2018-09-02 22:43:13 -05:00
|
|
|
|
# Best Practice
|
|
|
|
|
|
|
|
|
|
[TOC]
|
|
|
|
|
|
|
|
|
|
iRedMail cloud deployment platform maintains core config files,
|
|
|
|
|
it's normal that you want to override some settings in default setup, please
|
|
|
|
|
follow some simple rules to store your custom settings, and do not modify the
|
|
|
|
|
core config files managed by iRedMail cloud platform.
|
|
|
|
|
|
|
|
|
|
* If software supports loading settings from multiple config files, you can
|
|
|
|
|
write your own config file under `/opt/iredmail/custom/<software-name>/`
|
|
|
|
|
without touching its core config files under `/etc/`. For example, Dovecot,
|
|
|
|
|
MariaDB, Roundcube, etc.
|
|
|
|
|
* If software does not support loading settings from multiple config files,
|
|
|
|
|
you may need to apply your own settings by running commands to modify
|
|
|
|
|
config files under `/etc/` directly. For example, Postfix (use `postconf`
|
|
|
|
|
command). Commands can be written in file
|
|
|
|
|
`/opt/iredmail/custom/postfix/custom.sh`, it's ran by iRedMail cloud
|
|
|
|
|
deployment platform each time it deploys or upgrades this software.
|
|
|
|
|
* If software doesn't support overriding existing settings, you may need to
|
|
|
|
|
remove existing config file first, then write your own config file with new
|
|
|
|
|
setting. for example, Nginx. In this case, you need to update
|
|
|
|
|
`/opt/iredmail/custom/nginx/custom.sh` to remove config file first, then
|
|
|
|
|
write your own config files under `/opt/iredmail/custom/nginx/`.
|
|
|
|
|
|
|
|
|
|
### MariaDB
|
|
|
|
|
|
|
|
|
|
- `/opt/iredmail/custom/mysql/`:
|
|
|
|
|
- All files end with `.cnf` will be loaded by Mariadb.
|
|
|
|
|
- It will override existing settings defined in files under `/etc/mysql/`.
|
|
|
|
|
|
|
|
|
|
Sample config file, `/opt/iredmail/custom/mysql/custom.conf`:
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
[mysqld]
|
|
|
|
|
max_connections = 1024
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
### Nginx
|
|
|
|
|
|
|
|
|
|
- `/opt/iredmail/custom/nginx/custom.sh`:
|
|
|
|
|
- a bash shell script for advanced customization. This file will be executed
|
|
|
|
|
every time iRedMail cloud platform deploys / upgrades the Nginx component.
|
|
|
|
|
|
2018-09-20 22:17:02 -05:00
|
|
|
|
For example, Nginx doesn't support override existing settings by
|
|
|
|
|
loading same parameter from another config file, in this case you should
|
|
|
|
|
run `rm` command in this file (`custom.sh`) to remove existing config
|
|
|
|
|
file generated by iRedMail cloud platform and store custom settings in
|
|
|
|
|
another file.
|
2018-09-02 22:43:13 -05:00
|
|
|
|
|
2018-09-03 07:58:22 -05:00
|
|
|
|
- `/opt/iredmail/custom/nginx/conf-enabled/`: additional Nginx global settings used inside `http {}` block.
|
2018-09-02 22:43:13 -05:00
|
|
|
|
- If you want to override a parameter which is already defined in
|
|
|
|
|
`/etc/nginx/conf-enabled/`, please update `/opt/iredmail/custom/nginx/custom.sh`
|
|
|
|
|
to remove file under `/etc/nginx/conf-enabled/` first, then write your
|
|
|
|
|
own config file under `/opt/iredmail/custom/nginx/conf-enabled/` to set
|
|
|
|
|
a proper value.
|
|
|
|
|
|
|
|
|
|
- `/opt/iredmail/custom/nginx/sites-conf.d/default-ssl/`: additional settings for default https website (inside the `server {}` block).
|
|
|
|
|
- `/opt/iredmail/custom/nginx/sites-enabled/`: additional virtual web hosts.
|
|
|
|
|
|
|
|
|
|
#### Directory Structure
|
|
|
|
|
|
|
|
|
|
iRedMail uses the directory structure recommended by Debian/Ubuntu:
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
/etc/nginx/ # all config files
|
|
|
|
|
|
|
|
|
|
|- conf-available/ # store settings used inside Nginx `http {}` block.
|
|
|
|
|
# Note: files under this directory are NOT
|
|
|
|
|
# loaded by Nginx directly.
|
|
|
|
|
|
|
|
|
|
|- conf-enabled/ # symbol links to files under `conf-available/`.
|
|
|
|
|
# Note: files under this directory are
|
|
|
|
|
# loaded by Nginx directly.
|
|
|
|
|
|
|
|
|
|
|- sites-available/ # store virtual web host config files.
|
|
|
|
|
# Note: files under this directory are NOT
|
|
|
|
|
# loaded by Nginx directly.
|
|
|
|
|
|
|
|
|
|
|- sites-enabled/ # symbol links to files under `sites-available/`.
