This commit is contained in:
andryyy 2017-03-02 21:34:47 +01:00
parent a4bb6f2650
commit 1a518c545f

View File

@ -33,17 +33,19 @@ certbot certonly \
--agree-tos
```
3. Create hard links to the full path of the new certificates. Assuming you are still in the mailcow root folder:
4. Create hard links to the full path of the new certificates. Assuming you are still in the mailcow root folder:
```
mv data/assets/ssl/cert.{pem,pem.backup}
mv data/assets/ssl/key.{pem,pem.backup}
ln $(readlink -f /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/fullchain.pem) data/assets/ssl/cert.pem
ln $(readlink -f /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/privkey.pem) data/assets/ssl/key.pem
```
4. Restart containers which use the certificate:
5. Restart affected containers:
```
docker-compose restart postfix-mailcow dovecot-mailcow nginx-mailcow
```
When renewing certificates, run the last two steps (link + restart) as post-hook in a script.
# Rspamd Web UI
@ -70,7 +72,7 @@ Open https://${MAILCOW_HOSTNAME}/rspamd in a browser and login!
You don't need to change the Nginx site that comes with mailcow: dockerized.
mailcow: dockerized trusts the default gateway IP 172.22.1.1 as proxy. This is very important to control access to Rspamd's web UI.
Make sure you change HTTP_BIND and HTTPS_BIND to a local address and set the ports accordingly, for example:
Make sure you change HTTP_BIND and HTTPS_BIND in `mailcow.conf` to a local address and set the ports accordingly, for example:
```
HTTP_BIND=127.0.0.1
HTTP_PORT=8080
@ -78,6 +80,8 @@ HTTPS_PORT=127.0.0.1
HTTPS_PORT=8443
```
Recreate affected containers by running `docker-compose up -d`.
Configure your local webserver as reverse proxy:
**Apache 2.4**