Gnous/mailcow
2
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Fix docs

Browse Source
This commit is contained in:
andryyy 2017-03-02 21:43:08 +01:00
parent 1a518c545f
commit 58806d12ea
3 changed files with 117 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
docs/first_steps.md
View File

@ -5,17 +5,19 @@ mailcow dockerized comes with a snakeoil CA "mailcow" and a server certificate i
mailcow uses 3 domain names that should be covered by your new certificate: mailcow uses 3 domain names that should be covered by your new certificate:
- ${MAILCOW_HOSTNAME} - ${MAILCOW_HOSTNAME}
- autodiscover.*example.org* - autodiscover.**example.org**
- autoconfig.*example.org* - autoconfig.**example.org**
**Obtain multi-SAN certificate by Let's Encrypt** **Obtain multi-SAN certificate by Let's Encrypt**
This is just an example of how to obtain certificates with certbot. There are several methods! This is just an example of how to obtain certificates with certbot. There are several methods!
1. Get the certbot client: 1. Get the certbot client:
``` ```
wget https://dl.eff.org/certbot-auto -O /usr/local/sbin/certbot && chmod +x /usr/local/sbin/certbot wget https://dl.eff.org/certbot-auto -O /usr/local/sbin/certbot && chmod +x /usr/local/sbin/certbot
``` ```
2. Make sure you set `HTTP_BIND=0.0.0.0` in `mailcow.conf` or setup a reverse proxy to enable connections to port 80. If you changed HTTP_BIND, then restart Nginx: `docker-compose restart nginx-mailcow`. 2. Make sure you set `HTTP_BIND=0.0.0.0` in `mailcow.conf` or setup a reverse proxy to enable connections to port 80. If you changed HTTP_BIND, then restart Nginx: `docker-compose restart nginx-mailcow`.
3. Request the certificate with the webroot method: 3. Request the certificate with the webroot method:
@ -34,6 +36,7 @@ certbot certonly \
``` ```
4. Create hard links to the full path of the new certificates. Assuming you are still in the mailcow root folder: 4. Create hard links to the full path of the new certificates. Assuming you are still in the mailcow root folder:
``` ```
mv data/assets/ssl/cert.{pem,pem.backup} mv data/assets/ssl/cert.{pem,pem.backup}
mv data/assets/ssl/key.{pem,pem.backup} mv data/assets/ssl/key.{pem,pem.backup}
@ -42,6 +45,7 @@ ln $(readlink -f /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/privkey.pem) data/ass
``` ```
5. Restart affected containers: 5. Restart affected containers:
``` ```
docker-compose restart postfix-mailcow dovecot-mailcow nginx-mailcow docker-compose restart postfix-mailcow dovecot-mailcow nginx-mailcow
``` ```
@ -52,13 +56,17 @@ When renewing certificates, run the last two steps (link + restart) as post-hook
At first you may want to setup Rspamds web interface which provides some useful features and information. At first you may want to setup Rspamds web interface which provides some useful features and information.
1. Generate a Rspamd controller password hash: 1. Generate a Rspamd controller password hash:
``` ```
docker-compose exec rspamd-mailcow rspamadm pw docker-compose exec rspamd-mailcow rspamadm pw
``` ```
2. Replace the default hash in `data/conf/rspamd/override.d/worker-controller.inc` by your newly generated: 2. Replace the default hash in `data/conf/rspamd/override.d/worker-controller.inc` by your newly generated:
``` ```
enable_password = "myhash"; enable_password = "myhash";
``` ```
3. Restart rspamd: 3. Restart rspamd:
``` ```
@ -72,7 +80,8 @@ Open https://${MAILCOW_HOSTNAME}/rspamd in a browser and login!
You don't need to change the Nginx site that comes with mailcow: dockerized. You don't need to change the Nginx site that comes with mailcow: dockerized.
mailcow: dockerized trusts the default gateway IP 172.22.1.1 as proxy. This is very important to control access to Rspamd's web UI. mailcow: dockerized trusts the default gateway IP 172.22.1.1 as proxy. This is very important to control access to Rspamd's web UI.
Make sure you change HTTP_BIND and HTTPS_BIND in `mailcow.conf` to a local address and set the ports accordingly, for example: 1. Make sure you change HTTP_BIND and HTTPS_BIND in `mailcow.conf` to a local address and set the ports accordingly, for example:
``` ```
HTTP_BIND=127.0.0.1 HTTP_BIND=127.0.0.1
HTTP_PORT=8080 HTTP_PORT=8080
@ -82,7 +91,7 @@ HTTPS_PORT=8443
Recreate affected containers by running `docker-compose up -d`. Recreate affected containers by running `docker-compose up -d`.
Configure your local webserver as reverse proxy: 2. Configure your local webserver as reverse proxy:
**Apache 2.4** **Apache 2.4**
``` ```

5
docs/install.md
View File

@ -5,20 +5,24 @@
Most systems can install Docker by running `wget -qO- https://get.docker.com/ | sh`. Most systems can install Docker by running `wget -qO- https://get.docker.com/ | sh`.
2. You need Docker Compose 2. You need Docker Compose
Learn [how to install Docker Compose](https://docs.docker.com/compose/install/). Learn [how to install Docker Compose](https://docs.docker.com/compose/install/).
3. Clone the master branch of the repository 3. Clone the master branch of the repository
``` ```
git clone https://github.com/andryyy/mailcow-dockerized && cd mailcow-dockerized git clone https://github.com/andryyy/mailcow-dockerized && cd mailcow-dockerized
``` ```
4. Generate a configuration file. Use a FQDN (`host.domain.tld`) as hostname when asked. 4. Generate a configuration file. Use a FQDN (`host.domain.tld`) as hostname when asked.
``` ```
./generate_config.sh ./generate_config.sh
``` ```
5. Change configuration if you want or need to. 5. Change configuration if you want or need to.
``` ```
nano mailcow.conf nano mailcow.conf
``` ```
@ -26,6 +30,7 @@ nano mailcow.conf
If you plan to use a reverse proxy, you can, for example, bind HTTPS to 127.0.0.1 on port 8443 and HTTP to 127.0.0.1 on port 8080. If you plan to use a reverse proxy, you can, for example, bind HTTPS to 127.0.0.1 on port 8443 and HTTP to 127.0.0.1 on port 8080.
6. Run the composer file. 6. Run the composer file.
``` ```
docker-compose up -d docker-compose up -d
``` ```