|
|
|
|
|
# Note: files under this directory are
|
|
|
|
|
# loaded by Nginx directly.
|
|
|
|
|
|
|
|
|
|
|- sites-conf.d/
|
|
|
|
|
|- default-ssl/ # modular config files used by default
|
|
|
|
|
# virtual web host.
|
|
|
|
|
|
|
|
|
|
/opt/iredmail/custom/nginx/ # all custom config files.
|
|
|
|
|
|- conf-available/
|
|
|
|
|
|- conf-enabled/
|
|
|
|
|
|- sites-available/
|
|
|
|
|
|- sites-enabled/
|
|
|
|
|
|- custom.sh # shell script used for advanced customization
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
### Postfix
|
|
|
|
|
|
|
|
|
|
Postfix doesn't support loading settings from multiple files.
|
|
|
|
|
|
|
|
|
|
- `/opt/iredmail/custom/postfix/main.cf`: If this file exists, `/etc/postfix/main.cf` will be a symbol link to this file.
|
|
|
|
|
- `/opt/iredmail/custom/postfix/master.cf`: If this file exists, `/etc/postfix/master.cf` will be a symbol link to this file.
|
|
|
|
|
- `/opt/iredmail/custom/postfix/custom.sh`: a bash shell script for advanced customization
|
|
|
|
|
- `/opt/iredmail/custom/postfix/helo_access.pcre`
|
|
|
|
|
- `/opt/iredmail/custom/postfix/postscreen_access.cidr`
|
|
|
|
|
|
|
|
|
|
### Dovecot
|
|
|
|
|
|
|
|
|
|
Dovecot supports loading from mulitple config files, and settings will be
|
|
|
|
|
overrode by the last one.
|
|
|
|
|
|
|
|
|
|
- `/opt/iredmail/custom/dovecot/conf-enabled/`: store custom Dovecot settings.
|
|
|
|
|
- `/opt/iredmail/custom/dovecot/custom.sh`: a bash shell script used for advanced customization
|
|
|
|
|
|
|
|
|
|
### Roundcube
|
|
|
|
|
|
|
|
|
|
- `/opt/iredmail/custom/roundcube/custom.inc.php`.
|
|
|
|
|
|
|
|
|
|
All your custom settings should be placed in this file, and do __NOT__
|
|
|
|
|
touch main config file `/opt/www/roundcubemail/config/config.inc.php`.
|
|
|
|
|
|
|
|
|
|
- `/opt/iredmail/custom/roundcube/plugins/`: all third-party / custom
|
|
|
|
|
plugins should be placed under this directory. Plugins will be linked
|
|
|
|
|
to `/opt/www/roundcubemail/plugins/` automatically.
|
|
|
|
|
|
|
|
|
|
- `/opt/iredmail/custom/roundcube/skins/`: all third-party / custom
|
|
|
|
|
skins should be placed under this directory. Skins will be linked
|
|
|
|
|
to `/opt/www/roundcubemail/skins/` automatically.
|
|
|
|
|
|
|
|
|
|
### SOGo
|
|
|
|
|
|
|
|
|
|
- `/opt/iredmail/custom/sogo/sogo.conf`: If this file exists, `/etc/sogo/sogo.conf` will be a symbol link to this file.
|
|
|
|
|
- `/opt/iredmail/custom/sogo/custom.sh`: a bash shell script for advanced customization
|
|
|
|
|
|
|
|
|
|
Currently SOGo doesn’t support `include` directive to load config
|
|
|
|
|
from multiple files, so you can either maintain your own SOGo config
|
|
|
|
|
file (`/opt/iredmail/custom/sogo/sogo.conf`) or use the `custom.sh`
|
|
|
|
|
shell script to do even more complex customization.
|
|
|
|
|
|
|
|
|
|
### iRedAPD
|
|
|
|
|
|
|
|
|
|
- `/opt/iredmail/custom/iredapd/settings.py`. It will be linked to `/opt/www/iredapd/custom_settings.py` also.
|
|
|
|
|
|
|
|
|
|
### iRedAdmin
|
|
|
|
|
|
|
|
|
|
- `/opt/iredmail/custom/iredadmin/settings.py`. it will be linked to `/opt/www/iredadmin/custom_settings.py` also.
|
|
|
|
|
|
|
|
|
|
### Amavisd
|
|
|
|
|
|
|
|
|
|
- `/opt/iredmail/custom/amavisd/amavisd.conf`
|
|
|
|
|
|
|
|
|
|
### Fail2ban
|
|
|
|
|
|
|
|
|
|
- `/opt/iredmail/custom/fail2ban/jail.local`: used to override settings in
|
|
|
|
|
`[DEFAULT]` section of main fail2ban config file. For example, `maxretry`, `findtime`, `bantime`,
|
|
|
|
|
`ignoreip`.
|
|
|
|
|
- `/opt/iredmail/custom/dovecot/custom.sh`: used for advanced customization.
|
|
|
|
|
for example, if you have some new jails, you can write jail config files under
|
|
|
|
|
`/opt/iredmail/custom/fail2ban/` too (you're free to create sub-folder to
|
|
|
|
|
store the jail config files), then use `custom.sh` to create symbol link
|
|
|
|
|
of jails you want to enable under `/etc/fail2ban/jail.d/`.
|