|
|
@@ -8,7 +8,7 @@
|
|
|
|
|
|
# Host your own rainloop instance using docker
|
|
|
|
|
|
-This project allows you to host your own instance of [rainloop ](https://github.com/RainLoop/rainloop-webmail) (licensed under [GNU AGPL v3](https://choosealicense.com/licenses/agpl-3.0/)) using docker.
|
|
|
+This project allows you to host your own instance of [rainloop ](https://github.com/RainLoop/rainloop-webmail) community edition (licensed under [GNU AGPL v3](https://choosealicense.com/licenses/agpl-3.0/)) using docker.
|
|
|
|
|
|
## Installation
|
|
|
|
|
|
@@ -25,7 +25,7 @@ docker build -t wernerfred/docker-rainloop .
|
|
|
Another possibility is pulling the image directly from the [DockerHub repository](https://hub.docker.com/r/wernerfred/rainloop). Every release on this project automatically triggers a new build based on the master branch.
|
|
|
|
|
|
```
|
|
|
-docker pull wernerfred/docker-rianloop
|
|
|
+docker pull wernerfred/docker-rainloop
|
|
|
```
|
|
|
|
|
|
### Run container
|
|
|
@@ -37,3 +37,100 @@ docker run -d \
|
|
|
-p 80:80 \
|
|
|
wernerfred/docker-rainloop
|
|
|
```
|
|
|
+
|
|
|
+## Persisting data
|
|
|
+
|
|
|
+There are several ways to persists the data inside the container. The Dockerfile defines a unnamed volume so if you do not specify anything docker creates a unnamed volume by default and makes your data accessible to the host there (find and inspect it with ```docker volume``` commands). The other two options are using a named volume or a bind mount which can be configured as follows (docker-compose using bind mount):
|
|
|
+
|
|
|
+```
|
|
|
+version: '3'
|
|
|
+
|
|
|
+services:
|
|
|
+ rainloop:
|
|
|
+ image: wernerfred/docker-rainloop:latest
|
|
|
+ container_name: docker-rainloop
|
|
|
+ restart: always
|
|
|
+ ports:
|
|
|
+ - 80:80
|
|
|
+ volumes:
|
|
|
+ - /opt/docker-rainloop/data:/rainloop/data
|
|
|
+```
|
|
|
+
|
|
|
+## Configuration
|
|
|
+
|
|
|
+To configure rainloop use the admin panel which can be accessed by: ```http://YOUR-IP/?admin```
|
|
|
+The default login credentials are: ```admin``` and ```12345```.
|
|
|
+The configuration is saved to: ```/rainloop/data/_data_/_default_/configs/application.ini```.
|
|
|
+For further configuration options see the [official documentation](https://www.rainloop.net/docs/configuration/).
|
|
|
+
|
|
|
+## Container structure and versions
|
|
|
+
|
|
|
+The container uses the official [php-apache](https://hub.docker.com/_/php) base image. Rainloop is installed in the community edition to ```/rainloop```. The data lives in ```/rainloop/data```. Apache uses port 80.
|
|
|
+You can define the image version by specifying a version tag behind the image. The project aims to provides the same version number as the used rainloop installation starting from ```1.14.0```. So ```wernerfred/docker-rainloop:1.14.0``` will use [rainloop-community-1.14.0](https://github.com/RainLoop/rainloop-webmail/releases/tag/v1.14.0) in the container.
|
|
|
+
|
|
|
+## Reverse proxy
|
|
|
+
|
|
|
+To secure the installation you should access the container through a reversy proxy which preferable will also handle SSL encryption for the connection.
|
|
|
+
|
|
|
+### Nginx
|
|
|
+
|
|
|
+If using ```nginx``` as a local reverse proxy you could use the following configuration (```docker-rainloop``` exposed on port ```8080``` and Let's Encrypt certs via ```certbot```):
|
|
|
+
|
|
|
+```
|
|
|
+server {
|
|
|
+ listen 80;
|
|
|
+ server_name <mail.domain.tld>;
|
|
|
+ return 301 https://$host$request_uri;
|
|
|
+}
|
|
|
+
|
|
|
+server {
|
|
|
+ listen 443 ssl http2;
|
|
|
+ listen [::]:443 ssl http2;
|
|
|
+ server_name <mail.domain.tld>;
|
|
|
+ root /dev/null;
|
|
|
+
|
|
|
+ access_log /var/log/nginx/<mail.domain.tld>.access.log combined;
|
|
|
+ error_log /var/log/nginx/<mail.domain.tld>.error.log warn;
|
|
|
+
|
|
|
+ location / {
|
|
|
+ proxy_pass http://localhost:8080;
|
|
|
+ proxy_set_header X-Forwarded-Host $host:$server_port;
|
|
|
+ proxy_set_header X-Forwarded-Server $host;
|
|
|
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
+ }
|
|
|
+ ssl_certificate /etc/letsencrypt/live/<mail.domain.tld>/fullchain.pem;
|
|
|
+ ssl_certificate_key /etc/letsencrypt/live/<mail.domain.tld>/privkey.pem;
|
|
|
+ ssl_trusted_certificate /etc/letsencrypt/live/<mail.domain.tld>/chain.pem;
|
|
|
+ ssl_protocols TLSv1.2;
|
|
|
+ ssl_prefer_server_ciphers on;
|
|
|
+}
|
|
|
+```
|
|
|
+
|
|
|
+### Traefik
|
|
|
+
|
|
|
+If you are using a reverse proxy like ```traefik``` you could use a configuration like this (```traefik``` located in the same ```proxy``` network:
|
|
|
+
|
|
|
+```
|
|
|
+version: '3'
|
|
|
+
|
|
|
+services:
|
|
|
+ rainloop:
|
|
|
+ image: wernerfred/docker-rainloop:latest
|
|
|
+ container_name: docker-rainloop
|
|
|
+ restart: always
|
|
|
+ volumes:
|
|
|
+ - /opt/docker-rainloop/data:/rainloop/data
|
|
|
+ networks:
|
|
|
+ - proxy
|
|
|
+ labels:
|
|
|
+ - "traefik.enable=true"
|
|
|
+ - "traefik.http.middlewares.rainloop-https.redirectscheme.scheme=https"
|
|
|
+ - "traefik.http.routers.rainloop-http.entrypoints=web"
|
|
|
+ - "traefik.http.routers.rainloop-http.rule=Host(`<mail.domain.tld>`)"
|
|
|
+ - "traefik.http.routers.rainloop-http.middlewares=rainloop-https@docker"
|
|
|
+ - "traefik.http.routers.rainloop-https.entrypoints=websecure"
|
|
|
+ - "traefik.http.routers.rainloop-https.rule=Host(`<mail.domain.tld>`)"
|
|
|
+ - "traefik.http.routers.rainloop-https.tls=true"
|
|
|
+ - "traefik.http.routers.rainloop-https.tls.certresolver=letsencrypt"
|
|
|
+ - "traefik.http.routers.rainloop-https.tls.domains[0].main=<mail.domain.tld>"
|
|
|
+```
|
Frederic Werner