📨 How to Set Up Imapsync in Docker with Caddy v2

Web Hosting is an essential part of online business. Getting the right provider is important to factors like your search engine visability, internal company security and monthly sales conversions!

(and Why This Method Works)

Imapsync is a powerful tool for syncing mailboxes from one IMAP server to another. This guide will show you how to set it up in a Docker container and securely serve its web interface using Caddy v2 as a reverse proxy with HTTPS.

✅ What You’ll Achieve

  • Run gilleslamiral/imapsync in Docker
  • Securely access Imapsync via a subdomain (e.g., https://imapsync.yourdomain.com)
  • Automatically provision an SSL certificate with Let’s Encrypt using Caddy v2
  • Use Docker internal networking to keep things clean and secure

🛠️ Prerequisites

  • A Docker host with Portainer (or Docker CLI)
  • A domain name (e.g., yourdomain.com)
  • DNS pointing imapsync.yourdomain.com to your Docker host’s public IP
  • Caddy v2 running as a Docker container with its config volume mounted

🧱 Step 1: Create a Docker Network

We’ll use a shared Docker network (caddy-net) to allow containers to talk to each other by service name.

docker network create caddy-net

🐳 Step 2: Deploy Imapsync in Docker

Use this configuration in Portainer (or a docker run command):

✅ Key Points

  • The container listens on ports 8080 (HTTP) and 8443 (HTTPS)
  • You don’t need to expose those ports to the host if you’re using Caddy
  • The container name (or alias in the network) will be imapsync

Example CLI:

docker run -d \
  --name imapsync \
  --network caddy-net \
  gilleslamiral/imapsync

In Portainer:

  • Set the container name: imapsync
  • Network: attach to caddy-net
  • You do not need to publish ports (unless you want external access for testing)

🌐 Step 3: Update Caddyfile

Here’s the Caddy v2 configuration block:

imapsync.yourdomain.com {
    reverse_proxy https://imapsync:8443 {
        transport http {
            tls_insecure_skip_verify
        }
    }
    encode gzip
    tls you@example.com
}

✅ Why This Works

  • https://imapsync:8443: We proxy over HTTPS to the container (internal Docker DNS resolves imapsync)
  • tls_insecure_skip_verify: The container uses a self-signed cert (for docker.lamiral.info), so we skip verification
  • encode gzip: Enables compression
  • tls you@example.com: Required for automatic SSL provisioning with Let’s Encrypt

🔄 Step 4: Reload Caddy

If running via CLI:

docker exec -it caddy caddy reload --config /etc/caddy/Caddyfile

Or just restart the Caddy container:

docker restart caddy

🧪 Step 5: Test It

Visit your site:

https://imapsync.yourdomain.com

You should see the Imapsync web interface, secured with HTTPS via a valid Let’s Encrypt cert.

🔍 Common Issues & Fixes

ProblemSolution
502 Bad GatewayUsually caused by Caddy failing TLS verification — make sure tls_insecure_skip_verify is set.
Docker DNS not resolvingEnsure both Caddy and Imapsync are attached to caddy-net.
SSL errorsCheck that your subdomain points to your server and port 443 is open.

🎓 Why Use This Method?

  • Security: Imapsync exposes an HTTPS interface internally; we tunnel it through Caddy with a trusted cert.
  • Simplicity: Caddy handles HTTPS, reverse proxy, and cert renewal automatically.
  • Isolation: Only Caddy talks to the internet. Everything else stays inside Docker.

If you’d like this written up as a Markdown file, or ready to publish on a site like a knowledge base or blog, let me know!

Leave a Reply

About Me

My name is Scott Nailon, I have been in the web industry since 2007(ish). I love technology and love to liberate people from the cowboys of my industry.

Recent Posts

Sign up for our Newsletter

Don’t worry, we won’t sell your email address or spam you!