First, run install.sh as a privileged user (root).
doas sh install.sh
It is safe to run more than once.
install.sh does the following:
- installs packages
- enables daemons
- creates directories
- creates an unprivileged mail delivery system user
- installs configuration files
- initialises the accounts database if not present already
- restarts daemons
Extra steps that need to be run manually follow.
TLS certificate
------
Renew the certificate every night with an entry in root's crontab:
0 4 * * * acme-client mail.srcbeat.com && rcctl restart smtpd dovecot
The required httpd and acme-client configuration are installed by install.sh.
Dovecot
------
Add the user and password database configuration to /etc/dovecot/conf.d/10-auth.conf:
userdb {
driver = static
args = uid=vmail gid=vmail home=/mail/box/%d/%n
}
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
dovecot-sql.conf.ext is already installed by install.sh.
Add the mail location to /etc/dovecot/conf.d/10-mail.conf:
mail_location = maildir:/mail/box/%d/%n/Maildir:LAYOUT=fs
With this configuration mail for the account with the username "test@example.com"
is stored at /mail/box/example.com/test/Maildir.
Configure dovecot to load the TLS keys by adding the following to /etc/dovecot/conf.d/10-ssl.conf:
ssl = required
ssl_cert = </etc/ssl/mail.srcbeat.com.crt
ssl_key = </etc/ssl/private/mail.srcbeat.com.key