diff --git a/automx/automx-ecloud.conf b/automx/automx-ecloud.conf deleted file mode 100644 index b087707adb44276dd51f89489e4a7eafe251463a..0000000000000000000000000000000000000000 --- a/automx/automx-ecloud.conf +++ /dev/null @@ -1,56 +0,0 @@ -# file: /etc/automx.conf - -[automx] -provider = ecloud.global -domains = * - -#debug = yes -#logfile = /var/log/automx/automx.log - -# Protect against DoS -#memcache = 127.0.0.1:11211 -#memcache_ttl = 600 -#client_error_limit = 20 -#rate_limit_exception_networks = 127.0.0.0/8, ::1/128 - -# The DEFAULT section is always merged into each other section. Each section -# can overwrite settings done here. -[DEFAULT] -account_type = email -account_name = %s -account_name_short = %s - - -# If a domain is listed in the automx section, it may have its own section. If -# none is found here, the global section is used. -[global] -backend = static -action = settings - - -# If you want to sign mobileconfig profiles, enable these options. Make sure -# that your webserver has proper privileges to read the key. The cert file -# must contain the server certificate and all intermediate certificates. You -# can simply concatenate these certificates. -#sign_mobileconfig = yes -#sign_cert = /certs/autodiscover.eelo.io.crt -#sign_key = /certs/autodiscover.eelo.io.key - -smtp = yes -smtp_server = mail.ecloud.global -smtp_port = 587 -smtp_encryption = starttls -smtp_auth = plaintext -smtp_auth_identity = %s -smtp_refresh_ttl = 6 -smtp_default = yes - -imap = yes -imap_server = mail.ecloud.global -imap_port = 993 -imap_encryption = ssl -imap_auth = plaintext -imap_auth_identity = %s -imap_refresh_ttl = 6 - -pop = no diff --git a/nginx/sites-enabled/.keep b/config-dynamic/accounts/.keep similarity index 100% rename from nginx/sites-enabled/.keep rename to config-dynamic/accounts/.keep diff --git a/config-dynamic/automx/.keep b/config-dynamic/automx/.keep new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/config-dynamic/nginx/passwds/.keep b/config-dynamic/nginx/passwds/.keep new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/config-dynamic/nginx/sites-enabled/.keep b/config-dynamic/nginx/sites-enabled/.keep new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/accounts/exclude_names b/config-static/accounts/exclude_names similarity index 100% rename from accounts/exclude_names rename to config-static/accounts/exclude_names diff --git a/mail/dovecot-custom/10-mail.conf b/config-static/mail/dovecot-custom/10-mail.conf similarity index 100% rename from mail/dovecot-custom/10-mail.conf rename to config-static/mail/dovecot-custom/10-mail.conf diff --git a/mail/dovecot-custom/90-quota.conf b/config-static/mail/dovecot-custom/90-quota.conf similarity index 100% rename from mail/dovecot-custom/90-quota.conf rename to config-static/mail/dovecot-custom/90-quota.conf diff --git a/mail/dovecot-custom/90-sieve.conf b/config-static/mail/dovecot-custom/90-sieve.conf similarity index 100% rename from mail/dovecot-custom/90-sieve.conf rename to config-static/mail/dovecot-custom/90-sieve.conf diff --git a/nginx/params/headers_params b/config-static/nginx-params/headers_params similarity index 100% rename from nginx/params/headers_params rename to config-static/nginx-params/headers_params diff --git a/nginx/params/proxy_params b/config-static/nginx-params/proxy_params similarity index 100% rename from nginx/params/proxy_params rename to config-static/nginx-params/proxy_params diff --git a/nginx/params/ssl_params b/config-static/nginx-params/ssl_params similarity index 100% rename from nginx/params/ssl_params rename to config-static/nginx-params/ssl_params diff --git a/deployment/salt/init-config/masterless.conf b/deployment/salt/init-config/masterless.conf index d5b90981993c5d1cba548040d3cfab60d82bcd7e..ffa00ee09a80add1b016e1549f7d1bedb9702e30 100644 --- a/deployment/salt/init-config/masterless.conf +++ b/deployment/salt/init-config/masterless.conf @@ -2,4 +2,4 @@ file_client: local minion_id_caching: false file_roots: base: - - /mnt/docker/deployment/salt/base + - /mnt/repo-base/deployment/salt/base diff --git a/docker-compose-networks.yml b/docker-compose-networks.yml deleted file mode 100644 index fdf99f096a8ee7d50c2584f9452f582d8a73b335..0000000000000000000000000000000000000000 --- a/docker-compose-networks.yml +++ /dev/null @@ -1,19 +0,0 @@ - nginx: - image: registry.gitlab.e.foundation:5000/e/infra/docker-nginx:1.15 - container_name: nginx - restart: unless-stopped - networks: - - serverbase - ports: - - "80:8000" - - "443:4430" - volumes: - - /mnt/docker/nginx/sites-enabled:/etc/nginx/conf.d/ - - /mnt/docker/nginx/params:/etc/nginx/params/ - - /mnt/docker/letsencrypt/certstore:/certs - - /mnt/docker/nginx/passwds:/passwds - - /mnt/docker/letsencrypt/acme-challenge:/etc/letsencrypt/acme-challenge - -networks: - serverbase: - driver: 'bridge' diff --git a/docs/ENV_FILE.md b/docs/ENV_FILE.md new file mode 100644 index 0000000000000000000000000000000000000000..c3995c12e708a74a833e67369c1c3f6c13cf4e80 --- /dev/null +++ b/docs/ENV_FILE.md @@ -0,0 +1,40 @@ +## General configuration +``` +DOMAIN=example.com # the main domain for your installation +ADD_DOMAINS=example.com, example2.com # one or more domains that are used for email +ALT_EMAIL=myname@gmail.com # admin email address +INSTALL_ONLYOFFICE=n # y or n, whether Onlyoffice is installed +``` + +## Nextcloud +``` +NEXTCLOUD_ADMIN_USER=ncadmin_z5BL +NEXTCLOUD_ADMIN_PASSWORD=sxOY26y0wKm1Q8SGhqmZ +``` + +## Mail +``` +RSPAMD_PASSWORD=gsteZuLgWLUNCs5b1Ksz +SMTP_PW=wGfQsTXPD3Ipm8Lfyk8y +PFA_SETUP_PASSWORD=93fqGWebGGXZb1CR2I +PFA_SUPERADMIN_PASSWORD=1oyHLEWikVlKx0bz72 +DISABLE_RATELIMITING=false +DRIVE_SMTP_PASSWORD=FL8D6SRnRWOdyMsN +ENABLE_POP3=false +VIRTUAL_HOST=autoconfig.domaina.pw,autodiscover.domaina.pw +``` + +## Database +``` +MYSQL_USER_NC=nc_0VwU +MYSQL_PASSWORD_NC=LxsjA8bzNuzUcTYtkfof +MYSQL_DATABASE_NC=ncdb_aJWW +PFDB_DB=postfix +PFDB_USR=postfix +MYSQL_ROOT_PASSWORD=RqT9WkfrZ9e6SzX2ARoN +DBPASS=QPpTpgFkLFA2ABPizXwk +DBA_USER=phpmyadmin +DBA_PASSWORD=T1N2tYn7aDILXYNS +``` +VHOSTS_ACCOUNTS=welcome.domaina.pw +SMTP_FROM=welcome@domaina.pw \ No newline at end of file diff --git a/docs/FOLDERS.md b/docs/FOLDERS.md new file mode 100644 index 0000000000000000000000000000000000000000..7f68757cdcabeb931a344df5de15903d67c19c3e --- /dev/null +++ b/docs/FOLDERS.md @@ -0,0 +1,20 @@ +Files and Folders +------- + +- `config-dynamic/` Config files that are generated based on templates, and contain hardcoded values like the local domain + +- `config-static/` Config files that are included with the git repo and don't change (except in repo updates) + +- `deployment/` Files that are required for the initial installation + +- `docs/` General project documentation + +- `scripts/` Various scripts that are used for installation, updating and administration + +- `templates/` Used to dynamically generate various config files + +- `volumes/` Docker volumes used to store data for the different applications (eg Nextcloud files, mail data) + +- `.env` Defines passwords and other variables (see [ENV_FILE.md](ENV_FILE.md) for details) + +- `docker-compose.yml` Defines the Docker images and volumes. Run `docker-compose up -d` to start the services, and `docker-compose down` to stop them. diff --git a/HOWTO_ADD_VHOST.md b/docs/HOWTO_ADD_VHOST.md similarity index 69% rename from HOWTO_ADD_VHOST.md rename to docs/HOWTO_ADD_VHOST.md index 1f949e8d2d69634e641adb4756c0a17842b7cd85..a6006832579e2619c608db25c91fbbadc7a31487 100644 --- a/HOWTO_ADD_VHOST.md +++ b/docs/HOWTO_ADD_VHOST.md @@ -12,16 +12,16 @@ NEWVHOST=thilo-test.ecloud.global # Request cert from LE -echo -e "sub\t$NEWVHOST" >> /mnt/docker/letsencrypt/autrenew/ssl-domains.dat -/mnt/docker/letsencrypt/autrenew/ssl-renew.sh +echo -e "sub\t$NEWVHOST" >> /mnt/repo-base/letsencrypt/autrenew/ssl-domains.dat +/mnt/repo-base/letsencrypt/autrenew/ssl-renew.sh # Add vhost to docker-compose configuration -sed -i "s@VHOSTS_DOMAINS=@VHOSTS_DOMAINS=$NEWVHOST,@g" /mnt/docker/compose/.env +sed -i "s@VHOSTS_DOMAINS=@VHOSTS_DOMAINS=$NEWVHOST,@g" /mnt/repo-base/compose/.env # Create dir to host php files -mkdir -p /mnt/docker/www/$NEWVHOST/htdocs/ +mkdir -p /mnt/repo-base/www/$NEWVHOST/htdocs/ # Create nginx proxy vhost to point to dockered vhost echo "server { @@ -41,14 +41,14 @@ server { proxy_pass http://vhosts:80; include /etc/nginx/conf/proxy_params; } -}" > /mnt/docker/nginx/sites-enabled/${NEWVHOST}.conf +}" > /mnt/repo-base/nginx/sites-enabled/${NEWVHOST}.conf # Place file to check it is working -echo "hello world" > /mnt/docker/www/$NEWVHOST/htdocs/index.php -chown www-data: /mnt/docker/www/$NEWVHOST/ -R +echo "hello world" > /mnt/repo-base/www/$NEWVHOST/htdocs/index.php +chown www-data: /mnt/repo-base/www/$NEWVHOST/ -R # Restart services to bring changes into effect -cd /mnt/docker/compose && docker-compose up -d +cd /mnt/repo-base/compose && docker-compose up -d docker restart nginx ``` @@ -58,6 +58,6 @@ Health check: - Is new host working? https://thilo-test.ecloud.global # Happy hacking -Update you code in /mnt/docker/www/$NEWVHOST/htdocs/ to your liking :) +Update you code in /mnt/repo-base/www/$NEWVHOST/htdocs/ to your liking :) -Enjoy! \ No newline at end of file +Enjoy! diff --git a/HOWTO_UPDATE_ONLYOFFICE.md b/docs/HOWTO_UPDATE_ONLYOFFICE.md similarity index 84% rename from HOWTO_UPDATE_ONLYOFFICE.md rename to docs/HOWTO_UPDATE_ONLYOFFICE.md index b3bf922fdfc378d44b782679150f28bbad9134ec..06e9cfd53a4b0af122dda1a77f4b1fc8fb841950 100644 --- a/HOWTO_UPDATE_ONLYOFFICE.md +++ b/docs/HOWTO_UPDATE_ONLYOFFICE.md @@ -9,7 +9,7 @@ docker stop onlyoffice-document-server docker stop onlyoffice-mail-server #Create backup copy of files -cp -pR /mnt/docker/onlyoffice{,.bck} +cp -pR /mnt/repo-base/onlyoffice{,.bck} # Save image IDs of old images to a file docker images | grep office > /somewhere/a-file.txt @@ -24,7 +24,7 @@ docker pull onlyoffice/communityserver docker pull onlyoffice/mailserver # Start again -cd /mnt/docker/compose +cd /mnt/repo-base/compose docker-compose up -d ``` @@ -44,10 +44,10 @@ docker tag 0e667b917252 onlyoffice/communityserver dockr tag 6b2398f473ea onlyoffice/mailserver # Move current files to yet another location and move previous backup into original location -mv /mnt/docker/onlyoffice /mnt/docker/onlyoffice.bck.rolledback -mv /mnt/docker/onlyoffice.bck /mnt/docker/onlyoffice +mv /mnt/repo-base/onlyoffice /mnt/repo-base/onlyoffice.bck.rolledback +mv /mnt/repo-base/onlyoffice.bck /mnt/repo-base/onlyoffice # Start again -cd /mnt/docker/compose +cd /mnt/repo-base/compose docker-compose up -d -``` \ No newline at end of file +``` diff --git a/env-example b/env-example deleted file mode 100644 index bed62d0e561f96d7790e0a68eac50d0e1044906d..0000000000000000000000000000000000000000 --- a/env-example +++ /dev/null @@ -1,27 +0,0 @@ -DBPASS=supersecretpw -RSPAMD_PASSWORD=supersecretpwRPSAMD -ADD_DOMAINS=domainA.com,domainB.com -#DISABLE_DNS_RESOLVER=true -#ENABLE_POP3=true -#ENABLE_FETCHMAIL=true -#DISABLE_CLAMAV=true -#DISABLE_SIGNING=true -#DISABLE_GREYLISTING=true -#DISABLE_RATELIMITING=true - -MYSQL_ROOT_PASSWORD=rootpwsecret - -VHOSTS_ACCOUNTS=welcome.domainA.com -PFDB_DB=postfix -PFDB_USR=postfix -SMTP_FROM=welcome@domainA.com -SMTP_PW=smtppw - -MYSQL_DATABASE_NC=nextcloud -MYSQL_USER_NC=nextcloud -MYSQL_PASSWORD_NC=ncdbpw -NEXTCLOUD_ADMIN_USER=adminusername -NEXTCLOUD_ADMIN_PASSWORD=adminaccountpw - -VIRTUAL_HOST=autoconfig.domainA.com,autodiscover.domainA.com,autoconfig.domainB.com,autodiscover.domainB.com -DOMAIN=domainA.com \ No newline at end of file diff --git a/scripts/check-update.sh b/scripts/check-update.sh index 17a899e7b9bede981c75e1b79768e8fd658a8b84..99a227ddcd0359c95a8cc1c32960162fe386b6e7 100755 --- a/scripts/check-update.sh +++ b/scripts/check-update.sh @@ -1,7 +1,9 @@ #!/bin/bash set -e -ENVFILE="/mnt/docker/.env" +cd /mnt/repo-base/ + +ENVFILE="/mnt/repo-base/.env" DOMAIN=$(grep ^DOMAIN= "$ENVFILE" | awk -F= '{ print $NF }') ALT_EMAIL=$(grep ^ALT_EMAIL= "$ENVFILE" | awk -F= '{ print $NF }') KNOWN_VERSION_FILE="/mnt/repo-base/config/latest-known-version" @@ -16,6 +18,7 @@ LATEST_VERSION_DATE=$(git show -s --format=%ci "$LATEST_TAG") if [[ "$LATEST_VERSION_DATE" > "$CURRENT_VERSION_DATE" ]] then +<<<<<<< HEAD echo "New version $LATEST_TAG is available!" if [ "$LATEST_TAG" != "$(cat $KNOWN_VERSION_FILE)" ] then diff --git a/generate-signup-link.sh b/scripts/generate-signup-link.sh similarity index 82% rename from generate-signup-link.sh rename to scripts/generate-signup-link.sh index 7fa11c436fc964890719c757af6d35b0714e1728..5dcd51bb8eab6d56008489e504cc196f26884024 100755 --- a/generate-signup-link.sh +++ b/scripts/generate-signup-link.sh @@ -18,11 +18,12 @@ fi AUTH_SECRET=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1) -echo "$EMAIL:$AUTH_SECRET" >> /mnt/docker/accounts/auth.file -DOMAIN=$(grep ^DOMAIN= "/mnt/docker/.env" | awk -F= '{ print $NF }') +echo "$EMAIL:$AUTH_SECRET" >> /mnt/repo-base/config-dynamic/accounts/auth.file +DOMAIN=$(grep ^DOMAIN= "/mnt/repo-base/.env" | awk -F= '{ print $NF }') SIGNUP_URL="https://welcome.$DOMAIN/?authmail=$EMAIL&authsecret=$AUTH_SECRET" echo "The new user can sign up now at $SIGNUP_URL" +cd /mnt/repo-base/ echo -e "Subject:Signup for $DOMAIN You can now sign up for your $DOMAIN account at $SIGNUP_URL" | \ docker-compose exec -T eelomailserver sendmail -f "drive@$DOMAIN" -t "$EMAIL" diff --git a/init-repo.sh b/scripts/init-repo.sh similarity index 66% rename from init-repo.sh rename to scripts/init-repo.sh index 3c803dde608b757fc21555cb71d79ef44ddea68e..7460a1d502b99f56a12fc0c32c282b8766f1f5e1 100755 --- a/init-repo.sh +++ b/scripts/init-repo.sh @@ -4,7 +4,7 @@ set -e #source <(curl -s https://gitlab.e.foundation/thilo/bootstrap/raw/master/bootstrap-commons.sh) source <(curl -s https://gitlab.e.foundation/e/infra/bootstrap/raw/master/bootstrap-commons.sh) -ENVFILE="/mnt/docker/.env" +ENVFILE="/mnt/repo-base/.env" rm -f "$ENVFILE" # Create .env file @@ -24,34 +24,35 @@ MYSQL_PASSWORD_NC=$(grep ^MYSQL_PASSWORD_NC= "$ENVFILE" | awk -F= '{ print $NF } INSTALL_ONLYOFFICE=$(grep ^INSTALL_ONLYOFFICE= "$ENVFILE" | awk -F= '{ print $NF }') +DC_DIR="templates/docker-compose/" case $INSTALL_ONLYOFFICE in [Yy]* ) - cat docker-compose-base.yml docker-compose-onlyoffice.yml docker-compose-networks.yml > docker-compose.yml; - cat nginx/templates/office | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "nginx/sites-enabled/office.$DOMAIN.conf" + cat "${DC_DIR}docker-compose-base.yml" "${DC_DIR}docker-compose-onlyoffice.yml" "${DC_DIR}docker-compose-networks.yml" > docker-compose.yml; + cat templates/nginx/office | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "config-dynamic/nginx/sites-enabled/office.$DOMAIN.conf" OFFICE_DOMAIN=",office.$DOMAIN" OFFICE_LETSENCRYPT_KEY="letsencrypt/certstore/live/office.