Gitiles
Code Review Sign In
gerrit.benkard.de / kubeia / 1ba5381a59770700b02f1f1023d2b2dca73c5e8d / . / mailcow / src / mailcow-dockerized / data / web / inc / vars.inc.php
blob: 4f09d5f9aed0cdca1bd407fc78e6ed2ef7763878 [file] [log] [blame]
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]1<?php
2error_reporting(E_ERROR);
3//error_reporting(E_ALL);
4
5/*
6PLEASE USE THE FILE "vars.local.inc.php" TO OVERWRITE SETTINGS AND MAKE THEM PERSISTENT!
7This file will be reset on upgrades.
8*/
9
10// SQL database connection variables
11$database_type = 'mysql';
12$database_sock = '/var/run/mysqld/mysqld.sock';
13$database_host = 'mysql';
14$database_user = getenv('DBUSER');
15$database_pass = getenv('DBPASS');
16$database_name = getenv('DBNAME');
17
18// Other variables
19$mailcow_hostname = getenv('MAILCOW_HOSTNAME');
20$default_pass_scheme = getenv('MAILCOW_PASS_SCHEME');
21
22// Autodiscover settings
23// ===
24// Auto-detect HTTPS port =>
25$https_port = strpos($_SERVER['HTTP_HOST'], ':');
26if ($https_port === FALSE) {
27 $https_port = 443;
28} else {
29 $https_port = substr($_SERVER['HTTP_HOST'], $https_port+1);
30}
31
32// Alternatively select port here =>
33//$https_port = 1234;
34// Other settings =>
35$autodiscover_config = array(
36 // General autodiscover service type: "activesync" or "imap"
37 // emClient uses autodiscover, but does not support ActiveSync. mailcow excludes emClient from ActiveSync.
38 // With SOGo disabled, the type will always fallback to imap. CalDAV and CardDAV will be excluded, too.
39 'autodiscoverType' => 'activesync',
40 // If autodiscoverType => activesync, also use ActiveSync (EAS) for Outlook desktop clients (>= Outlook 2013 on Windows)
41 // Outlook for Mac does not support ActiveSync
42 'useEASforOutlook' => 'no',
43 // Please don't use STARTTLS-enabled service ports in the "port" variable.
44 // The autodiscover service will always point to SMTPS and IMAPS (TLS-wrapped services).
45 // The autoconfig service will additionally announce the STARTTLS-enabled ports, specified in the "tlsport" variable.
46 'imap' => array(
47 'server' => $mailcow_hostname,
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]48 'port' => (int)filter_var(substr(getenv('IMAPS_PORT'), strrpos(getenv('IMAPS_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT),
49 'tlsport' => (int)filter_var(substr(getenv('IMAP_PORT'), strrpos(getenv('IMAP_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT)
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]50 ),
51 'pop3' => array(
52 'server' => $mailcow_hostname,
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]53 'port' => (int)filter_var(substr(getenv('POPS_PORT'), strrpos(getenv('POPS_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT),
54 'tlsport' => (int)filter_var(substr(getenv('POP_PORT'), strrpos(getenv('POP_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT)
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]55 ),
56 'smtp' => array(
57 'server' => $mailcow_hostname,
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]58 'port' => (int)filter_var(substr(getenv('SMTPS_PORT'), strrpos(getenv('SMTPS_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT),
59 'tlsport' => (int)filter_var(substr(getenv('SUBMISSION_PORT'), strrpos(getenv('SUBMISSION_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT)
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]60 ),
61 'activesync' => array(
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]62 'url' => 'https://' . $mailcow_hostname . ($https_port == 443 ? '' : ':' . $https_port) . '/Microsoft-Server-ActiveSync',
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]63 ),
64 'caldav' => array(
65 'server' => $mailcow_hostname,
66 'port' => $https_port,
67 ),
68 'carddav' => array(
69 'server' => $mailcow_hostname,
70 'port' => $https_port,
71 ),
72);
73
74// If false, we will use DEFAULT_LANG
75// Uses HTTP_ACCEPT_LANGUAGE header
76$DETECT_LANGUAGE = true;
77
78// Change default language
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame^]79$DEFAULT_LANG = 'en-gb';
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]80
81// Available languages
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]82// https://www.iso.org/obp/ui/#search
