Skip to content
Snippets Groups Projects
Commit bd4fff4c authored by Jens Sandmann's avatar Jens Sandmann
Browse files

mail: env more values, tasks remove unused

parent 6f6c3d6b
No related branches found
No related tags found
No related merge requests found
---
servicename: mail
basedir: /srv/mail
gitdir: mailcow-mailman3-dockerized
---
- include_tasks: ../functions/get_secret.yml
with_items:
- { path: "{{ basedir }}/secrets/MCDBPASS", length: 28 }
- { path: "{{ basedir }}/secrets/MCDBROOT", length: 28 }
- { path: "{{ basedir }}/secrets/HKAPIKEY", length: 28 }
- { path: "{{ basedir }}/secrets/MMDBPASS", length: 28 }
- { path: "{{ basedir }}/secrets/MMDBROOT", length: 28 }
- { path: "{{ basedir }}/secrets/DJSECRET", length: 28 }
- name: "create folder struct for {{ servicename }}"
file:
path: "{{ item }}"
state: "directory"
with_items:
- "{{ basedir }}"
- "{{ basedir }}/secrets"
# - "{{ basedir }}/conf"
# - "{{ basedir }}/conf/rspamd/"
# - "{{ basedir }}/conf/rspamd/custom/"
# - "{{ basedir }}/conf/unbound/"
# - "{{ basedir }}/certdump/"
# - "{{ basedir }}/dovecot-run/"
# - "{{ basedir }}/postfix/"
# - name: "create folder struct for {{ servicename }} 2"
# file:
# path: "{{ item }}"
# state: "directory"
# owner: "5000"
# group: "5000"
# with_items:
# - "{{ basedir }}/mail/"
# - "{{ basedir }}/mail-crypt/"
# - "{{ basedir }}/mail-attachments/"```
- name: Git checkout mailcow+mailman-dockerized
git:
repo: 'https://github.com/Shadowghost/mailcow-mailman3-dockerized.git'
dest: "{{ basedir }}/{{ gitdir }}"
version: 7c9e89dce588568c5b528b3b9d0e01f42e485952
# Current version at 2020-11-04
- name: deploy enviroment file
template:
dest: "{{ basedir }}/{{ gitdir }}/.env"
src: "env"
