paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix docs

master
andryyy 2017-03-02 22:27:46 +01:00
parent 58806d12ea
commit 9d08bf3885
3 changed files with 121 additions and 139 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
docs/first_steps.md
View File

@ -12,16 +12,17 @@ mailcow uses 3 domain names that should be covered by your new certificate:
This is just an example of how to obtain certificates with certbot. There are several methods! This is just an example of how to obtain certificates with certbot. There are several methods!
1. Get the certbot client: 1\. Get the certbot client:
``` ```
wget https://dl.eff.org/certbot-auto -O /usr/local/sbin/certbot && chmod +x /usr/local/sbin/certbot wget https://dl.eff.org/certbot-auto -O /usr/local/sbin/certbot && chmod +x /usr/local/sbin/certbot
``` ```
2. Make sure you set `HTTP_BIND=0.0.0.0` in `mailcow.conf` or setup a reverse proxy to enable connections to port 80. If you changed HTTP_BIND, then restart Nginx: `docker-compose restart nginx-mailcow`. 2\. Make sure you set `HTTP_BIND=0.0.0.0` in `mailcow.conf` or setup a reverse proxy to enable connections to port 80. If you changed HTTP_BIND, then restart Nginx:
```
3. Request the certificate with the webroot method: docker-compose restart nginx-mailcow
```
3\. Request the certificate with the webroot method:
``` ```
cd /path/to/git/clone/mailcow-dockerized cd /path/to/git/clone/mailcow-dockerized
source mailcow.conf source mailcow.conf
@ -35,8 +36,7 @@ This is just an example of how to obtain certificates with certbot. There are se
--agree-tos --agree-tos
``` ```
4. Create hard links to the full path of the new certificates. Assuming you are still in the mailcow root folder: 4\. Create hard links to the full path of the new certificates. Assuming you are still in the mailcow root folder:
``` ```
mv data/assets/ssl/cert.{pem,pem.backup} mv data/assets/ssl/cert.{pem,pem.backup}
mv data/assets/ssl/key.{pem,pem.backup} mv data/assets/ssl/key.{pem,pem.backup}
@ -44,8 +44,7 @@ This is just an example of how to obtain certificates with certbot. There are se
ln $(readlink -f /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/privkey.pem) data/assets/ssl/key.pem ln $(readlink -f /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/privkey.pem) data/assets/ssl/key.pem
``` ```
5. Restart affected containers: 5\. Restart affected containers:
``` ```
docker-compose restart postfix-mailcow dovecot-mailcow nginx-mailcow docker-compose restart postfix-mailcow dovecot-mailcow nginx-mailcow
``` ```
@ -55,20 +54,17 @@ When renewing certificates, run the last two steps (link + restart) as post-hook
# Rspamd Web UI # Rspamd Web UI
At first you may want to setup Rspamds web interface which provides some useful features and information. At first you may want to setup Rspamds web interface which provides some useful features and information.
1. Generate a Rspamd controller password hash: 1\. Generate a Rspamd controller password hash:
``` ```
docker-compose exec rspamd-mailcow rspamadm pw docker-compose exec rspamd-mailcow rspamadm pw
``` ```
2. Replace the default hash in `data/conf/rspamd/override.d/worker-controller.inc` by your newly generated: 2\. Replace the default hash in `data/conf/rspamd/override.d/worker-controller.inc` by your newly generated:
``` ```
enable_password = "myhash"; enable_password = "myhash";
``` ```
3. Restart rspamd: 3\. Restart rspamd:
``` ```
docker-compose restart rspamd-mailcow docker-compose restart rspamd-mailcow
``` ```
@ -80,8 +76,7 @@ Open https://${MAILCOW_HOSTNAME}/rspamd in a browser and login!
You don't need to change the Nginx site that comes with mailcow: dockerized. You don't need to change the Nginx site that comes with mailcow: dockerized.
mailcow: dockerized trusts the default gateway IP 172.22.1.1 as proxy. This is very important to control access to Rspamd's web UI. mailcow: dockerized trusts the default gateway IP 172.22.1.1 as proxy. This is very important to control access to Rspamd's web UI.
1. Make sure you change HTTP_BIND and HTTPS_BIND in `mailcow.conf` to a local address and set the ports accordingly, for example: 1\. Make sure you change HTTP_BIND and HTTPS_BIND in `mailcow.conf` to a local address and set the ports accordingly, for example:
``` ```
HTTP_BIND=127.0.0.1 HTTP_BIND=127.0.0.1
HTTP_PORT=8080 HTTP_PORT=8080
@ -91,8 +86,7 @@ mailcow: dockerized trusts the default gateway IP 172.22.1.1 as proxy. This is v
Recreate affected containers by running `docker-compose up -d`. Recreate affected containers by running `docker-compose up -d`.
2. Configure your local webserver as reverse proxy: 2\. Configure your local webserver as reverse proxy:
**Apache 2.4** **Apache 2.4**
``` ```
<VirtualHost *:443> <VirtualHost *:443>

22
docs/install.md
View File

@ -1,36 +1,26 @@
# Install mailcow # Install mailcow
1. You need Docker. You need Docker and Docker Compose.
Most systems can install Docker by running `wget -qO- https://get.docker.com/ | sh`. 1\. Learn how to install [Docker](https://docs.docker.com/engine/installation/linux/) and [Docker Compose](https://docs.docker.com/compose/install/).
2. You need Docker Compose
Learn [how to install Docker Compose](https://docs.docker.com/compose/install/).
3. Clone the master branch of the repository
2\. Clone the master branch of the repository
``` ```
git clone https://github.com/andryyy/mailcow-dockerized && cd mailcow-dockerized git clone https://github.com/andryyy/mailcow-dockerized && cd mailcow-dockerized
``` ```
4. Generate a configuration file. Use a FQDN (`host.domain.tld`) as hostname when asked. 3\. Generate a configuration file. Use a FQDN (`host.domain.tld`) as hostname when asked.
``` ```
./generate_config.sh ./generate_config.sh
``` ```
5. Change configuration if you want or need to. 4\. Change configuration if you want or need to.
``` ```
nano mailcow.conf nano mailcow.conf
``` ```
If you plan to use a reverse proxy, you can, for example, bind HTTPS to 127.0.0.1 on port 8443 and HTTP to 127.0.0.1 on port 8080. If you plan to use a reverse proxy, you can, for example, bind HTTPS to 127.0.0.1 on port 8443 and HTTP to 127.0.0.1 on port 8080.
6. Run the composer file. 5\. Run the composer file.
``` ```
docker-compose up -d docker-compose up -d
``` ```

14
docs/u_and_e.md
View File

@ -263,18 +263,17 @@ Running `docker-compose down -v` will **destroy all mailcow: dockerized volumes*
# Reset admin password # Reset admin password
Reset mailcow admin to `admin:moohoo`: Reset mailcow admin to `admin:moohoo`:
1. Drop admin table 1\. Drop admin table
``` ```
source mailcow.conf source mailcow.conf
docker-compose exec mysql-mailcow mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -e "DROP TABLE admin;" docker-compose exec mysql-mailcow mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -e "DROP TABLE admin;"
``` ```
2. Open mailcow UI to auto-init the db 2\. Open mailcow UI to auto-init the db
# Rspamd # Rspamd
**Learn spam and ham*** **Learn spam and ham**
Rspamd learns mail as spam or ham when you move a message in or out of the junk folder to any mailbox besides trash. Rspamd learns mail as spam or ham when you move a message in or out of the junk folder to any mailbox besides trash.
This is archived by using the Dovecot plugin "antispam" and a simple parser script. This is archived by using the Dovecot plugin "antispam" and a simple parser script.
@ -372,8 +371,9 @@ docker-compose restart service-mailcow
Mailbox users can tag their mail address like in `me+facebook@example.org` and choose between to setups to handle this tag: Mailbox users can tag their mail address like in `me+facebook@example.org` and choose between to setups to handle this tag:
1. Move this message to a subfolder "facebook" (will be created lower case if not existing) 1\. Move this message to a subfolder "facebook" (will be created lower case if not existing)
2. Prepend the tag to the subject: "[facebook] Subject"
2\. Prepend the tag to the subject: "[facebook] Subject"
# Two-factor authentication # Two-factor authentication
@ -406,5 +406,3 @@ Most systems use either a public or a local caching DNS resolver.
That's a very bad idea when it comes to filter spam using DNS-based blackhole lists (DNSBL) or similar technics. That's a very bad idea when it comes to filter spam using DNS-based blackhole lists (DNSBL) or similar technics.
Most if not all providers apply a rate limit based on the DNS resolver that is used to query their service. Most if not all providers apply a rate limit based on the DNS resolver that is used to query their service.
Using a public resolver like Googles 4x8, OpenDNS or any other shared DNS resolver like your ISPs will hit that limit very soon. Using a public resolver like Googles 4x8, OpenDNS or any other shared DNS resolver like your ISPs will hit that limit very soon.