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame^]83// https://en.wikipedia.org/wiki/IETF_language_tag
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]84$AVAILABLE_LANGUAGES = array(
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame^]85 // 'ca-es' => 'Català (Catalan)',
86 'cs-cz' => 'Čeština (Czech)',
87 'da-dk' => 'Danish (Dansk)',
88 'de-de' => 'Deutsch (German)',
89 'en-gb' => 'English',
90 'es-es' => 'Español (Spanish)',
91 'fi-fi' => 'Suomi (Finish)',
92 'fr-fr' => 'Français (French)',
93 'hu-hu' => 'Magyar (Hungarian)',
94 'it-it' => 'Italiano (Italian)',
95 'ko-kr' => '한국어 (Korean)',
96 'lv-lv' => 'latviešu (Latvian)',
97 'nl-nl' => 'Nederlands (Dutch)',
98 'pl-pl' => 'Język Polski (Polish)',
99 'pt-pt' => 'Português (Portuguese)',
100 'ro-ro' => 'Română (Romanian)',
101 'ru-ru' => 'Pусский (Russian)',
102 'sk-sk' => 'Slovenčina (Slovak)',
103 'sv-se' => 'Svenska (Swedish)',
104 'tr-tr' => 'Türkçe (Turkish)',
105 'uk-ua' => 'Українська (Ukrainian)',
106 'zh-cn' => '简体中文 (Simplified Chinese)',
107 'zh-tw' => '繁體中文 (Traditional Chinese)',
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]108);
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]109
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame^]110// default theme is lumen
111// additional themes can be found here: https://bootswatch.com/
112// copy them to data/web/css/themes/{THEME-NAME}-bootstrap.css
113$UI_THEME = "lumen";
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]114
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]115// Show DKIM private keys - false by default
116$SHOW_DKIM_PRIV_KEYS = false;
117
118// mailcow Apps - buttons on login screen
119$MAILCOW_APPS = array(
120 array(
121 'name' => 'Webmail',
122 'link' => '/SOGo/',
123 )
124);
125
126// Rows until pagination begins
127$PAGINATION_SIZE = 20;
128
129// Default number of rows/lines to display (log table)
130$LOG_LINES = 1000;
131
132// Rows until pagination begins (log table)
133$LOG_PAGINATION_SIZE = 50;
134
135// Session lifetime in seconds
136$SESSION_LIFETIME = 10800;
137
138// Label for OTP devices
139$OTP_LABEL = "mailcow UI";
140
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]141// How long to wait (in s) for cURL Docker requests
142$DOCKER_TIMEOUT = 60;
143
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]144// Split DKIM key notation (bind format)
145$SPLIT_DKIM_255 = false;
146
147// OAuth2 settings
148$REFRESH_TOKEN_LIFETIME = 2678400;
149$ACCESS_TOKEN_LIFETIME = 86400;
150// Logout from mailcow after first OAuth2 session profile request
151$OAUTH2_FORGET_SESSION_AFTER_LOGIN = false;
152
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame^]153// Set a limit for mailbox and domain tagging
154$TAGGING_LIMIT = 25;
155
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]156// MAILBOX_DEFAULT_ATTRIBUTES define default attributes for new mailboxes
157// These settings will not change existing mailboxes
158
159// Force incoming TLS for new mailboxes by default
160$MAILBOX_DEFAULT_ATTRIBUTES['tls_enforce_in'] = false;
161
162// Force outgoing TLS for new mailboxes by default
163$MAILBOX_DEFAULT_ATTRIBUTES['tls_enforce_out'] = false;
164
165// Force password change on next login (only allows login to mailcow UI)
166$MAILBOX_DEFAULT_ATTRIBUTES['force_pw_update'] = false;
167
168// Enable SOGo access (set to false to disable access by default)
169$MAILBOX_DEFAULT_ATTRIBUTES['sogo_access'] = true;
170
171// Send notification when quarantine is not empty (never, hourly, daily, weekly)
172$MAILBOX_DEFAULT_ATTRIBUTES['quarantine_notification'] = 'hourly';
173
174// Mailbox has IMAP access by default
175$MAILBOX_DEFAULT_ATTRIBUTES['imap_access'] = true;
176
177// Mailbox has POP3 access by default
178$MAILBOX_DEFAULT_ATTRIBUTES['pop3_access'] = true;
179
180// Mailbox has SMTP access by default
181$MAILBOX_DEFAULT_ATTRIBUTES['smtp_access'] = true;
182
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame^]183// Mailbox has sieve access by default
184$MAILBOX_DEFAULT_ATTRIBUTES['sieve_access'] = true;
185
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]186// Mailbox receives notifications about...
