clean documentation
This commit is contained in:
parent
e4299a8ca4
commit
6859de3b83
22 changed files with 56 additions and 90 deletions
|
@ -5,13 +5,20 @@ sort_by = "weight"
|
||||||
template = "documentation.html"
|
template = "documentation.html"
|
||||||
+++
|
+++
|
||||||
|
|
||||||
|
This section references all the clients that can be connected to Aerogramme,
|
||||||
|
what features they can use, how well they behave.
|
||||||
|
|
||||||
## Standard protocols
|
## Standard protocols
|
||||||
|
|
||||||
- [IMAP](@/documentation/connect/imap.md) - Access to your mailbox
|
- [IMAP](@/documentation/connect/imap.md) - Access to your mailbox
|
||||||
- [CalDAV](@/documentation/connect/caldav.md) - Access to your calendars
|
<!-- - [CalDAV](@/documentation/connect/caldav.md) - Access to your calendars
|
||||||
- [CardDAV](@/documentation/connect/carddav.md) - Access to your contacts
|
- [CardDAV](@/documentation/connect/carddav.md) - Access to your contacts
|
||||||
|
-->
|
||||||
|
|
||||||
## Client-side encryption
|
## Client-side encryption
|
||||||
|
- **Companion Proxy** - Companion proxy is not yet documented as it will be refined in the near future.
|
||||||
|
|
||||||
|
<!--
|
||||||
- [Proxy](@/documentation/connect/proxy.md) - Proxy approach to access to your profile
|
- [Proxy](@/documentation/connect/proxy.md) - Proxy approach to access to your profile
|
||||||
- [WASM](@/documentation/connect/wasm.md) - Library approach to access to your profile
|
- [WASM](@/documentation/connect/wasm.md) - Library approach to access to your profile
|
||||||
|
-->
|
||||||
|
|
|
@ -3,37 +3,21 @@ title = "IMAP"
|
||||||
weight = 5
|
weight = 5
|
||||||
+++
|
+++
|
||||||
|
|
||||||
Standard IMAP configuration.
|
The following clients are known to work with Aerogramme:
|
||||||
Examples with some well known email clients.
|
|
||||||
|
|
||||||
## Thunderbird
|
| Client | Date | Aerogramme version | Status |
|
||||||
|
|----------------|------------|--------------------|--------|
|
||||||
|
| Mutt | 2023 | pre 0.1 | ✅ |
|
||||||
|
| Thunderbird | 2024-01-08 | pre 0.2 | ✅ |
|
||||||
|
| Geary | 2024-01-08 | pre 0.2 | ✅ |
|
||||||
|
| Evolution | 2024-01-08 | pre 0.2 | ✅ |
|
||||||
|
| K9 Mail | 2024-01-08 | pre 0.2 | ✅ |
|
||||||
|
| Fair Email | 2024-01-08 | pre 0.2 | ✅ |
|
||||||
|
| Apple Mail iOS | 2024-01-08 | pre 0.2 | ✅ |
|
||||||
|
| Outlook iOS | 2024-01-08 | pre 0.2 | ✅ |
|
||||||
|
| Gmail Android | 2024-01-08 | pre 0.2 | ✅ |
|
||||||
|
| Windows Mail | 2024-01-08 | pre 0.2 | ✅ |
|
||||||
|
|
||||||
## K9Mail
|
If you find a regression, please report it.
|
||||||
|
If you use a well-known email client, that work or not work with Aerogramme,
|
||||||
## Mutt
|
please report it here, so we can track Aerogramme's IMAP compatibility with the rest of the ecosystem.
