Gitiles
Code Review Sign In
gerrit.benkard.de / kubeia / d1f5b68b557869443f559de96824b2d2aee3b3e7 / . / mailcow / src / mailcow-dockerized / data / web / inc / vars.inc.php
blob: 3f726934ab90f675fd85dc8524b2ca0d331f5092 [file] [log] [blame]
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]1<?php
2error_reporting(E_ERROR);
3//error_reporting(E_ALL);
4
5/*
6PLEASE USE THE FILE "vars.local.inc.php" TO OVERWRITE SETTINGS AND MAKE THEM PERSISTENT!
7This file will be reset on upgrades.
8*/
9
10// SQL database connection variables
11$database_type = 'mysql';
12$database_sock = '/var/run/mysqld/mysqld.sock';
13$database_host = 'mysql';
14$database_user = getenv('DBUSER');
15$database_pass = getenv('DBPASS');
16$database_name = getenv('DBNAME');
17
18// Other variables
19$mailcow_hostname = getenv('MAILCOW_HOSTNAME');
20$default_pass_scheme = getenv('MAILCOW_PASS_SCHEME');
21
22// Autodiscover settings
23// ===
24// Auto-detect HTTPS port =>
25$https_port = strpos($_SERVER['HTTP_HOST'], ':');
26if ($https_port === FALSE) {
27 $https_port = 443;
28} else {
29 $https_port = substr($_SERVER['HTTP_HOST'], $https_port+1);
30}
31
32// Alternatively select port here =>
33//$https_port = 1234;
34// Other settings =>
35$autodiscover_config = array(
36 // General autodiscover service type: "activesync" or "imap"
37 // emClient uses autodiscover, but does not support ActiveSync. mailcow excludes emClient from ActiveSync.
38 // With SOGo disabled, the type will always fallback to imap. CalDAV and CardDAV will be excluded, too.
39 'autodiscoverType' => 'activesync',
40 // If autodiscoverType => activesync, also use ActiveSync (EAS) for Outlook desktop clients (>= Outlook 2013 on Windows)
41 // Outlook for Mac does not support ActiveSync
42 'useEASforOutlook' => 'no',
43 // Please don't use STARTTLS-enabled service ports in the "port" variable.
44 // The autodiscover service will always point to SMTPS and IMAPS (TLS-wrapped services).
45 // The autoconfig service will additionally announce the STARTTLS-enabled ports, specified in the "tlsport" variable.
46 'imap' => array(
47 'server' => $mailcow_hostname,
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]48 'port' => (int)filter_var(substr(getenv('IMAPS_PORT'), strrpos(getenv('IMAPS_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT),
49 'tlsport' => (int)filter_var(substr(getenv('IMAP_PORT'), strrpos(getenv('IMAP_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT)
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]50 ),
51 'pop3' => array(
52 'server' => $mailcow_hostname,
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]53 'port' => (int)filter_var(substr(getenv('POPS_PORT'), strrpos(getenv('POPS_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT),
54 'tlsport' => (int)filter_var(substr(getenv('POP_PORT'), strrpos(getenv('POP_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT)
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]55 ),
56 'smtp' => array(
57 'server' => $mailcow_hostname,
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]58 'port' => (int)filter_var(substr(getenv('SMTPS_PORT'), strrpos(getenv('SMTPS_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT),
59 'tlsport' => (int)filter_var(substr(getenv('SUBMISSION_PORT'), strrpos(getenv('SUBMISSION_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT)
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]60 ),
61 'activesync' => array(
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]62 'url' => 'https://' . $mailcow_hostname . ($https_port == 443 ? '' : ':' . $https_port) . '/Microsoft-Server-ActiveSync',
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]63 ),
64 'caldav' => array(
65 'server' => $mailcow_hostname,
66 'port' => $https_port,
67 ),
68 'carddav' => array(
69 'server' => $mailcow_hostname,
70 'port' => $https_port,
71 ),
72);
73
74// If false, we will use DEFAULT_LANG
75// Uses HTTP_ACCEPT_LANGUAGE header
76$DETECT_LANGUAGE = true;
77
78// Change default language
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]79$DEFAULT_LANG = 'en-gb';
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]80
81// Available languages
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]82// https://www.iso.org/obp/ui/#search
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]83// https://en.wikipedia.org/wiki/IETF_language_tag
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]84$AVAILABLE_LANGUAGES = array(
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]85 // 'ca-es' => 'Català (Catalan)',
86 'cs-cz' => 'Čeština (Czech)',
87 'da-dk' => 'Danish (Dansk)',
88 'de-de' => 'Deutsch (German)',
89 'en-gb' => 'English',
90 'es-es' => 'Español (Spanish)',
91 'fi-fi' => 'Suomi (Finish)',
92 'fr-fr' => 'Français (French)',
Matthias Andreas Benkardd1f5b682023-11-18 13:18:30 +0100[diff] [blame^]93 'gr-gr' => 'Ελληνικά (Greek)',
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]94 'hu-hu' => 'Magyar (Hungarian)',
95 'it-it' => 'Italiano (Italian)',
96 'ko-kr' => '한국어 (Korean)',
97 'lv-lv' => 'latviešu (Latvian)',
98 'nl-nl' => 'Nederlands (Dutch)',
99 'pl-pl' => 'Język Polski (Polish)',
100 'pt-pt' => 'Português (Portuguese)',
101 'ro-ro' => 'Română (Romanian)',
102 'ru-ru' => 'Pусский (Russian)',
Matthias Andreas Benkardd1f5b682023-11-18 13:18:30 +0100[diff] [blame^]103 'si-si' => 'Slovenščina (Slovenian)',
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]104 'sk-sk' => 'Slovenčina (Slovak)',
105 'sv-se' => 'Svenska (Swedish)',
106 'tr-tr' => 'Türkçe (Turkish)',
107 'uk-ua' => 'Українська (Ukrainian)',
108 'zh-cn' => '简体中文 (Simplified Chinese)',
109 'zh-tw' => '繁體中文 (Traditional Chinese)',
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]110);
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]111
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]112// default theme is lumen
113// additional themes can be found here: https://bootswatch.com/
114// copy them to data/web/css/themes/{THEME-NAME}-bootstrap.css
115$UI_THEME = "lumen";
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]116
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]117// Show DKIM private keys - false by default
118$SHOW_DKIM_PRIV_KEYS = false;
119
120// mailcow Apps - buttons on login screen
121$MAILCOW_APPS = array(
122 array(
123 'name' => 'Webmail',
124 'link' => '/SOGo/',
125 )
126);
127
128// Rows until pagination begins
Matthias Andreas Benkardd1f5b682023-11-18 13:18:30 +0100[diff] [blame^]129$PAGINATION_SIZE = 25;
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]130
131// Default number of rows/lines to display (log table)
132$LOG_LINES = 1000;
133
134// Rows until pagination begins (log table)
135$LOG_PAGINATION_SIZE = 50;
136
137// Session lifetime in seconds
138$SESSION_LIFETIME = 10800;
139
140// Label for OTP devices
141$OTP_LABEL = "mailcow UI";
142
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]143// How long to wait (in s) for cURL Docker requests
144$DOCKER_TIMEOUT = 60;
145
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]146// Split DKIM key notation (bind format)
147$SPLIT_DKIM_255 = false;
148
149// OAuth2 settings
150$REFRESH_TOKEN_LIFETIME = 2678400;
151$ACCESS_TOKEN_LIFETIME = 86400;
152// Logout from mailcow after first OAuth2 session profile request
153$OAUTH2_FORGET_SESSION_AFTER_LOGIN = false;
154
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]155// Set a limit for mailbox and domain tagging
156$TAGGING_LIMIT = 25;
157
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]158// MAILBOX_DEFAULT_ATTRIBUTES define default attributes for new mailboxes
159// These settings will not change existing mailboxes
160
161// Force incoming TLS for new mailboxes by default
162$MAILBOX_DEFAULT_ATTRIBUTES['tls_enforce_in'] = false;
163
164// Force outgoing TLS for new mailboxes by default
165$MAILBOX_DEFAULT_ATTRIBUTES['tls_enforce_out'] = false;
166
167// Force password change on next login (only allows login to mailcow UI)
168$MAILBOX_DEFAULT_ATTRIBUTES['force_pw_update'] = false;
169
170// Enable SOGo access (set to false to disable access by default)
171$MAILBOX_DEFAULT_ATTRIBUTES['sogo_access'] = true;
172
173// Send notification when quarantine is not empty (never, hourly, daily, weekly)
174$MAILBOX_DEFAULT_ATTRIBUTES['quarantine_notification'] = 'hourly';
175
176// Mailbox has IMAP access by default
177$MAILBOX_DEFAULT_ATTRIBUTES['imap_access'] = true;
178
179// Mailbox has POP3 access by default
180$MAILBOX_DEFAULT_ATTRIBUTES['pop3_access'] = true;
181
182// Mailbox has SMTP access by default
183$MAILBOX_DEFAULT_ATTRIBUTES['smtp_access'] = true;
184
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]185// Mailbox has sieve access by default
186$MAILBOX_DEFAULT_ATTRIBUTES['sieve_access'] = true;
187
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]188// Mailbox receives notifications about...
