mirror of
				https://github.com/kevinveenbirkenbach/computer-playbook.git
				synced 2025-10-31 18:29:21 +00:00 
			
		
		
		
	Mailu/Redis: add explicit service resource limits & clamav_db volume
- use lookup(template) for redis resource injection - add cpus/mem/pids configs for all Mailu services - switch antivirus to dedicated clamav_db volume - add MAILU_CLAMAV_VOLUME var - cleanup set service_name per service in docker-compose template https://chatgpt.com/share/68d3d69b-06f0-800f-8c4d-4a74471ab961
This commit is contained in:
		| @@ -16,4 +16,5 @@ | ||||
|       retries: 30 | ||||
|     networks: | ||||
|       - default | ||||
|     {{ lookup('template', 'roles/docker-container/templates/resource.yml.j2',vars={'service_name':'redis'}) | indent(4) }} | ||||
| {{ "\n" }} | ||||
| @@ -29,10 +29,73 @@ rbac: | ||||
|       description: "Has an token to send and receive emails" | ||||
| docker: | ||||
|   services: | ||||
|     redis: | ||||
|       enabled: true | ||||
|     database: | ||||
|       enabled: true | ||||
|     mailu: | ||||
|       version:  "2024.06" # Docker Image Version | ||||
|       name:     mailu | ||||
|       version:            "2024.06" | ||||
|       name:               mailu | ||||
|     redis: | ||||
|       enabled:            true | ||||
|       cpus:               "0.2" | ||||
|       mem_reservation:    "256m" | ||||
|       mem_limit:          "512m" | ||||
|       pids_limit:         256 | ||||
|     database: | ||||
|       enabled:            true | ||||
|       cpus:               "0.8" | ||||
|       mem_reservation:    "1g" | ||||
|       mem_limit:          "2g" | ||||
|       pids_limit:         512 | ||||
|     admin: | ||||
|       cpus:               "0.3" | ||||
|       mem_reservation:    "512m" | ||||
|       mem_limit:          "1g" | ||||
|       pids_limit:         512 | ||||
|     imap: | ||||
|       cpus:               "0.5" | ||||
|       mem_reservation:    "1g" | ||||
|       mem_limit:          "1.5g" | ||||
|       pids_limit:         512 | ||||
|     smtp: | ||||
|       cpus:               "0.5" | ||||
|       mem_reservation:    "1g" | ||||
|       mem_limit:          "1.5g" | ||||
|       pids_limit:         512 | ||||
|     antispam: | ||||
|       cpus:               "0.6" | ||||
|       mem_reservation:    "1g" | ||||
|       mem_limit:          "1.5g" | ||||
|       pids_limit:         512 | ||||
|     antivirus: | ||||
|       cpus:               "0.6" | ||||
|       mem_reservation:    "2g" | ||||
|       mem_limit:          "3g" | ||||
|       pids_limit:         512 | ||||
|     oletools: | ||||
|       cpus:               "0.2" | ||||
|       mem_reservation:    "256m" | ||||
|       mem_limit:          "512m" | ||||
|       pids_limit:         256 | ||||
|     webdav: | ||||
|       cpus:               "0.2" | ||||
|       mem_reservation:    "256m" | ||||
|       mem_limit:          "512m" | ||||
|       pids_limit:         256 | ||||
|     fetchmail: | ||||
|       cpus:               "0.2" | ||||
|       mem_reservation:    "256m" | ||||
|       mem_limit:          "512m" | ||||
|       pids_limit:         256 | ||||
|     webmail: | ||||
|       cpus:               "0.3" | ||||
|       mem_reservation:    "512m" | ||||
|       mem_limit:          "1g" | ||||
|       pids_limit:         512 | ||||
|     resolver: | ||||
|       cpus:               "0.2" | ||||
|       mem_reservation:    "256m" | ||||
|       mem_limit:          "512m" | ||||
|       pids_limit:         256 | ||||
|     front: | ||||
|       cpus:               "0.3" | ||||
|       mem_reservation:    "512m" | ||||
|       mem_limit:          "1g" | ||||
|       pids_limit:         512 | ||||
|   | ||||
| @@ -2,6 +2,7 @@ | ||||
|  | ||||
|   # Core services | ||||
|   resolver: | ||||
| {% set service_name = 'resolver' %} | ||||
|     image: {{ MAILU_DOCKER_FLAVOR }}/unbound:{{ MAILU_VERSION }} | ||||
|     container_name: {{ MAILU_CONTAINER }}_resolver | ||||
| {% include 'roles/docker-container/templates/base.yml.j2' %} | ||||
| @@ -9,6 +10,7 @@ | ||||
|         ipv4_address: {{ MAILU_DNS_RESOLVER }} | ||||
|  | ||||
|   front: | ||||
| {% set service_name = 'front' %} | ||||
|     container_name: {{ MAILU_CONTAINER }}_front | ||||
|     image: {{ MAILU_DOCKER_FLAVOR }}/nginx:{{ MAILU_VERSION }} | ||||
| {% include 'roles/docker-container/templates/base.yml.j2' %} | ||||
| @@ -35,6 +37,7 @@ | ||||
|       - {{ MAILU_DNS_RESOLVER }} | ||||