|
||||||
|
|
||||||
Create a config file (`~/.muttrc`):
|
|
||||||
|
|
||||||
```ini
|
|
||||||
set imap_user = alice
|
|
||||||
set imap_pass = p455w0rd
|
|
||||||
set folder = imap://localhost:1143
|
|
||||||
set spoolfile = +INBOX
|
|
||||||
set ssl_starttls = no
|
|
||||||
set ssl_force_tls = no
|
|
||||||
mailboxes = +INBOX
|
|
||||||
bind index G imap-fetch-mail
|
|
||||||
```
|
|
||||||
|
|
||||||
And then simply launch `mutt`.
|
|
||||||
The first time nothing will happen as Aerogramme must
|
|
||||||
process your incoming emails. Just ask `mutt` to refresh its
|
|
||||||
view by pressing `G` (for *Get*).
|
|
||||||
|
|
||||||
Now, you should see some emails:
|
|
||||||
|
|
||||||
![Screenshot of mutt mailbox](/screenshots/mutt_mb.png)
|
|
||||||
|
|
||||||
And you can read them:
|
|
||||||
|
|
||||||
![Screenshot of mutt mail view](/screenshots/mutt_mail.png)
|
|
||||||
|
|
|
@ -15,6 +15,9 @@ pid = "aerogramme.pid"
|
||||||
[imap_unsecure]
|
[imap_unsecure]
|
||||||
bind_addr = "[::]:1143"
|
bind_addr = "[::]:1143"
|
||||||
|
|
||||||
|
[auth]
|
||||||
|
bind_addr = "[::1]:12345"
|
||||||
|
|
||||||
[lmtp]
|
[lmtp]
|
||||||
bind_addr = "[::1]:1025"
|
bind_addr = "[::1]:1025"
|
||||||
hostname = "example.tld"
|
hostname = "example.tld"
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
Discovery RFC (see Alps)
|
|
||||||
|
|
||||||
Thunderbird discovery.
|
|
|
@ -1,22 +0,0 @@
|
||||||
If you fear to loose your password, you can backup your key with the following command:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
aerogramme show-keys \
|
|
||||||
--region garage \
|
|
||||||
--k2v-endpoint http://127.0.0.1:3904 \
|
|
||||||
--s3-endpoint http://127.0.0.1:3900 \
|
|
||||||
--aws-access-key-id GK... \
|
|
||||||
--aws-secret-access-key c0ffee... \
|
|
||||||
--bucket aerogramme \
|
|
||||||
--user-secret s3cr3t
|
|
||||||
```
|
|
||||||
|
|
||||||
You will then be asked for your key decryption password:
|
|
||||||
|
|
||||||
```
|
|
||||||
Enter key decryption password:
|
|
||||||
master_key = "..."
|
|
||||||
secret_key = "..."
|
|
||||||
```
|
|
||||||
|
|
||||||
|
|
|
@ -1,5 +0,0 @@
|
||||||
ldap
|
|
||||||
|
|
||||||
bottin
|
|
||||||
|
|
||||||
other ldap servers
|
|
|
@ -1,3 +0,0 @@
|
||||||
lmtp
|
|
||||||
postfix
|
|
||||||
other smtp servers
|
|
|
@ -3,9 +3,9 @@ title = "User Management"
|
||||||
weight = 20
|
weight = 20
|
||||||
+++
|
+++
|
||||||
|
|
||||||
Aerogramme can externalize its user management through [LDAP](@/documentation/cookbook/ldap.md), but if you target a simple deployment, it has also an internal user management system that will be covered here.
|
Aerogramme can externalize its user management through [LDAP](@/documentation/reference/config.md), but if you target a simple deployment, it has also an internal user management system that will be covered here.
|
||||||
|
|
||||||
As a pre-requisite, you must have your `aerogramme.toml` file configured for "Static" user management as described in [Configuration file](@/documentation/cookbook/config.md). You also need a configured Garage instance, either [local](@/documentation/cookbook/single-node-garage-storage.md) or [distributed](@/documentation/cookbook/garage-cluster-storage.md).
|
As a pre-requisite, you must have your `aerogramme.toml` file configured for "Static" user management as described in [Configuration file](@/documentation/cookbook/config.md). You also need a configured Garage instance, either [local](@/documentation/cookbook/single-node-garage-storage.md) or distributed.