$DOMAIN/privkey.pem" NUM_CERTIFICATES="7" ;; [Nn]* ) - cat docker-compose-base.yml docker-compose-networks.yml > docker-compose.yml + cat "${DC_DIR}docker-compose-base.yml" "${DC_DIR}docker-compose-networks.yml" > docker-compose.yml NUM_CERTIFICATES="6" ;; esac # Create folder structure -cd /mnt/docker && grep mnt docker-compose.yml | grep -v \# | awk '{ print $2 }' | awk -F: '{ print $1 }' | sed 's@m/.*conf$@m@g' | grep -v -e id_rsa -v -e exclude_names| sed 's@x/.*conf$@x@g' | sort -u | while read line; do mkdir -p "$line"; done +cd /mnt/repo-base && grep mnt docker-compose.yml | grep -v \# | awk '{ print $2 }' | awk -F: '{ print $1 }' | sed 's@m/.*conf$@m@g' | grep -v -e id_rsa -v -e exclude_names| sed 's@x/.*conf$@x@g' | sort -u | while read line; do mkdir -p "$line"; done # prepare nextcloud DB init scripts -cat /mnt/docker/deployment/ncdb-templates/a_user.sql | sed "s/@@@USER@@@/$MYSQL_USER_NC/g" | sed "s/@@@PASSWORD@@@/$MYSQL_PASSWORD_NC/g" > /mnt/docker/deployment/ncdb/a_user.sql -cat /mnt/docker/deployment/ncdb-templates/b_db.sql | sed "s/@@@ADMINUSER@@@/$NEXTCLOUD_ADMIN_USER/g" | sed "s/@@@DBNAME@@@/$MYSQL_DATABASE_NC/g" > /mnt/docker/deployment/ncdb/b_db.sql -cat /mnt/docker/deployment/ncdb-templates/c_grant.sql | sed "s/@@@USER@@@/$MYSQL_USER_NC/g" | sed "s/@@@DBNAME@@@/$MYSQL_DATABASE_NC/g" > /mnt/docker/deployment/ncdb/c_grant.sql +cat /mnt/repo-base/templates/nextcloud/a_user.sql | sed "s/@@@USER@@@/$MYSQL_USER_NC/g" | sed "s/@@@PASSWORD@@@/$MYSQL_PASSWORD_NC/g" > /mnt/repo-base/config-dynamic/nextcloud/a_user.sql +cat /mnt/repo-base/templates/nextcloud/b_db.sql | sed "s/@@@ADMINUSER@@@/$NEXTCLOUD_ADMIN_USER/g" | sed "s/@@@DBNAME@@@/$MYSQL_DATABASE_NC/g" > /mnt/repo-base/config-dynamic/nextcloud/b_db.sql +cat /mnt/repo-base/templates/nextcloud/c_grant.sql | sed "s/@@@USER@@@/$MYSQL_USER_NC/g" | sed "s/@@@DBNAME@@@/$MYSQL_DATABASE_NC/g" > /mnt/repo-base/config-dynamic/nextcloud/c_grant.sql # To be constructed repo specific echo "VHOSTS_ACCOUNTS=welcome.$DOMAIN" >> "$ENVFILE" echo "SMTP_FROM=welcome@$DOMAIN" >> "$ENVFILE" # generate basic auth for phpmyadmin -htpasswd -c -b /mnt/docker/nginx/passwds/pma.htpasswd $DBA_USER "$DBA_PASSWORD" +htpasswd -c -b /mnt/repo-base/config-dynamic/nginx/passwds/pma.htpasswd $DBA_USER "$DBA_PASSWORD" VIRTUAL_HOST=$(echo "$ADD_DOMAINS" | tr "," "\n" | while read line; do echo "autoconfig.$line,autodiscover.$line"; done | tr "\n" "," | sed 's/.$//g') @@ -68,23 +69,23 @@ echo "$VIRTUAL_HOST,dba.$DOMAIN,drive.$DOMAIN,mail.$DOMAIN,spam.$DOMAIN,webmail. # Configure automx -cat automx/automx-template.conf | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > automx/automx.conf +cat templates/automx/automx.conf | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > config-dynamic/automx/automx.conf # Configure nginx vhost # automx echo "$DOMAIN,$ADD_DOMAINS" | tr "," "\n" | while read CURDOMAIN; do - cat nginx/templates/autoconfig | sed "s/@@@DOMAIN@@@/$CURDOMAIN/g" | sed "s/@@@SERVICE@@@/autoconfig/g" > nginx/sites-enabled/autoconfig.$CURDOMAIN.conf - cat nginx/templates/autoconfig | sed "s/@@@DOMAIN@@@/$CURDOMAIN/g" | sed "s/@@@SERVICE@@@/autodiscover/g" > nginx/sites-enabled/autodiscover.$CURDOMAIN.conf + cat templates/nginx/autoconfig | sed "s/@@@DOMAIN@@@/$CURDOMAIN/g" | sed "s/@@@SERVICE@@@/autoconfig/g" > "config-dynamic/nginx/sites-enabled/autoconfig.$CURDOMAIN.conf" + cat templates/nginx/autoconfig | sed "s/@@@DOMAIN@@@/$CURDOMAIN/g" | sed "s/@@@SERVICE@@@/autodiscover/g" > "config-dynamic/nginx/sites-enabled/autodiscover.$CURDOMAIN.conf" :; done # other hosts -cat nginx/templates/dba | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "nginx/sites-enabled/dba.$DOMAIN.conf" -cat nginx/templates/drive | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "nginx/sites-enabled/drive.$DOMAIN.conf" -cat nginx/templates/mail | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "nginx/sites-enabled/mail.$DOMAIN.conf" -cat nginx/templates/spam | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "nginx/sites-enabled/spam.$DOMAIN.conf" -cat nginx/templates/webmail | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "nginx/sites-enabled/webmail.$DOMAIN.conf" -cat nginx/templates/welcome | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "nginx/sites-enabled/welcome.$DOMAIN.conf" +cat templates/nginx/dba | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "config-dynamic/nginx/sites-enabled/dba.$DOMAIN.conf" +cat templates/nginx/drive | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "config-dynamic/nginx/sites-enabled/drive.$DOMAIN.conf" +cat templates/nginx/mail | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "config-dynamic/nginx/sites-enabled/mail.$DOMAIN.conf" +cat templates/nginx/spam | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "config-dynamic/nginx/sites-enabled/spam.$DOMAIN.conf" +cat templates/nginx/webmail | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "config-dynamic/nginx/sites-enabled/webmail.$DOMAIN.conf" +cat templates/nginx/welcome | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "config-dynamic/nginx/sites-enabled/welcome.