sharpetronics/mailcow-dockerized
1
0
Fork 0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2025-10-04 00:02:07 -04:00
Code Issues Projects Releases Wiki Activity

Merge pull request #6777 from patschi/enable-https-redirect-default

Browse Source 
Enable HTTPS redirect by default on new setups
This commit is contained in:
FreddleSpl0it 2025-09-29 11:56:46 +02:00 committed by GitHub
commit 45a61755a5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
generate_config.sh
View File

@ -172,7 +172,6 @@ cat << EOF > mailcow.conf
# example.org is _not_ a valid hostname, use a fqdn here. # example.org is _not_ a valid hostname, use a fqdn here.
# Default admin user is "admin" # Default admin user is "admin"
# Default password is "moohoo" # Default password is "moohoo"
MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME} MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
# Password hash algorithm # Password hash algorithm
@ -183,19 +182,16 @@ MAILCOW_PASS_SCHEME=BLF-CRYPT
# ------------------------------ # ------------------------------
# SQL database configuration # SQL database configuration
# ------------------------------ # ------------------------------
DBNAME=mailcow DBNAME=mailcow
DBUSER=mailcow DBUSER=mailcow
# Please use long, random alphanumeric strings (A-Za-z0-9) # Please use long, random alphanumeric strings (A-Za-z0-9)
DBPASS=$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 2> /dev/null | head -c 28) DBPASS=$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 2> /dev/null | head -c 28)
DBROOT=$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 2> /dev/null | head -c 28) DBROOT=$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 2> /dev/null | head -c 28)
# ------------------------------ # ------------------------------
# REDIS configuration # REDIS configuration
# ------------------------------ # ------------------------------
REDISPASS=$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 2> /dev/null | head -c 28) REDISPASS=$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 2> /dev/null | head -c 28)
# ------------------------------ # ------------------------------
@ -210,7 +206,6 @@ REDISPASS=$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 2> /dev/null | head -c 28)
# Example: HTTP_BIND=1.2.3.4 # Example: HTTP_BIND=1.2.3.4
# For IPv4 leave it as it is: HTTP_BIND= & HTTPS_PORT= # For IPv4 leave it as it is: HTTP_BIND= & HTTPS_PORT=
# For IPv6 see https://docs.mailcow.email/post_installation/firststeps-ip_bindings/ # For IPv6 see https://docs.mailcow.email/post_installation/firststeps-ip_bindings/
HTTP_PORT=80 HTTP_PORT=80
HTTP_BIND= HTTP_BIND=
@ -218,14 +213,13 @@ HTTPS_PORT=443
HTTPS_BIND= HTTPS_BIND=
# Redirect HTTP connections to HTTPS - y/n # Redirect HTTP connections to HTTPS - y/n
HTTP_REDIRECT=n HTTP_REDIRECT=y
# ------------------------------ # ------------------------------
# Other bindings # Other bindings
# ------------------------------ # ------------------------------
# You should leave that alone # You should leave that alone
# Format: 11.22.33.44:25 or 12.34.56.78:465 etc. # Format: 11.22.33.44:25 or 12.34.56.78:465 etc.
SMTP_PORT=25 SMTP_PORT=25
SMTPS_PORT=465 SMTPS_PORT=465
SUBMISSION_PORT=587 SUBMISSION_PORT=587
@ -241,12 +235,10 @@ REDIS_PORT=127.0.0.1:7654
# Your timezone # Your timezone
# See https://en.wikipedia.org/wiki/List_of_tz_database_time_zones for a list of timezones # See https://en.wikipedia.org/wiki/List_of_tz_database_time_zones for a list of timezones
# Use the column named 'TZ identifier' + pay attention for the column named 'Notes' # Use the column named 'TZ identifier' + pay attention for the column named 'Notes'
TZ=${MAILCOW_TZ} TZ=${MAILCOW_TZ}
# Fixed project name # Fixed project name
# Please use lowercase letters only # Please use lowercase letters only
COMPOSE_PROJECT_NAME=mailcowdockerized COMPOSE_PROJECT_NAME=mailcowdockerized
# Used Docker Compose version # Used Docker Compose version
@ -254,7 +246,6 @@ COMPOSE_PROJECT_NAME=mailcowdockerized
# For more informations take a look at the mailcow docs regarding the configuration options. # For more informations take a look at the mailcow docs regarding the configuration options.
# Normally this should be untouched but if you decided to use either of those you can switch it manually here. # Normally this should be untouched but if you decided to use either of those you can switch it manually here.
# Please be aware that at least one of those variants should be installed on your machine or mailcow will fail. # Please be aware that at least one of those variants should be installed on your machine or mailcow will fail.
DOCKER_COMPOSE_VERSION=${COMPOSE_VERSION} DOCKER_COMPOSE_VERSION=${COMPOSE_VERSION}
# Set this to "allow" to enable the anyone pseudo user. Disabled by default. # Set this to "allow" to enable the anyone pseudo user. Disabled by default.
@ -267,7 +258,6 @@ ACL_ANYONE=disallow
# Deleted domains and mailboxes are moved to /var/vmail/_garbage/timestamp_sanitizedstring # Deleted domains and mailboxes are moved to /var/vmail/_garbage/timestamp_sanitizedstring
# How long should objects remain in the garbage until they are being deleted? (value in minutes) # How long should objects remain in the garbage until they are being deleted? (value in minutes)
# Check interval is hourly # Check interval is hourly
MAILDIR_GC_TIME=7200 MAILDIR_GC_TIME=7200
# Additional SAN for the certificate # Additional SAN for the certificate
@ -282,8 +272,6 @@ MAILDIR_GC_TIME=7200
#ADDITIONAL_SAN=srv1.example.net #ADDITIONAL_SAN=srv1.example.net
# ...or combine wildcard and static names: # ...or combine wildcard and static names:
#ADDITIONAL_SAN=imap.*,srv1.example.com #ADDITIONAL_SAN=imap.*,srv1.example.com
#
ADDITIONAL_SAN= ADDITIONAL_SAN=
# Obtain certificates for autodiscover.* and autoconfig.* domains. # Obtain certificates for autodiscover.* and autoconfig.* domains.
@ -300,11 +288,9 @@ AUTODISCOVER_SAN=y
# If the server name does not match a known site, Nginx decides by best-guess and may redirect users to the wrong web root. # If the server name does not match a known site, Nginx decides by best-guess and may redirect users to the wrong web root.
# You can understand this as server_name directive in Nginx. # You can understand this as server_name directive in Nginx.
# Comma separated list without spaces! Example: ADDITIONAL_SERVER_NAMES=a.b.c,d.e.f # Comma separated list without spaces! Example: ADDITIONAL_SERVER_NAMES=a.b.c,d.e.f
ADDITIONAL_SERVER_NAMES= ADDITIONAL_SERVER_NAMES=
# Skip running ACME (acme-mailcow, Let's Encrypt certs) - y/n # Skip running ACME (acme-mailcow, Let's Encrypt certs) - y/n
SKIP_LETS_ENCRYPT=n SKIP_LETS_ENCRYPT=n
# Create seperate certificates for all domains - y/n # Create seperate certificates for all domains - y/n
@ -313,52 +299,41 @@ SKIP_LETS_ENCRYPT=n
ENABLE_SSL_SNI=n ENABLE_SSL_SNI=n
# Skip IPv4 check in ACME container - y/n # Skip IPv4 check in ACME container - y/n
SKIP_IP_CHECK=n SKIP_IP_CHECK=n
# Skip HTTP verification in ACME container - y/n # Skip HTTP verification in ACME container - y/n
SKIP_HTTP_VERIFICATION=n SKIP_HTTP_VERIFICATION=n
# Skip Unbound (DNS Resolver) Healthchecks (NOT Recommended!) - y/n # Skip Unbound (DNS Resolver) Healthchecks (NOT Recommended!) - y/n
SKIP_UNBOUND_HEALTHCHECK=n SKIP_UNBOUND_HEALTHCHECK=n
# Skip ClamAV (clamd-mailcow) anti-virus (Rspamd will auto-detect a missing ClamAV container) - y/n # Skip ClamAV (clamd-mailcow) anti-virus (Rspamd will auto-detect a missing ClamAV container) - y/n
SKIP_CLAMD=${SKIP_CLAMD} SKIP_CLAMD=${SKIP_CLAMD}
# Skip Olefy (olefy-mailcow) anti-virus for Office documents (Rspamd will auto-detect a missing Olefy container) - y/n # Skip Olefy (olefy-mailcow) anti-virus for Office documents (Rspamd will auto-detect a missing Olefy container) - y/n
SKIP_OLEFY=n SKIP_OLEFY=n
# Skip SOGo: Will disable SOGo integration and therefore webmail, DAV protocols and ActiveSync support (experimental, unsupported, not fully implemented) - y/n # Skip SOGo: Will disable SOGo integration and therefore webmail, DAV protocols and ActiveSync support (experimental, unsupported, not fully implemented) - y/n
SKIP_SOGO=n SKIP_SOGO=n
# Skip FTS (Fulltext Search) for Dovecot on low-memory, low-threaded systems or if you simply want to disable it. # Skip FTS (Fulltext Search) for Dovecot on low-memory, low-threaded systems or if you simply want to disable it.
# Dovecot inside mailcow use Flatcurve as FTS Backend. # Dovecot inside mailcow use Flatcurve as FTS Backend.
SKIP_FTS=n SKIP_FTS=n
# Dovecot Indexing (FTS) Process maximum heap size in MB, there is no recommendation, please see Dovecot docs. # Dovecot Indexing (FTS) Process maximum heap size in MB, there is no recommendation, please see Dovecot docs.
# Flatcurve (Xapian backend) is used as the FTS Indexer. It is supposed to be efficient in CPU and RAM consumption. # Flatcurve (Xapian backend) is used as the FTS Indexer. It is supposed to be efficient in CPU and RAM consumption.
# However: Please always monitor your Resource consumption! # However: Please always monitor your Resource consumption!
FTS_HEAP=128 FTS_HEAP=128
# Controls how many processes the Dovecot indexing process can spawn at max. # Controls how many processes the Dovecot indexing process can spawn at max.
# Too many indexing processes can use a lot of CPU and Disk I/O. # Too many indexing processes can use a lot of CPU and Disk I/O.
# Please visit: https://doc.dovecot.org/configuration_manual/service_configuration/#indexer-worker for more informations # Please visit: https://doc.dovecot.org/configuration_manual/service_configuration/#indexer-worker for more informations
FTS_PROCS=1 FTS_PROCS=1
# Allow admins to log into SOGo as email user (without any password) # Allow admins to log into SOGo as email user (without any password)
ALLOW_ADMIN_EMAIL_LOGIN=n ALLOW_ADMIN_EMAIL_LOGIN=n
# Enable watchdog (watchdog-mailcow) to restart unhealthy containers # Enable watchdog (watchdog-mailcow) to restart unhealthy containers
USE_WATCHDOG=y USE_WATCHDOG=y
# Send watchdog notifications by mail (sent from watchdog@MAILCOW_HOSTNAME) # Send watchdog notifications by mail (sent from watchdog@MAILCOW_HOSTNAME)
@ -367,7 +342,6 @@ USE_WATCHDOG=y
# 2. Mails are sent unsigned (no DKIM) # 2. Mails are sent unsigned (no DKIM)
# 3. If you use DMARC, create a separate DMARC policy ("v=DMARC1; p=none;" in _dmarc.MAILCOW_HOSTNAME) # 3. If you use DMARC, create a separate DMARC policy ("v=DMARC1; p=none;" in _dmarc.MAILCOW_HOSTNAME)
# Multiple rcpts allowed, NO quotation marks, NO spaces # Multiple rcpts allowed, NO quotation marks, NO spaces
#WATCHDOG_NOTIFY_EMAIL=a@example.com,b@example.com,c@example.com #WATCHDOG_NOTIFY_EMAIL=a@example.com,b@example.com,c@example.com
#WATCHDOG_NOTIFY_EMAIL= #WATCHDOG_NOTIFY_EMAIL=
@ -398,25 +372,20 @@ WATCHDOG_EXTERNAL_CHECKS=n
WATCHDOG_VERBOSE=n WATCHDOG_VERBOSE=n
# Max log lines per service to keep in Redis logs # Max log lines per service to keep in Redis logs
LOG_LINES=9999 LOG_LINES=9999
# Internal IPv4 /24 subnet, format n.n.n (expands to n.n.n.0/24) # Internal IPv4 /24 subnet, format n.n.n (expands to n.n.n.0/24)
# Use private IPv4 addresses only, see https://en.wikipedia.org/wiki/Private_network#Private_IPv4_addresses # Use private IPv4 addresses only, see https://en.wikipedia.org/wiki/Private_network#Private_IPv4_addresses
IPV4_NETWORK=172.22.1 IPV4_NETWORK=172.22.1
# Internal IPv6 subnet in fc00::/7 # Internal IPv6 subnet in fc00::/7
# Use private IPv6 addresses only, see https://en.wikipedia.org/wiki/Private_network#Private_IPv6_addresses # Use private IPv6 addresses only, see https://en.wikipedia.org/wiki/Private_network#Private_IPv6_addresses
IPV6_NETWORK=fd4d:6169:6c63:6f77::/64 IPV6_NETWORK=fd4d:6169:6c63:6f77::/64
# Use this IPv4 for outgoing connections (SNAT) # Use this IPv4 for outgoing connections (SNAT)
#SNAT_TO_SOURCE= #SNAT_TO_SOURCE=
# Use this IPv6 for outgoing connections (SNAT) # Use this IPv6 for outgoing connections (SNAT)
#SNAT6_TO_SOURCE= #SNAT6_TO_SOURCE=
# Create or override an API key for the web UI # Create or override an API key for the web UI
@ -545,4 +514,4 @@ else
echo ' $MAILCOW_UPDATEDAT='$(date +%s)';' >> data/web/inc/app_info.inc.php echo ' $MAILCOW_UPDATEDAT='$(date +%s)';' >> data/web/inc/app_info.inc.php
echo '?>' >> data/web/inc/app_info.inc.php echo '?>' >> data/web/inc/app_info.inc.php
echo -e "\e[33mCannot determine current git repository version...\e[0m" echo -e "\e[33mCannot determine current git repository version...\e[0m"
fi fi