2016-12-29 10:06:21 +02:00
|
|
|
#!/bin/bash
|
|
|
|
|
2018-02-28 21:08:20 +02:00
|
|
|
set -o pipefail
|
2018-02-20 00:39:53 +02:00
|
|
|
|
2018-02-20 09:34:49 +02:00
|
|
|
if grep --help 2>&1 | grep -q -i "busybox"; then
|
2018-02-20 00:28:59 +02:00
|
|
|
echo "BusybBox grep detected, please install gnu grep, \"apk add --no-cache --upgrade grep\""
|
2018-02-14 17:08:03 +02:00
|
|
|
exit 1
|
|
|
|
fi
|
2018-02-20 09:34:49 +02:00
|
|
|
if cp --help 2>&1 | grep -q -i "busybox"; then
|
2018-02-20 00:28:59 +02:00
|
|
|
echo "BusybBox cp detected, please install coreutils, \"apk add --no-cache --upgrade coreutils\""
|
2018-02-14 17:08:03 +02:00
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
2018-07-18 08:47:53 +02:00
|
|
|
if [ -f mailcow.conf ]; then
|
2016-12-29 10:06:21 +02:00
|
|
|
read -r -p "A config file exists and will be overwritten, are you sure you want to contine? [y/N] " response
|
|
|
|
case $response in
|
|
|
|
[yY][eE][sS]|[yY])
|
|
|
|
mv mailcow.conf mailcow.conf_backup
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
fi
|
|
|
|
|
2018-07-18 08:47:53 +02:00
|
|
|
echo "Press enter to confirm the detected value '[value]' where applicable or enter a custom value."
|
2018-07-11 19:41:04 +02:00
|
|
|
while [ -z "${MAILCOW_HOSTNAME}" ]; do
|
2018-07-13 06:48:38 +02:00
|
|
|
read -p "Hostname (FQDN): " -e MAILCOW_HOSTNAME
|
2018-07-11 19:41:04 +02:00
|
|
|
DOTS=${MAILCOW_HOSTNAME//[^.]};
|
2018-07-18 08:47:53 +02:00
|
|
|
if [ ${#DOTS} -lt 2 ] && [ ! -z ${MAILCOW_HOSTNAME} ]; then
|
2018-07-11 19:41:04 +02:00
|
|
|
echo "${MAILCOW_HOSTNAME} is not a FQDN"
|
|
|
|
MAILCOW_HOSTNAME=
|
|
|
|
fi
|
|
|
|
done
|
2017-01-23 17:27:42 +02:00
|
|
|
|
2018-07-18 08:47:53 +02:00
|
|
|
if [ -a /etc/timezone ]; then
|
|
|
|
DETECTED_TZ=$(cat /etc/timezone)
|
|
|
|
elif [ -a /etc/localtime ]; then
|
|
|
|
DETECTED_TZ=$(readlink /etc/localtime|sed -n 's|^.*zoneinfo/||p')
|
2017-09-16 13:17:37 +02:00
|
|
|
fi
|
|
|
|
|
2018-07-18 08:47:53 +02:00
|
|
|
while [ -z "${MAILCOW_TZ}" ]; do
|
|
|
|
if [ -z "${DETECTED_TZ}" ]; then
|
|
|
|
read -p "Timezone: " -e MAILCOW_TZ
|
|
|
|
else
|
|
|
|
read -p "Timezone [${DETECTED_TZ}]: " -e MAILCOW_TZ
|
|
|
|
[ -z "${MAILCOW_TZ}" ] && MAILCOW_TZ=${DETECTED_TZ}
|
|
|
|
fi
|
|
|
|
done
|
2016-12-29 10:06:21 +02:00
|
|
|
|
2018-07-18 08:47:53 +02:00
|
|
|
[ ! -f ./data/conf/rspamd/override.d/worker-controller-password.inc ] && echo '# Placeholder' > ./data/conf/rspamd/override.d/worker-controller-password.inc
|
2018-02-09 00:53:06 +02:00
|
|
|
|
2016-12-29 10:06:21 +02:00
|
|
|
cat << EOF > mailcow.conf
|
2016-12-28 12:36:15 +02:00
|
|
|
# ------------------------------
|
2016-12-09 21:39:02 +02:00
|
|
|
# mailcow web ui configuration
|
2016-12-28 12:36:15 +02:00
|
|
|
# ------------------------------
|
|
|
|
# example.org is _not_ a valid hostname, use a fqdn here.
|
2016-12-09 21:39:02 +02:00
|
|
|
# Default admin user is "admin"
|
|
|
|
# Default password is "moohoo"
|
2016-12-29 22:12:07 +02:00
|
|
|
MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
|
2016-12-28 12:36:15 +02:00
|
|
|
|
|
|
|
# ------------------------------
|
2016-12-10 22:49:41 +02:00
|
|
|
# SQL database configuration
|
2016-12-28 12:36:15 +02:00
|
|
|
# ------------------------------
|
2016-12-09 21:39:02 +02:00
|
|
|
DBNAME=mailcow
|
|
|
|
DBUSER=mailcow
|
2017-01-03 11:33:06 +02:00
|
|
|
|
2016-12-27 21:28:45 +02:00
|
|
|
# Please use long, random alphanumeric strings (A-Za-z0-9)
|
2018-07-13 06:48:38 +02:00
|
|
|
DBPASS=$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 | head -c 28)
|
|
|
|
DBROOT=$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 | head -c 28)
|
2016-12-28 12:36:15 +02:00
|
|
|
|
|
|
|
# ------------------------------
|
2017-02-28 11:00:35 +02:00
|
|
|
# HTTP/S Bindings
|
2016-12-28 12:36:15 +02:00
|
|
|
# ------------------------------
|
2017-02-23 17:23:30 +02:00
|
|
|
|
2017-02-28 11:00:35 +02:00
|
|
|
# You should use HTTPS, but in case of SSL offloaded reverse proxies:
|
2017-03-06 16:42:45 +02:00
|
|
|
HTTP_PORT=80
|
2017-02-28 11:00:35 +02:00
|
|
|
HTTP_BIND=0.0.0.0
|
|
|
|
|
2017-01-12 22:40:42 +02:00
|
|
|
HTTPS_PORT=443
|
2017-02-23 17:23:30 +02:00
|
|
|
HTTPS_BIND=0.0.0.0
|
|
|
|
|
|
|
|
# ------------------------------
|
|
|
|
# Other bindings
|
|
|
|
# ------------------------------
|
|
|
|
# You should leave that alone
|
|
|
|
# Format: 11.22.33.44:25 or 0.0.0.0:465 etc.
|
2017-07-04 21:33:25 +02:00
|
|
|
# Do _not_ use IP:PORT in HTTP(S)_BIND or HTTP(S)_PORT
|
2017-02-23 17:23:30 +02:00
|
|
|
|
2017-01-03 11:33:06 +02:00
|
|
|
SMTP_PORT=25
|
|
|
|
SMTPS_PORT=465
|
|
|
|
SUBMISSION_PORT=587
|
|
|
|
IMAP_PORT=143
|
|
|
|
IMAPS_PORT=993
|
|
|
|
POP_PORT=110
|
|
|
|
POPS_PORT=995
|
|
|
|
SIEVE_PORT=4190
|
2017-07-10 21:29:03 +02:00
|
|
|
DOVEADM_PORT=127.0.0.1:19991
|
2018-02-05 22:42:13 +02:00
|
|
|
SQL_PORT=127.0.0.1:13306
|
2017-01-03 11:33:06 +02:00
|
|
|
|
|
|
|
# Your timezone
|
2018-07-13 06:48:38 +02:00
|
|
|
TZ=${MAILCOW_TZ}
|
2017-05-26 23:01:34 +02:00
|
|
|
|
|
|
|
# Fixed project name
|
2018-04-13 14:13:24 +02:00
|
|
|
COMPOSE_PROJECT_NAME=mailcowdockerized
|
2017-05-26 23:01:34 +02:00
|
|
|
|
[Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-29 22:01:23 +02:00
|
|
|
# Garbage collector cleanup
|
