aknuth
/
email-amazon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update autodiscover

This commit is contained in:
Andreas Knuth 2026-03-12 18:56:18 -05:00
parent bd8efc867a
commit 386be31671
4 changed files with 109 additions and 205 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
caddy/email-setup/autodiscover.xml
View File

@ -1,29 +0,0 @@
<?xml version="1.0" encoding="utf-8" ?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
<Account>
<AccountType>email</AccountType>
<Action>settings</Action>
<Protocol>
<Type>IMAP</Type>
<Server>mail.email-srvr.com</Server>
<Port>993</Port>
<DomainRequired>off</DomainRequired>
<LoginName></LoginName>
<SPA>off</SPA>
<SSL>on</SSL>
<AuthRequired>on</AuthRequired>
</Protocol>
<Protocol>
<Type>SMTP</Type>
<Server>mail.email-srvr.com</Server>
<Port>465</Port>
<DomainRequired>off</DomainRequired>
<LoginName></LoginName>
<SPA>off</SPA>
<SSL>on</SSL>
<AuthRequired>on</AuthRequired>
</Protocol>
</Account>
</Response>
</Autodiscover>

52
caddy/email.mobileconfig.tpl
View File

@ -1,66 +1,84 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
{{/*
Apple MobileConfig Template (Caddy templates)
Dynamisch: Leitet die Basisdomain aus dem Host-Header ab.
Erwartet Aufruf auf autodiscover.<domain>/apple?email=user@domain
Hostname-Logik:
Host = autodiscover.cielectrical.com
splitList "." .Req.Host → [autodiscover, cielectrical, com]
Basisdomain = cielectrical.com (Index 1+)
IMAP = imap.cielectrical.com
SMTP = smtp.cielectrical.com
─────────────────────────────────────────────────── */}}
{{- $email := .Req.URL.Query.Get "email" -}}
{{- $hostParts := splitList "." .Req.Host -}}
{{- $baseDomain := join "." (slice $hostParts 1) -}}
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>EmailAccountDescription</key>
<string>{{.Req.URL.Query.Get "email"}}</string>
<string>{{ $email }}</string>
<key>EmailAccountName</key>
<string>{{.Req.URL.Query.Get "email"}}</string>
<string>{{ $email }}</string>
<key>EmailAccountType</key>
<string>EmailTypeIMAP</string>
<key>EmailAddress</key>
<string>{{.Req.URL.Query.Get "email"}}</string>
<string>{{ $email }}</string>
<key>IncomingMailServerAuthentication</key>
<string>EmailAuthPassword</string>
<key>IncomingMailServerHostName</key>
<string>mail.email-srvr.com</string>
<string>imap.{{ $baseDomain }}</string>
<key>IncomingMailServerPortNumber</key>
<integer>993</integer>
<key>IncomingMailServerUseSSL</key>
<true/>
<true/>>
<key>IncomingMailServerUsername</key>
<string>{{.Req.URL.Query.Get "email"}}</string>
<string>{{ $email }}</string>
<key>OutgoingMailServerAuthentication</key>
<string>EmailAuthPassword</string>
<key>OutgoingMailServerHostName</key>
