diff --git a/common/docker_dockerstats/templates/Dockerfile b/common/docker_dockerstats/templates/Dockerfile
index 21357fe5e847cec29ee38789cfa71003a0ab69db..54677f76dd185c9540562f59c046621cbc149da5 100644
--- a/common/docker_dockerstats/templates/Dockerfile
+++ b/common/docker_dockerstats/templates/Dockerfile
@@ -1,4 +1,4 @@
-FROM node:14-alpine
+FROM node:19-alpine
RUN apk update \
&& apk upgrade \
diff --git a/group_vars/test b/group_vars/test
new file mode 100644
index 0000000000000000000000000000000000000000..a8e9915c10004e98755d5fb3130f8d8d56d8101d
--- /dev/null
+++ b/group_vars/test
@@ -0,0 +1,9 @@
+# Globale Variablen für alle produktiven Server
+
+
+# SMTP Settings
+smtp_domain: enteentelos.com
+smtp_host: mailserver.enteentelos.com
+smtp_port: 587
+noreply_email_user: noreply@enteentelos.com
+
diff --git a/host_vars/webserver b/host_vars/webserver
index 5a736d90dc0267f8628eb575716b6f3007fb1789..fe60b940bcd8233a5a6c1e014cd259f9b94bd009 100644
--- a/host_vars/webserver
+++ b/host_vars/webserver
@@ -33,8 +33,6 @@ webserver_domains:
- "warpzone.ms"
- "api.warpzone.ms"
# - "auth.warpzone.ms"
- - "autodiscover.warpzone.ms"
- - "autoconfig.warpzone.ms"
- "gitlab.warpzone.ms"
- "matrix.warpzone.ms"
- "mailserver.warpzone.ms"
@@ -65,7 +63,6 @@ administratorenteam:
docker:
# Interne Docker-Netzwerke
internal_networks:
- - mail
- web
# Monitoring aktivieren
diff --git a/hosts b/hosts
index c92fb9ab50d58b8c245f2348332a064f269f3cd6..10f099ffb1786800e68cf248ed47da84d8042e58 100644
--- a/hosts
+++ b/hosts
@@ -3,6 +3,8 @@
# Namensliste: https://wiki.lspace.org/List_of_Pratchett_characters
# Nächste freie Namen: vimes, cake, colon, detritus, dibbler, dorfl, gaspode, quirm, cherry, nobby, ramkin, ron, shoe, slant, angua, vetinary, bursar, coin, dean, worblehat, luggage. mustrum, rincewind, wrangler, stibbons, whitlow
+[test]
+
[prod]
# Interner Proxmox-Server
diff --git a/intern/docker_fridgeserver/templates/htaccess b/intern/docker_fridgeserver/templates/htaccess
new file mode 100644
index 0000000000000000000000000000000000000000..48c2f41eb7f5bd2d802d59080abefd6a2ddbde09
--- /dev/null
+++ b/intern/docker_fridgeserver/templates/htaccess
@@ -0,0 +1,2 @@
+<Files *.php>
+deny from all
diff --git a/intern/docker_grafana/templates/provisioning/dashboards/dashboards.yml b/intern/docker_grafana/templates/provisioning/dashboards/dashboards.yml
new file mode 100644
index 0000000000000000000000000000000000000000..45bfb06d0dd4bcfe6e17b08a33a5d1cc1477c6ac
--- /dev/null
+++ b/intern/docker_grafana/templates/provisioning/dashboards/dashboards.yml
@@ -0,0 +1,25 @@
+apiVersion: 1
+
+providers:
+ # <string> an unique provider name
+- name: 'Pixelflut'
+ # <int> org id. will default to orgId 1 if not specified
+ # orgId: 1
+ # <string, required> name of the dashboard folder. Required
+ folder: 'Pixelflut'
+ # <string> folder UID. will be automatically generated if not specified
+ # folderUid: ''
+ # <string, required> provider type. Required
+ type: file
+ # <bool> disable dashboard deletion
+ # disableDeletion: false
+ # <bool> enable dashboard editing
+ editable: true
+ # <int> how often Grafana will scan for changed dashboards
+ updateIntervalSeconds: 10
+ # <bool> allow updating provisioned dashboards from the UI
+ allowUiUpdates: true
+ options:
+ # <string, required> path to dashboard files on disk. Required
+ path: /etc/grafana/provisioning/dashboards/pixelflut
+
diff --git a/intern/docker_grafana/templates/provisioning/dashboards/pixelflut/breakwater.json b/intern/docker_grafana/templates/provisioning/dashboards/pixelflut/breakwater.json
new file mode 100644
index 0000000000000000000000000000000000000000..5eebc771ff054207d86b699f7dc08ea4a5bab2c9
--- /dev/null
+++ b/intern/docker_grafana/templates/provisioning/dashboards/pixelflut/breakwater.json
@@ -0,0 +1,1055 @@
+{
+ "annotations": {
+ "list": [
+ {
+ "builtIn": 1,
+ "datasource": "-- Grafana --",
+ "enable": true,
+ "hide": true,
+ "iconColor": "rgba(0, 211, 255, 1)",
+ "name": "Annotations & Alerts",
+ "target": {
+ "limit": 100,
+ "matchAny": false,
+ "tags": [],
+ "type": "dashboard"
+ },
+ "type": "dashboard"
+ }
+ ]
+ },
+ "editable": true,
+ "fiscalYearStartMonth": 0,
+ "graphTooltip": 1,
+ "id": 6,
+ "links": [],
+ "liveNow": false,
+ "panels": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "thresholds"
+ },
+ "mappings": [],
+ "noValue": "0",
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ }
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 5,
+ "w": 3,
+ "x": 0,
+ "y": 0
+ },
+ "id": 6,
+ "options": {
+ "colorMode": "value",
+ "graphMode": "area",
+ "justifyMode": "auto",
+ "orientation": "auto",
+ "reduceOptions": {
+ "calcs": [
+ "lastNotNull"
+ ],
+ "fields": "",
+ "values": false
+ },
+ "text": {},
+ "textMode": "auto"
+ },
+ "pluginVersion": "8.4.6",
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "exemplar": true,
+ "expr": "breakwater_ips",
+ "interval": "",
+ "legendFormat": "",
+ "refId": "A"
+ }
+ ],
+ "title": "Connected IPs",
+ "type": "stat"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "fixedColor": "green",
+ "mode": "fixed"
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ }
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 5,
+ "w": 3,
+ "x": 3,
+ "y": 0
+ },
+ "id": 7,
+ "options": {
+ "colorMode": "value",
+ "graphMode": "area",
+ "justifyMode": "auto",
+ "orientation": "auto",
+ "reduceOptions": {
+ "calcs": [
+ "lastNotNull"
+ ],
+ "fields": "",
+ "values": false
+ },
+ "textMode": "auto"
+ },
+ "pluginVersion": "8.4.6",
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "exemplar": true,
+ "expr": "sum(breakwater_connections) or vector(0)",
+ "interval": "",
+ "legendFormat": "",
+ "refId": "A"
+ }
+ ],
+ "title": "Connections",
+ "type": "stat"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "thresholds"
+ },
+ "mappings": [],
+ "noValue": "0",
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "red",
+ "value": null
+ },
+ {
+ "color": "green",
+ "value": 25
+ }
+ ]
+ },
+ "unit": "FPS"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 5,
+ "w": 3,
+ "x": 9,
+ "y": 0
+ },
+ "id": 15,
+ "options": {
+ "colorMode": "value",
+ "graphMode": "area",
+ "justifyMode": "auto",
+ "orientation": "auto",
+ "reduceOptions": {
+ "calcs": [
+ "lastNotNull"
+ ],
+ "fields": "",
+ "values": false
+ },
+ "textMode": "auto"
+ },
+ "pluginVersion": "8.4.6",
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "exemplar": true,
+ "expr": "breakwater_fps",
+ "interval": "",
+ "legendFormat": "",
+ "refId": "A"
+ }
+ ],
+ "title": "FPS",
+ "type": "stat"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "fixedColor": "green",
+ "mode": "fixed"
+ },
+ "mappings": [],
+ "noValue": "0",
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ },
+ "unit": "binbps"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 5,
+ "w": 3,
+ "x": 12,
+ "y": 0
+ },
+ "id": 19,
+ "options": {
+ "colorMode": "value",
+ "graphMode": "area",
+ "justifyMode": "auto",
+ "orientation": "auto",
+ "reduceOptions": {
+ "calcs": [
+ "lastNotNull"
+ ],
+ "fields": "",
+ "values": false
+ },
+ "textMode": "auto"
+ },
+ "pluginVersion": "8.4.6",
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "exemplar": true,
+ "expr": "sum(rate(breakwater_bytes[1m])) * 8 or vector(0)",
+ "interval": "",
+ "legendFormat": "",
+ "refId": "A"
+ }
+ ],
+ "title": "Throughput",
+ "type": "stat"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "thresholds"
+ },
+ "mappings": [],
+ "noValue": "0",
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ }
+ ]
+ },
+ "unit": "bytes"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 5,
+ "w": 3,
+ "x": 15,
+ "y": 0
+ },
+ "id": 9,
+ "options": {
+ "colorMode": "value",
+ "graphMode": "area",
+ "justifyMode": "auto",
+ "orientation": "auto",
+ "reduceOptions": {
+ "calcs": [
+ "lastNotNull"
+ ],
+ "fields": "",
+ "values": false
+ },
+ "textMode": "auto"
+ },
+ "pluginVersion": "8.4.6",
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "exemplar": true,
+ "expr": "sum(breakwater_bytes) or vector(0)",
+ "interval": "",
+ "legendFormat": "",
+ "refId": "A"
+ }
+ ],
+ "title": "Total Traffic",
+ "type": "stat"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "fixedColor": "green",
+ "mode": "fixed"
+ },
+ "mappings": [],
+ "noValue": "0",
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ },
+ "unit": "reqps"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 5,
