sw_mailcow
Ansible Role - MailCow
Role to deploy MailCow dockerized on a linux server.
This role follows the official installation instructions.
Tested:
- Debian 11
Install
# latest
ansible-galaxy role install git+https://github.com/ansibleguy/sw_mailcow
# from galaxy
ansible-galaxy install ansibleguy.sw_mailcow
# or to custom role-path
ansible-galaxy install ansibleguy.sw_mailcow --roles-path ./roles
# install dependencies
ansible-galaxy install -r requirements.yml
Prerequisites
See: Prerequisites
Usage
You want a simple Ansible GUI? Check-out my Ansible WebUI
Config
Define the config as needed:
mailcow:
fqdn: 'srv.template.ansibleguy.net'
# per example: 'srv.template.ansibleguy.net' must be a valid, public dns-hostname of the server
# if you don't have IPv6
ipv6: false
nginx: # configure the webserver settings => see: https://github.com/ansibleguy/infra_nginx
aliases: ['mail.template.ansibleguy.net'] # additional domains to add to the certificate
ssl:
mode: 'letsencrypt' # or selfsigned/ca/snakeoil
# if you use 'selfsigned' or 'ca':
# cert:
# cn: 'MailCow Server'
# org: 'AnsibleGuy'
# email: '[email protected]'
letsencrypt:
email: '[email protected]'
config: # add config overrides for 'mailcow.conf'
WEBAUTHN_ONLY_TRUSTED_VENDORS: 'y'
auto_update:
enable: true # enable auto-updates
backup:
retention_days: 60 # default = 14
Bare minimum example:
mailcow:
fqdn: 'srv.template.ansibleguy.net'
If you want to use the built-in (not ansible-managed) webserver:
mailcow:
fqdn: 'srv.template.ansibleguy.net'
# per example: 'srv.template.ansibleguy.net' must be a valid, public dns-hostname of the server
manage:
webserver: false
config:
HTTP_PORT: 80
HTTPS_PORT: 443
# if you want to use the built-in letsencrypt support
SKIP_LETS_ENCRYPT: 'n'
ACME_CONTACT: '[email protected]'
ADDITIONAL_SAN: 'smtp.template.ansibleguy.net,mail.*'
Execution
Run the playbook:
ansible-playbook -K -D -i inventory/hosts.yml playbook.yml
There are also some useful tags available:
- docker
- webserver
To debug errors - you can set the 'debug' variable at runtime:
ansible-playbook -K -D -i inventory/hosts.yml playbook.yml -e debug=yes
Functionality
Package installation
- Ansible dependencies (minimal)
Configuration
Service to start containers on boot: 'mailcow.service'
Default config:
- Directories:
- Base: '/var/lib/mailcow'
- Data: '/var/lib/docker/volumes' (cannot be changed by role)
- Backup: '/var/backups/mailcow'
- Directories:
Default opt-ins:
Docker => using THIS Role
- Dependencies
- Server
- Docker-compose
Nginx proxy on docker-host => using THIS Role
Features:
- SOGo Groupware
- Apache Solr
- ClamAV (virus scanner)
IPv6 enabled
Daily backup using the backup script
Default opt-outs:
- Auto update using the update script (NOTE: actually working very well!)
Info
Info: Consider using a Mail Gateway to gain Security!
Per example: Proxmox Mail Gateway
Info: Check out the troubleshooting information: Troubleshooting
Note: this role currently only supports debian-based systems
Note: Most of the role's functionality can be opted in or out.
For all available options - see the default-config located in the main defaults-file!
Warning: Not every setting/variable you provide will be checked for validity. Bad config might break the role!
Info: Default credentials:
User: admin
Password: moohoo
Info: For more detailed information - look into the nice documentation provided by MailCow!
Info: If the setup fails after creating the config - you need to remove the config file (/var/lib/mailcow/mailcow.conf) manually, so the role will know it isn't initialized already!
Warning: The automatic BACKUPS are placed on the same system and need to be copied to a REMOTE location to be SAFE!
Ansible role to deploy MailCow dockerized on a linux server
ansible-galaxy install ansibleguy/sw_mailcow