DockerHub

[FireFtw]

Any interest/plans to maintain a docker image on DockerHub?

[the-djmaze]

I'm no docker user. Maybe you or someone else wants to do that?

[FWest98]

I will be able to do so. @the-djmaze if you could send me an email I could arrange automatic docker builds for you as well.

[the-djmaze]

@FWest98 host 160017966.pamx1.hotmail.com[104.47.45.33] said: 550 5.7.1 Unfortunately, messages from [84.22.110.35] weren't sent. Please contact your Internet service provider since part of their network is on our block list (S3150).

Yes i hate Microsoft. Keeps blocking every few months.

[ervee]

Hotmail/Outlook's antispam is really, really picky indeed.

Make sure your HELO matches your dns setup, MX, and if possible reverse/PTR record.

And if you use SPF, include a plain A record IP there (in addition of, or in place of MX/include records).

[FWest98]

@the-djmaze Now I'm wondering, did you ever receive my reply to your email?

[dawid-woitaschek]

@the-djmaze @FWest98 So, what's up with DockerHub?

[the-djmaze]

@the-djmaze Now I'm wondering, did you ever receive my reply to your email?

Yes, but i totally forgot to reply. Sorry for that.

[oywino]

Any plans to release a docker image of SnappyMail ?

[r3pek]

I took the liberty of using their own Dockerfile and setup a build and upload the image to Docker Hub. Feel free to use and/or report sugestions/bugs

https://hub.docker.com/r/r3pek/snappymail

[combro2k]

I don't know why people use buster as base :disappointed: I have one running on alpine (https://hub.docker.com/repository/docker/combro2k/alpine-nginx-snappymail/) It's still a work in progress tho, source is https://github.com/combro2k/dockerfiles/tree/master/alpine-nginx-snappymail-php8 It misses some 'extras' but base image is 82.79 MB vs 228.17 MB from buster ;-)

[combro2k]

@the-djmaze I think your provider doesn't follow the guidelines, It isn't microsoft's strictness :-P also you can add your IP from the provider (I would hide tho in the message) to a whitelist :-)

[the-djmaze]

alpine

I have one running on alpine (https://hub.docker.com/repository/docker/combro2k/alpine-nginx-snappymail/) It's still a work in progress tho, source is https://github.com/combro2k/dockerfiles/tree/master/alpine-nginx-snappymail-php8 It misses some 'extras' but base image is 82.79 MB vs 228.17 MB from buster ;-)

Awesome!

OFF TOPIC:

It isn't microsoft's strictness :-P

@combro2k nope, it's Microsoft at fault. There is a big rant discussion here in the Netherlands that only Microsoft is blocking IP's for no apparent reason. A lot of hosting companies (small and big) have to unblock mail-server IP's every month. Also there are cases where Microsoft servers respond with "mail accepted" but the receiver never received the e-mail (not even in spam folder).

Currently we all report this to the local and European Commission in the hopes that Microsoft will change their system to be compatible with SPF, DKIM and DMARC.

Examples: https://answers.microsoft.com/en-us/outlook_com/forum/all/emails-from-my-server-dont-error-but-dont-arrive/c0c28fe8-532b-4b4b-a92b-7bf6d7a9f28b https://answers.microsoft.com/en-us/outlook_com/forum/all/emails-not-reaching-inbox-sender-support-lack-of/810ef019-98eb-44eb-b90e-5e8a60a7674b https://finch.am/projects/hotmail/ https://www.linkedin.com/pulse/how-microsoft-turns-incompetence-my-problem-mark-schouten

[combro2k]

@the-djmaze I know you're from the NL as I am (based on the IP you shared) ;-) I've worked at an ISP for some years, but yeah it's an fight we all have to go. The most effective is indeed DMARC reporting, SPF & DKIM combination. We had an cluster of (own hosted) spamexperts running which made that part a little bit complicated; It was always an issue with them meh. But anyway back on the TOPIC :-P

Edit: I think the most issues are starting when you have multiple senders on the IP (different user/domains)

[eeeple]

I've built the latest version on aarch64 using the Dockerfile in the repo without hiccups on a OCI VPS. I haven't looked into the Alpine version but I'll try when I get some time. If anybody is interested, the latest image is located here: https://hub.docker.com/r/fffrantz/snappymail

When I get around the Alpine version, I'll try to setup automated builds for both on aarch64.

