services:

  mailserver:
    image: docker.io/mailserver/docker-mailserver:{{ mailserver_version }}
    container_name: mailserver
    hostname: {{ mail_hostname.split('.')[0] }}
    domainname: {{ domain }}
    env_file: env/mailserver.env
    ports:
      - "25:25"
      - "587:587"
      - "993:993"
    healthcheck:
      test: ["CMD-SHELL", "supervisorctl status | grep -E 'postfix|dovecot' | grep -q RUNNING"]
      interval: 30s
      timeout: 10s
      retries: 5
      start_period: 120s
    volumes:
      - /srv/mail/config:/tmp/docker-mailserver
      - /srv/mail/maildata:/var/mail
      - /srv/mail/mailstate:/var/mail-state
      - /srv/mail/maillogs:/var/log/mail
      - /etc/localtime:/etc/localtime:ro
      - /etc/letsencrypt:/etc/letsencrypt:ro
    restart: unless-stopped
    cap_add:
      - NET_ADMIN
    networks:
      - mail
      - webmail

  rainloop:
    image: hardware/rainloop:{{ rainloop_version }}
    container_name: rainloop
    restart: unless-stopped
    depends_on:
      mailserver:
        condition: service_healthy
    healthcheck:
      test: ["CMD-SHELL", "wget -q --spider http://localhost:{{ rainloop_port }}/ || exit 1"]
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: 30s
    environment:
      - RAINLOOP_ADMIN=admin
      - RAINLOOP_ADMIN_PASSWORD={{ rainloop_admin_password }}
    volumes:
      - /srv/mail/rainloop/data:/rainloop/data
    ports: []  # no host ports, only accessible via Docker network
    networks:
      - mail
      - webmail

networks:
  mail:
    external: true
  webmail:
    external: true