coop-cloud/mailu
coop-cloud
/
mailu
1
0
Fork 0
Code Issues 3 Pull Requests Releases Wiki Activity

Reorganise settings.. 

..including attempting to group options by likelihood of being edited,
removing some settings that weren't really configurable, and adding some
explanatory text
This commit is contained in:
3wc 2023-09-24 18:52:33 +01:00
parent 41b2f8d9c1
commit 014d4456f8
2 changed files with 102 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

182
.env.sample
View File

@ -1,64 +1,72 @@
TYPE=mailu
# See https://mailu.io/2.0/configuration.html for explanation of (most of) these
# settings. "Quoted text" in this file comes from that page.
# Main mail domain, NOT main web domain (if they are different)
DOMAIN=example.com
###############################################################################
# BOILERPLATE SETTINGS (shouldn't need to change these) #
###############################################################################
TYPE=mailu
LETS_ENCRYPT_ENV=production
# Run `docker stack ls | grep traefik | cut -f 1 -d " "` on the target machine to get that one
COMPOSE_FILE="compose.yml"
###############################################################################
# REQUIRED SETTINGS (always need to change these) #
###############################################################################
# Main web domain, NOT main mail domain (if they are different)
DOMAIN=mailu.example.com
# "This email domain is used for bounce emails, for generating the postmaster
# email and other technical addresses."
MAIL_DOMAIN=mailu.example.com
# Hostnames for this server, separated with commas
# "The first declared hostname is the main hostname and will be exposed over
# SMTP, IMAP, etc."
HOSTNAMES=$DOMAIN
# Run `DOCKER_CONTEXT=<yourserver> docker stack ls | grep traefik | cut -f 1 -d " "` to get that one
TRAEFIK_STACK_NAME=traefik_example_com
# Custom settings used by certdumper_post.sh and Traefik
WEB_DOMAIN=example.com
ACME_JSON=${LETS_ENCRYPT_ENV}-acme.json
###############################################################################
# OPTIONAL SETTINGS #
###############################################################################
# Mailu settings
# https://mailu.io
# Name of the instance, displayed in the web UI
SITENAME=mymail
TLS_CERT_FILENAME=$WEB_DOMAIN/certificate.crt
TLS_KEYPAIR_FILENAME=$WEB_DOMAIN/privatekey.key
REDIS_ADDRESS=db
# Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!)
SUBNET=192.168.203.0/24
# Hostnames for this server, separated with comas
HOSTNAMES=$WEB_DOMAIN
# Linked Website URL
WEBSITE=https://$DOMAIN
# Postmaster local part (will append the main mail domain)
POSTMASTER=admin
# Choose how secure connections will behave (value: letsencrypt, cert, notls, mail, mail-letsencrypt)
TLS_FLAVOR=mail
POSTMASTER=c
# Authentication rate limit per IP (per /24 on ipv4 and /56 on ipv6)
AUTH_RATELIMIT_IP=60/hour
# Opt-out of statistics, replace with "True" to opt out
# Opt-in to statistics, change to "False" to opt in
DISABLE_STATISTICS=True
###################################
# Optional features
###################################
# Log level threshold in start.py (value: CRITICAL, ERROR, WARNING, INFO, DEBUG, NOTSET)
LOG_LEVEL=WARNING
# Timezone for the Mailu containers. See this link for all possible values https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
TZ=Etc/UTC
# Expose the admin interface (value: true, false)
ADMIN=true
# Choose which webmail to run if any (values: roundcube, rainloop, none)
# Choose which webmail to run if any (values: snappymail, roundcube, none)
WEBMAIL=snappymail
# Dav server implementation (value: radicale, none)
WEBDAV=none
# API settings
# -------------
# Antivirus solution (value: clamav, none)
ANTIVIRUS=none
# Authentication token for API requests
API=false
#API_TOKEN=
# Scan Macros solution (value: true, false)
SCAN_MACROS=true
###################################
# Mail settings
###################################
# -------------
# Message size limit in bytes
# Default: accept messages up to 50MB
@ -81,7 +89,7 @@ FETCHMAIL_ENABLED=False
# Fetchmail delay
FETCHMAIL_DELAY=600
# Recipient delimiter, character used to delimiter localpart from custom address part
# Recipient delimiter, character used to delimit localpart from custom address part
RECIPIENT_DELIMITER=+
# DMARC rua and ruf email
@ -101,14 +109,58 @@ COMPRESSION=
COMPRESSION_LEVEL=
# IMAP full-text search is enabled by default. Set the following variable to off in order to disable the feature.
# FULL_TEXT_SEARCH=off
#FULL_TEXT_SEARCH=off
# Co-op Cloud settings
# -------------
# Mailman settings
# NOTE(3wc): remember to also set RELAYNETS
#COMPOSE_FILE="compose.yml:compose.mailman.yml"
#MAILMAN_POSTFIX_OVERRIDES=1