[WladyX]

Would also like to see this on dockerhub, @r3pek in the meantime do you plan to keep your image updated from time to time? Thank you!

[r3pek]

@WladyX yeah. I might do a new release later today just to sync up with the latest version

[HeyVern]

I will be able to do so. @the-djmaze if you could send me an email I could arrange automatic docker builds for you as well.

@FWest98 did you ever setup a docker that has auto builds? (x86,x64) I only am seeing a small group of dockers and most of them are behind. Thanks!

[FWest98]

I was planning on doing so, I had set up a DockerHub organisation but I need to add @the-djmaze to it so he can link this repo. But considering the complicated setup it has now, we should probably do this via some CI solution anyway.

[HeyVern]

Just as an experiment, I have Rainloop installed as a plugin with Nextcloud. In the documentation of Snappymail it says in some cases it can be a dropin replacement. So, I figured it was worth a shot. I figured out where the Rainloop core stuff was inside the plugin (v) folder, and added the same coorisponding files from snappymail to that location. Then I edited the config file to point to Snappymail's version as the updated version for the plugin. It did execute, but snappymail threw an error. I figured what the hell it was worth a shot. I truely hope that snappymail for Nextcloud becomes a thing, as it is awesome.

[eeeple]

Snappymail 2.15.2 for aarch64 available here : https://hub.docker.com/r/fffrantz/snappymail/tags Still haven't had the time to automate it all nor to check the alpine version. I should have a little bit more time in the coming weeks to try it all.

[kouinkouin]

@eeeple How can we automate the docker images generation? Can we do it with Github actions, and push the images on hub.docker.com? (I can write Dockerfile's, but I don't know enough Github actions)

[FWest98]

That is certainly possible using GH Actions. I am not too experienced with it, the entire setup with needing PHP and everything before we can run docker build is also not too convenient, unfortunately.

[the-djmaze]

the entire setup with needing PHP

Is only needed to modify files. A bash script to run gulp, gzip, brotli and zip could be sufficient

[Pofilo]

Snappymail 2.15.2 for aarch64 available here : https://hub.docker.com/r/fffrantz/snappymail/tags Still haven't had the time to automate it all nor to check the alpine version. I should have a little bit more time in the coming weeks to try it all.

@eeeple is your Dockerfile available somewhere ? Thanks.

[eeeple]

Snappymail 2.15.2 for aarch64 available here : https://hub.docker.com/r/fffrantz/snappymail/tags Still haven't had the time to automate it all nor to check the alpine version. I should have a little bit more time in the coming weeks to try it all.

@eeeple is your Dockerfile available somewhere ? Thanks.

No difference with the one provided in .docker/release except this:

-    docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ && \

+    docker-php-ext-configure ldap --with-libdir=lib/aarch64-linux-gnu/ && \

[darthdubu]

Hey @eeeple I'm sorry if this is super obvious and I'm just dumb but I'd like to ask how you're actually getting the Dockerfile to import/download the release zip. I've been trying to build it myself for x86 but i'm failing to understand how to make that part happen.

[kouinkouin]

@ducky710 Two ways:

• Download the zip file from Github, and put it in .docker/release folder. Then, build the image (with cd docker build --pull .docker/release/ --build-arg FILES_ZIP=snappymail-2.15.3.zip)
• Or run ./release.php --docker. That will make the zip file, put it in the .docker/release folder and run the docker build. If you encounter error during image building, build yourself the image (with the command previously given)

There is maybe another(s) way(s) I don't know...