|
||||||
|
|
||||||
## Adding users
|
## Adding users
|
||||||
|
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
how to configure tls on aerogramme?!
|
|
|
@ -34,6 +34,9 @@ The common part of the provider daemon configuration:
|
||||||
role = "Provider"
|
role = "Provider"
|
||||||
pid = "/var/run/aerogramme.pid"
|
pid = "/var/run/aerogramme.pid"
|
||||||
|
|
||||||
|
[auth]
|
||||||
|
bind_addr = "[::1]:12345"
|
||||||
|
|
||||||
[imap_unsecure]
|
[imap_unsecure]
|
||||||
bind_addr="[::1]:143"
|
bind_addr="[::1]:143"
|
||||||
|
|
||||||
|
@ -56,17 +59,20 @@ sure people run Aerogramme in the intended mode.
|
||||||
🔑 `pid` - *Optional, Path (String)* - The path to the file where the daemon PID will be stored. It's required to use the `aerogramme provider reload` command.
|
🔑 `pid` - *Optional, Path (String)* - The path to the file where the daemon PID will be stored. It's required to use the `aerogramme provider reload` command.
|
||||||
|
|
||||||
|
|
||||||
|
🗃️ `auth` - *Optional* - A socket implementing the [Dovecot SASL protocol](https://doc.dovecot.org/developer_manual/design/auth_protocol/), it can be used by some SMTP servers like Postfix, Chasquid or Maddy to delegate their authentication.
|
||||||
|
🔑 `bind_addr` - *Required, Socket (String)* - On which IP address and port the Dovecot SASL protocol should listen. Please note that this protocol is not encrypted, and thus you should only bind to localhost.
|
||||||
|
|
||||||
🗃️ `imap_unsecure` - *Optional* - The cleartext IMAP configuration block, if not set, the IMAP cleartext service is not started. Be careful, it is dangerous to run IMAP without transport encryption.
|
🗃️ `imap_unsecure` - *Optional* - The cleartext IMAP configuration block, if not set, the IMAP cleartext service is not started. Be careful, it is dangerous to run IMAP without transport encryption.
|
||||||
🔑 `imap.bind_addr` - *Required, Socket (String)* - On which IP address and port the cleartext IMAP service must bind, can be IPv6 or IPv4 syntax. (Port 143 is reserved for this use).
|
🔑 `bind_addr` - *Required, Socket (String)* - On which IP address and port the cleartext IMAP service must bind, can be IPv6 or IPv4 syntax. (Port 143 is reserved for this use).
|
||||||
|
|
||||||
🗃️ `imap` - *Optional* - The TLS IMAP configuration block, if not set, the IMAP TLS service is not started. This is the recommanded way to expose your IMAP service.
|
🗃️ `imap` - *Optional* - The TLS IMAP configuration block, if not set, the IMAP TLS service is not started. This is the recommanded way to expose your IMAP service.
|
||||||
🔑 `imap.bind_addr` - *Required, Socket (String)* - On which IP address and port the IMAP service must bind, can be IPv6 or IPv4 syntax. (Port 993 is reserved for this use).
|
🔑 `bind_addr` - *Required, Socket (String)* - On which IP address and port the IMAP service must bind, can be IPv6 or IPv4 syntax. (Port 993 is reserved for this use).
|
||||||
🔑 `imap.certs` - *Required, Path (String)* - A path to the PEM encoded certificate list
|
🔑 `certs` - *Required, Path (String)* - A path to the PEM encoded certificate list
|
||||||
🔑 `imap.key` - *Required, Path (String)* - A path to the PEM encoded private key
|
🔑 `key` - *Required, Path (String)* - A path to the PEM encoded private key
|
||||||
|
|
||||||
|
|
||||||
🗃️ `lmtp` - *Optional* - The LMTP configuration block, if not set, the LMTP service is not started
|
🗃️ `lmtp` - *Optional* - The LMTP configuration block, if not set, the LMTP service is not started
|
||||||
🔑 `lmtp.bind_addr` - *Required, Socket (String)* - On which IP address and port the LMTP service must bind, can be IPv6 or IPv4 syntax.
