Fix docs

docs/first_steps.md

@@ -1,13 +1,3 @@
-# Change default language
-
-Change `data/conf/sogo/sogo.conf` and replace English by your language.
-
-Create a file `data/web/inc/vars.local.inc.php` and add "DEFAULT_LANG" with either "en", "pt", "de" or "nl":
-```
-<?php
-$DEFAULT_LANG = "de";
-```
-
 # SSL (and: How to use Let's Encrypt)
 
 mailcow dockerized comes with a snakeoil CA "mailcow" and a server certificate in `data/assets/ssl`. Please use your own trusted certificates.
@@ -18,7 +8,7 @@ mailcow uses 3 domain names that should be covered by your new certificate:
 - autodiscover.*example.org*
 - autoconfig.*example.org*
 
-## Obtain multi-SAN certificate by Let's Encrypt
+**Obtain multi-SAN certificate by Let's Encrypt** 
 
 This is just an example of how to obtain certificates with certbot. There are several methods!
 
@@ -74,3 +64,64 @@ docker-compose restart rspamd-mailcow
 ```
 
 Open https://${MAILCOW_HOSTNAME}/rspamd in a browser and login!
+
+# Optional: Reverse proxy
+
+You don't need to change the Nginx site that comes with mailcow: dockerized.
+mailcow: dockerized trusts the default gateway IP 172.22.1.1 as proxy. This is very important to control access to Rspamds web ui.
+
+Make sure you change HTTP_BIND and HTTPS_BIND to a local address and set the ports accordingly, for example:
+```
+HTTP_BIND=127.0.0.1
+HTTP_PORT=8080
+HTTPS_PORT=127.0.0.1
+HTTPS_PORT=8443
+```
+
+Configure your local webserver as reverse proxy:
+
+**Apache 2.4**
+```
+<VirtualHost *:443>
+	ServerName mail.example.org
+	ServerAlias autodiscover.example.org
+	ServerAlias autoconfig.example.org
+
+	[...]
+	# You should proxy to a plain HTTP session to offload SSL processing
+	ProxyPass / http://127.0.0.1:8080
+	ProxyPassReverse / http://127.0.0.1:8080
+	ProxyPreserveHost On
+	your-ssl-configuration-here
+	[...]
+
+	# If you plan to proxy to a HTTPS host:
+	#SSLProxyEngine On
+	
+	# If you plan to proxy to an untrusted HTTPS host:
+	#SSLProxyVerify none
+	#SSLProxyCheckPeerCN off
+	#SSLProxyCheckPeerName off
+	#SSLProxyCheckPeerExpire off
+</VirtualHost>
+```
+
+**Nginx**
+```
+server {
+	listen 443;
+	server_name mail.example.org autodiscover.example.org autoconfig.example.org;
+
+	[...]
+	your-ssl-configuration-here
+	location / {
+		proxy_pass http://127.0.0.1:8080;
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+	}
+	[...]
+}
+```
+

docs/install.md

@@ -2,22 +2,35 @@
 
 1. You need Docker.
 
-    - Most systems can install Docker by running `wget -qO- https://get.docker.com/ | sh`
+Most systems can install Docker by running `wget -qO- https://get.docker.com/ | sh`.
 
-2. You need Docker Compose.
+2. You need Docker Compose
+Learn [how to install Docker Compose](https://docs.docker.com/compose/install/).
 
-    - Learn [how to install Docker Compose](https://docs.docker.com/compose/install/)
 
-3. Clone the master branch of the repository and run `./generate_config.sh` to generate a file "mailcow.conf". You will be asked for a hostname and a timezone:
+3. Clone the master branch of the repository
+```
+git clone https://github.com/andryyy/mailcow-dockerized && cd mailcow-dockerized
+```
+
+4. Generate a configuration file. Use a FQDN (`host.domain.tld`) as hostname when asked.
+```
+./generate_config.sh
+```
 
-    - `git clone https://github.com/andryyy/mailcow-dockerized && cd mailcow-dockerized`
-	- `./generate_config.sh`
-	- Open and check "mailcow.conf" if you need or want to make changes to ports (for example changing the default HTTPS port)
+5. Change configuration if you want or need to.
+```
+nano mailcow.conf
+```
+
+If you plan to use a reverse proxy, you can, for example, bind HTTPS to 127.0.0.1 on port 8443 and HTTP to 127.0.0.1 on port 8080.
 
-4. Run the composer file.
-    - `docker-compose up -d`
+6. Run the composer file.
+```
+docker-compose up -d
+```
 
-Done.
+Done!
 
 You can now access **https://${MAILCOW_HOSTNAME}** with the default credentials `admin` + password `moohoo`.
 

docs/u_and_e.md

@@ -10,7 +10,6 @@ Save as `data/conf/postfix/mailcow_anonymize_headers.pcre`:
 /^\s*X-Mailer/          IGNORE
 /^\s*X-Originating-IP/  IGNORE
 /^\s*X-Forward/         IGNORE
-/^\s*Mime-Version:/     IGNORE
 ```
 
 Add this to `data/conf/postfix/main.cf`:
@@ -52,6 +51,16 @@ curl -L https://raw.githubusercontent.com/docker/compose/$(docker-compose versio
 Edit a domain as (domain) administrator to add an item to the filter table.
 
 Beware that a mailbox user can login to mailcow and override a domain policy filter item. 
+
+# Change default language
+
+Change `data/conf/sogo/sogo.conf` and replace "English" by your prefered language.
+
+Create a file `data/web/inc/vars.local.inc.php` and add "DEFAULT_LANG" with either "en", "pt", "de" or "nl":
+```
+<?php
+$DEFAULT_LANG = "de";
+```
 
 # Change UI theme