Install Stalwart Mail Server and protect it with HAProxy (and Caddy) inside Docker Desktop
# Navigation
- [Prerequisite](#prerequisite)
- [Installation](#installation)
- [docker-compose.yml file](#docker-composeyml-file)
- [stalwart.yml file](#stalwartyml-file)
- [roundcube.yml file](#roundcubeyml-file)
- [Configurations](#configurations)
- [Stalwart UI First Logon and Configuration](#stalwart-ui-first-logon-and-configuration)
- [Configuring Caddyfile](#configuring-caddyfile)
- [Configuring haproxy.cfg file](#configuring-haproxycfg-file)
- [Configuring Stalwarts .toml file](#configuring-stalwart-toml-file)
- [Stalwart UI SSL and Domain Configuration](#stalwart-ui-ssl-and-domain-configuration)
- [Testing Mail Flow](#testint-mail-flow)
# Prerequisite
**Here are all the things you need to make sure you have before starting this tutorial. I'll eventually be adding links to other relevant tutorials that I create to assist you in completing this tutorial.**
**1. You should already have Caddy installed and fully working.**
**2. You should already have a Cloudflare account managing your domain.**
**3. You should already have a Cloudflare API Token.**
**4. You should already have the CNAME records 'mail.yourdomain.com' & 'webmail.yourdomain.com' created.**
**5. You should already have your Caddyfile routing 'mail.yourdomain.com' to port 8404.**
**6. You should already have your Caddyfile routing 'webmail.yourdomain.com' to port 680.**
**7. You should already have an smtp2go.com account created and setup.**
**8. You should use an advanced text editor like Notepadd++ or something like it that's designed for coding.**
**9. You should already have ports 25, 80, 110, 143, 443, 465, 587, 993, & 4190 opened inside your router pointing to your host machine's IP address.**
# Installation
* **The flow of this Git tutorial will be following closely to thw video tutorial I made here. The video will have a lot more explainations and information so be sure to follow along here: https://www.youtube.com/watch?v=VsNb3Egw6BE**
## docker-compose.yml file
* **This is the docker-compose.yml file that you will use to create your container. It will be installing HAProxy and then including Stalwart and Roundcube's yml files, installing them afterwards.**
* **The container will be named "haproxy"**
* **It's always going to restart unless we manually stop it.**
* **It's volume where the haproxy.cfg file is located will be mapped to the current directory of the yml file.**
* **We are adding this container to a custom network called "hap-network" that we'll create below. It's also being assigned a static IP address.**
* **Ports 25, 80, 110, 143, 443, 465, 587, 993, & 4190 will be assigned and mapped to this container**
* **We're also making HAProxy's container depend on Stalwart's container**
* **And finally we are creating a custom "hap-network" for all of these containers. Read the comments in the file and make any changes if needed.**
## stalwart.yml file
* **This is the stalwart.yml file. - IMPORTANT NOTE - The image was renamed by Stalwart recently so the image that we're pulling in the video is outdated. But don't worry, I updated the files that you can download.**
* **The container will be named "stalwart"**
* **It's always going to restart unless we manually stop it.**
* **Port 7080 will be assigned and mapped to this container (instead of 8080 since 8080 is in use already) which is where you can access the Admin UI.**
* **Stalwart's volume for its data files will be mapped to the current directory of the yml file.**
* **We are adding this container to our custom "hap-network" and assign it a static IP address.**
## roundcube.yml file
* **This is the roundcube.yml file. It's not required but very recommended as it's a great email client container that you can use for quick testing.**
* **The container will be named "roundcube"**
* **It's always going to restart unless we manually stop it.**
* **Port 680 will be assigned and mapped to this container (instead of 80 since 80 is in use already) which is where you can access the UI.**
* **Roundcube's volumes for its database and config files will be mapped to the current directory of the yml file.**
* **Roundcube's default Host and Servers need to be changed to the URL your mail server will be reached.**
* **We are adding this container to our custom "hap-network".**
**Once you've made all of the yml files and they are sitting in the same directory, you can right-click in an empty space in the folder where all your files are located and select 'Open in Terminal'.**
**That opens a Powershell window inside that direcotry where you can enter this code to launch everything.**
```ps1
docker-compose up -d
```
# Configurations
## Stalwart UI First Logon and Configuration
* **Once you've ran and built the HAProxy, Stalwart, and Roundcube containers, let's load up Stalwart's Admin UI.**
* **If you check the Docker Logs of the Stalwart container, you'll see the initial login credentials provided right there. Log in using those.**
* **Setting > Authentication > Settings. Make a Fallback Administrator. Save & Reload**
* **Security > Allowed IP's. Add your hap-network as an Allowed IP range. Save & Reload**
* **SMTP > Outbound > Relay Host. Add SMTP2GO information. Save & Reload**
* **SMTP > Outbound > Routing. Add 'SMTP2GO' . Save & Reload**
* **SMTP > Outbound > TLS. Disable DANE and MTA-STS. Save & Reload**
* **Server > Network. Add your mail server's URL. Save & Reload**
* **Click + Add and add the hap-network as a proxy network. Save & Reload**
## Configuring Caddyfile
* **This is the Caddyfile. This file tells Caddy what and how to do things.**
## Configuring haproxy.cfg file
* **Configuring haproxy.cfg file**
## Configuring Stalwarts .toml file
* **Configuring Stalwarts .toml file**
## Stalwart UI SSL and Domain Configuration
* **Stalwart UI SSL and Domain Configuration**
# Testing Mail Flow
**Once you have all of the files customized to your liking and all four of them are sitting in the same directory, you'll be ready to launch the yml file.**
Support the channel so I can make more tutorials!