elmau
/
iredmail-doc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
iredmail-doc/html/iredmail-easy.best.practice...

214 lines
10 KiB
HTML
Raw Normal View History

New: cloud-platform.best.practice.html.
2018-09-02 22:43:13 -05:00
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Best Practice</title>
<link rel="stylesheet" type="text/css" href="./css/markdown.css" />
</head>
<body>
<div id="navigation">
<a href="https://www.iredmail.org" target="_blank">
<img alt="iRedMail web site"
src="./images/logo-iredmail.png"
style="vertical-align: middle; height: 30px;"
/>&nbsp;
<span>iRedMail</span>
</a>
&nbsp;&nbsp;//&nbsp;&nbsp;<a href="./index.html">Document Index</a></div><h1 id="best-practice">Best Practice</h1>
<div class="toc">
<ul>
<li><a href="#best-practice">Best Practice</a><ul>
<li><a href="#mariadb">MariaDB</a></li>
<li><a href="#nginx">Nginx</a><ul>
<li><a href="#directory-structure">Directory Structure</a></li>
</ul>
</li>
<li><a href="#postfix">Postfix</a></li>
<li><a href="#dovecot">Dovecot</a></li>
<li><a href="#roundcube">Roundcube</a></li>
<li><a href="#sogo">SOGo</a></li>
<li><a href="#iredapd">iRedAPD</a></li>
<li><a href="#iredadmin">iRedAdmin</a></li>
<li><a href="#amavisd">Amavisd</a></li>
<li><a href="#fail2ban">Fail2ban</a></li>
</ul>
</li>
</ul>
</div>
Typo
2018-12-15 03:53:19 -06:00
<p>iRedMail Eazy (the deployment and support platform) maintains core config files,
New: cloud-platform.best.practice.html.
2018-09-02 22:43:13 -05:00
it's normal that you want to override some settings in default setup, please
follow some simple rules to store your custom settings, and do not modify the
Typo
2018-12-15 03:53:19 -06:00
core config files managed by iRedMail Eazy. This is the key to
Sync iRedAdmin-Pro API document.
2018-10-31 13:45:18 -06:00
achieve fear-less upgrade.</p>
New: cloud-platform.best.practice.html.
2018-09-02 22:43:13 -05:00
<ul>
<li>If software supports loading settings from multiple config files, you can
write your own config file under <code>/opt/iredmail/custom/&lt;software-name&gt;/</code>
without touching its core config files under <code>/etc/</code>. For example, Dovecot,
MariaDB, Roundcube, etc.</li>
<li>If software does not support loading settings from multiple config files,
you may need to apply your own settings by running commands to modify
config files under <code>/etc/</code> directly. For example, Postfix (use <code>postconf</code>
command). Commands can be written in file
Typo
2018-12-15 03:53:19 -06:00
<code>/opt/iredmail/custom/postfix/custom.sh</code>, it's ran by iRedMail Eazy
each time it deploys or upgrades this software.</li>
New: cloud-platform.best.practice.html.
2018-09-02 22:43:13 -05:00
<li>If software doesn't support overriding existing settings, you may need to
remove existing config file first, then write your own config file with new
setting. for example, Nginx. In this case, you need to update
<code>/opt/iredmail/custom/nginx/custom.sh</code> to remove config file first, then
write your own config files under <code>/opt/iredmail/custom/nginx/</code>.</li>
</ul>
<h3 id="mariadb">MariaDB</h3>
<ul>
<li><code>/opt/iredmail/custom/mysql/</code>:<ul>
<li>All files end with <code>.cnf</code> will be loaded by Mariadb.</li>
<li>It will override existing settings defined in files under <code>/etc/mysql/</code>.</li>
</ul>
</li>
</ul>
<p>Sample config file, <code>/opt/iredmail/custom/mysql/custom.conf</code>:</p>
<pre><code>[mysqld]
max_connections = 1024
</code></pre>
<h3 id="nginx">Nginx</h3>
<ul>
<li>
<p><code>/opt/iredmail/custom/nginx/custom.sh</code>:</p>
<ul>
<li>a bash shell script for advanced customization. This file will be executed
Typo
2018-12-15 03:53:19 -06:00
every time iRedMail Eazy deploys / upgrades the Nginx component.</li>
New: cloud-platform.best.practice.html.
