Commit
cd3de1749f
9 geÀnderte Dateien mit 13 neuen und 13 gelöschten Zeilen
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
# mailcow: dockerized documentation
|
# mailcow: dockerized documentation
|
||||||
|
|
||||||
This project aims to provide the mailcow: dockerized documention for the [mailcow: dockerized](https://github.com/mailcow/mailcow-dockerized) project.
|
This project aims to provide the mailcow: dockerized documentation for the [mailcow: dockerized](https://github.com/mailcow/mailcow-dockerized) project.
|
||||||
|
|
||||||
https://mailcow.github.io/mailcow-dockerized-docs
|
https://mailcow.github.io/mailcow-dockerized-docs
|
||||||
|
|
||||||
|
|
|
@ -11,7 +11,7 @@ These instructions are valid for unchanged port bindings only!
|
||||||
|SMTP|STARTTLS|<span class="client_variables_available"> <code><span class="client_var_host"></span><span class="client_var_port"></span></code></span><span class="client_variables_unavailable">mailcow hostname</span>|587|
|
|SMTP|STARTTLS|<span class="client_variables_available"> <code><span class="client_var_host"></span><span class="client_var_port"></span></code></span><span class="client_variables_unavailable">mailcow hostname</span>|587|
|
||||||
|SMTPS|SSL|<span class="client_variables_available"> <code><span class="client_var_host"></span><span class="client_var_port"></span></code></span><span class="client_variables_unavailable">mailcow hostname</span>|465|
|
|SMTPS|SSL|<span class="client_variables_available"> <code><span class="client_var_host"></span><span class="client_var_port"></span></code></span><span class="client_variables_unavailable">mailcow hostname</span>|465|
|
||||||
|
|
||||||
Please use "plain" as authentication mechanisms. Contrary to the assumption no passwords will be transfered plain text, as no authentication is allowed to take place without TLS.
|
Please use "plain" as authentication mechanisms. Contrary to the assumption no passwords will be transferred plain text, as no authentication is allowed to take place without TLS.
|
||||||
|
|
||||||
## Contacts and calendars
|
## Contacts and calendars
|
||||||
|
|
||||||
|
@ -20,4 +20,4 @@ SOGos default calendar (CalDAV) and contacts (CardDAV) URLs:
|
||||||
1. **CalDAV** - https://mail.example.com/SOGo/dav/user@example.com/Calendar/personal/
|
1. **CalDAV** - https://mail.example.com/SOGo/dav/user@example.com/Calendar/personal/
|
||||||
2. **CardDAV** - https://mail.example.com/SOGo/dav/user@example.com/Contacts/personal/
|
2. **CardDAV** - https://mail.example.com/SOGo/dav/user@example.com/Contacts/personal/
|
||||||
|
|
||||||
Some applications may require you to use https://mail.example.com/SOGo/dav/ _or_ the full path to your calender, which can be found and copied from within SOGo.
|
Some applications may require you to use https://mail.example.com/SOGo/dav/ _or_ the full path to your calendar, which can be found and copied from within SOGo.
|
||||||
|
|
|
@ -62,7 +62,7 @@ If you experience connection problems from home, please check your ISP router's
|
||||||
|
|
||||||
While Linux users can chose from a variety of tools[^1] to check if a port is open, the Windows user has only the command `telnet host port` available by default (and it has to be activated since Windows Vista).
|
While Linux users can chose from a variety of tools[^1] to check if a port is open, the Windows user has only the command `telnet host port` available by default (and it has to be activated since Windows Vista).
|
||||||
|
|
||||||
To enable telnet on a Windows after Vista please check this [guide](https://social.technet.microsoft.com/wiki/contents/articles/910.windows-7-enabling-telnet-client.aspx) or enter the following command in an terminal **with administrator priviliges**:
|
To enable telnet on a Windows after Vista please check this [guide](https://social.technet.microsoft.com/wiki/contents/articles/910.windows-7-enabling-telnet-client.aspx) or enter the following command in an terminal **with administrator privileges**:
|
||||||
|
|
||||||
```
|
```
|
||||||
dism /online /Enable-Feature /FeatureName:TelnetClient
|
dism /online /Enable-Feature /FeatureName:TelnetClient
|
||||||
|
|
|
@ -3,7 +3,7 @@ This is **ONLY** recommended if you do not have an IPv6 enabled network on your
|
||||||
If you really need to, you can disable the usage of IPv6 in the compose file.