[darthdubu]

@kouinkouin Thanks a lot man. Appreciate the help!

[kouinkouin]

When a release is released, I pull the repository, and I launch on my shell:

rm -rf build/dist/releases/webmail/* .docker/release/*.zip && ./release.php --docker && ls -1 build/dist/releases/webmail/*/snappymail-*.zip | cut -d/ -f5 | while read version ; do for t in $version-php8.1-bullseye latest ; do docker image tag snappymail:$version kouinkouin/snappymail:$t && docker push kouinkouin/snappymail:$t ; done ; done

So, my docker images is up-to-date, currently. "currently", because I do it manually (some days, I'm not behind my keyboard, and sometime, I don't read "new release!" mails). It would be good to automate it with GitHub Actions, then to remove kouinkouin/snappymail images and use snappymail/snappymail images

[eeeple]

Same here for aarch64, I run a pretty basic bash script to automanually build the docker image and push it to my registry (see here ). I'm really lacking time to look into the alpine version and into automatically building when a new release is published. So I stick to this for the time being and try to publish the aarch64 versions as soon as I can.

[kouinkouin]

If someone knows a project which builds docker images for each release and push them on hub.docker.io (via Github actions), it will be easier :-) .

[xgbstar1]

Created a ~version-specific~ Dockerfile to build image from source. The next step on is to ~make it versionless by modifying one line. I'll get around to that at some point and~ make a repo with GitHub action to periodically build and publish to Dockerhub (and I'll do this soon) unless someone beats me to it. https://gist.github.com/xgbstar1/4564a290a30d26d3c564afd64050d6c3

[JJGadgets]

For what it's worth, Mailu has their own SnappyMail Docker image too. https://registry.hub.docker.com/r/mailu/snappymail https://github.com/Mailu/Mailu/blob/master/webmails/snappymail/Dockerfile

[xgbstar1]

Created a ~version-specific~ Dockerfile to build image from source. The next step on is to ~make it versionless by modifying one line. I'll get around to that at some point and~ make a repo with GitHub action to periodically build and publish to Dockerhub (and I'll do this soon) unless someone beats me to it. https://gist.github.com/xgbstar1/4564a290a30d26d3c564afd64050d6c3

Created this and happy to improve it. One difference between this and some of the other SnappyMail Docker images might be that this one is being updated on a schedule of twice per day. Docker registry: https://hub.docker.com/r/xgbstar1/snappymail-docker Source repo: https://github.com/xgbstar1/snappymail-docker

Schedule of twice per day in source repo GitHub Actions workflow definition: https://github.com/xgbstar1/snappymail-docker/blob/main/.github/workflows/build.yaml

[Leopere]

Okay so effectively from what I'm getting from this issues conversation is roughly the following:

1. That the Dockerfile for php is just there to prepare/compile the appliance and then the nginx container serves it to the users.
2. The php container referenced within this repository not only compiles the app but it also modifies data in some database.
3. This fork maybe runs on Mysql/Mariadb. (only guessing because the example docker-compose.yml contains a database.)
4. There's no technical docker expertise within the project and @the-djmaze is doing their best based on entry level knowledge.
5. The assumption is that the default supplied Dockerfile needs to cater to all end users and not just attempt to adhere to the docker container best practices. Typically you would want a container to be as stateless and as ephemeral as possible in every scenario. It should tend to have only one process and should interface through networking or sockets between micro-services. Containers should have as few layers as possible ideally under 10 but this is only a guideline for efficiency. Finally, it should ideally work out of the box and allow various methods of configuration.

I'm not 100% certain which of these are entirely true but I'm just trying to get a sitrep so I can potentially make recommendations via PR or something.

[the-djmaze]

I have indeed no knowledge of docker, kubernetes, etc. I do use things like KVM, VirtualBox, etc. and one problem with these is access.

SnappyMail GPG requires 0700 access to .gpg directories in a path (or symlink) smaller then 80 characters. This is because the gpg application is like that. The .gpg directory will contain public/private keys that are used with PGP/Inline and PGP/MIME messages.

Replacing a VM/Docker/etc. might remove this important data. So an image should have access to a persistent storage location that each user might configure differently.

Maybe you all can write documentation how this should/would be handled?

[FWest98]

Docker can easily support some persistent storage through volumes. Users of the container would need to mount such a volume in the right path, which is easy to do with the right instructions. In fact, I already use that approach for mounting the configuration and other user data.

[Leopere]

Thanks heaps for the fast replies I'm pretty amped to see if we can get this working with CI/CD maybe through GitHub Actions if someone else can step in who intuitively knows it better than I. I know CI/CD methodologies from way back when Jenkins and GitLab-Runners were the only real options.

SnappyMail GPG requires 0700 access to .gpg directories in a path (or symlink) smaller then 80 characters. This is because the gpg application is like that. The .gpg directory will contain public/private keys that are used with PGP/Inline and PGP/MIME messages.

I was thinking that all of the gpg stuff was going to happen entirely in the browser. If we need a persistent .gpg folder thats great and fine and it can be done on anything including Bind Mounts (which are direct filesystem mapped static paths) or docker volumes (randomly assigned filesystem mounted volumes on the host.)

The only trick is you'd likely want to assert file permissions on the container start to ensure that the user didn't screw with them and make it impossible to operate. I have a strong preference towards flexible, minimal but also opinionated containers that manage most of the default problem cases.

If you could add a start.sh shell script as a start feature that would be fine for example if you are adding a couple of pre-flight checks to ensure that the end users haven't screwed with things in a breaking way.

If we've done our jobs right with the Dockerfile you can also inspire people to make their own forks that are functional in ways they prefer.

[leojonathanoh]

Hey guys, i just found this project and it looks very promising, though it didn't include a dockerhub image, so i've been working for the last few hours to make it work properly. Opened #965, i'll need help with testing whether it works properly etc.

[Leopere]

Hey guys, i just found this project and it looks very promising, though it didn't include a dockerhub image, so i've been working for the last few hours to make it work properly. Opened #965, i'll need help with testing whether it works properly etc.

@leojonathanoh do you have the container pushed anywhere I'd love to try to run this in a Swarm context.

[leojonathanoh]

@leojonathanoh do you have the container pushed anywhere I'd love to try to run this in a Swarm context.

@Leopere the docker image is available on #965. See the Compose examples here for deploying to Swarm. Since i use this in Compose, it should work just as well for Swarm.

[Leopere]

just keeps trying to start I've launched this with

version: '3.9'
services:
  snappymail:
    image: leojonathanoh/snappymail:pr-1
    # ports:
    #   - 8888:8888
    volumes:
      - /mnt/tank/persist/nixc.us/snappy/production/data:/var/lib/snappymail
    networks:
      - default
      - db-network
      - redis-network
      - traefik
    deploy:
      replicas: 1
      placement:
        constraints:
##          - node.labels.role == db
#          - node.hostname == macmini1
          - node.labels.mac-rack == true
      labels:
        - "traefik.enable=true"
        - "traefik.http.routers.snappy.tls=true"
        - "traefik.http.services.snappy.loadbalancer.server.port=3000"
        - "traefik.http.routers.snappy.rule=Host(`snappy.nixc.us`)"
        - "traefik.http.routers.snappy.entrypoints=websecure"
        - "traefik.http.routers.snappy.tls.certresolver=letsencryptresolver"
        - "traefik.http.routers.snappy.service=snappy"
        - "traefik.docker.network=traefik"
        # - 'traefik.http.routers.snappy.middlewares=authelia@docker'
    # networks:
    #   - default
    #   - traefik

  # This provides prometheus metrics for snappymail's php-fpm
  # php-fpm-exporter:
  #   image: hipages/php-fpm_exporter:2.2.0
  #   # ports:
  #   #   - 9253:9253
  #   environment:
  #     - PHP_FPM_SCRAPE_URI=tcp://snappymail:9000/status
  #   networks:
  #     - default

  db:
    image: postgres:15-alpine
    environment:
      - POSTGRES_USER=snappymail
      - POSTGRES_PASSWORD=snappymail
      - POSTGRES_DB=snappymail
    volumes:
      - /mnt/tank/persist/nixc.us/snappy/production/db:/var/lib/postgresql/data
    networks:
      - db-network
    deploy:
      replicas: 1
      placement:
        constraints:
##          - node.labels.role == db
#          - node.hostname == macmini1
          - node.labels.mac-rack == true
      labels:
        - "traefik.enable=false"
    networks:
      - default

  redis:
    image: redis:7-alpine
    networks:
      - redis-network
    deploy:
      replicas: 1
      placement:
        constraints:
##          - node.labels.role == db
#          - node.hostname == macmini1
          - node.labels.mac-rack == true
      labels:
        - "traefik.enable=false"
    networks:
      - default

networks:
  default:
  db-network:
    internal: true
  redis-network:
    internal: true
  traefik:
    external: true 

[Leopere]

I've tried a few different configurations for the volumes on the snappymail container with no luck.

[leojonathanoh]

EDIT: Ignore this, see next reply.

> >  It seems to be failing at the `su` command at https://github.com/leojonathanoh/snappymail/blob/22f9853c207f4319263b04a870c28974db3c0562/.docker/release/files/entrypoint.sh#L33 It's probably failing because of permissions. The snappymail vollume needs permissions for UID:GID `82:82` (i.e. `www-data` user on Alpine), so you need to run: ```sh sudo chown -R 82:82 /mnt/tank/persist/nixc.us/snappy/production/data ``` Let me know if that works. I'll see what I can do to make `su` spit errors instead of failing silently.

[leojonathanoh]

@Leopere EDIT: i've added a DEBUG env var, set to true to get verbose entrypoint.sh logs. In docker-compose.yml, try:

