Poste.io (with Lets Encrypt) + Nginx reverse proxy + Nginx Lets encrypt companion

docker-compose.yml

version: '3'

services:
  nginx-proxy:
    image: jwilder/nginx-proxy
    labels:
        com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: "true"
    container_name: nginx-proxy
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /data/nginx/conf.d:/etc/nginx/conf.d
      - /data/nginx/vhost.d:/etc/nginx/vhost.d
      - /data/nginx/html:/usr/share/nginx/html
      - /data/nginx/certs:/etc/nginx/certs:ro
      - /var/run/docker.sock:/tmp/docker.sock:ro

  nginx-letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    container_name: nginx-letsencrypt
    restart: unless-stopped
    volumes:
      - /data/nginx/conf.d:/etc/nginx/conf.d
      - /data/nginx/vhost.d:/etc/nginx/vhost.d
      - /data/nginx/html:/usr/share/nginx/html
      - /data/nginx/certs:/etc/nginx/certs:rw
      - /var/run/docker.sock:/var/run/docker.sock:ro
    environment:
      - NGINX_DOCKER_GEN_CONTAINER=nginx-proxy
      - NGINX_PROXY_CONTAINER=nginx-proxy

  mailserver:
    image: poste.io/mailserver:dev
    container_name: mailserver
    restart: unless-stopped
    ports:
      - "25:25"
      - "110:110"
      - "143:143"
      - "587:587"
      - "993:993"
      - "995:995"
      - "4190:4190"
    environment:
      - LETSENCRYPT_EMAIL=info@analogic.cz
      - LETSENCRYPT_HOST=mail.poste.io
      - VIRTUAL_HOST=mail.poste.io
      - HTTPS=OFF
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /data/nginx/html/.well-known:/opt/www/.well-known
      - /data/mailserver:/data

I believe there may be a mistake in the above code. If I'm not mistaken, the environment variables on lines 31 and 32 should be set to "nginx-proxy" to match the container name of the nginx container.

I believe there may be a mistake in the above code. If I'm not mistaken, the environment variables on lines 31 and 32 should be set to "nginx-proxy" to match the container name of the nginx container.

Thanks, fixed!

Hi, I'm trying to use something similar to this, but with separated docker-compose.yml files like this:

For nginx-proxy and lets-encrypt

version: "3.8"
services:
  # nginx-proxy
  nginx-proxy:
    image: jwilder/nginx-proxy
    container_name: MyProxy
    restart: always
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "/var/run/docker.sock:/tmp/docker.sock:ro"
      - "./certs:/etc/nginx/certs"
      - "./vhost.d:/etc/nginx/vhost.d"
      - "./html:/usr/share/nginx/html"
      - "./conf.d:/etc/nginx/conf.d"
    networks:
      - "net"
  # lets-encrypt
  letsencrypt-nginx-proxy-companion:
    image: jrcs/letsencrypt-nginx-proxy-companion
    container_name: lets-encrypt
    depends_on:
      - nginx-proxy
    restart: always
    environment:
      - NGINX_DOCKER_GEN_CONTAINER=MyProxy
      - NGINX_PROXY_CONTAINER=MyProxy
    volumes:
      - "/var/run/docker.sock:/tmp/docker.sock:ro"
      - "./certs:/etc/nginx/certs"
      - "./vhost.d:/etc/nginx/vhost.d"
      - "./html:/usr/share/nginx/html"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
    networks:
      - net
networks:
  net:
    external: true

And for poste.io:

version: '3.8'

services:
  mailserver:
    image: analogic/poste.io:latest
    container_name: mailserver
    hostname: mail
    domainname: johandroid.com
    restart: unless-stopped
    ports:
      - "25:25"
      - "110:110"
      - "143:143"
      - "587:587"
      - "993:993"
      - "995:995"
      - "4190:4190"
      - "465:465"
    environment:
      - LETSENCRYPT_EMAIL=info@johandroid.com
      - LETSENCRYPT_HOST=mail.johandroid.com
      - VIRTUAL_HOST=mail.johandroid.com,smtp.johandroid.com,imap.johandroid.com
      - DISABLE_CLAMAV=TRUE
      - HTTPS=OFF
    volumes:
      - "/etc/localtime:/etc/localtime:ro"
      - "~/nginx/nginx-proxy/html/.well-known:/opt/www/.well-known"
      - "./data/mailserver:/data"
    networks:
      - "net"

networks:
  net:
    external: true

This is working nice and smooth, I can login into the admin or webclient, and even use thunderbird as mail client, I can send and recieve mail ... But, when I try to use the gmail app for android, it complains about the certificate, it says the issuer of certificate is poste and not my lets-encrypt certificate, actually the expiration date is Sep 17, 2020

How can I make it use my certificates?

Hi johandroid.
I got the same problem. Link the letsencrypt certs from the nginx proxy to the poste.io container =>

    volumes:
      - NGINX_PROXY_PATH/ssl/certs/mail.YOUR_DOMAIN.com/key.pem:/data/ssl/server.key:ro
      - NGINX_PROXY_PATH/ssl/certs/mail.YOUR_DOMAIN.com/fullchain.pem:/data/ssl/ca.crt:ro
      - NGINX_PROXY_PATH/ssl/certs/mail.YOUR_DOMAIN.com/cert.pem:/data/ssl/server.crt:ro

=> https://www.cloudrocket.at/posts/self-hosted-mail-server-with-poste.io-and-nginx/#the-tls-termination-problem

Hi johandroid. I got the same problem. Link the letsencrypt certs from the nginx proxy to the poste.io container =>

    volumes:
      - NGINX_PROXY_PATH/ssl/certs/mail.YOUR_DOMAIN.com/key.pem:/data/ssl/server.key:ro
      - NGINX_PROXY_PATH/ssl/certs/mail.YOUR_DOMAIN.com/fullchain.pem:/data/ssl/ca.crt:ro
      - NGINX_PROXY_PATH/ssl/certs/mail.YOUR_DOMAIN.com/cert.pem:/data/ssl/server.crt:ro

=> https://www.cloudrocket.at/posts/self-hosted-mail-server-with-poste.io-and-nginx/#the-tls-termination-problem

hi guys. if you have a 2 domains. works only one certificate?