8.4 KiB
Install Stalwart Mail Server and protect it with HAProxy (and Caddy) inside Docker Desktop
Navigation
Prerequisite
Here are all the things you need to make sure you have before starting this tutorial. I'll eventually be adding links to other relevant tutorials that I create to assist you in completing this tutorial.
1. You should already have Caddy installed and fully working.
2. You should already have a Cloudflare account managing your domain.
3. You should already have a Cloudflare API Token.
4. You should already have the CNAME records 'mail.yourdomain.com' & 'webmail.yourdomain.com' created.
5. You should already have your Caddyfile routing 'mail.yourdomain.com' to port 8404.
6. You should already have your Caddyfile routing 'webmail.yourdomain.com' to port 680.
7. You should already have an smtp2go.com account created and setup.
8. You should use an advanced text editor like Notepadd++ or something like it that's designed for coding.
9. You should already have ports 25, 80, 110, 143, 443, 465, 587, 993, & 4190 opened inside your router pointing to your host machine's IP address.
Installation
- The flow of this Git tutorial will be following closely to thw video tutorial I made here. The video will have a lot more explainations and information so be sure to follow along here: https://www.youtube.com/watch?v=VsNb3Egw6BE
docker-compose.yml file
-
This is the docker-compose.yml file that you will use to create your container. It will be installing HAProxy and then including Stalwart and Roundcube's yml files, installing them afterwards.
-
The container will be named "haproxy"
-
It's always going to restart unless we manually stop it.
-
It's volume where the haproxy.cfg file is located will be mapped to the current directory of the yml file.
-
We are adding this container to a custom network called "hap-network" that we'll create below. It's also being assigned a static IP address.
-
Ports 25, 80, 110, 143, 443, 465, 587, 993, & 4190 will be assigned and mapped to this container
-
We're also making HAProxy's container depend on Stalwart's container
-
And finally we are creating a custom "hap-network" for all of these containers. Read the comments in the file and make any changes if needed.
stalwart.yml file
-
This is the stalwart.yml file. - IMPORTANT NOTE - The image was renamed by Stalwart recently so the image that we're pulling in the video is outdated. But don't worry, I updated the files that you can download.
-
The container will be named "stalwart"
-
It's always going to restart unless we manually stop it.
-
Port 7080 will be assigned and mapped to this container (instead of 8080 since 8080 is in use already) which is where you can access the Admin UI.
-
Stalwart's volume for its data files will be mapped to the current directory of the yml file.
-
We are adding this container to our custom "hap-network" and assign it a static IP address.
roundcube.yml file
-
This is the roundcube.yml file. It's not required but very recommended as it's a great email client container that you can use for quick testing.
-
The container will be named "roundcube"
-
It's always going to restart unless we manually stop it.
-
Port 680 will be assigned and mapped to this container (instead of 80 since 80 is in use already) which is where you can access the UI.
-
Roundcube's volumes for its database and config files will be mapped to the current directory of the yml file.
-
Roundcube's default Host and Servers need to be changed to the URL your mail server will be reached.
-
We are adding this container to our custom "hap-network".
Once you've made all of the yml files and they are sitting in the same directory, you can right-click in an empty space in the folder where all your files are located and select 'Open in Terminal'.
That opens a Powershell window inside that direcotry where you can enter this code to launch everything.
docker-compose up -d
Configurations
Stalwart UI First Logon and Configuration
-
Once you've ran and built the HAProxy, Stalwart, and Roundcube containers, let's load up Stalwart's Admin UI.
-
If you check the Docker Logs of the Stalwart container, you'll see the initial login credentials provided right there. Log in using those.
-
Setting > Authentication > Settings. Make a Fallback Administrator. Save & Reload
-
Security > Allowed IP's. Add your hap-network as an Allowed IP range. Save & Reload
-
SMTP > Outbound > Relay Host. Add SMTP2GO information. Save & Reload
-
SMTP > Outbound > Routing. Add 'SMTP2GO' . Save & Reload
-
SMTP > Outbound > TLS. Disable DANE and MTA-STS. Save & Reload
-
Server > Network. Add your mail server's URL. Save & Reload
-
Click + Add and add the hap-network as a proxy network. Save & Reload
Configuring Caddyfile
- This is the Caddyfile. This file tells Caddy what and how to do things.
Configuring haproxy.cfg file
- Configuring haproxy.cfg file
Configuring Stalwarts .toml file
- Configuring Stalwarts .toml file
Stalwart UI SSL and Domain Configuration
- Stalwart UI SSL and Domain Configuration
Testing Mail Flow
Once you have all of the files customized to your liking and all four of them are sitting in the same directory, you'll be ready to launch the yml file.