1
0
mirror of https://github.com/Mailu/Mailu.git synced 2025-01-20 03:29:50 +02:00
kaiyou 8e88f1b8c3 Refactor the rate limiting code
Rate limiting was already redesigned to use Python limits. This
introduced some unexpected behavior, including the fact that only
one criteria is supported per limiter. Docs and setup utility are
updated with this in mind.

Also, the code was made more generic, so limiters can be delivered
for something else than authentication. Authentication-specific
code was moved directly to the authentication routine.
2020-02-09 17:38:18 +01:00

175 lines
5.3 KiB
Bash

# Mailu main configuration file
#
# This file is autogenerated by the configuration management wizard for {{ flavor }} flavor.
# For a detailed list of configuration variables, see the documentation at
# https://mailu.io
###################################
# Common configuration variables
###################################
# Set to a randomly generated 16 bytes string
SECRET_KEY={{ secret(16) }}
# Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!)
SUBNET={{ subnet }}
{% if ipv6_enabled %}
SUBNET6={{ subnet6 }}
{% endif %}
# Main mail domain
DOMAIN={{ domain }}
# Hostnames for this server, separated with comas
HOSTNAMES={{ hostnames }}
# Postmaster local part (will append the main mail domain)
POSTMASTER={{ postmaster }}
# Choose how secure connections will behave (value: letsencrypt, cert, notls, mail, mail-letsencrypt)
TLS_FLAVOR={{ tls_flavor }}
# Authentication rate limit (per source IP address)
{% if auth_ratelimit_pm > '0' %}
AUTH_RATELIMIT={{ auth_ratelimit_pm }}/minute
{% endif %}
# Opt-out of statistics, replace with "True" to opt out
DISABLE_STATISTICS={{ disable_statistics or 'False' }}
###################################
# Optional features
###################################
# Expose the admin interface (value: true, false)
ADMIN={{ admin_enabled or 'false' }}
# Choose which webmail to run if any (values: roundcube, rainloop, none)
WEBMAIL={{ webmail_type }}
# Dav server implementation (value: radicale, none)
WEBDAV={{ webdav_enabled or 'none' }}
# Antivirus solution (value: clamav, none)
#ANTIVIRUS={{ antivirus_enabled or 'none' }}
###################################
# Mail settings
###################################
# Message size limit in bytes
# Default: accept messages up to 50MB
# Max attachment size will be 33% smaller
MESSAGE_SIZE_LIMIT={{ message_size_limit or '50000000' }}
# Networks granted relay permissions
# Use this with care, all hosts in this networks will be able to send mail without authentication!
RELAYNETS=
# Will relay all outgoing mails if configured
RELAYHOST={{ relayhost }}
# Fetchmail delay
FETCHMAIL_DELAY={{ fetchmail_delay or '600' }}
# Recipient delimiter, character used to delimiter localpart from custom address part
RECIPIENT_DELIMITER={{ recipient_delimiter or '+' }}
# DMARC rua and ruf email
DMARC_RUA={{ dmarc_rua or 'admin' }}
DMARC_RUF={{ dmarc_ruf or 'admin' }}
# Welcome email, enable and set a topic and body if you wish to send welcome
# emails to all users.
WELCOME={{ welcome_enable or 'false' }}
WELCOME_SUBJECT={{ welcome_subject or 'Welcome to your new email account' }}
WELCOME_BODY={{ welcome_body or 'Welcome to your new email account, if you can read this, then it is configured properly!' }}
# Maildir Compression
# choose compression-method, default: none (value: bz2, gz)
COMPRESSION={{ compression }}
# change compression-level, default: 6 (value: 1-9)
COMPRESSION_LEVEL={{ compression_level }}
###################################
# Web settings
###################################
# Path to redirect / to
{% if webmail_type != 'none' and webmail_path == '' %}
WEBROOT_REDIRECT=/
{% else %}
WEBROOT_REDIRECT={{ webmail_path }}
{% endif %}
# Path to the admin interface if enabled
WEB_ADMIN={{ admin_path }}
# Path to the webmail if enabled
{% if webmail_type != 'none' and webmail_path == '' %}
WEB_WEBMAIL=/
{% else %}
WEB_WEBMAIL={{ webmail_path }}
{% endif %}
# Website name
SITENAME={{ site_name }}
# Linked Website URL
WEBSITE={{ website }}
{% if recaptcha_public_key and recaptcha_private_key %}
# Registration reCaptcha settings (warning, this has some privacy impact)
# RECAPTCHA_PUBLIC_KEY={{ recaptcha_public_key }}
# RECAPTCHA_PRIVATE_KEY={{ recaptcha_private_key }}
{% endif %}
{% if domain_registration %}
# Domain registration (remove to disable)
DOMAIN_REGISTRATION=true
{% endif %}
###################################
# Advanced settings
###################################
# Log driver for front service. Possible values:
# json-file (default)
# journald (On systemd platforms, useful for Fail2Ban integration)
# syslog (Non systemd platforms, Fail2Ban integration. Disables `docker-compose log` for front!)
# LOG_DRIVER={{ log_driver or 'json-file' }}
# Docker-compose project name, this will prepended to containers names.
COMPOSE_PROJECT_NAME={{ compose_project_name or 'mailu' }}
# Default password scheme used for newly created accounts and changed passwords
# (value: PBKDF2, BLF-CRYPT, SHA512-CRYPT, SHA256-CRYPT)
PASSWORD_SCHEME={{ password_scheme or 'PBKDF2' }}
# Header to take the real ip from
REAL_IP_HEADER={{ real_ip_header }}
# IPs for nginx set_real_ip_from (CIDR list separated by commas)
REAL_IP_FROM={{ real_ip_from }}
# choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no)
REJECT_UNLISTED_RECIPIENT={{ reject_unlisted_recipient }}
# Log level threshold in start.py (value: CRITICAL, ERROR, WARNING, INFO, DEBUG, NOTSET)
LOG_LEVEL=WARNING
###################################
# Database settings
###################################
DB_FLAVOR={{ db_flavor }}
{% if db_flavor == 'postgresql' and postgresql == 'internal' %}
DB_PW={{ secret(16) }}
{% endif %}
{% if postgresql == 'external' or db_flavor == 'mysql' %}
DB_USER={{ db_user }}
DB_PW={{ db_pw }}
DB_HOST={{ db_url }}
DB_NAME={{ db_name }}
{% endif %}