coop-cloud
/
postfix-relay
Archived
generated from coop-cloud/example
1
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

Fix settings, improve docs, add `networks` for Drone
continuous-integration/drone/push Build is passing Details

This commit is contained in:
3wc 2020-09-27 21:36:04 +02:00
parent 68a609593e
commit 6e3c80487f
3 changed files with 18 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.drone.yml
View File

@ -10,6 +10,9 @@ steps:
purge: true purge: true
deploy_key: deploy_key:
from_secret: drone_ssh_swarm_test from_secret: drone_ssh_swarm_test
networks:
- mail
- proxy
environment: environment:
DOMAIN: swarm-test.autonomic.zone DOMAIN: swarm-test.autonomic.zone
STACK_NAME: postfix-relay STACK_NAME: postfix-relay

18
README.md
View File

@ -7,17 +7,22 @@ The basic idea is to run one instance of this on each swarm, and configure that
swarm's apps to send all their email through it. swarm's apps to send all their email through it.
By default, this stack will try to deliver e-mail directly (i.e. looking up the By default, this stack will try to deliver e-mail directly (i.e. looking up the
recipient's mail server using `MX` records). For this to work, you will need to recipient's mail server using `MX` records).
set up reverse DNS and SPF.
**NOTE**: If you use this direct delivery, make sure that:
- your Traefik server and host firewall are configured to allow port 587,
- you have an MX record for your configured `$DOMAIN` pointing to this server,
- you have an SPF record for `$DOMAIN` that includes `mx` or this server's IP
- you have a reverse DNS (rDNS / PTR) record for this IP that matches `$DOMAIN`
(These requirements mean that you can only deploy one direct-delivery instance
of this app per swarm host..)
Alternatively, you can easily route mail through a smarthost / relay host like Alternatively, you can easily route mail through a smarthost / relay host like
Mailgun or Gandi -- see [`RELAYHOST` and related parameters][boky-postfix-options]. Mailgun or Gandi -- see [`RELAYHOST` and related parameters][boky-postfix-options].
FIXME 3wc: Pass `RELAYHOST` etc. from `.envrc` to service FIXME 3wc: Pass `RELAYHOST` etc. from `.envrc` to service
TODO 3wc: Can you run more than one instance of this on a swarm? How could we handle
that in terms of reverse DNS?
## Basic usage ## Basic usage
1. Set up Docker Swarm and [`abra`] 1. Set up Docker Swarm and [`abra`]
@ -25,7 +30,8 @@ that in terms of reverse DNS?
3. `git clone https://git.autonomic.zone/compose-stacks/postfix-relay.git && cd postfix-relay` 3. `git clone https://git.autonomic.zone/compose-stacks/postfix-relay.git && cd postfix-relay`
3. `cp .envrc.sample .envrc` 3. `cp .envrc.sample .envrc`
4. Edit `.envrc` - be sure to change `DOMAIN` to something that resolves to 4. Edit `.envrc` - be sure to change `DOMAIN` to something that resolves to
your Docker swarm box your Docker swarm box, and add any extra domains (including subdomains) you'd
like to be able to send mail from in `EXTRA_SENDER_DOMAINS`.
5. `direnv allow` (or `. .envrc`) 5. `direnv allow` (or `. .envrc`)
6. `abra deploy` 6. `abra deploy`

7
compose.yml
View File

@ -16,10 +16,9 @@ services:
environment: environment:
FORCE_COLOR: "1" FORCE_COLOR: "1"
TZ: ${TZ} TZ: ${TZ}
INBOUND_DEBUGGING: "${INBOUND_DEBUGGING:-0}" INBOUND_DEBUGGING: ${INBOUND_DEBUGGING}
ALLOWED_SENDER_DOMAINS: "${EXTRA_SENDER_DOMAINS} ${DOMAIN}" ALLOWED_SENDER_DOMAINS: ${DOMAIN} ${EXTRA_SENDER_DOMAINS}
POSTFIX_myhostname: "${DOMAIN}" POSTFIX_myhostname: ${DOMAIN}
MASQUERADED_DOMAINS: "${MASQUERADED_DOMAINS}"
deploy: deploy:
restart_policy: restart_policy:
condition: on-failure condition: on-failure