version: '2.1' services: nginx-mailcow: expose: - "${HTTP_PORT:-80}" networks: proxy: mailcow-network: aliases: - nginx labels: - traefik.enable=true - traefik.docker.network=proxy - traefik.http.middlewares.mail-redirect-websecure.redirectscheme.scheme=https - traefik.http.routers.mail-http.middlewares=mail-redirect-websecure - traefik.http.routers.mail-http.rule=Host(`${MAILCOW_HOSTNAME}`) - traefik.http.routers.mail-http.entrypoints=web - traefik.http.routers.mail-https.rule=Host(`${MAILCOW_HOSTNAME}`) - traefik.http.routers.mail-https.entrypoints=websecure - traefik.http.routers.mail-https.tls=true - traefik.http.routers.mail-https.tls.certresolver=myhttpchallenge - traefik.http.services.mail.loadbalancer.server.port=80 - "co.elastic.logs/module=nginx" - "co.elastic.logs/fileset=access" certdumper: image: humenius/traefik-certs-dumper restart: always # container_name: traefik_certdumper network_mode: none volumes: # mount the folder which contains Traefik's `acme.json' file # in this case Traefik is started from its own docker-compose in ../traefik - ${DATA_PATH}/traefik:/traefik:ro # mount mailcow's SSL folder - ./data/assets/ssl/:/output:rw environment: # only change this, if you're using another domain for mailcow's web frontend compared to the standard config - DOMAIN=${MAILCOW_HOSTNAME} ipv6nat-mailcow: image: bash:latest restart: "no" entrypoint: ["echo", "ipv6nat disabled in compose.override.yml"] networks: mailcow-network: driver_opts: com.docker.network.bridge.name: br-mailcow enable_ipv6: false ipam: driver: default config: - subnet: ${IPV4_NETWORK:-172.22.1}.0/24 - subnet: ${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64} proxy: external: true