2016-12-29 16:06:21 +08:00
#!/bin/bash
2018-03-01 03:08:20 +08:00
set -o pipefail
2018-02-20 06:39:53 +08:00
2018-02-20 15:34:49 +08:00
if grep --help 2>& 1 | grep -q -i "busybox" ; then
2018-02-20 06:28:59 +08:00
echo "BusybBox grep detected, please install gnu grep, \"apk add --no-cache --upgrade grep\""
2018-02-14 23:08:03 +08:00
exit 1
fi
2018-02-20 15:34:49 +08:00
if cp --help 2>& 1 | grep -q -i "busybox" ; then
2018-02-20 06:28:59 +08:00
echo "BusybBox cp detected, please install coreutils, \"apk add --no-cache --upgrade coreutils\""
2018-02-14 23:08:03 +08:00
exit 1
fi
2018-07-18 14:47:53 +08:00
if [ -f mailcow.conf ] ; then
2016-12-29 16:06:21 +08:00
read -r -p "A config file exists and will be overwritten, are you sure you want to contine? [y/N] " response
case $response in
[ yY] [ eE] [ sS] | [ yY] )
mv mailcow.conf mailcow.conf_backup
; ;
*)
exit 1
; ;
esac
fi
2018-07-18 14:47:53 +08:00
echo "Press enter to confirm the detected value '[value]' where applicable or enter a custom value."
2018-07-12 01:41:04 +08:00
while [ -z " ${ MAILCOW_HOSTNAME } " ] ; do
2018-07-13 12:48:38 +08:00
read -p "Hostname (FQDN): " -e MAILCOW_HOSTNAME
2018-07-12 01:41:04 +08:00
DOTS = ${ MAILCOW_HOSTNAME //[^.] } ;
2018-07-18 14:47:53 +08:00
if [ ${# DOTS } -lt 2 ] && [ ! -z ${ MAILCOW_HOSTNAME } ] ; then
2018-07-12 01:41:04 +08:00
echo " ${ MAILCOW_HOSTNAME } is not a FQDN "
MAILCOW_HOSTNAME =
fi
done
2017-01-23 23:27:42 +08:00
2018-07-18 14:47:53 +08:00
if [ -a /etc/timezone ] ; then
DETECTED_TZ = $( cat /etc/timezone)
elif [ -a /etc/localtime ] ; then
DETECTED_TZ = $( readlink /etc/localtime| sed -n 's|^.*zoneinfo/||p' )
2017-09-16 19:17:37 +08:00
fi
2018-07-18 14:47:53 +08:00
while [ -z " ${ MAILCOW_TZ } " ] ; do
if [ -z " ${ DETECTED_TZ } " ] ; then
read -p "Timezone: " -e MAILCOW_TZ
else
read -p " Timezone [ ${ DETECTED_TZ } ]: " -e MAILCOW_TZ
[ -z " ${ MAILCOW_TZ } " ] && MAILCOW_TZ = ${ DETECTED_TZ }
fi
done
2016-12-29 16:06:21 +08:00
2019-01-16 17:50:34 +08:00
MEM_TOTAL = $( awk '/MemTotal/ {print $2}' /proc/meminfo)
if [ ${ MEM_TOTAL } -le "1572864" ] ; then
echo "Installed memory is less than 1.5 GiB. It is recommended to disable ClamAV to prevent out-of-memory situations."
read -r -p "Do you want to disable ClamAV now? ClamAV can be re-enabled by setting SKIP_CLAMD=n in mailcow.conf. [Y/n] " response
case $response in
[ nN] [ oO] | [ nN] )
SKIP_CLAMD = n
; ;
*)
SKIP_CLAMD = y
; ;
esac
else
SKIP_CLAMD = n
fi
if [ ${ MEM_TOTAL } -le "6815744" ] ; then
echo "Installed memory is less than 6.5 GiB. It is highly recommended to disable Solr to prevent out-of-memory situations."
echo "Solr is a prone to run OOM and should be monitored. The default Solr heap size is 1024 MiB and should be set according to your expected load in mailcow.conf."
read -r -p "Do you want to disable Solr now (recommended)? Solr can be re-enabled by setting SKIP_SOLR=n in mailcow.conf. [Y/n] " response
case $response in
[ nN] [ oO] | [ nN] )
SKIP_SOLR = n
; ;
*)
SKIP_SOLR = y
; ;
esac
else
SKIP_SOLR = n
fi
2018-07-18 14:47:53 +08:00
[ ! -f ./data/conf/rspamd/override.d/worker-controller-password.inc ] && echo '# Placeholder' > ./data/conf/rspamd/override.d/worker-controller-password.inc
2018-02-09 06:53:06 +08:00
2016-12-29 16:06:21 +08:00
cat << EOF > mailcow.conf
2016-12-28 18:36:15 +08:00
# ------------------------------
2016-12-10 03:39:02 +08:00
# mailcow web ui configuration
2016-12-28 18:36:15 +08:00
# ------------------------------
# example.org is _not_ a valid hostname, use a fqdn here.
2016-12-10 03:39:02 +08:00
# Default admin user is "admin"
# Default password is "moohoo"
2018-11-12 17:06:22 +08:00
2016-12-30 04:12:07 +08:00
MAILCOW_HOSTNAME = ${ MAILCOW_HOSTNAME }
2016-12-28 18:36:15 +08:00
# ------------------------------
2016-12-11 04:49:41 +08:00
# SQL database configuration
2016-12-28 18:36:15 +08:00
# ------------------------------
2018-11-12 17:06:22 +08:00
2016-12-10 03:39:02 +08:00
DBNAME = mailcow
DBUSER = mailcow
2017-01-03 17:33:06 +08:00
2016-12-28 03:28:45 +08:00
# Please use long, random alphanumeric strings (A-Za-z0-9)
2018-11-12 17:06:22 +08:00
2018-07-13 12:48:38 +08:00
DBPASS = $( LC_ALL = C </dev/urandom tr -dc A-Za-z0-9 | head -c 28)
DBROOT = $( LC_ALL = C </dev/urandom tr -dc A-Za-z0-9 | head -c 28)
