[SSL] add new SNI config on updates / new installs
parent
84c5f43438
commit
f702c67bdc
|
@ -191,6 +191,11 @@ ADDITIONAL_SAN=
|
|||
|
||||
SKIP_LETS_ENCRYPT=n
|
||||
|
||||
# Create seperate certificates for all domains - y/n
|
||||
# this will allow adding more than 100 domains, but some email clients will not be able to connect with alternative hostnames
|
||||
# see https://wiki.dovecot.org/SSL/SNIClientSupport
|
||||
ENABLE_SSL_SNI=n
|
||||
|
||||
# Skip IPv4 check in ACME container - y/n
|
||||
|
||||
SKIP_IP_CHECK=n
|
||||
|
@ -269,4 +274,4 @@ mkdir -p data/assets/ssl
|
|||
chmod 600 mailcow.conf
|
||||
|
||||
# copy but don't overwrite existing certificate
|
||||
cp -n data/assets/ssl-example/*.pem data/assets/ssl/
|
||||
cp -n -d data/assets/ssl-example/*.pem data/assets/ssl/
|
||||
|
|
13
update.sh
13
update.sh
|
@ -168,6 +168,7 @@ CONFIG_ARRAY=(
|
|||
"ACL_ANYONE"
|
||||
"SOLR_HEAP"
|
||||
"SKIP_SOLR"
|
||||
"ENABLE_SSL_SNI"
|
||||
"ALLOW_ADMIN_EMAIL_LOGIN"
|
||||
"SKIP_HTTP_VERIFICATION"
|
||||
"SOGO_EXPIRE_SESSION"
|
||||
|
@ -275,7 +276,15 @@ for option in ${CONFIG_ARRAY[@]}; do
|
|||
echo '# Solr is disabled by default after upgrading from non-Solr to Solr-enabled mailcows.' >> mailcow.conf
|
||||
echo '# Disable Solr or if you do not want to store a readable index of your mails in solr-vol-1.' >> mailcow.conf
|
||||
echo "SKIP_SOLR=y" >> mailcow.conf
|
||||
fi
|
||||
fi
|
||||
elif [[ ${option} == "ENABLE_SSL_SNI" ]]; then
|
||||
if ! grep -q ${option} mailcow.conf; then
|
||||
echo "Adding new option \"${option}\" to mailcow.conf"
|
||||
echo '# Create seperate certificates for all domains - y/n' >> mailcow.conf
|
||||
echo '# this will allow adding more than 100 domains, but some email clients will not be able to connect with alternative hostnames' >> mailcow.conf
|
||||
echo '# see https://wiki.dovecot.org/SSL/SNIClientSupport' >> mailcow.conf
|
||||
echo "ENABLE_SSL_SNI=n" >> mailcow.conf
|
||||
fi
|
||||
elif [[ ${option} == "MAILDIR_SUB" ]]; then
|
||||
if ! grep -q ${option} mailcow.conf; then
|
||||
echo "Adding new option \"${option}\" to mailcow.conf"
|
||||
|
@ -407,7 +416,7 @@ docker-compose pull
|
|||
|
||||
# Fix missing SSL, does not overwrite existing files
|
||||
[[ ! -d data/assets/ssl ]] && mkdir -p data/assets/ssl
|
||||
cp -n data/assets/ssl-example/*.pem data/assets/ssl/
|
||||
cp -n -d data/assets/ssl-example/*.pem data/assets/ssl/
|
||||
|
||||
echo -e "Checking IPv6 settings... "
|
||||
if grep -q 'SYSCTL_IPV6_DISABLED=1' mailcow.conf; then
|
||||
|
|
Loading…
Reference in New Issue