37 lines
1.1 KiB
Text
37 lines
1.1 KiB
Text
[Unit]
|
|
Description=mailserver
|
|
|
|
[Container]
|
|
Image=ghcr.io/docker-mailserver/docker-mailserver:edge
|
|
ContainerName=mailserver
|
|
EnvironmentFile=/etc/containers/systemd/mailserver/.env.secrets
|
|
EnvironmentFile=/etc/containers/systemd/mailserver/.env
|
|
AddCapability=NET_ADMIN
|
|
HostName=mx1.synth.download
|
|
PublishPort=25:25
|
|
PublishPort=143:143
|
|
PublishPort=587:587
|
|
PublishPort=993:993
|
|
Timezone=local
|
|
Volume=/var/containers/mailserver/data:/var/mail:Z
|
|
Volume=/var/containers/mailserver/state:/var/mail-state:Z
|
|
Volume=/var/containers/mailserver/logs:/var/log/mail:Z
|
|
Volume=/var/containers/mailserver/config:/tmp/docker-mailserver:Z
|
|
Volume=/etc/certs/wildcard_.synth.download.crt:/etc/letsencrypt/live/synth.download/fullchain.pem:ro,z
|
|
Volume=/etc/certs/wildcard_.synth.download.key:/etc/letsencrypt/live/synth.download/privkey.pem:ro,z
|
|
# Health
|
|
HealthCmd=ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1
|
|
HealthOnFailure=kill
|
|
HealthStartPeriod=1m
|
|
Notify=healthy
|
|
# Security
|
|
NoNewPrivileges=true
|
|
# Resources
|
|
Memory=512m
|
|
PodmanArgs=--memory-reservation=256m --cpus=0.4 --cpu-shares=256
|
|
|
|
[Service]
|
|
Restart=always
|
|
|
|
[Install]
|
|
WantedBy=default.target
|