# vim: ft=yaml.ansible --- - name: create mailu volume folders file: name: "{{ services.mailu.volume_folder }}/{{ volume }}" state: directory loop: - redis - certs - data - dkim - mail - mailqueue - filter - postgres - webmail - overrides - overrides/nginx - overrides/dovecot - overrides/postfix - overrides/rspamd - overrides/rainloop loop_control: loop_var: volume - name: upload mailu.env file template: src: mailu.env.j2 dest: "{{ services.mailu.volume_folder }}/mailu.env" - name: hard link to Let's Encrypt TLS certificate file: src: "{{ services.nginx_proxy.volume_folder }}/certs/{{ services.mailu.domain }}/fullchain.pem" dest: "{{ services.mailu.volume_folder }}/certs/cert.pem" state: hard force: yes when: letsencrypt_enabled - name: hard link to Let's Encrypt TLS key file: src: "{{ services.nginx_proxy.volume_folder }}/certs/{{ services.mailu.domain }}/key.pem" dest: "{{ services.mailu.volume_folder }}/certs/key.pem" state: hard force: yes when: letsencrypt_enabled - name: run mail server containers docker_compose: project_name: mail_server pull: yes definition: version: '3.6' services: postgres: image: postgres:14-alpine restart: always environment: POSTGRES_DB: mailu POSTGRES_USER: mailu POSTGRES_PASSWORD: "{{ postgres_passwords.mailu }}" volumes: - "{{ services.mailu.volume_folder }}/postgres:/var/lib/postgresql/data" dns: - "{{ services.mailu.dns }}" redis: image: redis:alpine restart: always volumes: - "{{ services.mailu.volume_folder }}/redis:/data" depends_on: - resolver dns: - "{{ services.mailu.dns }}" front: image: ghcr.io/mailu/nginx:{{ services.mailu.version }} restart: always env_file: "{{ services.mailu.volume_folder }}/mailu.env" environment: VIRTUAL_HOST: "{{ services.mailu.domain }}" LETSENCRYPT_HOST: "{{ services.mailu.domain }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" volumes: - "{{ services.mailu.volume_folder }}/certs:/certs" - "{{ services.mailu.volume_folder }}/overrides/nginx:/overrides:ro" expose: - "80" ports: - "993:993" - "25:25" - "587:587" - "465:465" networks: - default - external_services resolver: image: ghcr.io/mailu/unbound:{{ services.mailu.version }} restart: always env_file: "{{ services.mailu.volume_folder }}/mailu.env" networks: default: ipv4_address: "{{ services.mailu.dns }}" admin: image: ghcr.io/mailu/admin:{{ services.mailu.version }} restart: always env_file: "{{ services.mailu.volume_folder}}/mailu.env" volumes: - "{{ services.mailu.volume_folder }}/data:/data" - "{{ services.mailu.volume_folder }}/dkim:/dkim" depends_on: - redis - resolver dns: - "{{ services.mailu.dns }}" imap: image: ghcr.io/mailu/dovecot:{{ services.mailu.version }} restart: always env_file: "{{ services.mailu.volume_folder }}/mailu.env" volumes: - "{{ services.mailu.volume_folder }}/mail:/mail" - "{{ services.mailu.volume_folder }}/overrides/dovecot:/overrides:ro" depends_on: - front - resolver dns: - "{{ services.mailu.dns }}" smtp: image: ghcr.io/mailu/postfix:{{ services.mailu.version }} restart: always env_file: "{{ services.mailu.volume_folder }}/mailu.env" volumes: - "{{ services.mailu.volume_folder }}/mailqueue:/queue" - "{{ services.mailu.volume_folder }}/overrides/postfix:/overrides:ro" depends_on: - front - resolver dns: - "{{ services.mailu.dns }}" antispam: image: ghcr.io/mailu/rspamd:{{ services.mailu.version }} hostname: antispam restart: always env_file: "{{ services.mailu.volume_folder }}/mailu.env" volumes: - "{{ services.mailu.volume_folder }}/filter:/var/lib/rspamd" - "{{ services.mailu.volume_folder }}/overrides/rspamd:/etc/rspamd/override.d:ro" depends_on: - front - resolver dns: - "{{ services.mailu.dns }}" webmail: image: ghcr.io/mailu/rainloop:{{ services.mailu.version }} restart: always env_file: "{{ services.mailu.volume_folder }}/mailu.env" volumes: - "{{ services.mailu.volume_folder }}/webmail:/data" - "{{ services.mailu.volume_folder }}/overrides/rainloop:/overrides:ro" depends_on: - imap - resolver dns: - "{{ services.mailu.dns }}" networks: default: driver: bridge ipam: driver: default config: - subnet: "{{ services.mailu.subnet }}" external_services: external: name: external_services