|
|
|
# Deleted domains and mailboxes are moved to /var/vmail/_garbage/timestamp_sanitizedstring
|
|
|
|
# How long should objects remain in the garbage until they are being deleted? (value in minutes)
|
|
|
|
MAILDIR_GC_TIME=1440
|
|
|
|
|
2017-06-12 10:38:56 +02:00
|
|
|
# Additional SAN for the certificate
|
|
|
|
ADDITIONAL_SAN=
|
|
|
|
|
2017-10-08 22:48:56 +02:00
|
|
|
# Skip running ACME (acme-mailcow, Let's Encrypt certs) - y/n
|
|
|
|
SKIP_LETS_ENCRYPT=n
|
2018-02-01 14:32:28 +02:00
|
|
|
|
2017-10-08 22:48:56 +02:00
|
|
|
# Skip IPv4 check in ACME container - y/n
|
2017-07-01 23:14:13 +02:00
|
|
|
SKIP_IP_CHECK=n
|
|
|
|
|
2017-10-08 22:48:56 +02:00
|
|
|
# Skip ClamAV (clamd-mailcow) anti-virus (Rspamd will auto-detect a missing ClamAV container) - y/n
|
2017-07-04 21:33:25 +02:00
|
|
|
SKIP_CLAMD=n
|
|
|
|
|
2017-10-08 22:48:56 +02:00
|
|
|
# Enable watchdog (watchdog-mailcow) to restart unhealthy containers (experimental)
|
2017-09-20 10:56:49 +02:00
|
|
|
USE_WATCHDOG=n
|
2017-10-08 22:48:56 +02:00
|
|
|
# Send notifications by mail (no DKIM signature, sent from watchdog@MAILCOW_HOSTNAME)
|
|
|
|
#WATCHDOG_NOTIFY_EMAIL=
|
2017-09-20 10:56:49 +02:00
|
|
|
|
2018-01-27 17:52:56 +02:00
|
|
|
# Max log lines per service to keep in Redis logs
|
2018-01-08 23:00:54 +02:00
|
|
|
LOG_LINES=9999
|
|
|
|
|
2018-01-27 17:52:56 +02:00
|
|
|
# Internal IPv4 /24 subnet, format n.n.n. (expands to n.n.n.0/24)
|
|
|
|
IPV4_NETWORK=172.22.1
|
|
|
|
|
2018-02-01 14:32:28 +02:00
|
|
|
# Internal IPv6 subnet in fc00::/7
|
2018-01-27 17:52:56 +02:00
|
|
|
IPV6_NETWORK=fd4d:6169:6c63:6f77::/64
|
|
|
|
|
2018-07-11 19:41:04 +02:00
|
|
|
# Use this IPv4 for outgoing connections (SNAT)
|
2018-05-03 22:31:20 +02:00
|
|
|
#SNAT_TO_SOURCE=
|
2018-02-05 22:42:13 +02:00
|
|
|
|
2018-07-11 19:41:04 +02:00
|
|
|
# Use this IPv6 for outgoing connections (SNAT)
|
|
|
|
#SNAT6_TO_SOURCE=
|
|
|
|
|
2018-02-01 22:45:49 +02:00
|
|
|
# Disable IPv6
|
|
|
|
# mailcow-network will still be created as IPv6 enabled, all containers will be created
|
|
|
|
# without IPv6 support.
|
|
|
|
# Use 1 for disabled, 0 for enabled
|
|
|
|
SYSCTL_IPV6_DISABLED=0
|
2018-01-27 17:52:56 +02:00
|
|
|
|
2018-06-08 09:11:03 +02:00
|
|
|
# Create or override API key for web uI
|
|
|
|
# You _must_ define API_ALLOW_FROM, which is a comma separated list of IPs
|
|
|
|
#API_KEY=
|
2018-06-08 12:35:23 +02:00
|
|
|
#API_ALLOW_FROM=127.0.0.1,1.2.3.4
|
2018-06-08 09:11:03 +02:00
|
|
|
|
2016-12-29 10:06:21 +02:00
|
|
|
EOF
|
2017-06-15 10:20:54 +02:00
|
|
|
|
2017-06-15 17:39:41 +02:00
|
|
|
mkdir -p data/assets/ssl
|
|
|
|
|
2017-06-15 10:20:54 +02:00
|
|
|
# copy but don't overwrite existing certificate
|
|
|
|
cp -n data/assets/ssl-example/*.pem data/assets/ssl/
|