aknuth
/
email-amazon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

autodiscover

This commit is contained in:
Andreas Knuth 2026-03-02 16:48:55 -06:00
parent 7173da31d4
commit 80596ab347
2 changed files with 83 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
caddy/email_autodiscover
View File

@ -1,8 +1,21 @@
# email_autodiscover - Dynamisches Autodiscover/Autoconfig Snippet
# Importiert im Caddyfile via: import email_autodiscover
#
# Funktioniert mit JEDER Domain automatisch, solange der Caddy-Block
# auf autodiscover.<domain> oder autoconfig.<domain> hört.
#
# Hostnames werden dynamisch abgeleitet:
# autodiscover.cielectrical.com → imap.cielectrical.com / smtp.cielectrical.com
# autoconfig.bayarea-cc.com → imap.bayarea-cc.com / smtp.bayarea-cc.com
#
# {labels.2}.{labels.1} extrahiert die Basisdomain aus dem Host:
# autodiscover.cielectrical.com → labels: [com=0, cielectrical=1, autodiscover=2]
# → {labels.1}.{labels.0} = cielectrical.com
(email_settings) { (email_settings) {
# 1. Autodiscover für Outlook # 1. Outlook Autodiscover (XML)
route /autodiscover/autodiscover.xml { route /autodiscover/autodiscover.xml {
header Content-Type "application/xml" header Content-Type "application/xml"
# Wir nutzen {header.X-Anchormailbox} um die Email dynamisch einzufügen
respond `<?xml version="1.0" encoding="utf-8"?> respond `<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006"> <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a"> <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
@ -11,7 +24,7 @@
<Action>settings</Action> <Action>settings</Action>
<Protocol> <Protocol>
<Type>IMAP</Type> <Type>IMAP</Type>
<Server>mail.email-srvr.com</Server> <Server>imap.{labels.1}.{labels.0}</Server>
<Port>993</Port> <Port>993</Port>
<DomainRequired>on</DomainRequired> <DomainRequired>on</DomainRequired>
<LoginName>{header.X-Anchormailbox}</LoginName> <LoginName>{header.X-Anchormailbox}</LoginName>
@ -21,7 +34,7 @@
</Protocol> </Protocol>
<Protocol> <Protocol>
<Type>POP3</Type> <Type>POP3</Type>
<Server>mail.email-srvr.com</Server> <Server>pop.{labels.1}.{labels.0}</Server>
<Port>995</Port> <Port>995</Port>
<DomainRequired>on</DomainRequired> <DomainRequired>on</DomainRequired>
<LoginName>{header.X-Anchormailbox}</LoginName> <LoginName>{header.X-Anchormailbox}</LoginName>
@ -31,7 +44,7 @@
</Protocol> </Protocol>
<Protocol> <Protocol>
<Type>SMTP</Type> <Type>SMTP</Type>
<Server>mail.email-srvr.com</Server> <Server>smtp.{labels.1}.{labels.0}</Server>
<Port>465</Port> <Port>465</Port>
<DomainRequired>on</DomainRequired> <DomainRequired>on</DomainRequired>
<LoginName>{header.X-Anchormailbox}</LoginName> <LoginName>{header.X-Anchormailbox}</LoginName>
@ -44,31 +57,39 @@
</Autodiscover>` 200 </Autodiscover>` 200
} }
# 2. JSON Autodiscover (Modern Outlook) - bleibt gleich # 2. Modern Outlook (JSON) - Redirect zum XML Endpoint
route /autodiscover/autodiscover.json { route /autodiscover/autodiscover.json {
header Content-Type "application/json" header Content-Type "application/json"
respond `{ respond `{
"Protocol": "AutodiscoverV1", "Protocol": "AutodiscoverV1",
"Url": "https://autodiscover.bayarea-cc.com/autodiscover/autodiscover.xml" "Url": "https://autodiscover.{labels.1}.{labels.0}/autodiscover/autodiscover.xml"
}` 200 }` 200
} }
# 3. Thunderbird Autoconfig - bleibt gleich (dort funktioniert %EMAILADDRESS% ja nativ) # 3. Thunderbird Autoconfig
route /mail/config-v1.1.xml { route /mail/config-v1.1.xml {
header Content-Type "application/xml" header Content-Type "application/xml"
respond `<?xml version="1.0"?> respond `<?xml version="1.0"?>
<clientConfig version="1.1"> <clientConfig version="1.1">
<emailProvider id="email-srvr.com"> <emailProvider id="{labels.1}.{labels.0}">
<displayName>Rackspace Email</displayName> <displayName>{labels.1}.{labels.0} Mail</displayName>
<domain>{labels.1}.{labels.0}</domain>
<incomingServer type="imap"> <incomingServer type="imap">
<hostname>mail.email-srvr.com</hostname> <hostname>imap.{labels.1}.{labels.0}</hostname>
<port>993</port> <port>993</port>
<socketType>SSL</socketType> <socketType>SSL</socketType>
<authentication>password-cleartext</authentication> <authentication>password-cleartext</authentication>
<username>%EMAILADDRESS%</username> <username>%EMAILADDRESS%</username>
</incomingServer> </incomingServer>
<incomingServer type="pop3">
<hostname>pop.{labels.1}.{labels.0}</hostname>
<port>995</port>
<socketType>SSL</socketType>
<authentication>password-cleartext</authentication>
<username>%EMAILADDRESS%</username>
</incomingServer>
<outgoingServer type="smtp"> <outgoingServer type="smtp">
<hostname>mail.email-srvr.com</hostname> <hostname>smtp.{labels.1}.{labels.0}</hostname>
<port>465</port> <port>465</port>
<socketType>SSL</socketType> <socketType>SSL</socketType>
<authentication>password-cleartext</authentication> <authentication>password-cleartext</authentication>
@ -78,18 +99,12 @@
</clientConfig>` 200 </clientConfig>` 200
} }
# NEU: Apple MobileConfig Route # 4. Apple MobileConfig
# Aufrufbar über: /apple?email=kunde@domain.de
route /apple { route /apple {
# KORREKTUR: Wir müssen Caddy sagen, dass er diesen MIME-Type bearbeiten soll!
templates { templates {
mime "application/x-apple-aspen-config" mime "application/x-apple-aspen-config"
} }
# Den richtigen MIME-Type setzen
header Content-Type "application/x-apple-aspen-config; charset=utf-8" header Content-Type "application/x-apple-aspen-config; charset=utf-8"
# Pfad zur Datei im Container
root * /etc/caddy root * /etc/caddy
rewrite * /email.mobileconfig.tpl rewrite * /email.mobileconfig.tpl
file_server file_server

54
caddy/update-caddy-certs.sh
View File

@ -5,6 +5,11 @@
# Liest alle Domains aus dem DMS und generiert die Wildcard-Cert-Blöcke # Liest alle Domains aus dem DMS und generiert die Wildcard-Cert-Blöcke
# für Caddy in die Datei "mail_certs" (per "import mail_certs" im Caddyfile). # für Caddy in die Datei "mail_certs" (per "import mail_certs" im Caddyfile).
# #
# Generiert pro Domain:
# - Wildcard-Cert Block (*.domain + domain)
# - Webmail Block (reverse_proxy zu Roundcube)
# - Autodiscover/Autoconfig Block (importiert email_settings Snippet)
#
# Bei neuen Domains: Script erneut laufen lassen + caddy reload. # Bei neuen Domains: Script erneut laufen lassen + caddy reload.
# #
# Usage: # Usage:
@ -21,7 +26,6 @@ OUTPUT_FILE="$SCRIPT_DIR/mail_certs"
DRY_RUN=${DRY_RUN:-"false"} DRY_RUN=${DRY_RUN:-"false"}
# Node-Hostname des Mailservers (für Default-Cert Block) # Node-Hostname des Mailservers (für Default-Cert Block)
# Wird immer mit eingetragen, auch wenn keine DMS-Accounts existieren.
NODE_HOSTNAME=${NODE_HOSTNAME:-"node1.email-srvr.com"} NODE_HOSTNAME=${NODE_HOSTNAME:-"node1.email-srvr.com"}
echo "============================================================" echo "============================================================"
@ -55,7 +59,7 @@ echo "📝 Generiere Caddy-Konfiguration..."
OUTPUT="" OUTPUT=""
OUTPUT="${OUTPUT}# mail_certs - Automatisch generiert von update-caddy-certs.sh\n" OUTPUT="${OUTPUT}# mail_certs - Automatisch generiert von update-caddy-certs.sh\n"
OUTPUT="${OUTPUT}# Wildcard-Zertifikate für DMS-Domains + Node-Hostname.\n" OUTPUT="${OUTPUT}# Wildcard-Zertifikate + Webmail + Autodiscover für DMS-Domains.\n"
OUTPUT="${OUTPUT}# Einbinden im Caddyfile: import mail_certs\n" OUTPUT="${OUTPUT}# Einbinden im Caddyfile: import mail_certs\n"
OUTPUT="${OUTPUT}# Generiert: $(date)\n" OUTPUT="${OUTPUT}# Generiert: $(date)\n"
OUTPUT="${OUTPUT}\n" OUTPUT="${OUTPUT}\n"
@ -70,12 +74,17 @@ OUTPUT="${OUTPUT} }\n"
OUTPUT="${OUTPUT} respond \"OK\" 200\n" OUTPUT="${OUTPUT} respond \"OK\" 200\n"
OUTPUT="${OUTPUT}}\n\n" OUTPUT="${OUTPUT}}\n\n"
# Wildcard-Blocks + webmail Block pro Kundendomain # Wildcard-Blocks + Webmail + Autodiscover pro Kundendomain
for domain in $DOMAINS; do for domain in $DOMAINS; do
echo " → Wildcard Block: *.${domain}" echo " → Wildcard Block: *.${domain}"
echo " → Webmail Block: webmail.${domain}" echo " → Webmail Block: webmail.${domain}"
echo " → Autodiscover Block: autodiscover.${domain}, autoconfig.${domain}"
# Wildcard-Cert Block (für Cert-Generierung + Fallback) # Wildcard-Cert Block (für Cert-Generierung + Fallback)
OUTPUT="${OUTPUT}# ═══════════════════════════════════════════════\n"
OUTPUT="${OUTPUT}# ${domain}\n"
OUTPUT="${OUTPUT}# ═══════════════════════════════════════════════\n\n"
OUTPUT="${OUTPUT}# Wildcard-Cert für $domain\n" OUTPUT="${OUTPUT}# Wildcard-Cert für $domain\n"
OUTPUT="${OUTPUT}*.${domain}, ${domain} {\n" OUTPUT="${OUTPUT}*.${domain}, ${domain} {\n"
OUTPUT="${OUTPUT} tls {\n" OUTPUT="${OUTPUT} tls {\n"
@ -84,8 +93,7 @@ for domain in $DOMAINS; do
OUTPUT="${OUTPUT} respond \"OK\" 200\n" OUTPUT="${OUTPUT} respond \"OK\" 200\n"
OUTPUT="${OUTPUT}}\n\n" OUTPUT="${OUTPUT}}\n\n"
# Webmail Block (Roundcube) - muss VOR dem Wildcard-Block matchen # Webmail Block (Roundcube)
# Caddy wertet Blöcke in Reihenfolge aus, spezifischere Hosts gewinnen
OUTPUT="${OUTPUT}# Roundcube Webmail für $domain\n" OUTPUT="${OUTPUT}# Roundcube Webmail für $domain\n"
OUTPUT="${OUTPUT}webmail.${domain} {\n" OUTPUT="${OUTPUT}webmail.${domain} {\n"
OUTPUT="${OUTPUT} reverse_proxy roundcube:80\n" OUTPUT="${OUTPUT} reverse_proxy roundcube:80\n"
@ -95,6 +103,13 @@ for domain in $DOMAINS; do
OUTPUT="${OUTPUT} format console\n" OUTPUT="${OUTPUT} format console\n"
OUTPUT="${OUTPUT} }\n" OUTPUT="${OUTPUT} }\n"
OUTPUT="${OUTPUT}}\n\n" OUTPUT="${OUTPUT}}\n\n"
# Autodiscover / Autoconfig Block
OUTPUT="${OUTPUT}# Autodiscover/Autoconfig für $domain\n"
OUTPUT="${OUTPUT}autodiscover.${domain}, autoconfig.${domain} {\n"
OUTPUT="${OUTPUT} import email_settings\n"
OUTPUT="${OUTPUT} respond \"Autodiscover Service Online\" 200\n"
OUTPUT="${OUTPUT}}\n\n"
done done
# --- Ausgabe --- # --- Ausgabe ---
@ -126,6 +141,26 @@ if [ -f "$CADDYFILE" ]; then
echo " import email_autodiscover" echo " import email_autodiscover"
echo " ..." echo " ..."
fi fi
# Autodiscover-Snippet prüfen
if grep -q "import email_autodiscover" "$CADDYFILE"; then
echo " ✅ 'import email_autodiscover' bereits im Caddyfile vorhanden."
else
echo ""
echo "⚠️ AKTION: 'import email_autodiscover' fehlt noch im Caddyfile!"
echo " Die Datei email_autodiscover enthält das (email_settings) Snippet."
fi
fi
# --- Prüfe ob alte hartcodierte Autodiscover-Blöcke existieren ---
if [ -f "$CADDYFILE" ]; then
if grep -q "autodiscover\.bayarea-cc\.com\|autodiscover\.bizmatch\.net\|autodiscover\.ruehrgedoens\.de" "$CADDYFILE"; then
echo ""
echo "⚠️ AUFRÄUMEN: Alte hartcodierte Autodiscover-Blöcke im Caddyfile gefunden!"
echo " Diese werden jetzt dynamisch über mail_certs generiert."
echo " Bitte den alten 'Block A' manuell aus dem Caddyfile entfernen:"
echo " → autodiscover.bayarea-cc.com, autodiscover.bizmatch.net, ..."
fi
fi fi
echo "" echo ""
@ -144,4 +179,9 @@ echo ""
echo "4. Cert-Pfade kontrollieren:" echo "4. Cert-Pfade kontrollieren:"
echo " ls /var/lib/docker/volumes/caddy_data/_data/caddy/certificates/" echo " ls /var/lib/docker/volumes/caddy_data/_data/caddy/certificates/"
echo " acme-v02.api.letsencrypt.org-directory/" echo " acme-v02.api.letsencrypt.org-directory/"
echo ""
echo "5. Autodiscover testen:"
for domain in $DOMAINS; do
echo " curl -s https://autoconfig.${domain}/mail/config-v1.1.xml | head -5"
done
echo "============================================================" echo "============================================================"