# ------------------------------------
# mailcow web ui configuration
# ------------------------------------
# example.org is _not_ a valid hostname, use a fqdn here.
# Default admin user is "admin"
# Default password is "moohoo"
MAILCOW_HOSTNAME=mailserver.warpzone.ms
DOMAINNAME=lists.warpzone.ms
HOSTNAME=webserver
# ------------------------------------
# Mailcow SQL database configuration
# ------------------------------------
MCDBNAME=mailcow
MCDBUSER=mailcow
# Please use long, random alphanumeric strings (A-Za-z0-9)
MCDBPASS={{ MCDBPASS }}
MCDBROOT={{ MCDBROOT}}
# ------------------------------------
# Mailman3 configuration
# ------------------------------------
HKAPIKEY={{ HKAPIKEY }}
MMDBPASS={{ MMDBPASS }}
MMDBROOT={{ MMDBROOT }}
DJSECRET={{ DJSECRET }}
# ------------------------------
# HTTP/S Bindings
# ------------------------------
# You should use HTTPS, but in case of SSL offloaded reverse proxies:
# Might be important: This will also change the binding within the container.
# If you use a proxy within Docker, point it to the ports you set below.
# Do _not_ use IP:PORT in HTTP(S)_BIND or HTTP(S)_PORT
# IMPORTANT: Do not use port 8081, 9081 or 65510!
HTTP_PORT=42012
HTTP_BIND=127.0.0.1
HTTPS_PORT=42013
HTTPS_BIND=127.0.0.1
# ------------------------------
# Other bindings
# ------------------------------
# You should leave that alone
# Format: 11.22.33.44:25 or 0.0.0.0:465 etc.
SMTP_PORT=25
SMTPS_PORT=465
SUBMISSION_PORT=587
IMAP_PORT=143
IMAPS_PORT=993
POP_PORT=110
POPS_PORT=995
SIEVE_PORT=4190
DOVEADM_PORT=127.0.0.1:19991
SQL_PORT=127.0.0.1:23306
SOLR_PORT=127.0.0.1:18983
REDIS_PORT=127.0.0.1:7654
# Your timezone
TZ=Europe/Berlin
# Fixed project name
# Please use lowercase letters only
COMPOSE_PROJECT_NAME=mail
# Set this to "allow" to enable the anyone pseudo user. Disabled by default.
# When enabled, ACL can be created, that apply to "All authenticated users"
# This should probably only be activated on mail hosts, that are used exclusivly by one organisation.
# Otherwise a user might share data with too many other users.
ACL_ANYONE=disallow
# Garbage collector cleanup
# Deleted domains and mailboxes are moved to /var/vmail/_garbage/timestamp_sanitizedstring
# How long should objects remain in the garbage until they are being deleted? (value in minutes)
# Check interval is hourly
MAILDIR_GC_TIME=1440
# Additional SAN for the certificate
#
# You can use wildcard records to create specific names for every domain you add to mailcow.
# Example: Add domains "example.com" and "example.net" to mailcow, change ADDITIONAL_SAN to a value like:
#ADDITIONAL_SAN=imap.*,smtp.*
# This will expand the certificate to "imap.example.com", "smtp.example.com", "imap.example.net", "imap.example.net"
# plus every domain you add in the future.
#
# You can also just add static names...
#ADDITIONAL_SAN=srv1.example.net
# ...or combine wildcard and static names:
#ADDITIONAL_SAN=imap.*,srv1.example.com
#
ADDITIONAL_SAN=
# Skip running ACME (acme-mailcow, Let's Encrypt certs) - y/n
SKIP_LETS_ENCRYPT=y
# Create seperate certificates for all domains - y/n
# this will allow adding more than 100 domains, but some email clients will not be able to connect with alternative hostnames
# see https://wiki.dovecot.org/SSL/SNIClientSupport
ENABLE_SSL_SNI=n
# Skip IPv4 check in ACME container - y/n
SKIP_IP_CHECK=n
# Skip HTTP verification in ACME container - y/n
SKIP_HTTP_VERIFICATION=n
# Skip ClamAV (clamd-mailcow) anti-virus (Rspamd will auto-detect a missing ClamAV container) - y/n
SKIP_CLAMD=y
# Skip SOGo: Will disable SOGo integration and therefore webmail, DAV protocols and ActiveSync support (experimental, unsupported, not fully implemented) - y/n
SKIP_SOGO=y
# Skip Solr on low-memory systems or if you do not want to store a readable index of your mails in solr-vol-1.
SKIP_SOLR=y
# Solr heap size in MB, there is no recommendation, please see Solr docs.
# Solr is a prone to run OOM and should be monitored. Unmonitored Solr setups are not recommended.
SOLR_HEAP=1024
# Enable watchdog (watchdog-mailcow) to restart unhealthy containers
USE_WATCHDOG=y
# Allow admins to log into SOGo as email user (without any password)
ALLOW_ADMIN_EMAIL_LOGIN=n
# Send notifications by mail (no DKIM signature, sent from watchdog@MAILCOW_HOSTNAME)
# CAUTION:
# 1. You should use external recipients
# 2. Mails are sent unsigned (no DKIM)
# 3. If you use DMARC, create a separate DMARC policy ("v=DMARC1; p=none;" in _dmarc.MAILCOW_HOSTNAME)
# Multiple rcpts allowed, NO quotation marks, NO spaces
#WATCHDOG_NOTIFY_EMAIL=a@example.com,b@example.com,c@example.com
#WATCHDOG_NOTIFY_EMAIL=
# Notify about banned IP (includes whois lookup)
WATCHDOG_NOTIFY_BAN=y
# Checks if mailcow is an open relay. Requires a SAL. More checks will follow.
# https://www.servercow.de/mailcow?lang=en
# https://www.servercow.de/mailcow?lang=de
# No data is collected. Opt-in and anonymous.
# Will only work with unmodified mailcow setups.
WATCHDOG_EXTERNAL_CHECKS=y
# Max log lines per service to keep in Redis logs
LOG_LINES=9999
# Internal IPv4 /24 subnet, format n.n.n (expands to n.n.n.0/24)
# Use private IPv4 addresses only, see https://en.wikipedia.org/wiki/Private_network#Private_IPv4_addresses
IPV4_NETWORK=172.172.199
# Internal IPv6 subnet in fc00::/7
# Use private IPv6 addresses only, see https://en.wikipedia.org/wiki/Private_network#Private_IPv6_addresses
IPV6_NETWORK=fd4d:6169:6c63:6f77::/64
# Use this IPv4 for outgoing connections (SNAT)
#SNAT_TO_SOURCE=
# Use this IPv6 for outgoing connections (SNAT)
#SNAT6_TO_SOURCE=
# Create or override an API key for the web UI
# You _must_ define API_ALLOW_FROM, which is a comma separated list of IPs
# An API key defined as API_KEY has read-write access
# An API key defined as API_KEY_READ_ONLY has read-only access
# Allowed chars for API_KEY and API_KEY_READ_ONLY: a-z, A-Z, 0-9, -
# You can define API_KEY and/or API_KEY_READ_ONLY
#API_KEY=
#API_KEY_READ_ONLY=
#API_ALLOW_FROM=172.22.1.1,127.0.0.1
# mail_home is ~/Maildir
MAILDIR_SUB=Maildir
# SOGo session timeout in minutes
SOGO_EXPIRE_SESSION=480
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment