From afd793fddc4169ed1edcec26de5b6257065d2b06 Mon Sep 17 00:00:00 2001 From: diroots Date: Tue, 9 Jan 2024 09:41:18 +0100 Subject: [PATCH 1/4] replace automx with autodiscover --- config/automx/.keep | 0 scripts/init-repo.sh | 11 ++-- templates/automx/automx.conf | 56 ------------------- templates/docker-compose/docker-compose.yml | 27 ++++----- templates/nginx/sites-enabled/autoconfig.conf | 2 +- 5 files changed, 22 insertions(+), 74 deletions(-) delete mode 100644 config/automx/.keep delete mode 100644 templates/automx/automx.conf diff --git a/config/automx/.keep b/config/automx/.keep deleted file mode 100644 index e69de29..0000000 diff --git a/scripts/init-repo.sh b/scripts/init-repo.sh index f7005c9..e21460a 100755 --- a/scripts/init-repo.sh +++ b/scripts/init-repo.sh @@ -78,9 +78,12 @@ echo "$DOMAIN,$VIRTUAL_HOST,mail.$DOMAIN,spam.$DOMAIN,welcome.$DOMAIN" | tr "," :; done -# Configure automx -cat templates/automx/automx.conf | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "config/automx/automx.conf" -chown www-data:www-data "config/automx/automx.conf" +# Configure autodiscover +#Generate 2 random UUIDs +UUID1=$(cat /proc/sys/kernel/random/uuid) +UUID2=$(cat /proc/sys/kernel/random/uuid) +echo "AUTODISCOVER_AM_UUID=$UUID1" >> "$ENVFILE" +echo "AUTODISCOVER_AP_UUID=$UUID2" >> "$ENVFILE" # Configure rspamd whitelist cat templates/mail/rspamd/ecloud/whitelist.sender.domain.map | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "config/mail/rspamd/ecloud/whitelist.sender.domain.map" @@ -91,7 +94,7 @@ chown -R 107:109 "config/mail/rspamd/ecloud/" # Configure nginx vhost -# automx +# autodiscover echo "$DOMAIN,$ADD_DOMAINS" | tr "," "\n" | while read CURDOMAIN; do cat "templates/nginx/sites-enabled/autoconfig.conf" | sed "s/@@@DOMAIN@@@/$CURDOMAIN/g" | sed "s/@@@SERVICE@@@/autoconfig/g" > "config/nginx/sites-enabled/autoconfig.$CURDOMAIN.conf" cat "templates/nginx/sites-enabled/autoconfig.conf" | sed "s/@@@DOMAIN@@@/$CURDOMAIN/g" | sed "s/@@@SERVICE@@@/autodiscover/g" > "config/nginx/sites-enabled/autodiscover.$CURDOMAIN.conf" diff --git a/templates/automx/automx.conf b/templates/automx/automx.conf deleted file mode 100644 index 8c69952..0000000 --- a/templates/automx/automx.conf +++ /dev/null @@ -1,56 +0,0 @@ -# file: /etc/automx.conf - -[automx] -provider = @@@DOMAIN@@@ -domains = * - -#debug = yes -#logfile = /var/log/automx/automx.log - -# Protect against DoS -#memcache = 127.0.0.1:11211 -#memcache_ttl = 600 -#client_error_limit = 20 -#rate_limit_exception_networks = 127.0.0.0/8, ::1/128 - -# The DEFAULT section is always merged into each other section. Each section -# can overwrite settings done here. -[DEFAULT] -account_type = email -account_name = %s -account_name_short = %s - - -# If a domain is listed in the automx section, it may have its own section. If -# none is found here, the global section is used. -[global] -backend = static -action = settings - - -# If you want to sign mobileconfig profiles, enable these options. Make sure -# that your webserver has proper privileges to read the key. The cert file -# must contain the server certificate and all intermediate certificates. You -# can simply concatenate these certificates. -#sign_mobileconfig = yes -#sign_cert = /certs/autodiscover.eelo.io.crt -#sign_key = /certs/autodiscover.eelo.io.key - -smtp = yes -smtp_server = mail.