version: "3.1"
services:
  ketrenet-web:
    image: ketrenet-web
    container_name: ketrenet-web
    hostname: webserver
    build:
      context: web
      dockerfile: Dockerfile.web
    restart: always
    volumes:
      # Dynamic data
      - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/live:/etc/letsencrypt/live
      - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/archive:/etc/letsencrypt/archive
      - /home/jketreno/docker/webserver/data/log:/var/log:rw
      # Static data
      - /home/jketreno/docker/webserver/web/etc/nginx/sites-enabled:/etc/nginx/sites-enabled:ro
      - /home/jketreno/docker/webserver/web/etc/nginx/sites-available:/etc/nginx/sites-available:ro
      - /home/jketreno/docker/webserver/web/etc/apache2:/etc/apache2:ro
      - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/options-ssl-apache.conf:/etc/letsencrypt/options-ssl-apache.conf:ro
      - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/options-ssl-nginx.conf:/etc/letsencrypt/options-ssl-nginx.conf:ro
      - /home/jketreno/docker/webserver/web/entrypoint.sh:/entrypoint.sh:ro
      - /home/jketreno/docker/webserver/www:/var/www:ro
      - /home/jketreno/docker/webserver/data/mailman/web/data/static:/opt/mailman/static:ro
    ports:
      - 80:80
      - 443:443
    networks:
      ketrenet-mailman:


  ketrenet-mail:
    image: ketrenet-mail
    container_name: ketrenet-mail
    hostname: email
    build:
      context: mail
      dockerfile: Dockerfile.mail
    restart: always
    ports:
      - "25:25" # postfix smtp
      - 143:143 # dovecot imap
      - 993:993 # dovecot imaps
      - 465:465 # postfix smtps
      - 587:587 # postfix submission
    volumes:
      # Dynamic data
      - /home:/home:rw # User home directories for Maildir access
      - /home/jketreno/docker/webserver/mail/etc/postfix:/etc/postfix:rw
      - /home/jketreno/docker/webserver/data/mailman/core/var/data/postfix_lmtp:/opt/mailman/postfix_lmtp # Used for LMTP to ketrenet-mailman-core (rw so it is dynamically updated)
      - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/live:/etc/letsencrypt/live
      - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/archive:/etc/letsencrypt/archive
      - /home/jketreno/docker/webserver/data/mail/var/lib/milter-greylist:/var/lib/milter-greylist
      - /home/jketreno/docker/webserver/data/log:/var/log:rw
      - /home/jketreno/docker/webserver/data/mail/var/mail:/var/mail:rw
      - /home/jketreno/docker/webserver/data/mail/var/spool/mail:/var/spool/mail:rw
      - /home/jketreno/docker/webserver/data/mail/var/lib/clamav:/var/lib/clamav:rw
      - /home/jketreno/docker/webserver/keys/mail/etc/spamassassin/sa-update-keys/:/etc/spamassassin/sa-update-keys:rw
      - /home/jketreno/docker/webserver/keys/mail/etc/opendkim:/etc/opendkim-private:rw
      # Static data
      - /home/jketreno/docker/webserver/mail/etc/mailname:/etc/mailname:ro
      - /home/jketreno/docker/webserver/mail/etc/dovecot:/etc/dovecot:ro
      - /home/jketreno/docker/webserver/mail/etc/amavis:/etc/amavis:ro
      - /home/jketreno/docker/webserver/mail/etc/clamav:/etc/clamav:ro
      - /home/jketreno/docker/webserver/mail/etc/hostname:/etc/hostname:ro
      - /home/jketreno/docker/webserver/mail/etc/opendkim.conf:/etc/opendkim.conf:ro
      - /home/jketreno/docker/webserver/mail/etc/opendkim:/etc/opendkim:ro
      - /home/jketreno/docker/webserver/mail/etc/milter-greylist:/etc/milter-greylist:ro
      - /home/jketreno/docker/webserver/mail/etc/default/milter-greylist:/etc/default/milter-greylist:ro
      - /home/jketreno/docker/webserver/mail/entrypoint.sh:/entrypoint.sh:ro
      - /home/jketreno/docker/webserver/mail/etc/rsyslog.conf:/etc/rsyslog.conf:ro
      - /home/jketreno/docker/webserver/www:/var/www:ro
      # Keys
      - /home/jketreno/docker/webserver/keys/mail/etc/dkimkeys:/etc/dkimkeys:ro
      - /home/jketreno/docker/webserver/keys/mail/etc/dovecot/private:/etc/dovecot-private:ro
      # Authentication of dovecot users via pam
      #
      #- /etc/passwd:/etc/systempasswd:ro
      #- /etc/group:/etc/systemgroup:ro
      #- /etc/shadow:/etc/systemshadow:ro
      #- /etc/gshadow:/etc/systemgshadow:ro
      # etc directories with permissions locked down
    networks:
      ketrenet-mailman:

  ketrenet-roundcube:
    image: ketrenet-roundcube
    container_name: ketrenet-roundcube
    hostname: roundcube
    build:
      context: roundcube
      dockerfile: Dockerfile.roundcube
    restart: always
    environment:
      - ROUNDCUBEMAIL_DEFAULT_HOST=tls://ketrenos.com
      - ROUNDCUBEMAIL_SMTP_SERVER=tls://ketrenos.com
      - ROUNDCUBEMAIL_SMTP_PORT=587
    ports:
      - 8124:80
    volumes:
      # Dynamic data
      - /home/jketreno/docker/webserver/data/roundcube/db:/var/roundcube/db:rw
      - /home/jketreno/docker/webserver/data/roundcube/html:/var/www/html:rw
      # Static data
      - /home/jketreno/docker/webserver/roundcube/var/roundcube:/var/roundcube/config:ro
    networks:
      ketrenet-mailman:


