Mail server, apache, sql

2024-09-01 10:31:25 -06:00 · 2024-09-01 10:31:25 -06:00 · 41301a0554
parent 2176dbe33d
commit 41301a0554
2 changed files with 284 additions and 30 deletions
--- a/docs/_source/locale/en/LC_MESSAGES/mail-libre-is.po
+++ b/docs/_source/locale/en/LC_MESSAGES/mail-libre-is.po
@ -9,7 +9,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Libre Developers Documentation 0\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2024-09-01 08:38-0600\n"
+"POT-Creation-Date: 2024-09-01 10:31-0600\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language: en\n"
@ -28,52 +28,160 @@ msgstr ""
 msgid "Documentation for Libre mail server."
 msgstr ""

-#: ../../../_source/mail-libre-is.rst:8
-msgid "Main Components"
+#: ../../../_source/mail-libre-is.rst:6
+msgid ""
+"Setting up Internet mail servers is a pain. It's nothing like just "
+"setting up a web server... This install is based on this guide:"
 msgstr ""

 #: ../../../_source/mail-libre-is.rst:10
-msgid "Dovecot"
-msgstr ""
-
-#: ../../../_source/mail-libre-is.rst:12
-msgid "`<https://dovecot.org/>`_"
+msgid "`<https://workaround.org/ispmail-bookworm/>`_"
 msgstr ""

 #: ../../../_source/mail-libre-is.rst:14
-msgid "OpenDKIM"
+msgid "Main Components"
 msgstr ""

-#: ../../../_source/mail-libre-is.rst:16
-msgid "`<http://www.opendkim.org/>`_"
+#: ../../../_source/mail-libre-is.rst:16 ../../../_source/mail-libre-is.rst:124
+msgid "Dovecot"
 msgstr ""

 #: ../../../_source/mail-libre-is.rst:18
-msgid "OpenDMARC"
+msgid "`<https://dovecot.org/>`_"
 msgstr ""

-#: ../../../_source/mail-libre-is.rst:20
-msgid "`<http://www.trusteddomain.org/opendmarc/>`_"
+#: ../../../_source/mail-libre-is.rst:21 ../../../_source/mail-libre-is.rst:54
+msgid "MariaDB"
 msgstr ""

-#: ../../../_source/mail-libre-is.rst:22
-msgid "`<https://github.com/trusteddomainproject/OpenDMARC>`_"
-msgstr ""
-
-#: ../../../_source/mail-libre-is.rst:24
-msgid "Postfix"
+#: ../../../_source/mail-libre-is.rst:24 ../../../_source/mail-libre-is.rst:150
+msgid "OpenDKIM"
 msgstr ""

 #: ../../../_source/mail-libre-is.rst:26
-msgid "`<https://www.postfix.org/>`_"
+msgid "`<http://www.opendkim.org/>`_"
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:28 ../../../_source/mail-libre-is.rst:158
+msgid "OpenDMARC"
 msgstr ""

 #: ../../../_source/mail-libre-is.rst:30
-msgid "Install Dependencies"
+msgid "`<http://www.trusteddomain.org/opendmarc/>`_"
 msgstr ""

-#~ msgid ""
-#~ "`<http://www.trusteddomain.org/opendmarc/>`_ "
-#~ "`<https://github.com/trusteddomainproject/OpenDMARC>`_"
+#: ../../../_source/mail-libre-is.rst:32
+msgid "`<https://github.com/trusteddomainproject/OpenDMARC>`_"
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:34 ../../../_source/mail-libre-is.rst:80
+msgid "Postfix"
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:36
+msgid "`<https://www.postfix.org/>`_"
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:40
+msgid "Apache"
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:41
+msgid ""
+"The Apache webserver is used out of laziness as it allows easy "
+"certificate updates with certbot. A webmail server won't be running on "
+"the main mail server."
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:50
+msgid "Open up firewall ports 80 and 443."
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:55
+msgid "The main database server."
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:63
+msgid "Add databases. Change password to something secure."
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:81
+msgid "The main SMTP mail server."
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:90
+msgid "Redis"
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:91
+msgid ""
+"Note, the licensing of Redis has gone bad. The version in Debian is OK. "
+"But in the future, probably replace with a fork."
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:100
+msgid "rspamd"
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:101
+msgid "Spam control."
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:109
+msgid "Certbot"
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:110
+msgid ""
+"Encryption certificates with Let's Encrypt. Not using an Apache webserver"
+" on the mail server makes getting new certificates a bit more complex."
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:125
+msgid "Just using encrypted IMAPS, not POP."
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:132
+msgid ""
+"Note, since IPv6 isn't being used, the dovecot install barfs. Edit "
+"/etc/dovecot/dovecot.conf and add this line, where appropriate:"
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:139
+msgid ""
+"Note, this is removing the \"::\" from listen, which using IPv6. Then re-"
+"run the install so the packages are happy. Note, the re-install won't "
+"overwrite the \"listen\" change."
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:159
+msgid "Requires database setup."
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:168
+msgid "SPF"
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:169
+msgid "Set up SPF."
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:173
+msgid "DNS"
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:174
+msgid "Set up DNS."
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:178
+msgid "Other"
+msgstr ""
+
+#: ../../../_source/mail-libre-is.rst:179
+msgid "Perhaps these too."
+msgstr ""
+
+#~ msgid "Just usingi encrypted IMAPS, not POP."
 #~ msgstr ""

--- a/docs/_source/mail-libre-is.rst
+++ b/docs/_source/mail-libre-is.rst
@ -3,6 +3,12 @@ mail.libre.is
 =============
 Documentation for Libre mail server.

+Setting up Internet mail servers is a pain.
+It's nothing like just setting up a web server...
+This install is based on this guide:
+
+  `<https://workaround.org/ispmail-bookworm/>`_
+

 Main Components
 ===============
@ -11,6 +17,10 @@ Dovecot

  `<https://dovecot.org/>`_

+
+MariaDB
+
+
 OpenDKIM

  `<http://www.opendkim.org/>`_
@ -26,14 +36,150 @@ Postfix
  `<https://www.postfix.org/>`_


-Install Dependencies
-====================
+Apache
+======
+The Apache webserver is used out of laziness as it allows easy
+certificate updates with certbot. A webmail server won't be
+running on the main mail server.

 .. code-block:: sh

-  sudo apt install postfix certbot dovecot-imapd opendkim opendmarc
+  sudo apt install apache2
+  echo "mail.libre.is" | sudo tee /var/www/html/index.html

-  # maybe
+Open up firewall ports 80 and 443.
+
+
+MariaDB
+=======
+The main database server.
+
+.. code-block:: sh
+
+  sudo apt install mariadb-server
+  sudo mariadb-admin password
+  mariadb -uroot -p
+
+Add databases.
+Change password to something secure.
+
+.. code-block:: sql
+
+  CREATE DATABASE mailserver;
+  GRANT ALL ON mailserver.* TO 'mailadmin'@'localhost' IDENTIFIED BY 'password';
+  GRANT SELECT ON mailserver.* TO 'mailserver'@'127.0.0.1' IDENTIFIED BY 'password';
+  CREATE TABLE IF NOT EXISTS `virtual_domains` (
+   `id` int(11) NOT NULL auto_increment,
+   `name` varchar(50) NOT NULL,
+   PRIMARY KEY (`id`)
+   ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+  EXIT
+
+
+Postfix
+=======
+The main SMTP mail server.
+
+.. code-block:: sh
+
+  sudo apt install postfix
+  sudo apt install postfix-mysql
+
+
+Redis
+=====
+Note, the licensing of Redis has gone bad. The version in Debian
+is OK. But in the future, probably replace with a fork.
+
+.. code-block:: sh
+
+  sudo apt install redis-server
+
+
+rspamd
+======
+Spam control.
+
+.. code-block:: sh
+
+  sudo apt install rspamd
+
+
+Certbot
+=======
+Encryption certificates with Let's Encrypt.
+Not using an Apache webserver on the mail server makes getting
+new certificates a bit more complex.
+
+.. code-block:: sh
+
+  sudo apt install certbot ca-certificates python3-certbot-apache
+  sudo certbot -d mail.libre.is
+  sudo systemctl restart apache2
+  echo "post-hook = systemctl restart postfix dovecot apache2" | \
+    sudo tee /etc/letsencrypt/cli.ini
+
+
+Dovecot
+=======
+Just using encrypted IMAPS, not POP.
+
+.. code-block:: sh
+
+  sudo apt install dovecot-mysql dovecot-pop3d dovecot-imapd \
+    dovecot-managesieved dovecot-lmtpd
+
+Note, since IPv6 isn't being used, the dovecot install barfs.
+Edit /etc/dovecot/dovecot.conf and add this line, where appropriate:
+
+.. code-block:: sh
+
+  listen = *
+
+Note, this is removing the "::" from listen, which using IPv6.
+Then re-run the install so the packages are happy. Note, the re-install
+won't overwrite the "listen" change.
+
+.. code-block:: sh
+
+  sudo apt install --reinstall dovecot-mysql dovecot-pop3d dovecot-imapd \
+    dovecot-managesieved dovecot-lmtpd
+
+
+OpenDKIM
+========
+
+.. code-block:: sh
+
+  sudo apt install opendkim
+
+
+OpenDMARC
+=========
+Requires database setup.
+
+
+.. code-block:: sh
+
+  sudo apt install opendmarc
+
+
+SPF
+===
+Set up SPF.
+
+
+DNS
+===
+Set up DNS.
+
+
+Other
+=====
+Perhaps these too.
+
+.. code-block:: sh
+
+  apt install postfix-policyd-spf-python rspamd
  apt install fail2ban spamassassin sqlgrey opendkim-tools make

-