<string>mail.email-srvr.com</string>
<string>smtp.{{ $baseDomain }}</string>
<key>OutgoingMailServerPortNumber</key>
<integer>465</integer>
<key>OutgoingMailServerUseSSL</key>
<true/>
<key>OutgoingMailServerUsername</key>
<string>{{.Req.URL.Query.Get "email"}}</string>
<string>{{ $email }}</string>
<key>OutgoingPasswordRequired</key>
<true/>
<key>PayloadDescription</key>
<string>E-Mail Konfiguration für {{.Req.URL.Query.Get "email"}}</string>
<string>E-Mail Konfiguration für {{ $email }}</string>
<key>PayloadDisplayName</key>
<string>{{.Req.URL.Query.Get "email"}}</string>
<string>{{ $baseDomain }} E-Mail</string>
<key>PayloadIdentifier</key>
<string>com.email-srvr.profile.{{.Req.URL.Query.Get "email"}}</string>
<string>com.{{ $baseDomain }}.email.account</string>
<key>PayloadType</key>
<string>com.apple.mail.managed</string>
<key>PayloadUUID</key>
<string>{{uuidv4}}</string>
<string>{{ uuidv4 }}</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</array>
<key>PayloadDescription</key>
<string>Automatische E-Mail Einrichtung für {{.Req.URL.Query.Get "email"}}</string>
<string>Automatische E-Mail Einrichtung für {{ $email }}</string>
<key>PayloadDisplayName</key>
<string>E-Mail Einstellungen</string>
<string>{{ $baseDomain }} E-Mail Einstellungen</string>
<key>PayloadIdentifier</key>
<string>com.email-srvr.profile.root</string>
<string>com.{{ $baseDomain }}.email.profile</string>
<key>PayloadOrganization</key>
<string>IT Support</string>
<string>Bay Area Affiliates, Inc.</string>
<key>PayloadRemovalDisallowed</key>
<false/>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>{{uuidv4}}</string>
<string>{{ uuidv4 }}</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>

112
caddy/email_autodiscover
View File

@ -1,112 +0,0 @@
# email_autodiscover - Dynamisches Autodiscover/Autoconfig Snippet
# Importiert im Caddyfile via: import email_autodiscover
#
# Funktioniert mit JEDER Domain automatisch, solange der Caddy-Block
# auf autodiscover.<domain> oder autoconfig.<domain> hört.
#
# Hostnames werden dynamisch abgeleitet:
# autodiscover.cielectrical.com → imap.cielectrical.com / smtp.cielectrical.com
# autoconfig.bayarea-cc.com → imap.bayarea-cc.com / smtp.bayarea-cc.com
#
# {labels.2}.{labels.1} extrahiert die Basisdomain aus dem Host:
# autodiscover.cielectrical.com → labels: [com=0, cielectrical=1, autodiscover=2]
# → {labels.1}.{labels.0} = cielectrical.com
(email_settings) {
# 1. Outlook Autodiscover (XML)
route /autodiscover/autodiscover.xml {
header Content-Type "application/xml"
respond `<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
<Account>
<AccountType>email</AccountType>
<Action>settings</Action>
<Protocol>
<Type>IMAP</Type>
