timmy revidoval tento gist 8 months ago. Přejít na revizi
Žádné změny
timmy revidoval tento gist 8 months ago. Přejít na revizi
2 files changed, 46 insertions
docker-compose.yml(vytvořil soubor)
| @@ -0,0 +1,19 @@ | |||
| 1 | + | services: | |
| 2 | + | haproxy: | |
| 3 | + | image: haproxy:latest | |
| 4 | + | container_name: haproxy-mail | |
| 5 | + | restart: always | |
| 6 | + | volumes: | |
| 7 | + | - ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro | |
| 8 | + | - ./certs:/etc/haproxy/certs | |
| 9 | + | ports: | |
| 10 | + | - "993:993" # IMAP over SSL | |
| 11 | + | - "995:995" # POP3 over SSL | |
| 12 | + | - "587:587" # SMTP STARTTLS | |
| 13 | + | - "25:25" # SMTP Relay | |
| 14 | + | networks: | |
| 15 | + | - mailnet | |
| 16 | + | ||
| 17 | + | networks: | |
| 18 | + | mailnet: | |
| 19 | + | driver: bridge | |
haproxy.cfg(vytvořil soubor)
| @@ -0,0 +1,27 @@ | |||
| 1 | + | frontend smtp_frontend | |
| 2 | + | bind *:25 | |
| 3 | + | bind *:587 # **移除** ssl crt,讓後端自行處理 STARTTLS | |
| 4 | + | mode tcp | |
| 5 | + | default_backend smtp_backend | |
| 6 | + | ||
| 7 | + | backend smtp_backend | |
| 8 | + | mode tcp | |
| 9 | + | server old_postfix 192.168.88.35:25 check | |
| 10 | + | ||
| 11 | + | frontend imap_frontend | |
| 12 | + | bind *:993 ssl crt /etc/haproxy/certs/mail.pem | |
| 13 | + | mode tcp | |
| 14 | + | default_backend imap_backend | |
| 15 | + | ||
| 16 | + | backend imap_backend | |
| 17 | + | mode tcp | |
| 18 | + | server old_dovecot 192.168.88.35:143 | |
| 19 | + | ||
| 20 | + | frontend pop3_frontend | |
| 21 | + | bind *:995 ssl crt /etc/haproxy/certs/mail.pem | |
| 22 | + | mode tcp | |
| 23 | + | default_backend pop3_backend | |
| 24 | + | ||
| 25 | + | backend pop3_backend | |
| 26 | + | mode tcp | |
| 27 | + | server old_dovecot 192.168.88.35:110 | |
Novější
Starší