2986 Zeilen
Kein EOL
91 KiB
HTML
2986 Zeilen
Kein EOL
91 KiB
HTML
|
|
<!doctype html>
|
|
<html lang="en" class="no-js">
|
|
<head>
|
|
|
|
<meta charset="utf-8">
|
|
<meta name="viewport" content="width=device-width,initial-scale=1">
|
|
|
|
|
|
|
|
<link rel="canonical" href="https://docs.mailcow.email/en/post_installation/firststeps-rp/">
|
|
|
|
|
|
<link rel="prev" href="../firststeps-logging/">
|
|
|
|
|
|
<link rel="next" href="../firststeps-rspamd_ui/">
|
|
|
|
<link rel="icon" href="../../../assets/images/favicon.png">
|
|
<meta name="generator" content="mkdocs-1.4.2, mkdocs-material-9.0.4">
|
|
|
|
|
|
|
|
<title>Reverse Proxy - mailcow: dockerized documentation</title>
|
|
|
|
|
|
|
|
<link rel="stylesheet" href="../../../assets/stylesheets/main.9c788c91.min.css">
|
|
|
|
|
|
<link rel="stylesheet" href="../../../assets/stylesheets/palette.2505c338.min.css">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<link rel="stylesheet" href="../../../assets/stylesheets/extra.css">
|
|
|
|
<script>__md_scope=new URL("../../..",location),__md_hash=e=>[...e].reduce((e,_)=>(e<<5)-e+_.charCodeAt(0),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</head>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<body dir="ltr" data-md-color-scheme="default" data-md-color-primary="" data-md-color-accent="">
|
|
|
|
|
|
|
|
<script>var palette=__md_get("__palette");if(palette&&"object"==typeof palette.color)for(var key of Object.keys(palette.color))document.body.setAttribute("data-md-color-"+key,palette.color[key])</script>
|
|
|
|
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
|
|
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
|
|
<label class="md-overlay" for="__drawer"></label>
|
|
<div data-md-component="skip">
|
|
|
|
|
|
<a href="#apache-24" class="md-skip">
|
|
Skip to content
|
|
</a>
|
|
|
|
</div>
|
|
<div data-md-component="announce">
|
|
|
|
<aside class="md-banner">
|
|
<div class="md-banner__inner md-grid md-typeset">
|
|
|
|
<button class="md-banner__button md-icon" aria-label="Don't show this again">
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
|
|
</button>
|
|
|
|
|
|
|
|
<center><h4>All Commands are available according to the <a style="color:#6390e5;" href="https://docs.docker.com/compose/install/linux/">Docker Compose Plugin</a> and the <a style="color:#6390e5;" href="https://docs.docker.com/compose/install/other/">Standalone Version</a> syntax</h4></center>
|
|
|
|
|
|
</div>
|
|
|
|
<script>var content,el=document.querySelector("[data-md-component=announce]");el&&(content=el.querySelector(".md-typeset"),__md_hash(content.innerHTML)===__md_get("__announce")&&(el.hidden=!0))</script>
|
|
|
|
</aside>
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<header class="md-header" data-md-component="header">
|
|
<nav class="md-header__inner md-grid" aria-label="Header">
|
|
<a href="../../" title="mailcow: dockerized documentation" class="md-header__button md-logo" aria-label="mailcow: dockerized documentation" data-md-component="logo">
|
|
|
|
<img src="../../../assets/images/logo.svg" alt="logo">
|
|
|
|
</a>
|
|
<label class="md-header__button md-icon" for="__drawer">
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
|
|
</label>
|
|
<div class="md-header__title" data-md-component="header-title">
|
|
<div class="md-header__ellipsis">
|
|
<div class="md-header__topic">
|
|
<span class="md-ellipsis">
|
|
mailcow: dockerized documentation
|
|
</span>
|
|
</div>
|
|
<div class="md-header__topic" data-md-component="header-topic">
|
|
<span class="md-ellipsis">
|
|
|
|
Reverse Proxy
|
|
|
|
</span>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<form class="md-header__option" data-md-component="palette">
|
|
|
|
|
|
<input class="md-option" data-md-color-media="" data-md-color-scheme="default" data-md-color-primary="" data-md-color-accent="" aria-label="Switch to dark mode" type="radio" name="__palette" id="__palette_1">
|
|
|
|
<label class="md-header__button md-icon" title="Switch to dark mode" for="__palette_2" hidden>
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="m17.75 4.09-2.53 1.94.91 3.06-2.63-1.81-2.63 1.81.91-3.06-2.53-1.94L12.44 4l1.06-3 1.06 3 3.19.09m3.5 6.91-1.64 1.25.59 1.98-1.7-1.17-1.7 1.17.59-1.98L15.75 11l2.06-.05L18.5 9l.69 1.95 2.06.05m-2.28 4.95c.83-.08 1.72 1.1 1.19 1.85-.32.45-.66.87-1.08 1.27C15.17 23 8.84 23 4.94 19.07c-3.91-3.9-3.91-10.24 0-14.14.4-.4.82-.76 1.27-1.08.75-.53 1.93.36 1.85 1.19-.27 2.86.69 5.83 2.89 8.02a9.96 9.96 0 0 0 8.02 2.89m-1.64 2.02a12.08 12.08 0 0 1-7.8-3.47c-2.17-2.19-3.33-5-3.49-7.82-2.81 3.14-2.7 7.96.31 10.98 3.02 3.01 7.84 3.12 10.98.31Z"/></svg>
|
|
</label>
|
|
|
|
|
|
|
|
<input class="md-option" data-md-color-media="" data-md-color-scheme="slate" data-md-color-primary="" data-md-color-accent="" aria-label="Switch to light mode" type="radio" name="__palette" id="__palette_2">
|
|
|
|
<label class="md-header__button md-icon" title="Switch to light mode" for="__palette_1" hidden>
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 7a5 5 0 0 1 5 5 5 5 0 0 1-5 5 5 5 0 0 1-5-5 5 5 0 0 1 5-5m0 2a3 3 0 0 0-3 3 3 3 0 0 0 3 3 3 3 0 0 0 3-3 3 3 0 0 0-3-3m0-7 2.39 3.42C13.65 5.15 12.84 5 12 5c-.84 0-1.65.15-2.39.42L12 2M3.34 7l4.16-.35A7.2 7.2 0 0 0 5.94 8.5c-.44.74-.69 1.5-.83 2.29L3.34 7m.02 10 1.76-3.77a7.131 7.131 0 0 0 2.38 4.14L3.36 17M20.65 7l-1.77 3.79a7.023 7.023 0 0 0-2.38-4.15l4.15.36m-.01 10-4.14.36c.59-.51 1.12-1.14 1.54-1.86.42-.73.69-1.5.83-2.29L20.64 17M12 22l-2.41-3.44c.74.27 1.55.44 2.41.44.82 0 1.63-.17 2.37-.44L12 22Z"/></svg>
|
|
</label>
|
|
|
|
|
|
</form>
|
|
|
|
|
|
<div class="md-header__option">
|
|
<div class="md-select">
|
|
|
|
<button class="md-header__button md-icon" aria-label="Select language">
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="m12.87 15.07-2.54-2.51.03-.03A17.52 17.52 0 0 0 14.07 6H17V4h-7V2H8v2H1v2h11.17C11.5 7.92 10.44 9.75 9 11.35 8.07 10.32 7.3 9.19 6.69 8h-2c.73 1.63 1.73 3.17 2.98 4.56l-5.09 5.02L4 19l5-5 3.11 3.11.76-2.04M18.5 10h-2L12 22h2l1.12-3h4.75L21 22h2l-4.5-12m-2.62 7 1.62-4.33L19.12 17h-3.24Z"/></svg>
|
|
</button>
|
|
<div class="md-select__inner">
|
|
<ul class="md-select__list">
|
|
|
|
<li class="md-select__item">
|
|
<a href="../../../post_installation/firststeps-rp/" hreflang="en" class="md-select__link">
|
|
English
|
|
</a>
|
|
</li>
|
|
|
|
<li class="md-select__item">
|
|
<a href="../../../de/post_installation/firststeps-rp/" hreflang="de" class="md-select__link">
|
|
Deutsch
|
|
</a>
|
|
</li>
|
|
|
|
</ul>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<label class="md-header__button md-icon" for="__search">
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
|
|
</label>
|
|
<div class="md-search" data-md-component="search" role="dialog">
|
|
<label class="md-search__overlay" for="__search"></label>
|
|
<div class="md-search__inner" role="search">
|
|
<form class="md-search__form" name="search">
|
|
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
|
|
<label class="md-search__icon md-icon" for="__search">
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
|
|
</label>
|
|
<nav class="md-search__options" aria-label="Search">
|
|
|
|
<button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1">
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
|
|
</button>
|
|
</nav>
|
|
|
|
</form>
|
|
<div class="md-search__output">
|
|
<div class="md-search__scrollwrap" data-md-scrollfix>
|
|
<div class="md-search-result" data-md-component="search-result">
|
|
<div class="md-search-result__meta">
|
|
Initializing search
|
|
</div>
|
|
<ol class="md-search-result__list"></ol>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<div class="md-header__source">
|
|
<a href="https://github.com/mailcow/mailcow-dockerized" title="Go to repository" class="md-source" data-md-component="source">
|
|
<div class="md-source__icon md-icon">
|
|
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
|
|
</div>
|
|
<div class="md-source__repository">
|
|
mailcow/mailcow-dockerized
|
|
</div>
|
|
</a>
|
|
</div>
|
|
|
|
</nav>
|
|
|
|
</header>
|
|
|
|
<div class="md-container" data-md-component="container">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<main class="md-main" data-md-component="main">
|
|
<div class="md-main__inner md-grid">
|
|
|
|
|
|
|
|
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
|
|
<div class="md-sidebar__scrollwrap">
|
|
<div class="md-sidebar__inner">
|
|
|
|
|
|
|
|
<nav class="md-nav md-nav--primary" aria-label="Navigation" data-md-level="0">
|
|
<label class="md-nav__title" for="__drawer">
|
|
<a href="../../" title="mailcow: dockerized documentation" class="md-nav__button md-logo" aria-label="mailcow: dockerized documentation" data-md-component="logo">
|
|
|
|
<img src="../../../assets/images/logo.svg" alt="logo">
|
|
|
|
</a>
|
|
mailcow: dockerized documentation
|
|
</label>
|
|
|
|
<div class="md-nav__source">
|
|
<a href="https://github.com/mailcow/mailcow-dockerized" title="Go to repository" class="md-source" data-md-component="source">
|
|
<div class="md-source__icon md-icon">
|
|
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
|
|
</div>
|
|
<div class="md-source__repository">
|
|
mailcow/mailcow-dockerized
|
|
</div>
|
|
</a>
|
|
</div>
|
|
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../" class="md-nav__link">
|
|
Information & Support
