hhf/docker-mailcow
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
docker-mailcow/README.md
hhf a107618a23 Add README.md
2024-12-06 15:52:15 +05:30

59 lines
No EOL
2 KiB
Markdown
Raw Blame History

Mailcow runs properly through dockeruser:
This script combines all the requested components and adds several security enhancements. Here's what the script does:
1. Installs Docker with official GPG keys
2. Creates a separate user for Docker operations
3. Sets up UFW firewall with all necessary ports for Mailcow
4. Installs and configures fail2ban with SSH honeypot
5. Clones and sets up Mailcow
6. Implements proper logging and error handling
To use this script:
1. Download script for the hhf git repo:
```bash
wget https://git.hhf.technology/hhf/docker-mailcow/raw/branch/main/install-mailcow.sh
```
2. Make it executable:
```bash
chmod +x install-mailcow.sh
```
3. Run it as root:
```bash
sudo ./install-mailcow.sh
```
Important notes:
- The script must be run as root
- It's designed for Debian-based systems
- Make sure to review the UFW rules and adjust if needed
- After installation, you'll need to configure your DNS records and SSL certificates
- The script creates a separate user 'dockeruser' for Docker operations
1. Added proper sudo permissions for dockeruser specifically for Docker commands
2. Set correct ownership of the Mailcow directory to dockeruser
3. All Docker operations are now performed as dockeruser using `su - dockeruser`
4. Added proper directory permissions and ownership
5. Docker commands are now executed in the correct user context
To use the installation:
1. After installation, you can manage Mailcow as dockeruser:
```bash
su - dockeruser
cd /opt/mailcow-dockerized
docker compose ps # Check status
docker compose down # Stop services
docker compose up -d # Start services
```
2. The dockeruser can manage all Docker-related tasks without needing sudo for docker commands.
3. Configuration files will be properly owned by dockeruser, allowing for easier maintenance and updates.
This setup ensures better security by:
- Running Mailcow with minimal required permissions
- Keeping Docker operations separate from root
- Maintaining proper file ownership
- Allowing for easier maintenance and updates
Reference in a new issue View git blame Copy permalink