#MAILMAN_CORE_VOLUME=lists_example_com_mailman-core
#MAILMAN_CORE_NETWORK=lists_example_com_internal
# NOTE(3wc): think this is no longer needed, see https://github.com/Mailu/Mailu/pull/1904
# SASL account -> MAIL FROM mappings for more liberal MAIL FROM relaying
# return-path: https://www.rubydoc.info/gems/actionmailer-rack-upgrade-2/2.3.15/ActionMailer/Base
# logins and MAIL FROM ownership: http://www.postfix.com/postconf.5.html#smtpd_relay_restrictions
# there is an open ticket with a further discussion also https://github.com/Mailu/Mailu/issues/1096
#COMPOSE_FILE="compose.yml:compose.senderlogins.yml"
#SENDER_LOGINS_POSTFIX_OVERRIDES=1
SECRET_SECRET_KEY_VERSION=v1
###############################################################################
# INFINITE NERD DEPTH SETTINGS (rarely needed) #
###############################################################################
# Traefik certificates filename, used by certdumper
ACME_JSON=${LETS_ENCRYPT_ENV}-acme.json
TLS_CERT_FILENAME=$DOMAIN/certificate.crt
TLS_KEYPAIR_FILENAME=$DOMAIN/privatekey.key
# Choose how secure connections will behave (value: letsencrypt, cert, notls, mail, mail-letsencrypt)
# NOTE(3wc): changing this to "letsencrypt" might (but probably won't) allow
# this recipe to be deployed standalone without Traefik. "notls" might (but
# might not) disable encryption for everything except the web interfaces.
TLS_FLAVOR=mail
# Optional features
# -------------
# Dav server implementation (value: radicale, none)
WEBDAV=none
# Antivirus solution (value: clamav, none)
ANTIVIRUS=none
# Scan Macros solution (value: true, false)
SCAN_MACROS=true
###################################
# Web settings
###################################
# -------------
# Path to redirect / to
WEBROOT_REDIRECT=/webmail
@ -119,24 +171,14 @@ WEB_ADMIN=/admin
# Path to the webmail if enabled
WEB_WEBMAIL=/webmail
# Website name
SITENAME=mymail
# Linked Website URL
WEBSITE=https://$DOMAIN
###################################
# Advanced settings
###################################
# -------------
# Log driver for front service. Possible values:
# json-file (default)
# journald (On systemd platforms, useful for Fail2Ban integration)
# syslog (Non systemd platforms, Fail2Ban integration. Disables `docker-compose log` for front!)
# LOG_DRIVER=json-file
# Docker-compose project name, this will prepended to containers names.
COMPOSE_PROJECT_NAME=mailu
#LOG_DRIVER=json-file
# Number of rounds used by the password hashing scheme
CREDENTIAL_ROUNDS=12
@ -150,34 +192,6 @@ REAL_IP_FROM=
# choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no)
REJECT_UNLISTED_RECIPIENT=
# Log level threshold in start.py (value: CRITICAL, ERROR, WARNING, INFO, DEBUG, NOTSET)
LOG_LEVEL=WARNING
# Timezone for the Mailu containers. See this link for all possible values https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
TZ=Etc/UTC
# Authentication token for API requests
API=false
#API_TOKEN=
###################################
# Database settings
###################################
# NOTE(3wc): Other values are not supported, as compose.yml does not contain
# configuration for them. Pull requests welcome!
DB_FLAVOR=sqlite
###################################
# Mailman settings
###################################
# COMPOSE_FILE="compose.yml:compose.mailman.yml"
# MAILMAN_POSTFIX_OVERRIDES=1
# MAILMAN_CORE_VOLUME=lists_example_com_mailman-core
# MAILMAN_CORE_NETWORK=lists_example_com_internal
###################################
# SASL account -> MAIL FROM mappings for more liberal MAIL FROM relaying
# return-path: https://www.rubydoc.info/gems/actionmailer-rack-upgrade-2/2.3.15/ActionMailer/Base
# logins and MAIL FROM ownership: http://www.postfix.com/postconf.5.html#smtpd_relay_restrictions
# there is an open ticket with a further discussion also https://github.com/Mailu/Mailu/issues/1096
###################################
# COMPOSE_FILE="compose.yml:compose.senderlogins.yml"
# SENDER_LOGINS_POSTFIX_OVERRIDES=1

8
compose.yml
View File

@ -30,13 +30,13 @@ x-environment:
- REAL_IP_FROM
- REAL_IP_HEADER
- RECIPIENT_DELIMITER
- REDIS_ADDRESS
- REDIS_ADDRESS=db
- REJECT_UNLISTED_RECIPIENT
- RELAYHOST
- RELAYNETS
- SECRET_KEY_FILE=/run/secrets/secret_key
- SITENAME
- SUBNET
- SUBNET=192.168.203.0/24
- TLS_CERT_FILENAME
- TLS_FLAVOR
- TLS_KEYPAIR_FILENAME
@ -92,7 +92,7 @@ services:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${WEB_DOMAIN}`)"
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
- "coop-cloud.${STACK_NAME}.version=1.0.2+2.0.23"
@ -178,7 +178,7 @@ services:
--dest /output --domain-subdir=true --version v2
--post-hook "sh /usr/bin/certdumper_post.sh"'
environment:
- DOMAIN=$WEB_DOMAIN
- DOMAIN=$DOMAIN
volumes:
# Folder, which contains the acme.json
- type: volume