+ "w": 3,
+ "x": 18,
+ "y": 0
+ },
+ "id": 16,
+ "options": {
+ "colorMode": "value",
+ "graphMode": "area",
+ "justifyMode": "auto",
+ "orientation": "auto",
+ "reduceOptions": {
+ "calcs": [
+ "lastNotNull"
+ ],
+ "fields": "",
+ "values": false
+ },
+ "textMode": "auto"
+ },
+ "pluginVersion": "8.4.6",
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "exemplar": true,
+ "expr": "sum(rate(breakwater_pixels[1m])) * 8 or vector(0)",
+ "interval": "",
+ "legendFormat": "",
+ "refId": "A"
+ }
+ ],
+ "title": "Pixels / s",
+ "type": "stat"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "thresholds"
+ },
+ "mappings": [],
+ "noValue": "0",
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ }
+ ]
+ },
+ "unit": "short"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 5,
+ "w": 3,
+ "x": 21,
+ "y": 0
+ },
+ "id": 17,
+ "options": {
+ "colorMode": "value",
+ "graphMode": "area",
+ "justifyMode": "auto",
+ "orientation": "auto",
+ "reduceOptions": {
+ "calcs": [
+ "lastNotNull"
+ ],
+ "fields": "",
+ "values": false
+ },
+ "textMode": "auto"
+ },
+ "pluginVersion": "8.4.6",
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "exemplar": true,
+ "expr": "sum(breakwater_pixels) or vector(0)",
+ "interval": "",
+ "legendFormat": "",
+ "refId": "A"
+ }
+ ],
+ "title": "Total Pixels",
+ "type": "stat"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 0,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "never",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "none"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "decimals": 0,
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ }
+ },
+ "overrides": [
+ {
+ "matcher": {
+ "id": "byName",
+ "options": "IPv4"
+ },
+ "properties": [
+ {
+ "id": "color",
+ "value": {
+ "fixedColor": "yellow",
+ "mode": "fixed"
+ }
+ }
+ ]
+ },
+ {
+ "matcher": {
+ "id": "byName",
+ "options": "All"
+ },
+ "properties": [
+ {
+ "id": "color",
+ "value": {
+ "fixedColor": "green",
+ "mode": "fixed"
+ }
+ }
+ ]
+ }
+ ]
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 0,
+ "y": 5
+ },
+ "id": 13,
+ "options": {
+ "legend": {
+ "calcs": [
+ "last",
+ "max"
+ ],
+ "displayMode": "table",
+ "placement": "right"
+ },
+ "tooltip": {
+ "mode": "single",
+ "sort": "none"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "exemplar": true,
+ "expr": "breakwater_ips",
+ "interval": "",
+ "legendFormat": "All",
+ "refId": "A"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "exemplar": true,
+ "expr": "breakwater_legacy_ips",
+ "hide": false,
+ "interval": "",
+ "legendFormat": "IPv4",
+ "refId": "B"
+ }
+ ],
+ "title": "Connected IPs",
+ "type": "timeseries"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 10,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "never",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "normal"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ },
+ "unit": "bps"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 12,
+ "y": 5
+ },
+ "id": 14,
+ "interval": "1m",
+ "options": {
+ "legend": {
+ "calcs": [
+ "last",
+ "max"
+ ],
+ "displayMode": "table",
+ "placement": "right",
+ "sortBy": "Last",
+ "sortDesc": true
+ },
+ "tooltip": {
+ "mode": "single",
+ "sort": "none"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "exemplar": true,
+ "expr": "rate(breakwater_bytes[$__interval]) * 8",
+ "interval": "",
+ "legendFormat": "pixelflut.warpzone.lan",
+ "refId": "A"
+ }
+ ],
+ "title": "Traffic / IP",
+ "type": "timeseries"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 10,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "never",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "normal"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "decimals": 0,
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ }
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 0,
+ "y": 13
+ },
+ "id": 11,
+ "options": {
+ "legend": {
+ "calcs": [
+ "last",
+ "max"
+ ],
+ "displayMode": "table",
+ "placement": "right",
+ "sortBy": "Last",
+ "sortDesc": true
+ },
+ "tooltip": {
+ "mode": "single",
+ "sort": "none"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "exemplar": true,
+ "expr": "breakwater_connections",
+ "interval": "",
+ "legendFormat": "pixelflut.warpzone.lan",
+ "refId": "A"
+ }
+ ],
+ "title": "Connections / IP",
+ "type": "timeseries"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 10,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "never",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "normal"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ },
+ "unit": "reqps"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 12,
+ "y": 13
+ },
+ "id": 18,
+ "interval": "1m",
+ "options": {
+ "legend": {
+ "calcs": [
+ "last",
+ "max"
+ ],
+ "displayMode": "table",
+ "placement": "right",
+ "sortBy": "Last",
+ "sortDesc": true
+ },
+ "tooltip": {
+ "mode": "single",
+ "sort": "none"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "exemplar": true,
+ "expr": "rate(breakwater_pixels[$__interval]) * 8",
+ "interval": "",
+ "legendFormat": "pixelflut.warpzone.lan",
+ "refId": "A"
+ }
+ ],
+ "title": "Pixels / s / IP",
+ "type": "timeseries"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "description": "",
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "fixedColor": "green",
+ "mode": "thresholds"
+ },
+ "custom": {
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 0,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "never",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "none"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "mappings": [],
+ "noValue": "0",
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "red",
+ "value": null
+ },
+ {
+ "color": "green",
+ "value": 25
+ }
+ ]
+ },
+ "unit": "FPS"
+ },
+ "overrides": [
+ {
+ "matcher": {
+ "id": "byName",
+ "options": "30 FPS"
+ },
+ "properties": [
+ {
+ "id": "color",
+ "value": {
+ "fixedColor": "dark-green",
+ "mode": "fixed"
+ }
+ }
+ ]
+ }
+ ]
+ },
+ "gridPos": {
+ "h": 6,
+ "w": 12,
+ "x": 12,
+ "y": 21
+ },
+ "id": 21,
+ "options": {
+ "legend": {
+ "calcs": [],
+ "displayMode": "hidden",
+ "placement": "bottom"
+ },
+ "tooltip": {
+ "mode": "single",
+ "sort": "none"
+ }
+ },
+ "pluginVersion": "8.4.6",
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "exemplar": true,
+ "expr": "breakwater_fps{}",
+ "interval": "",
+ "legendFormat": "Measured",
+ "refId": "A"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "P0FAC05DE14135586"
+ },
+ "exemplar": true,
+ "expr": "30",
+ "hide": false,
+ "interval": "",
+ "legendFormat": "30 FPS",
+ "refId": "B"
+ }
+ ],
+ "title": "FPS",
+ "type": "timeseries"
+ }
+ ],
+ "refresh": false,
+ "schemaVersion": 35,
+ "style": "dark",
+ "tags": [
+ "pixelflut",
+ "breakwater"
+ ],
+ "templating": {
+ "list": []
+ },
+ "time": {
+ "from": "now-1h",
+ "to": "now"
+ },
+ "timepicker": {},
+ "timezone": "",
+ "title": "Pixelflut overview",
+ "uid": "bfgb09843",
+ "weekStart": ""
+}
diff --git a/intern/docker_grafana/templates/provisioning/datasources/datasources.yml b/intern/docker_grafana/templates/provisioning/datasources/datasources.yml
new file mode 100644
index 0000000000000000000000000000000000000000..8e9cb3f4717e00fa8cd63179a593193f462cdb66
--- /dev/null
+++ b/intern/docker_grafana/templates/provisioning/datasources/datasources.yml
@@ -0,0 +1,47 @@
+
+apiVersion: 1
+
+datasources:
+
+ - name: MQTT_Flux
+ type: influxdb
+ access: proxy
+ url: http://{{ int_ip4 }}:{{ mqtt_influxdb_port }}
+ jsonData:
+ version: Flux
+ organization: mqtt
+ defaultBucket: mqtt
+ tlsSkipVerify: true
+ secureJsonData:
+ token: {{ influxdb_token }}
+
+ - name: MQTT_InfluxQL
+ type: influxdb
+ access: proxy
+ url: http://{{ int_ip4 }}:{{ mqtt_influxdb_port }}
+ # This database should be mapped to a bucket
+ database: mqtt
+ jsonData:
+ httpMode: GET
+ httpHeaderName1: 'Authorization'
+ secureJsonData:
+ httpHeaderValue1: 'Token {{ influxdb_token }}'
+
+{% if inventory_hostname == 'hix' %}
+
+ - name: Prometheus
+ type: prometheus
+ access: proxy
+ url: http://{{ int_ip4 }}:9090
+
+{% endif %}
+
+{% if inventory_hostname == 'ogg' %}
+
+ - name: Pixelflut
+ type: prometheus
+ access: proxy
+ url: http://pixelflut.warpzone.lan:9090
+ uuid: P0FAC05DE14135586
+
+{% endif %}
diff --git a/site.yml b/site.yml
index 725156feed242e273a8efa85131fc2ef50f794e7..0f7ae37f67bb56d39676bf0bc3516b5a4cb094ea 100644
--- a/site.yml
+++ b/site.yml
@@ -10,6 +10,9 @@
- { role: all/common, tags: common }
- { role: all/sysctl, tags: sysctl }
+##################################################
+# Test Server
+##################################################
##################################################
# Produktive Server
@@ -159,11 +162,6 @@
domain_default: "www.warpzone.ms",
matrix_federation: true
}
- - {
- role: webserver/docker_autodiscover, tags: autodiscover,
- servicename: autodiscover,
- basedir: /srv/autodiscover
- }
- {
role: webserver/docker_coturn, tags: coturn,
servicename: "coturn",
@@ -202,10 +200,15 @@
}
- {
role: webserver/docker_mail, tags: mail,
+ servicename: mail,
basedir: /srv/mail,
+ domain: "warpzone.ms",
+ mailserver: "mailserver.warpzone.ms",
+ listserver: "listserver.warpzone.ms"
}
- {
role: webserver/docker_matterbridge, tags: matterbridge,
+ servicename: matterbridge,
basedir: /srv/matterbridge,
domain: "www.warpzone.ms"
}
diff --git a/webserver/docker_autodiscover/tasks/main.yml b/webserver/docker_autodiscover/tasks/main.yml
deleted file mode 100644
index 039583792345c18142b09725e777e341bd1f6851..0000000000000000000000000000000000000000
--- a/webserver/docker_autodiscover/tasks/main.yml
+++ /dev/null
@@ -1,32 +0,0 @@
----
-
-- name: "create folder struct for {{ servicename }}"
- file:
- path: "{{ item }}"
- state: "directory"
- with_items:
- - "{{ basedir }}"
-
-
-- name: deploy {{ servicename }} config
- template:
- dest: "{{ basedir }}/{{ item }}"
- src: "{{ item }}"
- with_items:
- - docker-compose.yml
- register: config
-
-
-# Start containers
-- name: "stop {{ servicename }} docker"
- docker_compose:
- project_src: "{{ basedir }}"
- state: absent
- when: config.changed
-
-
-- name: "start {{ servicename }} docker"
- docker_compose:
- project_src: "{{ basedir }}"
- state: present
-
diff --git a/webserver/docker_autodiscover/templates/docker-compose.yml b/webserver/docker_autodiscover/templates/docker-compose.yml
deleted file mode 100644
index d8e72989f5e1fc28bddc68560852af46cb9159ea..0000000000000000000000000000000000000000
--- a/webserver/docker_autodiscover/templates/docker-compose.yml
+++ /dev/null
@@ -1,35 +0,0 @@
-version: '2.1'
-
-services:
-
-{% for domain in mail_domains %}
-
- {{ domain }}:
- image: monogramm/autodiscover-email-settings:1.4.0
- restart: always
- environment:
- - DOMAIN={{ mail_domains[domain].maildomain }}
- - IMAP_HOST={{ mail_domains[domain].mxserver }}
- - IMAP_PORT=993
- - IMAP_SOCKET=SSL
- - POP_HOST={{ mail_domains[domain].mxserver }}
- - POP_PORT=995
- - POP_SOCKET=SSL
- - SMTP_HOST={{ mail_domains[domain].mxserver }}
- - SMTP_PORT=587
- - SMTP_SOCKET=STARTTLS
- labels:
- - traefik.enable=true
- - traefik.http.routers.{{ servicename }}-{{ domain }}.rule=Host(`autodiscover.{{ mail_domains[domain].maildomain }}`) || Host(`autoconfig.{{ mail_domains[domain].maildomain }}`)
- - traefik.http.routers.{{ servicename }}-{{ domain }}.entrypoints=websecure
- - traefik.http.services.{{ servicename }}-{{ domain }}.loadbalancer.server.port=8000
- networks:
- - default
- - web
-
-{% endfor %}
-
-networks:
- web:
- external: true
-
diff --git a/webserver/docker_dokuwiki/templates/docker-compose.yml b/webserver/docker_dokuwiki/templates/docker-compose.yml
index bc9e0295c6ce62605b0eb5cc9bfb11296d525e03..5cef278a9f4c605e335f12b1948fd30ebd3df9f9 100644
--- a/webserver/docker_dokuwiki/templates/docker-compose.yml
+++ b/webserver/docker_dokuwiki/templates/docker-compose.yml
@@ -3,6 +3,7 @@ version: "3"
services:
app:
+ # values set in configuration: noreply_email_user - noreply_email_pass - smtp_host - smtp_port
build: .
image: "dokuwiki--{{ ansible_date_time.date }}--{{ ansible_date_time.hour }}-{{ ansible_date_time.minute }}-{{ ansible_date_time.second }}"
restart: always
@@ -16,11 +17,8 @@ services:
- traefik.http.services.{{ servicename }}.loadbalancer.server.port=80
networks:
- default
- - mail
- web
-
+
networks:
- mail:
- external: true
web:
external: true
diff --git a/webserver/docker_gitlab/templates/conf/gitlab.rb b/webserver/docker_gitlab/templates/conf/gitlab.rb
index 55fdc6da3201f2879aca153cee94d19a7cc4303a..3add34fc08ed06cb8d8837bf0ba45d9755854d97 100644
--- a/webserver/docker_gitlab/templates/conf/gitlab.rb
+++ b/webserver/docker_gitlab/templates/conf/gitlab.rb
@@ -116,8 +116,8 @@ gitlab_rails['gitlab_email_enabled'] = true
# gitlab_rails['gitlab_email_smime_key_file'] = '/etc/gitlab/ssl/gitlab_smime.key'
# gitlab_rails['gitlab_email_smime_cert_file'] = '/etc/gitlab/ssl/gitlab_smime.crt'
# gitlab_rails['gitlab_email_smime_ca_certs_file'] = '/etc/gitlab/ssl/gitlab_smime_cas.crt'
-gitlab_rails['gitlab_email_from'] = '{{ noreply_email_user }}'
-gitlab_rails['gitlab_email_display_name'] = 'Gitlab Warpzone'
+gitlab_rails['gitlab_email_from'] = 'gitlab@{{ smtp_domain }}'
+gitlab_rails['gitlab_email_display_name'] = 'Warpzone Gitlab'
gitlab_rails['gitlab_email_reply_to'] = '{{ noreply_email_user }}'
### GitLab user privileges
diff --git a/webserver/docker_keycloak/tasks/main.yml b/webserver/docker_keycloak/tasks/main.yml
index 0f98082d518327ba033115f18df31a7212250da7..b42f7267504963146fd424e3b4b475cb8e1b0aaa 100644
--- a/webserver/docker_keycloak/tasks/main.yml
+++ b/webserver/docker_keycloak/tasks/main.yml
@@ -2,6 +2,7 @@
- include_tasks: ../functions/get_secret.yml
with_items:
+ - { path: /srv/shared/noreply_email_pass, length: -1 }
- { path: /srv/keycloak/keycloak_admin_pass, length: 32 }
- { path: /srv/keycloak/postgres_user_pass, length: 24 }
diff --git a/webserver/docker_keycloak/templates/docker-compose.yml b/webserver/docker_keycloak/templates/docker-compose.yml
index 814219a746761fff3d2f978083682749548d6b97..b89a0449575cb6eaeb36c75f19986341c9adec25 100644
--- a/webserver/docker_keycloak/templates/docker-compose.yml
+++ b/webserver/docker_keycloak/templates/docker-compose.yml
@@ -6,7 +6,7 @@ services:
app:
-
+ # values set in configuration: noreply_email_user - noreply_email_pass - smtp_host - smtp_port
image: jboss/keycloak:16.1.1
restart: always
depends_on:
@@ -31,7 +31,6 @@ services:
- traefik.http.services.{{ servicename }}.loadbalancer.server.port=8080
networks:
- default
- - mail
- web
@@ -64,7 +63,5 @@ services:
networks:
- mail:
- external: true
web:
external: true
diff --git a/webserver/docker_mail/defaults/main.yaml b/webserver/docker_mail/defaults/main.yaml
deleted file mode 100644
index 8c56cf91d8145fcaaefd2efa7a61f02267317332..0000000000000000000000000000000000000000
--- a/webserver/docker_mail/defaults/main.yaml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-servicename: mail
-basedir: /srv/mail
diff --git a/webserver/docker_mail/tasks/main.yaml b/webserver/docker_mail/tasks/main.yaml
index bb5a9941eb33489cedf1467fd9650979958d461b..949eb8d96164af58fa58493d675aef7b841b65ad 100644
--- a/webserver/docker_mail/tasks/main.yaml
+++ b/webserver/docker_mail/tasks/main.yaml
@@ -2,21 +2,23 @@
- include_tasks: ../functions/get_secret.yml
with_items:
- - { path: "{{ basedir }}/secrets/mailcow_admin_pass", length: 28 }
- - { path: "{{ basedir }}/secrets/mysql_mailcow_pass", length: 28 }
- - { path: "{{ basedir }}/secrets/mysql_root_pass", length: 28 }
- # mailman
+ - { path: "{{ basedir }}/secrets/mailu_secret_key", length: 32 }
+ - { path: "{{ basedir }}/secrets/mailu_admin_pass", length: 32 }
+ - { path: "{{ basedir }}/secrets/mailu_api_token", length: 32 }
+ - { path: "{{ basedir }}/secrets/mailu_db_pass", length: 28 }
+ - { path: "{{ basedir }}/secrets/roundcube_db_pass", length: 28 }
- { path: "{{ basedir }}/secrets/hyperkitty_api_key", length: 28 }
- - { path: "{{ basedir }}/secrets/postgres_mailman_pass", length: 28 }
+ - { path: "{{ basedir }}/secrets/mailman_db_pass", length: 28 }
- { path: "{{ basedir }}/secrets/mailman_secret_key", length: 28 }
- { path: "{{ basedir }}/secrets/mailman_restapi_pass", length: 28 }
+ - { path: "{{ basedir }}/secrets/mysql_root_pass", length: 28 }
-- name: pakete installieren
- apt:
- pkg: ['git', 'logrotate', 'openssl']
- update_cache: no
- state: present
+# - name: pakete installieren
+# apt:
+# pkg: ['logrotate']
+# update_cache: no
+# state: present
- name: "create folder struct for {{ servicename }}"
@@ -26,139 +28,78 @@
with_items:
- "{{ basedir }}"
- "{{ basedir }}/secrets"
- # mailcow
- - "{{ basedir }}/data/mysql"
- - "{{ basedir }}/data/mysql-socket"
- - "{{ basedir }}/data/redis"
- - "{{ basedir }}/data/rspamd"
- - "{{ basedir }}/data/solr"
- - "{{ basedir }}/data/postfix"
- - "{{ basedir }}/data/sogo-web"
- - "{{ basedir }}/data/sogo-userdata-backup"
- - "{{ basedir }}/data/xmpp-vol-1"
- - "{{ basedir }}/data/xmpp-upload-vol-1"
- # mailmann
- - "{{ basedir }}/data/mailman-core"
- - "{{ basedir }}/data/mailman-core/var"
- - "{{ basedir }}/data/mailman-core/var/data"
- - "{{ basedir }}/data/mailman-web"
- - "{{ basedir }}/data/mailman-postgres"
-
-
-- name: "create folder struct for {{ servicename }} with rights"
- file:
- path: "{{ item }}"
- state: "directory"
- owner: "5000"
- group: "5000"
- mode: "ugo+rwx"
- with_items:
- - "{{ basedir }}/data/crypt"
- - "{{ basedir }}/data/vmail"
- - "{{ basedir }}/data/vmail-index"
-
-
-- name: check if git dir exists
- stat:
- path: "{{ basedir }}/mailcow-dockerized/.git"
- register: mailcow_dotgit
-
-- name: revert main.cf to avoid local changes
- command: "git checkout data/conf/postfix/main.cf"
- args:
- chdir: "{{ basedir }}/mailcow-dockerized"
- when: mailcow_dotgit.stat.exists == True
-
-
-- name: Git checkout mailcow
- git:
- repo: 'https://github.com/mailcow/mailcow-dockerized.git'
- dest: "{{ basedir }}/mailcow-dockerized"
- version: d6a3094bcc8b3d748994978ca7e274301b39e583
- # current version 2021-05-18
-
-
-- name: Git checkout mailman-dockerized
- git:
- repo: 'https://github.com/maxking/docker-mailman.git'
- dest: "{{ basedir }}/docker-mailman"
- version: v0.4.4
- # current version 2020-03-15
-
-
-- name: "create folder struct for {{ servicename }} 3"
- file:
- path: "{{ item }}"
- state: "directory"
- with_items:
- - "{{ basedir }}/mailcow-dockerized/data/assets/ssl/"
-
-
-- name: check if DH Params exists
- stat:
- path: "{{ basedir }}/mailcow-dockerized/data/assets/ssl/dhparams.pem"
- register: dhparams
-
-- name: generate new DH Params
- command: "openssl dhparam -out {{ basedir }}/mailcow-dockerized/data/assets/ssl/dhparams.pem 2048"
- when: dhparams.stat.exists == False
-
-
-- name: deploy mailcow config files
- template:
- dest: "{{ basedir }}/{{ item }}"
- src: "{{ item }}"
- mode: 0644
- with_items:
- - mailcow-dockerized/mailcow.conf
- - mailcow-dockerized/docker-compose.override.yml
- - mailcow-dockerized/data/conf/postfix/extra.cf
- register: config_mailcow
-
-
-- name: deploy mailman config files
+ - "{{ basedir }}/db"
+ - "{{ basedir }}/db-init"
+ - "{{ basedir }}/mailu"
+ - "{{ basedir }}/mailu/overrides"
+ - "{{ basedir }}/mailu/overrides/postfix"
+ - "{{ basedir }}/mailman-core"
+ - "{{ basedir }}/mailman-core/var"
+ - "{{ basedir }}/mailman-core/var/data"
+ - "{{ basedir }}/mailman-web"
+# - "{{ basedir }}/mailman-db"
+
+
+# - name: "create folder struct for {{ servicename }} with rights"
+# file:
+# path: "{{ item }}"
+# state: "directory"
+# owner: "5000"
+# group: "5000"
+# mode: "ugo+rwx"
+# with_items:
+# - "{{ basedir }}/data/crypt"
+# - "{{ basedir }}/data/vmail"
+# - "{{ basedir }}/data/vmail-index"
+
+
+
+- name: "deploy {{ servicename }} config files"
template:
dest: "{{ basedir }}/{{ item }}"
src: "{{ item }}"
mode: 0644
with_items:
- - docker-mailman/docker-compose.override.yml
- - docker-mailman/nginx.conf
- - data/mailman-core/mailman-extra.cfg
- - data/mailman-web/settings_local.py
- register: config_mailman
-
-
-- name: deploy LogRotate configs
- template:
- src: "logrotate/{{item}}"
- dest: "/etc/logrotate.d/{{item}}"
- with_items:
- - mailman-core
- - mailman-web
-
-
-# Start mailcow containers
-- name: "stop {{ servicename }} (mailcow) docker"
+ - docker-compose.yml
+ - mailu.env
+ - mailman.env
+ - mailman-nginx.conf
+ - db-init/mailman.sql
+ - db-init/roundcube.sql
+ - mailu/overrides/postfix/postfix.cf
+ register: config
+
+
+# - name: deploy LogRotate configs
+# template:
+# src: "logrotate/{{item}}"
+# dest: "/etc/logrotate.d/{{item}}"
+# with_items:
+# - mailman-core
+# - mailman-web
+
+
+# Start containers
+- name: "stop {{ servicename }} docker"
docker_compose:
- project_src: "{{ basedir }}/mailcow-dockerized"
+ project_src: "{{ basedir }}"
state: absent
- when: config_mailcow.changed
+ when: config.changed
-- name: "start {{ servicename }} (mailcow) docker"
+- name: "start {{ servicename }} docker"
docker_compose:
- project_src: "{{ basedir }}/mailcow-dockerized"
+ project_src: "{{ basedir }}"
state: present
# Start mailman containers
-- name: "stop {{ servicename }} (mailman) docker"
- docker_compose:
- project_src: "{{ basedir }}/docker-mailman"
- state: absent
- when: config_mailcow.changed
-
-- name: "start {{ servicename }} (mailman) docker"
- docker_compose:
- project_src: "{{ basedir }}/docker-mailman"
- state: present
+# - name: "stop {{ servicename }} (mailman) docker"
+# docker_compose:
+# project_src: "{{ basedir }}/docker-mailman"
+# state: absent
+# when: config_mailcow.changed
+
+# - name: "start {{ servicename }} (mailman) docker"
+# docker_compose:
+# project_src: "{{ basedir }}/docker-mailman"
+# state: present
diff --git a/webserver/docker_mail/templates/data/mailman-core/mailman-extra.cfg b/webserver/docker_mail/templates/data/mailman-core/mailman-extra.cfg
deleted file mode 100644
index 5058fa5b340a5cbd70a7c0a6f5aea7a1472b8dbe..0000000000000000000000000000000000000000
--- a/webserver/docker_mail/templates/data/mailman-core/mailman-extra.cfg
+++ /dev/null
@@ -1,5 +0,0 @@
-[mailman]
-site_owner: listmaster@warpzone.ms
-
-[mta]
-remove_dkim_headers: yes
diff --git a/webserver/docker_mail/templates/data/mailman-web/settings_local.py b/webserver/docker_mail/templates/data/mailman-web/settings_local.py
deleted file mode 100644
index 5ad1b39eec21031167f1009dc0e7e363ddd2f638..0000000000000000000000000000000000000000
--- a/webserver/docker_mail/templates/data/mailman-web/settings_local.py
+++ /dev/null
@@ -1,20 +0,0 @@
-
-from settings import *
-import socket
-
-# Archivierung für Mailman-Core Container erlauben
-MAILMAN_ARCHIVER_FROM = (socket.gethostbyname('mailman-core'),)
-
-# disable social logins (google, facebook, etc. )
-INSTALLED_APPS = [a for a in INSTALLED_APPS if not
-a.startswith('allauth.socialaccount.providers') and not
-a.startswith('django_mailman3.lib.auth.fedora')]
-
-# Mail backend settings
-EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
-EMAIL_HOST = 'postfix'
-EMAIL_PORT = 25
-EMAIL_HOST_USER = ''
-EMAIL_HOST_PASSWORD = ''
-DEFAULT_FROM_EMAIL = 'listmaster@warpzone.ms'
-SERVER_EMAIL = 'listmaster@warpzone.ms'
diff --git a/webserver/docker_mail/templates/db-init/mailman.sql b/webserver/docker_mail/templates/db-init/mailman.sql
new file mode 100644
index 0000000000000000000000000000000000000000..27ff11b022f639467d9da9686b81477be370d439
--- /dev/null
+++ b/webserver/docker_mail/templates/db-init/mailman.sql
@@ -0,0 +1,4 @@
+CREATE DATABASE IF NOT EXISTS mailman;
+CREATE USER IF NOT EXISTS mailman@'%' IDENTIFIED BY '{{ mailman_db_pass }}';
+GRANT ALL ON mailman.* TO mailman@'%';
+FLUSH PRIVILEGES;
diff --git a/webserver/docker_mail/templates/db-init/roundcube.sql b/webserver/docker_mail/templates/db-init/roundcube.sql
new file mode 100644
index 0000000000000000000000000000000000000000..32e4983adfe2d9ae4976b9383d0feb1330c14e73
--- /dev/null
+++ b/webserver/docker_mail/templates/db-init/roundcube.sql
@@ -0,0 +1,4 @@
+CREATE DATABASE IF NOT EXISTS roundcube;
+CREATE USER IF NOT EXISTS roundcube@'%' IDENTIFIED BY '{{ roundcube_db_pass }}';
+GRANT ALL ON roundcube.* TO roundcube@'%';
+FLUSH PRIVILEGES;
diff --git a/webserver/docker_mail/templates/docker-compose.yml b/webserver/docker_mail/templates/docker-compose.yml
new file mode 100644
index 0000000000000000000000000000000000000000..1e0b4b267df51b9ee701a367ff55bc71785cfa3a
--- /dev/null
+++ b/webserver/docker_mail/templates/docker-compose.yml
@@ -0,0 +1,217 @@
+version: '2.2'
+
+services:
+
+ # External dependencies
+ redis:
+ image: redis:alpine
+ restart: always
+ volumes:
+ - "{{ basedir }}/mailu/redis:/data"
+ depends_on:
+ - resolver
+ dns:
+ - 192.168.203.254
+
+ # Certdumper
+ certdumper:
+ image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}traefik-certdumper:${MAILU_VERSION:-2.0}
+ restart: always
+ environment:
+ - DOMAIN={{ mailserver }}
+ - TRAEFIK_VERSION=v2
+ volumes:
+ - "/srv/traefik:/traefik"
+ - "{{ basedir }}/mailu/certs:/output"
+
+ # Core services
+ front:
+ image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}nginx:${MAILU_VERSION:-2.0}
+ restart: always
+ depends_on:
+ - db
+ - resolver
+ env_file: mailu.env
+ ports:
+ - "25:25" #smtp
+ - "465:465" #submissions
+ - "587:587" #submission
+ - "143:143" #imap
+ - "993:993" #imaps
+ volumes:
+ - "{{ basedir }}/mailu/certs:/certs"
+ - "{{ basedir }}/mailu/overrides/nginx:/overrides:ro"
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.routers.{{ servicename }}.entrypoints=websecure"
+ - "traefik.http.routers.{{ servicename }}.rule=Host(`{{ mailserver }}`)"
+ - "traefik.http.routers.{{ servicename }}.tls"
+ - "traefik.http.routers.{{ servicename }}.tls.certresolver=letsencrypt"
+ - "traefik.http.routers.{{ servicename }}.tls.domains[0].main={{ domain }}"
+ - "traefik.http.routers.{{ servicename }}.tls.domains[0].sans={{ mailserver }}"
+ - "traefik.http.routers.{{ servicename }}.service={{ servicename }}"
+ - "traefik.http.services.{{ servicename }}.loadbalancer.server.port=80"
+ networks:
+ - default
+ - web
+ dns:
+ - 192.168.203.254
+
+ resolver:
+ image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}unbound:${MAILU_VERSION:-2.0}
+ env_file: mailu.env
+ restart: always
+ networks:
+ default:
+ ipv4_address: 192.168.203.254
+
+ admin:
+ image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}admin:${MAILU_VERSION:-2.0}
+ restart: always
+ depends_on:
+ - db
+ - redis
+ - resolver
+ env_file: mailu.env
+ volumes:
+ - "{{ basedir }}/mailu/data:/data"
+ - "{{ basedir }}/mailu/dkim:/dkim"
+ dns:
+ - 192.168.203.254
+
+ imap:
+ image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-2.0}
+ restart: always
+ depends_on:
+ - db
+ - front
+ - resolver
+ env_file: mailu.env
+ volumes:
+ - "{{ basedir }}/mailu/mail:/mail"
+ - "{{ basedir }}/mailu/overrides/dovecot:/overrides:ro"
+ dns:
+ - 192.168.203.254
+
+ smtp:
+ image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-2.0}
+ restart: always
+ depends_on:
+ - db
+ - front
+ - resolver
+ - mailman-core
+ env_file: mailu.env
+ volumes:
+ - "{{ basedir }}/mailu/mailqueue:/queue"
+ - "{{ basedir }}/mailu/overrides/postfix:/overrides:ro"
+ - "{{ basedir }}/mailman-core/var/data:/opt/mailman:ro"
+ dns:
+ - 192.168.203.254
+
+ oletools:
+ image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}oletools:${MAILU_VERSION:-2.0}
+ hostname: oletools
+ restart: always
+ depends_on:
+ - resolver
+ networks:
+ - noinet
+ dns:
+ - 192.168.203.254
+
+ antispam:
+ image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-2.0}
+ hostname: antispam
+ restart: always
+ depends_on:
+ - front
+ - redis
+ - oletools
+ - resolver
+ env_file: mailu.env
+ volumes:
+ - "{{ basedir }}/mailu/filter:/var/lib/rspamd"
+ - "{{ basedir }}/mailu/overrides/rspamd:/overrides:ro"
+ networks:
+ default:
+ ipv4_address: 192.168.203.253
+ noinet:
+ dns:
+ - 192.168.203.254
+
+ # Optional mailu services: Database
+ db:
+ image: mariadb:10.5
+ command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
+ volumes:
+ - "{{ basedir }}/db:/var/lib/mysql"
+ - "{{ basedir }}/db-init:/docker-entrypoint-initdb.d:ro"
+ environment:
+ - MYSQL_DATABASE=mailu
+ - MYSQL_USER=mailu
+ - MYSQL_PASSWORD={{ mailu_db_pass }}
+ - MYSQL_ROOT_PASSWORD={{ mysql_root_pass }}
+
+ # Optional mailu services: Webmail
+ webmail:
+ image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}webmail:${MAILU_VERSION:-2.0}
+ restart: always
+ depends_on:
+ - front
+ env_file: mailu.env
+ volumes:
+ - "{{ basedir }}/mailu/webmail:/data"
+ - "{{ basedir }}/mailu/overrides/roundcube:/overrides:ro"
+
+ # Additional Services: mailman
+ mailman-core:
+ image: maxking/mailman-core:0.4
+ restart: always
+ env_file: mailman.env
+ depends_on:
+ - db
+ volumes:
+ - "{{ basedir }}/mailman-core:/opt/mailman:rw,z"
+
+ mailman-web:
+ image: maxking/mailman-web:0.4
+ restart: always
+ env_file: mailman.env
+ depends_on:
+ - db
+ volumes:
+ - "{{ basedir }}/mailman-web:/opt/mailman-web-data:rw,z"
+
+ mailman-nginx:
+ image: nginx:1.19
+ restart: always
+ depends_on:
+ - mailman-web
+ volumes:
+ - "{{ basedir }}/mailman-web/:/opt/mailman-web-data:ro,z"
+ - "{{ basedir }}/mailman-nginx.conf:/etc/nginx/conf.d/default.conf:ro"
+ labels:
+ - traefik.enable=true
+ - traefik.http.routers.{{ servicename }}-mailman.rule=Host(`{{ listserver }}`)
+ - traefik.http.routers.{{ servicename }}-mailman.entrypoints=websecure
+ - traefik.http.services.{{ servicename }}-mailman.loadbalancer.server.port=80
+ networks:
+ - default
+ - web
+
+networks:
+ default:
+ driver: bridge
+ enable_ipv6: true
+ ipam:
+ driver: default
+ config:
+ # must be a ULA range
+ - subnet: fd00:dead:beef:25::/64
+ - subnet: 192.168.203.0/24
+ noinet:
+ driver: bridge
+ internal: true
+ web:
+ external: true
diff --git a/webserver/docker_mail/templates/docker-mailman/docker-compose.override.yml b/webserver/docker_mail/templates/docker-mailman/docker-compose.override.yml
deleted file mode 100644
index 9da9c4eadb83d131f5a1597493c5d49924db0aee..0000000000000000000000000000000000000000
--- a/webserver/docker_mail/templates/docker-mailman/docker-compose.override.yml
+++ /dev/null
@@ -1,88 +0,0 @@
-version: '2'
-
-services:
-
-
- mailman-core:
- container_name: mail_mailman-core
- restart: always
- volumes:
- - "{{ basedir }}/data/mailman-core:/opt/mailman:rw,z"
- environment:
- - DATABASE_URL=postgres://mailman:{{ postgres_mailman_pass }}@database/mailmandb
- - MTA=postfix
- - MM_HOSTNAME=mailman-core-mail
- - SMTP_HOST=postfix
- - SMTP_PORT=25
- - MAILMAN_REST_USER=mailman
- - MAILMAN_REST_PASSWORD={{ mailman_restapi_pass }}
- - HYPERKITTY_URL=http://mailman-web:8000/hyperkitty
- - HYPERKITTY_API_KEY={{ hyperkitty_api_key }}
- networks:
- mailman:
- aliases:
- - mailman-core
- mail:
- aliases:
- - mailman-core
- - mailman-core-mail
-
-
- mailman-web:
- container_name: mail_mailman-web
- restart: always
- volumes:
- - "{{ basedir }}/data/mailman-web:/opt/mailman-web-data:rw,z"
- environment:
- - DATABASE_URL=postgres://mailman:{{ postgres_mailman_pass }}@database/mailmandb
- - HYPERKITTY_API_KEY={{ hyperkitty_api_key }}
- - SECRET_KEY={{ mailman_secret_key }}
- - SERVE_FROM_DOMAIN=listserver.warpzone.ms
- - MAILMAN_REST_URL=http://mailman-core-mail:8001
- - MAILMAN_REST_USER=mailman
- - MAILMAN_REST_PASSWORD={{ mailman_restapi_pass }}
- networks:
- - mail
- - mailman
-
-
- nginx:
- container_name: mail_mailman-nginx
- image: nginx:1.19
- restart: always
- depends_on:
- - mailman-web
- volumes:
- - "{{ basedir }}/data/mailman-web/:/opt/mailman-web-data:ro,z"
- - "{{ basedir }}/docker-mailman/nginx.conf:/etc/nginx/conf.d/default.conf:ro"
- labels:
- - traefik.enable=true
- - traefik.http.routers.{{ servicename }}-mailman.rule=Host(`listserver.warpzone.ms`) || Host(`lists.warpzone.ms`)
- - traefik.http.routers.{{ servicename }}-mailman.entrypoints=websecure
- - traefik.http.services.{{ servicename }}-mailman.loadbalancer.server.port=80
- networks:
- - mailman
- - web
-
-
- database:
- container_name: mail_mailman-db
- restart: always
- environment:
- - POSTGRES_PASSWORD={{ postgres_mailman_pass }}
- volumes:
- - "{{ basedir }}/data/mailman-postgres:/var/lib/postgresql/data"
- networks:
- - mailman
-
-
-
-networks:
- mailman:
- driver: bridge
- ipam:
- driver: default
- mail:
- external: true
- web:
- external: true
diff --git a/webserver/docker_mail/templates/logrotate/mailman-core b/webserver/docker_mail/templates/logrotate/mailman-core
deleted file mode 100644
index bb8e31704a1dcca0da654f29e85fd78387efc7e6..0000000000000000000000000000000000000000
--- a/webserver/docker_mail/templates/logrotate/mailman-core
+++ /dev/null
@@ -1,7 +0,0 @@
-/srv/mail/data/mailman-core/var/logs/*.log {
- rotate 12
- monthly
- compress
- missingok
- notifempty
-}
diff --git a/webserver/docker_mail/templates/logrotate/mailman-web b/webserver/docker_mail/templates/logrotate/mailman-web
deleted file mode 100644
index 17f75f37047cb26973d5d710676266c012ebe7d4..0000000000000000000000000000000000000000
--- a/webserver/docker_mail/templates/logrotate/mailman-web
+++ /dev/null
@@ -1,7 +0,0 @@
-/srv/mail/data/mailman-web/logs/*.log {
- rotate 12
- monthly
- compress
- missingok
- notifempty
-}
diff --git a/webserver/docker_mail/templates/mailcow-dockerized/data/conf/postfix/extra.cf b/webserver/docker_mail/templates/mailcow-dockerized/data/conf/postfix/extra.cf
deleted file mode 100644
index cc443f471121ee2578fd5b5f413729a80d45f722..0000000000000000000000000000000000000000
--- a/webserver/docker_mail/templates/mailcow-dockerized/data/conf/postfix/extra.cf
+++ /dev/null
@@ -1,22 +0,0 @@
-
-# Support the default VERP delimiter.
-recipient_delimiter = +
-unknown_local_recipient_reject_code = 550
-owner_request_special = no
-
-# use relay_recipient_maps instead of local_recipient_maps
-relay_recipient_maps =
- regexp:/opt/mailman/postfix_lmtp
-
-# Wert aus main.cf übernommen und ergänzt
-transport_maps =
- pcre:/opt/postfix/conf/custom_transport.pcre,
- pcre:/opt/postfix/conf/local_transport,
- proxy:mysql:/opt/postfix/conf/sql/mysql_relay_ne.cf,
- proxy:mysql:/opt/postfix/conf/sql/mysql_transport_maps.cf,
- regexp:/opt/mailman/postfix_lmtp
-
-# Wert aus main.cf übernommen und ergänzt
-relay_domains =
- proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_relay_domain_maps.cf,
- regexp:/opt/mailman/postfix_domains
diff --git a/webserver/docker_mail/templates/mailcow-dockerized/docker-compose.override.yml b/webserver/docker_mail/templates/mailcow-dockerized/docker-compose.override.yml
deleted file mode 100644
index b891ae979b41408c6c006319ff0d182c01009150..0000000000000000000000000000000000000000
--- a/webserver/docker_mail/templates/mailcow-dockerized/docker-compose.override.yml
+++ /dev/null
@@ -1,182 +0,0 @@
-version: '2.1'
-
-services:
-
-# Export der Letsencrypt-Zertifikate von traefik zur Verwendung in Postfix und Dovecot
-
- traefik-certdumper:
- image: humenius/traefik-certs-dumper
- restart: always
- network_mode: none
- command: --restart-containers mail_dovecot-mailcow_1,mail_postfix-mailcow_1,mail_nginx-mailcow_1,mail_watchdog-mailcow_1
- volumes:
- # mount the folder which contains Traefik's `acme.json' file
- - /srv/traefik/acme.json:/traefik/acme.json:ro
- # mount mailcow's SSL folder
- - ./data/assets/ssl/:/output:rw
- # Docker API for Container restart
- - /var/run/docker.sock:/var/run/docker.sock:ro
- environment:
- # only change this, if you're using another domain for mailcow's web frontend compared to the standard config
- - DOMAIN=${MAILCOW_HOSTNAME}
-
-
-# Prometheus Postfix Exporter
-
- postfix-exporter:
- image: unikum/postfix_exporter:latest
- restart: always
- depends_on:
- - postfix-mailcow
- ports:
- - "{{ int_ip4 }}:9154:9154"
- volumes:
- - "postfix-vol-1:/var/spool/postfix:z"
-
-
-# Labels für traefik Konfiguration
-# Der Container nginx-mailcow benötigt zusätzlich den Alias sogo, damit der Container wegfallen kann
-
- nginx-mailcow:
- labels:
- - traefik.enable=true
- - traefik.http.routers.{{ servicename }}-mailcow.rule=Host(`${MAILCOW_HOSTNAME}`) || Host(`mail.warpzone.ms`)
- - traefik.http.routers.{{ servicename }}-mailcow.entrypoints=websecure
- - traefik.http.services.{{ servicename }}-mailcow.loadbalancer.server.port=42012
- networks:
- mailcow-network:
- aliases:
- - nginx
- - sogo
- - ejabberd
- web:
- aliases:
- - mailcow
-
-
-# Mailman konfiguration in Postfix-Container mounten
-# postfix ans mail netzwerk um mit mailman zu kommunizieren
-
- postfix-mailcow:
- volumes:
- - "{{ basedir }}/data/mailman-core/var/data:/opt/mailman:rw,z"
- networks:
- mail:
- aliases:
- - postfix
-
-
-# Container anpassen um start zu unterbinden
- clamd-mailcow:
- image: stakater/exit-container
- restart: 'no'
-
- sogo-mailcow:
- image: stakater/exit-container
- restart: 'no'
-
- acme-mailcow:
- image: stakater/exit-container
- restart: 'no'
-
- solr-mailcow:
- image: stakater/exit-container
- restart: 'no'
-
- ejabberd-mailcow:
- image: stakater/exit-container
- restart: 'no'
-
-
-# Externes Netzwerk
-
-networks:
- web:
- external: true
- mail:
- external: true
-
-
-# Volumes auf lokale Verzeichnise umlenken
-
-volumes:
- # Storage for email files
- vmail-vol-1:
- driver: local
- driver_opts:
- o: bind
- type: none
- device: "{{ basedir }}/data/vmail"
- # Storage for index (deduplicated)
- vmail-index-vol-1:
- driver: local
- driver_opts:
- o: bind
- type: none
- device: "{{ basedir }}/data/vmail-index"
- mysql-vol-1:
- driver: local
- driver_opts:
- o: bind
- type: none
- device: "{{ basedir }}/data/mysql"
- mysql-socket-vol-1:
- driver: local
- driver_opts:
- o: bind
- type: none
- device: "{{ basedir }}/data/mysql-socket"
- redis-vol-1:
- driver: local
- driver_opts:
- o: bind
- type: none
- device: "{{ basedir }}/data/redis"
- rspamd-vol-1:
- driver: local
- driver_opts:
- o: bind
- type: none
- device: "{{ basedir }}/data/rspamd"
- solr-vol-1:
- driver: local
- driver_opts:
- o: bind
- type: none
- device: "{{ basedir }}/data/solr"
- postfix-vol-1:
- driver: local
- driver_opts:
- o: bind
- type: none
- device: "{{ basedir }}/data/postfix"
- crypt-vol-1:
- driver: local
- driver_opts:
- o: bind
- type: none
- device: "{{ basedir }}/data/crypt"
- sogo-web-vol-1:
- driver: local
- driver_opts:
- o: bind
- type: none
- device: "{{ basedir }}/data/sogo-web"
- sogo-userdata-backup-vol-1:
- driver: local
- driver_opts:
- o: bind
- type: none
- device: "{{ basedir }}/data/sogo-userdata-backup"
- xmpp-vol-1:
- driver: local
- driver_opts:
- o: bind
- type: none
- device: "{{ basedir }}/data/xmpp-vol-1"
- xmpp-upload-vol-1:
- driver: local
- driver_opts:
- o: bind
- type: none
- device: "{{ basedir }}/data/xmpp-upload-vol-1"
diff --git a/webserver/docker_mail/templates/mailcow-dockerized/mailcow.conf b/webserver/docker_mail/templates/mailcow-dockerized/mailcow.conf
deleted file mode 100644
index 6aac1d7fe879ad80ba0030b32d4a2a75865b891e..0000000000000000000000000000000000000000
--- a/webserver/docker_mail/templates/mailcow-dockerized/mailcow.conf
+++ /dev/null
@@ -1,208 +0,0 @@
-# ------------------------------
-# mailcow web ui configuration
-# ------------------------------
-# example.org is _not_ a valid hostname, use a fqdn here.
-# Default admin user is "admin"
-# Default password is "moohoo"
-
-MAILCOW_HOSTNAME=mailserver.warpzone.ms
-
-# ------------------------------
-# SQL database configuration
-# ------------------------------
-
-DBNAME=mailcow
-DBUSER=mailcow
-
-# Please use long, random alphanumeric strings (A-Za-z0-9)
-
-DBPASS={{ mysql_mailcow_pass }}
-DBROOT={{ mysql_root_pass }}
-
-# ------------------------------
-# HTTP/S Bindings
-# ------------------------------
-
-# You should use HTTPS, but in case of SSL offloaded reverse proxies:
-# Might be important: This will also change the binding within the container.
-# If you use a proxy within Docker, point it to the ports you set below.
-# Do _not_ use IP:PORT in HTTP(S)_BIND or HTTP(S)_PORT
-# IMPORTANT: Do not use port 8081, 9081 or 65510!
-
-HTTP_PORT=42012
-HTTP_BIND=127.0.0.1
-
-HTTPS_PORT=42013
-HTTPS_BIND=127.0.0.1
-
-# ------------------------------
-# Other bindings
-# ------------------------------
-# You should leave that alone
-# Format: 11.22.33.44:25 or 0.0.0.0:465 etc.