$DOMAIN.conf" # confirm DNS is ready echo "" @@ -136,22 +137,22 @@ fi #PFEXEC_UID=$(docker-compose exec --user pfexec postfixadmin id -u | tr -d '\r') # Generate ssh key for welcome -ssh-keygen -f /mnt/docker/accounts/id_rsa_postfixadmincontainer -N "" -chown "33:33" /mnt/docker/accounts/id_rsa_postfixadmincontainer -chown "1000:1000" /mnt/docker/accounts/id_rsa_postfixadmincontainer.pub +ssh-keygen -f /mnt/repo-base/config-dynamic/accounts/id_rsa_postfixadmincontainer -N "" +chown "33:33" /mnt/repo-base/config-dynamic/accounts/id_rsa_postfixadmincontainer +chown "1000:1000" /mnt/repo-base/config-dynamic/accounts/id_rsa_postfixadmincontainer.pub # needed to store created accounts, and needs to be writable by welcome -touch /mnt/docker/accounts/auth.file.done -chown "33:33" /mnt/docker/accounts/auth.file.done +touch /mnt/repo-base/config-dynamic/accounts/auth.file.done +chown "33:33" /mnt/repo-base/config-dynamic/accounts/auth.file.done # Login to /e/ registry | not necessary when going public docker login registry.gitlab.e.foundation:5000 -cd /mnt/docker/ +cd /mnt/repo-base/ docker-compose up -d # Run LE cert request -sh scripts/ssl-renew.sh +bash scripts/ssl-renew.sh # verify LE status CTR_LE=$(find letsencrypt/certstore/live/dba.$DOMAIN/privkey.pem letsencrypt/certstore/live/drive.$DOMAIN/privkey.pem letsencrypt/certstore/live/mail.$DOMAIN/privkey.pem letsencrypt/certstore/live/spam.$DOMAIN/privkey.pem letsencrypt/certstore/live/webmail.$DOMAIN/privkey.pem letsencrypt/certstore/live/welcome.$DOMAIN/privkey.pem $OFFICE_LETSENCRYPT_KEY 2>/dev/null| wc -l) @@ -168,4 +169,4 @@ else exit 1 fi -bash /mnt/repo-base/postinstall.sh +bash /mnt/repo-base/scripts/postinstall.sh diff --git a/postinstall.sh b/scripts/postinstall.sh similarity index 78% rename from postinstall.sh rename to scripts/postinstall.sh index 1822fc573916e47c73990eb264fabe8d07a0b674..0bd170e667be74faac2cc3e3c56c03262ff2a707 100755 --- a/postinstall.sh +++ b/scripts/postinstall.sh @@ -2,7 +2,7 @@ set -e echo "Getting info from .env file" -ENVFILE="/mnt/docker/.env" +ENVFILE="/mnt/repo-base/.env" DOMAIN=$(grep ^DOMAIN= "$ENVFILE" | awk -F= '{ print $NF }') ADD_DOMAINS=$(grep ^ADD_DOMAINS= "$ENVFILE" | awk -F= '{ print $NF }') @@ -22,23 +22,23 @@ PFDB_DBPASS=$(grep ^DBPASS= "$ENVFILE" | awk -F= '{ print $NF }') # We need to wait until both the config exists and occ works. If we only do one of these, it might # still not work. printf "Waiting for Nextcloud to be started" -while [ ! -f /mnt/docker/nextcloud/config/config.php ] +while [ ! -f /mnt/repo-base/volumes/nextcloud/config/config.php ] do printf "." sleep 0.1 done -while docker-compose exec --user www-data nextcloud php occ | grep "Nextcloud is not installed" > /dev/null; +while docker-compose exec --user www-data nextcloud php occ | grep -q "Nextcloud is not installed"; do printf "." sleep 0.1 done echo "Tweaking nextcloud config" -sed -i "s/localhost/drive.$DOMAIN/g" /mnt/docker/nextcloud/config/config.php -sed -i "s/);//g" /mnt/docker/nextcloud/config/config.php -/bin/echo -e " 'skeletondirectory' => '',\n 'mail_from_address' => 'drive',\n 'mail_smtpmode' => 'smtp',\n 'mail_smtpauthtype' => 'PLAIN',\n 'mail_domain' => '$DOMAIN',\n 'mail_smtpauth' => 1,\n 'mail_smtphost' => 'mail.$DOMAIN',\n 'mail_smtpname' => 'drive@$DOMAIN',\n 'mail_smtppassword' => '$DRIVE_SMTP_PASSWORD',\n 'mail_smtpport' => '587',\n 'mail_smtpsecure' => 'tls'," >> /mnt/docker/nextcloud/config/config.php -cat /mnt/docker/deployment/nc-plugin-config/user_sql_raw_config.conf | sed "s/@@@DBNAME@@@/$PFDB_DB/g" | sed "s/@@@DBUSER@@@/$PFDB_USR/g" | sed "s/@@@DBPW@@@/$PFDB_DBPASS/g" >> /mnt/docker/nextcloud/config/config.php -touch /mnt/docker/nextcloud/data/.ocdata +sed -i "s/localhost/drive.$DOMAIN/g" /mnt/repo-base/volumes/nextcloud/config/config.php +sed -i "s/);//g" /mnt/repo-base/volumes/nextcloud/config/config.php +/bin/echo -e " 'skeletondirectory' => '',\n 'mail_from_address' => 'drive',\n 'mail_smtpmode' => 'smtp',\n 'mail_smtpauthtype' => 'PLAIN',\n 'mail_domain' => '$DOMAIN',\n 'mail_smtpauth' => 1,\n 'mail_smtphost' => 'mail.$DOMAIN',\n 'mail_smtpname' => 'drive@$DOMAIN',\n 'mail_smtppassword' => '$DRIVE_SMTP_PASSWORD',\n 'mail_smtpport' => '587',\n 'mail_smtpsecure' => 'tls'," >> /mnt/repo-base/volumes/nextcloud/config/config.php +cat /mnt/repo-base/templates/nextcloud/user_sql_raw_config.conf | sed "s/@@@DBNAME@@@/$PFDB_DB/g" | sed "s/@@@DBUSER@@@/$PFDB_USR/g" | sed "s/@@@DBPW@@@/$PFDB_DBPASS/g" >> /mnt/repo-base/volumes/nextcloud/config/config.php +touch /mnt/repo-base/volumes/nextcloud/data/.ocdata echo "Installing nextcloud plugin" docker exec -ti nextcloud su - www-data -s /bin/bash -c "php /var/www/html/occ app:install user_backend_sql_raw" @@ -51,7 +51,7 @@ echo "Creating postfix database schema" curl --silent -L https://mail.