|
If you really need to, you can disable the usage of IPv6 in the compose file.
|
||||||
Additionally, you can also disable the startup of container "ipv6nat-mailcow", as it's not needed if you won't use IPv6.
|
Additionally, you can also disable the startup of container "ipv6nat-mailcow", as it's not needed if you won't use IPv6.
|
||||||
|
|
||||||
Instead of editing docker-compose.yml directly, it is preferrable to create an override file for it
|
Instead of editing docker-compose.yml directly, it is preferable to create an override file for it
|
||||||
and implement your changes to the service there. Unfortunately, this right now only seems to work for services, not for network settings.
|
and implement your changes to the service there. Unfortunately, this right now only seems to work for services, not for network settings.
|
||||||
|
|
||||||
To disable IPv6 on the mailcow network, open docker-compose.yml with your favourite text editor and search for the network section (it's near the bottom of the file).
|
To disable IPv6 on the mailcow network, open docker-compose.yml with your favourite text editor and search for the network section (it's near the bottom of the file).
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
|
|
||||||
## IPv4 binding
|
## IPv4 binding
|
||||||
|
|
||||||
To adjust one or multiple IPv4 bindings, open `mailcow.conf` and edit one, mulitple or all variables as per your needs:
|
To adjust one or multiple IPv4 bindings, open `mailcow.conf` and edit one, multiple or all variables as per your needs:
|
||||||
|
|
||||||
```
|
```
|
||||||
# For technical reasons, http bindings are a bit different from other service bindings.
|
# For technical reasons, http bindings are a bit different from other service bindings.
|
||||||
|
|
|
@ -20,7 +20,7 @@ Recreate affected containers by running `docker-compose up -d`.
|
||||||
The script `generate_config.sh` copies snake-oil certificates to the correct location, so the services will not fail to start due to missing files.
|
The script `generate_config.sh` copies snake-oil certificates to the correct location, so the services will not fail to start due to missing files.
|
||||||
|
|
||||||
!!! warning
|
!!! warning
|
||||||
If you enable TLS SNI (`ENABLE_TLS_SNI` in mailcow.conf), the certificate pathes in your reverse proxy **must** match the correct pathes in data/assets/ssl/{hostname}. The certificates will be split into `data/assets/ssl/{hostname1,hostname2,etc}` and therefore will not work when you copy the examples from below pointing to `data/assets/ssl/cert.pem` etc.
|
If you enable TLS SNI (`ENABLE_TLS_SNI` in mailcow.conf), the certificate paths in your reverse proxy **must** match the correct paths in data/assets/ssl/{hostname}. The certificates will be split into `data/assets/ssl/{hostname1,hostname2,etc}` and therefore will not work when you copy the examples from below pointing to `data/assets/ssl/cert.pem` etc.
|
||||||
|
|
||||||
!!! info
|
!!! info
|
||||||
Using the site configs below will **forward ACME requests to mailcow** and let it handle certificates itself.
|
Using the site configs below will **forward ACME requests to mailcow** and let it handle certificates itself.
|
||||||
|
@ -215,7 +215,7 @@ networks:
|
||||||
Start the new containers with `docker-compose up -d`.
|
Start the new containers with `docker-compose up -d`.
|
||||||
|
|
||||||
|
|
||||||
Now, theres only one thing left to do, which is setup the certs so that the mail services can use them as well, since Traefik 2 uses an acme v2 format to save ALL the license from all the domains we have, we'll need to find a way to dump the certs, lucky we have [this tiny container](https://hub.docker.com/r/humenius/traefik-certs-dumper) which grabs the `acme.json` file trough a volume, and a variable `DOMAIN=example.org`, and with these, the container will output the `cert.pem` and `key.pem` files, for this we'll simply run the `traefik-certs-dumper` container binding the `/traefik` volume to the folder where our `acme.json` is saved, bind the `/output` volume to our mailcow `data/assets/ssl/` folder, and set up the `DOMAIN=example.org` variable to the domain we want the certs dumped from.
|
Now, there's only one thing left to do, which is setup the certs so that the mail services can use them as well, since Traefik 2 uses an acme v2 format to save ALL the license from all the domains we have, we'll need to find a way to dump the certs, lucky we have [this tiny container](https://hub.docker.com/r/humenius/traefik-certs-dumper) which grabs the `acme.json` file trough a volume, and a variable `DOMAIN=example.org`, and with these, the container will output the `cert.pem` and `key.pem` files, for this we'll simply run the `traefik-certs-dumper` container binding the `/traefik` volume to the folder where our `acme.json` is saved, bind the `/output` volume to our mailcow `data/assets/ssl/` folder, and set up the `DOMAIN=example.org` variable to the domain we want the certs dumped from.
|
||||||
|
|
||||||
This container will watch over the `acme.json` file for any changes, and regenerate the `cert.pem` and `key.pem` files directly into `data/assets/ssl/` being the path binded to the container's `/output` path.
|
This container will watch over the `acme.json` file for any changes, and regenerate the `cert.pem` and `key.pem` files directly into `data/assets/ssl/` being the path binded to the container's `/output` path.
|
||||||
|
|
||||||
|
@ -229,7 +229,7 @@ Aaand that should be it đ, you can check if the Traefik router works fine tro
|
||||||
### Optional: Post-hook script for non-mailcow ACME clients
|
### Optional: Post-hook script for non-mailcow ACME clients
|
||||||
|
|
||||||
Using a local certbot (or any other ACME client) requires to restart some containers, you can do this with a post-hook script.
|
Using a local certbot (or any other ACME client) requires to restart some containers, you can do this with a post-hook script.
|
||||||
Make sure you change the pathes accordingly:
|
Make sure you change the paths accordingly:
|
||||||
```
|
```
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
cp /etc/letsencrypt/live/my.domain.tld/fullchain.pem /opt/mailcow-dockerized/data/assets/ssl/cert.pem
|
cp /etc/letsencrypt/live/my.domain.tld/fullchain.pem /opt/mailcow-dockerized/data/assets/ssl/cert.pem
|
||||||
|
|
|
@ -86,7 +86,7 @@ NTP synchronized: yes
|
||||||
Sun 2017-10-29 02:00:00 CET
|
Sun 2017-10-29 02:00:00 CET
|
||||||
```
|
```
|
||||||
|
|
||||||
The lines `NTP enabled: yes` and `NTP synchronized: yes` indicate wether you have NTP enabled and if it's synchronized.
|
The lines `NTP enabled: yes` and `NTP synchronized: yes` indicate whether you have NTP enabled and if it's synchronized.
|
||||||
|
|
||||||
To enable NTP you need to run the command `timedatectl set-ntp true`. You also need to edit your `/etc/systemd/timesyncd.conf`:
|
To enable NTP you need to run the command `timedatectl set-ntp true`. You also need to edit your `/etc/systemd/timesyncd.conf`:
|
||||||
|
|
||||||
|
|
|
@ -125,7 +125,7 @@ Please note, that this preset only integrates the default addressbook (the one t
|
||||||
|
|
||||||
Enable the plugin by adding `carddav` to `$config['plugins']` in `rc/config/config.inc.php`.
|
Enable the plugin by adding `carddav` to `$config['plugins']` in `rc/config/config.inc.php`.
|
||||||
|
|
||||||
If you want to remove the default addressbooks (stored in the Roundcube database), so that only the CardDAV addressbooks are accessable, append `$config['address_book_type'] = '';` to the config file `data/web/rc/config/config.inc.php`.
|
If you want to remove the default addressbooks (stored in the Roundcube database), so that only the CardDAV addressbooks are accessible, append `$config['address_book_type'] = '';` to the config file `data/web/rc/config/config.inc.php`.
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
Redis is used as a key-value store for rspamd's and (some of) mailcow's settings and data. If you are unfamiliar with redis please read the [introduction to redis](https://redis.io/topics/introduction) and maybe visit this [wonderfull guide](http://try.redis.io/) on how to use it.
|
Redis is used as a key-value store for rspamd's and (some of) mailcow's settings and data. If you are unfamiliar with redis please read the [introduction to redis](https://redis.io/topics/introduction) and maybe visit this [wonderful guide](http://try.redis.io/) on how to use it.
|
||||||
|
|
||||||
## Client
|
## Client
|
||||||
|
|
||||||
|
@ -10,7 +10,7 @@ docker-compose exec redis-mailcow redis-cli
|
||||||
|
|
||||||
### Debugging
|
### Debugging
|
||||||
|
|
||||||
Here are some usefull commands for the redis-cli for debugging:
|
Here are some useful commands for the redis-cli for debugging:
|
||||||
|
|
||||||
##### MONITOR
|
##### MONITOR
|
||||||
|
|
||||||
|
|
Laden âŠ
In neuem Issue referenzieren