-
-SMTP_PORT=25
-SMTPS_PORT=465
-SUBMISSION_PORT=587
-IMAP_PORT=127.0.0.1:143
-IMAPS_PORT=993
-POP_PORT=127.0.0.1:110
-POPS_PORT=127.0.0.1:995
-SIEVE_PORT=127.0.0.1:4190
-DOVEADM_PORT=127.0.0.1:19991
-SQL_PORT=127.0.0.1:23306
-SOLR_PORT=127.0.0.1:18983
-REDIS_PORT=127.0.0.1:7654
-
-# bind jabber to nonstandard port because we already have a jabber running
-# no (vig) risk as we use the exit container
-XMPP_C2S_PORT=127:0.0.1:15222
-XMPP_S2S_PORT=127:0.0.1:15269
-XMPP_HTTPS_PORT=127:0.0.1:15443
-
-# Your timezone
-
-TZ=Europe/Berlin
-
-# Fixed project name
-# Please use lowercase letters only
-
-COMPOSE_PROJECT_NAME=mail
-
-# Set this to "allow" to enable the anyone pseudo user. Disabled by default.
-# When enabled, ACL can be created, that apply to "All authenticated users"
-# This should probably only be activated on mail hosts, that are used exclusivly by one organisation.
-# Otherwise a user might share data with too many other users.
-ACL_ANYONE=disallow
-
-# Garbage collector cleanup
-# Deleted domains and mailboxes are moved to /var/vmail/_garbage/timestamp_sanitizedstring
-# How long should objects remain in the garbage until they are being deleted? (value in minutes)
-# Check interval is hourly
-
-MAILDIR_GC_TIME=7200
-
-# Additional SAN for the certificate
-#
-# You can use wildcard records to create specific names for every domain you add to mailcow.
-# Example: Add domains "example.com" and "example.net" to mailcow, change ADDITIONAL_SAN to a value like:
-#ADDITIONAL_SAN=imap.*,smtp.*
-# This will expand the certificate to "imap.example.com", "smtp.example.com", "imap.example.net", "imap.example.net"
-# plus every domain you add in the future.
-#
-# You can also just add static names...
-#ADDITIONAL_SAN=srv1.example.net
-# ...or combine wildcard and static names:
-#ADDITIONAL_SAN=imap.*,srv1.example.com
-#
-
-ADDITIONAL_SAN=
-
-# Skip running ACME (acme-mailcow, Let's Encrypt certs) - y/n
-
-SKIP_LETS_ENCRYPT=y
-
-# Create seperate certificates for all domains - y/n
-# this will allow adding more than 100 domains, but some email clients will not be able to connect with alternative hostnames
-# see https://wiki.dovecot.org/SSL/SNIClientSupport
-ENABLE_SSL_SNI=n
-
-# Skip IPv4 check in ACME container - y/n
-
-SKIP_IP_CHECK=n
-
-# Skip HTTP verification in ACME container - y/n
-
-SKIP_HTTP_VERIFICATION=n
-
-# Skip ClamAV (clamd-mailcow) anti-virus (Rspamd will auto-detect a missing ClamAV container) - y/n
-
-SKIP_CLAMD=y
-
-# Skip SOGo: Will disable SOGo integration and therefore webmail, DAV protocols and ActiveSync support (experimental, unsupported, not fully implemented) - y/n
-
-SKIP_SOGO=y
-
-# Skip Solr on low-memory systems or if you do not want to store a readable index of your mails in solr-vol-1.
-
-SKIP_SOLR=y
-
-# Solr heap size in MB, there is no recommendation, please see Solr docs.
-# Solr is a prone to run OOM and should be monitored. Unmonitored Solr setups are not recommended.
-
-SOLR_HEAP=1024
-
-# Allow admins to log into SOGo as email user (without any password)
-
-ALLOW_ADMIN_EMAIL_LOGIN=n
-
-# Enable watchdog (watchdog-mailcow) to restart unhealthy containers
-
-USE_WATCHDOG=y
-
-# Send watchdog notifications by mail (sent from watchdog@MAILCOW_HOSTNAME)
-# CAUTION:
-# 1. You should use external recipients
-# 2. Mails are sent unsigned (no DKIM)
-# 3. If you use DMARC, create a separate DMARC policy ("v=DMARC1; p=none;" in _dmarc.MAILCOW_HOSTNAME)
-# Multiple rcpts allowed, NO quotation marks, NO spaces
-
-#WATCHDOG_NOTIFY_EMAIL=a@example.com,b@example.com,c@example.com
-WATCHDOG_NOTIFY_EMAIL=warpzone-server-issues@void.ms
-
-# Notify about banned IP (includes whois lookup)
-WATCHDOG_NOTIFY_BAN=n
-
-# Checks if mailcow is an open relay. Requires a SAL. More checks will follow.
-# https://www.servercow.de/mailcow?lang=en
-# https://www.servercow.de/mailcow?lang=de
-# No data is collected. Opt-in and anonymous.
-# Will only work with unmodified mailcow setups.
-WATCHDOG_EXTERNAL_CHECKS=y
-
-# Max log lines per service to keep in Redis logs
-
-LOG_LINES=9999
-
-# Internal IPv4 /24 subnet, format n.n.n (expands to n.n.n.0/24)
-# Use private IPv4 addresses only, see https://en.wikipedia.org/wiki/Private_network#Private_IPv4_addresses
-
-IPV4_NETWORK=192.168.15
-
-# Internal IPv6 subnet in fc00::/7
-# Use private IPv6 addresses only, see https://en.wikipedia.org/wiki/Private_network#Private_IPv6_addresses
-
-IPV6_NETWORK=fd4d:dead:beef:2342::/64
-
-# Use this IPv4 for outgoing connections (SNAT)
-
-SNAT_TO_SOURCE={{ ext_ip4 }}
-
-# Use this IPv6 for outgoing connections (SNAT)
-
-SNAT6_TO_SOURCE={{ ext_ip6 }}
-
-# Create or override an API key for the web UI
-# You _must_ define API_ALLOW_FROM, which is a comma separated list of IPs
-# An API key defined as API_KEY has read-write access
-# An API key defined as API_KEY_READ_ONLY has read-only access
-# Allowed chars for API_KEY and API_KEY_READ_ONLY: a-z, A-Z, 0-9, -
-# You can define API_KEY and/or API_KEY_READ_ONLY
-
-#API_KEY=
-#API_KEY_READ_ONLY=
-#API_ALLOW_FROM=172.22.1.1,127.0.0.1
-
-# mail_home is ~/Maildir
-MAILDIR_SUB=Maildir
-
-# SOGo session timeout in minutes
-SOGO_EXPIRE_SESSION=480
-
-# DOVECOT_MASTER_USER and DOVECOT_MASTER_PASS must both be provided. No special chars.
-# Empty by default to auto-generate master user and password on start.
-# User expands to DOVECOT_MASTER_USER@mailcow.local
-# LEAVE EMPTY IF UNSURE
-DOVECOT_MASTER_USER=
-# LEAVE EMPTY IF UNSURE
-DOVECOT_MASTER_PASS=
diff --git a/webserver/docker_mail/templates/docker-mailman/nginx.conf b/webserver/docker_mail/templates/mailman-nginx.conf
similarity index 100%
rename from webserver/docker_mail/templates/docker-mailman/nginx.conf
rename to webserver/docker_mail/templates/mailman-nginx.conf
diff --git a/webserver/docker_mail/templates/mailman.env b/webserver/docker_mail/templates/mailman.env
new file mode 100644
index 0000000000000000000000000000000000000000..7ade751389ef13db6a94193c0bd67c65314f6ace
--- /dev/null
+++ b/webserver/docker_mail/templates/mailman.env
@@ -0,0 +1,32 @@
+# Admin User
+MAILMAN_ADMIN_USER=listadmin
+MAILMAN_ADMIN_EMAIL=listadmin@warpzone.ms
+
+# MTA to use
+MTA=postfix
+
+# SMTP Host and Port
+SMTP_HOST=smtp
+SMTP_PORT=25
+
+# External Domain for Mailman web Interface
+SERVE_FROM_DOMAIN={{ listserver }}
+
+# Mailman Secret Key
+SECRET_KEY={{ mailman_secret_key }}
+
+# Database for mailman and Hyperkitty
+DATABASE_URL=mysql://mailman:{{ mailman_db_pass }}@db/mailman?charset=utf8mb4
+
+# Internal hostname of the Mailman Core Container
+MM_HOSTNAME=mailman-core
+
+# User and Password for Mailman API
+MAILMAN_REST_USER=mailman
+MAILMAN_REST_PASSWORD={{ mailman_restapi_pass }}
+
+# internal URL and API Key for Hyperkitty
+HYPERKITTY_URL=http://mailman-web:8000/hyperkitty
+HYPERKITTY_API_KEY={{ hyperkitty_api_key }}
+
+
diff --git a/webserver/docker_mail/templates/mailu.env b/webserver/docker_mail/templates/mailu.env
new file mode 100644
index 0000000000000000000000000000000000000000..8c370d0afd97386d4fb2fae7e5332aef946449ef
--- /dev/null
+++ b/webserver/docker_mail/templates/mailu.env
@@ -0,0 +1,181 @@
+###################################
+# Additional Setings
+###################################
+
+# Set Version
+MAILU_VERSION=2.0.4
+
+# Autocreate Admin User
+INITIAL_ADMIN_ACCOUNT=mailadmin
+INITIAL_ADMIN_DOMAIN={{ domain }}
+INITIAL_ADMIN_PW={{ mailu_admin_pass }}
+INITIAL_ADMIN_MODE=ifmissing
+
+# force internel connect to rspamd with ipv4
+ANTISPAM_ADDRESS=192.168.203.253
+
+# Use Mysql as Database
+SQLALCHEMY_DATABASE_URI=mysql+mysqlconnector://mailu:{{ mailu_db_pass }}@db/mailu
+
+# Use Mysql as Database
+SQLALCHEMY_DATABASE_URI_ROUNDCUBE=mysql://roundcube:{{ roundcube_db_pass }}@db/roundcube
+
+###################################
+# Common configuration variables
+###################################
+
+# Set mailu version
+MAILU_VERSION=2.0
+
+# Set to a randomly generated 16 bytes string
+SECRET_KEY={{ mailu_secret_key }}
+
+# Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!)
