]>
Commit | Line | Data |
---|---|---|
e62ceaf0 DM |
1 | [[chapter_pmgconfig]] |
2 | ifdef::manvolnum[] | |
3 | pmgconfig(1) | |
4 | ============ | |
5 | :pmg-toplevel: | |
6 | ||
7 | NAME | |
8 | ---- | |
9 | ||
10 | pmgconfig - Proxmox Mail Gateway Configuration Management Toolkit | |
11 | ||
12 | ||
13 | SYNOPSIS | |
14 | -------- | |
15 | ||
16 | include::pmgconfig.1-synopsis.adoc[] | |
17 | ||
18 | ||
19 | DESCRIPTION | |
20 | ----------- | |
21 | endif::manvolnum[] | |
22 | ifndef::manvolnum[] | |
66e9c719 DM |
23 | Configuration Management |
24 | ======================== | |
e62ceaf0 DM |
25 | :pmg-toplevel: |
26 | endif::manvolnum[] | |
27 | ||
685576c2 DM |
28 | {pmg} is usually configured using the web-based Graphical User |
29 | Interface (GUI), but it is also possible to directly edit the | |
30 | configuration files, use the REST API over 'https' | |
66e9c719 | 31 | or the command line tool `pmgsh`. |
685576c2 | 32 | |
66e9c719 | 33 | The command line tool `pmgconfig` is used to simplify some common |
685576c2 DM |
34 | configuration tasks, i.e. to generate cerificates and to rewrite |
35 | service configuration files. | |
36 | ||
66e9c719 DM |
37 | NOTE: We use a Postgres database to store mail filter rules and |
38 | statistic data. See chapter xref:chapter_pmgdb[Database Management] | |
39 | for more information. | |
40 | ||
41 | ||
42 | Configuration files overview | |
43 | ---------------------------- | |
44 | ||
45 | `/etc/network/interfaces`:: | |
46 | ||
47 | Network setup. We never modify this files directly. Instead, we write | |
48 | changes to `/etc/network/interfaces.new`. When you reboot, we rename | |
49 | the file to `/etc/network/interfaces`, so any changes gets activated | |
50 | on the next reboot. | |
51 | ||
52 | `/etc/pmg/pmg.conf`:: | |
53 | ||
54 | Stores common administration options, i.e. the spam and mail proxy setup. | |
55 | ||
56 | `/etc/pmg/cluster.conf`:: | |
57 | ||
58 | The cluster setup. | |
59 | ||
60 | `/etc/pmg/domains`:: | |
61 | ||
62 | The list of relay domains. | |
63 | ||
64 | `/etc/pmg/fetchmailrc`:: | |
65 | ||
66 | Fetchmail configuration (POP3 and IMAP setup). | |
67 | ||
68 | `/etc/pmg/ldap.conf`:: | |
69 | ||
70 | LDAP configuration. | |
71 | ||
72 | `/etc/pmg/mynetworks`:: | |
73 | ||
74 | List of local (trusted) networks. | |
75 | ||
76 | `/etc/pmg/subscription`:: | |
77 | ||
78 | Stores your subscription key and status. | |
79 | ||
80 | `/etc/pmg/transports`:: | |
81 | ||
82 | Message delivery transport setup. | |
83 | ||
84 | `/etc/pmg/user.conf`:: | |
85 | ||
86 | GUI user configuration. | |
87 | ||
88 | ||
89 | Keys and Certificates | |
90 | --------------------- | |
91 | ||
92 | `/etc/pmg/pmg-api.pem`:: | |
93 | ||
94 | Key and certificate (combined) used be the HTTPs server (API). | |
95 | ||
96 | `/etc/pmg/pmg-authkey.key`:: | |
97 | ||
98 | Privat key use to generate authentication tickets. | |
99 | ||
100 | `/etc/pmg/pmg-authkey.pub`:: | |
101 | ||
102 | Public key use to verify authentication tickets. | |
103 | ||
104 | `/etc/pmg/pmg-csrf.key`:: | |
105 | ||
106 | Internally used to generate CSRF tokens. | |
107 | ||
108 | `/etc/pmg/pmg-tls.pem`:: | |
109 | ||
110 | Key and certificate (combined) to encrypt mail traffic (TLS). | |
111 | ||
112 | ||
113 | Service Configuration Templates | |
114 | ------------------------------- | |
115 | ||
116 | {pmg} | |
117 | ||
118 | ||
685576c2 DM |
119 | System Configuration |
120 | -------------------- | |
121 | ||
122 | Network and Time | |
123 | ~~~~~~~~~~~~~~~~ | |
124 | ||
125 | ifndef::manvolnum[] | |
126 | image::images/screenshot/pmg-gui-network-config.png[] | |
127 | endif::manvolnum[] | |
128 | ||
45de5bf5 DM |
129 | Normally the network and time is already configured when you visit the |
130 | GUI. The installer asks for those setting and sets up the correct | |
131 | values. | |
132 | ||
133 | The default setup uses a single Ethernet adapter and static IP | |
134 | assignment. The configuration is stored at '/etc/network/interfaces', | |
135 | and the actual network setup is done the standard Debian way using | |
136 | package 'ifupdown'. | |
137 | ||
138 | .Example network setup '/etc/network/interfaces' | |
139 | ---- | |
140 | source /etc/network/interfaces.d/* | |
141 | ||
142 | auto lo | |
143 | iface lo inet loopback | |
144 | ||
145 | auto ens18 | |
146 | iface ens18 inet static | |
147 | address 192.168.2.127 | |
148 | netmask 255.255.240.0 | |
149 | gateway 192.168.2.1 | |
150 | ---- | |
151 | ||
152 | .DNS recommendations | |
153 | ||
154 | Many tests to detect SPAM mails use DNS queries, so it is important to | |
155 | have a fast and reliable DNS server. We also query some public | |
156 | available DNS Blacklists. Most of them apply rate limits for clients, | |
157 | so they simply will not work if you use a public DNS server (because | |
158 | they are usually blocked). We recommend to use your own DNS server, | |
159 | which need to be configured in 'recursive' mode. | |
685576c2 DM |
160 | |
161 | ||
162 | Options | |
163 | ~~~~~~~ | |
164 | ||
165 | ifndef::manvolnum[] | |
166 | image::images/screenshot/pmg-gui-system-options.png[] | |
167 | endif::manvolnum[] | |
168 | ||
169 | include::pmg.admin-conf-opts.adoc[] | |
170 | ||
171 | ||
172 | Backup and Restore | |
173 | ~~~~~~~~~~~~~~~~~~ | |
174 | ||
175 | ifndef::manvolnum[] | |
176 | image::images/screenshot/pmg-gui-backup.png[] | |
177 | endif::manvolnum[] | |
178 | ||
179 | TODO | |
180 | ||
181 | ||
e62ceaf0 DM |
182 | |
183 | ifdef::manvolnum[] | |
184 | include::pmg-copyright.adoc[] | |
185 | endif::manvolnum[] | |
186 |