  ketrenet-cron:
    image: ketrenet-cron
    container_name: ketrenet-cron
    build:
      context: cron
      dockerfile: Dockerfile.cron
    restart: always
    volumes:
      # Dynamic data
      - /home/jketreno/docker/webserver/cron/etc/letsencrypt:/etc/letsencrypt:rw
      - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/live:/etc/letsencrypt/live:rw
      - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/archive:/etc/letsencrypt/archive:rw
      - /home/jketreno/docker/webserver/data/log:/var/log:rw
      - /home/jketreno/docker/webserver/www:/var/www:rw
      # Static data
      - /home/jketreno/docker/webserver/cron/etc/cron.d:/etc/cron.d:ro
      - /home/jketreno/docker/webserver/keys/letsencrypt/:/keys:ro
      - /home/jketreno/docker/webserver/cron/entrypoint.sh:/entrypoint.sh:ro

  ketrenet-dns:
    profiles: [ "dev" ]
    image: ketrenet-dns
    container_name: ketrenet-dns
    hostname: dns
    build:
      context: dns
      dockerfile: Dockerfile.dns
    restart: always
    ports:
      - 53:53/udp # bind
      - 53:53/tcp # bind
      - 67:67/udp # dhcp
      - 68:68/udp # dhcp
    volumes:
      # Dynamic data
      - /home/jketreno/docker/webserver/data/log:/var/log:rw
      - /home/jketreno/docker/webserver/data/dns/var/lib/:/var/lib:rw
      # Static data
      - /home/jketreno/docker/webserver/keys/dns/ddns.key:/etc/ddns.key:ro
      - /home/jketreno/docker/webserver/dns/etc/dhcp:/etc/dhcp:ro
      - /home/jketreno/docker/webserver/dns/etc/bind:/etc/bind:ro
      - /home/jketreno/docker/webserver/dns/entrypoint.sh:/entrypoint.sh:ro

  ketrenet-mailman-core:
    image: maxking/mailman-core:0.4 # Use a specific version tag (tag latest is not published)
    container_name: ketrenet-mailman-core
    hostname: mailman-core
    restart: unless-stopped
    volumes:
      - /home/jketreno/docker/webserver/data/mailman/core/var/etc/mailman.cfg:/etc/mailman.cfg
      - /home/jketreno/docker/webserver/data/mailman/core:/opt/mailman/
    stop_grace_period: 30s
    links:
      - ketrenet-database:ketrenet-database
    depends_on:
      - ketrenet-database
    environment:
      - DATABASE_URL=postgresql://mailman:mailmanpass@ketrenet-database/mailmandb
      - DATABASE_TYPE=postgres
      - DATABASE_CLASS=mailman.database.postgresql.PostgreSQLDatabase
      - HYPERKITTY_URL=http://ketrenet-mailman-web:8000/mailman/hyperkitty
      - HYPERKITTY_API_KEY=s0meap1k3y
      - MAILMAN_ADMIN_USER=jketreno
      - MAILMAN_ADMIN_EMAIL=james_mailman@ketrenos.com
      - SMTP_HOST=ketrenos.com
      - SMTP_PORT=587
      - MTA=postfix
    ports:
      - "127.0.0.1:8001:8001" # API
      - "127.0.0.1:8024:8024" # LMTP - incoming emails
    networks:
      ketrenet-mailman:


  ketrenet-mailman-web:
    image: maxking/mailman-web:0.4 # Use a specific version tag (tag latest is not published)
    container_name: ketrenet-mailman-web
    hostname: mailman-web
    restart: unless-stopped
    depends_on:
      - ketrenet-database
    links:
      - ketrenet-mailman-core:ketrenet-mailman-core
      - ketrenet-database:ketrenet-database
    volumes:
      - /home/jketreno/docker/webserver/data/mailman/web/data:/opt/mailman-web-data
      - /home/jketreno/docker/webserver/data/mailman/web/config:/opt/mailman-web
    environment:
      - DATABASE_TYPE=postgres
      - DATABASE_URL=postgresql://mailman:mailmanpass@ketrenet-database/mailmandb
      - HYPERKITTY_API_KEY=s0meap1k3y
      - HYPERKITTY_URL=http://ketrenet-mailman-web:8000/mailman/hyperkitty
      - SECRET_KEY=s7p4rs3kr1t
      - SERVE_FROM_DOMAIN=ketrenos.com
      - UWSGI_STATIC_MAP=/mailman/static=/opt/mailman-web-data/static
      - MAILMAN_ADMIN_USER=jketreno
      - MAILMAN_ADMIN_EMAIL=james_mailman@ketrenos.com
      - EMAIL_HOST=ketrenos.com
      - EMAIL_PORT=587
      - EMAIL_USE_TLS=True
      - EMAIL_USE_SSL=False
      - SMTP_HOST=ketrenos.com
      - SMTP_PORT=587
      - MTA=postfix
    ports:
      - "127.0.0.1:8000:8000" # HTTP
      - "127.0.0.1:8080:8080" # uwsgi
    networks:
      ketrenet-mailman:


  ketrenet-database:
    container_name: ketrenet-database
    environment:
      - POSTGRES_DB=mailmandb
      - POSTGRES_USER=mailman
      - POSTGRES_PASSWORD=mailmanpass
      - MAILMAN_ADMIN_USER=jketreno
      - MAILMAN_ADMIN_EMAIL=james_mailman@ketrenos.com
    image: postgres:12-alpine
    volumes:
      - /home/jketreno/docker/webserver/data/mailman/database:/var/lib/postgresql/data
    networks:
      ketrenet-mailman:


networks:
  ketrenet-mailman:
    driver: bridge
    ipam:
      driver: default
      config:
        - subnet: 172.19.199.0/24