3,7 @@ set -e
 
 AS_SOGO="gosu sogo"
 
-${AS_SOGO} sogo defaults write sogod SOGoUserSources "({type = sql;id = directory;viewURL = mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_view;canAuthenticate = YES;isAddressBook = YES;displayName = \"GAL\";MailFieldNames = (aliases, ad_aliases, senderacl);userPasswordAlgorithm = ssha256;})"
+${AS_SOGO} defaults write sogod SOGoUserSources "({type = sql;id = directory;viewURL = mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_view;canAuthenticate = YES;isAddressBook = YES;displayName = \"GAL\";MailFieldNames = (aliases, ad_aliases, senderacl);userPasswordAlgorithm = ssha256;})"
 ${AS_SOGO} defaults write sogod SOGoProfileURL "mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_user_profile"
 ${AS_SOGO} defaults write sogod OCSFolderInfoURL "mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_folder_info"
 ${AS_SOGO} defaults write sogod OCSEMailAlarmsFolderURL "mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_alarms_folder"

docker-compose.yml

@@ -8,7 +8,7 @@ services:
       restart: always
       networks:
         mailcow-network:
-          ipv4_address: 172.22.1.2
+          ipv4_address: 172.22.1.254
           aliases:
             - pdns
 
@@ -17,10 +17,10 @@ services:
       depends_on:
         - pdns-mailcow
       volumes:
-        - ./data/db/mysql/:/var/lib/mysql/
+        - mysql-vol-1:/var/lib/mysql/
         - ./data/conf/mysql/:/etc/mysql/conf.d/:ro
       dns:
-        - 172.22.1.2
+        - 172.22.1.254
       dns_search: mailcow-network
       environment:
         - MYSQL_ROOT_PASSWORD=${DBROOT}
@@ -38,10 +38,10 @@ services:
       depends_on:
         - pdns-mailcow
       volumes:
-        - ./data/db/redis/:/data/
+        - redis-vol-1:/data/
       restart: always
       dns:
-        - 172.22.1.2
+        - 172.22.1.254
       dns_search: mailcow-network
       networks:
         mailcow-network:
@@ -56,11 +56,10 @@ services:
         - ./data/conf/rspamd/override.d/:/etc/rspamd/override.d:ro
         - ./data/conf/rspamd/local.d/:/etc/rspamd/local.d:ro
         - ./data/conf/rspamd/lua/:/etc/rspamd/lua/:ro
-      volumes_from:
-        - data-container-dkim
+        - dkim-vol-1:/data/dkim
       restart: always
       dns: 
-        - 172.22.1.2
+        - 172.22.1.254
       dns_search: mailcow-network
       networks:
         mailcow-network:
@@ -74,10 +73,9 @@ services:
       volumes:
         - ./data/web:/web:ro
         - ./data/conf/rspamd/dynmaps:/dynmaps:ro
-      volumes_from:
-        - data-container-dkim
+        - dkim-vol-1:/data/dkim
       dns:
-        - 172.22.1.2
+        - 172.22.1.254
       dns_search: mailcow-network
       environment:
         - DBNAME=${DBNAME}
@@ -99,7 +97,7 @@ services:
         - DBUSER=${DBUSER}
         - DBPASS=${DBPASS}
       dns:
-        - 172.22.1.2
+        - 172.22.1.254
       dns_search: mailcow-network
       volumes:
         - ./data/conf/sogo/:/etc/sogo/
@@ -118,7 +116,7 @@ services:
         - ./data/conf/rmilter/:/etc/rmilter.conf.d/:ro
       restart: always
       dns:
-        - 172.22.1.2
+        - 172.22.1.254
       dns_search: mailcow-network
       networks:
         mailcow-network:
@@ -132,8 +130,7 @@ services:
       volumes:
         - ./data/conf/dovecot:/etc/dovecot
         - ./data/assets/ssl:/etc/ssl/mail/:ro
-      volumes_from:
-        - data-container-vmail
+        - vmail-vol-1:/var/vmail
       environment:
         - DBNAME=${DBNAME}
         - DBUSER=${DBUSER}
@@ -145,7 +142,7 @@ services:
         - "${POPS_PORT}:995"
         - "${SIEVE_PORT}:4190"
       dns:
-        - 172.22.1.2
+        - 172.22.1.254
       dns_search: mailcow-network
       restart: always
       hostname: ${MAILCOW_HOSTNAME}
@@ -172,7 +169,7 @@ services:
       restart: always
       hostname: ${MAILCOW_HOSTNAME}
       dns: 
-        - 172.22.1.2
+        - 172.22.1.254
       dns_search: mailcow-network
       networks:
         mailcow-network:
@@ -185,7 +182,7 @@ services:
         - pdns-mailcow
       restart: always
       dns:
-        - 172.22.1.2
+        - 172.22.1.254
       dns_search: mailcow-network
       networks:
         mailcow-network:
@@ -207,7 +204,7 @@ services:
         - ./data/assets/ssl/:/etc/ssl/mail/:ro
         - ./data/conf/nginx/:/etc/nginx/conf.d/:ro
       dns:
-        - 172.22.1.2
+        - 172.22.1.254
       dns_search: mailcow-network
       ports:
         - "443:443"
@@ -217,20 +214,6 @@ services:
           aliases:
             - nginx
 
-    data-container-dkim:
-      build: ./data/Dockerfiles/data-container-dkim
-      depends_on:
-        - pdns-mailcow
-      networks:
-        mailcow-network:
-
-    data-container-vmail:
-      build: ./data/Dockerfiles/data-container-vmail
-      depends_on:
-        - pdns-mailcow
-      networks:
-        mailcow-network:
-
 networks:
   mailcow-network:
     driver: bridge
@@ -240,3 +223,8 @@ networks:
         - subnet: 172.22.1.0/24
           gateway: 172.22.1.1
 
+volumes:
+  vmail-vol-1:
+  mysql-vol-1:
+  dkim-vol-1:
+  redis-vol-1: