Dokploy
feat: added Mailserver/ERPNext template
@Siumauricio https://github.com/Dokploy/dokploy/issues/408#issuecomment-2355372652 Please advise on how to add some documentation to the template, as previously discussed.
Hi, just got around to get this working today! A quick addition, as per the docker-mailserver docs we need to add an additional container as such
whoami:
image: docker.io/traefik/whoami:latest
networks:
- dokploy-network
And associate the domain you want to use to that container instead (mail.example.com).
As far as I understood you might also want to edit your traefik config to reflect the required entrypoints, but I don't think these are necessary as everything is handled through traefik through the above container with letsencrypt
entryPoints:
mail-smtp:
address: ':25'
mail-submission:
address: ':587'
mail-submissions:
address: ':465'
mail-imap:
address: ':143'
mail-imaps:
address: ':993'
mail-pop3:
address: ':110'
mail-pop3s:
address: ':995'
mail-managesieve:
address: ':4190'
web:
address: ':80'
http:
redirections:
entryPoint:
to: websecure
scheme: https
websecure:
address: ':443'
http:
tls:
certResolver: letsencrypt
have to add DKIM configuration also, you can use command setup config dkim.
Maybe it will be useful, i created a templates documentation, so you can also help me with it if you wanna.
https://github.com/SashaGoncharov19/dokploy-template-docs https://sashagoncharov19.github.io/dokploy-template-docs/
Hey there!
Just wanted to bring up something to keep in mind regarding the use of the service behind traefik in this template. It looks like we might need to set up a specific configuration to make sure that traefik can properly direct traffic to the service.
You can find more information about this at https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/mailserver-behind-proxy/
Hey there!
Just wanted to bring up something to keep in mind regarding the use of the service behind traefik in this template. It looks like we might need to set up a specific configuration to make sure that traefik can properly direct traffic to the service.
You can find more information about this at https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/mailserver-behind-proxy/
I think you're right and I did add these to both mailserver compose and traefik config. I can't end to end test because port 25 is blocked on my box sadly
@seppulcro, I will conduct tests on the servers and provide updates here. This will help us prepare a production-ready template for publication.
I think it's crucial to verify that the TLS connection for the email service is functioning properly. As far as I know, traefik might encounter challenges in forwarding STARTTLS connections for SMTPS and IMAPS. I'll document some references here to assist with troubleshooting and testing.
references
- https://github.com/traefik/traefik/issues/7366
- https://github.com/docker-mailserver/docker-mailserver/issues/3563#issuecomment-1744653719
- https://github.com/stalwartlabs/mail-server/discussions/356
@andrekutianski When I installed this on the Hetzner Robot, there were no problems with traffic, everything was stable and the connections worked fine.
But I also have a home server and there are similar problems. For example, the fact that you need to configure proxying for the mail server to work correctly.
I have created a separate documentation for this purpose, where we can describe all these points and try to test these settings on our machines before deploying this template.
I'd like to suggest few updates for dms compose.yml file:
services:
mailserver:
image: ghcr.io/docker-mailserver/docker-mailserver:latest
hostname: ${DMS_HOSTNAME}
domainname: ${DMS_DOMAINNAME}
ports:
- 25:25 # SMTP (STARTTLS)
- 465:465 # SMTP (Implicit TLS)
- 587:587 # SMTP (STARTTLS)
- 143:143 # IMAP (STARTTLS)
- 993:993 # IMAP (Implicit TLS)
- 110:110 # POP3 (STARTTLS)
- 995:995 # POP3 (Implicit TLS)
- 4190:4190 # Managesieve (STARTTLS)
volumes:
- dms-mail-data:/var/mail/
- dms-mail-state:/var/mail-state/
- dms-mail-logs:/var/log/mail/
- dms-mail-config:/tmp/docker-mailserver/
- /etc/localtime:/etc/localtime:ro
- /etc/dokploy/traefik/dynamic/acme.json:/etc/letsencrypt/acme.json:ro
environment:
- PERMIT_DOCKER=${DMS_PERMIT_DOCKER}
- POSTMASTER_ADDRESS=${DMS_POSTMASTER_ADDRESS}
- SSL_TYPE=${DMS_SSL_TYPE}
- ENABLE_SPAMASSASSIN=${DMS_ENABLE_SPAMASSASSIN}
- ENABLE_CLAMAV=${DMS_ENABLE_CLAMAV}
- ENABLE_FAIL2BAN=${DMS_ENABLE_FAIL2BAN}
- ENABLE_POSTGREY=${DMS_ENABLE_POSTGREY}
- SPOOF_PROTECTION=${DMS_SPOOF_PROTECTION}
cap_add:
- NET_ADMIN
restart: always
stop_grace_period: 1m
healthcheck:
test: ${DMS_HEALTHCHECK_CMD}
timeout: ${DMS_HEALTHCHECK_TIMEOUT}
retries: ${DMS_HEALTHCHECK_RETRIES}
command: >
sh -c '
if [ ! -s /tmp/docker-mailserver/postfix-accounts.cf ]; then
echo "File does not exist or is empty. Running setup command...";
setup email add "${DMS_DEFAULT_USER}" "${DMS_DEFAULT_USER_PASS}";
else
echo "File exists and is not empty. Skipping setup command.";
fi
exec supervisord -c /etc/supervisor/supervisord.conf
'
networks:
- dokploy-network
labels:
- traefik.enable=true
# SMTP
- traefik.tcp.routers.${HASH}-smtp.rule=HostSNI(`*`)
- traefik.tcp.routers.${HASH}-smtp.entrypoints=mail-smtp
- traefik.tcp.routers.${HASH}-smtp.service=${HASH}-smtp
- traefik.tcp.services.${HASH}-smtp.loadbalancer.server.port=25
# Submission
- traefik.tcp.routers.${HASH}-submission.rule=HostSNI(`*`)
- traefik.tcp.routers.${HASH}-submission.entrypoints=mail-submission
- traefik.tcp.routers.${HASH}-submission.service=${HASH}-submission
- traefik.tcp.services.${HASH}-submission.loadbalancer.server.port=587
# Submissions
- traefik.tcp.routers.${HASH}-submissions.rule=HostSNI(`*`)
- traefik.tcp.routers.${HASH}-submissions.entrypoints=mail-submissions
- traefik.tcp.routers.${HASH}-submissions.service=${HASH}-submissions
- traefik.tcp.services.${HASH}-submissions.loadbalancer.server.port=465
# IMAP
- traefik.tcp.routers.${HASH}-imap.rule=HostSNI(`*`)
- traefik.tcp.routers.${HASH}-imap.entrypoints=mail-imap
- traefik.tcp.routers.${HASH}-imap.service=${HASH}-imap
- traefik.tcp.services.${HASH}-imap.loadbalancer.server.port=143
# IMAPS
- traefik.tcp.routers.${HASH}-imaps.rule=HostSNI(`*`)
- traefik.tcp.routers.${HASH}-imaps.entrypoints=mail-imaps
- traefik.tcp.routers.${HASH}-imaps.service=${HASH}-imaps
- traefik.tcp.services.${HASH}-imaps.loadbalancer.server.port=993
# POP3
- traefik.tcp.routers.${HASH}-pop3.rule=HostSNI(`*`)
- traefik.tcp.routers.${HASH}-pop3.entrypoints=mail-pop3
- traefik.tcp.routers.${HASH}-pop3.service=${HASH}-pop3
- traefik.tcp.services.${HASH}-pop3.loadbalancer.server.port=110
# POP3S
- traefik.tcp.routers.${HASH}-pop3s.rule=HostSNI(`*`)
- traefik.tcp.routers.${HASH}-pop3s.entrypoints=mail-pop3s
- traefik.tcp.routers.${HASH}-pop3s.service=${HASH}-pop3s
- traefik.tcp.services.${HASH}-pop3s.loadbalancer.server.port=995
# Managesieve
- traefik.tcp.routers.${HASH}-managesieve.rule=HostSNI(`*`)
- traefik.tcp.routers.${HASH}-managesieve.entrypoints=mail-managesieve
- traefik.tcp.routers.${HASH}-managesieve.service=${HASH}-managesieve
- traefik.tcp.services.${HASH}-managesieve.loadbalancer.server.port=4190
whoami:
image: docker.io/traefik/whoami:latest
labels:
- traefik.enable=true
- traefik.http.services.${HASH}-whoami.loadbalancer.server.port=${DMS_WHOAMI_PORT}
- traefik.http.routers.${HASH}-whoami.rule=Host(`${DMS_WHOAMI_HOST}`)
networks:
- dokploy-network
networks:
dokploy-network:
external: true
volumes:
dms-mail-data:
dms-mail-state:
dms-mail-logs:
dms-mail-config:
And have to add entry points to traefik. P.S : I've not tested yet, feel free to give feedback.