<Server>imap.{labels.1}.{labels.0}</Server>
<Port>993</Port>
<DomainRequired>on</DomainRequired>
<LoginName>{header.X-Anchormailbox}</LoginName>
<SPA>off</SPA>
<SSL>on</SSL>
<AuthRequired>on</AuthRequired>
</Protocol>
<Protocol>
<Type>POP3</Type>
<Server>pop.{labels.1}.{labels.0}</Server>
<Port>995</Port>
<DomainRequired>on</DomainRequired>
<LoginName>{header.X-Anchormailbox}</LoginName>
<SPA>off</SPA>
<SSL>on</SSL>
<AuthRequired>on</AuthRequired>
</Protocol>
<Protocol>
<Type>SMTP</Type>
<Server>smtp.{labels.1}.{labels.0}</Server>
<Port>465</Port>
<DomainRequired>on</DomainRequired>
<LoginName>{header.X-Anchormailbox}</LoginName>
<SPA>off</SPA>
<SSL>on</SSL>
<AuthRequired>on</AuthRequired>
</Protocol>
</Account>
</Response>
</Autodiscover>` 200
}
# 2. Modern Outlook (JSON) - Redirect zum XML Endpoint
route /autodiscover/autodiscover.json {
header Content-Type "application/json"
respond `{
"Protocol": "AutodiscoverV1",
"Url": "https://autodiscover.{labels.1}.{labels.0}/autodiscover/autodiscover.xml"
}` 200
}
# 3. Thunderbird Autoconfig
route /mail/config-v1.1.xml {
header Content-Type "application/xml"
respond `<?xml version="1.0"?>
<clientConfig version="1.1">
<emailProvider id="{labels.1}.{labels.0}">
<displayName>{labels.1}.{labels.0} Mail</displayName>
<domain>{labels.1}.{labels.0}</domain>
<incomingServer type="imap">
<hostname>imap.{labels.1}.{labels.0}</hostname>
<port>993</port>
<socketType>SSL</socketType>
<authentication>password-cleartext</authentication>
<username>%EMAILADDRESS%</username>
</incomingServer>
<incomingServer type="pop3">
<hostname>pop.{labels.1}.{labels.0}</hostname>
<port>995</port>
<socketType>SSL</socketType>
<authentication>password-cleartext</authentication>
<username>%EMAILADDRESS%</username>
</incomingServer>
<outgoingServer type="smtp">
<hostname>smtp.{labels.1}.{labels.0}</hostname>
<port>465</port>
<socketType>SSL</socketType>
<authentication>password-cleartext</authentication>
<username>%EMAILADDRESS%</username>
</outgoingServer>
</emailProvider>
</clientConfig>` 200
}
# 4. Apple MobileConfig
route /apple {
templates {
mime "application/x-apple-aspen-config"
}
header Content-Type "application/x-apple-aspen-config; charset=utf-8"
root * /etc/caddy
rewrite * /email.mobileconfig.tpl
file_server
}
}

117
caddy/update-caddy-certs.sh
View File

@ -9,6 +9,7 @@
# - Wildcard-Cert Block (*.domain + domain)
# - Webmail Block (reverse_proxy zu Roundcube)
# - Autodiscover/Autoconfig Block (importiert email_settings Snippet)
# - Email-Setup Block (QR-Code Seite für iPhone)
#
# Bei neuen Domains: Script erneut laufen lassen + caddy reload.
#
@ -64,13 +65,18 @@ OUTPUT="${OUTPUT}# Einbinden im Caddyfile: import mail_certs\n"
