Tiny VPS Postfix with Docker
A refresh of my tiny vps postfix setup.
- Part 1 - Tiny VPS Postfix
- Part 2 - Non-Linux Outgoing SMTP Account
- Part 3 - GMail As Email Client
- Part 4 - Postfix with Docker <- You are here
- Part 5 - Docker, Postfix, Journald & Logwatch
Since I start my vps journey, I gone through 3 servers. From mid-size to small, then to the current small-size kvm.
Every time I switch boxes, I have to gather all application configuration files, copy them off the box. Then upload them to the new box.
Web server packages like Apache and Lighttpd were not that bad as their configuration are in single directory.
However I always missed a file here or there for postfix. I either forgot
/etc/sasldb2. Basically, it was never a clean process.
I want something tidy, easily reproducible.
In the past few years I had been using kubernetes and docker. I decided to try moving postfix into container.
At first I was experimenting with other peoples' postfix containers. However they either customizing too much, automated something that conflict with my setup, or plain too old.
I end up creating my own jsiu/postfix. I will go through my setup below.
I choose docker over kubernetes because of simplicity. Kubernetes is a bit over kill for a single box with only 3 simple services(postfix, git and web).
I created a directory call
compose, following is the final structure:
The contents of my docker compose are as follow:
The reason I include caddy settings also is because I am using caddy auto certificate for my postfix, which will be explained below.
The postfix configuration is basically the same as my original Tiny VPS Postfix, with slight modification explained below.
Copy existing postfix configuration files into
00_VOL/postfix, or populate it with the default ones from image. Then modify
|14, 15||Hostname need to be hardcode here as postfix is inside container.|
|18||We want a persistent queue which can survive container restart. |
|28, 29||We are using certificate from Caddy, which are saved in volume |
I copied my original
00_VOL/postfix. Started up docker compose:
My postfix is now up and running in docker container.
- Re-using existing postfix configuration with minimum modification.
- Easy to migrate.
composeis a git repository and checked into git server. If I want to change my VPS box again, I just have to clone
composeto the new box. I can also backup
composewith a single tar command.
Localhost email need additional package to forward into postfix. Fortunately, both
opensmtpd with minimal configuration can do exactly that:
apt install msmtp-mta
1 2 3
domain johnsiu.com host ::1 port 25
domainis actually hostname used by msmtp during HELO handshake with postfix.
apt install opensmtpd
Its configuration file:
action "relay" relay host smtp://[::1] match from local for any action "relay"
msmtp as it is just a command line replacement for sendmail and not running as daemon. I put a copy of the config in
compose directory and checked in git also.
As illustrated above, postfix container is using caddy auto certificates. I haven’t find a way to auto detect certificate update, so I just use a cronjob to restart postfix container weekly.
I did spend quiet sometime on debugging and fine tuning my
jsiu/postfix container, and optimizing the compose file. However this is beneficial in the long run as backup and deploy are easily reproducible.