mirror of
https://blitiri.com.ar/repos/chasquid
synced 2025-12-17 14:37:02 +00:00
e79586a014
This patch implements support for incoming connections wrapped in the HAProxy protocol v1. This is useful when running chasquid behind a HAProxy server, as it needs the original source IP to perform SPF checks. This patch is a reimplementation of one originally provided by Denys Vitali in pull request #15, except the logic for the protocol handling is moved to a new package, and the smtpsrv.Conn handling of the source IP is simplified. It is marked as experimental for now, since we want to give it a bit more exposure just in case the option/api needs adjustment. Thanks a lot to Denys Vitali (@denysvitali in github) for sending the original patch for this, and helping test it!
This directory contains chasquid's configuration.
- chasquid.conf Main config file.
- domains/ Domains' data.
- example.com/
- users User and password database for the domain.
- aliases Aliases for the domain.
...
- certs/ Certificates to use, one dir per pair.
- example.com/
- fullchain.pem Certificate (full chain).
- privkey.pem Private key.
...
Note the certs/ directory matches certbot's structure, so if you use it you
can just symlink to /etc/letsencrypt/live.
You need at least one certificate, or the server will refuse to start.
Ideally there should be a certificate for each DNS name pointing to you.
Make sure the user you use to run chasquid under ("mail" in the example
systemd files) can access the certificates and private keys.
The user databases can be created and edited with the chasquid-util tool.