3wc
014d4456f8
..including attempting to group options by likelihood of being edited, removing some settings that weren't really configurable, and adding some explanatory text
198 lines
6.3 KiB
Plaintext
198 lines
6.3 KiB
Plaintext
# See https://mailu.io/2.0/configuration.html for explanation of (most of) these
|
|
# settings. "Quoted text" in this file comes from that page.
|
|
|
|
###############################################################################
|
|
# BOILERPLATE SETTINGS (shouldn't need to change these) #
|
|
###############################################################################
|
|
TYPE=mailu
|
|
LETS_ENCRYPT_ENV=production
|
|
COMPOSE_FILE="compose.yml"
|
|
|
|
###############################################################################
|
|
# REQUIRED SETTINGS (always need to change these) #
|
|
###############################################################################
|
|
|
|
# Main web domain, NOT main mail domain (if they are different)
|
|
DOMAIN=mailu.example.com
|
|
|
|
# "This email domain is used for bounce emails, for generating the postmaster
|
|
# email and other technical addresses."
|
|
MAIL_DOMAIN=mailu.example.com
|
|
|
|
# Hostnames for this server, separated with commas
|
|
# "The first declared hostname is the main hostname and will be exposed over
|
|
# SMTP, IMAP, etc."
|
|
HOSTNAMES=$DOMAIN
|
|
|
|
# Run `DOCKER_CONTEXT=<yourserver> docker stack ls | grep traefik | cut -f 1 -d " "` to get that one
|
|
TRAEFIK_STACK_NAME=traefik_example_com
|
|
|
|
###############################################################################
|
|
# OPTIONAL SETTINGS #
|
|
###############################################################################
|
|
|
|
# Name of the instance, displayed in the web UI
|
|
SITENAME=mymail
|
|
|
|
# Linked Website URL
|
|
WEBSITE=https://$DOMAIN
|
|
|
|
# Postmaster local part (will append the main mail domain)
|
|
POSTMASTER=c
|
|
|
|
# Authentication rate limit per IP (per /24 on ipv4 and /56 on ipv6)
|
|
AUTH_RATELIMIT_IP=60/hour
|
|
|
|
# Opt-in to statistics, change to "False" to opt in
|
|
DISABLE_STATISTICS=True
|
|
|
|
# Log level threshold in start.py (value: CRITICAL, ERROR, WARNING, INFO, DEBUG, NOTSET)
|
|
LOG_LEVEL=WARNING
|
|
|
|
# Timezone for the Mailu containers. See this link for all possible values https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
|
|
TZ=Etc/UTC
|
|
|
|
# Expose the admin interface (value: true, false)
|
|
ADMIN=true
|
|
|
|
# Choose which webmail to run if any (values: snappymail, roundcube, none)
|
|
WEBMAIL=snappymail
|
|
|
|
# API settings
|
|
# -------------
|
|
|
|
# Authentication token for API requests
|
|
API=false
|
|
#API_TOKEN=
|
|
|
|
# Mail settings
|
|
# -------------
|
|
|
|
# Message size limit in bytes
|
|
# Default: accept messages up to 50MB
|
|
# Max attachment size will be 33% smaller
|
|
MESSAGE_SIZE_LIMIT=50000000
|
|
|
|
# Message rate limit (per user)
|
|
MESSAGE_RATELIMIT=200/day
|
|
|
|
# Networks granted relay permissions
|
|
# Use this with care, all hosts in this networks will be able to send mail without authentication!
|
|
RELAYNETS=
|
|
|
|
# Will relay all outgoing mails if configured
|
|
RELAYHOST=
|
|
|
|
# Enable fetchmail
|
|
FETCHMAIL_ENABLED=False
|
|
|
|
# Fetchmail delay
|
|
FETCHMAIL_DELAY=600
|
|
|
|
# Recipient delimiter, character used to delimit localpart from custom address part
|
|
RECIPIENT_DELIMITER=+
|
|
|
|
# DMARC rua and ruf email
|
|
DMARC_RUA=admin
|
|
DMARC_RUF=admin
|
|
|
|
# Welcome email, enable and set a topic and body if you wish to send welcome
|
|
# emails to all users.
|
|
WELCOME=false
|
|
WELCOME_SUBJECT="Welcome to your new email account"
|
|
WELCOME_BODY="Welcome to your new email account, if you can read this, then it is configured properly!"
|
|
|
|
# Maildir Compression
|
|
# choose compression-method, default: none (value: gz, bz2, lz4, zstd)
|
|
COMPRESSION=
|
|
# change compression-level, default: 6 (value: 1-9)
|
|
COMPRESSION_LEVEL=
|
|
|
|
# IMAP full-text search is enabled by default. Set the following variable to off in order to disable the feature.
|
|
#FULL_TEXT_SEARCH=off
|
|
|
|
# Co-op Cloud settings
|
|
# -------------
|
|
|
|
# Mailman settings
|
|
# NOTE(3wc): remember to also set RELAYNETS
|
|
#COMPOSE_FILE="compose.yml:compose.mailman.yml"
|
|
#MAILMAN_POSTFIX_OVERRIDES=1
|
|
#MAILMAN_CORE_VOLUME=lists_example_com_mailman-core
|
|
#MAILMAN_CORE_NETWORK=lists_example_com_internal
|
|
|
|
# NOTE(3wc): think this is no longer needed, see https://github.com/Mailu/Mailu/pull/1904
|
|
# SASL account -> MAIL FROM mappings for more liberal MAIL FROM relaying
|
|
# return-path: https://www.rubydoc.info/gems/actionmailer-rack-upgrade-2/2.3.15/ActionMailer/Base
|
|
# logins and MAIL FROM ownership: http://www.postfix.com/postconf.5.html#smtpd_relay_restrictions
|
|
# there is an open ticket with a further discussion also https://github.com/Mailu/Mailu/issues/1096
|
|
#COMPOSE_FILE="compose.yml:compose.senderlogins.yml"
|
|
#SENDER_LOGINS_POSTFIX_OVERRIDES=1
|
|
|
|
SECRET_SECRET_KEY_VERSION=v1
|
|
|
|
###############################################################################
|
|
# INFINITE NERD DEPTH SETTINGS (rarely needed) #
|
|
###############################################################################
|
|
|
|
# Traefik certificates filename, used by certdumper
|
|
ACME_JSON=${LETS_ENCRYPT_ENV}-acme.json
|
|
|
|
TLS_CERT_FILENAME=$DOMAIN/certificate.crt
|
|
TLS_KEYPAIR_FILENAME=$DOMAIN/privatekey.key
|
|
|
|
# Choose how secure connections will behave (value: letsencrypt, cert, notls, mail, mail-letsencrypt)
|
|
# NOTE(3wc): changing this to "letsencrypt" might (but probably won't) allow
|
|
# this recipe to be deployed standalone without Traefik. "notls" might (but
|
|
# might not) disable encryption for everything except the web interfaces.
|
|
TLS_FLAVOR=mail
|
|
|
|
# Optional features
|
|
# -------------
|
|
|
|
# Dav server implementation (value: radicale, none)
|
|
WEBDAV=none
|
|
|
|
# Antivirus solution (value: clamav, none)
|
|
ANTIVIRUS=none
|
|
|
|
# Scan Macros solution (value: true, false)
|
|
SCAN_MACROS=true
|
|
|
|
# Web settings
|
|
# -------------
|
|
|
|
# Path to redirect / to
|
|
WEBROOT_REDIRECT=/webmail
|
|
|
|
# Path to the admin interface if enabled
|
|
WEB_ADMIN=/admin
|
|
|
|
# Path to the webmail if enabled
|
|
WEB_WEBMAIL=/webmail
|
|
|
|
# Advanced settings
|
|
# -------------
|
|
|
|
# Log driver for front service. Possible values:
|
|
# json-file (default)
|
|
# journald (On systemd platforms, useful for Fail2Ban integration)
|
|
# syslog (Non systemd platforms, Fail2Ban integration. Disables `docker-compose log` for front!)
|
|
#LOG_DRIVER=json-file
|
|
|
|
# Number of rounds used by the password hashing scheme
|
|
CREDENTIAL_ROUNDS=12
|
|
|
|
# Header to take the real ip from
|
|
REAL_IP_HEADER=
|
|
|
|
# IPs for nginx set_real_ip_from (CIDR list separated by commas)
|
|
REAL_IP_FROM=
|
|
|
|
# choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no)
|
|
REJECT_UNLISTED_RECIPIENT=
|
|
|
|
# NOTE(3wc): Other values are not supported, as compose.yml does not contain
|
|
# configuration for them. Pull requests welcome!
|
|
DB_FLAVOR=sqlite
|