services:
  snappymail:
    environment:
      - DEBUG=true

then you should get verbose logs which can help debugging. In this case, mine started up nicely:

``` $ docker logs mail-demo_snappymail_1 -f + set -eu + UPLOAD_MAX_SIZE=25M + MEMORY_LIMIT=128M + SECURE_COOKIES=true + sed -i 's//25M/g' /usr/local/etc/php-fpm.d/php-fpm.conf /etc/nginx/nginx.conf + sed -i 's//128M/g' /usr/local/etc/php-fpm.d/php-fpm.conf + '[' true '=' true ] + echo '[INFO] Secure cookies activated' [INFO] Secure cookies activated + echo 'session.cookie_httponly = On' + echo 'session.cookie_secure = On' + echo 'session.use_only_cookies = On' + echo '[INFO] Setting permissions on /var/lib/snappymail' [INFO] Setting permissions on /var/lib/snappymail + chown -R www-data:www-data /var/lib/snappymail/ + chmod 550 /var/lib/snappymail/ + find /var/lib/snappymail/ -type d -exec chmod 750 '{}' ';' + SNAPPYMAIL_CONFIG_FILE=/var/lib/snappymail/_data_/_default_/configs/application.ini + '[' '!' -f /var/lib/snappymail/_data_/_default_/configs/application.ini ] + sed '/^\; Enable logging/{ N s/enable = Off/enable = On/ }' -i /var/lib/snappymail/_data_/_default_/configs/application.ini + sed 's/^filename = .*/filename = "stderr"/' -i /var/lib/snappymail/_data_/_default_/configs/application.ini + sed 's/^write_on_error_only = .*/write_on_error_only = Off/' -i /var/lib/snappymail/_data_/_default_/configs/application.ini + sed 's/^write_on_php_error_only = .*/write_on_php_error_only = On/' -i /var/lib/snappymail/_data_/_default_/configs/application.ini + sed 's/^auth_logging = .*/auth_logging = On/' -i /var/lib/snappymail/_data_/_default_/configs/application.ini + sed 's/^auth_logging_filename = .*/auth_logging_filename = "auth.log"/' -i /var/lib/snappymail/_data_/_default_/configs/application.ini + sed 's/^auth_logging_format = .*/auth_logging_format = "[{date:Y-m-d H:i:s}] Auth failed: ip={request:ip} user={imap:login} host={imap:host} port={imap:port}"/' -i /var/lib/snappymail/_data_/_default_/configs/application.ini + sed 's/^auth_syslog = .*/auth_syslog = Off/' -i /var/lib/snappymail/_data_/_default_/configs/application.ini + SNAPPYMAIL_ADMIN_PASSWORD_FILE=/var/lib/snappymail/_data_/_default_/admin_password.txt + '[' '!' -f /var/lib/snappymail/_data_/_default_/admin_password.txt ] + exec /usr/bin/supervisord -c /supervisor.conf --pidfile /run/supervisord.pid 2023-04-13 08:34:53,141 INFO Set uid to user 0 succeeded 2023-04-13 08:34:53,142 INFO supervisord started with pid 7 2023-04-13 08:34:54,146 INFO spawned: 'subprocess-stopped_00' with pid 43 2023-04-13 08:34:54,148 INFO spawned: 'nginx_00' with pid 44 2023-04-13 08:34:54,149 INFO spawned: 'php-fpm_00' with pid 45 2023-04-13 08:34:54,160 INFO success: nginx_00 entered RUNNING state, process has stayed up for > than 0 seconds (startsecs) 2023-04-13 08:34:54,160 INFO success: php-fpm_00 entered RUNNING state, process has stayed up for > than 0 seconds (startsecs) [13-Apr-2023 08:34:54] NOTICE: Failed implicitly binding to ::, retrying with 0.0.0.0 [13-Apr-2023 08:34:54] NOTICE: Failed implicitly binding to ::, retrying with 0.0.0.0 [13-Apr-2023 08:34:54] NOTICE: fpm is running, pid 45 [13-Apr-2023 08:34:54] NOTICE: ready to handle connections 2023-04-13 08:34:55,166 INFO success: subprocess-stopped_00 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) ```

[Leopere]

  + echo '[INFO] Creating default Snappymail configuration: /var/lib/snappymail/_data_/_default_/configs/application.ini'  [INFO] Creating default Snappymail configuration: /var/lib/snappymail/_data_/_default_/configs/application.ini  + su - www-data -s /bin/sh -c 'php /snappymail/index.php'

for some reason it fails here

[leojonathanoh]

hmm, what filesystem are you using on the bind mount /mnt/tank/persist/nixc.us/snappy/production/data?

[leojonathanoh]

From your logs above, setting permissions on /var/lib/snappymail succeeded (https://github.com/leojonathanoh/snappymail/blob/22f9853c207f4319263b04a870c28974db3c0562/.docker/release/files/entrypoint.sh):

chown -R www-data:www-data /var/lib/snappymail/
chmod 550 /var/lib/snappymail/
find /var/lib/snappymail/ -type d -exec chmod 750 {} \;