2018-09-02 22:43:13 -05:00
</ul>
Typo
2018-09-20 22:17:02 -05:00
<p>For example, Nginx doesn't support override existing settings by
loading same parameter from another config file, in this case you should
run <code>rm</code> command in this file (<code>custom.sh</code>) to remove existing config
Typo
2018-12-15 03:53:19 -06:00
file generated by iRedMail Eazy and store custom settings in
Typo
2018-09-20 22:17:02 -05:00
another file.</p>
New: cloud-platform.best.practice.html.
2018-09-02 22:43:13 -05:00
</li>
<li>
Typo
2018-09-03 07:58:22 -05:00
<p><code>/opt/iredmail/custom/nginx/conf-enabled/</code>: additional Nginx global settings used inside <code>http {}</code> block.</p>
New: cloud-platform.best.practice.html.
2018-09-02 22:43:13 -05:00
<ul>
<li>If you want to override a parameter which is already defined in
<code>/etc/nginx/conf-enabled/</code>, please update <code>/opt/iredmail/custom/nginx/custom.sh</code>
to remove file under <code>/etc/nginx/conf-enabled/</code> first, then write your
own config file under <code>/opt/iredmail/custom/nginx/conf-enabled/</code> to set
a proper value.</li>
</ul>
</li>
<li>
<p><code>/opt/iredmail/custom/nginx/sites-conf.d/default-ssl/</code>: additional settings for default https website (inside the <code>server {}</code> block).</p>
</li>
<li><code>/opt/iredmail/custom/nginx/sites-enabled/</code>: additional virtual web hosts.</li>
</ul>
<h4 id="directory-structure">Directory Structure</h4>
<p>iRedMail uses the directory structure recommended by Debian/Ubuntu:</p>
<pre><code>/etc/nginx/ # all config files
|- conf-available/ # store settings used inside Nginx `http {}` block.
# Note: files under this directory are NOT
# loaded by Nginx directly.
|- conf-enabled/ # symbol links to files under `conf-available/`.
# Note: files under this directory are
# loaded by Nginx directly.
|- sites-available/ # store virtual web host config files.
# Note: files under this directory are NOT
# loaded by Nginx directly.
|- sites-enabled/ # symbol links to files under `sites-available/`.
# Note: files under this directory are
# loaded by Nginx directly.
|- sites-conf.d/
|- default-ssl/ # modular config files used by default
# virtual web host.
/opt/iredmail/custom/nginx/ # all custom config files.
|- conf-available/
|- conf-enabled/
|- sites-available/
|- sites-enabled/
|- custom.sh # shell script used for advanced customization
</code></pre>
<h3 id="postfix">Postfix</h3>
<p>Postfix doesn't support loading settings from multiple files.</p>
<ul>
<li><code>/opt/iredmail/custom/postfix/main.cf</code>: If this file exists, <code>/etc/postfix/main.cf</code> will be a symbol link to this file.</li>
<li><code>/opt/iredmail/custom/postfix/master.cf</code>: If this file exists, <code>/etc/postfix/master.cf</code> will be a symbol link to this file.</li>
<li><code>/opt/iredmail/custom/postfix/custom.sh</code>: a bash shell script for advanced customization</li>
<li><code>/opt/iredmail/custom/postfix/helo_access.pcre</code></li>
<li><code>/opt/iredmail/custom/postfix/postscreen_access.cidr</code></li>
</ul>
<h3 id="dovecot">Dovecot</h3>
<p>Dovecot supports loading from mulitple config files, and settings will be
overrode by the last one.</p>
<ul>
<li><code>/opt/iredmail/custom/dovecot/conf-enabled/</code>: store custom Dovecot settings.</li>
<li><code>/opt/iredmail/custom/dovecot/custom.sh</code>: a bash shell script used for advanced customization</li>
</ul>
<h3 id="roundcube">Roundcube</h3>
<ul>
<li><code>/opt/iredmail/custom/roundcube/custom.inc.php</code>.</li>
</ul>
<p>All your custom settings should be placed in this file, and do <strong>NOT</strong>
touch main config file <code>/opt/www/roundcubemail/config/config.inc.php</code>.</p>
<ul>
<li>
<p><code>/opt/iredmail/custom/roundcube/plugins/</code>: all third-party / custom
plugins should be placed under this directory. Plugins will be linked
to <code>/opt/www/roundcubemail/plugins/</code> automatically.</p>
</li>
<li>
<p><code>/opt/iredmail/custom/roundcube/skins/</code>: all third-party / custom
skins should be placed under this directory. Skins will be linked
to <code>/opt/www/roundcubemail/skins/</code> automatically.</p>
</li>
</ul>
<h3 id="sogo">SOGo</h3>
<ul>
<li><code>/opt/iredmail/custom/sogo/sogo.conf</code>: If this file exists, <code>/etc/sogo/sogo.conf</code> will be a symbol link to this file.</li>
<li>
<p><code>/opt/iredmail/custom/sogo/custom.sh</code>: a bash shell script for advanced customization</p>
<p>Currently SOGo doesnt support <code>include</code> directive to load config
from multiple files, so you can either maintain your own SOGo config
file (<code>/opt/iredmail/custom/sogo/sogo.conf</code>) or use the <code>custom.sh</code>
shell script to do even more complex customization.</p>
</li>
</ul>
<h3 id="iredapd">iRedAPD</h3>
<ul>
<li><code>/opt/iredmail/custom/iredapd/settings.py</code>. It will be linked to <code>/opt/www/iredapd/custom_settings.py</code> also.</li>
</ul>
<h3 id="iredadmin">iRedAdmin</h3>
<ul>
<li><code>/opt/iredmail/custom/iredadmin/settings.py</code>. it will be linked to <code>/opt/www/iredadmin/custom_settings.py</code> also.</li>
</ul>
<h3 id="amavisd">Amavisd</h3>
<ul>
<li><code>/opt/iredmail/custom/amavisd/amavisd.conf</code></li>
</ul>
<h3 id="fail2ban">Fail2ban</h3>
<ul>
<li><code>/opt/iredmail/custom/fail2ban/jail.local</code>: used to override settings in
<code>[DEFAULT]</code> section of main fail2ban config file. For example, <code>maxretry</code>, <code>findtime</code>, <code>bantime</code>,
<code>ignoreip</code>.</li>
<li><code>/opt/iredmail/custom/dovecot/custom.sh</code>: used for advanced customization.
for example, if you have some new jails, you can write jail config files under
<code>/opt/iredmail/custom/fail2ban/</code> too (you're free to create sub-folder to
store the jail config files), then use <code>custom.sh</code> to create symbol link
of jails you want to enable under <code>/etc/fail2ban/jail.d/</code>.</li>
</ul><div class="footer">
<p style="text-align: center; color: grey;">All documents are available in <a href="https://bitbucket.org/zhb/iredmail-docs/src">BitBucket repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. You can <a href="https://bitbucket.org/zhb/iredmail-docs/get/tip.tar.bz2">download the latest version</a> for offline reading. If you found something wrong, please do <a href="https://www.iredmail.org/contact.html">contact us</a> to fix it.</p>
</div>
<!-- Global site tag (gtag.js) - Google Analytics -->
<script async src="https://www.googletagmanager.com/gtag/js?id=UA-3293801-21"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'UA-3293801-21');
</script>
</body></html>