git subrepo commit (merge) mailcow/src/mailcow-dockerized
subrepo: subdir: "mailcow/src/mailcow-dockerized"
merged: "c7b1dc37"
upstream: origin: "https://github.com/mailcow/mailcow-dockerized.git"
branch: "master"
commit: "a366494c"
git-subrepo: version: "0.4.6"
origin: "???"
commit: "???"
Change-Id: Id574ecd4e02e3c4fbf8a1efd49be11c0b6d19a3f
diff --git a/mailcow/src/mailcow-dockerized/generate_config.sh b/mailcow/src/mailcow-dockerized/generate_config.sh
index 70dc588..4780e79 100755
--- a/mailcow/src/mailcow-dockerized/generate_config.sh
+++ b/mailcow/src/mailcow-dockerized/generate_config.sh
@@ -21,7 +21,7 @@
if cp --help 2>&1 | head -n 1 | grep -q -i "busybox"; then echo "BusyBox cp detected, please install coreutils, \"apk add --no-cache --upgrade coreutils\""; exit 1; fi
if sed --help 2>&1 | head -n 1 | grep -q -i "busybox"; then echo "BusyBox sed detected, please install gnu sed, \"apk add --no-cache --upgrade sed\""; exit 1; fi
-for bin in openssl curl docker git awk sha1sum; do
+for bin in openssl curl docker git awk sha1sum grep cut; do
if [[ -z $(which ${bin}) ]]; then echo "Cannot find ${bin}, exiting..."; exit 1; fi
done
@@ -34,7 +34,7 @@
echo -e "\e[33mNotice: You´ll have to update this Compose Version via your Package Manager manually!\e[0m"
else
echo -e "\e[31mCannot find Docker Compose with a Version Higher than 2.X.X.\e[0m"
- echo -e "\e[31mPlease update/install it manually regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/\e[0m"
+ echo -e "\e[31mPlease update/install it manually regarding to this doc site: https://docs.mailcow.email/i_u_m/i_u_m_install/\e[0m"
exit 1
fi
elif docker-compose > /dev/null 2>&1; then
@@ -47,7 +47,7 @@
echo -e "\e[33mNotice: For an automatic update of docker-compose please use the update_compose.sh scripts located at the helper-scripts folder.\e[0m"
else
echo -e "\e[31mCannot find Docker Compose with a Version Higher than 2.X.X.\e[0m"
- echo -e "\e[31mPlease update/install manually regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/\e[0m"
+ echo -e "\e[31mPlease update/install manually regarding to this doc site: https://docs.mailcow.email/i_u_m/i_u_m_install/\e[0m"
exit 1
fi
fi
@@ -55,9 +55,49 @@
else
echo -e "\e[31mCannot find Docker Compose.\e[0m"
echo -e "\e[31mPlease install it regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/\e[0m"
+ exit 1
+ fi
+ fi
+
+else
+ echo -e "\e[31mCannot find Docker Compose.\e[0m"
+ echo -e "\e[31mPlease install it regarding to this doc site: https://docs.mailcow.email/i_u_m/i_u_m_install/\e[0m"
exit 1
fi
-
+
+detect_bad_asn() {
+ echo -e "\e[33mDetecting if your IP is listed on Spamhaus Bad ASN List...\e[0m"
+ response=$(curl --connect-timeout 15 --max-time 30 -s -o /dev/null -w "%{http_code}" "https://asn-check.mailcow.email")
+ if [ "$response" -eq 503 ]; then
+ if [ -z "$SPAMHAUS_DQS_KEY" ]; then
+ echo -e "\e[33mYour server's public IP uses an AS that is blocked by Spamhaus to use their DNS public blocklists for Postfix.\e[0m"
+ echo -e "\e[33mmailcow did not detected a value for the variable SPAMHAUS_DQS_KEY inside mailcow.conf!\e[0m"
+ sleep 2
+ echo ""
+ echo -e "\e[33mTo use the Spamhaus DNS Blocklists again, you will need to create a FREE account for their Data Query Service (DQS) at: https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account\e[0m"
+ echo -e "\e[33mOnce done, enter your DQS API key in mailcow.conf and mailcow will do the rest for you!\e[0m"
+ echo ""
+ sleep 2
+
+ else
+ echo -e "\e[33mYour server's public IP uses an AS that is blocked by Spamhaus to use their DNS public blocklists for Postfix.\e[0m"
+ echo -e "\e[32mmailcow detected a Value for the variable SPAMHAUS_DQS_KEY inside mailcow.conf. Postfix will use DQS with the given API key...\e[0m"
+ fi
+ elif [ "$response" -eq 200 ]; then
+ echo -e "\e[33mCheck completed! Your IP is \e[32mclean\e[0m"
+ elif [ "$response" -eq 429 ]; then
+ echo -e "\e[33mCheck completed! \e[31mYour IP seems to be rate limited on the ASN Check service... please try again later!\e[0m"
+ else
+ echo -e "\e[31mCheck failed! \e[0mMaybe a DNS or Network problem?\e[0m"
+ fi
+}
+
+### If generate_config.sh is started with --dev or -d it will not check out nightly or master branch and will keep on the current branch
+if [[ ${1} == "--dev" || ${1} == "-d" ]]; then
+ SKIP_BRANCH=y
+else
+ SKIP_BRANCH=n
+fi
if [ -f mailcow.conf ]; then
read -r -p "A config file exists and will be overwritten, are you sure you want to continue? [y/N] " response
@@ -76,9 +116,24 @@
while [ -z "${MAILCOW_HOSTNAME}" ]; do
read -p "Mail server hostname (FQDN) - this is not your mail domain, but your mail servers hostname: " -e MAILCOW_HOSTNAME
DOTS=${MAILCOW_HOSTNAME//[^.]};
- if [ ${#DOTS} -lt 2 ] && [ ! -z ${MAILCOW_HOSTNAME} ]; then
- echo "${MAILCOW_HOSTNAME} is not a FQDN"
- MAILCOW_HOSTNAME=
+ if [ ${#DOTS} -lt 1 ]; then
+ echo -e "\e[31mMAILCOW_HOSTNAME (${MAILCOW_HOSTNAME}) is not a FQDN!\e[0m"
+ sleep 1
+ echo "Please change it to a FQDN and redeploy the stack with docker(-)compose up -d"
+ exit 1
+ elif [[ "${MAILCOW_HOSTNAME: -1}" == "." ]]; then
+ echo "MAILCOW_HOSTNAME (${MAILCOW_HOSTNAME}) is ending with a dot. This is not a valid FQDN!"
