7x31
/
mailcow-dockerized
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(docker): add support for rootless docker

This commit is contained in:
Grigorii Lutkov 2023-02-18 13:48:10 +03:00
parent d20df7d73e
commit 77c8b9dd4c
2 changed files with 10 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
docker-compose.yml
View File

@ -49,8 +49,6 @@ services:
- "${REDIS_PORT:-127.0.0.1:7654}:6379" - "${REDIS_PORT:-127.0.0.1:7654}:6379"
environment: environment:
- TZ=${TZ} - TZ=${TZ}
sysctls:
- net.core.somaxconn=4096
networks: networks:
mailcow-network: mailcow-network:
ipv4_address: ${IPV4_NETWORK:-172.22.1}.249 ipv4_address: ${IPV4_NETWORK:-172.22.1}.249
@ -284,11 +282,6 @@ services:
ofelia.job-exec.dovecot_fts.command: "/usr/bin/curl http://solr:8983/solr/dovecot-fts/update?optimize=true" ofelia.job-exec.dovecot_fts.command: "/usr/bin/curl http://solr:8983/solr/dovecot-fts/update?optimize=true"
ofelia.job-exec.dovecot_repl_health.schedule: "@every 5m" ofelia.job-exec.dovecot_repl_health.schedule: "@every 5m"
ofelia.job-exec.dovecot_repl_health.command: "/bin/bash -c \"/usr/local/bin/gosu vmail /usr/local/bin/repl_health.sh\"" ofelia.job-exec.dovecot_repl_health.command: "/bin/bash -c \"/usr/local/bin/gosu vmail /usr/local/bin/repl_health.sh\""
ulimits:
nproc: 65535
nofile:
soft: 20000
hard: 40000
networks: networks:
mailcow-network: mailcow-network:
ipv4_address: ${IPV4_NETWORK:-172.22.1}.250 ipv4_address: ${IPV4_NETWORK:-172.22.1}.250
@ -434,7 +427,6 @@ services:
- php-fpm-mailcow - php-fpm-mailcow
- redis-mailcow - redis-mailcow
restart: always restart: always
privileged: true
environment: environment:
- TZ=${TZ} - TZ=${TZ}
- IPV4_NETWORK=${IPV4_NETWORK:-172.22.1} - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
@ -443,7 +435,6 @@ services:
- SNAT6_TO_SOURCE=${SNAT6_TO_SOURCE:-n} - SNAT6_TO_SOURCE=${SNAT6_TO_SOURCE:-n}
- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-} - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-} - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
network_mode: "host"
volumes: volumes:
- /lib/modules:/lib/modules:ro - /lib/modules:/lib/modules:ro
@ -522,7 +513,7 @@ services:
- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-} - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-} - REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro - /run/user/${CURRENT_USER_ID:?}/docker.sock:/var/run/docker.sock:ro
networks: networks:
mailcow-network: mailcow-network:
aliases: aliases:
@ -576,7 +567,7 @@ services:
security_opt: security_opt:
- label=disable - label=disable
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro - /run/user/${CURRENT_USER_ID:?}/docker.sock:/var/run/docker.sock:ro
networks: networks:
mailcow-network: mailcow-network:
aliases: aliases:
@ -606,10 +597,8 @@ services:
security_opt: security_opt:
- label=disable - label=disable
restart: always restart: always
privileged: true
network_mode: "host"
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro - /run/user/${CURRENT_USER_ID:?}/docker.sock:/var/run/docker.sock:ro
- /lib/modules:/lib/modules:ro - /lib/modules:/lib/modules:ro
networks: networks:

3
generate_config.sh
View File

@ -431,6 +431,9 @@ ACME_CONTACT=
# root certificates can be placed for validation under mailcow-dockerized/data/web/inc/lib/WebAuthn/rootCertificates # root certificates can be placed for validation under mailcow-dockerized/data/web/inc/lib/WebAuthn/rootCertificates
WEBAUTHN_ONLY_TRUSTED_VENDORS=n WEBAUTHN_ONLY_TRUSTED_VENDORS=n
# To mount rootless docker.sock we need to know current user id
CURRENT_USER_ID=$UID
EOF EOF
mkdir -p data/assets/ssl mkdir -p data/assets/ssl