2016-12-28 18:36:15 +08:00
# ------------------------------
2017-02-28 17:00:35 +08:00
# HTTP/S Bindings
2016-12-28 18:36:15 +08:00
# ------------------------------
2017-02-23 23:23:30 +08:00
2017-02-28 17:00:35 +08:00
# You should use HTTPS, but in case of SSL offloaded reverse proxies:
2018-11-12 17:06:22 +08:00
2017-03-06 22:42:45 +08:00
HTTP_PORT = 80
2017-02-28 17:00:35 +08:00
HTTP_BIND = 0.0.0.0
2017-01-13 04:40:42 +08:00
HTTPS_PORT = 443
2017-02-23 23:23:30 +08:00
HTTPS_BIND = 0.0.0.0
# ------------------------------
# Other bindings
# ------------------------------
# You should leave that alone
# Format: 11.22.33.44:25 or 0.0.0.0:465 etc.
2017-07-05 03:33:25 +08:00
# Do _not_ use IP:PORT in HTTP(S)_BIND or HTTP(S)_PORT
2017-02-23 23:23:30 +08:00
2017-01-03 17:33:06 +08:00
SMTP_PORT = 25
SMTPS_PORT = 465
SUBMISSION_PORT = 587
IMAP_PORT = 143
IMAPS_PORT = 993
POP_PORT = 110
POPS_PORT = 995
SIEVE_PORT = 4190
2017-07-11 03:29:03 +08:00
DOVEADM_PORT = 127.0.0.1:19991
2018-02-06 04:42:13 +08:00
SQL_PORT = 127.0.0.1:13306
2017-01-03 17:33:06 +08:00
# Your timezone
2018-11-12 17:06:22 +08:00
2018-07-13 12:48:38 +08:00
TZ = ${ MAILCOW_TZ }
2017-05-27 05:01:34 +08:00
# Fixed project name
2018-11-12 17:06:22 +08:00
2018-04-13 20:13:24 +08:00
COMPOSE_PROJECT_NAME = mailcowdockerized
2017-05-27 05:01:34 +08:00
[Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-30 04:01:23 +08:00
# Garbage collector cleanup
# Deleted domains and mailboxes are moved to /var/vmail/_garbage/timestamp_sanitizedstring
# How long should objects remain in the garbage until they are being deleted? (value in minutes)
2018-10-02 15:32:51 +08:00
# Check interval is hourly
2018-11-12 17:06:22 +08:00
[Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-30 04:01:23 +08:00
MAILDIR_GC_TIME = 1440
2017-06-12 16:38:56 +08:00
# Additional SAN for the certificate
2018-11-12 17:06:22 +08:00
#
# You can use wildcard records to create specific names for every domain you add to mailcow.
# Example: Add domains "example.com" and "example.net" to mailcow, change ADDITIONAL_SAN to a value like:
#ADDITIONAL_SAN=imap.*,smtp.*
# This will expand the certificate to "imap.example.com", "smtp.example.com", "imap.example.net", "imap.example.net"
# plus every domain you add in the future.
#
# You can also just add static names...
#ADDITIONAL_SAN=srv1.example.net
# ...or combine wildcard and static names:
#ADDITIONAL_SAN=imap.*,srv1.example.com
#
2017-06-12 16:38:56 +08:00
ADDITIONAL_SAN =
2017-10-09 04:48:56 +08:00
# Skip running ACME (acme-mailcow, Let's Encrypt certs) - y/n
2018-11-12 17:06:22 +08:00
2017-10-09 04:48:56 +08:00
SKIP_LETS_ENCRYPT = n
2018-02-01 20:32:28 +08:00
2017-10-09 04:48:56 +08:00
# Skip IPv4 check in ACME container - y/n
2018-11-12 17:06:22 +08:00
2017-07-02 05:14:13 +08:00
SKIP_IP_CHECK = n
2017-10-09 04:48:56 +08:00
# Skip ClamAV (clamd-mailcow) anti-virus (Rspamd will auto-detect a missing ClamAV container) - y/n
2018-11-12 17:06:22 +08:00
2017-07-05 03:33:25 +08:00
SKIP_CLAMD = n
2019-01-16 17:50:34 +08:00
# Skip Solr on low-memory systems
SKIP_SOLR = ${ SKIP_SOLR }
# Solr heap size in MB, there is no recommendation, please see Solr docs.
# Solr is a prone to run OOM and should be monitored. Unmonitored Solr setups are not recommended.
SOLR_HEAP = 1024
2017-10-09 04:48:56 +08:00
# Enable watchdog (watchdog-mailcow) to restart unhealthy containers (experimental)
2018-11-12 17:06:22 +08:00
2017-09-20 16:56:49 +08:00
USE_WATCHDOG = n
2018-11-12 17:06:22 +08:00
2017-10-09 04:48:56 +08:00
# Send notifications by mail (no DKIM signature, sent from watchdog@MAILCOW_HOSTNAME)
2018-10-26 16:07:23 +08:00
# Can by multiple rcpts, NO quotation marks
2018-11-12 17:06:22 +08:00
2018-10-26 16:07:23 +08:00
#WATCHDOG_NOTIFY_EMAIL=a@example.com,b@example.com,c@example.com
2017-10-09 04:48:56 +08:00
#WATCHDOG_NOTIFY_EMAIL=
2017-09-20 16:56:49 +08:00
2018-01-27 23:52:56 +08:00
# Max log lines per service to keep in Redis logs
2018-11-12 17:06:22 +08:00
2018-01-09 05:00:54 +08:00
LOG_LINES = 9999
2018-12-30 21:10:30 +08:00
# Internal IPv4 /24 subnet, format n.n.n (expands to n.n.n.0/24)
2018-11-12 17:06:22 +08:00
2018-01-27 23:52:56 +08:00
IPV4_NETWORK = 172.22.1
2018-02-01 20:32:28 +08:00
# Internal IPv6 subnet in fc00::/7
2018-11-12 17:06:22 +08:00
2018-01-27 23:52:56 +08:00
IPV6_NETWORK = fd4d:6169:6c63:6f77::/64
2018-07-12 01:41:04 +08:00
# Use this IPv4 for outgoing connections (SNAT)
2018-11-12 17:06:22 +08:00
2018-05-04 04:31:20 +08:00
#SNAT_TO_SOURCE=
2018-02-06 04:42:13 +08:00
2018-07-12 01:41:04 +08:00
# Use this IPv6 for outgoing connections (SNAT)
2018-11-12 17:06:22 +08:00
#SNAT6_TO_SOURCE=
2018-01-27 23:52:56 +08:00
2018-06-08 15:11:03 +08:00
# Create or override API key for web uI
# You _must_ define API_ALLOW_FROM, which is a comma separated list of IPs
2018-10-11 18:01:37 +08:00
# API_KEY allowed chars: a-z, A-Z, 0-9, -
2018-11-12 17:06:22 +08:00
2018-06-08 15:11:03 +08:00
#API_KEY=
2018-06-08 18:35:23 +08:00
#API_ALLOW_FROM=127.0.0.1,1.2.3.4
2018-06-08 15:11:03 +08:00
2016-12-29 16:06:21 +08:00
EOF
2017-06-15 16:20:54 +08:00
2017-06-15 23:39:41 +08:00
mkdir -p data/assets/ssl
2017-06-15 16:20:54 +08:00
# copy but don't overwrite existing certificate
cp -n data/assets/ssl-example/*.pem data/assets/ssl/