+ exit 1
+ elif [ ${#DOTS} -eq 1 ]; then
+ echo -e "\e[33mMAILCOW_HOSTNAME (${MAILCOW_HOSTNAME}) does not contain a Subdomain. This is not fully tested and may cause issues.\e[0m"
+ echo "Find more information about why this message exists here: https://github.com/mailcow/mailcow-dockerized/issues/1572"
+ read -r -p "Do you want to proceed anyway? [y/N] " response
+ if [[ "$response" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
+ echo "OK. Procceding."
+ else
+ echo "OK. Exiting."
+ exit 1
+ fi
fi
done
@@ -135,32 +190,44 @@
SKIP_SOLR=n
fi
-echo "Which branch of mailcow do you want to use?"
-echo ""
-echo "Available Branches:"
-echo "- master branch (stable updates) | default, recommended [1]"
-echo "- nightly branch (unstable updates, testing) | not-production ready [2]"
-sleep 1
+if [[ ${SKIP_BRANCH} != y ]]; then
+ echo "Which branch of mailcow do you want to use?"
+ echo ""
+ echo "Available Branches:"
+ echo "- master branch (stable updates) | default, recommended [1]"
+ echo "- nightly branch (unstable updates, testing) | not-production ready [2]"
+ sleep 1
-while [ -z "${MAILCOW_BRANCH}" ]; do
- read -r -p "Choose the Branch with it´s number [1/2] " branch
- case $branch in
- [2])
- MAILCOW_BRANCH="nightly"
+ while [ -z "${MAILCOW_BRANCH}" ]; do
+ read -r -p "Choose the Branch with it´s number [1/2] " branch
+ case $branch in
+ [2])
+ MAILCOW_BRANCH="nightly"
+ ;;
+ *)
+ MAILCOW_BRANCH="master"
;;
- *)
- MAILCOW_BRANCH="master"
- ;;
- esac
-done
+ esac
+ done
+
+ git fetch --all
+ git checkout -f $MAILCOW_BRANCH
+
+elif [[ ${SKIP_BRANCH} == y ]]; then
+ echo -e "\033[33mEnabled Dev Mode.\033[0m"
+ echo -e "\033[33mNot checking out a different branch!\033[0m"
+ MAILCOW_BRANCH=$(git rev-parse --short $(git rev-parse @{upstream}))
+
+else
+ echo -e "\033[31mCould not determine branch input..."
+ echo -e "\033[31mExiting."
+ exit 1
+fi
if [ ! -z "${MAILCOW_BRANCH}" ]; then
git_branch=${MAILCOW_BRANCH}
fi
-git fetch --all
-git checkout -f $git_branch
-
[ ! -f ./data/conf/rspamd/override.d/worker-controller-password.inc ] && echo '# Placeholder' > ./data/conf/rspamd/override.d/worker-controller-password.inc
cat << EOF > mailcow.conf
@@ -175,7 +242,7 @@
# Password hash algorithm
# Only certain password hash algorithm are supported. For a fully list of supported schemes,
-# see https://mailcow.github.io/mailcow-dockerized-docs/models/model-passwd/
+# see https://docs.mailcow.email/models/model-passwd/
MAILCOW_PASS_SCHEME=BLF-CRYPT
# ------------------------------
@@ -187,8 +254,8 @@
# Please use long, random alphanumeric strings (A-Za-z0-9)
-DBPASS=$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 | head -c 28)
-DBROOT=$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 | head -c 28)
+DBPASS=$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 2> /dev/null | head -c 28)
+DBROOT=$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 2> /dev/null | head -c 28)