|        | ||||
|   admin: | ||||
| {% set service_name = 'admin' %} | ||||
|     container_name: {{ MAILU_CONTAINER }}_admin | ||||
|     image: {{ MAILU_DOCKER_FLAVOR }}/admin:{{ MAILU_VERSION }} | ||||
| {% include 'roles/docker-container/templates/base.yml.j2' %} | ||||
| @@ -51,6 +54,7 @@ | ||||
| {% include 'roles/docker-container/templates/networks.yml.j2' %} | ||||
|  | ||||
|   imap: | ||||
| {% set service_name = 'imap' %} | ||||
|     container_name: {{ MAILU_CONTAINER }}_imap | ||||
|     image: {{ MAILU_DOCKER_FLAVOR }}/dovecot:{{ MAILU_VERSION }} | ||||
| {% include 'roles/docker-container/templates/base.yml.j2' %} | ||||
| @@ -65,6 +69,7 @@ | ||||
| {% include 'roles/docker-container/templates/networks.yml.j2' %} | ||||
|  | ||||
|   smtp: | ||||
| {% set service_name = 'smtp' %} | ||||
|     container_name: {{ MAILU_CONTAINER }}_smtp | ||||
|     image: {{ MAILU_DOCKER_FLAVOR }}/postfix:{{ MAILU_VERSION }} | ||||
| {% include 'roles/docker-container/templates/base.yml.j2' %} | ||||
| @@ -79,6 +84,7 @@ | ||||
| {% include 'roles/docker-container/templates/networks.yml.j2' %} | ||||
|  | ||||
|   oletools: | ||||
| {% set service_name = 'oletools' %} | ||||
| {% include 'roles/docker-container/templates/base.yml.j2' %} | ||||
|     container_name: {{ MAILU_CONTAINER }}_oletools | ||||
|     image: {{ MAILU_DOCKER_FLAVOR }}/oletools:{{ MAILU_VERSION }} | ||||
| @@ -91,6 +97,7 @@ | ||||
|       noinet: | ||||
|  | ||||
|   antispam: | ||||
| {% set service_name = 'antispam' %} | ||||
|     container_name: {{ MAILU_CONTAINER }}_antispam | ||||
|     image: {{ MAILU_DOCKER_FLAVOR }}/rspamd:{{ MAILU_VERSION }} | ||||
| {% include 'roles/docker-container/templates/base.yml.j2' %} | ||||
| @@ -108,14 +115,13 @@ | ||||
| {% include 'roles/docker-container/templates/networks.yml.j2' %} | ||||
|       noinet:   | ||||
|  | ||||
|  | ||||
|   # Optional services | ||||
|   antivirus: | ||||
| {% set service_name = 'antivirus' %} | ||||
|     container_name: {{ MAILU_CONTAINER }}_antivirus | ||||
|     image: clamav/clamav-debian:latest | ||||
| {% include 'roles/docker-container/templates/base.yml.j2' %} | ||||
|     volumes: | ||||
|       - "filter:/data" | ||||
|       - "clamav_db:/var/lib/clamav" | ||||
|     depends_on: | ||||
|       - resolver | ||||
|     dns: | ||||
| @@ -123,6 +129,7 @@ | ||||
| {% include 'roles/docker-container/templates/networks.yml.j2' %} | ||||
|  | ||||
|   webdav: | ||||
| {% set service_name = 'webdav' %} | ||||
|     container_name: {{ MAILU_CONTAINER }}_webdav | ||||
|     image: {{ MAILU_DOCKER_FLAVOR }}/radicale:{{ MAILU_VERSION }} | ||||
| {% include 'roles/docker-container/templates/base.yml.j2' %} | ||||
| @@ -136,6 +143,7 @@ | ||||
|       radicale: | ||||
|  | ||||
|   fetchmail: | ||||
| {% set service_name = 'fetchmail' %} | ||||
|     container_name: {{ MAILU_CONTAINER }}_fetchmail | ||||
|     image: {{ MAILU_DOCKER_FLAVOR }}/fetchmail:{{ MAILU_VERSION }} | ||||
|     volumes: | ||||
| @@ -151,6 +159,7 @@ | ||||
| {% include 'roles/docker-container/templates/networks.yml.j2' %} | ||||
|  | ||||
|   webmail: | ||||
| {% set service_name = 'webmail' %} | ||||
|     container_name: {{ MAILU_CONTAINER }}_webmail | ||||
|     image: {{ MAILU_DOCKER_FLAVOR }}/webmail:{{ MAILU_VERSION }} | ||||
| {% include 'roles/docker-container/templates/base.yml.j2' %} | ||||
| @@ -177,6 +186,8 @@ | ||||
|     name: {{ MAILU_WEBMAIL_DATA }} | ||||
|   filter: | ||||
|     name: {{ MAILU_FILTER_VOLUME }} | ||||
|   clamav_db: | ||||
|     name: {{ MAILU_CLAMAV_VOLUME }} | ||||
|   dkim: | ||||
|     name: {{ MAILU_DKIM_VOLUME }} | ||||
|   dovecot_mail: | ||||
|   | ||||
| @@ -34,6 +34,7 @@ MAILU_WEBMAIL_DATA:                   "mailu_webmail_data" | ||||
| MAILU_FILTER_VOLUME:                  "mailu_filter" | ||||
| MAILU_DKIM_VOLUME:                    "mailu_dkim" | ||||
| MAILU_DOVECOT_MAIL_VOLUME:            "mailu_dovecot_mail" | ||||
| MAILU_CLAMAV_VOLUME:                  "mailu_clamav_data" | ||||
|  | ||||
| ## Network | ||||
| MAILU_DNS_RESOLVER:                   "{{ networks.local['web-app-mailu'].dns_resolver }}" | ||||
|   | ||||
| @@ -130,4 +130,4 @@ | ||||
|     - svc-prx     # 5. Load proxy roles | ||||
|     - svc-ai      # 6. Load ai roles | ||||
|   loop_control: | ||||
|     label: "{{ item }}-roles.yml" | ||||
|     label: "{{ item }}-roles.yml" | ||||
|   | ||||
		Reference in New Issue
	
	Block a user