Merge branch 'master' of github.com:mailcow/mailcow-dockerized-docs

2021-05-28 11:11:37 +02:00 · 2021-05-28 11:11:37 +02:00 · 9d06f62833
Commit 9d06f62833
--- a/.github/workflows/gh-pages.yml
+++ b/.github/workflows/gh-pages.yml
@ -14,14 +14,14 @@ jobs:
        run: |
          sudo apt-get -y update
          sudo apt-get -y install python3-pip
-          pip install mkdocs-material pygments==2.8.1 mkdocs-redirects
+          pip install mkdocs-material==7.1.5 pygments==2.9.0 mkdocs-redirects==1.0.3
      - name: Build site 🔧
        run: |
          mkdocs build --verbose --clean
      - name: Deploy 🚀
-        uses: JamesIves/github-pages-deploy-action@4.1.1
+        uses: JamesIves/github-pages-deploy-action@4.1.3
        with:
          branch: gh-pages # The branch the action should deploy to.
          folder: site # The folder the action should deploy.
--- a/README.md
+++ b/README.md
@ -9,6 +9,6 @@ https://mailcow.github.io/mailcow-dockerized-docs
 To build it locally, you need the [Material theme for MkDocs](https://squidfunk.github.io/mkdocs-material/), [MkDocs](https://www.mkdocs.org/) itself and [Pygments](http://pygments.org/). To install these with [pip](https://pip.pypa.io/en/stable/) and get it up and running, fire up your terminal and enter
 ```
-pip install mkdocs-material
+pip install mkdocs-material==7.1.5 pygments==2.9.0 mkdocs-redirects==1.0.3
 mkdocs serve
-```
+```
--- a/docs/b_n_r_backup.md
+++ b/docs/b_n_r_backup.md
@ -1,5 +1,7 @@
 ### Backup
 #### Manual
 You can use the provided script `helper-scripts/backup_and_restore.sh` to backup mailcow automatically.
 Please do not copy this script to another location.
@ -30,3 +32,43 @@ To run a backup unattended, define MAILCOW_BACKUP_LOCATION as environment variab
 ```
 MAILCOW_BACKUP_LOCATION=/opt/backup /opt/mailcow-dockerized/helper-scripts/backup_and_restore.sh backup all
 ```
 #### Cronjob
 You can run the backup script regularly via cronjob. Make sure `BACKUP_LOCATION` exists:
 ```
 5 4 * * * cd /opt/mailcow-dockerized/; MAILCOW_BACKUP_LOCATION=/mnt/mailcow_backups /opt/mailcow-dockerized/helper-scripts/backup_and_restore.sh backup mysql crypt redis --delete-days 3
 ```
 Per default cron sends the full result of each backup operation by email. If you want cron to only mail on error (non-zero exit code) you may want to use the following snippet. Pathes need to be modified according to your setup (this script is a user contribution).
 This following script may be placed in `/etc/cron.daily/mailcow-backup` - do not forget to mark it as executable via `chmod +x`:
 ```
 #!/bin/sh
 # Backup mailcow data
 # https://mailcow.github.io/mailcow-dockerized-docs/b_n_r_backup/
 set -e
 OUT="$(mktemp)"
 export MAILCOW_BACKUP_LOCATION="/opt/backup"
 SCRIPT="/opt/mailcow-dockerized/helper-scripts/backup_and_restore.sh"
 PARAMETERS="backup all"
 OPTIONS="--delete-days 30"
 # run command
 set +e
 "${SCRIPT}" ${PARAMETERS} ${OPTIONS} 2>&1 > "$OUT"
 RESULT=$?