189// "add_header" - mail that was put into the Junk folder
190// "reject" - mail that was rejected
191// "all" - mail that was rejected and put into the Junk folder
192$MAILBOX_DEFAULT_ATTRIBUTES['quarantine_category'] = 'reject';
193
194// Default mailbox format, should not be changed unless you know exactly, what you do, keep the trailing ":"
195// Check dovecot.conf for further changes (e.g. shared namespace)
196$MAILBOX_DEFAULT_ATTRIBUTES['mailbox_format'] = 'maildir:';
197
198// Show last IMAP and POP3 logins
199$SHOW_LAST_LOGIN = true;
200
201// UV flag handling in FIDO2/WebAuthn - defaults to false to allow iOS logins
202// true = required
203// false = preferred
204// string 'required' 'preferred' 'discouraged'
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]205$WEBAUTHN_UV_FLAG_REGISTER = false;
206$WEBAUTHN_UV_FLAG_LOGIN = false;
207$WEBAUTHN_USER_PRESENT_FLAG = true;
208
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]209$FIDO2_UV_FLAG_REGISTER = 'preferred';
210$FIDO2_UV_FLAG_LOGIN = 'preferred'; // iOS ignores the key via NFC if required - known issue
211$FIDO2_USER_PRESENT_FLAG = true;
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]212
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]213$FIDO2_FORMATS = array('apple', 'android-key', 'android-safetynet', 'fido-u2f', 'none', 'packed', 'tpm');
214
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]215
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]216// Set visible Rspamd maps in mailcow UI, do not change unless you know what you are doing
217$RSPAMD_MAPS = array(
218 'regex' => array(
219 'Header-From: Blacklist' => 'global_mime_from_blacklist.map',
220 'Header-From: Whitelist' => 'global_mime_from_whitelist.map',
221 'Envelope Sender Blacklist' => 'global_smtp_from_blacklist.map',
222 'Envelope Sender Whitelist' => 'global_smtp_from_whitelist.map',
223 'Recipient Blacklist' => 'global_rcpt_blacklist.map',
224 'Recipient Whitelist' => 'global_rcpt_whitelist.map',
225 'Fishy TLDS (only fired in combination with bad words)' => 'fishy_tlds.map',
226 'Bad Words (only fired in combination with fishy TLDs)' => 'bad_words.map',
227 'Bad Words DE (only fired in combination with fishy TLDs)' => 'bad_words_de.map',
228 'Bad Languages' => 'bad_languages.map',
229 'Bulk Mail Headers' => 'bulk_header.map',
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]230 'Bad (Junk) Mail Headers' => 'bad_header.map',
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]231 'Monitoring Hosts' => 'monitoring_nolog.map'
232 )
233);
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]234
235
236$IMAPSYNC_OPTIONS = array(
237 'whitelist' => array(
238 'authmech1',
239 'authmech2',
240 'authuser1',
241 'authuser2',
242 'debugcontent',
243 'disarmreadreceipts',
244 'logdir',
245 'debugcrossduplicates',
246 'maxsize',
247 'minsize',
248 'minage',
249 'search',
250 'noabletosearch',
251 'pidfile',
252 'pidfilelocking',
253 'search1',
254 'search2',
255 'sslargs1',
256 'sslargs2',
257 'syncduplicates',
258 'usecache',
259 'synclabels',
260 'truncmess',
261 'domino2',
262 'expunge1',
263 'filterbuggyflags',
264 'justconnect',
265 'justfolders',
266 'maxlinelength',
267 'useheader',
268 'noabletosearch1',
269 'nolog',
270 'prefix1',
271 'prefix2',
272 'sep1',
273 'sep2',
274 'nofoldersizesatend',
275 'justfoldersizes',
276 'proxyauth1',
277 'skipemptyfolders',
278 'include',
279 'subfolder1',
280 'subscribed',
281 'subscribe',
282 'debug',
283 'debugimap2',
284 'domino1',
285 'exchange1',
286 'exchange2',
287 'justlogin',
288 'keepalive1',
289 'keepalive2',
290 'noabletosearch2',
291 'noexpunge2',
292 'noresyncflags',
293 'nossl1',
294 'nouidexpunge2',
295 'syncinternaldates',
296 'idatefromheader',
297 'useuid',
298 'debugflags',
299 'debugimap',
300 'delete1emptyfolders',
301 'delete2folders',
302 'gmail2',
303 'office1',
304 'testslive6',
305 'debugimap1',
306 'errorsmax',
307 'tests',
308 'gmail1',
309 'maxmessagespersecond',
310 'maxbytesafter',
311 'maxsleep',
312 'abort',
313 'resyncflags',
314 'resynclabels',
315 'syncacls',
316 'nosyncacls',
317 'nousecache',
318 'office2',
319 'testslive',
320 'debugmemory',
321 'exitwhenover',
322 'noid',
323 'noexpunge1',
324 'authmd51',
325 'logfile',
326 'proxyauth2',
327 'domain1',
328 'domain2',
329 'oauthaccesstoken1',
330 'oauthaccesstoken2',
331 'oauthdirect1',
332 'oauthdirect2',
333 'folder',
334 'folderrec',
335 'folderfirst',
336 'folderlast',
337 'nomixfolders',
338 'authmd52',
339 'debugfolders',
340 'nossl2',
341 'ssl2',
342 'tls2',
343 'notls2',
344 'debugssl',
345 'notls1',
346 'inet4',
347 'inet6',
348 'log',
349 'showpasswords'
350 ),
351 'blacklist' => array(
352 'skipmess',
353 'delete2foldersonly',
354 'delete2foldersbutnot',
355 'regexflag',
356 'regexmess',
357 'pipemess',
358 'regextrans2',
359 'maxlinelengthcmd'
360 )
361);