Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can you add an example for CloudPanel? #309

Open
BeatBroccoli opened this issue Dec 30, 2024 · 5 comments
Open

Can you add an example for CloudPanel? #309

BeatBroccoli opened this issue Dec 30, 2024 · 5 comments
Labels
kind/enhancement status/triage

Comments

@BeatBroccoli
Copy link

BeatBroccoli commented Dec 30, 2024
edited
Loading

Description

Hi, I'm trying to setup a simple mail forwarding server for my cloudpanel instance + docker anonaddy.
I can login into the admin panel but any action like adding a custom domain results in an error: Unauthenticated.
Basically i tried with the docker compose example https://github.com/anonaddy/docker/tree/master/examples/compose
but yet something is missing... but I have no clue what 😎 Thanks!

I was using mailcow before but its too much resource intensive, so now I hope to replace it with addy.io

If you want to test it here are the step to recreate my setup:

  1. Install base os image + cloudpanel
    https://www.cloudpanel.io/docs/v2/getting-started/other/

  2. Login via ssh, then change user to root and install docker
    https://www.cloudpanel.io/docs/v2/guides/applications/mailcow/#docker-installation

  3. Copy 3 files from /example/compose to for example /opt/addy

  4. Edit files to your preferences and annotate the web server port (default is 8000)

  5. docker compose up -d

  6. Login into Cloudpanel, go to Sites > + Add Sites > Create a reverse proxy > set url to: http://127.0.0.1:8000

  7. connect to web via http://example.com

If you have any suggestion or require more information ask and I will provide. Thanks
@BeatBroccoli
Copy link
Author

BeatBroccoli commented Dec 30, 2024
edited
Loading

I tried editing Vhost, i looks like so:

server {
  listen 80;
  listen [::]:80;
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  {{ssl_certificate_key}}
  {{ssl_certificate}}
  server_name www.gomaile.com;
  return 301 https://gomaile.com$request_uri;
}

server {
  listen 80;
  listen [::]:80;
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  {{ssl_certificate_key}}
  {{ssl_certificate}}
  server_name gomaile.com www1.gomaile.com;
  {{root}}
  
  server_tokens off;
  add_header X-Frame-Options "SAMEORIGIN";
  add_header X-XSS-Protection "1; mode=block";
  add_header X-Content-Type-Options "nosniff";
  add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
  add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'";
  add_header Referrer-Policy "origin-when-cross-origin";
  add_header Expect-CT "enforce, max-age=604800";

  charset utf-8;

  {{nginx_access_log}}
  {{nginx_error_log}}

  if ($scheme != "https") {
    rewrite ^ https://$host$uri permanent;
  }

  location @reverse_proxy {
    proxy_pass {{reverse_proxy_url}};
    proxy_http_version 1.1;
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Forwarded-Server $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Port $server_port;
    proxy_set_header Host $http_host;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_pass_request_headers on;
    proxy_max_temp_file_size 0;
    proxy_connect_timeout 900;
    proxy_send_timeout 900;
    proxy_read_timeout 900;
    proxy_buffer_size 128k;
    proxy_buffers 4 256k;
    proxy_busy_buffers_size 256k;
    proxy_temp_file_write_size 256k;
  }

  {{settings}}

  add_header Cache-Control no-transform;

  index index.html;

  location ^~ /.well-known {
    auth_basic off;
    allow all;
    try_files $uri @reverse_proxy;
  }

  location / {
    try_files $uri @reverse_proxy;
  }

  location /rspamd {
    proxy_pass http://localhost:11334;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
  }
  
}

@BeatBroccoli
Copy link
Author

docker ps

CONTAINER ID   IMAGE                      COMMAND                  CREATED          STATUS          PORTS                                                                                     NAMES
eccb1303bb0c   anonaddy/anonaddy:latest   "/init"                  45 minutes ago   Up 39 minutes   0.0.0.0:25->25/tcp, :::25->25/tcp, 11334/tcp, 0.0.0.0:9468->8000/tcp, :::9468->8000/tcp   addy
e8a248405c4d   mariadb:10                 "docker-entrypoint.s…"   45 minutes ago   Up 39 minutes   3306/tcp                                                                                  addy_db
1ecaa05c24d0   redis:4.0-alpine           "docker-entrypoint.s…"   55 minutes ago   Up 39 minutes   6379/tcp                                                                                  addy_redis

@willbrowningme
Copy link
Member

Please try setting SANCTUM_STATEFUL_DOMAINS in your .env file to the value mentioned in this comment:

#150 (comment)

@BeatBroccoli
Copy link
Author

Alias creation works. Let me check if everything else works 💪

@BeatBroccoli
Copy link
Author

It works. I have some delivirability problems tho. In particular gmail for example says that the email was not encrypted.
Any tips on that? https://support.google.com/mail/answer/6330403?visit_id=638713548073782167-3474803690&p=tls&hl=en&rd=1#tls&zippy=%2Ctransport-layer-security-tls

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/enhancement status/triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@willbrowningme @BeatBroccoli