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_2" type="checkbox" id="__nav_2" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_2" tabindex="0" aria-expanded="false">
|
|
Prerequisites
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="Prerequisites" data-md-level="1">
|
|
<label class="md-nav__title" for="__nav_2">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Prerequisites
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../prerequisite/prerequisite-system/" class="md-nav__link">
|
|
Prepare your system
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../prerequisite/prerequisite-dns/" class="md-nav__link">
|
|
DNS setup
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_3" type="checkbox" id="__nav_3" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_3" tabindex="0" aria-expanded="false">
|
|
Installation, Update & Migration
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="Installation, Update & Migration" data-md-level="1">
|
|
<label class="md-nav__title" for="__nav_3">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Installation, Update & Migration
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../i_u_m/i_u_m_install/" class="md-nav__link">
|
|
Installation
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../i_u_m/i_u_m_update/" class="md-nav__link">
|
|
Update
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../i_u_m/i_u_m_migration/" class="md-nav__link">
|
|
Migration
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../i_u_m/i_u_m_deinstall/" class="md-nav__link">
|
|
Deinstallation
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_4" type="checkbox" id="__nav_4" checked>
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_4" tabindex="0" aria-expanded="true">
|
|
Post Installation Tasks
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="Post Installation Tasks" data-md-level="1">
|
|
<label class="md-nav__title" for="__nav_4">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Post Installation Tasks
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../firststeps-ssl/" class="md-nav__link">
|
|
Advanced SSL
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../firststeps-disable_ipv6/" class="md-nav__link">
|
|
Disable IPv6
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../firststeps-dmarc_reporting/" class="md-nav__link">
|
|
DMARC Reporting
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../firststeps-ip_bindings/" class="md-nav__link">
|
|
IP bindings
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../firststeps-local_mta/" class="md-nav__link">
|
|
Local MTA on Docker host
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../firststeps-logging/" class="md-nav__link">
|
|
Logging
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--active">
|
|
|
|
<input class="md-nav__toggle md-toggle" data-md-toggle="toc" type="checkbox" id="__toc">
|
|
|
|
|
|
|
|
<label class="md-nav__link md-nav__link--active" for="__toc">
|
|
Reverse Proxy
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<a href="./" class="md-nav__link md-nav__link--active">
|
|
Reverse Proxy
|
|
</a>
|
|
|
|
|
|
|
|
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
|
|
|
|
|
|
|
|
|
|
<label class="md-nav__title" for="__toc">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Table of contents
|
|
</label>
|
|
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
|
|
|
|
<li class="md-nav__item">
|
|
<a href="#apache-24" class="md-nav__link">
|
|
Apache 2.4
|
|
</a>
|
|
|
|
</li>
|
|
|
|
<li class="md-nav__item">
|
|
<a href="#nginx" class="md-nav__link">
|
|
Nginx
|
|
</a>
|
|
|
|
</li>
|
|
|
|
<li class="md-nav__item">
|
|
<a href="#haproxy-community-supported" class="md-nav__link">
|
|
HAProxy (community supported)
|
|
</a>
|
|
|
|
</li>
|
|
|
|
<li class="md-nav__item">
|
|
<a href="#traefik-v2-community-supported" class="md-nav__link">
|
|
Traefik v2 (community supported)
|
|
</a>
|
|
|
|
</li>
|
|
|
|
<li class="md-nav__item">
|
|
<a href="#caddy-v2-supported-by-the-community" class="md-nav__link">
|
|
Caddy v2 (supported by the community)
|
|
</a>
|
|
|
|
</li>
|
|
|
|
<li class="md-nav__item">
|
|
<a href="#optional-post-hook-script-for-non-mailcow-acme-clients" class="md-nav__link">
|
|
Optional: Post-hook script for non-mailcow ACME clients
|
|
</a>
|
|
|
|
</li>
|
|
|
|
<li class="md-nav__item">
|
|
<a href="#adding-additional-server-names-for-mailcow-ui" class="md-nav__link">
|
|
Adding additional server names for mailcow UI
|
|
</a>
|
|
|
|
</li>
|
|
|
|
</ul>
|
|
|
|
</nav>
|
|
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../firststeps-rspamd_ui/" class="md-nav__link">
|
|
Rspamd UI
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../firststeps-snat/" class="md-nav__link">
|
|
SNAT
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../firststeps-sync_jobs_migration/" class="md-nav__link">
|
|
Sync job migration
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_5" type="checkbox" id="__nav_5" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_5" tabindex="0" aria-expanded="false">
|
|
Models
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="Models" data-md-level="1">
|
|
<label class="md-nav__title" for="__nav_5">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Models
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../models/model-acl/" class="md-nav__link">
|
|
ACL
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../models/model-passwd/" class="md-nav__link">
|
|
Password hashing
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../models/model-sender_rcv/" class="md-nav__link">
|
|
Sender and receiver model
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_6" type="checkbox" id="__nav_6" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_6" tabindex="0" aria-expanded="false">
|
|
General Troubleshooting
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="General Troubleshooting" data-md-level="1">
|
|
<label class="md-nav__title" for="__nav_6">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
General Troubleshooting
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../troubleshooting/debug/" class="md-nav__link">
|
|
Introduction
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../troubleshooting/debug-admin_login_sogo/" class="md-nav__link">
|
|
Admin login to SOGo
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../troubleshooting/debug-rspamd_memory_leaks/" class="md-nav__link">
|
|
Advanced: Find memory leaks in Rspamd
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../troubleshooting/debug-attach_service/" class="md-nav__link">
|
|
Attach to a Container
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../troubleshooting/debug-common_problems/" class="md-nav__link">
|
|
Common Problems
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../troubleshooting/debug-logs/" class="md-nav__link">
|
|
Logs
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../troubleshooting/debug-mysql_upgrade/" class="md-nav__link">
|
|
Manual MySQL upgrade
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../troubleshooting/debug-mysql_aria/" class="md-nav__link">
|
|
Recover crashed Aria storage engine
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../troubleshooting/debug-rm_volumes/" class="md-nav__link">
|
|
Remove Persistent Data
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../troubleshooting/debug-reset_pw/" class="md-nav__link">
|
|
Reset Passwords (incl. SQL)
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../troubleshooting/debug-reset_tls/" class="md-nav__link">
|
|
Reset TLS certificates
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_7" type="checkbox" id="__nav_7" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_7" tabindex="0" aria-expanded="false">
|
|
Backup & Restore
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="Backup & Restore" data-md-level="1">
|
|
<label class="md-nav__title" for="__nav_7">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Backup & Restore
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_7_1" type="checkbox" id="__nav_7_1" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_7_1" tabindex="0" aria-expanded="false">
|
|
Component backup & restore
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="Component backup & restore" data-md-level="2">
|
|
<label class="md-nav__title" for="__nav_7_1">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Component backup & restore
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../backup_restore/b_n_r-backup/" class="md-nav__link">
|
|
Backup
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../backup_restore/b_n_r-restore/" class="md-nav__link">
|
|
Restore
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../backup_restore/b_n_r-coldstandby/" class="md-nav__link">
|
|
Cold-standby (rolling backup)
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_7_3" type="checkbox" id="__nav_7_3" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_7_3" tabindex="0" aria-expanded="false">
|
|
Manual backups
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="Manual backups" data-md-level="2">
|
|
<label class="md-nav__title" for="__nav_7_3">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Manual backups
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../backup_restore/b_n_r-backup_restore-maildir/" class="md-nav__link">
|
|
Maildir
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../backup_restore/b_n_r-backup_restore-mysql/" class="md-nav__link">
|
|
MySQL (mysqldump)
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_7_4" type="checkbox" id="__nav_7_4" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_7_4" tabindex="0" aria-expanded="false">
|
|
mailcow-internal backups
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="mailcow-internal backups" data-md-level="2">
|
|
<label class="md-nav__title" for="__nav_7_4">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
mailcow-internal backups
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../backup_restore/b_n_r-accidental_deletion/" class="md-nav__link">
|
|
Recover accidentally deleted data
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8" type="checkbox" id="__nav_8" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_8" tabindex="0" aria-expanded="false">
|
|
Manual/Guides/Examples
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="Manual/Guides/Examples" data-md-level="1">
|
|
<label class="md-nav__title" for="__nav_8">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Manual/Guides/Examples
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8_1" type="checkbox" id="__nav_8_1" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_8_1" tabindex="0" aria-expanded="false">
|
|
mailcow UI
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="mailcow UI" data-md-level="2">
|
|
<label class="md-nav__title" for="__nav_8_1">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
mailcow UI
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-bl_wl/" class="md-nav__link">
|
|
Blacklist / Whitelist
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-config/" class="md-nav__link">
|
|
Configuration
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-css/" class="md-nav__link">
|
|
CSS overrides
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-netfilter/" class="md-nav__link">
|
|
Netfilter
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-pushover/" class="md-nav__link">
|
|
Pushover
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-spamfilter/" class="md-nav__link">
|
|
Spamfilter
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-sub_addressing/" class="md-nav__link">
|
|
Sub-addressing
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-tags/" class="md-nav__link">
|
|
Tags (for Domains and Mailboxes)
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-spamalias/" class="md-nav__link">
|
|
Temporary email aliases
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-tfa/" class="md-nav__link">
|
|
Two-Factor Authentication
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-fido/" class="md-nav__link">
|
|
WebAuthn / FIDO2
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8_2" type="checkbox" id="__nav_8_2" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_8_2" tabindex="0" aria-expanded="false">
|
|
Postfix
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="Postfix" data-md-level="2">
|
|
<label class="md-nav__title" for="__nav_8_2">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Postfix
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Postfix/u_e-postfix-trust_networks/" class="md-nav__link">
|
|
Add trusted networks
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Postfix/u_e-postfix-custom_transport/" class="md-nav__link">
|
|
Custom transport maps
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Postfix/u_e-postfix-extra_cf/" class="md-nav__link">
|
|
Customize/Expand main.cf
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Postfix/u_e-postfix-disable_sender_verification/" class="md-nav__link">
|
|
Disable Sender Addresses Verification
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Postfix/u_e-postfix-attachment_size/" class="md-nav__link">
|
|
Max. message size (attachment size)
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Postfix/u_e-postfix-relayhost/" class="md-nav__link">
|
|
Relayhosts
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Postfix/u_e-postfix-pflogsumm/" class="md-nav__link">
|
|
Statistics with pflogsumm
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Postfix/u_e-postfix-postscreen_whitelist/" class="md-nav__link">
|
|
Whitelist IP in Postscreen
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8_3" type="checkbox" id="__nav_8_3" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_8_3" tabindex="0" aria-expanded="false">
|
|
Unbound
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="Unbound" data-md-level="2">
|
|
<label class="md-nav__title" for="__nav_8_3">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Unbound
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Unbound/u_e-unbound-fwd/" class="md-nav__link">
|
|
Using an external DNS service
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8_4" type="checkbox" id="__nav_8_4" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_8_4" tabindex="0" aria-expanded="false">
|
|
Dovecot
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="Dovecot" data-md-level="2">
|
|
<label class="md-nav__title" for="__nav_8_4">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Dovecot
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Dovecot/u_e-dovecot-extra_conf/" class="md-nav__link">
|
|
Customize/Expand dovecot.conf
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Dovecot/u_e-dovecot-any_acl/" class="md-nav__link">
|
|
Enable "any" ACL settings
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Dovecot/u_e-dovecot-expunge/" class="md-nav__link">
|
|
Expunge a Users mails
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Dovecot/u_e-dovecot-fts/" class="md-nav__link">
|
|
FTS (Solr)
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Dovecot/u_e-dovecot-idle_interval/" class="md-nav__link">
|
|
IMAP IDLE interval
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Dovecot/u_e-dovecot-mail-crypt/" class="md-nav__link">
|
|
Mail crypt
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Dovecot/u_e-dovecot-more/" class="md-nav__link">
|
|
More Examples with DOVEADM
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Dovecot/u_e-dovecot-vmail-volume/" class="md-nav__link">
|
|
Move Maildir (vmail)
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Dovecot/u_e-dovecot-public_folder/" class="md-nav__link">
|
|
Public folders
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Dovecot/u_e-dovecot-static_master/" class="md-nav__link">
|
|
Static master user
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Dovecot/u_e-dovecot-catchall_vacation/" class="md-nav__link">
|
|
Vacation replies for catchall addresses
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8_5" type="checkbox" id="__nav_8_5" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_8_5" tabindex="0" aria-expanded="false">
|
|
Nginx
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="Nginx" data-md-level="2">
|
|
<label class="md-nav__title" for="__nav_8_5">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Nginx
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Nginx/u_e-nginx_webmail-site/" class="md-nav__link">
|
|
Create subdomain webmail.example.org
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Nginx/u_e-nginx_custom/" class="md-nav__link">
|
|
Custom sites
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8_6" type="checkbox" id="__nav_8_6" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_8_6" tabindex="0" aria-expanded="false">
|
|
Watchdog
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="Watchdog" data-md-level="2">
|
|
<label class="md-nav__title" for="__nav_8_6">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Watchdog
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Watchdog/u_e-watchdog-thresholds/" class="md-nav__link">
|
|
Thresholds
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Redis/u_e-redis/" class="md-nav__link">
|
|
Redis
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Rspamd/u_e-rspamd/" class="md-nav__link">
|
|
Rspamd
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8_9" type="checkbox" id="__nav_8_9" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_8_9" tabindex="0" aria-expanded="false">
|
|
ClamAV
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="ClamAV" data-md-level="2">
|
|
<label class="md-nav__title" for="__nav_8_9">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
ClamAV
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/ClamAV/u_e-clamav-whitelist/" class="md-nav__link">
|
|
Whitelist
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/ClamAV/u_e-clamav-additional_dbs/" class="md-nav__link">
|
|
Additional Databases
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/SOGo/u_e-sogo/" class="md-nav__link">
|
|
SOGo
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8_11" type="checkbox" id="__nav_8_11" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_8_11" tabindex="0" aria-expanded="false">
|
|
Docker
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="Docker" data-md-level="2">
|
|
<label class="md-nav__title" for="__nav_8_11">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Docker
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/Docker/u_e-docker-cust_dockerfiles/" class="md-nav__link">
|
|
Customize Dockerfiles
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/u_e-why_unbound/" class="md-nav__link">
|
|
Why unbound?
