Trang chủ Khám phá Trợ giúp
Đăng nhập
mirrors
/
mailcow-dockerized
mirror of https://github.com/mailcow/mailcow-dockerized
2
0
Fork 0
Các tập tin Các vấn đề 0 Wiki
Tree: a95800e476
Branches Tags
mailcow-dockeri...
/
docs
/
first_steps.md

first_steps.md 2.6 KB
Lịch sử Raw

Change default language

Change data/conf/sogo/sogo.conf and replace English by your language.

Create a file data/web/inc/vars.local.inc.php and add "DEFAULT_LANG" with either "en", "pt", "de" or "nl":

<?php
$DEFAULT_LANG = "de";

SSL (and: How to use Let's Encrypt)

mailcow dockerized comes with a snakeoil CA "mailcow" and a server certificate in data/assets/ssl. Please use your own trusted certificates.

mailcow uses 3 domain names that should be covered by your new certificate:

  • ${MAILCOW_HOSTNAME}
  • autodiscover.example.org
  • autoconfig.example.org

Obtain multi-SAN certificate by Let's Encrypt

This is just an example of how to obtain certificates with certbot. There are several methods!

  1. Get the certbot client:

    wget https://dl.eff.org/certbot-auto -O /usr/local/sbin/certbot && chmod +x /usr/local/sbin/certbot

  2. Make sure you set HTTP_BIND=0.0.0.0 in mailcow.conf or setup a reverse proxy to enable connections to port 80. If you changed HTTP_BIND, then restart Nginx: docker-compose restart nginx-mailcow.

  3. Request the certificate with the webroot method:

    cd /path/to/git/clone/mailcow-dockerized
source mailcow.conf
certbot certonly \
    --webroot \
    -w ${PWD}/data/web \
    -d ${MAILCOW_HOSTNAME} \
    -d autodiscover.example.org \
    -d autoconfig.example.org \
    --email you@example.org \
    --agree-tos

  4. Create hard links to the full path of the new certificates. Assuming you are still in the mailcow root folder:

    mv data/assets/ssl/cert.{pem,pem.backup}
mv data/assets/ssl/key.{pem,pem.backup}
ln $(readlink -f /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/fullchain.pem) data/assets/ssl/cert.pem
ln $(readlink -f /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/privkey.pem) data/assets/ssl/key.pem

  5. Restart containers which use the certificate:

    docker-compose restart postfix-mailcow dovecot-mailcow nginx-mailcow

    When renewing certificates, run the last two steps (link + restart) as post-hook in a script.

Rspamd UI access

At first you may want to setup Rspamds web interface which provides some useful features and information.

  1. Generate a Rspamd controller password hash:

    docker-compose exec rspamd-mailcow rspamadm pw

  2. Replace the default hash in data/conf/rspamd/override.d/worker-controller.inc by your newly generated:

    enable_password = "myhash";

  3. Restart rspamd:

    docker-compose restart rspamd-mailcow

Open https://${MAILCOW_HOSTNAME}/rspamd in a browser and login!