$DOMAIN/setup.php > /dev/null echo "Setting Postfix admin setup password" -docker cp /mnt/docker/deployment/postfixadmin/pwgen.php postfixadmin:/postfixadmin +docker cp /mnt/repo-base/deployment/postfixadmin/pwgen.php postfixadmin:/postfixadmin SETUPPW_HASH=$(docker exec -t postfixadmin php /postfixadmin/pwgen.php "$PFA_SETUP_PASSWORD" | tail -n1) docker exec -t postfixadmin sed -i "s|\($CONF\['setup_password'\].*=\).*|\1 '${SETUPPW_HASH}';|" /postfixadmin/config.inc.php docker exec -t postfixadmin rm /postfixadmin/pwgen.php @@ -68,13 +68,13 @@ docker exec -t postfixadmin php /postfixadmin/scripts/postfixadmin-cli.php mailb # display DKIM DNS setup info/instructions to the user echo -e "\n\n\n" echo -e "Please add the following records to your domain's DNS configuration:\n" -find /mnt/docker/mail/dkim/ -maxdepth 1 -mindepth 1 -type d | while read line; do DOMAIN=$(basename $line); echo " - DKIM record (TXT) for $DOMAIN:" && cat $line/public.key; done +find /mnt/repo-base/volumes/mail/dkim/ -maxdepth 1 -mindepth 1 -type d | while read line; do DOMAIN=$(basename $line); echo " - DKIM record (TXT) for $DOMAIN:" && cat $line/public.key; done echo "=================================================================================================================================" echo "=================================================================================================================================" echo "Your logins:" -bash /mnt/repo-base/showInfo.sh +bash /mnt/repo-base/scripts/show-info.sh echo "=================================================================================================================================" echo "Your signup link:" -bash /mnt/repo-base/generate-signup-link.sh --user-email $ALT_EMAIL +bash /mnt/repo-base/scripts/generate-signup-link.sh --user-email $ALT_EMAIL diff --git a/showInfo.sh b/scripts/show-info.sh similarity index 58% rename from showInfo.sh rename to scripts/show-info.sh index e38246a802e3087cc3f4b20cd1dc408a48a30d20..780faaff291834c55118fd3f3525616a4ea7a049 100755 --- a/showInfo.sh +++ b/scripts/show-info.sh @@ -1,20 +1,20 @@ #!/usr/bin/env bash set -e -ENVFILE="/mnt/docker/.env" +ENVFILE="/mnt/repo-base/.env" -SPAM_UI=$(grep server_name $(grep -l mailserver:11334 /mnt/docker/nginx/sites-enabled/*.conf) | sort -u | head -n1 | awk '{ print $2 }' | sed 's/;$//g') +SPAM_UI=$(grep server_name $(grep -l mailserver:11334 /mnt/repo-base/config-dynamic/nginx/sites-enabled/*.conf) | sort -u | head -n1 | awk '{ print $2 }' | sed 's/;$//g') RSPAMD_PASSWORD=$(grep ^RSPAMD_PASSWORD= "$ENVFILE" | awk -F= '{ print $NF }') -NEXTCLOUD_UI=$(grep server_name $(grep -l nextcloud:80 /mnt/docker/nginx/sites-enabled/*.conf) | sort -u | head -n1 | awk '{ print $2 }' | sed 's/;$//g') +NEXTCLOUD_UI=$(grep server_name $(grep -l nextcloud:80 /mnt/repo-base/config-dynamic/nginx/sites-enabled/*.conf) | sort -u | head -n1 | awk '{ print $2 }' | sed 's/;$//g') NEXTCLOUD_ADMIN_USER=$(grep ^NEXTCLOUD_ADMIN_USER= "$ENVFILE" | awk -F= '{ print $NF }') NEXTCLOUD_ADMIN_PASSWORD=$(grep ^NEXTCLOUD_ADMIN_PASSWORD= "$ENVFILE" | awk -F= '{ print $NF }') -DBA_UI=$(grep server_name $(grep -l pma:80 /mnt/docker/nginx/sites-enabled/*.conf) | sort -u | head -n1 | awk '{ print $2 }' | sed 's/;$//g') +DBA_UI=$(grep server_name $(grep -l pma:80 /mnt/repo-base/config-dynamic/nginx/sites-enabled/*.conf) | sort -u | head -n1 | awk '{ print $2 }' | sed 's/;$//g') DBA_USER=$(grep ^DBA_USER= "$ENVFILE" | awk -F= '{ print $NF }') DBA_PASSWORD=$(grep ^DBA_PASSWORD= "$ENVFILE" | awk -F= '{ print $NF }') -POSTFIX_UI=$(grep server_name $(grep -l postfixadmin:8888 /mnt/docker/nginx/sites-enabled/*.conf) | sort -u | head -n1 | awk '{ print $2 }' | sed 's/;$//g') +POSTFIX_UI=$(grep server_name $(grep -l postfixadmin:8888 /mnt/repo-base/config-dynamic/nginx/sites-enabled/*.conf) | sort -u | head -n1 | awk '{ print $2 }' | sed 's/;$//g') POSTFIX_USER=$(grep ALT_EMAIL= "$ENVFILE" | awk -F= '{ print $NF }') POSTFIX_PASSWORD=$(grep PFA_SUPERADMIN_PASSWORD= "$ENVFILE" | awk -F= '{ print $NF }') diff --git a/scripts/ssl-renew.sh b/scripts/ssl-renew.sh index 39e2f52ae523ca4c74246eb7e5ff2c77a47126c0..fd8c21b7ea39f1db04da8dd80f4993945c80738a 100755 --- a/scripts/ssl-renew.sh +++ b/scripts/ssl-renew.sh @@ -6,12 +6,12 @@ then exit 1 fi -ENVFILE="/mnt/docker/.env" +ENVFILE="/mnt/repo-base/.env" DOMAIN=$(grep ^DOMAIN= "$ENVFILE" | awk -F= '{ print $NF }') MAILHOST="mail.$DOMAIN" -CONFIG=/mnt/docker/letsencrypt/autorenew/ssl-domains.dat +CONFIG=/mnt/repo-base/letsencrypt/autorenew/ssl-domains.dat OPENSSLBIN=/usr/bin/openssl -CERTSTOREBASE=/mnt/docker/letsencrypt/certstore +CERTSTOREBASE=/mnt/repo-base/letsencrypt/certstore CERTSTORE=$CERTSTOREBASE/live SERVERADMIN="admin@$DOMAIN" PUBIP=0.0.0.0 @@ -23,7 +23,7 @@ cat "$CONFIG" | while read TYPE DOMAIN; do then ALIAS="-d www.