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/u_e-autodiscover_config/" class="md-nav__link">
|
|
Autodiscover / Autoconfig
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/u_e-80_to_443/" class="md-nav__link">
|
|
Redirect HTTP to HTTPS
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/u_e-reeanble-weak-protocols/" class="md-nav__link">
|
|
Re-enable TLS 1.0 and TLS 1.1
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../manual-guides/u_e-update-hooks/" class="md-nav__link">
|
|
Run scripts before and after updates
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_9" type="checkbox" id="__nav_9" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_9" tabindex="0" aria-expanded="false">
|
|
Client Configuration
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="Client Configuration" data-md-level="1">
|
|
<label class="md-nav__title" for="__nav_9">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Client Configuration
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../client/client/" class="md-nav__link">
|
|
Overview
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../client/client-android/" class="md-nav__link">
|
|
Android
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../client/client-apple/" class="md-nav__link">
|
|
Apple macOS / iOS
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../client/client-emclient/" class="md-nav__link">
|
|
eM Client
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../client/client-kontact/" class="md-nav__link">
|
|
KDE Kontact
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../client/client-outlook/" class="md-nav__link">
|
|
Microsoft Outlook
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../client/client-thunderbird/" class="md-nav__link">
|
|
Mozilla Thunderbird
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../client/client-windows/" class="md-nav__link">
|
|
Windows Mail
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../client/client-manual/" class="md-nav__link">
|
|
Manual configuration
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item md-nav__item--nested">
|
|
|
|
|
|
|
|
|
|
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_10" type="checkbox" id="__nav_10" >
|
|
|
|
|
|
|
|
<label class="md-nav__link" for="__nav_10" tabindex="0" aria-expanded="false">
|
|
Third party apps
|
|
<span class="md-nav__icon md-icon"></span>
|
|
</label>
|
|
|
|
<nav class="md-nav" aria-label="Third party apps" data-md-level="1">
|
|
<label class="md-nav__title" for="__nav_10">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Third party apps
|
|
</label>
|
|
<ul class="md-nav__list" data-md-scrollfix>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../third_party/borgmatic/third_party-borgmatic/" class="md-nav__link">
|
|
Borgmatic Backup
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../third_party/checkmk/u_e-checkmk/" class="md-nav__link">
|
|
CheckMK
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../third_party/exchange_onprem/third_party-exchange_onprem/" class="md-nav__link">
|
|
Exchange Hybrid Setup
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../third_party/gitea/third_party-gitea/" class="md-nav__link">
|
|
Gitea
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../third_party/gogs/third_party-gogs/" class="md-nav__link">
|
|
Gogs
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../third_party/mailman3/third_party-mailman3/" class="md-nav__link">
|
|
Mailman 3
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../third_party/mailpiler/third_party-mailpiler_integration/" class="md-nav__link">
|
|
Mailpiler Integration
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../third_party/nextcloud/third_party-nextcloud/" class="md-nav__link">
|
|
Nextcloud
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../third_party/portainer/third_party-portainer/" class="md-nav__link">
|
|
Portainer
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<li class="md-nav__item">
|
|
<a href="../../third_party/roundcube/third_party-roundcube/" class="md-nav__link">
|
|
Roundcube
|
|
</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</li>
|
|
|
|
|
|
|
|
</ul>
|
|
</nav>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
|
|
|
|
<div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
|
|
<div class="md-sidebar__scrollwrap">
|
|
<div class="md-sidebar__inner">
|
|
|
|
|
|
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
|
|
|
|
|
|
|
|
|
|
<label class="md-nav__title" for="__toc">
|
|
<span class="md-nav__icon md-icon"></span>
|
|
Table of contents
|
|
</label>
|
|
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
|
|
|
|
<li class="md-nav__item">
|
|
<a href="#apache-24" class="md-nav__link">
|
|
Apache 2.4
|
|
</a>
|
|
|
|
</li>
|
|
|
|
<li class="md-nav__item">
|
|
<a href="#nginx" class="md-nav__link">
|
|
Nginx
|
|
</a>
|
|
|
|
</li>
|
|
|
|
<li class="md-nav__item">
|
|
<a href="#haproxy-community-supported" class="md-nav__link">
|
|
HAProxy (community supported)
|
|
</a>
|
|
|
|
</li>
|
|
|
|
<li class="md-nav__item">
|
|
<a href="#traefik-v2-community-supported" class="md-nav__link">
|
|
Traefik v2 (community supported)
|
|
</a>
|
|
|
|
</li>
|
|
|
|
<li class="md-nav__item">
|
|
<a href="#caddy-v2-supported-by-the-community" class="md-nav__link">
|
|
Caddy v2 (supported by the community)
|
|
</a>
|
|
|
|
</li>
|
|
|
|
<li class="md-nav__item">
|
|
<a href="#optional-post-hook-script-for-non-mailcow-acme-clients" class="md-nav__link">
|
|
Optional: Post-hook script for non-mailcow ACME clients
|
|
</a>
|
|
|
|
</li>
|
|
|
|
<li class="md-nav__item">
|
|
<a href="#adding-additional-server-names-for-mailcow-ui" class="md-nav__link">
|
|
Adding additional server names for mailcow UI
|
|
</a>
|
|
|
|
</li>
|
|
|
|
</ul>
|
|
|
|
</nav>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
|
|
|
|
<div class="md-content" data-md-component="content">
|
|
<article class="md-content__inner md-typeset">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<h1>Reverse Proxy</h1>
|
|
|
|
<p>You don't need to change the Nginx site that comes with mailcow: dockerized.
|
|
mailcow: dockerized trusts the default gateway IP 172.22.1.1 as proxy.</p>
|
|
<p>1. Make sure you change HTTP_BIND and HTTPS_BIND in <code>mailcow.conf</code> to a local address and set the ports accordingly, for example:
|
|
<div class="highlight"><pre><span></span><code><span class="nv">HTTP_BIND</span><span class="o">=</span><span class="m">127</span>.0.0.1
|
|
<span class="nv">HTTP_PORT</span><span class="o">=</span><span class="m">8080</span>
|
|
<span class="nv">HTTPS_BIND</span><span class="o">=</span><span class="m">127</span>.0.0.1
|
|
<span class="nv">HTTPS_PORT</span><span class="o">=</span><span class="m">8443</span>
|
|
</code></pre></div></p>
|
|
<p>This will also change the bindings inside the Nginx container! This is important, if you decide to use a proxy within Docker.</p>
|
|
<p><strong>IMPORTANT:</strong> Do not use port 8081, 9081 or 65510!</p>
|
|
<p>Recreate affected containers by running the command:</p>
|
|
<div class="tabbed-set tabbed-alternate" data-tabs="1:2"><input checked="checked" id="__tabbed_1_1" name="__tabbed_1" type="radio" /><input id="__tabbed_1_2" name="__tabbed_1" type="radio" /><div class="tabbed-labels"><label for="__tabbed_1_1">docker compose (Plugin)</label><label for="__tabbed_1_2">docker-compose (Standalone)</label></div>
|
|
<div class="tabbed-content">
|
|
<div class="tabbed-block">
|
|
<div class="highlight"><pre><span></span><code>docker<span class="w"> </span>compose<span class="w"> </span>up<span class="w"> </span>-d
|
|
</code></pre></div>
|
|
</div>
|
|
<div class="tabbed-block">
|
|
<div class="highlight"><pre><span></span><code>docker-compose<span class="w"> </span>up<span class="w"> </span>-d
|
|
</code></pre></div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<p><strong>Important information, please read them carefully!</strong></p>
|
|
<div class="admonition info">
|
|
<p class="admonition-title">Info</p>
|
|
<p>If you plan to use a reverse proxy and want to use another server name that is <strong>not</strong> MAILCOW_HOSTNAME, you need to read <strong>Adding additional server names for mailcow UI</strong> at the bottom of this page.</p>
|
|
</div>
|
|
<div class="admonition warning">
|
|
<p class="admonition-title">Warning</p>
|
|
<p>Make sure you run <code>generate_config.sh</code> before you enable any site configuration examples below.
|
|
The script <code>generate_config.sh</code> copies snake-oil certificates to the correct location, so the services will not fail to start due to missing files.</p>
|
|
</div>
|
|
<div class="admonition warning">
|
|
<p class="admonition-title">Warning</p>
|
|
<p>If you enable TLS SNI (<code>ENABLE_TLS_SNI</code> in mailcow.conf), the certificate paths in your reverse proxy <strong>must</strong> match the correct paths in data/assets/ssl/{hostname}. The certificates will be split into <code>data/assets/ssl/{hostname1,hostname2,etc}</code> and therefore will not work when you copy the examples from below pointing to <code>data/assets/ssl/cert.pem</code> etc.</p>
|
|
</div>
|
|
<div class="admonition info">
|
|
<p class="admonition-title">Info</p>
|
|
<p>Using the site configs below will <strong>forward ACME requests to mailcow</strong> and let it handle certificates itself.
|
|
The downside of using mailcow as ACME client behind a reverse proxy is, that you will need to reload your webserver after acme-mailcow changed/renewed/created the certificate. You can either reload your webserver daily or write a script to watch the file for changes.
|
|
On many servers logrotate will reload the webserver daily anyway.</p>
|
|
<p>If you want to use a local certbot installation, you will need to change the SSL certificate parameters accordingly.
|
|
<strong>Make sure you run a post-hook script</strong> when you decide to use external ACME clients. You will find an example at the bottom of this page.</p>
|
|
</div>
|
|
<p>2. Configure your local webserver as reverse proxy:</p>
|
|
<h3 id="apache-24">Apache 2.4<a class="headerlink" href="#apache-24" title="Permanent link">¶</a></h3>
|
|
<p>Required modules:
|
|
<div class="highlight"><pre><span></span><code>a2enmod rewrite proxy proxy_http headers ssl
|
|
</code></pre></div></p>
|
|
<p>Let's Encrypt will follow our rewrite, certificate requests in mailcow will work fine.</p>
|
|
<p><strong>Take care of highlighted lines.</strong></p>
|
|
<div class="highlight"><pre><span></span><code><span class="nt"><VirtualHost</span><span class="w"> </span><span class="s">*:80</span><span class="nt">></span>
|
|
<span class="hll"><span class="w"> </span><span class="nb">ServerName</span><span class="w"> </span>CHANGE_TO_MAILCOW_HOSTNAME
|
|
</span><span class="w"> </span><span class="nb">ServerAlias</span><span class="w"> </span>autodiscover.*
|
|
<span class="w"> </span><span class="nb">ServerAlias</span><span class="w"> </span>autoconfig.*
|
|
<span class="w"> </span><span class="nb">RewriteEngine</span><span class="w"> </span><span class="k">on</span>
|
|
|
|
<span class="w"> </span><span class="nb">RewriteCond</span><span class="w"> </span>%{HTTPS}<span class="w"> </span><span class="k">off</span>
|
|
<span class="w"> </span><span class="nb">RewriteRule</span><span class="w"> </span>^/?(.*)<span class="w"> </span>https://%{HTTP_HOST}/$1<span class="w"> </span>[R=301,L]
|
|
|
|
<span class="hll"><span class="w"> </span><span class="nb">ProxyPass</span><span class="w"> </span>/<span class="w"> </span>http://127.0.0.1:8080/
|
|
</span><span class="hll"><span class="w"> </span><span class="nb">ProxyPassReverse</span><span class="w"> </span>/<span class="w"> </span>http://127.0.0.1:8080/
|
|
</span><span class="w"> </span><span class="nb">ProxyPreserveHost</span><span class="w"> </span><span class="k">On</span>
|
|
<span class="w"> </span><span class="nb">ProxyAddHeaders</span><span class="w"> </span><span class="k">On</span>
|
|
<span class="w"> </span><span class="nb">RequestHeader</span><span class="w"> </span>set<span class="w"> </span>X-Forwarded-Proto<span class="w"> </span><span class="s2">"http"</span>
|
|
<span class="nt"></VirtualHost></span>
|
|
<span class="nt"><VirtualHost</span><span class="w"> </span><span class="s">*:443</span><span class="nt">></span>
|
|
<span class="hll"><span class="w"> </span><span class="nb">ServerName</span><span class="w"> </span>CHANGE_TO_MAILCOW_HOSTNAME
|
|
</span><span class="w"> </span><span class="nb">ServerAlias</span><span class="w"> </span>autodiscover.*
|
|
<span class="w"> </span><span class="nb">ServerAlias</span><span class="w"> </span>autoconfig.*
|
|
|
|
<span class="w"> </span><span class="c"># You should proxy to a plain HTTP session to offload SSL processing</span>
|
|
<span class="hll"><span class="w"> </span><span class="nb">ProxyPass</span><span class="w"> </span><span class="sx">/Microsoft-Server-ActiveSync</span><span class="w"> </span>http://127.0.0.1:8080/Microsoft-Server-ActiveSync<span class="w"> </span>connectiontimeout=4000
|
|
</span><span class="hll"><span class="w"> </span><span class="nb">ProxyPassReverse</span><span class="w"> </span><span class="sx">/Microsoft-Server-ActiveSync</span><span class="w"> </span>http://127.0.0.1:8080/Microsoft-Server-ActiveSync
|
|
</span><span class="hll"><span class="w"> </span><span class="nb">ProxyPass</span><span class="w"> </span>/<span class="w"> </span>http://127.0.0.1:8080/
|
|
</span><span class="hll"><span class="w"> </span><span class="nb">ProxyPassReverse</span><span class="w"> </span>/<span class="w"> </span>http://127.0.0.1:8080/
|
|
</span><span class="w"> </span><span class="nb">ProxyPreserveHost</span><span class="w"> </span><span class="k">On</span>
|
|
<span class="w"> </span><span class="nb">ProxyAddHeaders</span><span class="w"> </span><span class="k">On</span>
|
|
<span class="w"> </span><span class="nb">RequestHeader</span><span class="w"> </span>set<span class="w"> </span>X-Forwarded-Proto<span class="w"> </span><span class="s2">"https"</span>
|
|
|
|
<span class="hll"><span class="w"> </span><span class="nb">SSLCertificateFile</span><span class="w"> </span>MAILCOW_PATH/data/assets/ssl/cert.pem
|
|
</span><span class="hll"><span class="w"> </span><span class="nb">SSLCertificateKeyFile</span><span class="w"> </span>MAILCOW_PATH/data/assets/ssl/key.pem
|
|
</span>
|
|
<span class="w"> </span><span class="c"># If you plan to proxy to a HTTPS host:</span>
|
|
<span class="w"> </span><span class="c">#SSLProxyEngine On</span>
|
|
|
|
<span class="w"> </span><span class="c"># If you plan to proxy to an untrusted HTTPS host:</span>
|
|
<span class="w"> </span><span class="c">#SSLProxyVerify none</span>
|
|
<span class="w"> </span><span class="c">#SSLProxyCheckPeerCN off</span>
|
|
<span class="w"> </span><span class="c">#SSLProxyCheckPeerName off</span>
|
|
<span class="w"> </span><span class="c">#SSLProxyCheckPeerExpire off</span>
|
|
<span class="nt"></VirtualHost></span>
|
|
</code></pre></div>
|
|
<h3 id="nginx">Nginx<a class="headerlink" href="#nginx" title="Permanent link">¶</a></h3>
|
|
<p>Let's Encrypt will follow our rewrite, certificate requests will work fine.</p>
|
|
<p><strong>Take care of highlighted lines.</strong></p>
|
|
<div class="highlight"><pre><span></span><code>server {
|
|
listen 80 default_server;
|
|
listen [::]:80 default_server;
|
|
<span class="hll"> server_name CHANGE_TO_MAILCOW_HOSTNAME autodiscover.* autoconfig.*;
|
|
</span> return 301 https://$host$request_uri;
|
|
}
|
|
server {
|
|
listen 443 ssl http2;
|
|
listen [::]:443 ssl http2;
|
|
<span class="hll"> server_name CHANGE_TO_MAILCOW_HOSTNAME autodiscover.* autoconfig.*;
|
|
</span>
|
|
<span class="hll"> ssl_certificate MAILCOW_PATH/data/assets/ssl/cert.pem;
|
|
</span><span class="hll"> ssl_certificate_key MAILCOW_PATH/data/assets/ssl/key.pem;
|
|
</span> ssl_session_timeout 1d;
|
|
ssl_session_cache shared:SSL:50m;
|
|
ssl_session_tickets off;
|
|
|
|
# See https://ssl-config.mozilla.org/#server=nginx for the latest ssl settings recommendations
|
|
# An example config is given below
|
|
ssl_protocols TLSv1.2;
|
|
ssl_ciphers HIGH:!aNULL:!MD5:!SHA1:!kRSA;
|
|
ssl_prefer_server_ciphers off;
|
|
|
|
location /Microsoft-Server-ActiveSync {
|
|
<span class="hll"> proxy_pass http://127.0.0.1:8080/Microsoft-Server-ActiveSync;
|
|
</span> proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_connect_timeout 75;
|
|
proxy_send_timeout 3650;
|
|
proxy_read_timeout 3650;
|
|
proxy_buffers 64 512k; # Needed since the 2022-04 Update for SOGo
|
|
client_body_buffer_size 512k;
|
|
client_max_body_size 0;
|
|
}
|
|
|
|
location / {
|
|
<span class="hll"> proxy_pass http://127.0.0.1:8080/;
|
|
</span> proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
client_max_body_size 0;
|
|
# The following Proxy Buffers has to be set if you want to use SOGo after the 2022-04 (April 2022) Update
|
|
# Otherwise a Login will fail like this: https://github.com/mailcow/mailcow-dockerized/issues/4537
|
|
proxy_buffer_size 128k;
|
|
proxy_buffers 64 512k;
|
|
proxy_busy_buffers_size 512k;
|
|
}
|
|
}
|
|
</code></pre></div>
|
|
<h3 id="haproxy-community-supported">HAProxy (community supported)<a class="headerlink" href="#haproxy-community-supported" title="Permanent link">¶</a></h3>
|
|
<div class="admonition warning">
|
|
<p class="admonition-title">Warning</p>
|
|
<p>This is an unsupported community contribution. Feel free to provide fixes.</p>
|
|
</div>
|
|
<p><strong>Important/Fixme</strong>: This example only forwards HTTPS traffic and does not use mailcows built-in ACME client.</p>
|
|
<div class="highlight"><pre><span></span><code>frontend https-in
|
|
bind :::443 v4v6 ssl crt mailcow.pem
|
|
default_backend mailcow
|
|
|
|
backend mailcow
|
|
option forwardfor
|
|
http-request set-header X-Forwarded-Proto https if { ssl_fc }
|
|
http-request set-header X-Forwarded-Proto http if !{ ssl_fc }
|
|
server mailcow 127.0.0.1:8080 check
|
|
</code></pre></div>
|
|
<h3 id="traefik-v2-community-supported">Traefik v2 (community supported)<a class="headerlink" href="#traefik-v2-community-supported" title="Permanent link">¶</a></h3>
|
|
<div class="admonition warning">
|
|
<p class="admonition-title">Warning</p>
|
|
<p>This is an unsupported community contribution. Feel free to provide fixes.</p>
|
|
</div>
|
|
<p><strong>Important</strong>: This config only covers the "reverseproxing" of the webpannel (nginx-mailcow) using Traefik v2, if you also want to reverseproxy the mail services such as dovecot, postfix... you'll just need to adapt the following config to each container and create an <a href="https://docs.traefik.io/routing/entrypoints/">EntryPoint</a> on your <code>traefik.toml</code> or <code>traefik.yml</code> (depending which config you use) for each port. </p>
|
|
<p>For this section we'll assume you have your Traefik 2 <code>[certificatesresolvers]</code> properly configured on your traefik configuration file, and also using acme, also, the following example uses Lets Encrypt, but feel free to change it to your own cert resolver. You can find a basic Traefik 2 toml config file with all the above implemented which can be used for this example here <a href="https://github.com/Frenzoid/TraefikBasicConfig/blob/master/traefik.toml">traefik.toml</a> if you need one, or a hint on how to adapt your config.</p>
|
|
<p>So, first of all, we are going to disable the acme-mailcow container since we'll use the certs that traefik will provide us.
|
|
For this we'll have to set <code>SKIP_LETS_ENCRYPT=y</code> on our <code>mailcow.conf</code>, and run the following command to apply the changes:</p>
|
|
<div class="tabbed-set tabbed-alternate" data-tabs="2:2"><input checked="checked" id="__tabbed_2_1" name="__tabbed_2" type="radio" /><input id="__tabbed_2_2" name="__tabbed_2" type="radio" /><div class="tabbed-labels"><label for="__tabbed_2_1">docker compose (Plugin)</label><label for="__tabbed_2_2">docker-compose (Standalone)</label></div>
|
|
<div class="tabbed-content">
|
|
<div class="tabbed-block">
|
|
<div class="highlight"><pre><span></span><code>docker<span class="w"> </span>compose<span class="w"> </span>up<span class="w"> </span>-d
|
|
</code></pre></div>
|
|
</div>
|
|
<div class="tabbed-block">
|
|
<div class="highlight"><pre><span></span><code>docker-compose<span class="w"> </span>up<span class="w"> </span>-d
|
|
</code></pre></div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<p>Then we'll create a <code>docker-compose.override.yml</code> file in order to override the main <code>docker-compose.yml</code> found in your mailcow root folder. </p>
|
|
<div class="highlight"><pre><span></span><code><span class="nt">version</span><span class="p">:</span><span class="w"> </span><span class="s">'2.1'</span>
|
|
|
|
<span class="nt">services</span><span class="p">:</span>
|
|
<span class="w"> </span><span class="nt">nginx-mailcow</span><span class="p">:</span>
|
|
<span class="w"> </span><span class="nt">networks</span><span class="p">:</span>
|
|
<span class="w"> </span><span class="c1"># Add Traefik's network</span>
|
|
<span class="w"> </span><span class="nt">web</span><span class="p">:</span>
|
|
<span class="w"> </span><span class="nt">labels</span><span class="p">:</span>
|
|
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik.enable=true</span>
|
|
<span class="w"> </span><span class="c1"># Creates a router called "moo" for the container, and sets up a rule to link the container to certain rule,</span>
|
|
<span class="w"> </span><span class="c1"># in this case, a Host rule with our MAILCOW_HOSTNAME var.</span>
|
|
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik.http.routers.moo.rule=Host(`${MAILCOW_HOSTNAME}`)</span>
|
|
<span class="w"> </span><span class="c1"># Enables tls over the router we created before.</span>
|
|
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik.http.routers.moo.tls=true</span>
|
|
<span class="w"> </span><span class="c1"># Specifies which kind of cert resolver we'll use, in this case le (Lets Encrypt).</span>
|
|
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik.http.routers.moo.tls.certresolver=le</span>
|
|
<span class="w"> </span><span class="c1"># Creates a service called "moo" for the container, and specifies which internal port of the container</span>
|
|
<span class="w"> </span><span class="c1"># should traefik route the incoming data to.</span>
|
|
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik.http.services.moo.loadbalancer.server.port=${HTTP_PORT}</span>
|
|
<span class="w"> </span><span class="c1"># Specifies which entrypoint (external port) should traefik listen to, for this container.</span>
|
|
<span class="w"> </span><span class="c1"># websecure being port 443, check the traefik.toml file liked above.</span>
|
|
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik.http.routers.moo.entrypoints=websecure</span>
|
|
<span class="w"> </span><span class="c1"># Make sure traefik uses the web network, not the mailcowdockerized_mailcow-network</span>
|
|
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik.docker.network=web</span>
|
|
|
|
<span class="w"> </span><span class="nt">certdumper</span><span class="p">:</span>
|
|
<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">humenius/traefik-certs-dumper</span>
|
|
<span class="w"> </span><span class="nt">command</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--restart-containers ${COMPOSE_PROJECT_NAME}-postfix-mailcow-1,${COMPOSE_PROJECT_NAME}-nginx-mailcow-1,${COMPOSE_PROJECT_NAME}-dovecot-mailcow-1</span>
|
|
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">network_mode</span><span class="p p-Indicator">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">none</span>
|
|
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">volumes</span><span class="p p-Indicator">:</span>
|
|
<span class="w"> </span><span class="c1"># Mount the volume which contains Traefik's `acme.json' file</span>
|
|
<span class="w"> </span><span class="c1"># Configure the external name in the volume definition</span>
|
|
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">acme:/traefik:ro</span>
|
|
<span class="w"> </span><span class="c1"># Mount mailcow's SSL folder</span>
|
|
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">./data/assets/ssl/:/output:rw</span>
|
|
<span class="w"> </span><span class="c1"># Mount docker socket to restart containers</span>
|
|
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/var/run/docker.sock:/var/run/docker.sock:ro</span>
|
|
<span class="w"> </span><span class="w w-Error"> </span><span class="nt">restart</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">always</span>
|
|
<span class="w"> </span><span class="nt">environment</span><span class="p">:</span>
|
|
<span class="w"> </span><span class="c1"># only change this, if you're using another domain for mailcow's web frontend compared to the standard config</span>
|
|
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">DOMAIN=${MAILCOW_HOSTNAME}</span>
|
|
|
|
<span class="nt">networks</span><span class="p">:</span>
|
|
<span class="w"> </span><span class="nt">web</span><span class="p">:</span>
|
|
<span class="w"> </span><span class="nt">external</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
|
|
<span class="w"> </span><span class="c1"># Name of the external network</span>
|
|
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik_web</span>
|
|
|
|
<span class="nt">volumes</span><span class="p">:</span>
|
|
<span class="w"> </span><span class="nt">acme</span><span class="p">:</span>
|
|
<span class="w"> </span><span class="nt">external</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
|
|
<span class="w"> </span><span class="c1"># Name of the external docker volume which contains Traefik's `acme.json' file</span>
|
|
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik_acme</span>
|
|
</code></pre></div>
|
|
<p>Start the new containers with:</p>
|
|
<div class="tabbed-set tabbed-alternate" data-tabs="3:2"><input checked="checked" id="__tabbed_3_1" name="__tabbed_3" type="radio" /><input id="__tabbed_3_2" name="__tabbed_3" type="radio" /><div class="tabbed-labels"><label for="__tabbed_3_1">docker compose (Plugin)</label><label for="__tabbed_3_2">docker-compose (Standalone)</label></div>
|
|
<div class="tabbed-content">
|
|
<div class="tabbed-block">
|
|
<div class="highlight"><pre><span></span><code>docker<span class="w"> </span>compose<span class="w"> </span>up<span class="w"> </span>-d
|
|
</code></pre></div>
|
|
</div>
|
|
<div class="tabbed-block">
|
|
<div class="highlight"><pre><span></span><code>docker-compose<span class="w"> </span>up<span class="w"> </span>-d
|
|