@@@DOMAIN@@@ -smtp_port = 587 -smtp_encryption = starttls -smtp_auth = plaintext -smtp_auth_identity = %s -smtp_refresh_ttl = 6 -smtp_default = yes - -imap = yes -imap_server = mail.@@@DOMAIN@@@ -imap_port = 993 -imap_encryption = ssl -imap_auth = plaintext -imap_auth_identity = %s -imap_refresh_ttl = 6 - -pop = no diff --git a/templates/docker-compose/docker-compose.yml b/templates/docker-compose/docker-compose.yml index 5777849..e096e8b 100644 --- a/templates/docker-compose/docker-compose.yml +++ b/templates/docker-compose/docker-compose.yml @@ -153,19 +153,20 @@ services: - mariadb - redis - automx: - image: registry.gitlab.e.foundation/e/infra/docker-mailstack:automx-0.1.0 - container_name: automx - hostname: automx + mail-autodiscover-autoconfig: + image: wdes/mail-autodiscover-autoconfig:latest + name: mail-autodiscover-autoconfig + mem_limit: 120M + mem_reservation: 50M + restart: on-failure:40 environment: - - VIRTUAL_HOST=${VIRTUAL_HOST} - - DOMAIN=${DOMAIN} - - HOSTNAME=automx - restart: always - networks: - - default - volumes: - - /mnt/repo-base/config/automx/automx.conf:/etc/automx.conf + ROCKET_PROFILE: production + ROCKET_ADDRESS: "0.0.0.0" + ROCKET_PORT: "80" + APPLE_MAIL_UUID: ${AUTODISCOVER_AM_UUID} + APPLE_PROFILE_UUID: ${AUTODISCOVER_AP_UUID} + IMAP_HOSTNAME: ${SMTP_HOST} + SMTP_HOSTNAME: ${SMTP_HOST} nginx: image: nginx:stable-alpine @@ -185,7 +186,7 @@ services: - /mnt/repo-base/volumes/nextcloud/html:/var/www/html depends_on: - nextcloud - - automx + - mail-autodiscover-autoconfig - postfixadmin - welcome - mailserver diff --git a/templates/nginx/sites-enabled/autoconfig.conf b/templates/nginx/sites-enabled/autoconfig.conf index 9be5652..a590f52 100644 --- a/templates/nginx/sites-enabled/autoconfig.conf +++ b/templates/nginx/sites-enabled/autoconfig.conf @@ -26,7 +26,7 @@ server { #auth_basic_user_file /passwds/.htpasswd; location / { - proxy_pass http://automx:80; + proxy_pass http://mail-autodiscover-autoconfig:80; include /etc/nginx/params/proxy_params; } } -- GitLab From 6f707c9e0b20a9d6cddbc7b3ecbdb762de513dda Mon Sep 17 00:00:00 2001 From: diroots Date: Tue, 9 Jan 2024 10:02:53 +0100 Subject: [PATCH 2/4] autodiscover fixes --- templates/docker-compose/docker-compose.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/templates/docker-compose/docker-compose.yml b/templates/docker-compose/docker-compose.yml index e096e8b..1256077 100644 --- a/templates/docker-compose/docker-compose.yml +++ b/templates/docker-compose/docker-compose.yml @@ -155,10 +155,8 @@ services: mail-autodiscover-autoconfig: image: wdes/mail-autodiscover-autoconfig:latest - name: mail-autodiscover-autoconfig - mem_limit: 120M - mem_reservation: 50M - restart: on-failure:40 + container_name: mail-autodiscover-autoconfig + restart: always environment: ROCKET_PROFILE: production ROCKET_ADDRESS: "0.0.0.0" -- GitLab From 3b3e24f02fa6f95bbce9011eb30a2c21192cbf10 Mon Sep 17 00:00:00 2001 From: Sylvain Manceau Date: Wed, 10 Jan 2024 10:58:36 +0000 Subject: [PATCH 3/4] Add mandatorry POP_HOSTNAME and 465/TCP for SMTP --- templates/docker-compose/docker-compose.