# ------------------------------
# HTTP/S Bindings
@@ -201,7 +268,7 @@
# IMPORTANT: Do not use port 8081, 9081 or 65510!
# Example: HTTP_BIND=1.2.3.4
# For IPv4 leave it as it is: HTTP_BIND= & HTTPS_PORT=
-# For IPv6 see https://mailcow.github.io/mailcow-dockerized-docs/post_installation/firststeps-ip_bindings/
+# For IPv6 see https://docs.mailcow.email/post_installation/firststeps-ip_bindings/
HTTP_PORT=80
HTTP_BIND=
@@ -230,7 +297,7 @@
# Your timezone
# See https://en.wikipedia.org/wiki/List_of_tz_database_time_zones for a list of timezones
-# Use the row named 'TZ database name' + pay attention for 'Notes' row
+# Use the column named 'TZ identifier' + pay attention for the column named 'Notes'
TZ=${MAILCOW_TZ}
@@ -243,7 +310,7 @@
# Switch here between native (compose plugin) and standalone
# For more informations take a look at the mailcow docs regarding the configuration options.
# Normally this should be untouched but if you decided to use either of those you can switch it manually here.
-# Please be aware that at least one of those variants should be installed on your maschine or mailcow will fail.
+# Please be aware that at least one of those variants should be installed on your machine or mailcow will fail.
DOCKER_COMPOSE_VERSION=${COMPOSE_VERSION}
@@ -292,7 +359,7 @@
# Create seperate certificates for all domains - y/n
# this will allow adding more than 100 domains, but some email clients will not be able to connect with alternative hostnames
-# see https://wiki.dovecot.org/SSL/SNIClientSupport
+# see https://doc.dovecot.org/admin_manual/ssl/sni_support
ENABLE_SSL_SNI=n
# Skip IPv4 check in ACME container - y/n
@@ -405,7 +472,7 @@
# Optional: Leave empty for none
# This value is only used on first order!
# Setting it at a later point will require the following steps:
-# https://mailcow.github.io/mailcow-dockerized-docs/troubleshooting/debug-reset_tls/
+# https://docs.mailcow.email/troubleshooting/debug-reset_tls/
ACME_CONTACT=
# WebAuthn device manufacturer verification
@@ -413,6 +480,13 @@
# root certificates can be placed for validation under mailcow-dockerized/data/web/inc/lib/WebAuthn/rootCertificates
WEBAUTHN_ONLY_TRUSTED_VENDORS=n
+# Spamhaus Data Query Service Key
+# Optional: Leave empty for none
+# Enter your key here if you are using a blocked ASN (OVH, AWS, Cloudflare e.g) for the unregistered Spamhaus Blocklist.
+# If empty, it will completely disable Spamhaus blocklists if it detects that you are running on a server using a blocked AS.
+# Otherwise it will work normally.
+SPAMHAUS_DQS_KEY=
+
EOF
mkdir -p data/assets/ssl
@@ -427,18 +501,37 @@
cp -n -d data/assets/ssl-example/*.pem data/assets/ssl/
# Set app_info.inc.php
-if [ ${git_branch} == "master" ]; then
- mailcow_git_version=$(git describe --tags `git rev-list --tags --max-count=1`)
-elif [ ${git_branch} == "nightly" ]; then
- mailcow_git_version=$(git rev-parse --short $(git rev-parse @{upstream}))
- mailcow_last_git_version=""
-else
- mailcow_git_version=$(git rev-parse --short HEAD)
- mailcow_last_git_version=""
-fi
+case ${git_branch} in
+ master)
+ mailcow_git_version=$(git describe --tags `git rev-list --tags --max-count=1`)
+ ;;
+ nightly)
+ mailcow_git_version=$(git rev-parse --short $(git rev-parse @{upstream}))
+ mailcow_last_git_version=""
+ ;;
+ *)
+ mailcow_git_version=$(git rev-parse --short HEAD)
+ mailcow_last_git_version=""
+ ;;
+esac
+# if [ ${git_branch} == "master" ]; then
+# mailcow_git_version=$(git describe --tags `git rev-list --tags --max-count=1`)
+# elif [ ${git_branch} == "nightly" ]; then
+# mailcow_git_version=$(git rev-parse --short $(git rev-parse @{upstream}))
+# mailcow_last_git_version=""
+# else
+# mailcow_git_version=$(git rev-parse --short HEAD)
+# mailcow_last_git_version=""
+# fi
+if [[ $SKIP_BRANCH != "y" ]]; then
mailcow_git_commit=$(git rev-parse origin/${git_branch})
mailcow_git_commit_date=$(git log -1 --format=%ci @{upstream} )
+else
+mailcow_git_commit=$(git rev-parse ${git_branch})
+mailcow_git_commit_date=$(git log -1 --format=%ci @{upstream} )
+git_branch=$(git rev-parse --abbrev-ref HEAD)
+fi
if [ $? -eq 0 ]; then
echo '<?php' > data/web/inc/app_info.inc.php
@@ -466,3 +559,5 @@
echo '?>' >> data/web/inc/app_info.inc.php
echo -e "\e[33mCannot determine current git repository version...\e[0m"
fi
+
+detect_bad_asn
\ No newline at end of file