</code></pre></div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<p>Now, there's only one thing left to do, which is setup the certs so that the mail services can use them as well, since Traefik 2 uses an acme v2 format to save ALL the license from all the domains we have, we'll need to find a way to dump the certs, lucky we have <a href="https://hub.docker.com/r/humenius/traefik-certs-dumper">this tiny container</a> which grabs the <code>acme.json</code> file trough a volume, and a variable <code>DOMAIN=example.org</code>, and with these, the container will output the <code>cert.pem</code> and <code>key.pem</code> files, for this we'll simply run the <code>traefik-certs-dumper</code> container binding the <code>/traefik</code> volume to the folder where our <code>acme.json</code> is saved, bind the <code>/output</code> volume to our mailcow <code>data/assets/ssl/</code> folder, and set up the <code>DOMAIN=example.org</code> variable to the domain we want the certs dumped from. </p>
|
|
<p>This container will watch over the <code>acme.json</code> file for any changes, and regenerate the <code>cert.pem</code> and <code>key.pem</code> files directly into <code>data/assets/ssl/</code> being the path binded to the container's <code>/output</code> path.</p>
|
|
<p>You can use the command line to run it, or use the docker-compose.yml shown <a href="https://hub.docker.com/r/humenius/traefik-certs-dumper">here</a>.</p>
|
|
<p>After we have the certs dumped, we'll have to reload the configs from our postfix and dovecot containers, and check the certs, you can see how <a href="https://mailcow.github.io/mailcow-dockerized-docs/firststeps-ssl/#how-to-use-your-own-certificate">here</a>.</p>
|
|
<p>Aaand that should be it 😊, you can check if the Traefik router works fine trough Traefik's dashboard / traefik logs / accessing the setted domain trough https, or / and check HTTPS, SMTP and IMAP trough the commands shown on the page linked before.</p>
|
|
<h3 id="caddy-v2-supported-by-the-community">Caddy v2 (supported by the community)<a class="headerlink" href="#caddy-v2-supported-by-the-community" title="Permanent link">¶</a></h3>
|
|
<div class="admonition warning">
|
|
<p class="admonition-title">Warning</p>
|
|
<p>This is an unsupported community contribution. Feel free to provide fixes.</p>
|
|
</div>
|
|
<p>The configuration of Caddy with mailcow is very simple.</p>
|
|
<p>In the caddyfile you just have to create a section for the mailserver.</p>
|
|
<p>For example
|
|
<div class="highlight"><pre><span></span><code><span class="hll">MAILCOW_HOSTNAME autodiscover.MAILCOW_HOSTNAME autoconfig.MAILCOW_HOSTNAME {
|
|
</span> log {
|
|
<span class="hll"> output file /var/log/caddy/MAILCOW_HOSTNAME.log {
|
|
</span> roll_disabled
|
|
roll_size 512M
|
|
roll_uncompressed
|
|
roll_local_time
|
|
roll_keep 3
|
|
roll_keep_for 48h
|
|
}
|
|
}
|
|
|
|
<span class="hll"> reverse_proxy 127.0.0.1:HTTP_BIND
|
|
</span>}
|
|
</code></pre></div></p>
|
|
<p>This allows Caddy to automatically create the certificates and accept traffic for these mentioned domains and forward them to mailcow.</p>
|
|
<p><strong>Important</strong>: The ACME client of mailcow must be disabled, otherwise mailcow will fail.</p>
|
|
<p>Since Caddy takes care of the certificates itself, we can use the following script to include the Caddy generated certificates into mailcow:</p>
|
|
<div class="highlight"><pre><span></span><code><span class="ch">#!/bin/bash</span>
|
|
<span class="nv">MD5SUM_CURRENT_CERT</span><span class="o">=(</span><span class="k">$(</span>md5sum<span class="w"> </span>/opt/mailcow-dockerized/data/assets/ssl/cert.pem<span class="k">)</span><span class="o">)</span>
|
|
<span class="nv">MD5SUM_NEW_CERT</span><span class="o">=(</span><span class="k">$(</span>md5sum<span class="w"> </span>/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/your.domain.tld/your.domain.tld.crt<span class="k">)</span><span class="o">)</span>
|
|
|
|
<span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span><span class="nv">$MD5SUM_CURRENT_CERT</span><span class="w"> </span>!<span class="o">=</span><span class="w"> </span><span class="nv">$MD5SUM_NEW_CERT</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span>
|
|
<span class="w"> </span>cp<span class="w"> </span>/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/your.domain.tld/your.domain.tld.crt<span class="w"> </span>/opt/mailcow-dockerized/data/assets/ssl/cert.pem
|
|
<span class="w"> </span>cp<span class="w"> </span>/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/your.domain.tld/your.domain.tld.key<span class="w"> </span>/opt/mailcow-dockerized/data/assets/ssl/key.pem
|
|
<span class="w"> </span><span class="nv">postfix_c</span><span class="o">=</span><span class="k">$(</span>docker<span class="w"> </span>ps<span class="w"> </span>-qaf<span class="w"> </span><span class="nv">name</span><span class="o">=</span>postfix-mailcow<span class="k">)</span>
|
|
<span class="w"> </span><span class="nv">dovecot_c</span><span class="o">=</span><span class="k">$(</span>docker<span class="w"> </span>ps<span class="w"> </span>-qaf<span class="w"> </span><span class="nv">name</span><span class="o">=</span>dovecot-mailcow<span class="k">)</span>
|
|
<span class="w"> </span><span class="nv">nginx_c</span><span class="o">=</span><span class="k">$(</span>docker<span class="w"> </span>ps<span class="w"> </span>-qaf<span class="w"> </span><span class="nv">name</span><span class="o">=</span>nginx-mailcow<span class="k">)</span>
|
|
<span class="w"> </span>docker<span class="w"> </span>restart<span class="w"> </span><span class="si">${</span><span class="nv">postfix_c</span><span class="si">}</span><span class="w"> </span><span class="si">${</span><span class="nv">dovecot_c</span><span class="si">}</span><span class="w"> </span><span class="si">${</span><span class="nv">nginx_c</span><span class="si">}</span>
|
|
|
|
<span class="k">else</span>
|
|
<span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="s2">"Certs not copied from Caddy (Not needed)"</span>
|
|
<span class="k">fi</span>
|
|
</code></pre></div>
|
|
<div class="admonition warning">
|
|
<p class="admonition-title">Attention</p>
|
|
<p>Caddy's certificate path varies depending on the installation type.<br>
|
|
In this installation example, Caddy was installed using the Caddy repo (<a href="https://caddyserver.com/docs/install#debian-ubuntu-raspbian">more informations here</a>).<br>
|
|
<br>
|
|
To find out the Caddy certificate path on your system, just run a <code>find / -name "certificates"</code>.</p>
|
|
</div>
|
|
<p>This script could be called as a cronjob every hour:</p>
|
|
<div class="highlight"><pre><span></span><code><span class="m">0</span><span class="w"> </span>*<span class="w"> </span>*<span class="w"> </span>*<span class="w"> </span>*<span class="w"> </span>/bin/bash<span class="w"> </span>/path/to/script/deploy-certs.sh<span class="w"> </span>>/dev/null<span class="w"> </span><span class="m">2</span>><span class="p">&</span><span class="m">1</span>
|
|
</code></pre></div>
|
|
<h3 id="optional-post-hook-script-for-non-mailcow-acme-clients">Optional: Post-hook script for non-mailcow ACME clients<a class="headerlink" href="#optional-post-hook-script-for-non-mailcow-acme-clients" title="Permanent link">¶</a></h3>
|
|
<p>Using a local certbot (or any other ACME client) requires to restart some containers, you can do this with a post-hook script.
