W
wmf43

  • Jul 12, 2024
  • Joined Sep 1, 2023
  • 1 discussion
  • 4 posts
  • 0 best answers
  • Post posted... wait what?
    • Wwmf43

        Moolevel 0

      Meine Konstellation ist deiner sehr ähnlich, bei mir tritt das seit heute (Ubuntu-Update und Serverneustart) auch auf. Ich vermute ein Problem bzw. einen Zusammenhang hiermit:

      Zufällige Master-Benutzernamen und Passwörter werden automatisch bei jedem Neustart von dovecot-mailcow erstellt.

      docs.mailcow.email Icon Statischer Hauptbenutzer - mailcow: dockerized Dokumentation

    • For clarification:

      In case of a damaged mailcow-customized folder, would it be enough to clone it from github, copy the mailcow.conf from the backup and restart the containers without using restore-script? Or is it necessary to rerun generate_config.sh again (snakeoil certificates, set variables etc.) and then restore mailcow.conf from backup and start the containers? Or is is actually necessary to execute the backup&restore-script?

      Help me, what is the correct workflow? And additional, what have to be backuped manually from mailcow-dockerized (must-have and nice-to-have)?

    • D4niel
      Ok, then I miss a custom hook as implemented in update.sh. 😉

      But the security issue is more important to me , I am a little bit worried about cause it was the first time I have to use the recovery.

    • Hello,

      I ruined my mailcow-dockerized folder trying to secure it by lowering rights so that only root has rwx. I did chmod -R 700 mailcow-dockerized.
      I deleted the folder, recreated it, did chmod 700 mailcow-dockerized and did the git-checkout again. Then I copied the mailcow.conf from the backup folder and did docker-compose pull (forgot to restore docker-compose.yml). Last I did ./helper-scripts/backup_and_restore.sh restore with option all.

      It worked fine, but I have noticed some things. I had to:

      1. update the TLSA record
      2. recreate data/web/.well-known/mta-sts.txt
      3. recreate data/conf/nginx/redirect.conf
      4. set the password for rspamd

      The 1. was expected, but why are 2. and 3. not in the backup? And does rspamd don’t store it’s password-hash in the database? Why I had to set it again?

      Is there anything else regarding security I should verify? Is there a checklist for restore the backup to an new mailcow folder, which is in state e. g. after git-checkout or after ./generate_config.sh?

      Best regards
      wmf