version: "3.8"
services:
  app:
    image: "boky/postfix:v3.0.0"
    networks:
      - proxy
    healthcheck:
      test: ["CMD", "sh", "-c", "netstat -an | fgrep 587 | fgrep -q LISTEN"]
      interval: 10s
      timeout: 5s
      start_period: 10s
      retries: 2
    environment:
      FORCE_COLOR: "1"
      TZ: ${TZ}
      INBOUND_DEBUGGING: ${INBOUND_DEBUGGING}
      ALLOWED_SENDER_DOMAINS: ${DOMAIN} ${EXTRA_SENDER_DOMAINS}
      POSTFIX_myhostname: ${DOMAIN}
    deploy:
      restart_policy:
        condition: on-failure
      labels:
        - "traefik.enable=true"
        - "traefik.docker.network=proxy"
        - "traefik.tcp.routers.${STACK_NAME}.entrypoints=smtp-submission"
        - "traefik.tcp.routers.${STACK_NAME}.rule=HostSNI(`*`)"
        # TODO 3wc: we can only route TCP traffic if it uses TLS
        # https://doc.traefik.io/traefik/v2.0/routing/routers/#rule_1
        #- "traefik.tcp.routers.${STACK_NAME}.rule=HostSNI(`${DOMAIN}`)"
        - "traefik.tcp.routers.${STACK_NAME}.service=${STACK_NAME}"
        - "traefik.tcp.services.${STACK_NAME}.loadbalancer.server.port=587"
        #- "traefik.tcp.routers.${STACK_NAME}.tls.passthrough=true"
        #- "traefik.tcp.routers.${STACK_NAME}.tls=true"
        #- "traefik.tcp.routers.${STACK_NAME}.service=mailu_smtp"

        - coop-cloud.${STACK_NAME}.app.version=v3.0.0-282de498
networks:
  proxy:
    external: true