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/templates/docker-compose/docker-compose.yml b/templates/docker-compose/docker-compose.yml index 1256077..d846234 100644 --- a/templates/docker-compose/docker-compose.yml +++ b/templates/docker-compose/docker-compose.yml @@ -13,7 +13,7 @@ services: - "25:25" # SMTP - Required - "110:110" # POP3 STARTTLS - Optional - For webmails/desktop clients - "143:143" # IMAP STARTTLS - Optional - For webmails/desktop clients - # - "465:465" # SMTPS SSL/TLS - Optional - Enabled for compatibility reason, otherwise disabled + - "465:465" # SMTPS SSL/TLS - Optional - Enabled for compatibility reason, otherwise disabled - "587:587" # Submission STARTTLS - Optional - For webmails/desktop clients - "993:993" # IMAPS SSL/TLS - Optional - For webmails/desktop clients - "995:995" # POP3S SSL/TLS - Optional - For webmails/desktop clients @@ -157,6 +157,8 @@ services: image: wdes/mail-autodiscover-autoconfig:latest container_name: mail-autodiscover-autoconfig restart: always + networks: + - default environment: ROCKET_PROFILE: production ROCKET_ADDRESS: "0.0.0.0" @@ -164,6 +166,7 @@ services: APPLE_MAIL_UUID: ${AUTODISCOVER_AM_UUID} APPLE_PROFILE_UUID: ${AUTODISCOVER_AP_UUID} IMAP_HOSTNAME: ${SMTP_HOST} + POP_HOSTNAME: ${SMTP_HOST} SMTP_HOSTNAME: ${SMTP_HOST} nginx: -- GitLab From 5d7564255481c7a4318185a138e444e5eeba400c Mon Sep 17 00:00:00 2001 From: diroots Date: Thu, 11 Jan 2024 13:49:19 +0100 Subject: [PATCH 4/4] changed templates for autodiscover from @smu44 --- .../xml/autodiscover-error.xml.tera | 10 +++ .../xml/autodiscover-mobilesync.xml.tera | 19 +++++ config/autodiscover/xml/autodiscover.xml.tera | 32 ++++++++ config/autodiscover/xml/config-v1.1.xml.tera | 33 ++++++++ .../autodiscover/xml/email_mobileconfig.tera | 77 +++++++++++++++++++ templates/docker-compose/docker-compose.yml | 4 +- 6 files changed, 174 insertions(+), 1 deletion(-) create mode 100644 config/autodiscover/xml/autodiscover-error.xml.tera create mode 100644 config/autodiscover/xml/autodiscover-mobilesync.xml.tera create mode 100644 config/autodiscover/xml/autodiscover.xml.tera create mode 100644 config/autodiscover/xml/config-v1.1.xml.tera create mode 100644 config/autodiscover/xml/email_mobileconfig.tera diff --git a/config/autodiscover/xml/autodiscover-error.xml.tera b/config/autodiscover/xml/autodiscover-error.xml.tera new file mode 100644 index 0000000..c72a8b7 --- /dev/null +++ b/config/autodiscover/xml/autodiscover-error.xml.tera @@ -0,0 +1,10 @@ + + + + + 601 + Provider is not available + + + + diff --git a/config/autodiscover/xml/autodiscover-mobilesync.xml.tera b/config/autodiscover/xml/autodiscover-mobilesync.xml.tera new file mode 100644 index 0000000..2578513 --- /dev/null +++ b/config/autodiscover/xml/autodiscover-mobilesync.xml.tera @@ -0,0 +1,19 @@ + + + + en:en + + {{ display_name }} + {{ email_address }} + + + + + MobileSync + https://example.org/TODOmobilesyncURL + TODO: Mobile sync name + + + + + diff --git a/config/autodiscover/xml/autodiscover.xml.tera b/config/autodiscover/xml/autodiscover.xml.tera new file mode 100644 index 0000000..a865d5d --- /dev/null +++ b/config/autodiscover/xml/autodiscover.xml.tera @@ -0,0 +1,32 @@ + + + + + email + settings + + + IMAP + {{ imap_hostname }} + 993 + on + {{ domain }} + off + on + on + + + + SMTP + {{ smtp_hostname }} + 587 + on + {{ domain }} + off + on + on + + + + + diff --git a/config/autodiscover/xml/config-v1.1.xml.tera b/config/autodiscover/xml/config-v1.1.xml.tera new file mode 100644 index 0000000..654db27 --- /dev/null +++ b/config/autodiscover/xml/config-v1.1.xml.tera @@ -0,0 +1,33 @@ + + + + + {{ domain }} + {{ display_name }} + %EMAILLOCALPART% + + + {{ imap_hostname }} + 993 + SSL + password-cleartext + %EMAILADDRESS% + + + {{ imap_hostname }} + 143 + STARTTLS + password-cleartext + %EMAILADDRESS% + + + + {{ smtp_hostname }} + 587 + STARTTLS + password-cleartext + %EMAILADDRESS% + + + + diff --git a/config/autodiscover/xml/email_mobileconfig.tera b/config/autodiscover/xml/email_mobileconfig.tera new file mode 100644 index 0000000..038d76c --- /dev/null +++ b/config/autodiscover/xml/email_mobileconfig.tera @@ -0,0 +1,77 @@ + + + + + PayloadContent + + + EmailAccountDescription + {{ display_name }} + EmailAccountName + {{ display_name }} + EmailAccountType + EmailTypeIMAP + EmailAddress + {{ email_address }} + IncomingMailServerAuthentication + EmailAuthPassword + IncomingMailServerHostName + {{ imap_hostname }} + IncomingMailServerPortNumber + 993 + IncomingMailServerUseSSL + + IncomingMailServerUsername + {{ username }} + OutgoingMailServerAuthentication + EmailAuthPassword + OutgoingMailServerHostName + {{ smtp_hostname }} + OutgoingMailServerPortNumber + 587 + OutgoingMailServerUseSSL + + OutgoingMailServerUsername + {{ username }} + OutgoingPasswordSameAsIncomingPassword + + PayloadDescription + Email account configuration for {{ email_address }} + PayloadDisplayName + {{ display_name }} + PayloadIdentifier + {{ domain }}.autoconfig.{{ profile_uuid }} + PayloadType + com.apple.mail.managed + PayloadUUID + {{ profile_uuid }} + PayloadVersion + 1 + SMIMEEnablePerMessageSwitch + + SMIMEEnabled + + SMIMESigningEnabled + + disableMailRecentsSyncing + + + + PayloadDescription + Email account configuration for {{ email_address }} + PayloadDisplayName + {{ display_name }} + PayloadIdentifier + {{ domain }}.autoconfig.{{ mail_uuid }} + PayloadOrganization + {{ domain }} + PayloadRemovalDisallowed + + PayloadType + Configuration + PayloadUUID + {{ mail_uuid }} + PayloadVersion + 1 + + diff --git a/templates/docker-compose/docker-compose.yml b/templates/docker-compose/docker-compose.yml index d846234..d284fdf 100644 --- a/templates/docker-compose/docker-compose.yml +++ b/templates/docker-compose/docker-compose.yml @@ -13,7 +13,7 @@ services: - "25:25" # SMTP - Required - "110:110" # POP3 STARTTLS - Optional - For webmails/desktop clients - "143:143" # IMAP STARTTLS - Optional - For webmails/desktop clients - - "465:465" # SMTPS SSL/TLS - Optional - Enabled for compatibility reason, otherwise disabled + # - "465:465" # SMTPS SSL/TLS - Optional - Enabled for compatibility reason, otherwise disabled - "587:587" # Submission STARTTLS - Optional - For webmails/desktop clients - "993:993" # IMAPS SSL/TLS - Optional - For webmails/desktop clients - "995:995" # POP3S SSL/TLS - Optional - For webmails/desktop clients @@ -168,6 +168,8 @@ services: IMAP_HOSTNAME: ${SMTP_HOST} POP_HOSTNAME: ${SMTP_HOST} SMTP_HOSTNAME: ${SMTP_HOST} + volumes: + - /mnt/repo-base/config/autodiscover/xml:/usr/lib/mail-autodiscover-autoconfig/templates/xml nginx: image: nginx:stable-alpine -- GitLab