add better mail security
This commit is contained in:
rnsrk
parent
a7585e1bc9
commit
f670bec1b1
63 changed files with 2569 additions and 491 deletions
|
|
@ -1,7 +1,7 @@
|
|||
services:
|
||||
# Database-Stack
|
||||
adminer:
|
||||
image: adminer
|
||||
image: adminer:5
|
||||
container_name: adminer
|
||||
depends_on:
|
||||
- mariadb
|
||||
|
|
@ -21,7 +21,7 @@ services:
|
|||
restart: unless-stopped
|
||||
|
||||
mariadb:
|
||||
image: mariadb:11.5.2
|
||||
image: mariadb:12
|
||||
container_name: mariadb
|
||||
environment:
|
||||
MARIADB_ROOT_PASSWORD: ${MARIADB_ROOT_PASSWORD}
|
||||
|
|
@ -49,7 +49,7 @@ services:
|
|||
|
||||
# Traefik
|
||||
traefik:
|
||||
image: traefik:3.3
|
||||
image: traefik:3
|
||||
container_name: traefik
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
|
|
@ -64,6 +64,10 @@ services:
|
|||
- "traefik.http.middlewares.nextcloud-headers.headers.stsPreload=true"
|
||||
- "traefik.http.middlewares.nextcloud-headers.headers.forceSTSHeader=true"
|
||||
|
||||
# Timeout middlewares
|
||||
- "traefik.http.middlewares.timeout.headers.customrequestheaders.X-Forwarded-Timeout=120"
|
||||
- "traefik.http.middlewares.timeout.headers.customresponseheaders.X-Response-Timeout=120"
|
||||
|
||||
# routers
|
||||
- "traefik.http.routers.traefik.rule=Host(`traefik.${DOMAIN}`)"
|
||||
- "traefik.http.routers.traefik.entrypoints=web,websecure"
|
||||
|
|
@ -104,6 +108,10 @@ services:
|
|||
- --log.level=INFO
|
||||
# Enable the Traefik API
|
||||
- --api
|
||||
# Set global timeouts
|
||||
- --serverstransport.forwardingtimeouts.dialtimeout=120s
|
||||
- --serverstransport.forwardingtimeouts.responseheadertimeout=120s
|
||||
- --serverstransport.forwardingtimeouts.idleconntimeout=120s
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
- server-certificates:/certificates
|
||||
|
|
@ -115,6 +123,23 @@ services:
|
|||
- traefik
|
||||
restart: unless-stopped
|
||||
|
||||
mta-sts:
|
||||
image: nginx:1.27-alpine
|
||||
container_name: mta-sts
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.docker.network=traefik"
|
||||
- "traefik.http.routers.mta-sts.rule=Host(`mta-sts.${DOMAIN}`)"
|
||||
- "traefik.http.routers.mta-sts.entrypoints=websecure"
|
||||
- "traefik.http.routers.mta-sts.tls=true"
|
||||
- "traefik.http.routers.mta-sts.tls.certresolver=le"
|
||||
- "traefik.http.services.mta-sts.loadbalancer.server.port=80"
|
||||
volumes:
|
||||
- ./mta-sts:/usr/share/nginx/html:ro
|
||||
networks:
|
||||
- traefik
|
||||
restart: unless-stopped
|
||||
|
||||
volumes:
|
||||
server-certificates:
|
||||
name: server-certificates
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue