Website aside Mailu Docker image

Question

I'm running a recent (V1.9) docker image of Mailu on Ubuntu server 22.04.

Now how can I run a website with some php besides this? The Mailu server has an webmail page that runs on port 80 and 443, in a subdirectory of the mailroot www.url.com/webmail. The website should be on www.url.com. I have no idea if the docker image uses apache nginx or whatever, neither in which directory to put some html code...

the ports are like this
    root@jammy:~# lsof -i -P -n | grep LISTEN
systemd-r   653 systemd-resolve   14u  IPv4  18958      0t0  TCP 127.0.0.53:53 (LISTEN)
sshd        721            root    3u  IPv4  19021      0t0  TCP *:22 (LISTEN)
sshd        721            root    4u  IPv6  19023      0t0  TCP *:22 (LISTEN)
docker-pr  4218            root    4u  IPv4  31659      0t0  TCP 192.168.2.53:995 (LISTEN)
docker-pr  4232            root    4u  IPv4  34450      0t0  TCP 192.168.2.53:993 (LISTEN)
docker-pr  4246            root    4u  IPv4  38151      0t0  TCP 192.168.2.53:587 (LISTEN)
docker-pr  4260            root    4u  IPv4  38168      0t0  TCP 192.168.2.53:465 (LISTEN)
docker-pr  4274            root    4u  IPv4  30442      0t0  TCP 192.168.2.53:443 (LISTEN)
docker-pr  4288            root    4u  IPv4  34463      0t0  TCP 192.168.2.53:143 (LISTEN)
docker-pr  4302            root    4u  IPv4  33363      0t0  TCP 192.168.2.53:110 (LISTEN)
docker-pr  4316            root    4u  IPv4  38963      0t0  TCP 192.168.2.53:80 (LISTEN)
docker-pr  4334            root    4u  IPv4  33374      0t0  TCP 192.168.2.53:25 (LISTEN)

installed is

ubuntu server 22.04 LTS
docker 23.0.3 and docker compose 2.17.2
Mailu mail server 1.9 as Docker container

Artur Meinild · Answer 1 · 2023-04-05T09:29:42.007

There are several different components that must work together to achieve what you want. I'll touch briefly upon them, but this answer can never be a comprehensive guide to everything included - that would be several hundreds of pages.

Components

I can identify 3 main components that you need to read up on and configure:

Docker / Web services (mainly for the port)
Reverse proxy
DNS (Domain Name Service)

Docker / Web services

First, understand that each web service (include those run in containers) can be configured to run on different ports. This is especially easy with Docker, since you can expose (publish) and map ports as you like (Docker Reference).

For instance, if you want to remap port 80 in a container to port 8080 on your host machine, you add the -p parameter to start your container:

docker run -p 8080:80 <image>:<tag>

The port before the : colon is the exposed port on the host (can be changed to your liking), and the port after : is the internal port (can not be changed).

Reverse Proxy

Next, the concept of reverse proxy. Simply put, a reverse proxy can take different DNS requests and forward to different hosts and/or ports, as illustrated in the example below (your host is IP 10.10.10.X in this example):

Website address	Target host and port
sub1.yourdomain.com	10.10.10.10:8080
sub2.yourdomain.com	10.10.10.10:9090
sub3.yourdomain.com	10.10.10.50:10000

This is a very simple example. The trick is then of course to have your reverse proxy server running on the normal HTTP and HTTPS ports (80 and 443). Now, when you enter https://sub1.yourdomain.com in a browser, it will redirect traffic on port 443 to 10.10.10.10:8080 as indicated in the table.

Besides, reverse proxying can do a lot of other things, like unifying certificates etc. There are several reverse proxy solutions, like Apache, Nginx, Traefik, HAProxy etc.

DNS (Domain Name Service)

Finally, for the reverse proxy to respond on the DNS subdomains, a DNS resolver must be set up.

If things need to be reachable on the internet, you should configure all the required domain names on a public DNS service (like Cloudflare etc.). Point all domains to your WAN IP address, and have the ports forwarded in your firewall to your reverse proxy server.

In addition, you can also run your own internal DNS service, to expose services on your LAN. Here some common options are Bind9, Unbound etc.

Live example

Just to give you an idea about how some of my web services are set up:

Other relevant Q&As

In addition, there are a couple of other answers here that touch upon this subject:

Thank you for the comprehensive answer. A simple (html) code injection into the docker image is not possible, or not advisible? The Reverse Proxy could handle different hostnames, sort of header forwarding; something similar with subdirectories to the web-root is not possible? — Shaun.M, Apr 05 '23 at 09:29
My advice would be to run different web services as different containers, and then set different ports, subdomains etc. as I described. But every opinion is subjective. — Artur Meinild, Apr 05 '23 at 09:31