 if [ $RESULT -ne 0 ]
    then
            echo "${SCRIPT} ${PARAMETERS} ${OPTIONS} encounters an error:"
            echo "RESULT=$RESULT"
            echo "STDOUT / STDERR:"
            cat "$OUT"
 fi
 ```
--- a/docs/clients.js
+++ b/docs/clients.js
@ -1,7 +1,7 @@
 if (window.location.href.indexOf('/client/') >= 0) {
    window.window.addEventListener('load', function () {
        function setCookie(name, value) {
-            document.cookie = encodeURIComponent(name) + "=" + encodeURIComponent(value) + "; path=/";
+            sessionStorage.setItem(name, value);
        }
        function getParameterByName(name) {
@ -39,18 +39,7 @@ if (window.location.href.indexOf('/client/') >= 0) {
 if (window.location.href.indexOf('/client') >= 0) {
    window.window.addEventListener('load', function () {
        function getCookie(cn) {
-            var fixedcn = encodeURIComponent(cn);
+            return sessionStorage.getItem(cn);
            var cs = document.cookie.split(';');
            for (var i = 0; i < cs.length; i++) {
                var c = cs[i];
                while (c.charAt(0) == ' ') {
                    c = c.substring(1);
                }
                if (c.indexOf(fixedcn + "=") == 0) {
                    return decodeURIComponent(c.substring(cn.length + 1, c.length));
                }
            }
            return "";
        }
        /* Hide variable fields if no values are available */
--- a/docs/firststeps-trust_networks.md
+++ b/docs/firststeps-trust_networks.md
@ -1,11 +1,39 @@
-Per default mailcow considers all networks as untrusted, except for its own IPV4_NETWORK and IPV6_NETWORK scope. Though it is reasonable in most cases, you may want to loosen this restriction under certain circumstances to allow connections from other networks.
+By default mailcow considers **all networks as untrusted** excluding its own IPV4_NETWORK and IPV6_NETWORK scopes. Though it is reasonable in most cases, there may be circumstances that you need to loosen this restriction.
-To change this behaviour override the default value of `mynetworks` parameter through the `data/conf/postfix/extra.cf` configuration file.
+By default mailcow uses `mynetworks_style = subnet` to determine internal subnets and leaves `mynetworks` unconfigured.
-**Important**: Do **not** remove the networks listed as `IPV4_NETWORK` and `IPV6_NETWORK` in your mailcow.conf. You should also keep local addresses. To add `1.2.3.4/32` it may look like the configuration below:
+If you decide to set `mynetworks`, Postfix ignores the mynetworks_style setting. This means you **have to** add the IPV4_NETWORK and IPV6_NETWORK scopes as well as loopback subnets manually!
 ## Unauthenticated relaying
 !!! Warning
    Incorrect setup of `mynetworks` will allow your server to be used as an open relay. If abused, this **will** affect your ability to send emails and can take some time to be resolved.
 ### IPv4 hosts/subnets
 To add the subnet `192.168.2.0/24` to the trusted networks you may use the following configuration, depending on your IPV4_NETWORK and IPV6_NETWORK scopes:
 Edit `data/conf/postfix/extra.cf`:
 ```
-mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 [fe80::]/10 172.22.1.0/24 [fd4d:6169:6c63:6f77::]/64 1.2.3.4/32
+mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 [fe80::]/10 172.22.1.0/24 [fd4d:6169:6c63:6f77::]/64 192.168.2.0/24
 ```
-Per default we use "mynetworks_style = subnet" to only include local networks we are part of.
+Run `docker-compose restart postfix-mailcow` to apply your new settings.
 ### IPv6 hosts/subnets
 Adding IPv6 hosts is done the same as IPv4, however the subnet needs to be placed in brackets `[]` with the netmask appended.
 To add the subnet 2001:db8::/32 to the trusted networks you may use the following configuration, depending on your IPV4_NETWORK and IPV6_NETWORK scopes:
 Edit `data/conf/postfix/extra.cf`:
 ``` 
 mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 [fe80::]/10 172.22.1.0/24 [fd4d:6169:6c63:6f77::]/64 [2001:db8::]/32
 ```
 Run `docker-compose restart postfix-mailcow` to apply your new settings.
