You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
124 lines
4.9 KiB
ReStructuredText
124 lines
4.9 KiB
ReStructuredText
Docker Compose setup
|
|
====================
|
|
|
|
Prepare the environment
|
|
-----------------------
|
|
|
|
Mailu will store all of its persistent data in a path of your choice
|
|
(``/mailu`` by default) simply create the directory and move there:
|
|
|
|
.. code-block:: bash
|
|
|
|
mkdir /mailu
|
|
cd /mailu
|
|
|
|
Download the initial configuration file
|
|
---------------------------------------
|
|
|
|
Docker Compose configuration is stored in a file named ``docker-compose.yml``.
|
|
Additionally, Mailu relies on an environment file for various settings.
|
|
Download the proper template files from the git repository. For `stable`:
|
|
|
|
.. code-block:: bash
|
|
|
|
wget -O docker-compose.yml https://raw.githubusercontent.com/Mailu/Mailu/stable/docs/compose/docker-compose.yml.dist
|
|
wget -O .env https://raw.githubusercontent.com/Mailu/Mailu/stable/docs/compose/.env.dist
|
|
|
|
For the latest version (replace with version number otherwise):
|
|
|
|
.. code-block:: bash
|
|
wget -O docker-compose.yml https://raw.githubusercontent.com/Mailu/Mailu/master/docs/compose/docker-compose.yml.dist
|
|
wget -O .env https://raw.githubusercontent.com/Mailu/Mailu/master/docs/compose/.env.dist
|
|
|
|
Then open the ``.env`` file to setup the mail server. Modify the ``ROOT`` setting
|
|
to match your setup directory if different from ``/mailu``.
|
|
|
|
Mdify the ``VERSION`` configuration in the ``.env`` file to reflect the version you picked..
|
|
|
|
Set the common configuration values
|
|
-----------------------------------
|
|
|
|
Open the ``.env`` file and set configuration settings after reading the configuration
|
|
documentation. Some settings are specific to the Docker Compose setup.
|
|
|
|
Modify ``BIND_ADDRESS4`` to match the public IP address assigned to your server.
|
|
This address should be configured on one of the network interfaces of the server.
|
|
If the address is not configured directly (NAT) on any of the network interfaces or if
|
|
you would simply like the server to listen on all interfaces, use ``0.0.0.0``.
|
|
|
|
Modify ``BIND_ADDRESS6`` to match the public IPv6 address assigned to your server.
|
|
The behavior is identical to ``BIND_ADDRESS4``.
|
|
|
|
Set the `TLS_FLAVOR` to one of the following
|
|
values:
|
|
- `cert` is the default and requires certificates to be setup manually;
|
|
- `letsencrypt` will use the Letsencrypt! CA to generate automatic ceriticates;
|
|
- `notls` will disable TLS, this is not recommended except for testing.
|
|
|
|
Enable optional features
|
|
------------------------
|
|
|
|
Some of Mailu features are not used by every user and are thus not enabled in a
|
|
default configuration.
|
|
|
|
A Webmail is a Web interface exposing an email client. Mailu webmails are
|
|
bound to the internal IMAP and SMTP server for users to access their mailbox through
|
|
the Web. By exposing a complex application such as a Webmail, you should be aware of
|
|
the security implications such an increase of attack surface. The ``WEBMAIL``
|
|
configuration option must be one of the following:
|
|
|
|
- ``none`` is the default value, no Webmail service will be exposed;
|
|
- ``roundcube`` will run the popular Roundcube Webmail ;
|
|
- ``rainloop`` will run the popular Rainloop Webmail.
|
|
|
|
The administration interface is not exposed on the public address by default,
|
|
you will need to set the ``EXPOSE_ADMIN`` variable accordingly:
|
|
|
|
- ``yes`` will expose the admin interface in ``/admin``;
|
|
- ``no`` (or any other value) will disable this behaviour.
|
|
|
|
A Webdav server exposes a Dav interface over HTTP so that clients can store
|
|
contacts or calendars using the mail account. This can be enabled using the `WEBDAV`
|
|
setting. The configuration option must be one of the following:
|
|
|
|
- ``none`` is the default value, no webdav service will be exposed;
|
|
- ``radicale`` exposes the radicale Webdav service.
|
|
|
|
An antivirus server helps fighting large scale virus spreading campaigns
|
|
that leverage e-mail for initial infection. This can be setup using the ``ANTIVIRUS``
|
|
setting. The configuration option must be one of the following:
|
|
|
|
- ``none`` disables antivirus checks;
|
|
- ``clamav`` is the default values, the popular ClamAV antivirus is enabled.
|
|
|
|
Make sure that you have at least 1GB or memory for ClamAV to load its signature
|
|
database.
|
|
|
|
Finish setting up TLS
|
|
---------------------
|
|
|
|
Mailu relies heavily on TLS and must have a key pair and a certificate
|
|
available, at least for the hostname configured in the ``.env`` file.
|
|
|
|
If you set ``TLS_FLAVOR`` to ``cert`` or if then you must create a ``certs`` directory
|
|
in your root path and setup a key-certificate pair there:
|
|
- ``cert.pem`` contains the certificate,
|
|
- ``key.pem`` contains the key pair.
|
|
|
|
Start Mailu
|
|
-----------
|
|
|
|
You may now start Mailu. Move the to the Mailu directory and run:
|
|
|
|
.. code-block:: bash
|
|
|
|
docker-compose up -d
|
|
|
|
Finally, you must create the initial admin user account:
|
|
|
|
.. code-block:: bash
|
|
|
|
docker-compose run --rm admin python manage.py admin root example.net password
|
|
|
|
This will create a user named ``root@example.net`` with password ``password`` and administration privileges. Connect to the Web admin interface and change the password to a strong one.
|