So the bind mount should be working correctly. Can't think of why it would fail at there. Could you try a local docker volume (follow simple example here), to see if it works?

[Leopere]

I actually ended up just using a docker volume and still running into this but I'll keep poking and possibly try a bind mount here local and not a gluster volume

[Leopere]

still flopping

 + UPLOAD_MAX_SIZE=25M
 + MEMORY_LIMIT=128M
 + SECURE_COOKIES=true
 + sed -i 's/<UPLOAD_MAX_SIZE>/25M/g' /usr/local/etc/php-fpm.d/php-fpm.conf /etc/nginx/nginx.conf
 + sed -i 's/<MEMORY_LIMIT>/128M/g' /usr/local/etc/php-fpm.d/php-fpm.conf
 + '[' true '=' true ]
 + echo '[INFO] Secure cookies activated'
 [INFO] Secure cookies activated
 + echo 'session.cookie_httponly = On'
 + echo 'session.cookie_secure = On'
 + echo 'session.use_only_cookies = On'
 + echo '[INFO] Setting permissions on /var/lib/snappymail'
 + chown -R www-data:www-data /var/lib/snappymail/
 [INFO] Setting permissions on /var/lib/snappymail
 + chmod 550 /var/lib/snappymail/
 + find /var/lib/snappymail/ -type d -exec chmod 750 '{}' ';'
 + SNAPPYMAIL_CONFIG_FILE=/var/lib/snappymail/_data_/_default_/configs/application.ini
 + '[' '!' -f /var/lib/snappymail/_data_/_default_/configs/application.ini ]
 + echo '[INFO] Creating default Snappymail configuration: /var/lib/snappymail/_data_/_default_/configs/application.ini'
 [INFO] Creating default Snappymail configuration: /var/lib/snappymail/_data_/_default_/configs/application.ini
 + su - www-data -s /bin/sh -c 'php /snappymail/index.php'

this is with

version: '3.9'
services:
  snappymail:
    image: leojonathanoh/snappymail:pr-1
    # ports:
    #   - 8888:8888
    environment:
     - DEBUG=true
    volumes:
      - /root/tank/persist/nixc.us/snappy/production/data:/var/lib/snappymail
      # -  snappymail:/var/lib/snappymail

    networks:
      - default
      # - db-network
      # - redis-network
      - traefik
    deploy:
      replicas: 1
      placement:
        constraints:
          # - node.labels.role == db
          - node.hostname == macmini1
          # - node.labels.mac-rack == true
      labels:
        - "traefik.enable=true"
        - "traefik.http.routers.snappy.tls=true"
        - "traefik.http.services.snappy.loadbalancer.server.port=8888"
        - "traefik.http.routers.snappy.rule=Host(`snappy.nixc.us`)"
        - "traefik.http.routers.snappy.entrypoints=websecure"
        - "traefik.http.routers.snappy.tls.certresolver=letsencryptresolver"
        - "traefik.http.routers.snappy.service=snappy"
        - "traefik.docker.network=traefik"
        # - 'traefik.http.routers.snappy.middlewares=authelia@docker'
    # networks:
    #   - default
    #   - traefik

  # This provides prometheus metrics for snappymail's php-fpm
  # php-fpm-exporter:
  #   image: hipages/php-fpm_exporter:2.2.0
  #   # ports:
  #   #   - 9253:9253
  #   environment:
  #     - PHP_FPM_SCRAPE_URI=tcp://snappymail:9000/status
  #   networks:
  #     - default

#   db:
#     image: postgres:15-alpine
#     environment:
#       - POSTGRES_USER=snappymail
#       - POSTGRES_PASSWORD=snappymail
#       - POSTGRES_DB=snappymail
#     volumes:
#       - /mnt/tank/persist/nixc.us/snappy/production/db:/var/lib/postgresql/data
#     networks:
#       - db-network
#     deploy:
#       replicas: 1
#       placement:
#         constraints:
# ##          - node.labels.role == db
# #          - node.hostname == macmini1
#           - node.labels.mac-rack == true
#       labels:
#         - "traefik.enable=false"
#     networks:
#       - default

#   redis:
#     image: redis:7-alpine
#     networks:
#       - redis-network
#     deploy:
#       replicas: 1
#       placement:
#         constraints:
# ##          - node.labels.role == db
# #          - node.hostname == macmini1
#           - node.labels.mac-rack == true
#       labels:
#         - "traefik.enable=false"
#     networks:
#       - default

networks:
  default:
  # db-network:
  #   internal: true
  # redis-network:
  #   internal: true
  traefik:
    external: true 

volumes:
  postgres:
    driver: local
  snappymail:
    driver: local