|
|
Make sure you change the paths accordingly:
|
|
<div class="highlight"><pre><span></span><code>#!/bin/bash
|
|
cp /etc/letsencrypt/live/my.domain.tld/fullchain.pem /opt/mailcow-dockerized/data/assets/ssl/cert.pem
|
|
cp /etc/letsencrypt/live/my.domain.tld/privkey.pem /opt/mailcow-dockerized/data/assets/ssl/key.pem
|
|
postfix_c=$(docker ps -qaf name=postfix-mailcow)
|
|
dovecot_c=$(docker ps -qaf name=dovecot-mailcow)
|
|
nginx_c=$(docker ps -qaf name=nginx-mailcow)
|
|
docker restart ${postfix_c} ${dovecot_c} ${nginx_c}
|
|
</code></pre></div></p>
|
|
<h3 id="adding-additional-server-names-for-mailcow-ui">Adding additional server names for mailcow UI<a class="headerlink" href="#adding-additional-server-names-for-mailcow-ui" title="Permanent link">¶</a></h3>
|
|
<p>If you plan to use a server name that is not <code>MAILCOW_HOSTNAME</code> in your reverse proxy, make sure to populate that name in mailcow.conf via <code>ADDITIONAL_SERVER_NAMES</code> first. Names must be separated by commas and <strong>must not</strong> contain spaces. If you skip this step, mailcow may respond to your reverse proxy with an incorrect site.</p>
|
|
<div class="highlight"><pre><span></span><code>ADDITIONAL_SERVER_NAMES=webmail.domain.tld,other.example.tld
|
|
</code></pre></div>
|
|
<p>Run the following command to apply:</p>
|
|
<div class="tabbed-set tabbed-alternate" data-tabs="4:2"><input checked="checked" id="__tabbed_4_1" name="__tabbed_4" type="radio" /><input id="__tabbed_4_2" name="__tabbed_4" type="radio" /><div class="tabbed-labels"><label for="__tabbed_4_1">docker compose (Plugin)</label><label for="__tabbed_4_2">docker-compose (Standalone)</label></div>
|
|
<div class="tabbed-content">
|
|
<div class="tabbed-block">
|
|
<div class="highlight"><pre><span></span><code>docker<span class="w"> </span>compose<span class="w"> </span>up<span class="w"> </span>-d
|
|
</code></pre></div>
|
|
</div>
|
|
<div class="tabbed-block">
|
|
<div class="highlight"><pre><span></span><code>docker-compose<span class="w"> </span>up<span class="w"> </span>-d
|
|
</code></pre></div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<hr>
|
|
<div class="md-source-file">
|
|
<small>
|
|
|
|
Last update:
|
|
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-iso_datetime">2023-01-13 18:16:08</span>
|
|
|
|
|
|
</small>
|
|
</div>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</article>
|
|
</div>
|
|
|
|
|
|
<script>var tabs=__md_get("__tabs");if(Array.isArray(tabs))e:for(var set of document.querySelectorAll(".tabbed-set")){var tab,labels=set.querySelector(".tabbed-labels");for(tab of tabs)for(var label of labels.getElementsByTagName("label"))if(label.innerText.trim()===tab){var input=document.getElementById(label.htmlFor);input.checked=!0;continue e}}</script>
|
|
|
|
</div>
|
|
|
|
<a href="#" class="md-top md-icon" data-md-component="top" hidden>
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M13 20h-2V8l-5.5 5.5-1.42-1.42L12 4.16l7.92 7.92-1.42 1.42L13 8v12Z"/></svg>
|
|
Back to top
|
|
</a>
|
|
|
|
</main>
|
|
|
|
<footer class="md-footer">
|
|
|
|
<div class="md-footer-meta md-typeset">
|
|
<div class="md-footer-meta__inner md-grid">
|
|
<div class="md-copyright">
|
|
|
|
<div class="md-copyright__highlight">
|
|
Copyright © 2023 Servercow Team & Community
|
|
</div>
|
|
|
|
|
|
Made with
|
|
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
|
|
Material for MkDocs
|
|
</a>
|
|
|
|
</div>
|
|
|
|
<div class="md-social">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<a href="https://mailcow.email" target="_blank" rel="noopener" title="mailcow.email" class="md-social__link">
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M352 256c0 22.2-1.2 43.6-3.3 64H163.3c-2.2-20.4-3.3-41.8-3.3-64s1.2-43.6 3.3-64h185.4c2.2 20.4 3.3 41.8 3.3 64zm28.8-64h123.1c5.3 20.5 8.1 41.9 8.1 64s-2.8 43.5-8.1 64H380.8c2.1-20.6 3.2-42 3.2-64s-1.1-43.4-3.2-64zm112.6-32H376.7c-10-63.9-29.8-117.4-55.3-151.6 78.3 20.7 142 77.5 171.9 151.6zm-149.1 0H167.7c6.1-36.4 15.5-68.6 27-94.7 10.5-23.6 22.2-40.7 33.5-51.5C239.4 3.2 248.7 0 256 0s16.6 3.2 27.8 13.8c11.3 10.8 23 27.9 33.5 51.5 11.6 26 21 58.2 27 94.7zm-209 0H18.6c30-74.1 93.6-130.9 172-151.6-25.5 34.2-45.3 87.7-55.3 151.6zM8.1 192h123.1c-2.1 20.6-3.2 42-3.2 64s1.1 43.4 3.2 64H8.1C2.8 299.5 0 278.1 0 256s2.8-43.5 8.1-64zm186.6 254.6c-11.6-26-20.9-58.2-27-94.6h176.6c-6.1 36.4-15.5 68.6-27 94.6-10.5 23.6-22.2 40.7-33.5 51.5-11.2 10.7-20.5 13.9-27.8 13.9s-16.6-3.2-27.8-13.8c-11.3-10.8-23-27.9-33.5-51.5zM135.3 352c10 63.9 29.8 117.4 55.3 151.6-78.4-20.7-142-77.5-172-151.6h116.7zm358.1 0c-30 74.1-93.6 130.9-171.9 151.6 25.5-34.2 45.2-87.7 55.3-151.6h116.6z"/></svg>
|
|
</a>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<a href="https://github.com/mailcow" target="_blank" rel="noopener" title="github.com" class="md-social__link">
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 480 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M186.1 328.7c0 20.9-10.9 55.1-36.7 55.1s-36.7-34.2-36.7-55.1 10.9-55.1 36.7-55.1 36.7 34.2 36.7 55.1zM480 278.2c0 31.9-3.2 65.7-17.5 95-37.9 76.6-142.1 74.8-216.7 74.8-75.8 0-186.2 2.7-225.6-74.8-14.6-29-20.2-63.1-20.2-95 0-41.9 13.9-81.5 41.5-113.6-5.2-15.8-7.7-32.4-7.7-48.8 0-21.5 4.9-32.3 14.6-51.8 45.3 0 74.3 9 108.8 36 29-6.9 58.8-10 88.7-10 27 0 54.2 2.9 80.4 9.2 34-26.7 63-35.2 107.8-35.2 9.8 19.5 14.6 30.3 14.6 51.8 0 16.4-2.6 32.7-7.7 48.2 27.5 32.4 39 72.3 39 114.2zm-64.3 50.5c0-43.9-26.7-82.6-73.5-82.6-18.9 0-37 3.4-56 6-14.9 2.3-29.8 3.2-45.1 3.2-15.2 0-30.1-.9-45.1-3.2-18.7-2.6-37-6-56-6-46.8 0-73.5 38.7-73.5 82.6 0 87.8 80.4 101.3 150.4 101.3h48.2c70.3 0 150.6-13.4 150.6-101.3zm-82.6-55.1c-25.8 0-36.7 34.2-36.7 55.1s10.9 55.1 36.7 55.1 36.7-34.2 36.7-55.1-10.9-55.1-36.7-55.1z"/></svg>
|
|
</a>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<a href="https://twitter.com/mailcow_email" target="_blank" rel="noopener" title="twitter.com" class="md-social__link">
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M459.37 151.716c.325 4.548.325 9.097.325 13.645 0 138.72-105.583 298.558-298.558 298.558-59.452 0-114.68-17.219-161.137-47.106 8.447.974 16.568 1.299 25.34 1.299 49.055 0 94.213-16.568 130.274-44.832-46.132-.975-84.792-31.188-98.112-72.772 6.498.974 12.995 1.624 19.818 1.624 9.421 0 18.843-1.3 27.614-3.573-48.081-9.747-84.143-51.98-84.143-102.985v-1.299c13.969 7.797 30.214 12.67 47.431 13.319-28.264-18.843-46.781-51.005-46.781-87.391 0-19.492 5.197-37.36 14.294-52.954 51.655 63.675 129.3 105.258 216.365 109.807-1.624-7.797-2.599-15.918-2.599-24.04 0-57.828 46.782-104.934 104.934-104.934 30.213 0 57.502 12.67 76.67 33.137 23.715-4.548 46.456-13.32 66.599-25.34-7.798 24.366-24.366 44.833-46.132 57.827 21.117-2.273 41.584-8.122 60.426-16.243-14.292 20.791-32.161 39.308-52.628 54.253z"/></svg>
|
|
</a>
|
|
|
|
</div>
|
|
|
|
</div>
|
|
</div>
|
|
</footer>
|
|
|
|
</div>
|
|
<div class="md-dialog" data-md-component="dialog">
|
|
<div class="md-dialog__inner md-typeset"></div>
|
|
</div>
|
|
|
|
<script id="__config" type="application/json">{"base": "../../..", "features": ["navigation.top", "navigation.tracking", "announce.dismiss", "content.tabs.link"], "search": "../../../assets/javascripts/workers/search.e5c33ebb.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
|
|
|
|
|
|
<script src="../../../assets/javascripts/bundle.ba449ae6.min.js"></script>
|
|
|
|
<script src="../../../assets/javascripts/client.js"></script>
|
|
|
|
|
|
</body>
|
|
</html> |