 !!! Info
    More information about mynetworks can be found in the [Postfix documentation](http://www.postfix.org/postconf.5.html#mynetworks).
--- a/docs/prerequisite-dns.md
+++ b/docs/prerequisite-dns.md
@ -84,9 +84,11 @@ Here are some tools you can use to verify your DNS configuration:
 ## Misc
 ### Optional DMARC Statistics
 If you are interested in statistics, you can additionally register with some of the many below DMARC statistic services, or self-host your own.
-**NOTE:** It is worth considering that if you request DMARC statistic reports to your mailcow server, if there are issues with that domain you may not get accurate results. You can consider using an alternative email domain for recieving DMARC reports.
+If you are interested in statistics, you can additionally register with some of the many below DMARC statistic services - or self-host your own.
 !!! Tip
 It is worth considering that if you request DMARC statistic reports to your mailcow server and your mailcow server is not configured correctly to receive these reports, you may not get accurate and complete results. Please consider using an alternative email domain for receiving DMARC reports.
 It is worth mentioning, that the following suggestions are not a comprehensive list of all services and tools avaialble, but only a small few of the many choices.
@ -96,18 +98,15 @@ It is worth mentioning, that the following suggestions are not a comprehensive l
 - [Postmark](https://dmarc.postmarkapp.com)
 - [Dmarcian](https://dmarcian.com/)
-**NOTE:** The services may provide you with a TXT record, which you would insert into your DNS records as the provider specifies. This record will give you details about spam-classified mails by your domain. However, please ensure to read the providers documentation from the service you choose, as this process may vary and not all providers may use a TXT record.
+!!! Tip
-### Email Test for SPF, DKIM and DMARC:
+These services may provide you with a TXT record you need to insert into your DNS records as the provider specifies. Please ensure to read the providers documentation from the service you choose as this process may vary.
-To test send an email to the email below and wait for a reply:
+### Email test for SPF, DKIM and DMARC:
-check-auth@verifier.port25.com
+To run a rudimentary email authentication check, send a mail to `check-auth at verifier.port25.com` and wait for a reply. You will find a report similar to the following:
 You will get a report back that looks like the following:
 ```
 ==========================================================
 Summary of Results
 ==========================================================
@ -122,8 +121,10 @@ Details:
 ==========================================================
 ....
 ```
-The full report will contain more technical details this is just the first section, we found this to be quite usful for testing both outgoing mail and spam scores.
+
 The full report will contain more technical details.
 ### Fully Qualified Domain Name (FQDN)
 [^1]: A **Fully Qualified Domain Name** (**FQDN**) is the complete (absolute) domain name for a specific computer or host, on the Internet. The FQDN consists of at least three parts divided by a dot: the hostname (myhost), the domain name (mydomain) and the top level domain in short **tld** (com). In the example of `mx.mailcow.email` the hostname would be `mx`, the domain name `mailcow` and the tld `email`.
--- a/docs/third_party-roundcube.md
+++ b/docs/third_party-roundcube.md
@ -2,9 +2,9 @@ Download Roundcube 1.4.x to the web htdocs directory and extract it (here `rc/`)