$DOMAIN" fi - docker run -t --rm -v $CERTSTOREBASE:/etc/letsencrypt -v /mnt/docker/letsencrypt/acme-challenge:/etc/letsencrypt/acme-challenge "$CERTBOT_IMAGE" certonly --non-interactive \ + docker run -t --rm -v $CERTSTOREBASE:/etc/letsencrypt -v /mnt/repo-base/letsencrypt/acme-challenge:/etc/letsencrypt/acme-challenge "$CERTBOT_IMAGE" certonly --non-interactive \ --agree-tos -m $SERVERADMIN -d $DOMAIN $ALIAS --webroot -w /etc/letsencrypt/acme-challenge docker exec nginx nginx -s reload NVALIDTHRU=$($OPENSSLBIN x509 -enddate -noout -in $CERTSTORE/$DOMAIN/fullchain.pem | awk -F= '{ print $NF }') diff --git a/automx/automx-template.conf b/templates/automx/automx.conf similarity index 100% rename from automx/automx-template.conf rename to templates/automx/automx.conf diff --git a/docker-compose-base.yml b/templates/docker-compose/docker-compose-base.yml similarity index 78% rename from docker-compose-base.yml rename to templates/docker-compose/docker-compose-base.yml index a62f32087aa144f3238694068ef735ea7642696c..9241a4fb69112c0782463bf3721ebc347e7762a8 100644 --- a/docker-compose-base.yml +++ b/templates/docker-compose/docker-compose-base.yml @@ -34,12 +34,12 @@ services: # Full list : https://github.com/hardware/mailserver#environment-variables # volumes: - - /mnt/docker/mail:/var/mail - - /mnt/docker/letsencrypt/certstore:/etc/letsencrypt - - /mnt/docker/mail/dovecot-custom/10-mail.conf:/etc/dovecot/conf.d/10-mail.conf - - /mnt/docker/mail/dovecot-custom/90-quota.conf:/etc/dovecot/conf.d/90-quota.conf - - /mnt/docker/mail/dovecot-custom/90-sieve.conf:/etc/dovecot/conf.d/90-sieve.conf -# - /mnt/docker/mail/dovecot/dovecot.conf:/etc/dovecot/dovecot.conf + - /mnt/repo-base/volumes/mail:/var/mail + - /mnt/repo-base/letsencrypt/certstore:/etc/letsencrypt + - /mnt/repo-base/config-static/mail/dovecot-custom/10-mail.conf:/etc/dovecot/conf.d/10-mail.conf + - /mnt/repo-base/config-static/mail/dovecot-custom/90-quota.conf:/etc/dovecot/conf.d/90-quota.conf + - /mnt/repo-base/config-static/mail/dovecot-custom/90-sieve.conf:/etc/dovecot/conf.d/90-sieve.conf +# - /mnt/repo-base/volumes/mail/dovecot/dovecot.conf:/etc/dovecot/dovecot.conf depends_on: - mariadb - redis @@ -59,7 +59,7 @@ services: environment: - DBPASS=${DBPASS} volumes: - - /mnt/docker/accounts/id_rsa_postfixadmincontainer.pub:/home/pfexec/.ssh/authorized_keys + - /mnt/repo-base/config-dynamic/accounts/id_rsa_postfixadmincontainer.pub:/home/pfexec/.ssh/authorized_keys depends_on: - eelomailserver - mariadb @@ -76,7 +76,7 @@ services: networks: - serverbase volumes: - - /mnt/docker/rainloop/data:/rainloop/data + - /mnt/repo-base/volumes/rainloop/data:/rainloop/data depends_on: - eelomailserver - mariadb @@ -97,8 +97,8 @@ services: - MYSQL_USER=${PFDB_USR} - MYSQL_PASSWORD=${DBPASS} volumes: - - /mnt/docker/mysql/db:/var/lib/mysql - - /mnt/docker/deployment/ncdb:/docker-entrypoint-initdb.d + - /mnt/repo-base/volumes/mysql/db:/var/lib/mysql + - /mnt/repo-base/config-dynamic/nextcloud:/docker-entrypoint-initdb.d # Cache Database # https://github.com/docker-library/redis # https://redis.io/ @@ -110,7 +110,7 @@ services: - serverbase command: redis-server --appendonly yes volumes: - - /mnt/docker/redis/db:/data + - /mnt/repo-base/volumes/redis/db:/data pma: image: phpmyadmin/phpmyadmin container_name: pma @@ -138,9 +138,9 @@ services: networks: - serverbase volumes: - - /mnt/docker/accounts:/var/accounts - - /mnt/docker/accounts/id_rsa_postfixadmincontainer:/home/www-data/.ssh/id_rsa - - /mnt/docker/accounts/exclude_names:/var/script/exclude_names + - /mnt/repo-base/config-dynamic/accounts:/var/accounts + - /mnt/repo-base/config-dynamic/accounts/id_rsa_postfixadmincontainer:/home/www-data/.ssh/id_rsa + - /mnt/repo-base/config-static/accounts/exclude_names:/var/script/exclude_names depends_on: - mariadb ################################################################################################################################## @@ -158,10 +158,10 @@ services: networks: - serverbase volumes: - - /mnt/docker/nextcloud/html:/var/www/html/ - - /mnt/docker/nextcloud/custom_apps:/var/www/html/custom_apps/ - - /mnt/docker/nextcloud/config:/var/www/html/config/ - - /mnt/docker/nextcloud/data:/var/www/html/data/ + - /mnt/repo-base/volumes/nextcloud/html:/var/www/html/ + - /mnt/repo-base/volumes/nextcloud/custom_apps:/var/www/html/custom_apps/ + - /mnt/repo-base/volumes/nextcloud/config:/var/www/html/config/ + - /mnt/repo-base/volumes/nextcloud/data:/var/www/html/data/ depends_on: - mariadb @@ -177,4 +177,4 @@ services: networks: - serverbase volumes: - - /mnt/docker/automx/automx.conf:/etc/automx.conf + - /mnt/repo-base/config-dynamic/automx/automx.conf:/etc/automx.conf diff --git a/templates/docker-compose/docker-compose-networks.yml b/templates/docker-compose/docker-compose-networks.yml new file mode 100644 index 0000000000000000000000000000000000000000..e06d75248a251f6ebfdc4ed72a9092e9c7206673 --- /dev/null +++ b/templates/docker-compose/docker-compose-networks.yml @@ -0,0 +1,19 @@ + nginx: + image: registry.gitlab.e.foundation:5000/e/infra/docker-nginx:1.15 + container_name: nginx + restart: unless-stopped + networks: + - serverbase + ports: + - "80:8000" + - "443:4430" + volumes: + - /mnt/repo-base/config-dynamic/nginx/sites-enabled:/etc/nginx/conf.d/ + - /mnt/repo-base/config-static/nginx-params:/etc/nginx/params/ + - /mnt/repo-base/letsencrypt/certstore:/certs + - /mnt/repo-base/config-dynamic/nginx/passwds:/passwds + - /mnt/repo-base/letsencrypt/acme-challenge:/etc/letsencrypt/acme-challenge + +networks: + serverbase: + driver: 'bridge' diff --git a/docker-compose-onlyoffice.yml b/templates/docker-compose/docker-compose-onlyoffice.yml similarity index 56% rename from docker-compose-onlyoffice.yml rename to templates/docker-compose/docker-compose-onlyoffice.yml index 032e0c46ec584abac8fb3bc155bf7a0e20b7e302..5b2e6a276602dc756aca193bbcf99ca1670eeb3c 100644 --- a/docker-compose-onlyoffice.yml +++ b/templates/docker-compose/docker-compose-onlyoffice.yml @@ -7,8 +7,8 @@ networks: - serverbase volumes: - - /mnt/docker/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data - - /mnt/docker/onlyoffice/DocumentServer/logs:/var/log/onlyoffice + - /mnt/repo-base/volumes/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data + - /mnt/repo-base/volumes/onlyoffice/DocumentServer/logs:/var/log/onlyoffice onlyoffice-mail-server: image: onlyoffice/mailserver:latest container_name: onlyoffice-mail-server @@ -22,10 +22,10 @@ # - 143:143 # - 587:587 volumes: - - /mnt/docker/onlyoffice/MailServer/data:/var/vmail - - /mnt/docker/onlyoffice/MailServer/data/certs:/etc/pki/tls/mailserver - - /mnt/docker/onlyoffice/MailServer/logs:/var/log - - /mnt/docker/onlyoffice/MailServer/mysql:/var/lib/mysql + - /mnt/repo-base/volumes/onlyoffice/MailServer/data:/var/vmail + - /mnt/repo-base/volumes/onlyoffice/MailServer/data/certs:/etc/pki/tls/mailserver + - /mnt/repo-base/volumes/onlyoffice/MailServer/logs:/var/log + - /mnt/repo-base/volumes/onlyoffice/MailServer/mysql:/var/lib/mysql onlyoffice-community-server: image: onlyoffice/communityserver:latest container_name: onlyoffice-community-server @@ -38,10 +38,10 @@ - DOCUMENT_SERVER_PORT_80_TCP_ADDR=onlyoffice-document-server - MAIL_SERVER_DB_HOST=onlyoffice-mail-server volumes: - - /mnt/docker/onlyoffice/CommunityServer/data:/var/www/onlyoffice/Data - - /mnt/docker/onlyoffice/CommunityServer/mysql:/var/lib/mysql - - /mnt/docker/onlyoffice/CommunityServer/logs:/var/log/onlyoffice - - /mnt/docker/onlyoffice/DocumentServer/data:/var/www/onlyoffice/DocumentServerData + - /mnt/repo-base/volumes/onlyoffice/CommunityServer/data:/var/www/onlyoffice/Data + - /mnt/repo-base/volumes/onlyoffice/CommunityServer/mysql:/var/lib/mysql + - /mnt/repo-base/volumes/onlyoffice/CommunityServer/logs:/var/log/onlyoffice + - /mnt/repo-base/volumes/onlyoffice/DocumentServer/data:/var/www/onlyoffice/DocumentServerData depends_on: - onlyoffice-documentserver - onlyoffice-mail-server diff --git a/docker-compose_legacy.yml b/templates/docker-compose/docker-compose_legacy.yml similarity index 100% rename from docker-compose_legacy.yml rename to templates/docker-compose/docker-compose_legacy.yml diff --git a/deployment/ncdb-templates/a_user.sql b/templates/nextcloud/a_user.sql similarity index 100% rename from deployment/ncdb-templates/a_user.sql rename to templates/nextcloud/a_user.sql diff --git a/deployment/ncdb-templates/b_db.sql b/templates/nextcloud/b_db.sql similarity index 100% rename from deployment/ncdb-templates/b_db.sql rename to templates/nextcloud/b_db.sql diff --git a/deployment/ncdb-templates/c_grant.sql b/templates/nextcloud/c_grant.sql similarity index 100% rename from deployment/ncdb-templates/c_grant.sql rename to templates/nextcloud/c_grant.sql diff --git a/deployment/nc-plugin-config/user_sql_raw_config.conf b/templates/nextcloud/user_sql_raw_config.conf similarity index 100% rename from deployment/nc-plugin-config/user_sql_raw_config.conf rename to templates/nextcloud/user_sql_raw_config.conf diff --git a/nginx/templates/autoconfig b/templates/nginx/autoconfig similarity index 100% rename from nginx/templates/autoconfig rename to templates/nginx/autoconfig diff --git a/nginx/templates/dba b/templates/nginx/dba similarity index 100% rename from nginx/templates/dba rename to templates/nginx/dba diff --git a/nginx/templates/drive b/templates/nginx/drive similarity index 100% rename from nginx/templates/drive rename to templates/nginx/drive diff --git a/nginx/templates/mail b/templates/nginx/mail similarity index 100% rename from nginx/templates/mail rename to templates/nginx/mail diff --git a/nginx/templates/office b/templates/nginx/office similarity index 100% rename from nginx/templates/office rename to templates/nginx/office diff --git a/nginx/templates/spam b/templates/nginx/spam similarity index 100% rename from nginx/templates/spam rename to templates/nginx/spam diff --git a/nginx/templates/webmail b/templates/nginx/webmail similarity index 100% rename from nginx/templates/webmail rename to templates/nginx/webmail diff --git a/nginx/templates/welcome b/templates/nginx/welcome similarity index 100% rename from nginx/templates/welcome rename to templates/nginx/welcome diff --git a/volumes/.keep b/volumes/.keep new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391