mailcow/generate_config.sh

#!/bin/bash

if [[ -f mailcow.conf ]]; then
  read -r -p "A config file exists and will be overwritten, are you sure you want to contine? [y/N] " response
  case $response in
    [yY][eE][sS]|[yY])
      mv mailcow.conf mailcow.conf_backup
      ;;
    *)
      exit 1
    ;;
  esac
fi

if [ -z "$MAILCOW_HOSTNAME" ]; then
  read -p "Hostname (FQDN): " -ei "mx.example.org" MAILCOW_HOSTNAME
fi

if [[ -a /etc/timezone ]]; then 
 TZ=$(cat /etc/timezone) 
elif  [[ -a /etc/localtime ]]; then
 TZ=$(readlink /etc/localtime|sed -n 's|^.*zoneinfo/||p')
fi

if [ -z "$TZ" ]; then
  read -p "Timezone: " -ei "Europe/Berlin" TZ
else
  read -p "Timezone: " -ei ${TZ} TZ
fi

cat << EOF > mailcow.conf
# ------------------------------
# mailcow web ui configuration
# ------------------------------
# example.org is _not_ a valid hostname, use a fqdn here.
# Default admin user is "admin"
# Default password is "moohoo"
MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}

# ------------------------------
# SQL database configuration
# ------------------------------
DBNAME=mailcow
DBUSER=mailcow

# Please use long, random alphanumeric strings (A-Za-z0-9)
DBPASS=$(</dev/urandom tr -dc A-Za-z0-9 | head -c 28)
DBROOT=$(</dev/urandom tr -dc A-Za-z0-9 | head -c 28)

# ------------------------------
# HTTP/S Bindings
# ------------------------------

# You should use HTTPS, but in case of SSL offloaded reverse proxies:
HTTP_PORT=80
HTTP_BIND=0.0.0.0

HTTPS_PORT=443
HTTPS_BIND=0.0.0.0

# ------------------------------
# Other bindings
# ------------------------------
# You should leave that alone
# Format: 11.22.33.44:25 or 0.0.0.0:465 etc.
# Do _not_ use IP:PORT in HTTP(S)_BIND or HTTP(S)_PORT

SMTP_PORT=25
SMTPS_PORT=465
SUBMISSION_PORT=587
IMAP_PORT=143
IMAPS_PORT=993
POP_PORT=110
POPS_PORT=995
SIEVE_PORT=4190
DOVEADM_PORT=127.0.0.1:19991

# Your timezone
TZ=${TZ}

# Fixed project name
COMPOSE_PROJECT_NAME=mailcow-dockerized

# Additional SAN for the certificate
ADDITIONAL_SAN=

# To never run acme-mailcow for Let's Encrypt, set this to y
SKIP_LETS_ENCRYPT=n

# Skip IPv4 check in ACME container
SKIP_IP_CHECK=n

# To never run fail2ban-mailcow
SKIP_FAIL2BAN=n

# To never run clamd-mailcow
SKIP_CLAMD=n

# Enable watchdog to restart unhealthy containers (experimental)
USE_WATCHDOG=n

EOF

mkdir -p data/assets/ssl

# copy but don't overwrite existing certificate
cp -n data/assets/ssl-example/*.pem data/assets/ssl/
Create config file with safe passwords 2016-12-29 16:06:21 +08:00			`#!/bin/bash`

			`if [[ -f mailcow.conf ]]; then`
			`read -r -p "A config file exists and will be overwritten, are you sure you want to contine? [y/N] " response`
			`case $response in`
			`[yY][eE][sS]\|[yY])`
			`mv mailcow.conf mailcow.conf_backup`
			`;;`
			`*)`
			`exit 1`
			`;;`
			`esac`
			`fi`

Don't ask for mailcow hostname and time zone if already exported within the shell 2017-01-23 23:27:42 +08:00			`if [ -z "$MAILCOW_HOSTNAME" ]; then`
			`read -p "Hostname (FQDN): " -ei "mx.example.org" MAILCOW_HOSTNAME`
			`fi`

[Compose] Enable some minimal inits, change or remove some health checks 2017-09-16 19:17:37 +08:00			`if [[ -a /etc/timezone ]]; then`
			`TZ=$(cat /etc/timezone)`
			`elif [[ -a /etc/localtime ]]; then`
			`TZ=$(readlink /etc/localtime\|sed -n 's\|^.*zoneinfo/\|\|p')`
			`fi`

Don't ask for mailcow hostname and time zone if already exported within the shell 2017-01-23 23:27:42 +08:00			`if [ -z "$TZ" ]; then`
			`read -p "Timezone: " -ei "Europe/Berlin" TZ`
Not of any use as of today 2017-02-22 05:26:14 +08:00			`else`
			`read -p "Timezone: " -ei ${TZ} TZ`
Don't ask for mailcow hostname and time zone if already exported within the shell 2017-01-23 23:27:42 +08:00			`fi`
Create config file with safe passwords 2016-12-29 16:06:21 +08:00
			`cat << EOF > mailcow.conf`
Generate safe passwords 2016-12-28 18:36:15 +08:00			`# ------------------------------`
mailcow dockerized 2016-12-10 03:39:02 +08:00			`# mailcow web ui configuration`
Generate safe passwords 2016-12-28 18:36:15 +08:00			`# ------------------------------`
			`# example.org is _not_ a valid hostname, use a fqdn here.`
mailcow dockerized 2016-12-10 03:39:02 +08:00			`# Default admin user is "admin"`
			`# Default password is "moohoo"`
Must remove " from hostname 2016-12-30 04:12:07 +08:00			`MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}`
Generate safe passwords 2016-12-28 18:36:15 +08:00
			`# ------------------------------`
Fixes, working rspamd settings, generate DKIM keys in PHP 2016-12-11 04:49:41 +08:00			`# SQL database configuration`
Generate safe passwords 2016-12-28 18:36:15 +08:00			`# ------------------------------`
mailcow dockerized 2016-12-10 03:39:02 +08:00			`DBNAME=mailcow`
			`DBUSER=mailcow`
Do not change service names 2017-01-03 17:33:06 +08:00
Add hint to use alphanumeric passwords 2016-12-28 03:28:45 +08:00			`# Please use long, random alphanumeric strings (A-Za-z0-9)`
Create config file with safe passwords 2016-12-29 16:06:21 +08:00			`DBPASS=$(</dev/urandom tr -dc A-Za-z0-9 \| head -c 28)`
			`DBROOT=$(</dev/urandom tr -dc A-Za-z0-9 \| head -c 28)`
Generate safe passwords 2016-12-28 18:36:15 +08:00
			`# ------------------------------`
Add Nginx HTTP listener variables 2017-02-28 17:00:35 +08:00			`# HTTP/S Bindings`
Generate safe passwords 2016-12-28 18:36:15 +08:00			`# ------------------------------`
Add HTTPS_BIND 2017-02-23 23:23:30 +08:00
Add Nginx HTTP listener variables 2017-02-28 17:00:35 +08:00			`# You should use HTTPS, but in case of SSL offloaded reverse proxies:`
Change default plain port to 80 2017-03-06 22:42:45 +08:00			`HTTP_PORT=80`
Add Nginx HTTP listener variables 2017-02-28 17:00:35 +08:00			`HTTP_BIND=0.0.0.0`

Easier container names, allow to set HTTPS port, Typo fix 2017-01-13 04:40:42 +08:00			`HTTPS_PORT=443`
Add HTTPS_BIND 2017-02-23 23:23:30 +08:00			`HTTPS_BIND=0.0.0.0`

			`# ------------------------------`
			`# Other bindings`
			`# ------------------------------`
			`# You should leave that alone`
			`# Format: 11.22.33.44:25 or 0.0.0.0:465 etc.`
[Misc] Add new options to generate_config.sh 2017-07-05 03:33:25 +08:00			`# Do _not_ use IP:PORT in HTTP(S)_BIND or HTTP(S)_PORT`
Add HTTPS_BIND 2017-02-23 23:23:30 +08:00
Do not change service names 2017-01-03 17:33:06 +08:00			`SMTP_PORT=25`
			`SMTPS_PORT=465`
			`SUBMISSION_PORT=587`
			`IMAP_PORT=143`
			`IMAPS_PORT=993`
			`POP_PORT=110`
			`POPS_PORT=995`
			`SIEVE_PORT=4190`
Add DOVEADM_PORT to generate_config.sh 2017-07-11 03:29:03 +08:00			`DOVEADM_PORT=127.0.0.1:19991`
Do not change service names 2017-01-03 17:33:06 +08:00
			`# Your timezone`
Must remove " from hostname 2016-12-30 04:12:07 +08:00			`TZ=${TZ}`
Set fixed project name 2017-05-27 05:01:34 +08:00
			`# Fixed project name`
			`COMPOSE_PROJECT_NAME=mailcow-dockerized`

Add ability to add additional SANs to certificate 2017-06-12 16:38:56 +08:00			`# Additional SAN for the certificate`
			`ADDITIONAL_SAN=`

Skip LE with configuration parameter 2017-06-22 15:06:28 +08:00			`# To never run acme-mailcow for Let's Encrypt, set this to y`
			`SKIP_LETS_ENCRYPT=n`

Add SKIP_IP_CHECK for ACME to mailcow.conf 2017-07-02 05:14:13 +08:00			`# Skip IPv4 check in ACME container`
			`SKIP_IP_CHECK=n`

Add SKIP_FAIL2BAN var 2017-06-27 16:26:48 +08:00			`# To never run fail2ban-mailcow`
			`SKIP_FAIL2BAN=n`
Skip LE with configuration parameter 2017-06-22 15:06:28 +08:00
[Misc] Add new options to generate_config.sh 2017-07-05 03:33:25 +08:00			`# To never run clamd-mailcow`
			`SKIP_CLAMD=n`

Add experimental watchdog 2017-09-20 16:56:49 +08:00			`# Enable watchdog to restart unhealthy containers (experimental)`
			`USE_WATCHDOG=n`

Create config file with safe passwords 2016-12-29 16:06:21 +08:00			`EOF`
Properly gitignore the SSL certificate 2017-06-15 16:20:54 +08:00
Create SSL certificate directory 2017-06-15 23:39:41 +08:00			`mkdir -p data/assets/ssl`

Properly gitignore the SSL certificate 2017-06-15 16:20:54 +08:00			`# copy but don't overwrite existing certificate`
			`cp -n data/assets/ssl-example/*.pem data/assets/ssl/`