|
|
|
# Mailu main configuration file
|
|
|
|
#
|
|
|
|
# This file is autogenerated by the configuration management wizard for {{ flavor }} flavor.
|
|
|
|
# For a detailed list of configuration variables, see the documentation at
|
|
|
|
# https://mailu.io
|
|
|
|
|
|
|
|
###################################
|
|
|
|
# Common configuration variables
|
|
|
|
###################################
|
|
|
|
|
|
|
|
# Set to a randomly generated 16 bytes string
|
|
|
|
SECRET_KEY={{ secret(16) }}
|
|
|
|
|
|
|
|
# Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!)
|
|
|
|
SUBNET={{ subnet }}
|
|
|
|
{% if ipv6_enabled %}
|
|
|
|
SUBNET6={{ subnet6 }}
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
# Main mail domain
|
|
|
|
DOMAIN={{ domain }}
|
|
|
|
|
|
|
|
# Hostnames for this server, separated with comas
|
|
|
|
HOSTNAMES={{ hostnames }}
|
|
|
|
|
|
|
|
# Postmaster local part (will append the main mail domain)
|
|
|
|
POSTMASTER={{ postmaster }}
|
|
|
|
|
|
|
|
# Choose how secure connections will behave (value: letsencrypt, cert, notls, mail, mail-letsencrypt)
|
|
|
|
TLS_FLAVOR={{ tls_flavor }}
|
|
|
|
|
|
|
|
# Authentication rate limit per IP (per /24 on ipv4 and /56 on ipv6)
|
|
|
|
{% if auth_ratelimit_ip > '0' %}
|
|
|
|
AUTH_RATELIMIT_IP={{ auth_ratelimit_ip }}/hour
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
# Authentication rate limit per user (regardless of the source-IP)
|
|
|
|
{% if auth_ratelimit_user > '0' %}
|
|
|
|
AUTH_RATELIMIT_USER={{ auth_ratelimit_user }}/day
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
# Opt-out of statistics, replace with "True" to opt out
|
|
|
|
DISABLE_STATISTICS={{ disable_statistics or 'False' }}
|
|
|
|
|
|
|
|
###################################
|
|
|
|
# Optional features
|
|
|
|
###################################
|
|
|
|
|
|
|
|
# Expose the admin interface (value: true, false)
|
|
|
|
ADMIN={{ admin_enabled or 'false' }}
|
|
|
|
|
|
|
|
# Choose which webmail to run if any (values: roundcube, snappymail, none)
|
|
|
|
WEBMAIL={{ webmail_type }}
|
|
|
|
|
|
|
|
# Expose the API interface (value: true, false)
|
|
|
|
API={{ api_enabled or 'false' }}
|
|
|
|
|
|
|
|
# Dav server implementation (value: radicale, none)
|
|
|
|
WEBDAV={{ webdav_enabled or 'none' }}
|
|
|
|
|
|
|
|
# Antivirus solution (value: clamav, none)
|
|
|
|
ANTIVIRUS={{ antivirus_enabled or 'none' }}
|
|
|
|
|
|
|
|
# Scan Macros solution (value: true, false)
|
|
|
|
SCAN_MACROS={{ oletools_enabled or 'false' }}
|
|
|
|
|
|
|
|
###################################
|
|
|
|
# Mail settings
|
|
|
|
###################################
|
|
|
|
|
|
|
|
# Message size limit in bytes
|
|
|
|
# Default: accept messages up to 50MB
|
|
|
|
# Max attachment size will be 33% smaller
|
|
|
|
MESSAGE_SIZE_LIMIT={{ message_size_limit or '50000000' }}
|
|
|
|
|
|
|
|
# Message rate limit (per user)
|
|
|
|
{% if message_ratelimit_pd > '0' %}
|
|
|
|
MESSAGE_RATELIMIT={{ message_ratelimit_pd }}/day
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
# Networks granted relay permissions
|
|
|
|
# Use this with care, all hosts in this networks will be able to send mail without authentication!
|
|
|
|
RELAYNETS=
|
|
|
|
|
|
|
|
# Will relay all outgoing mails if configured
|
|
|
|
RELAYHOST={{ relayhost }}
|
|
|
|
|
|
|
|
# Enable fetchmail
|
|
|
|
FETCHMAIL_ENABLED={{ fetchmail_enabled or 'False' }}
|
|
|
|
|
|
|
|
# Fetchmail delay
|
|
|
|
FETCHMAIL_DELAY={{ fetchmail_delay or '600' }}
|
|
|
|
|
|
|
|
# Recipient delimiter, character used to delimiter localpart from custom address part
|
|
|
|
RECIPIENT_DELIMITER={{ recipient_delimiter or '+' }}
|
|
|
|
|
|
|
|
# DMARC rua and ruf email
|
|
|
|
DMARC_RUA={{ dmarc_rua or postmaster }}
|
|
|
|
DMARC_RUF={{ dmarc_ruf or postmaster }}
|
|
|
|
|
|
|
|
# Welcome email, enable and set a topic and body if you wish to send welcome
|
|
|
|
# emails to all users.
|
|
|
|
WELCOME={{ welcome_enable or 'false' }}
|
|
|
|
WELCOME_SUBJECT={{ welcome_subject or 'Welcome to your new email account' }}
|
|
|
|
WELCOME_BODY={{ welcome_body or 'Welcome to your new email account, if you can read this, then it is configured properly!' }}
|
|
|
|
|
|
|
|
# Maildir Compression
|
|
|
|
# choose compression-method, default: none (value: gz, bz2)
|
|
|
|
COMPRESSION={{ compression }}
|
|
|
|
# change compression-level, default: 6 (value: 1-9)
|
|
|
|
COMPRESSION_LEVEL={{ compression_level }}
|
|
|
|
|
|
|
|
# IMAP full-text search is enabled by default. Set the following variable to off in order to disable the feature.
|
|
|
|
# FULL_TEXT_SEARCH=off
|
|
|
|
|
|
|
|
###################################
|
|
|
|
# Web settings
|
|
|
|
###################################
|
|
|
|
|
|
|
|
# Path to redirect / to
|
|
|
|
{% if webmail_type != 'none' and webmail_path == '' %}
|
|
|
|
WEBROOT_REDIRECT=/
|
|
|
|
{% else %}
|
|
|
|
WEBROOT_REDIRECT={{ webmail_path }}
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
# Path to the admin interface if enabled
|
|
|
|
WEB_ADMIN={{ admin_path }}
|
|
|
|
|
|
|
|
# Path to the webmail if enabled
|
|
|
|
{% if webmail_type != 'none' and webmail_path == '' %}
|
|
|
|
WEB_WEBMAIL=/
|
|
|
|
{% else %}
|
|
|
|
WEB_WEBMAIL={{ webmail_path }}
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
# Path to the API interface if enabled
|
|
|
|
WEB_API={{ api_path }}
|
|
|
|
|
|
|
|
# Website name
|
|
|
|
SITENAME={{ site_name }}
|
|
|
|
|
|
|
|
# Linked Website URL
|
|
|
|
WEBSITE={{ website }}
|
|
|
|
|
|
|
|
{% if recaptcha_public_key and recaptcha_private_key %}
|
|
|
|
# Registration reCaptcha settings (warning, this has some privacy impact)
|
|
|
|
# RECAPTCHA_PUBLIC_KEY={{ recaptcha_public_key }}
|
|
|
|
# RECAPTCHA_PRIVATE_KEY={{ recaptcha_private_key }}
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
{% if domain_registration %}
|
|
|
|
# Domain registration (remove to disable)
|
|
|
|
DOMAIN_REGISTRATION=true
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
###################################
|
|
|
|
# Advanced settings
|
|
|
|
###################################
|
|
|
|
|
|
|
|
# Log driver for front service. Possible values:
|
|
|
|
# json-file (default)
|
|
|
|
# journald (On systemd platforms, useful for Fail2Ban integration)
|
|
|
|
# syslog (Non systemd platforms, Fail2Ban integration. Disables `docker-compose log` for front!)
|
|
|
|
# LOG_DRIVER={{ log_driver or 'json-file' }}
|
|
|
|
|
|
|
|
# Docker-compose project name, this will prepended to containers names.
|
|
|
|
COMPOSE_PROJECT_NAME={{ compose_project_name or 'mailu' }}
|
|
|
|
|
|
|
|
# Number of rounds used by the password hashing scheme
|
|
|
|
CREDENTIAL_ROUNDS=12
|
|
|
|
|
|
|
|
# Header to take the real ip from
|
|
|
|
REAL_IP_HEADER={{ real_ip_header }}
|
|
|
|
|
|
|
|
# IPs for nginx set_real_ip_from (CIDR list separated by commas)
|
|
|
|
REAL_IP_FROM={{ real_ip_from }}
|
|
|
|
|
|
|
|
# choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no)
|
|
|
|
REJECT_UNLISTED_RECIPIENT={{ reject_unlisted_recipient }}
|
|
|
|
|
|
|
|
# Log level threshold in start.py (value: CRITICAL, ERROR, WARNING, INFO, DEBUG, NOTSET)
|
|
|
|
LOG_LEVEL=WARNING
|
|
|
|
|
|
|
|
# Timezone for the Mailu containers. See this link for all possible values https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
|
|
|
|
TZ=Etc/UTC
|
|
|
|
|
|
|
|
# Default spam threshold used for new users
|
|
|
|
DEFAULT_SPAM_THRESHOLD=80
|
|
|
|
|
|
|
|
# API token required for authenticating to the RESTful API.
|
|
|
|
# This is a mandatory setting for using the RESTful API.
|
|
|
|
API_TOKEN={{ api_token }}
|
|
|
|
|
|
|
|
###################################
|
|
|
|
# Database settings
|
|
|
|
###################################
|
|
|
|
DB_FLAVOR={{ db_flavor }}
|
|
|
|
{% if db_flavor == 'postgresql' or db_flavor == 'mysql' %}
|
|
|
|
DB_USER={{ db_user }}
|
|
|
|
DB_PW={{ db_pw }}
|
|
|
|
DB_HOST={{ db_url }}
|
|
|
|
DB_NAME={{ db_name }}
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
{% if ((db_flavor_rc == 'postgresql' or db_flavor_rc == 'mysql')) and webmail_type == 'roundcube' %}
|
|
|
|
ROUNDCUBE_DB_FLAVOR={{ db_flavor_rc }}
|
|
|
|
ROUNDCUBE_DB_USER={{ roundcube_db_user }}
|
|
|
|
ROUNDCUBE_DB_PW={{ roundcube_db_pw }}
|
|
|
|
ROUNDCUBE_DB_HOST={{ roundcube_db_url }}
|
|
|
|
ROUNDCUBE_DB_NAME={{ roundcube_db_name }}
|
|
|
|
{% endif %}
|