OUTPUT="${OUTPUT}# Generiert: $(date)\n"
OUTPUT="${OUTPUT}\n"
# --- Autodiscover/Autoconfig Snippet einbetten ---
# =====================================================================
# Autodiscover/Autoconfig Snippet (dynamisch)
# {labels.1}.{labels.0} = Basisdomain aus Hostname
# =====================================================================
OUTPUT="${OUTPUT}# ═══════════════════════════════════════════════\n"
OUTPUT="${OUTPUT}# Autodiscover/Autoconfig Snippet (dynamisch)\n"
OUTPUT="${OUTPUT}# {labels.1}.{labels.0} = Basisdomain aus Hostname\n"
OUTPUT="${OUTPUT}# ═══════════════════════════════════════════════\n"
OUTPUT="${OUTPUT}(email_settings) {\n"
OUTPUT="${OUTPUT} # Outlook Autodiscover (XML)\n"
# --- 1. Outlook Classic Autodiscover (POST + GET XML) ---
OUTPUT="${OUTPUT} # Outlook Autodiscover (XML) - POST und GET\n"
OUTPUT="${OUTPUT} route /autodiscover/autodiscover.xml {\n"
OUTPUT="${OUTPUT} header Content-Type \"application/xml\"\n"
OUTPUT="${OUTPUT} respond \`<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"
@ -83,18 +89,8 @@ OUTPUT="${OUTPUT} <Protocol>\n"
OUTPUT="${OUTPUT} <Type>IMAP</Type>\n"
OUTPUT="${OUTPUT} <Server>imap.{labels.1}.{labels.0}</Server>\n"
OUTPUT="${OUTPUT} <Port>993</Port>\n"
OUTPUT="${OUTPUT} <DomainRequired>on</DomainRequired>\n"
OUTPUT="${OUTPUT} <LoginName>{header.X-Anchormailbox}</LoginName>\n"
OUTPUT="${OUTPUT} <SPA>off</SPA>\n"
OUTPUT="${OUTPUT} <SSL>on</SSL>\n"
OUTPUT="${OUTPUT} <AuthRequired>on</AuthRequired>\n"
OUTPUT="${OUTPUT} </Protocol>\n"
OUTPUT="${OUTPUT} <Protocol>\n"
OUTPUT="${OUTPUT} <Type>POP3</Type>\n"
OUTPUT="${OUTPUT} <Server>pop.{labels.1}.{labels.0}</Server>\n"
OUTPUT="${OUTPUT} <Port>995</Port>\n"
OUTPUT="${OUTPUT} <DomainRequired>on</DomainRequired>\n"
OUTPUT="${OUTPUT} <LoginName>{header.X-Anchormailbox}</LoginName>\n"
OUTPUT="${OUTPUT} <DomainRequired>off</DomainRequired>\n"
OUTPUT="${OUTPUT} <LoginName></LoginName>\n"
OUTPUT="${OUTPUT} <SPA>off</SPA>\n"
OUTPUT="${OUTPUT} <SSL>on</SSL>\n"
OUTPUT="${OUTPUT} <AuthRequired>on</AuthRequired>\n"
@ -103,8 +99,8 @@ OUTPUT="${OUTPUT} <Protocol>\n"
OUTPUT="${OUTPUT} <Type>SMTP</Type>\n"
OUTPUT="${OUTPUT} <Server>smtp.{labels.1}.{labels.0}</Server>\n"
OUTPUT="${OUTPUT} <Port>465</Port>\n"
OUTPUT="${OUTPUT} <DomainRequired>on</DomainRequired>\n"
OUTPUT="${OUTPUT} <LoginName>{header.X-Anchormailbox}</LoginName>\n"
OUTPUT="${OUTPUT} <DomainRequired>off</DomainRequired>\n"
OUTPUT="${OUTPUT} <LoginName></LoginName>\n"
OUTPUT="${OUTPUT} <SPA>off</SPA>\n"
OUTPUT="${OUTPUT} <SSL>on</SSL>\n"
OUTPUT="${OUTPUT} <AuthRequired>on</AuthRequired>\n"
@ -114,15 +110,18 @@ OUTPUT="${OUTPUT} </Response>\n"
OUTPUT="${OUTPUT}</Autodiscover>\` 200\n"
OUTPUT="${OUTPUT} }\n"
OUTPUT="${OUTPUT}\n"
OUTPUT="${OUTPUT} # Modern Outlook (JSON)\n"
# --- 2. Outlook New / Microsoft 365 (JSON v2) ---
# Outlook New sendet GET auf /autodiscover/autodiscover.json?Protocol=AutodiscoverV1&...
# Antwort muss den XML-Endpoint zurückgeben
OUTPUT="${OUTPUT} # Outlook New/365 (JSON → Redirect zu XML)\n"
OUTPUT="${OUTPUT} route /autodiscover/autodiscover.json {\n"
OUTPUT="${OUTPUT} header Content-Type \"application/json\"\n"
OUTPUT="${OUTPUT} respond \`{\n"
OUTPUT="${OUTPUT} \"Protocol\": \"AutodiscoverV1\",\n"
OUTPUT="${OUTPUT} \"Url\": \"https://autodiscover.{labels.1}.{labels.0}/autodiscover/autodiscover.xml\"\n"
OUTPUT="${OUTPUT} }\` 200\n"
OUTPUT="${OUTPUT} respond \`{\"Protocol\":\"AutodiscoverV1\",\"Url\":\"https://autodiscover.{labels.1}.{labels.0}/autodiscover/autodiscover.xml\"}\` 200\n"
OUTPUT="${OUTPUT} }\n"
OUTPUT="${OUTPUT}\n"
# --- 3. Thunderbird Autoconfig ---
OUTPUT="${OUTPUT} # Thunderbird Autoconfig\n"
OUTPUT="${OUTPUT} route /mail/config-v1.1.xml {\n"
OUTPUT="${OUTPUT} header Content-Type \"application/xml\"\n"
@ -138,13 +137,6 @@ OUTPUT="${OUTPUT} <socketType>SSL</socketType>\n"
OUTPUT="${OUTPUT} <authentication>password-cleartext</authentication>\n"
OUTPUT="${OUTPUT} <username>%%EMAILADDRESS%%</username>\n"
OUTPUT="${OUTPUT} </incomingServer>\n"
OUTPUT="${OUTPUT} <incomingServer type=\"pop3\">\n"
OUTPUT="${OUTPUT} <hostname>pop.{labels.1}.{labels.0}</hostname>\n"
OUTPUT="${OUTPUT} <port>995</port>\n"
OUTPUT="${OUTPUT} <socketType>SSL</socketType>\n"
OUTPUT="${OUTPUT} <authentication>password-cleartext</authentication>\n"
OUTPUT="${OUTPUT} <username>%%EMAILADDRESS%%</username>\n"
OUTPUT="${OUTPUT} </incomingServer>\n"
OUTPUT="${OUTPUT} <outgoingServer type=\"smtp\">\n"
OUTPUT="${OUTPUT} <hostname>smtp.{labels.1}.{labels.0}</hostname>\n"
OUTPUT="${OUTPUT} <port>465</port>\n"
@ -156,16 +148,41 @@ OUTPUT="${OUTPUT} </emailProvider>\n"
OUTPUT="${OUTPUT}</clientConfig>\` 200\n"
OUTPUT="${OUTPUT} }\n"
OUTPUT="${OUTPUT}\n"
OUTPUT="${OUTPUT} # Apple MobileConfig\n"
# --- 4. Apple MobileConfig (Template) ---
OUTPUT="${OUTPUT} # Apple MobileConfig (dynamisches Template)\n"
OUTPUT="${OUTPUT} route /apple {\n"
OUTPUT="${OUTPUT} templates {\n"
OUTPUT="${OUTPUT} mime \"application/x-apple-aspen-config\"\n"
OUTPUT="${OUTPUT} }\n"
OUTPUT="${OUTPUT} header Content-Type \"application/x-apple-aspen-config; charset=utf-8\"\n"
OUTPUT="${OUTPUT} header Content-Disposition \"attachment; filename=email.mobileconfig\"\n"
OUTPUT="${OUTPUT} root * /etc/caddy\n"
OUTPUT="${OUTPUT} rewrite * /email.mobileconfig.tpl\n"
OUTPUT="${OUTPUT} file_server\n"
OUTPUT="${OUTPUT} }\n"
