master
andryyy 2017-03-02 20:11:48 +01:00
parent a358fade6f
commit a5e18ad1c1
3 changed files with 95 additions and 22 deletions

View File

@ -1,13 +1,3 @@
# Change default language
Change `data/conf/sogo/sogo.conf` and replace English by your language.
Create a file `data/web/inc/vars.local.inc.php` and add "DEFAULT_LANG" with either "en", "pt", "de" or "nl":
```
<?php
$DEFAULT_LANG = "de";
```
# SSL (and: How to use Let's Encrypt) # SSL (and: How to use Let's Encrypt)
mailcow dockerized comes with a snakeoil CA "mailcow" and a server certificate in `data/assets/ssl`. Please use your own trusted certificates. mailcow dockerized comes with a snakeoil CA "mailcow" and a server certificate in `data/assets/ssl`. Please use your own trusted certificates.
@ -18,7 +8,7 @@ mailcow uses 3 domain names that should be covered by your new certificate:
- autodiscover.*example.org* - autodiscover.*example.org*
- autoconfig.*example.org* - autoconfig.*example.org*
## Obtain multi-SAN certificate by Let's Encrypt **Obtain multi-SAN certificate by Let's Encrypt**
This is just an example of how to obtain certificates with certbot. There are several methods! This is just an example of how to obtain certificates with certbot. There are several methods!
@ -74,3 +64,64 @@ docker-compose restart rspamd-mailcow
``` ```
Open https://${MAILCOW_HOSTNAME}/rspamd in a browser and login! Open https://${MAILCOW_HOSTNAME}/rspamd in a browser and login!
# Optional: Reverse proxy
You don't need to change the Nginx site that comes with mailcow: dockerized.
mailcow: dockerized trusts the default gateway IP 172.22.1.1 as proxy. This is very important to control access to Rspamds web ui.
Make sure you change HTTP_BIND and HTTPS_BIND to a local address and set the ports accordingly, for example:
```
HTTP_BIND=127.0.0.1
HTTP_PORT=8080
HTTPS_PORT=127.0.0.1
HTTPS_PORT=8443
```
Configure your local webserver as reverse proxy:
**Apache 2.4**
```
<VirtualHost *:443>
ServerName mail.example.org
ServerAlias autodiscover.example.org
ServerAlias autoconfig.example.org
[...]
# You should proxy to a plain HTTP session to offload SSL processing
ProxyPass / http://127.0.0.1:8080
ProxyPassReverse / http://127.0.0.1:8080
ProxyPreserveHost On
your-ssl-configuration-here
[...]
# If you plan to proxy to a HTTPS host:
#SSLProxyEngine On
# If you plan to proxy to an untrusted HTTPS host:
#SSLProxyVerify none
#SSLProxyCheckPeerCN off
#SSLProxyCheckPeerName off
#SSLProxyCheckPeerExpire off
</VirtualHost>
```
**Nginx**
```
server {
listen 443;
server_name mail.example.org autodiscover.example.org autoconfig.example.org;
[...]
your-ssl-configuration-here
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
[...]
}
```

View File

@ -2,22 +2,35 @@
1. You need Docker. 1. You need Docker.
- Most systems can install Docker by running `wget -qO- https://get.docker.com/ | sh` Most systems can install Docker by running `wget -qO- https://get.docker.com/ | sh`.
2. You need Docker Compose. 2. You need Docker Compose
Learn [how to install Docker Compose](https://docs.docker.com/compose/install/).
- Learn [how to install Docker Compose](https://docs.docker.com/compose/install/)
3. Clone the master branch of the repository and run `./generate_config.sh` to generate a file "mailcow.conf". You will be asked for a hostname and a timezone: 3. Clone the master branch of the repository
```
git clone https://github.com/andryyy/mailcow-dockerized && cd mailcow-dockerized
```
- `git clone https://github.com/andryyy/mailcow-dockerized && cd mailcow-dockerized` 4. Generate a configuration file. Use a FQDN (`host.domain.tld`) as hostname when asked.
- `./generate_config.sh` ```
- Open and check "mailcow.conf" if you need or want to make changes to ports (for example changing the default HTTPS port) ./generate_config.sh
```
4. Run the composer file. 5. Change configuration if you want or need to.
- `docker-compose up -d` ```
nano mailcow.conf
```
Done. If you plan to use a reverse proxy, you can, for example, bind HTTPS to 127.0.0.1 on port 8443 and HTTP to 127.0.0.1 on port 8080.
6. Run the composer file.
```
docker-compose up -d
```
Done!
You can now access **https://${MAILCOW_HOSTNAME}** with the default credentials `admin` + password `moohoo`. You can now access **https://${MAILCOW_HOSTNAME}** with the default credentials `admin` + password `moohoo`.

View File

@ -10,7 +10,6 @@ Save as `data/conf/postfix/mailcow_anonymize_headers.pcre`:
/^\s*X-Mailer/ IGNORE /^\s*X-Mailer/ IGNORE
/^\s*X-Originating-IP/ IGNORE /^\s*X-Originating-IP/ IGNORE
/^\s*X-Forward/ IGNORE /^\s*X-Forward/ IGNORE
/^\s*Mime-Version:/ IGNORE
``` ```
Add this to `data/conf/postfix/main.cf`: Add this to `data/conf/postfix/main.cf`:
@ -53,6 +52,16 @@ Edit a domain as (domain) administrator to add an item to the filter table.
Beware that a mailbox user can login to mailcow and override a domain policy filter item. Beware that a mailbox user can login to mailcow and override a domain policy filter item.
# Change default language
Change `data/conf/sogo/sogo.conf` and replace "English" by your prefered language.
Create a file `data/web/inc/vars.local.inc.php` and add "DEFAULT_LANG" with either "en", "pt", "de" or "nl":
```
<?php
$DEFAULT_LANG = "de";
```
# Change UI theme # Change UI theme
mailcow uses [Bootstrap](http://getbootstrap.com/), a HTML, CSS, and JS framework. mailcow uses [Bootstrap](http://getbootstrap.com/), a HTML, CSS, and JS framework.