 ```
 # Check for a newer release!
 cd data/web
-wget -O - https://github.com/roundcube/roundcubemail/releases/download/1.4.9/roundcubemail-1.4.9-complete.tar.gz | tar xfvz -
+wget -O - https://github.com/roundcube/roundcubemail/releases/download/1.4.11/roundcubemail-1.4.11-complete.tar.gz | tar xfvz -
 # Change folder name
-mv roundcubemail-1.4.9 rc
+mv roundcubemail-1.4.11 rc
 # Change permissions
 chown -R root: rc/
 ```
--- a/docs/u_e-nginx.md
+++ b/docs/u_e-nginx.md
@ -6,10 +6,17 @@ nano data/conf/nginx/my_custom_site.conf
 A good template to begin with:
-``` hl_lines="9"
+``` hl_lines="16"
 server {
  ssl_certificate /etc/ssl/mail/cert.pem;
  ssl_certificate_key /etc/ssl/mail/key.pem;
  ssl_protocols TLSv1.2 TLSv1.3;
  ssl_prefer_server_ciphers on;
  ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305;
  ssl_ecdh_curve X25519:X448:secp384r1:secp256k1;
  ssl_session_cache shared:SSL:50m;
  ssl_session_timeout 1d;
  ssl_session_tickets off;
  index index.php index.html;
  client_max_body_size 0;
  root /web;
@ -31,10 +38,17 @@ server {
 Another example with a reverse proxy configuration:
-``` hl_lines="9 21"
+``` hl_lines="16 28"
 server {
  ssl_certificate /etc/ssl/mail/cert.pem;
  ssl_certificate_key /etc/ssl/mail/key.pem;
  ssl_protocols TLSv1.2 TLSv1.3;
  ssl_prefer_server_ciphers on;
  ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305;
  ssl_ecdh_curve X25519:X448:secp384r1:secp256k1;
  ssl_session_cache shared:SSL:50m;
  ssl_session_timeout 1d;
  ssl_session_tickets off;
  index index.php index.html;
  client_max_body_size 0;
  root /web;
--- a/docs/u_e-sogo.md
+++ b/docs/u_e-sogo.md
@ -1,10 +1,15 @@
 SOGo is used for accessing your mails via a webbrowser, adding and sharing your contacts or calendars. For a more in-depth documentation on SOGo please visit its [own documentation](http://wiki.sogo.nu/).
-## Change theme
+## Apply custom SOGo theme
 mailcow builds after 28 January 2021 can change SOGo's theme by editing `data/conf/sogo/custom-theme.js`.
-Please check the AngularJS Material [intro](https://material.angularjs.org/latest/Theming/01_introduction) and [documentation](https://material.angularjs.org/latest/Theming/03_configuring_a_theme) as well as the [material style guideline](https://material.io/archive/guidelines/style/color.html#color-color-palette) to learn how this works.
+Please check the AngularJS Material [intro](https://material.angularjs.org/latest/Theming/01_introduction) and [documentation](https://material.angularjs.org/latest/Theming/03_configuring_a_theme) as well as the [material style guideline](https://material.io/archive/guidelines/style/color.html#color-color-palette) to learn how this works. 
-After you updated said file you need to restart SOGo and Memcached containers by executing `docker-compose restart memcached-mailcow sogo-mailcow`.
+
 You can use the provided `custom-theme.js` as an example starting point by removing the comments.
 After you modified `data/conf/sogo/custom-theme.js` and made changes to your new SOGo theme you need to 
 * edit `data/conf/sogo/sogo.conf` and append/set `SOGoUIxDebugEnabled = YES;`
 * restart SOGo and Memcached containers by executing `docker-compose restart memcached-mailcow sogo-mailcow`.
 ## Reset to SOGo default theme
 Checkout `data/conf/sogo/custom-theme.js` by executing `git fetch ; git checkout origin/master data/conf/sogo/custom-theme.js data/conf/sogo/custom-theme.js`
@ -19,9 +24,9 @@ Find in `data/conf/sogo/custom-theme.js`:
        'hue-3': 'A700'
      })
      .accentPalette('green', {
-        'default': '600',  // background color of fab buttons
+        'default': '600',  // background color of fab buttons and login screen
        'hue-1': '300',    // background color of center list toolbar
-        'hue-2': '300',
+        'hue-2': '300',    // highlight color for selected mail and current day calendar
        'hue-3': 'A700'
      })
      .backgroundPalette('frost-grey');
--- a/docs/u_e-xmpp-faq.md
+++ b/docs/u_e-xmpp-faq.md
@ -68,7 +68,7 @@ No, they will vanish:
 - **How many client sessions can be open at the same time?**
-10 sessions are allowed per session.
+10 sessions are allowed per user.
 ```
 shaper_rules: