hugalafutro

hugalafutro · 26 Mar

DocFraggle Maybe it’s because I’m the only user of my mail server so i never needed an “user” login. But the snippet you posted is telling nothing to layman like me, what does slash admin, slash, slash domainadmin mean? If it mentioned anything about domain in front of it I’d be in the clear.

esackbauer I too read each every changelog and this is the 1st one of mailcow I had issue with. I wouldn’t posted at all if it wasn’t for the coincidence of struggling with changes in various changelogs recently written in what I call too much of a technical mumbo jumbo.

peace out, it all works now

hugalafutro · 26 Mar

With all due respect, the notice is very badly written. I re-read it 3 times and only by pure chance I realized that to log in after the update I have to use new link ending in /admin. Maybe for you technical gurus it’s apparent from the text, but for me (and obviously others) it is written in very obscure way.

Why not write:
Change your bookmarks from whatever.domain to whatever.domain/admin

Sorry for the rant, but it’s like 5th time this week I run into an issue, because the dev words it incomprehensibly (to me).
Maybe I’m just getting old…

hugalafutro · Jul 21, 2024

try this as your data/conf/borgmatic/etc/crontab.txt (that’s what I have there and “it just works”):
0 * * * * PATH=$PATH:/usr/local/bin /usr/local/bin/borgmatic --stats -v 0 2>&1 and restart the borgmatic container, maybe the logfile you have defined there cannot be created or some permission issue.

alternatively enter the shell of the borgmatic container and run your command from the crontab manually and see the output, it might give you more info

I’m not sure why it complains about the borg passphrase, that is defined in the docker-compose as environment variable, and manual backup wouldn’t work either if it wasn’t defined.

just to make 100% sure, if you run docker compose exec borgmatic-mailcow bash -c 'echo "${BORG_PASSPHRASE}"' it returns your borg passphrase as you defined it in docker-compose.override.yml ?

hugalafutro · Jul 21, 2024

The repositories option now expects a list of key/value pairs. Lists of strings for this option are deprecated and support will be removed from a future release.

is the issue imho, i remember having to change all my borgmatic configs everywhere few months back

Change your repositories in data/conf/borgmatic/etc/config.yaml like so (this is copied from my working mailcow config):

repositories:
  - path: ssh://borgwarehouse@[REDACTED]:2223/./[REDACTED]
    label: borgwarehouse

and rebuild the stack. (i don’t think the label is mandatory)

my working config:

service from ‘docker-compose.override.yml’

my ‘data/conf/borgmatic/etc/config.yaml’:

source_directories:
    - /mnt/source/vmail
    - /mnt/source/crypt
    - /mnt/source/redis
    - /mnt/source/rspamd
    - /mnt/source/postfix

repositories:
  - path: ssh://borgwarehouse@[REDACTED]:2223/./[REDACTED]
    label: borgwarehouse

exclude_patterns:
    - '/mnt/source/postfix/public/'
    - '/mnt/source/postfix/private/'
    - '/mnt/source/rspamd/rspamd.sock'

compression: auto,lz4

checks:
  - name: repository
    frequency: 1 week
  - name: archives
    frequency: 1 week

keep_hourly: 24
keep_daily: 7
keep_weekly: 4
keep_monthly: 6

before_backup:
  - echo "Starting a backup job."
after_backup:
  - echo "Backup created."
on_error:
  - echo "Error while creating a backup."

mysql_databases:
    - name: mailcow
      username: mailcow
      password: [REDACTED]
      options: --default-character-set=utf8mb4

i dunno why the docker-compose part didn’t post but here it is:

  borgmatic-mailcow:
    image: b3vis/borgmatic
    hostname: mailcow
    restart: always
    dns: ${IPV4_NETWORK:-172.22.1}.254
    volumes:
      - vmail-vol-1:/mnt/source/vmail:ro
      - crypt-vol-1:/mnt/source/crypt:ro
      - redis-vol-1:/mnt/source/redis:ro,z
      - rspamd-vol-1:/mnt/source/rspamd:ro,z
      - postfix-vol-1:/mnt/source/postfix:ro,z
      - mysql-socket-vol-1:/var/run/mysqld/:z
      - borg-config-vol-1:/root/.config/borg:Z
      - borg-cache-vol-1:/root/.cache/borg:Z
      - ./data/conf/borgmatic/etc:/etc/borgmatic.d:Z
      - ./data/conf/borgmatic/ssh:/root/.ssh:Z
    environment:
      - TZ=${TZ}
      - BORG_PASSPHRASE=[REDACTED]
    networks:
      mailcow-network:
        aliases:
          - borgmatic

volumes:
  borg-cache-vol-1:
  borg-config-vol-1:

hugalafutro · Jun 30, 2023

accolon thanks for the link that would explain it, guess I’ll stick with the 2vcpu, the next 4vcpu intel is twice the price.

hugalafutro · Jun 30, 2023

weirdly enough, it turns out it was because I also happened to change the server type some time before the update as I was just remembering what changes I made recently (hetzner cloud vm, rescaled form 2vcpu intel to 4vcpu amd)

Rescaling back to 2vcpu intel instance makes rspamd work.

Is there any way to make rspamd work on amd instance ?

hugalafutro · Jun 30, 2023

Hi, I ran the update.sh script today and afterwards the rspamd container is stuck in restart loop with re_cache; rspamd_re_cache_load_hyperscan: fatal error: cannot allocate scratch for /var/lib/rspamd//791648bcd295379bd35146fd029ee28c88cfa0bd2429269cf09abc9541528fc8.hs: -6

output of update.sh: https://o.o5.ddns.net/S5H8T

o.o5.ddns.net

https://o.o5.ddns.net/S5H8T

No preview could be generated for this link

rspamd log: https://o.o5.ddns.net/jHhHJ

o.o5.ddns.net

https://o.o5.ddns.net/jHhHJ

No preview could be generated for this link

Any ideas how to make it work? Thanks!

hugalafutro · Sep 8, 2022

Works now 111 pushed to hub 4mins ago

hugalafutro · Sep 8, 2022

Oh I didn’t think about that, just thought since the email went out it’s all ready. I shall try later.

hugalafutro · Sep 8, 2022

edit: The title got cut off Trying to update to Amoogust Update 2022 - The Nightly Build Switch Update | Revision B as I just got the email

Getting this error when I run ./update.sh


Error pulling mailcow/sogo:1.111, retrying...
Error response from daemon: manifest for mailcow/sogo:1.111 not found: manifest unknown: manifest unknown

Error pulling mailcow/sogo:1.111, retrying...
Error response from daemon: manifest for mailcow/sogo:1.111 not found: manifest unknown: manifest unknown

Error pulling mailcow/sogo:1.111, retrying...
Error response from daemon: manifest for mailcow/sogo:1.111 not found: manifest unknown: manifest unknown

Error pulling mailcow/sogo:1.111, retrying...

Too many failed retries, exiting

hugalafutro · Jul 23, 2022

Hi,
I already have ClamAV container running on different machine. Could this be used with mailcow so I could save the resources it eats on the mailcow vm? The ClamAV container is being used over network by nextcloud container and I was wondering if I could set mailcow in similar way.

Thanks for any advice!

hugalafutro · May 8, 2022

I forgot about this, but here is the solution I’m using:

#!/bin/bash scp pi@192.168.1.101:/home/pi/docker/nginx-proxy-manager/letsencrypt/live/npm-29/fullchain.pem /opt/mailcow-dockerized/data/assets/ssl/cert.pem scp pi@192.168.1.101:/home/pi/docker/nginx-proxy-manager/letsencrypt/live/npm-29/privkey.pem /opt/mailcow-dockerized/data/assets/ssl/key.pem postfix_c=$(docker ps -qaf name=postfix-mailcow) dovecot_c=$(docker ps -qaf name=dovecot-mailcow) nginx_c=$(docker ps -qaf name=nginx-mailcow) docker restart ${postfix_c} ${dovecot_c} ${nginx_c}

running via cron on the 1st day of every 2nd month
0 1 * */2 * bash /opt/mailcow_cert_renew.sh >/dev/null 2>&1

hugalafutro · Feb 2, 2022

Was only able to solve this with nullmailer for cron where you can utilize MAILTO= before the cron line to force the email.

To make it work systemwide (i.e. for failed login attempts) had to go back to postfix, following the tutorial @ https://easyengine.io/tutorials/linux/ubuntu-postfix-gmail-smtp/

easyengine.io

https://easyengine.io/tutorials/linux/ubuntu-postfix-gmail-smtp/

Retrieving...

just exchanging the gmail parts with my mailcow address got me 90% of way there, adding root: myemail@mailcow.net and running sudo newaliases && sudo service postfix restart made it work.

Disclaimer: I’ve no idea what I’m doing, and as long as the results are in the vicinity of what I wanted it’s “solved” for me

hugalafutro · Jan 25, 2022

Hi,
I’m using nullmailer to handle sending emails from local machines to outside mail (as discussed @ https://community.mailcow.email/d/1150-how-to-handle-service-mails-from-non-public-hosts/2

community.mailcow.email

https://community.mailcow.email/d/1150-how-to-handle-service-mails-from-non-public-hosts/2

Retrieving...

) via my mailcow server and that works ok.

While browsing through the postfix logs I noticed it bounces local messages received such as from cron daemon (it shows mail from user@vm.lan to user@vm.lan) with warning: Unable to look up MX host vm.lan for Recipient address user@vm.lan: Name or service not known

I can also see the message being processed in rspamdui where it’s all green. However as for the actual message that just disappears. It’s not in the vm.lan mailbox, it’s not on mailcow mailbox, so where is the mail gone? More importantly how can I force these messages to go to outside mailbox?

Any advice welcome, thanks!

hugalafutro · Jan 14, 2022

Hi, I use nginx-proxy-manager to manage my certificates. My mailcow runs on different vm. I can successfully import the certificate by using instructions for the post hook script

mailcow.github.io

Redirecting...

, but I’m looking for advice on best way how to automate this now.

I’m thinking sharing the cert directory over nfs to mailcow vm, and then use something like inotifywait to run the post hook script and restart the 3 containers if the files change.

If you’re using the post hook script how do you manage the renews automatically?

hugalafutro · Dec 28, 2021

Figured it out! Your post made me try nullmailer which is absolutely fantastic as the whole config is 1 line as opposed to postfix which I spent last 2 days reading about, which let me focus on the mailcow side of the thing.

say your local vm is vm.lan and mailcow runs on mailcow.lan locally:

in /etc/nullmailer/remotes on vm.lan:
mailcow.lan smtp --port=587 --starttls --insecure --user=foo@example.com --pass=pass

In Mailcow UI edit foo@example.com Mailbox and in field called External sender addresses:
type @vm.lan and any other local hosts delimited by space

Of note is you I use --insecure as my mailcow host uses self-signed cert behind reverse proxy. I also had to put lan into /etc/nullmailer/domain. YMMV

hugalafutro · Dec 28, 2021

I was running to exact same issue, and to get mailcow to accept mails from local lan hosts i had to disable sender verification on the receiving mailbox which I presume presents a security vulnerability as it warns in red when I select that.

Anyone has any insight how to make mailcow to accept mail from local lan hosts without compromising security?
Thanks!

hugalafutro · Dec 28, 2021

Hi,
recently set up mailcow dockerized on (not my actual domain) mail.example.com, and added example.com as a domain in mailcow and created some mailboxes such as foo@example.com foo2@example.com etc.

Using dmarcian.com to check, I get all green for domain example.com, but subdomain mail.example.com shows 2 green and missing DKIM record. Obviously can’t add the host as a domain in mailcow so how would I get a dkim key for it? Or is the warning for subdomain safe to ignore?

Any insights welcome, thanks!