nickslowinski/mailcow-dockerized-docs
1
0
Fork 0
Code Issues Pull-Requests Projekte Releases Pakete Wiki AktivitÀt
mailcow-dockerized-docs/de/post_installation/firststeps-rp/index.html

2991 Zeilen
Kein EOL
93 KiB
HTML
Originalformat Blame Verlauf

<!doctype html>
<html lang="de" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="canonical" href="https://docs.mailcow.email/de/post_installation/firststeps-rp/">
<link rel="prev" href="../firststeps-logging/">
<link rel="next" href="../firststeps-rspamd_ui/">
<link rel="icon" href="../../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.4.2, mkdocs-material-9.0.11">
<title>Reverse Proxy - mailcow: dockerized documentation</title>
<link rel="stylesheet" href="../../../assets/stylesheets/main.0d440cfe.min.css">
<link rel="stylesheet" href="../../../assets/stylesheets/palette.2505c338.min.css">
<link rel="stylesheet" href="../../../assets/stylesheets/extra.css">
<script>__md_scope=new URL("../../..",location),__md_hash=e=>[...e].reduce((e,_)=>(e<<5)-e+_.charCodeAt(0),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
</head>
<body dir="ltr" data-md-color-scheme="default" data-md-color-primary="" data-md-color-accent="">
<script>var palette=__md_get("__palette");if(palette&&"object"==typeof palette.color)for(var key of Object.keys(palette.color))document.body.setAttribute("data-md-color-"+key,palette.color[key])</script>
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#apache-24" class="md-skip">
Zum Inhalt
</a>
</div>
<div data-md-component="announce">
<aside class="md-banner">
<div class="md-banner__inner md-grid md-typeset">
<button class="md-banner__button md-icon" aria-label="Nicht mehr anzeigen">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
</button>
<center><h4>Alle Befehle sind gemĂ€ĂŸ der Syntax des <a style="color:#6390e5;" href="https://docs.docker.com/compose/install/linux/">Docker Compose Plugin</a> und der <a style="color:#6390e5;" href="https://docs.docker.com/compose/install/other/">Standalone Variante</a> anwĂ€hlbar.<br></h4></center>
</div>
<script>var content,el=document.querySelector("[data-md-component=announce]");el&&(content=el.querySelector(".md-typeset"),__md_hash(content.innerHTML)===__md_get("__announce")&&(el.hidden=!0))</script>
</aside>
</div>
<header class="md-header" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Kopfzeile">
<a href="../../" title="mailcow: dockerized documentation" class="md-header__button md-logo" aria-label="mailcow: dockerized documentation" data-md-component="logo">
<img src="../../../assets/images/logo.svg" alt="logo">
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
mailcow: dockerized documentation
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
Reverse Proxy
</span>
</div>
</div>
</div>
<form class="md-header__option" data-md-component="palette">
<input class="md-option" data-md-color-media="" data-md-color-scheme="default" data-md-color-primary="" data-md-color-accent="" aria-label="Switch to dark mode" type="radio" name="__palette" id="__palette_1">
<label class="md-header__button md-icon" title="Switch to dark mode" for="__palette_2" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="m17.75 4.09-2.53 1.94.91 3.06-2.63-1.81-2.63 1.81.91-3.06-2.53-1.94L12.44 4l1.06-3 1.06 3 3.19.09m3.5 6.91-1.64 1.25.59 1.98-1.7-1.17-1.7 1.17.59-1.98L15.75 11l2.06-.05L18.5 9l.69 1.95 2.06.05m-2.28 4.95c.83-.08 1.72 1.1 1.19 1.85-.32.45-.66.87-1.08 1.27C15.17 23 8.84 23 4.94 19.07c-3.91-3.9-3.91-10.24 0-14.14.4-.4.82-.76 1.27-1.08.75-.53 1.93.36 1.85 1.19-.27 2.86.69 5.83 2.89 8.02a9.96 9.96 0 0 0 8.02 2.89m-1.64 2.02a12.08 12.08 0 0 1-7.8-3.47c-2.17-2.19-3.33-5-3.49-7.82-2.81 3.14-2.7 7.96.31 10.98 3.02 3.01 7.84 3.12 10.98.31Z"/></svg>
</label>
<input class="md-option" data-md-color-media="" data-md-color-scheme="slate" data-md-color-primary="" data-md-color-accent="" aria-label="Switch to light mode" type="radio" name="__palette" id="__palette_2">
<label class="md-header__button md-icon" title="Switch to light mode" for="__palette_1" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 7a5 5 0 0 1 5 5 5 5 0 0 1-5 5 5 5 0 0 1-5-5 5 5 0 0 1 5-5m0 2a3 3 0 0 0-3 3 3 3 0 0 0 3 3 3 3 0 0 0 3-3 3 3 0 0 0-3-3m0-7 2.39 3.42C13.65 5.15 12.84 5 12 5c-.84 0-1.65.15-2.39.42L12 2M3.34 7l4.16-.35A7.2 7.2 0 0 0 5.94 8.5c-.44.74-.69 1.5-.83 2.29L3.34 7m.02 10 1.76-3.77a7.131 7.131 0 0 0 2.38 4.14L3.36 17M20.65 7l-1.77 3.79a7.023 7.023 0 0 0-2.38-4.15l4.15.36m-.01 10-4.14.36c.59-.51 1.12-1.14 1.54-1.86.42-.73.69-1.5.83-2.29L20.64 17M12 22l-2.41-3.44c.74.27 1.55.44 2.41.44.82 0 1.63-.17 2.37-.44L12 22Z"/></svg>
</label>
</form>
<div class="md-header__option">
<div class="md-select">
<button class="md-header__button md-icon" aria-label="Sprache wechseln">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="m12.87 15.07-2.54-2.51.03-.03A17.52 17.52 0 0 0 14.07 6H17V4h-7V2H8v2H1v2h11.17C11.5 7.92 10.44 9.75 9 11.35 8.07 10.32 7.3 9.19 6.69 8h-2c.73 1.63 1.73 3.17 2.98 4.56l-5.09 5.02L4 19l5-5 3.11 3.11.76-2.04M18.5 10h-2L12 22h2l1.12-3h4.75L21 22h2l-4.5-12m-2.62 7 1.62-4.33L19.12 17h-3.24Z"/></svg>
</button>
<div class="md-select__inner">
<ul class="md-select__list">
<li class="md-select__item">
<a href="../../../post_installation/firststeps-rp/" hreflang="en" class="md-select__link">
English
</a>
</li>
<li class="md-select__item">
<a href="./" hreflang="de" class="md-select__link">
Deutsch
</a>
</li>
</ul>
</div>
</div>
</div>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Suche" placeholder="Suche" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</label>
<nav class="md-search__options" aria-label="Suche">
<button type="reset" class="md-search__icon md-icon" title="ZurĂŒcksetzen" aria-label="ZurĂŒcksetzen" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
</button>
</nav>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Suche wird initialisiert
</div>
<ol class="md-search-result__list" role="presentation"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header__source">
<a href="https://github.com/mailcow/mailcow-dockerized" title="Zum Repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
mailcow/mailcow-dockerized
</div>
</a>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="../../" title="mailcow: dockerized documentation" class="md-nav__button md-logo" aria-label="mailcow: dockerized documentation" data-md-component="logo">
<img src="../../../assets/images/logo.svg" alt="logo">
</a>
mailcow: dockerized documentation
</label>
<div class="md-nav__source">
<a href="https://github.com/mailcow/mailcow-dockerized" title="Zum Repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
mailcow/mailcow-dockerized
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../" class="md-nav__link">
Informationen & Support
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_2" >
<label class="md-nav__link" for="__nav_2" id="__nav_2_label" tabindex="0">
Voraussetzungen
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Voraussetzungen
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../prerequisite/prerequisite-system/" class="md-nav__link">
Systemvoraussetzungen
</a>
</li>
<li class="md-nav__item">
<a href="../../prerequisite/prerequisite-dns/" class="md-nav__link">
DNS Einstellungen
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_3" >
<label class="md-nav__link" for="__nav_3" id="__nav_3_label" tabindex="0">
Installation, Update und Migration
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_3_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span>
Installation, Update und Migration
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../i_u_m/i_u_m_install/" class="md-nav__link">
Installation
</a>
</li>
<li class="md-nav__item">
<a href="../../i_u_m/i_u_m_update/" class="md-nav__link">
Update
</a>
</li>
<li class="md-nav__item">
<a href="../../i_u_m/i_u_m_migration/" class="md-nav__link">
Migration
</a>
</li>
<li class="md-nav__item">
<a href="../../i_u_m/i_u_m_deinstall/" class="md-nav__link">
Deinstallation
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_4" checked>
<label class="md-nav__link" for="__nav_4" id="__nav_4_label" tabindex="0">
Post-Installationsaufgaben
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_4_label" aria-expanded="true">
<label class="md-nav__title" for="__nav_4">
<span class="md-nav__icon md-icon"></span>
Post-Installationsaufgaben
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../firststeps-ssl/" class="md-nav__link">
Erweitertes SSL
</a>
</li>
<li class="md-nav__item">
<a href="../firststeps-disable_ipv6/" class="md-nav__link">
IPv6 deaktivieren
</a>
</li>
<li class="md-nav__item">
<a href="../firststeps-dmarc_reporting/" class="md-nav__link">
DMARC Reporting
</a>
</li>
<li class="md-nav__item">
<a href="../firststeps-ip_bindings/" class="md-nav__link">
IP-Bindings
</a>
</li>
<li class="md-nav__item">
<a href="../firststeps-local_mta/" class="md-nav__link">
Lokaler MTA auf Docker-Host
</a>
</li>
<li class="md-nav__item">
<a href="../firststeps-logging/" class="md-nav__link">
Logging
</a>
</li>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc">
Reverse Proxy
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" class="md-nav__link md-nav__link--active">
Reverse Proxy
</a>
<nav class="md-nav md-nav--secondary" aria-label="Inhaltsverzeichnis">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Inhaltsverzeichnis
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#apache-24" class="md-nav__link">
Apache 2.4
</a>
</li>
<li class="md-nav__item">
<a href="#nginx" class="md-nav__link">
Nginx
</a>
</li>
<li class="md-nav__item">
<a href="#haproxy-von-der-community-unterstutzt" class="md-nav__link">
HAProxy (von der Community unterstĂŒtzt)
</a>
</li>
<li class="md-nav__item">
<a href="#traefik-v2-von-der-community-unterstutzt" class="md-nav__link">
Traefik v2 (von der Community unterstĂŒtzt)
</a>
</li>
<li class="md-nav__item">
<a href="#caddy-v2-von-der-community-unterstutzt" class="md-nav__link">
Caddy v2 (von der Community unterstĂŒtzt)
</a>
</li>
<li class="md-nav__item">
<a href="#optional-post-hook-skript-fur-nicht-mailcow-acme-clients" class="md-nav__link">
Optional: Post-Hook-Skript fĂŒr nicht-mailcow ACME-Clients
</a>
</li>
<li class="md-nav__item">
<a href="#hinzufugen-weiterer-servernamen-fur-mailcow-ui" class="md-nav__link">
HinzufĂŒgen weiterer Servernamen fĂŒr mailcow UI
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../firststeps-rspamd_ui/" class="md-nav__link">
Rspamd UI
</a>
</li>
<li class="md-nav__item">
<a href="../firststeps-snat/" class="md-nav__link">
SNAT
</a>
</li>
<li class="md-nav__item">
<a href="../firststeps-sync_jobs_migration/" class="md-nav__link">
Migration mit Sync Jobs
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_5" >
<label class="md-nav__link" for="__nav_5" id="__nav_5_label" tabindex="0">
Modelle
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_5_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_5">
<span class="md-nav__icon md-icon"></span>
Modelle
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../models/model-acl/" class="md-nav__link">
ACL
</a>
</li>
<li class="md-nav__item">
<a href="../../models/model-passwd/" class="md-nav__link">
Passwort-Hashing
</a>
</li>
<li class="md-nav__item">
<a href="../../models/model-sender_rcv/" class="md-nav__link">
Sender- und EmpfÀngermodell
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_6" >
<label class="md-nav__link" for="__nav_6" id="__nav_6_label" tabindex="0">
Allgemeine Fehlersuche
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_6_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_6">
<span class="md-nav__icon md-icon"></span>
Allgemeine Fehlersuche
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../troubleshooting/debug/" class="md-nav__link">
EinfĂŒhrung
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-admin_login_sogo/" class="md-nav__link">
Admin-Anmeldung bei SOGo
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-rspamd_memory_leaks/" class="md-nav__link">
Fortgeschritten: Memory-Leaks in Rspamd finden
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-attach_service/" class="md-nav__link">
In einen Container wechseln (CLI)
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-common_problems/" class="md-nav__link">
HĂ€ufig auftretende Probleme
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-logs/" class="md-nav__link">
Logs
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-mysql_upgrade/" class="md-nav__link">
Manuelles MySQL-Upgrade
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-mysql_aria/" class="md-nav__link">
AbgestĂŒrzte Aria-Speicher-Engine wiederherstellen
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-rm_volumes/" class="md-nav__link">
Persistente Daten löschen
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-reset_pw/" class="md-nav__link">
Passwörter zurĂŒcksetzen (inkl. SQL)
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-reset_tls/" class="md-nav__link">
TLS-Zertifikate zurĂŒcksetzen
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_7" >
<label class="md-nav__link" for="__nav_7" id="__nav_7_label" tabindex="0">
Sichern & Wiederherstellen
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_7_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_7">
<span class="md-nav__icon md-icon"></span>
Sichern & Wiederherstellen
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_7_1" >
<label class="md-nav__link" for="__nav_7_1" id="__nav_7_1_label" tabindex="0">
Sicherung und Wiederherstellung von Komponenten
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_7_1_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_7_1">
<span class="md-nav__icon md-icon"></span>
Sicherung und Wiederherstellung von Komponenten
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../backup_restore/b_n_r-backup/" class="md-nav__link">
Sicherung
</a>
</li>
<li class="md-nav__item">
<a href="../../backup_restore/b_n_r-restore/" class="md-nav__link">
Wiederherstellung
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../backup_restore/b_n_r-coldstandby/" class="md-nav__link">
Cold-standby (rollende Sicherung)
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_7_3" >
<label class="md-nav__link" for="__nav_7_3" id="__nav_7_3_label" tabindex="0">
Manuelle Sicherung
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_7_3_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_7_3">
<span class="md-nav__icon md-icon"></span>
Manuelle Sicherung
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../backup_restore/b_n_r-backup_restore-maildir/" class="md-nav__link">
Mail-Verzeichnis
</a>
</li>
<li class="md-nav__item">
<a href="../../backup_restore/b_n_r-backup_restore-mysql/" class="md-nav__link">
MySQL (mysqldump)
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_7_4" >
<label class="md-nav__link" for="__nav_7_4" id="__nav_7_4_label" tabindex="0">
Interne mailcow Sicherungen
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_7_4_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_7_4">
<span class="md-nav__icon md-icon"></span>
Interne mailcow Sicherungen
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../backup_restore/b_n_r-accidental_deletion/" class="md-nav__link">
Versehentlich gelöschte Daten wiederherstellen
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_8" >
<label class="md-nav__link" for="__nav_8" id="__nav_8_label" tabindex="0">
Anleitungen/Beispiele
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_8_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_8">
<span class="md-nav__icon md-icon"></span>
Anleitungen/Beispiele
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_8_1" >
<label class="md-nav__link" for="__nav_8_1" id="__nav_8_1_label" tabindex="0">
mailcow UI
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_8_1_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_8_1">
<span class="md-nav__icon md-icon"></span>
mailcow UI
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-bl_wl/" class="md-nav__link">
Blacklist / Whitelist
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-config/" class="md-nav__link">
Konfiguration
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-css/" class="md-nav__link">
CSS-Überschreibungen
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-netfilter/" class="md-nav__link">
Netfilter
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-pushover/" class="md-nav__link">
Pushover
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-spamfilter/" class="md-nav__link">
Spamfilter
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-sub_addressing/" class="md-nav__link">
Sub-Adressierung
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-tags/" class="md-nav__link">
Tags (fĂŒr Domains und Mailboxen)
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-spamalias/" class="md-nav__link">
TemporÀre E-Mail-Aliase
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-tfa/" class="md-nav__link">
Zwei-Faktor Authentifizierung
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-fido/" class="md-nav__link">
WebAuthn / FIDO2
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_8_2" >
<label class="md-nav__link" for="__nav_8_2" id="__nav_8_2_label" tabindex="0">
Postfix
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_8_2_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_8_2">
<span class="md-nav__icon md-icon"></span>
Postfix
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../manual-guides/Postfix/u_e-postfix-trust_networks/" class="md-nav__link">
VertrauenswĂŒrdige Netzwerke hinzufĂŒgen
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Postfix/u_e-postfix-custom_transport/" class="md-nav__link">
Benutzerdefinierte Transportmaps
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Postfix/u_e-postfix-extra_cf/" class="md-nav__link">
main.cf anpassen/erweitern
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Postfix/u_e-postfix-disable_sender_verification/" class="md-nav__link">
ÜberprĂŒfung der Absenderadressen deaktivieren
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Postfix/u_e-postfix-attachment_size/" class="md-nav__link">
Maximale NachrichtengrĂ¶ĂŸe (GrĂ¶ĂŸe des Anhangs)
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Postfix/u_e-postfix-relayhost/" class="md-nav__link">
Relayhosts
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Postfix/u_e-postfix-pflogsumm/" class="md-nav__link">
Statistik mit pflogsumm
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Postfix/u_e-postfix-postscreen_whitelist/" class="md-nav__link">
IP in Postscreen auf die Whitelist setzen
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_8_3" >
<label class="md-nav__link" for="__nav_8_3" id="__nav_8_3_label" tabindex="0">
Unbound
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_8_3_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_8_3">
<span class="md-nav__icon md-icon"></span>
Unbound
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../manual-guides/Unbound/u_e-unbound-fwd/" class="md-nav__link">
Verwendung eines externen DNS-Dienstes
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_8_4" >
<label class="md-nav__link" for="__nav_8_4" id="__nav_8_4_label" tabindex="0">
Dovecot
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_8_4_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_8_4">
<span class="md-nav__icon md-icon"></span>
Dovecot
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-extra_conf/" class="md-nav__link">
Anpassen/Erweitern von dovecot.conf
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-any_acl/" class="md-nav__link">
Aktivierung von "any" ACL-Einstellungen
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-expunge/" class="md-nav__link">
Löschen der Mails eines Benutzers
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-fts/" class="md-nav__link">
FTS (Solr)
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-idle_interval/" class="md-nav__link">
IMAP IDLE-Intervall
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-mail-crypt/" class="md-nav__link">
Mail crypt
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-more/" class="md-nav__link">
Weitere Beispiele mit DOVEADM
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-vmail-volume/" class="md-nav__link">
Maildir verschieben (vmail)
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-public_folder/" class="md-nav__link">
Öffentliche Ordner
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-static_master/" class="md-nav__link">
Statischer Hauptbenutzer
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-catchall_vacation/" class="md-nav__link">
Urlaubsantworten fĂŒr Catchall-Adressen
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_8_5" >
<label class="md-nav__link" for="__nav_8_5" id="__nav_8_5_label" tabindex="0">
Nginx
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_8_5_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_8_5">
<span class="md-nav__icon md-icon"></span>
Nginx
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../manual-guides/Nginx/u_e-nginx_webmail-site/" class="md-nav__link">
SubdomÀne webmail.example.org erstellen
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Nginx/u_e-nginx_custom/" class="md-nav__link">
Benutzerdefinierte Seiten
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_8_6" >
<label class="md-nav__link" for="__nav_8_6" id="__nav_8_6_label" tabindex="0">
Watchdog
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_8_6_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_8_6">
<span class="md-nav__icon md-icon"></span>
Watchdog
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../manual-guides/Watchdog/u_e-watchdog-thresholds/" class="md-nav__link">
Thresholds
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Redis/u_e-redis/" class="md-nav__link">
Redis
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Rspamd/u_e-rspamd/" class="md-nav__link">
Rspamd
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_8_9" >
<label class="md-nav__link" for="__nav_8_9" id="__nav_8_9_label" tabindex="0">
ClamAV
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_8_9_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_8_9">
<span class="md-nav__icon md-icon"></span>
ClamAV
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../manual-guides/ClamAV/u_e-clamav-whitelist/" class="md-nav__link">
Whitelist
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/ClamAV/u_e-clamav-additional_dbs/" class="md-nav__link">
Weitere Datenbanken
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/SOGo/u_e-sogo/" class="md-nav__link">
SOGo
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_8_11" >
<label class="md-nav__link" for="__nav_8_11" id="__nav_8_11_label" tabindex="0">
Docker
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_8_11_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_8_11">
<span class="md-nav__icon md-icon"></span>
Docker
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../manual-guides/Docker/u_e-docker-cust_dockerfiles/" class="md-nav__link">
Dockerfiles anpassen
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/u_e-why_unbound/" class="md-nav__link">
Warum unbound?
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/u_e-autodiscover_config/" class="md-nav__link">
Autodiscover / Autoconfig
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/u_e-80_to_443/" class="md-nav__link">
HTTP auf HTTPS umleiten
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/u_e-reeanble-weak-protocols/" class="md-nav__link">
TLS 1.0 und TLS 1.1 wieder aktivieren
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/u_e-update-hooks/" class="md-nav__link">
Skripte vor und nach Aktualisierungen ausfĂŒhren
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_9" >
<label class="md-nav__link" for="__nav_9" id="__nav_9_label" tabindex="0">
Client-Konfiguration
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_9_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_9">
<span class="md-nav__icon md-icon"></span>
Client-Konfiguration
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../client/client/" class="md-nav__link">
Übersicht
</a>
</li>
<li class="md-nav__item">
<a href="../../client/client-android/" class="md-nav__link">
Android
</a>
</li>
<li class="md-nav__item">
<a href="../../client/client-apple/" class="md-nav__link">
Apple macOS / iOS
</a>
</li>
<li class="md-nav__item">
<a href="../../client/client-emclient/" class="md-nav__link">
eM Client
</a>
</li>
<li class="md-nav__item">
<a href="../../client/client-kontact/" class="md-nav__link">
KDE Kontact
</a>
</li>
<li class="md-nav__item">
<a href="../../client/client-outlook/" class="md-nav__link">
Microsoft Outlook
</a>
</li>
<li class="md-nav__item">
<a href="../../client/client-thunderbird/" class="md-nav__link">
Mozilla Thunderbird
</a>
</li>
<li class="md-nav__item">
<a href="../../client/client-windows/" class="md-nav__link">
Windows Mail
</a>
</li>
<li class="md-nav__item">
<a href="../../client/client-manual/" class="md-nav__link">
Manuelle Konfiguration
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_10" >
<label class="md-nav__link" for="__nav_10" id="__nav_10_label" tabindex="0">
Anwendungen von Drittanbietern
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_10_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_10">
<span class="md-nav__icon md-icon"></span>
Anwendungen von Drittanbietern
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../third_party/borgmatic/third_party-borgmatic/" class="md-nav__link">
Borgmatic-Sicherung
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/checkmk/u_e-checkmk/" class="md-nav__link">
CheckMK
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/exchange_onprem/third_party-exchange_onprem/" class="md-nav__link">
Exchange Hybrid Setup
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/gitea/third_party-gitea/" class="md-nav__link">
Gitea
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/gogs/third_party-gogs/" class="md-nav__link">
Gogs
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/mailman3/third_party-mailman3/" class="md-nav__link">
Mailman 3
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/mailpiler/third_party-mailpiler_integration/" class="md-nav__link">
Mailpiler Integration
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/nextcloud/third_party-nextcloud/" class="md-nav__link">
Nextcloud
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/portainer/third_party-portainer/" class="md-nav__link">
Portainer
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/roundcube/third_party-roundcube/" class="md-nav__link">
Roundcube
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="Inhaltsverzeichnis">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Inhaltsverzeichnis
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#apache-24" class="md-nav__link">
Apache 2.4
</a>
</li>
<li class="md-nav__item">
<a href="#nginx" class="md-nav__link">
Nginx
</a>
</li>
<li class="md-nav__item">
<a href="#haproxy-von-der-community-unterstutzt" class="md-nav__link">
HAProxy (von der Community unterstĂŒtzt)
</a>
</li>
<li class="md-nav__item">
<a href="#traefik-v2-von-der-community-unterstutzt" class="md-nav__link">
Traefik v2 (von der Community unterstĂŒtzt)
</a>
</li>
<li class="md-nav__item">
<a href="#caddy-v2-von-der-community-unterstutzt" class="md-nav__link">
Caddy v2 (von der Community unterstĂŒtzt)
</a>
</li>
<li class="md-nav__item">
<a href="#optional-post-hook-skript-fur-nicht-mailcow-acme-clients" class="md-nav__link">
Optional: Post-Hook-Skript fĂŒr nicht-mailcow ACME-Clients
</a>
</li>
<li class="md-nav__item">
<a href="#hinzufugen-weiterer-servernamen-fur-mailcow-ui" class="md-nav__link">
HinzufĂŒgen weiterer Servernamen fĂŒr mailcow UI
</a>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<h1>Reverse Proxy</h1>
<p>Sie mĂŒssen die Nginx-Seite, die mit mailcow: dockerized geliefert wird, nicht Ă€ndern.
mailcow: dockerized vertraut auf das Standard-Gateway IP 172.22.1.1 als Proxy.</p>
<p>1. Stellen Sie sicher, dass Sie HTTP_BIND und HTTPS_BIND in <code>mailcow.conf</code> auf eine lokale Adresse Àndern und die Ports entsprechend einstellen, zum Beispiel:
<div class="highlight"><pre><span></span><code><span class="nv">HTTP_BIND</span><span class="o">=</span><span class="m">127</span>.0.0.1
<span class="nv">HTTP_PORT</span><span class="o">=</span><span class="m">8080</span>
<span class="nv">HTTPS_BIND</span><span class="o">=</span><span class="m">127</span>.0.0.1
<span class="nv">HTTPS_PORT</span><span class="o">=</span><span class="m">8443</span>
</code></pre></div></p>
<p>Dadurch werden auch die Bindungen innerhalb des Nginx-Containers geÀndert! Dies ist wichtig, wenn Sie sich entscheiden, einen Proxy innerhalb von Docker zu verwenden.</p>
<p><strong>WICHTIG:</strong> Verwenden Sie nicht Port 8081, 9081 oder 65510!</p>
<p>Erzeugen Sie die betroffenen Container neu, indem Sie den folgenden Befehl ausfĂŒhren:</p>
<div class="tabbed-set tabbed-alternate" data-tabs="1:2"><input checked="checked" id="__tabbed_1_1" name="__tabbed_1" type="radio" /><input id="__tabbed_1_2" name="__tabbed_1" type="radio" /><div class="tabbed-labels"><label for="__tabbed_1_1">docker compose (Plugin)</label><label for="__tabbed_1_2">docker-compose (Standalone)</label></div>
<div class="tabbed-content">
<div class="tabbed-block">
<div class="highlight"><pre><span></span><code>docker<span class="w"> </span>compose<span class="w"> </span>up<span class="w"> </span>-d
</code></pre></div>
</div>
<div class="tabbed-block">
<div class="highlight"><pre><span></span><code>docker-compose<span class="w"> </span>up<span class="w"> </span>-d
</code></pre></div>
</div>
</div>
</div>
<p><strong>Wichtige Informationen, bitte lesen Sie diese sorgfÀltig durch!</strong></p>
<div class="admonition info">
<p class="admonition-title">Info</p>
<p>Wenn Sie planen, einen Reverse-Proxy zu verwenden und einen anderen Servernamen als <strong>MAILCOW_HOSTNAME</strong> verwenden wollen, mĂŒssen Sie <strong>ZusĂ€tzliche Servernamen fĂŒr mailcow UI</strong> am Ende dieser Seite hinzufĂŒgen.</p>
</div>
<div class="admonition warning">
<p class="admonition-title">Warnung</p>
<p>Stellen Sie sicher, dass Sie <code>generate_config.sh</code> ausfĂŒhren, bevor Sie die untenstehenden Konfigurationsbeispiele aktivieren.
Das Skript <code>generate_config.sh</code> kopiert die Snake-oil Zertifikate an den richtigen Ort, so dass die Dienste nicht aufgrund fehlender Dateien nicht starten können.</p>
</div>
<div class="admonition warning">
<p class="admonition-title">Warnung</p>
<p>Wenn Sie TLS SNI aktivieren (<code>ENABLE_TLS_SNI</code> in mailcow.conf), <strong>mĂŒssen</strong> die Zertifikatspfade in Ihrem Reverse-Proxy mit den korrekten Pfaden in data/assets/ssl/{hostname} ĂŒbereinstimmen. Die Zertifikate werden in <code>data/assets/ssl/{hostname1,hostname2,etc}</code> aufgeteilt und werden daher nicht funktionieren, wenn Sie die Beispiele von unten kopieren, die auf <code>data/assets/ssl/cert.pem</code> etc. zeigen.</p>
</div>
<div class="admonition info">
<p class="admonition-title">Info</p>
<p>Die Verwendung der untenstehenden Site-Konfigurationen wird <strong>acme-Anfragen an mailcow</strong> weiterleiten und es die Zertifikate selbst verwalten lassen.
Der Nachteil der Verwendung von mailcow als ACME-Client hinter einem Reverse-Proxy ist, dass Sie Ihren Webserver neu laden mĂŒssen, nachdem acme-mailcow das Zertifikat geĂ€ndert/erneuert/erstellt hat. Sie können entweder Ihren Webserver tĂ€glich neu laden oder ein Skript schreiben, um die Datei auf Änderungen zu ĂŒberwachen.
Auf vielen Servern wird logrotate den Webserver sowieso tÀglich neu laden.</p>
<p>Wenn Sie eine lokale Certbot-Installation verwenden möchten, mĂŒssen Sie die SSL-Zertifikatsparameter entsprechend Ă€ndern.
<strong>Stellen Sie sicher, dass Sie ein Post-Hook-Skript</strong> ausfĂŒhren, wenn Sie sich entscheiden, externe ACME-Clients zu verwenden. Ein Beispiel finden Sie am Ende dieser Seite.</p>
</div>
<p>2. Konfigurieren Sie Ihren lokalen Webserver als Reverse Proxy:</p>
<h3 id="apache-24">Apache 2.4<a class="headerlink" href="#apache-24" title="Permanent link">&para;</a></h3>
<p>Erforderliche Module:
<div class="highlight"><pre><span></span><code>a2enmod rewrite proxy proxy_http headers ssl
</code></pre></div></p>
<p>Let's Encrypt wird unserem Rewrite folgen, Zertifikatsanfragen in mailcow werden problemlos funktionieren.</p>
<p><strong>Die hervorgehobenen Zeilen mĂŒssen beachtet werden</strong>.</p>
<div class="highlight"><pre><span></span><code><span class="nt">&lt;VirtualHost</span><span class="w"> </span><span class="s">*:80</span><span class="nt">&gt;</span>
<span class="hll"><span class="w"> </span><span class="nb">ServerName</span><span class="w"> </span>ZU<span class="w"> </span>MAILCOW<span class="w"> </span>HOSTNAMEN<span class="w"> </span>ÄNDERN
</span><span class="w"> </span><span class="nb">ServerAlias</span><span class="w"> </span>autodiscover.*
<span class="w"> </span><span class="nb">ServerAlias</span><span class="w"> </span>autoconfig.*
<span class="w"> </span><span class="nb">RewriteEngine</span><span class="w"> </span><span class="k">on</span>
<span class="w"> </span><span class="nb">RewriteCond</span><span class="w"> </span>%{HTTPS}<span class="w"> </span><span class="k">off</span>
<span class="w"> </span><span class="nb">RewriteRule</span><span class="w"> </span>^/?(.*)<span class="w"> </span>https://%{HTTP_HOST}/$1<span class="w"> </span>[R=301,L]
<span class="hll"><span class="w"> </span><span class="nb">ProxyPass</span><span class="w"> </span>/<span class="w"> </span>http://127.0.0.1:8080/
</span><span class="hll"><span class="w"> </span><span class="nb">ProxyPassReverse</span><span class="w"> </span>/<span class="w"> </span>http://127.0.0.1:8080/
</span><span class="w"> </span><span class="nb">ProxyPreserveHost</span><span class="w"> </span><span class="k">On</span>
<span class="w"> </span><span class="nb">ProxyAddHeaders</span><span class="w"> </span><span class="k">On</span>
<span class="w"> </span><span class="nb">RequestHeader</span><span class="w"> </span>set<span class="w"> </span>X-Forwarded-Proto<span class="w"> </span><span class="s2">&quot;http&quot;</span>
<span class="nt">&lt;/VirtualHost&gt;</span>
<span class="nt">&lt;VirtualHost</span><span class="w"> </span><span class="s">*:443</span><span class="nt">&gt;</span>
<span class="hll"><span class="w"> </span><span class="nb">ServerName</span><span class="w"> </span>ZU<span class="w"> </span>MAILCOW<span class="w"> </span>HOSTNAMEN<span class="w"> </span>ÄNDERN
</span><span class="w"> </span><span class="nb">ServerAlias</span><span class="w"> </span>autodiscover.*
<span class="w"> </span><span class="nb">ServerAlias</span><span class="w"> </span>autoconfig.*
<span class="w"> </span><span class="c"># You should proxy to a plain HTTP session to offload SSL processing</span>
<span class="hll"><span class="w"> </span><span class="nb">ProxyPass</span><span class="w"> </span><span class="sx">/Microsoft-Server-ActiveSync</span><span class="w"> </span>http://127.0.0.1:8080/Microsoft-Server-ActiveSync<span class="w"> </span>connectiontimeout=4000
</span><span class="hll"><span class="w"> </span><span class="nb">ProxyPassReverse</span><span class="w"> </span><span class="sx">/Microsoft-Server-ActiveSync</span><span class="w"> </span>http://127.0.0.1:8080/Microsoft-Server-ActiveSync
</span><span class="hll"><span class="w"> </span><span class="nb">ProxyPass</span><span class="w"> </span>/<span class="w"> </span>http://127.0.0.1:8080/
</span><span class="hll"><span class="w"> </span><span class="nb">ProxyPassReverse</span><span class="w"> </span>/<span class="w"> </span>http://127.0.0.1:8080/
</span><span class="w"> </span><span class="nb">ProxyPreserveHost</span><span class="w"> </span><span class="k">On</span>
<span class="w"> </span><span class="nb">ProxyAddHeaders</span><span class="w"> </span><span class="k">On</span>
<span class="w"> </span><span class="nb">RequestHeader</span><span class="w"> </span>set<span class="w"> </span>X-Forwarded-Proto<span class="w"> </span><span class="s2">&quot;https&quot;</span>
<span class="hll"><span class="w"> </span><span class="nb">SSLCertificateFile</span><span class="w"> </span>MAILCOW_ORDNER/data/assets/ssl/cert.pem
</span><span class="hll"><span class="w"> </span><span class="nb">SSLCertificateKeyFile</span><span class="w"> </span>MAILCOW_ORDNER/data/assets/ssl/key.pem
</span>
<span class="w"> </span><span class="c"># Wenn Sie einen HTTPS-Host als Proxy verwenden möchten:</span>
<span class="w"> </span><span class="c">#SSLProxyEngine On</span>
<span class="w"> </span><span class="c"># Wenn Sie einen Proxy fĂŒr einen nicht vertrauenswĂŒrdigen HTTPS-Host einrichten wollen:</span>
<span class="w"> </span><span class="c">#SSLProxyVerify none</span>
<span class="w"> </span><span class="c">#SSLProxyCheckPeerCN off</span>
<span class="w"> </span><span class="c">#SSLProxyCheckPeerName off</span>
<span class="w"> </span><span class="c">#SSLProxyCheckPeerExpire off</span>
<span class="nt">&lt;/VirtualHost&gt;</span>
</code></pre></div>
<h3 id="nginx">Nginx<a class="headerlink" href="#nginx" title="Permanent link">&para;</a></h3>
<p>Let's Encrypt folgt unserem Rewrite, Zertifikatsanfragen funktionieren problemlos.</p>
<p><strong>Achten Sie auf die hervorgehobenen Zeilen</strong>.</p>
<div class="highlight"><pre><span></span><code>server {
listen 80 default_server;
listen [::]:80 default_server;
<span class="hll"> server_name ZU MAILCOW HOSTNAMEN ÄNDERN autodiscover.* autoconfig.*;
</span> return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
<span class="hll"> server_name ZU MAILCOW HOSTNAMEN ÄNDERN autodiscover.* autoconfig.*;
</span>
<span class="hll"> ssl_certificate MAILCOW_PATH/data/assets/ssl/cert.pem;
</span><span class="hll"> ssl_certificate_key MAILCOW_PATH/data/assets/ssl/key.pem;
</span> ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
# Siehe https://ssl-config.mozilla.org/#server=nginx fĂŒr die neuesten Empfehlungen zu ssl-Einstellungen
# Ein Beispiel fĂŒr eine Konfiguration ist unten angegeben
ssl_protocols TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5:!SHA1:!kRSA;
ssl_prefer_server_ciphers off;
location /Microsoft-Server-ActiveSync {
<span class="hll"> proxy_pass http://127.0.0.1:8080/Microsoft-Server-ActiveSync;
</span> proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 75;
proxy_send_timeout 3650;
proxy_read_timeout 3650;
proxy_buffers 64 512k; # Seit dem 2022-04 Update nötig fĂŒr SOGo
client_body_buffer_size 512k;
client_max_body_size 0;
}
location / {
<span class="hll"> proxy_pass http://127.0.0.1:8080/;
</span> proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 0;
# Die folgenden Proxy-Buffer mĂŒssen gesetzt werden, wenn Sie SOGo nach dem Update 2022-04 (April 2022) verwenden wollen
# Andernfalls wird ein Login wie folgt fehlschlagen: https://github.com/mailcow/mailcow-dockerized/issues/4537
proxy_buffer_size 128k;
proxy_buffers 64 512k;
proxy_busy_buffers_size 512k;
}
}
</code></pre></div>
<h3 id="haproxy-von-der-community-unterstutzt">HAProxy (von der Community unterstĂŒtzt)<a class="headerlink" href="#haproxy-von-der-community-unterstutzt" title="Permanent link">&para;</a></h3>
<div class="admonition warning">
<p class="admonition-title">Warnung</p>
<p>Dies ist ein nicht unterstĂŒtzter Community Beitrag. Korrekturen sind immer erwĂŒnscht!</p>
</div>
<p><strong>Wichtig/Fix erwĂŒnscht</strong>: Dieses Beispiel leitet nur HTTPS-Verkehr weiter und benutzt nicht den in mailcow eingebauten ACME-Client.</p>
<div class="highlight"><pre><span></span><code>frontend https-in
bind :::443 v4v6 ssl crt mailcow.pem
default_backend mailcow
backend mailcow
option forwardfor
http-request set-header X-Forwarded-Proto https if { ssl_fc }
http-request set-header X-Forwarded-Proto http if !{ ssl_fc }
server mailcow 127.0.0.1:8080 check
</code></pre></div>
<h3 id="traefik-v2-von-der-community-unterstutzt">Traefik v2 (von der Community unterstĂŒtzt)<a class="headerlink" href="#traefik-v2-von-der-community-unterstutzt" title="Permanent link">&para;</a></h3>
<div class="admonition warning">
<p class="admonition-title">Warnung</p>
<p>Dies ist ein nicht unterstĂŒtzter Community Beitrag. Korrekturen sind immer erwĂŒnscht!</p>
</div>
<p><strong>Wichtig</strong>: Diese Konfiguration deckt nur das "Reverseproxing" des Webpanels (nginx-mailcow) unter Verwendung von Traefik v2 ab. Wenn Sie auch die Mail-Dienste wie dovecot, postfix... reproxen wollen, mĂŒssen Sie die folgende Konfiguration an jeden Container anpassen und einen <a href="https://docs.traefik.io/routing/entrypoints/">EntryPoint</a> in Ihrer <code>traefik.toml</code> oder <code>traefik.yml</code> (je nachdem, welche Konfiguration Sie verwenden) fĂŒr jeden Port erstellen. </p>
<p>In diesem Abschnitt gehen wir davon aus, dass Sie Ihren Traefik 2 <code>[certificatesresolvers]</code> in Ihrer Traefik-Konfigurationsdatei richtig konfiguriert haben und auch acme verwenden. Das folgende Beispiel verwendet Lets Encrypt, aber Sie können es gerne auf Ihren eigenen Zertifikatsresolver Ă€ndern. Eine grundlegende Traefik 2 toml-Konfigurationsdatei mit allen oben genannten Elementen, die fĂŒr dieses Beispiel verwendet werden kann, finden Sie hier <a href="https://github.com/Frenzoid/TraefikBasicConfig/blob/master/traefik.toml">traefik.toml</a>, falls Sie eine solche Datei benötigen oder einen Hinweis, wie Sie Ihre Konfiguration anpassen können.</p>
<p>Zuallererst werden wir den acme-mailcow-Container deaktivieren, da wir die von traefik bereitgestellten Zertifikate verwenden werden.
Dazu mĂŒssen wir <code>SKIP_LETS_ENCRYPT=y</code> in unserer <code>mailcow.conf</code> setzen und den folgenden Befehl ausfĂŒhren, um die Änderungen zu ĂŒbernehmen:</p>
<div class="tabbed-set tabbed-alternate" data-tabs="2:2"><input checked="checked" id="__tabbed_2_1" name="__tabbed_2" type="radio" /><input id="__tabbed_2_2" name="__tabbed_2" type="radio" /><div class="tabbed-labels"><label for="__tabbed_2_1">docker compose (Plugin)</label><label for="__tabbed_2_2">docker-compose (Standalone)</label></div>
<div class="tabbed-content">
<div class="tabbed-block">
<div class="highlight"><pre><span></span><code>docker<span class="w"> </span>compose<span class="w"> </span>up<span class="w"> </span>-d
</code></pre></div>
</div>
<div class="tabbed-block">
<div class="highlight"><pre><span></span><code>docker-compose<span class="w"> </span>up<span class="w"> </span>-d
</code></pre></div>
</div>
</div>
</div>
<p>Dann erstellen wir eine <code>docker-compose.override.yml</code> Datei, um die Hauptdatei <code>docker-compose.yml</code> zu ĂŒberschreiben, die sich im mailcow-Stammverzeichnis befindet. </p>
<div class="highlight"><pre><span></span><code><span class="nt">version</span><span class="p">:</span><span class="w"> </span><span class="s">&#39;2.1&#39;</span>
<span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">nginx-mailcow</span><span class="p">:</span>
<span class="w"> </span><span class="nt">networks</span><span class="p">:</span>
<span class="w"> </span><span class="c1"># Traefiks Netzwerk hinzufĂŒgen</span>
<span class="w"> </span><span class="nt">web</span><span class="p">:</span>
<span class="w"> </span><span class="nt">labels</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik.enable=true</span>
<span class="w"> </span><span class="c1"># Erstellt einen Router namens &quot;moo&quot; fĂŒr den Container und richtet eine Regel ein, um den Container mit einer bestimmten Regel zu verknĂŒpfen,</span>
<span class="w"> </span><span class="c1"># in diesem Fall eine Host-Regel mit unserer MAILCOW_HOSTNAME-Variable.</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik.http.routers.moo.rule=Host(`${MAILCOW_HOSTNAME}`)</span>
<span class="w"> </span><span class="c1"># Aktiviert tls ĂŒber den zuvor erstellten Router.</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik.http.routers.moo.tls=true</span>
<span class="w"> </span><span class="c1"># Gibt an, welche Art von Cert-Resolver wir verwenden werden, in diesem Fall le (Lets Encrypt).</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik.http.routers.moo.tls.certresolver=le</span>
<span class="w"> </span><span class="c1"># Erzeugt einen Dienst namens &quot;moo&quot; fĂŒr den Container und gibt an, welchen internen Port des Containers</span>
<span class="w"> </span><span class="c1"># Traefik die eingehenden Daten weiterleiten soll.</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik.http.services.moo.loadbalancer.server.port=${HTTP_PORT}</span>
<span class="w"> </span><span class="c1"># Gibt an, welchen Eingangspunkt (externer Port) traefik fĂŒr diesen Container abhören soll.</span>
<span class="w"> </span><span class="c1"># Websecure ist Port 443, siehe die Datei traefik.toml wie oben.</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik.http.routers.moo.entrypoints=websecure</span>
<span class="w"> </span><span class="c1"># Stellen Sie sicher, dass traefik das Web-Netzwerk verwendet, nicht das mailcowdockerized_mailcow-network</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik.docker.network=web</span>
<span class="w"> </span><span class="nt">certdumper</span><span class="p">:</span>
<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">humenius/traefik-certs-dumper</span>
<span class="w"> </span><span class="nt">command</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--restart-containers ${COMPOSE_PROJECT_NAME}-postfix-mailcow-1,${COMPOSE_PROJECT_NAME}-nginx-mailcow-1,${COMPOSE_PROJECT_NAME}-dovecot-mailcow-1</span>
<span class="w"> </span><span class="nt">network_mode</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">none</span>
<span class="w"> </span><span class="nt">volumes</span><span class="p">:</span>
<span class="w"> </span><span class="c1"># Binden Sie das Volume, das Traefiks `acme.json&#39; Datei enthÀlt, ein</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">acme:/traefik:ro</span>
<span class="w"> </span><span class="c1"># SSL-Ordner von mailcow einhÀngen</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">./data/assets/ssl/:/output:rw</span>
<span class="w"> </span><span class="c1"># Binden Sie den Docker Socket ein, damit traefik-certs-dumper die Container neu starten kann</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/var/run/docker.sock:/var/run/docker.sock:ro</span>
<span class="w"> </span><span class="nt">restart</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">always</span>
<span class="w"> </span><span class="nt">environment</span><span class="p">:</span>
<span class="w"> </span><span class="c1"># Ändern Sie dies nur, wenn Sie eine andere Domain fĂŒr mailcows Web-Frontend verwenden als in der Standard-Konfiguration</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">DOMAIN=${MAILCOW_HOSTNAME}</span>
<span class="nt">networks</span><span class="p">:</span>
<span class="w"> </span><span class="nt">web</span><span class="p">:</span>
<span class="w"> </span><span class="nt">external</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="w"> </span><span class="c1"># Name des externen Netzwerks</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik_web</span>
<span class="nt">volumes</span><span class="p">:</span>
<span class="w"> </span><span class="nt">acme</span><span class="p">:</span>
<span class="w"> </span><span class="nt">external</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="w"> </span><span class="c1"># Name des externen Docker Volumes, welches Traefiks `acme.json&#39; Datei enthÀlt</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">traefik_acme</span>
</code></pre></div>
<p>Starten Sie die neuen Container mit:</p>
<div class="tabbed-set tabbed-alternate" data-tabs="3:2"><input checked="checked" id="__tabbed_3_1" name="__tabbed_3" type="radio" /><input id="__tabbed_3_2" name="__tabbed_3" type="radio" /><div class="tabbed-labels"><label for="__tabbed_3_1">docker compose (Plugin)</label><label for="__tabbed_3_2">docker-compose (Standalone)</label></div>
<div class="tabbed-content">
<div class="tabbed-block">
<div class="highlight"><pre><span></span><code>docker<span class="w"> </span>compose<span class="w"> </span>up<span class="w"> </span>-d
</code></pre></div>
</div>
<div class="tabbed-block">
<div class="highlight"><pre><span></span><code>docker-compose<span class="w"> </span>up<span class="w"> </span>-d
</code></pre></div>
</div>
</div>
</div>
<p>Da Traefik 2 ein acme v2 Format verwendet, um ALLE Zertifikaten von allen Domains zu speichern, mĂŒssen wir einen Weg finden, die Zertifikate auszulagern. Zum GlĂŒck haben wir [diesen kleinen Container] (<a href="https://hub.docker.com/r/humenius/traefik-certs-dumper">https://hub.docker.com/r/humenius/traefik-certs-dumper</a>), der die Datei <code>acme.json</code> ĂŒber ein Volume und eine Variable <code>DOMAIN=example. org</code>, und damit wird der Container die <code>cert.pem</code> und <code>key.pem</code> Dateien ausgeben, dafĂŒr lassen wir einfach den <code>traefik-certs-dumper</code> Container laufen, binden das <code>/traefik</code> Volume an den Ordner, in dem unsere <code>acme.json</code> gespeichert ist, binden das <code>/output</code> Volume an unseren mailcow <code>data/assets/ssl/</code> Ordner, und setzen die <code>DOMAIN=example.org</code> Variable auf die Domain, von der wir die Zertifikate ausgeben wollen. </p>
<p>Dieser Container ĂŒberwacht die Datei <code>acme.json</code> auf Änderungen und generiert die Dateien <code>cert.pem</code> und <code>key.pem</code> direkt in <code>data/assets/ssl/</code>, wobei der Pfad mit dem <code>/output</code>-Pfad des Containers verbunden ist.</p>
<p>Sie können es ĂŒber die Kommandozeile ausfĂŒhren oder das <a href="https://hub.docker.com/r/humenius/traefik-certs-dumper">hier</a> gezeigte docker-compose.yml verwenden.</p>
<p>Nachdem wir die Zertifikate ĂŒbertragen haben, mĂŒssen wir die Konfigurationen aus unseren Postfix- und Dovecot-Containern neu laden und die Zertifikate ĂŒberprĂŒfen. Wie das geht, sehen Sie <a href="https://mailcow.github.io/mailcow-dockerized-docs/de/post_installation/firststeps-ssl/#ein-eigenes-zertifikat-verwenden">hier</a>.</p>
<p>Und das sollte es gewesen sein 😊, Sie können ĂŒberprĂŒfen, ob der Traefik-Router einwandfrei funktioniert, indem Sie das Dashboard von Traefik / traefik logs / ĂŒber https auf die eingestellte Domain zugreifen, oder / und HTTPS, SMTP und IMAP mit den Befehlen auf der zuvor verlinkten Seite ĂŒberprĂŒfen.</p>
<h3 id="caddy-v2-von-der-community-unterstutzt">Caddy v2 (von der Community unterstĂŒtzt)<a class="headerlink" href="#caddy-v2-von-der-community-unterstutzt" title="Permanent link">&para;</a></h3>
<div class="admonition warning">
<p class="admonition-title">Warnung</p>
<p>Dies ist ein nicht unterstĂŒtzter Communitybeitrag. Korrekturen sind immer erwĂŒnscht!</p>
</div>
<p>Die Konfiguration von Caddy mit mailcow ist sehr simpel.</p>
<p>In der Caddyfile muss einfach nur ein Bereich fĂŒr den E-Mailserver angelegt werden.</p>
<p>Bspw:</p>
<div class="highlight"><pre><span></span><code><span class="hll">MAILCOW_HOSTNAME autodiscover.MAILCOW_HOSTNAME autoconfig.MAILCOW_HOSTNAME {
</span> log {
<span class="hll"> output file /var/log/caddy/MAILCOW_HOSTNAME.log {
</span> roll_disabled
roll_size 512M
roll_uncompressed
roll_local_time
roll_keep 3
roll_keep_for 48h
}
}
<span class="hll"> reverse_proxy 127.0.0.1:HTTP_BIND
</span>}
</code></pre></div>
<p>Dies erlaubt es Caddy automatisch die Zertifikate zu erstellen und den Traffic fĂŒr diese erwĂ€hnten Domains anzunehmen und an mailcow weiterzuleiten.</p>
<p><strong>Wichtig</strong>: Der ACME Client der mailcow muss deaktiviert sein, da es sonst zu Fehlern seitens mailcow kommt.</p>
<p>Da Caddy sich direkt selbst um die Zertifikate kĂŒmmert, können wir mit dem folgenden Skript die Caddy generierten Zertifikate in die mailcow inkludieren:</p>
<div class="highlight"><pre><span></span><code><span class="ch">#!/bin/bash</span>
<span class="nv">MD5SUM_CURRENT_CERT</span><span class="o">=(</span><span class="k">$(</span>md5sum<span class="w"> </span>/opt/mailcow-dockerized/data/assets/ssl/cert.pem<span class="k">)</span><span class="o">)</span>
<span class="nv">MD5SUM_NEW_CERT</span><span class="o">=(</span><span class="k">$(</span>md5sum<span class="w"> </span>/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/your.domain.tld/your.domain.tld.crt<span class="k">)</span><span class="o">)</span>
<span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span><span class="nv">$MD5SUM_CURRENT_CERT</span><span class="w"> </span>!<span class="o">=</span><span class="w"> </span><span class="nv">$MD5SUM_NEW_CERT</span><span class="w"> </span><span class="o">]</span><span class="p">;</span><span class="w"> </span><span class="k">then</span>
<span class="w"> </span>cp<span class="w"> </span>/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/your.domain.tld/your.domain.tld.crt<span class="w"> </span>/opt/mailcow-dockerized/data/assets/ssl/cert.pem
<span class="w"> </span>cp<span class="w"> </span>/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/your.domain.tld/your.domain.tld.key<span class="w"> </span>/opt/mailcow-dockerized/data/assets/ssl/key.pem
<span class="w"> </span><span class="nv">postfix_c</span><span class="o">=</span><span class="k">$(</span>docker<span class="w"> </span>ps<span class="w"> </span>-qaf<span class="w"> </span><span class="nv">name</span><span class="o">=</span>postfix-mailcow<span class="k">)</span>
<span class="w"> </span><span class="nv">dovecot_c</span><span class="o">=</span><span class="k">$(</span>docker<span class="w"> </span>ps<span class="w"> </span>-qaf<span class="w"> </span><span class="nv">name</span><span class="o">=</span>dovecot-mailcow<span class="k">)</span>
<span class="w"> </span><span class="nv">nginx_c</span><span class="o">=</span><span class="k">$(</span>docker<span class="w"> </span>ps<span class="w"> </span>-qaf<span class="w"> </span><span class="nv">name</span><span class="o">=</span>nginx-mailcow<span class="k">)</span>
<span class="w"> </span>docker<span class="w"> </span>restart<span class="w"> </span><span class="si">${</span><span class="nv">postfix_c</span><span class="si">}</span><span class="w"> </span><span class="si">${</span><span class="nv">dovecot_c</span><span class="si">}</span><span class="w"> </span><span class="si">${</span><span class="nv">nginx_c</span><span class="si">}</span>
<span class="k">else</span>
<span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="s2">&quot;Certs not copied from Caddy (Not needed)&quot;</span>
<span class="k">fi</span>
</code></pre></div>
<div class="admonition warning">
<p class="admonition-title">Achtung</p>
<p>Der Zertifikatspfad von Caddy variiert je nach Installationsart.<br>
Bei diesem Installationsbeispiel wurde Caddy mithilfe des Caddy Repos (<a href="https://caddyserver.com/docs/install#debian-ubuntu-raspbian">weitere Informationen hier</a>) installiert.<br>
<br>
Um den Caddy Zertifikatspfad auf Ihrem System herauszufinden, genĂŒgt ein <code>find / -name "certificates"</code>.</p>
</div>
<p>Dieses Skript könnte dann als Cronjob jede Stunde aufgerufen werden:</p>
<div class="highlight"><pre><span></span><code><span class="m">0</span><span class="w"> </span>*<span class="w"> </span>*<span class="w"> </span>*<span class="w"> </span>*<span class="w"> </span>/bin/bash<span class="w"> </span>/path/to/script/deploy-certs.sh<span class="w"> </span>&gt;/dev/null<span class="w"> </span><span class="m">2</span>&gt;<span class="p">&amp;</span><span class="m">1</span>
</code></pre></div>
<h3 id="optional-post-hook-skript-fur-nicht-mailcow-acme-clients">Optional: Post-Hook-Skript fĂŒr nicht-mailcow ACME-Clients<a class="headerlink" href="#optional-post-hook-skript-fur-nicht-mailcow-acme-clients" title="Permanent link">&para;</a></h3>
<p>Die Verwendung eines lokalen Certbots (oder eines anderen ACME-Clients) erfordert den Neustart einiger Container, was Sie mit einem Post-Hook-Skript erledigen können.
Stellen Sie sicher, dass Sie die Pfade entsprechend Àndern:
<div class="highlight"><pre><span></span><code>#!/bin/bash
cp /etc/letsencrypt/live/my.domain.tld/fullchain.pem /opt/mailcow-dockerized/data/assets/ssl/cert.pem
cp /etc/letsencrypt/live/my.domain.tld/privkey.pem /opt/mailcow-dockerized/data/assets/ssl/key.pem
postfix_c=$(docker ps -qaf name=postfix-mailcow)
dovecot_c=$(docker ps -qaf name=dovecot-mailcow)
nginx_c=$(docker ps -qaf name=nginx-mailcow)
docker restart ${postfix_c} ${dovecot_c} ${nginx_c}
</code></pre></div></p>
<h3 id="hinzufugen-weiterer-servernamen-fur-mailcow-ui">HinzufĂŒgen weiterer Servernamen fĂŒr mailcow UI<a class="headerlink" href="#hinzufugen-weiterer-servernamen-fur-mailcow-ui" title="Permanent link">&para;</a></h3>
<p>Wenn Sie vorhaben, einen Servernamen zu verwenden, der nicht <code>MAILCOW_HOSTNAME</code> in Ihrem Reverse-Proxy ist, stellen Sie sicher, dass Sie diesen Namen zuerst in mailcow.conf ĂŒber <code>ADDITIONAL_SERVER_NAMES</code> einpflegen. Die Namen mĂŒssen durch Kommas getrennt werden und <strong>dĂŒrfen</strong> keine Leerzeichen enthalten. Wenn Sie diesen Schritt ĂŒberspringen, kann es sein, dass mailcow auf Ihren Reverse-Proxy mit einer falschen Seite antwortet.</p>
<div class="highlight"><pre><span></span><code>ADDITIONAL_SERVER_NAMES=webmail.domain.tld,other.example.tld
</code></pre></div>
<p>FĂŒhren Sie zum Anwenden folgendes aus:</p>
<div class="tabbed-set tabbed-alternate" data-tabs="4:2"><input checked="checked" id="__tabbed_4_1" name="__tabbed_4" type="radio" /><input id="__tabbed_4_2" name="__tabbed_4" type="radio" /><div class="tabbed-labels"><label for="__tabbed_4_1">docker compose (Plugin)</label><label for="__tabbed_4_2">docker-compose (Standalone)</label></div>
<div class="tabbed-content">
<div class="tabbed-block">
<div class="highlight"><pre><span></span><code>docker<span class="w"> </span>compose<span class="w"> </span>up<span class="w"> </span>-d
</code></pre></div>
</div>
<div class="tabbed-block">
<div class="highlight"><pre><span></span><code>docker-compose<span class="w"> </span>up<span class="w"> </span>-d
</code></pre></div>
</div>
</div>
</div>
<hr>
<div class="md-source-file">
<small>
Letztes Update:
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-iso_datetime">2023-01-13 18:16:08</span>
</small>
</div>
</article>
</div>
<script>var tabs=__md_get("__tabs");if(Array.isArray(tabs))e:for(var set of document.querySelectorAll(".tabbed-set")){var tab,labels=set.querySelector(".tabbed-labels");for(tab of tabs)for(var label of labels.getElementsByTagName("label"))if(label.innerText.trim()===tab){var input=document.getElementById(label.htmlFor);input.checked=!0;continue e}}</script>
</div>
<a href="#" class="md-top md-icon" data-md-component="top" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M13 20h-2V8l-5.5 5.5-1.42-1.42L12 4.16l7.92 7.92-1.42 1.42L13 8v12Z"/></svg>
ZurĂŒck zum Seitenanfang
</a>
</main>
<footer class="md-footer">
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-copyright">
<div class="md-copyright__highlight">
Copyright &copy; 2023 Servercow Team & Community
</div>
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
<div class="md-social">
<a href="https://mailcow.email" target="_blank" rel="noopener" title="mailcow.email" class="md-social__link">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M352 256c0 22.2-1.2 43.6-3.3 64H163.3c-2.2-20.4-3.3-41.8-3.3-64s1.2-43.6 3.3-64h185.4c2.2 20.4 3.3 41.8 3.3 64zm28.8-64h123.1c5.3 20.5 8.1 41.9 8.1 64s-2.8 43.5-8.1 64H380.8c2.1-20.6 3.2-42 3.2-64s-1.1-43.4-3.2-64zm112.6-32H376.7c-10-63.9-29.8-117.4-55.3-151.6 78.3 20.7 142 77.5 171.9 151.6zm-149.1 0H167.7c6.1-36.4 15.5-68.6 27-94.7 10.5-23.6 22.2-40.7 33.5-51.5C239.4 3.2 248.7 0 256 0s16.6 3.2 27.8 13.8c11.3 10.8 23 27.9 33.5 51.5 11.6 26 21 58.2 27 94.7zm-209 0H18.6c30-74.1 93.6-130.9 172-151.6-25.5 34.2-45.3 87.7-55.3 151.6zM8.1 192h123.1c-2.1 20.6-3.2 42-3.2 64s1.1 43.4 3.2 64H8.1C2.8 299.5 0 278.1 0 256s2.8-43.5 8.1-64zm186.6 254.6c-11.6-26-20.9-58.2-27-94.6h176.6c-6.1 36.4-15.5 68.6-27 94.6-10.5 23.6-22.2 40.7-33.5 51.5-11.2 10.7-20.5 13.9-27.8 13.9s-16.6-3.2-27.8-13.8c-11.3-10.8-23-27.9-33.5-51.5zM135.3 352c10 63.9 29.8 117.4 55.3 151.6-78.4-20.7-142-77.5-172-151.6h116.7zm358.1 0c-30 74.1-93.6 130.9-171.9 151.6 25.5-34.2 45.2-87.7 55.3-151.6h116.6z"/></svg>
</a>
<a href="https://github.com/mailcow" target="_blank" rel="noopener" title="github.com" class="md-social__link">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 480 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M186.1 328.7c0 20.9-10.9 55.1-36.7 55.1s-36.7-34.2-36.7-55.1 10.9-55.1 36.7-55.1 36.7 34.2 36.7 55.1zM480 278.2c0 31.9-3.2 65.7-17.5 95-37.9 76.6-142.1 74.8-216.7 74.8-75.8 0-186.2 2.7-225.6-74.8-14.6-29-20.2-63.1-20.2-95 0-41.9 13.9-81.5 41.5-113.6-5.2-15.8-7.7-32.4-7.7-48.8 0-21.5 4.9-32.3 14.6-51.8 45.3 0 74.3 9 108.8 36 29-6.9 58.8-10 88.7-10 27 0 54.2 2.9 80.4 9.2 34-26.7 63-35.2 107.8-35.2 9.8 19.5 14.6 30.3 14.6 51.8 0 16.4-2.6 32.7-7.7 48.2 27.5 32.4 39 72.3 39 114.2zm-64.3 50.5c0-43.9-26.7-82.6-73.5-82.6-18.9 0-37 3.4-56 6-14.9 2.3-29.8 3.2-45.1 3.2-15.2 0-30.1-.9-45.1-3.2-18.7-2.6-37-6-56-6-46.8 0-73.5 38.7-73.5 82.6 0 87.8 80.4 101.3 150.4 101.3h48.2c70.3 0 150.6-13.4 150.6-101.3zm-82.6-55.1c-25.8 0-36.7 34.2-36.7 55.1s10.9 55.1 36.7 55.1 36.7-34.2 36.7-55.1-10.9-55.1-36.7-55.1z"/></svg>
</a>
<a href="https://twitter.com/mailcow_email" target="_blank" rel="noopener" title="twitter.com" class="md-social__link">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M459.37 151.716c.325 4.548.325 9.097.325 13.645 0 138.72-105.583 298.558-298.558 298.558-59.452 0-114.68-17.219-161.137-47.106 8.447.974 16.568 1.299 25.34 1.299 49.055 0 94.213-16.568 130.274-44.832-46.132-.975-84.792-31.188-98.112-72.772 6.498.974 12.995 1.624 19.818 1.624 9.421 0 18.843-1.3 27.614-3.573-48.081-9.747-84.143-51.98-84.143-102.985v-1.299c13.969 7.797 30.214 12.67 47.431 13.319-28.264-18.843-46.781-51.005-46.781-87.391 0-19.492 5.197-37.36 14.294-52.954 51.655 63.675 129.3 105.258 216.365 109.807-1.624-7.797-2.599-15.918-2.599-24.04 0-57.828 46.782-104.934 104.934-104.934 30.213 0 57.502 12.67 76.67 33.137 23.715-4.548 46.456-13.32 66.599-25.34-7.798 24.366-24.366 44.833-46.132 57.827 21.117-2.273 41.584-8.122 60.426-16.243-14.292 20.791-32.161 39.308-52.628 54.253z"/></svg>
</a>
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "../../..", "features": ["navigation.top", "navigation.tracking", "announce.dismiss", "content.tabs.link"], "search": "../../../assets/javascripts/workers/search.db81ec45.min.js", "translations": {"clipboard.copied": "In Zwischenablage kopiert", "clipboard.copy": "In Zwischenablage kopieren", "search.result.more.one": "1 weiteres Suchergebnis auf dieser Seite", "search.result.more.other": "# weitere Suchergebnisse auf dieser Seite", "search.result.none": "Keine Suchergebnisse", "search.result.one": "1 Suchergebnis", "search.result.other": "# Suchergebnisse", "search.result.placeholder": "Suchbegriff eingeben", "search.result.term.missing": "Es fehlt", "select.version": "Version ausw\u00e4hlen"}}</script>
<script src="../../../assets/javascripts/bundle.6df46069.min.js"></script>
<script src="../../../assets/javascripts/client.js"></script>
</body>
</html>
In neuem Issue referenzieren Git Blame ansehen Permalink kopieren