我正在使用托管服务器容器上托管的应用程序。 此应用程序执行bash脚本/指令以发送邮件。 我创建了另一个容器,它将Postfix作为SMTP Relay执行。
我想使用我的Postfix容器作为中继使用bash脚本从我的应用程序容器发送邮件。
我尝试使用SSH从我的应用程序容器连接到Postfix容器。但这似乎不起作用。
我怎样才能使我的应用程序容器中执行的脚本可以使用我的Postfix中继,同时不允许在docker网络之外的任何东西,甚至更好,只允许一些容器,从这个中继发送邮件。
编辑1:Docker-compose文件
应用程序泊坞窗撰写:
version: "3.4"
volumes:
[...]
services:
application:
restart: always
build: ./application
depends_on:
- mariadb
container_name: application
volumes:
[...]
ports:
- "80:80"
- "443:443"
- "5669:5669"
deploy:
restart_policy:
window: 300s
links:
- mariadb
external_links:
- smtp-server
mariadb:
restart: always
image: mariadb
command: mysqld --sql-mode=ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
container_name: application-mariadb
volumes:
[...]
environment:
MYSQL_RANDOM_ROOT_PASSWORD: "yes"
deploy:
restart_policy:
window: 300s
这是我的docker撰写的SMTP服务器: 版本:“3.4”
services:
postfix:
restart: always
build: ./postfix
container_name: smtp-server
deploy:
restart_policy:
window: 300s
答案 0 :(得分:0)
{快速反应,因为我" cicle"在我的工作中...我花了10分钟清除薄荷,我希望它能为你服务}
你在使用" docker-compose"你能给出你的YML文件的例子吗? (多一点背景)
[你不能通过ssh连接到容器,除非你有" supervisor"安装,我完全不推荐。]
从我看来,你只需要建立私人网络;你可以用这个:https://docs.docker.com/compose/networking/
隐藏所有内容,我还建议使用负载均衡器/反向代理,如TRAEFIK(如果他们可以通过某种明确的方式访问端口80或443 ...)
所以你只暴露1/2端口(例如80 + 443),其他一切都受到你的反向代理保护
当我需要不同的容器时,请注意我将网络分开。
nginx可以访问代理网络以公开80和443
除了nginx
-
version: "3"
services:
bash:
####### use hostname "smtp" as SMTP server
image: bash
depends_on:
- db
networks:
- smtp_internal_network
- internal_network
- data_network
volumes:
- ../html:/var/www/html
restart: always
db:
image: percona:5.7
# ports: # for debug connections and querys
# - 3306:3306
volumes:
- ../db_data:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
MYSQL_DATABASE: ${MYSQL_DATABASE}
MYSQL_USER: ${MYSQL_USER}
MYSQL_PASSWORD: ${MYSQL_PASSWORD}
networks:
- data_network
restart: always
smtp:
image: mwader/postfix-relay
environment:
- POSTFIX_myhostname=smtp.domain.tld
networks:
- smtp_internal_network
restart: always
nginx:
image: nginx
volumes:
- ../html:/var/www/html
networks:
- external_network
- internal_network
labels:
- "traefik.backend=nginx_${COMPOSE_PROJECT_NAME}"
- "traefik.port=80"
- "traefik.frontend.rule=Host:${FRONTEND_RULE}"
- "traefik.frontend.passHostHeader=true"
- "traefik.enable=true"
- "traefik.docker.network=traefik_proxy"
restart: always
depends_on:
- db
- bash
networks:
external_network:
external:
name: traefik_proxy
internal_network:
driver: bridge
smtp_internal_network:
driver: bridge
data_network:
driver: bridge
编辑:
version: "3"
volumes:
[...]
services:
####### use hostname "smtp" as SMTP server in your application
application:
restart: always
build: ./application
depends_on:
- mariadb
volumes:
[...]
ports:
- "80:80"
- "443:443"
- "5669:5669"
deploy:
restart_policy:
window: 300s
networks:
- smtp_external_network
- data_network
mariadb:
restart: always
image: mariadb
command: mysqld --sql-mode=ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
networks:
- data_network
volumes:
[...]
environment:
MYSQL_RANDOM_ROOT_PASSWORD: "yes"
deploy:
restart_policy:
window: 300s
networks:
smtp_external_network:
external:
name: [ReplaceForFolderParentNameOfSmtpYmlWithoutSquareBrackets]_smtp
data_network:
driver: bridge
--- (in your other file)
services:
smtp:
restart: always
build: ./postfix
networks:
- smtp
deploy:
restart_policy:
window: 300s
networks:
smpt:
driver: bridge