CoreOS Mail Server
butane config
variant: fcos
version: 1.4.0
passwd:
users:
- name: core
groups:
- wheel
ssh_authorized_keys:
- >-
ssh-ed25519
AAAAC3......
example@example.com
storage:
files:
- path: /usr/local/bin/docker-compose
mode: 0755
contents:
source: "https://github.com/docker/compose/releases/download/v2.16.0/docker-compose-linux-x86_64"
systemd:
units:
- name: docker.service
enabled: true
curl "https://builds.coreos.fedoraproject.org/streams/stable.json" | jq '{metal_raw_xz: .architectures.x86_64.artifacts.metal.formats."raw.xz".disk.location, vultr_raw_xz: .architectures.x86_64.artifacts.vultr.formats."raw.xz".disk.location, do_qcow2_xz: .architectures.x86_64.artifacts.digitalocean.formats."qcow2.gz".disk.location}'
export IMAGE=""
# write image directlt to disk:
curl -sL $IMAGE | xz -d | dd of=/dev/sda status=progress
# generate ignition file:
alias butane="podman run --interactive --rm quay.io/coreos/butane:release --pretty --strict"
butane < config.bu > config.ign
# mount boot and write ignition file
mount /dev/sda3 /mnt
mkdir /mnt/ignition
vi /mnt/ignition/config.ign
umount /mnt
systemctl reboot
nmcli connection modify 'Wired connection 1' ipv6.addresses {address}
nmcli connection modify 'Wired connection 1' ipv6.method manual
nmcli connection modify 'Wired connection 1' ipv6.gateway fe80::1
nmcli connection up 'Wired connection 1'
# source https://docs.mailcow.email/i_u_m/i_u_m_install/
su
umask
0022 # <- Verify it is 0022
cd /opt
git clone https://github.com/mailcow/mailcow-dockerized
cd mailcow-dockerized
./generate_config.sh
vi mailcow.conf
# data/conf/nginx/redirect.conf
server {
root /web;
listen 80 default_server;
listen [::]:80 default_server;
include /etc/nginx/conf.d/server_name.active;
if ( $request_uri ~* "%0A|%0D" ) { return 403; }
location ^~ /.well-known/acme-challenge/ {
allow all;
default_type "text/plain";
}
location / {
return 301 https://$host$uri$is_args$args;
}
}
docker-compose pull
docker-compose up -d