# Mailu main configuration file
#
# This file is autogenerated by the configuration management wizard for {{ flavor }} flavor.
# For a detailed list of configuration variables, see the documentation at
# https://mailu.io

###################################
# Common configuration variables
###################################

# Set to a randomly generated 16 bytes string
SECRET_KEY={{ secret(16) }}

# Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!)
SUBNET={{ subnet }}
{% if ipv6_enabled %}
SUBNET6={{ subnet6 }}
{% endif %}

# Main mail domain
DOMAIN={{ domain }}

# Hostnames for this server, separated with comas
HOSTNAMES={{ hostnames }}

# Postmaster local part (will append the main mail domain)
POSTMASTER={{ postmaster }}

# Choose how secure connections will behave (value: letsencrypt, cert, notls, mail, mail-letsencrypt)
TLS_FLAVOR={{ tls_flavor }}

# Authentication rate limit (per source IP address)
{% if auth_ratelimit_pm > '0' %}
AUTH_RATELIMIT={{ auth_ratelimit_pm }}/minute
{% endif %}

# Opt-out of statistics, replace with "True" to opt out
DISABLE_STATISTICS={{ disable_statistics or 'False' }}

###################################
# Optional features
###################################

# Expose the admin interface (value: true, false)
ADMIN={{ admin_enabled or 'false' }}

# Choose which webmail to run if any (values: roundcube, rainloop, none)
WEBMAIL={{ webmail_type }}

# Dav server implementation (value: radicale, none)
WEBDAV={{ webdav_enabled or 'none' }}

# Antivirus solution (value: clamav, none)
ANTIVIRUS={{ antivirus_enabled or 'none' }}

###################################
# Mail settings
###################################

# Message size limit in bytes
# Default: accept messages up to 50MB
# Max attachment size will be 33% smaller
MESSAGE_SIZE_LIMIT={{ message_size_limit or '50000000' }}

# Networks granted relay permissions
# Use this with care, all hosts in this networks will be able to send mail without authentication!
RELAYNETS=

# Will relay all outgoing mails if configured
RELAYHOST={{ relayhost }}

# Fetchmail delay
FETCHMAIL_DELAY={{ fetchmail_delay or '600' }}

# Recipient delimiter, character used to delimiter localpart from custom address part
RECIPIENT_DELIMITER={{ recipient_delimiter or '+' }}

# DMARC rua and ruf email
DMARC_RUA={{ dmarc_rua or postmaster }}
DMARC_RUF={{ dmarc_ruf or postmaster }}

# Welcome email, enable and set a topic and body if you wish to send welcome
# emails to all users.
WELCOME={{ welcome_enable or 'false' }}
WELCOME_SUBJECT={{ welcome_subject or 'Welcome to your new email account' }}
WELCOME_BODY={{ welcome_body or 'Welcome to your new email account, if you can read this, then it is configured properly!' }}

# Maildir Compression
# choose compression-method, default: none (value: bz2, gz)
COMPRESSION={{ compression }}
# change compression-level, default: 6 (value: 1-9)
COMPRESSION_LEVEL={{ compression_level }}

# IMAP full-text search is enabled by default. Set the following variable to off in order to disable the feature.
# FULL_TEXT_SEARCH=off

###################################
# Web settings
###################################

# Path to redirect / to
{% if webmail_type != 'none' and webmail_path == '' %}
WEBROOT_REDIRECT=/
{% else %}
WEBROOT_REDIRECT={{ webmail_path }}
{% endif %}

# Path to the admin interface if enabled
WEB_ADMIN={{ admin_path }}

# Path to the webmail if enabled
{% if webmail_type != 'none' and webmail_path == '' %}
WEB_WEBMAIL=/
{% else %}
WEB_WEBMAIL={{ webmail_path }}
{% endif %}

# Website name
SITENAME={{ site_name }}

# Linked Website URL
WEBSITE={{ website }}

{% if recaptcha_public_key and recaptcha_private_key %}
# Registration reCaptcha settings (warning, this has some privacy impact)
# RECAPTCHA_PUBLIC_KEY={{ recaptcha_public_key }}
# RECAPTCHA_PRIVATE_KEY={{ recaptcha_private_key }}
{% endif %}

{% if domain_registration %}
# Domain registration (remove to disable)
DOMAIN_REGISTRATION=true
{% endif %}

###################################
# Advanced settings
###################################

# Log driver for front service. Possible values:
# json-file (default)
# journald (On systemd platforms, useful for Fail2Ban integration)
# syslog (Non systemd platforms, Fail2Ban integration. Disables `docker-compose log` for front!)
# LOG_DRIVER={{ log_driver or 'json-file' }}

# Docker-compose project name, this will prepended to containers names.
COMPOSE_PROJECT_NAME={{ compose_project_name or 'mailu' }}

# Default password scheme used for newly created accounts and changed passwords
# (value: PBKDF2, BLF-CRYPT, SHA512-CRYPT, SHA256-CRYPT)
PASSWORD_SCHEME={{ password_scheme or 'PBKDF2' }}

# Header to take the real ip from
REAL_IP_HEADER={{ real_ip_header }}

# IPs for nginx set_real_ip_from (CIDR list separated by commas)
REAL_IP_FROM={{ real_ip_from }}

# choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no)
REJECT_UNLISTED_RECIPIENT={{ reject_unlisted_recipient }}

# Log level threshold in start.py (value: CRITICAL, ERROR, WARNING, INFO, DEBUG, NOTSET)
LOG_LEVEL=WARNING

###################################
# Database settings
###################################
DB_FLAVOR={{ db_flavor }}
{% if db_flavor == 'postgresql' and postgresql == 'internal' %}
DB_PW={{ secret(16) }}
{% endif %}
{% if postgresql == 'external' or db_flavor == 'mysql' %}
DB_USER={{ db_user }}
DB_PW={{ db_pw }}
DB_HOST={{ db_url }}
DB_NAME={{ db_name }}
{% endif %}