187// "add_header" - mail that was put into the Junk folder
188// "reject" - mail that was rejected
189// "all" - mail that was rejected and put into the Junk folder
190$MAILBOX_DEFAULT_ATTRIBUTES['quarantine_category'] = 'reject';
191
192// Default mailbox format, should not be changed unless you know exactly, what you do, keep the trailing ":"
193// Check dovecot.conf for further changes (e.g. shared namespace)
194$MAILBOX_DEFAULT_ATTRIBUTES['mailbox_format'] = 'maildir:';
195
196// Show last IMAP and POP3 logins
197$SHOW_LAST_LOGIN = true;
198
199// UV flag handling in FIDO2/WebAuthn - defaults to false to allow iOS logins
200// true = required
201// false = preferred
202// string 'required' 'preferred' 'discouraged'
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame^]203$WEBAUTHN_UV_FLAG_REGISTER = false;
204$WEBAUTHN_UV_FLAG_LOGIN = false;
205$WEBAUTHN_USER_PRESENT_FLAG = true;
206
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]207$FIDO2_UV_FLAG_REGISTER = 'preferred';
208$FIDO2_UV_FLAG_LOGIN = 'preferred'; // iOS ignores the key via NFC if required - known issue
209$FIDO2_USER_PRESENT_FLAG = true;
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame^]210
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]211$FIDO2_FORMATS = array('apple', 'android-key', 'android-safetynet', 'fido-u2f', 'none', 'packed', 'tpm');
212
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame^]213
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]214// Set visible Rspamd maps in mailcow UI, do not change unless you know what you are doing
215$RSPAMD_MAPS = array(
216 'regex' => array(
217 'Header-From: Blacklist' => 'global_mime_from_blacklist.map',
218 'Header-From: Whitelist' => 'global_mime_from_whitelist.map',
219 'Envelope Sender Blacklist' => 'global_smtp_from_blacklist.map',
220 'Envelope Sender Whitelist' => 'global_smtp_from_whitelist.map',
221 'Recipient Blacklist' => 'global_rcpt_blacklist.map',
222 'Recipient Whitelist' => 'global_rcpt_whitelist.map',
223 'Fishy TLDS (only fired in combination with bad words)' => 'fishy_tlds.map',
224 'Bad Words (only fired in combination with fishy TLDs)' => 'bad_words.map',
225 'Bad Words DE (only fired in combination with fishy TLDs)' => 'bad_words_de.map',
226 'Bad Languages' => 'bad_languages.map',
227 'Bulk Mail Headers' => 'bulk_header.map',
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]228 'Bad (Junk) Mail Headers' => 'bad_header.map',
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]229 'Monitoring Hosts' => 'monitoring_nolog.map'
230 )
231);
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame^]232
233
234$IMAPSYNC_OPTIONS = array(
235 'whitelist' => array(
236 'authmech1',
237 'authmech2',
238 'authuser1',
239 'authuser2',
240 'debugcontent',
241 'disarmreadreceipts',
242 'logdir',
243 'debugcrossduplicates',
244 'maxsize',
245 'minsize',
246 'minage',
247 'search',
248 'noabletosearch',
249 'pidfile',
250 'pidfilelocking',
251 'search1',
252 'search2',
253 'sslargs1',
254 'sslargs2',
255 'syncduplicates',
256 'usecache',
257 'synclabels',
258 'truncmess',
259 'domino2',
260 'expunge1',
261 'filterbuggyflags',
262 'justconnect',
263 'justfolders',
264 'maxlinelength',
265 'useheader',
266 'noabletosearch1',
267 'nolog',
268 'prefix1',
269 'prefix2',
270 'sep1',
271 'sep2',
272 'nofoldersizesatend',
273 'justfoldersizes',
274 'proxyauth1',
275 'skipemptyfolders',
276 'include',
277 'subfolder1',
278 'subscribed',
279 'subscribe',
280 'debug',
281 'debugimap2',
282 'domino1',
283 'exchange1',
284 'exchange2',
285 'justlogin',
286 'keepalive1',
287 'keepalive2',
288 'noabletosearch2',
289 'noexpunge2',
290 'noresyncflags',
291 'nossl1',
292 'nouidexpunge2',
293 'syncinternaldates',
294 'idatefromheader',
295 'useuid',
296 'debugflags',
297 'debugimap',
298 'delete1emptyfolders',
299 'delete2folders',
300 'gmail2',
301 'office1',
302 'testslive6',
303 'debugimap1',
304 'errorsmax',
305 'tests',
306 'gmail1',
307 'maxmessagespersecond',
308 'maxbytesafter',
309 'maxsleep',
310 'abort',
311 'resyncflags',
312 'resynclabels',
313 'syncacls',
314 'nosyncacls',
315 'nousecache',
316 'office2',
317 'testslive',
318 'debugmemory',
319 'exitwhenover',
320 'noid',
321 'noexpunge1',
322 'authmd51',
323 'logfile',
324 'proxyauth2',
325 'domain1',
326 'domain2',
327 'oauthaccesstoken1',
328 'oauthaccesstoken2',
329 'oauthdirect1',
330 'oauthdirect2',
331 'folder',
332 'folderrec',
333 'folderfirst',
334 'folderlast',
335 'nomixfolders',
336 'authmd52',
337 'debugfolders',
338 'nossl2',
339 'ssl2',
340 'tls2',
341 'notls2',
342 'debugssl',
343 'notls1',
344 'inet4',
345 'inet6',
346 'log',
347 'showpasswords'
348 ),
349 'blacklist' => array(
350 'skipmess',
351 'delete2foldersonly',
352 'delete2foldersbutnot',
353 'regexflag',
354 'regexmess',
355 'pipemess',
356 'regextrans2',
357 'maxlinelengthcmd'
358 )
359);