I'd like to suggest few updates for dms compose.yml file:
services: mailserver: image: ghcr.io/docker-mailserver/docker-mailserver:latest hostname: ${DMS_HOSTNAME} ports: - 25:25 # SMTP (STARTTLS) - 465:465 # SMTP (Implicit TLS) - 587:587 # SMTP (STARTTLS) - 143:143 # IMAP (STARTTLS) - 993:993 # IMAP (Implicit TLS) - 110:110 # POP3 (STARTTLS) - 995:995 # POP3 (Implicit TLS) - 4190:4190 # Managesieve (STARTTLS) volumes: - dms-mail-data:/var/mail/ - dms-mail-state:/var/mail-state/ - dms-mail-logs:/var/log/mail/ - dms-mail-config:/tmp/docker-mailserver/ - /etc/localtime:/etc/localtime:ro environment: - ENABLE_FAIL2BAN=${DMS_ENABLE_FAIL2BAN} - PERMIT_DOCKER=${DMS_PERMIT_DOCKER} - SPOOF_PROTECTION=${DMS_SPOOF_PROTECTION} - POSTMASTER_ADDRESS=${DMS_POSTMASTER_ADDRESS} cap_add: - NET_ADMIN restart: always stop_grace_period: 1m healthcheck: test: ${DMS_HEALTHCHECK_CMD} timeout: ${DMS_HEALTHCHECK_TIMEOUT} retries: ${DMS_HEALTHCHECK_RETRIES} command: > sh -c ' if [ ! -s /tmp/docker-mailserver/postfix-accounts.cf ]; then echo "File does not exist or is empty. Running setup command..."; setup email add "${DMS_DEFAULT_USER}" "${DMS_DEFAULT_USER_PASS}"; else echo "File exists and is not empty. Skipping setup command."; fi exec supervisord -c /etc/supervisor/supervisord.conf ' networks: - dokploy-network labels: - traefik.enable=true # SMTP - traefik.tcp.routers.${HASH}-smtp.rule=HostSNI(`*`) - traefik.tcp.routers.${HASH}-smtp.entrypoints=mail-smtp - traefik.tcp.routers.${HASH}-smtp.service=${HASH}-smtp - traefik.tcp.services.${HASH}-smtp.loadbalancer.server.port=25 - traefik.tcp.services.${HASH}-smtp.loadbalancer.proxyProtocol.version=1 # Submission - traefik.tcp.routers.${HASH}-submission.rule=HostSNI(`*`) - traefik.tcp.routers.${HASH}-submission.entrypoints=mail-submission - traefik.tcp.routers.${HASH}-submission.service=${HASH}-submission - traefik.tcp.services.${HASH}-submission.loadbalancer.server.port=587 - traefik.tcp.services.${HASH}-submission.loadbalancer.proxyProtocol.version=1 # Submissions - traefik.tcp.routers.${HASH}-submissions.rule=HostSNI(`*`) - traefik.tcp.routers.${HASH}-submissions.entrypoints=mail-submissions - traefik.tcp.routers.${HASH}-submissions.service=${HASH}-submissions - traefik.tcp.services.${HASH}-submissions.loadbalancer.server.port=465 - traefik.tcp.services.${HASH}-submissions.loadbalancer.proxyProtocol.version=1 # IMAP - traefik.tcp.routers.${HASH}-imap.rule=HostSNI(`*`) - traefik.tcp.routers.${HASH}-imap.entrypoints=mail-imap - traefik.tcp.routers.${HASH}-imap.service=${HASH}-imap - traefik.tcp.services.${HASH}-imap.loadbalancer.server.port=143 - traefik.tcp.services.${HASH}-imap.loadbalancer.proxyProtocol.version=1 # IMAPS - traefik.tcp.routers.${HASH}-imaps.rule=HostSNI(`*`) - traefik.tcp.routers.${HASH}-imaps.entrypoints=mail-imaps - traefik.tcp.routers.${HASH}-imaps.service=${HASH}-imaps - traefik.tcp.services.${HASH}-imaps.loadbalancer.server.port=993 - traefik.tcp.services.${HASH}-imaps.loadbalancer.proxyProtocol.version=1 # POP3 - traefik.tcp.routers.${HASH}-pop3.rule=HostSNI(`*`) - traefik.tcp.routers.${HASH}-pop3.entrypoints=mail-pop3 - traefik.tcp.routers.${HASH}-pop3.service=${HASH}-pop3 - traefik.tcp.services.${HASH}-pop3.loadbalancer.server.port=110 - traefik.tcp.services.${HASH}-pop3.loadbalancer.proxyProtocol.version=1 # POP3S - traefik.tcp.routers.${HASH}-pop3s.rule=HostSNI(`*`) - traefik.tcp.routers.${HASH}-pop3s.entrypoints=mail-pop3s - traefik.tcp.routers.${HASH}-pop3s.service=${HASH}-pop3s - traefik.tcp.services.${HASH}-pop3s.loadbalancer.server.port=995 - traefik.tcp.services.${HASH}-pop3s.loadbalancer.proxyProtocol.version=1 # Managesieve - traefik.tcp.routers.${HASH}-managesieve.rule=HostSNI(`*`) - traefik.tcp.routers.${HASH}-managesieve.entrypoints=mail-managesieve - traefik.tcp.routers.${HASH}-managesieve.service=${HASH}-managesieve - traefik.tcp.services.${HASH}-managesieve.loadbalancer.server.port=4190 - traefik.tcp.services.${HASH}-managesieve.loadbalancer.proxyProtocol.version=1 whoami: image: docker.io/traefik/whoami:latest networks: - dokploy-network networks: dokploy-network: external: true volumes: dms-mail-data: dms-mail-state: dms-mail-logs: dms-mail-config:And have to add entry points to traefik. P.S : I've not tested yet, feel free to give feedback.
Will check it today on my home server, thanks!
Hi, Running the instance of erpnext there is some issue probably in some container I got this error
Hi, Running the instance of erpnext there is some issue probably in some container I got this error
You should wait till create-site-1 container is stopped
@SashaGoncharov19 The thing is i waited around 30 mins to see if something changed, but nothing changes at the end
Umm that's strange I was successfully running ERPNext every time during rebuilt or clean install.
Please take a look at the backend and db container also. See if any errors are presented or not.
So I want to talk about the mail server settings. It's very cool that we want everything to work out of the box on all servers, but it doesn't work that way. I've tried different mail servers, different settings, a lot of options. Every server has its own settings. If you install it at Hetzner, the default settings are usually sufficient. If you install it on your home server, the settings are more complicated, you have to proxy requests, there are different configurations and so on. It all depends on how the network is configured on the server.
I think it would be best to just make documentation on how to set up a mail server, because it will be a big headache to maintain it all. Someone will always open an issue and ask why it doesn't work if they don't understand how to use Linux systems, Traefik or whatever.
Stalwart Mail Server has documentation on how to use their server with Traefik Proxy. We can use this and create a template from it and describe the documentation on how to set up Traefik to work with Dokploy.
If you have any alternative solutions or questions, please do not hesitate to contact me, I would love to hear them as well.
@SashaGoncharov19
I have also tried several apps for email server settings for the same (VPS only). After trying those I can suggest 2 of them for template.
- Stalwart Mail Server
- Docker Mail Server
I am running a Docker mail Server without Traefik config, except (DNS, SPF, DKIM) Even multiple domains are configured. The main disadvantage of Docker Mail Server is webui/dashboard. Running 4-5 commands in the docker mail server container terminal is enough to set up the application properly. It's also have a extensive documentation. I don't think reverse proxy configuration is needed for this mail server.
Stalwart mail server is preferable and easy to deploy but needs to be configured properly (Traefik and stalwart mail server configs). I am still trying to understand the proper configuration. A better documentation could be much easier to configure the stalwart mail server.
I will keep you posted about it if I find anything else.
@ShubashBiswas
Also. I'm currently using Docker Mailserver on Hetzner and it works great with the basic configuration.
Waiting for the Email Server template to be added in Dokploy. I'm just writing to support you.
So I want to talk about the mail server settings. It's very cool that we want everything to work out of the box on all servers, but it doesn't work that way. I've tried different mail servers, different settings, a lot of options. Every server has its own settings. If you install it at Hetzner, the default settings are usually sufficient. If you install it on your home server, the settings are more complicated, you have to proxy requests, there are different configurations and so on. It all depends on how the network is configured on the server.
I think it would be best to just make documentation on how to set up a mail server, because it will be a big headache to maintain it all. Someone will always open an issue and ask why it doesn't work if they don't understand how to use Linux systems, Traefik or whatever.
Stalwart Mail Server has documentation on how to use their server with Traefik Proxy. We can use this and create a template from it and describe the documentation on how to set up Traefik to work with Dokploy.
If you have any alternative solutions or questions, please do not hesitate to contact me, I would love to hear them as well.
Makes sense tbh, can you add a explanation in the docs how to setup this and the things you need to take in consideration before you create this template?
https://sashagoncharov19.github.io/dokploy-template-docs/mail-server
Yeah but ideally should be in the dokploy docs
Mailserver will be released after some dokploy architecture changes.