+SUBNET=192.168.203.0/24
+
+# Main mail domain
+DOMAIN={{ domain }}
+
+# Hostnames for this server, separated with comas
+HOSTNAMES={{ mailserver }}
+
+# Postmaster local part (will append the main mail domain)
+POSTMASTER=admin
+
+# Choose how secure connections will behave (value: letsencrypt, cert, notls, mail, mail-letsencrypt)
+TLS_FLAVOR=mail
+
+# Authentication rate limit per IP (per /24 on ipv4 and /48 on ipv6)
+AUTH_RATELIMIT_IP=60/hour
+
+# Authentication rate limit per user (regardless of the source-IP)
+AUTH_RATELIMIT_USER=100/day
+
+# Opt-out of statistics, replace with "True" to opt out
+DISABLE_STATISTICS=True
+
+###################################
+# Optional features
+###################################
+
+# Expose the admin interface (value: true, false)
+ADMIN=true
+
+# Choose which webmail to run if any (values: roundcube, snappymail, none)
+WEBMAIL=roundcube
+
+# Expose the API interface (value: true, false)
+API=false
+
+# Dav server implementation (value: radicale, none)
+WEBDAV=none
+
+# Antivirus solution (value: clamav, none)
+ANTIVIRUS=none
+
+# Scan Macros solution (value: true, false)
+SCAN_MACROS=true
+
+###################################
+# Mail settings
+###################################
+
+# Message size limit in bytes
+# Default: accept messages up to 50MB
+# Max attachment size will be 33% smaller
+MESSAGE_SIZE_LIMIT=50000000
+
+# Message rate limit (per user)
+MESSAGE_RATELIMIT=200/day
+
+# Networks granted relay permissions
+# Use this with care, all hosts in this networks will be able to send mail without authentication!
+RELAYNETS=
+
+# Will relay all outgoing mails if configured
+RELAYHOST=
+
+# Enable fetchmail
+FETCHMAIL_ENABLED=False
+
+# Fetchmail delay
+FETCHMAIL_DELAY=600
+
+# Recipient delimiter, character used to delimiter localpart from custom address part
+# must be set to + for mailman
+RECIPIENT_DELIMITER=+
+
+# DMARC rua and ruf email
+DMARC_RUA=admin
+DMARC_RUF=admin
+
+# Welcome email, enable and set a topic and body if you wish to send welcome
+# emails to all users.
+WELCOME=false
+WELCOME_SUBJECT=Welcome to your new email account
+WELCOME_BODY=Welcome to your new email account, if you can read this, then it is configured properly!
+
+# Maildir Compression
+# choose compression-method, default: none (value: gz, bz2)
+COMPRESSION=
+# change compression-level, default: 6 (value: 1-9)
+COMPRESSION_LEVEL=
+
+# IMAP full-text search is enabled by default. Set the following variable to off in order to disable the feature.
+FULL_TEXT_SEARCH=on
+
+###################################
+# Web settings
+###################################
+
+# Path to redirect / to
+WEBROOT_REDIRECT=/webmail
+
+# Path to the admin interface if enabled
+WEB_ADMIN=/admin
+
+# Path to the webmail if enabled
+WEB_WEBMAIL=/webmail
+
+# Path to the API interface if enabled
+WEB_API=
+
+# Website name
+SITENAME=warpzone mail
+
+# Linked Website URL
+WEBSITE=https://listserver.{{ domain }}
+
+
+
+###################################
+# Advanced settings
+###################################
+
+# Docker-compose project name, this will prepended to containers names.
+COMPOSE_PROJECT_NAME=mailu
+
+# Number of rounds used by the password hashing scheme
+CREDENTIAL_ROUNDS=12
+
+# Header to take the real ip from
+REAL_IP_HEADER=X-Real-Ip
+
+# IPs for nginx set_real_ip_from (CIDR list separated by commas)
+REAL_IP_FROM=0.0.0.0/0
+
+# choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no)
+REJECT_UNLISTED_RECIPIENT=
+
+# Log level threshold in start.py (value: CRITICAL, ERROR, WARNING, INFO, DEBUG, NOTSET)
+LOG_LEVEL=WARNING
+
+# Timezone for the Mailu containers. See this link for all possible values https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
+TZ=Europe/Berlin
+
+# Default spam threshold used for new users
+DEFAULT_SPAM_THRESHOLD=80
+
+# API token required for authenticating to the RESTful API.
+# This is a mandatory setting for using the RESTful API.
+API_TOKEN={{ mailu_api_token }}
diff --git a/webserver/docker_mail/templates/mailu/overrides/postfix/postfix.cf b/webserver/docker_mail/templates/mailu/overrides/postfix/postfix.cf
new file mode 100644
index 0000000000000000000000000000000000000000..7c0123e79805c85732436ebb7c34c66ec48de90c
--- /dev/null
+++ b/webserver/docker_mail/templates/mailu/overrides/postfix/postfix.cf
@@ -0,0 +1,14 @@
+
+# Overrides for mailman3 integration
+# see https://patrick.georgi.family/2019/01/12/combining-mailman-3-with-mailu/
+
+always_add_missing_headers = yes
+append_at_myorigin=no
+append_dot_mydomain=no
+local_header_rewrite_clients = permit_sasl_authenticated
+owner_request_special = no
+unknown_local_recipient_reject_code = 550
+
+local_recipient_maps = regexp:/opt/mailman/postfix_lmtp
+transport_maps = regexp:/opt/mailman/postfix_lmtp, lmdb:/etc/postfix/transport.map, \${podop}transport
+virtual_mailbox_maps = regexp:/opt/mailman/postfix_lmtp, \${podop}mailbox
diff --git a/webserver/docker_mail/templates/mailu/overrides/postfix/transport.map b/webserver/docker_mail/templates/mailu/overrides/postfix/transport.map
new file mode 100644
index 0000000000000000000000000000000000000000..80a3d9e5e568fa2a380ebef229108794d66574f2
--- /dev/null
+++ b/webserver/docker_mail/templates/mailu/overrides/postfix/transport.map
@@ -0,0 +1,9 @@
+yahoo.com polite:
+hotmail.com polite:
+outlook.com polite:
+exchange.com polite:
+microsoft.com polite:
+1und1.de polite:
+t-online.de polite:
+web.de polite:
+gmail.com polite:
diff --git a/webserver/docker_matrix/templates/docker-compose.yml b/webserver/docker_matrix/templates/docker-compose.yml
index 25c55decf8bf27258a59802ff2ea7834a68f2e77..60afbb5b10dfdff6d112a857c6983216913280d6 100644
--- a/webserver/docker_matrix/templates/docker-compose.yml
+++ b/webserver/docker_matrix/templates/docker-compose.yml
@@ -50,7 +50,6 @@ services:
- traefik.http.services.matrix_federation.loadbalancer.server.port=8448
networks:
- default
- - mail
- web
ma1sd:
@@ -70,7 +69,5 @@ services:
- web
networks:
- mail:
- external: true
web:
external: true
diff --git a/webserver/docker_matrix/templates/synapse-data/homeserver.yaml b/webserver/docker_matrix/templates/synapse-data/homeserver.yaml
index 94ac867e259b51fa223a9ffbb3ffa5e1ef4abbac..09065200132ef7869a53eb9eeb3d79d7f3eca6e8 100644
--- a/webserver/docker_matrix/templates/synapse-data/homeserver.yaml
+++ b/webserver/docker_matrix/templates/synapse-data/homeserver.yaml
@@ -94,10 +94,12 @@ trusted_key_servers:
- server_name: "matrix.org"
email:
- smtp_host: postfix
- smtp_port: 25
+ smtp_host: {{ smtp_host }}
+ smtp_port: {{ smtp_port }}
+ smtp_user: "{{ noreply_email_user }}"
+ smtp_pass: "{{ noreply_email_pass }}"
require_transport_security: false
- notif_from: "Your Friendly warpzone Matrix homeserver <{{ noreply_email_user }}>"
+ notif_from: "Warpzone Matrix <matrix@{{ smtp_domain }}>"
enable_notifs: true
notif_for_new_users: False
diff --git a/webserver/docker_wordpress/tasks/main.yml b/webserver/docker_wordpress/tasks/main.yml
index 6e69e0641df98b3452eef4e7ea356b92d8d8c4aa..bb3b77f7eed0ef468a552265f7081e07cae60665 100644
--- a/webserver/docker_wordpress/tasks/main.yml
+++ b/webserver/docker_wordpress/tasks/main.yml
@@ -2,6 +2,7 @@
- include_tasks: ../functions/get_secret.yml
with_items:
+ - { path: /srv/shared/noreply_email_pass, length: -1 }
- { path: /srv/wordpress/mysql_root_pass, length: 24 }
- { path: /srv/wordpress/mysql_user_pass, length: 12 }
diff --git a/webserver/docker_wordpress/templates/docker-compose.yml b/webserver/docker_wordpress/templates/docker-compose.yml
index a6e9313da60b0f7c016f619838a3085f5b6d06f2..8b8cf87d070a4299ddd286d9516d70b34e68f39d 100644
--- a/webserver/docker_wordpress/templates/docker-compose.yml
+++ b/webserver/docker_wordpress/templates/docker-compose.yml
@@ -18,7 +18,7 @@ services:
- default
app:
-
+ # values set in configuration: noreply_email_user - noreply_email_pass - smtp_host - smtp_port
build: .
restart: always
volumes:
@@ -35,11 +35,8 @@ services:
- traefik.http.services.{{ servicename }}.loadbalancer.server.port=80
networks:
- default
- - mail
- web
networks:
- mail:
- external: true
web:
external: true