# --- 5. Samsung Email (nutzt ebenfalls autoconfig, kein extra Block nötig) ---
# Samsung Email-App versucht:
# 1. https://autoconfig.<domain>/mail/config-v1.1.xml (= Thunderbird-Format, schon abgedeckt)
# 2. Alternativ: Outlook Autodiscover XML
# → Kein separater Block erforderlich.
OUTPUT="${OUTPUT}}\n\n"
# =====================================================================
# Email-Setup Snippet (QR-Code Seite für iPhone)
# =====================================================================
OUTPUT="${OUTPUT}# ═══════════════════════════════════════════════\n"
OUTPUT="${OUTPUT}# Email-Setup Snippet (QR-Code Seite)\n"
OUTPUT="${OUTPUT}# ═══════════════════════════════════════════════\n"
OUTPUT="${OUTPUT}(email_setup_page) {\n"
OUTPUT="${OUTPUT} route /email-setup* {\n"
OUTPUT="${OUTPUT} uri strip_prefix /email-setup\n"
OUTPUT="${OUTPUT} root * /var/www/email-setup\n"
OUTPUT="${OUTPUT} try_files {path} /setup.html\n"
OUTPUT="${OUTPUT} file_server\n"
OUTPUT="${OUTPUT} }\n"
OUTPUT="${OUTPUT}}\n\n"
# Node-Hostname immer als erstes (Default-Cert des DMS)
@ -183,6 +200,7 @@ for domain in $DOMAINS; do
echo " → Wildcard Block: *.${domain}"
echo " → Webmail Block: webmail.${domain}"
echo " → Autodiscover Block: autodiscover.${domain}, autoconfig.${domain}"
echo " → Email-Setup Block: webmail.${domain}/email-setup"
# Wildcard-Cert Block (für Cert-Generierung + Fallback)
OUTPUT="${OUTPUT}# ═══════════════════════════════════════════════\n"
@ -197,9 +215,10 @@ for domain in $DOMAINS; do
OUTPUT="${OUTPUT} respond \"OK\" 200\n"
OUTPUT="${OUTPUT}}\n\n"
# Webmail Block (Roundcube)
OUTPUT="${OUTPUT}# Roundcube Webmail für $domain\n"
# Webmail Block (Roundcube + Email-Setup)
OUTPUT="${OUTPUT}# Roundcube Webmail + Email-Setup für $domain\n"
OUTPUT="${OUTPUT}webmail.${domain} {\n"
OUTPUT="${OUTPUT} import email_setup_page\n"
OUTPUT="${OUTPUT} reverse_proxy roundcube:80\n"
OUTPUT="${OUTPUT} encode gzip\n"
OUTPUT="${OUTPUT} log {\n"
@ -253,15 +272,17 @@ if [ -f "$CADDYFILE" ]; then
fi
fi
# --- Prüfe ob alte hartcodierte Autodiscover-Blöcke existieren ---
if [ -f "$CADDYFILE" ]; then
if grep -q "autodiscover\.bayarea-cc\.com\|autodiscover\.bizmatch\.net\|autodiscover\.ruehrgedoens\.de" "$CADDYFILE"; then
# --- Prüfe ob alte Dateien noch existieren ---
if [ -f "$SCRIPT_DIR/email_autodiscover" ]; then
echo ""
echo "⚠️ AUFRÄUMEN: Alte hartcodierte Autodiscover-Blöcke im Caddyfile gefunden!"
echo " Diese werden jetzt dynamisch über mail_certs generiert."
echo " Bitte den alten 'Block A' manuell aus dem Caddyfile entfernen:"
echo " → autodiscover.bayarea-cc.com, autodiscover.bizmatch.net, ..."
fi
echo "⚠️ AUFRÄUMEN: Datei 'email_autodiscover' kann entfernt werden!"
echo " Das Snippet ist jetzt in mail_certs eingebettet."
fi
if [ -f "$SCRIPT_DIR/email-setup/autodiscover.xml" ]; then
echo ""
echo "⚠️ AUFRÄUMEN: 'email-setup/autodiscover.xml' kann entfernt werden!"
echo " Statische XML wird nicht mehr benötigt (dynamisch über Caddy)."
fi
echo ""
@ -277,12 +298,18 @@ echo ""
echo "3. Cert-Generierung verfolgen (~30s pro Domain):"
echo " docker logs -f $CADDY_CONTAINER 2>&1 | grep -i 'certificate\|acme\|tls\|error'"
echo ""
echo "4. Cert-Pfade kontrollieren:"
echo " ls /var/lib/docker/volumes/caddy_data/_data/caddy/certificates/"
echo " acme-v02.api.letsencrypt.org-directory/"
echo ""
echo "5. Autodiscover testen:"
echo "4. Autodiscover testen:"
for domain in $DOMAINS; do
echo " curl -s https://autoconfig.${domain}/mail/config-v1.1.xml | head -5"
echo " # Thunderbird:"
echo " curl -s https://autoconfig.${domain}/mail/config-v1.1.xml | head -10"
echo " # Outlook:"
echo " curl -s https://autodiscover.${domain}/autodiscover/autodiscover.xml | head -10"
echo " # Apple (sollte .mobileconfig liefern):"
echo " curl -sI \"https://autodiscover.${domain}/apple?email=test@${domain}\""
echo ""
done
echo "5. iPhone Email-Setup QR-Code Seite:"
for domain in $DOMAINS; do
echo " https://webmail.${domain}/email-setup"
done
echo "============================================================"