7.0 KiB
Best Practice
[TOC]
iRedMail cloud deployment platform maintains core config files, it's normal that you want to override some settings in default setup, please follow some simple rules to store your custom settings, and do not modify the core config files managed by iRedMail cloud platform.
- If software supports loading settings from multiple config files, you can
write your own config file under
/opt/iredmail/custom/<software-name>/
without touching its core config files under/etc/
. For example, Dovecot, MariaDB, Roundcube, etc. - If software does not support loading settings from multiple config files,
you may need to apply your own settings by running commands to modify
config files under
/etc/
directly. For example, Postfix (usepostconf
command). Commands can be written in file/opt/iredmail/custom/postfix/custom.sh
, it's ran by iRedMail cloud deployment platform each time it deploys or upgrades this software. - If software doesn't support overriding existing settings, you may need to
remove existing config file first, then write your own config file with new
setting. for example, Nginx. In this case, you need to update
/opt/iredmail/custom/nginx/custom.sh
to remove config file first, then write your own config files under/opt/iredmail/custom/nginx/
.
MariaDB
/opt/iredmail/custom/mysql/
:- All files end with
.cnf
will be loaded by Mariadb. - It will override existing settings defined in files under
/etc/mysql/
.
- All files end with
Sample config file, /opt/iredmail/custom/mysql/custom.conf
:
[mysqld]
max_connections = 1024
Nginx
-
/opt/iredmail/custom/nginx/custom.sh
:-
a bash shell script for advanced customization. This file will be executed every time iRedMail cloud platform deploys / upgrades the Nginx component.
For example, Nginx doesn't support override existing settings by loading same parameter from another config file, in this case you should run
rm
command in this file (custom.sh
) to remove existing config file generated by iRedMail cloud platform and store custom settings in another file.
-
-
/opt/iredmail/custom/nginx/conf-enabled/
: additional Nginx global settings used insidehttp {}
block.- If you want to override a parameter which is already defined in
/etc/nginx/conf-enabled/
, please update/opt/iredmail/custom/nginx/custom.sh
to remove file under/etc/nginx/conf-enabled/
first, then write your own config file under/opt/iredmail/custom/nginx/conf-enabled/
to set a proper value.
- If you want to override a parameter which is already defined in
-
/opt/iredmail/custom/nginx/sites-conf.d/default-ssl/
: additional settings for default https website (inside theserver {}
block). -
/opt/iredmail/custom/nginx/sites-enabled/
: additional virtual web hosts.
Directory Structure
iRedMail uses the directory structure recommended by Debian/Ubuntu:
/etc/nginx/ # all config files
|- conf-available/ # store settings used inside Nginx `http {}` block.
# Note: files under this directory are NOT
# loaded by Nginx directly.
|- conf-enabled/ # symbol links to files under `conf-available/`.
# Note: files under this directory are
# loaded by Nginx directly.
|- sites-available/ # store virtual web host config files.
# Note: files under this directory are NOT
# loaded by Nginx directly.
|- sites-enabled/ # symbol links to files under `sites-available/`.
# Note: files under this directory are
# loaded by Nginx directly.
|- sites-conf.d/
|- default-ssl/ # modular config files used by default
# virtual web host.
/opt/iredmail/custom/nginx/ # all custom config files.
|- conf-available/
|- conf-enabled/
|- sites-available/
|- sites-enabled/
|- custom.sh # shell script used for advanced customization
Postfix
Postfix doesn't support loading settings from multiple files.
/opt/iredmail/custom/postfix/main.cf
: If this file exists,/etc/postfix/main.cf
will be a symbol link to this file./opt/iredmail/custom/postfix/master.cf
: If this file exists,/etc/postfix/master.cf
will be a symbol link to this file./opt/iredmail/custom/postfix/custom.sh
: a bash shell script for advanced customization/opt/iredmail/custom/postfix/helo_access.pcre
/opt/iredmail/custom/postfix/postscreen_access.cidr
Dovecot
Dovecot supports loading from mulitple config files, and settings will be overrode by the last one.
/opt/iredmail/custom/dovecot/conf-enabled/
: store custom Dovecot settings./opt/iredmail/custom/dovecot/custom.sh
: a bash shell script used for advanced customization
Roundcube
-
/opt/iredmail/custom/roundcube/custom.inc.php
.All your custom settings should be placed in this file, and do NOT touch main config file
/opt/www/roundcubemail/config/config.inc.php
. -
/opt/iredmail/custom/roundcube/plugins/
: all third-party / custom plugins should be placed under this directory. Plugins will be linked to/opt/www/roundcubemail/plugins/
automatically. -
/opt/iredmail/custom/roundcube/skins/
: all third-party / custom skins should be placed under this directory. Skins will be linked to/opt/www/roundcubemail/skins/
automatically.
SOGo
-
/opt/iredmail/custom/sogo/sogo.conf
: If this file exists,/etc/sogo/sogo.conf
will be a symbol link to this file. -
/opt/iredmail/custom/sogo/custom.sh
: a bash shell script for advanced customizationCurrently SOGo doesn’t support
include
directive to load config from multiple files, so you can either maintain your own SOGo config file (/opt/iredmail/custom/sogo/sogo.conf
) or use thecustom.sh
shell script to do even more complex customization.
iRedAPD
/opt/iredmail/custom/iredapd/settings.py
. It will be linked to/opt/www/iredapd/custom_settings.py
also.
iRedAdmin
/opt/iredmail/custom/iredadmin/settings.py
. it will be linked to/opt/www/iredadmin/custom_settings.py
also.
Amavisd
/opt/iredmail/custom/amavisd/amavisd.conf
Fail2ban
/opt/iredmail/custom/fail2ban/jail.local
: used to override settings in[DEFAULT]
section of main fail2ban config file. For example,maxretry
,findtime
,bantime
,ignoreip
./opt/iredmail/custom/dovecot/custom.sh
: used for advanced customization. for example, if you have some new jails, you can write jail config files under/opt/iredmail/custom/fail2ban/
too (you're free to create sub-folder to store the jail config files), then usecustom.sh
to create symbol link of jails you want to enable under/etc/fail2ban/jail.d/
.