|
🔑 `bind_addr` - *Required, Socket (String)* - On which IP address and port the LMTP service must bind, can be IPv6 or IPv4 syntax.
|
||||||
|
|
||||||
🗃️ `users` - *Required* - How users must be handled
|
🗃️ `users` - *Required* - How users must be handled
|
||||||
🔑 `user_driver` - *Required, Enum (String)* - Define which user driver must be used, the rest of the configuration depends on it. Valid values are: `Ldap` and `Static`.
|
🔑 `user_driver` - *Required, Enum (String)* - Define which user driver must be used, the rest of the configuration depends on it. Valid values are: `Ldap` and `Static`.
|
||||||
|
@ -99,23 +105,23 @@ bucket_attr = "aeroBucket"
|
||||||
default_bucket = "aerogramme"
|
default_bucket = "aerogramme"
|
||||||
```
|
```
|
||||||
|
|
||||||
🔑 `users.user_driver="Ldap"` - to configure user management through LDAP, the `user_driver` value introduced in the previous section must be set to `Ldap`.
|
🔑 `user_driver="Ldap"` - to configure user management through LDAP, the `user_driver` value introduced in the previous section must be set to `Ldap`.
|
||||||
|
|
||||||
🔑 `users.ldap_server` - *Required, LDAP URI* - The LDAP URI of your LDAP server.
|
🔑 `ldap_server` - *Required, LDAP URI* - The LDAP URI of your LDAP server.
|
||||||
|
|
||||||
🔑 `users.pre_bind_on_login` - *Optional, boolean, default to false* - Sometimes users can't login directly on the LDAP server and require a service account that will bind to LDAP and be in charge of checking users' credentials. If this is your case, set it to true.
|
🔑 `pre_bind_on_login` - *Optional, boolean, default to false* - Sometimes users can't login directly on the LDAP server and require a service account that will bind to LDAP and be in charge of checking users' credentials. If this is your case, set it to true.
|
||||||
🔑 `users.bind_dn` - *Optional, LDAP distinguished name (String)* - The distinguished name of your service account (ignored if `pre_bind_on_login` is not set to true)
|
🔑 `bind_dn` - *Optional, LDAP distinguished name (String)* - The distinguished name of your service account (ignored if `pre_bind_on_login` is not set to true)
|
||||||
🔑 `users.bind_password` - *Optional, Password (String)* - The password of your service account (ignored if `pre_bind_on_login` is not set to true)
|
🔑 `bind_password` - *Optional, Password (String)* - The password of your service account (ignored if `pre_bind_on_login` is not set to true)
|
||||||
🔑 `users.search_base` - *Optional, LDAP distinguished name (String)* - Once logged with the service account, where the user entries must be searched. (ignored if `pre_bind_on_login` is not set to true)
|
🔑 `search_base` - *Optional, LDAP distinguished name (String)* - Once logged with the service account, where the user entries must be searched. (ignored if `pre_bind_on_login` is not set to true)
|
||||||
|
|
||||||
🔑 `users.storage_driver` - *Required, Enum (String)* - For now, only `Garage` is supported as a value (`InMemory` can be used for test purposes only)
|
🔑 `storage_driver` - *Required, Enum (String)* - For now, only `Garage` is supported as a value (`InMemory` can be used for test purposes only)
|
||||||
🔑 `users.s3_endpoint` - *Required, String* - The S3 endpoint of the Garage instance
|
🔑 `s3_endpoint` - *Required, String* - The S3 endpoint of the Garage instance
|
||||||
🔑 `users.k2v_endpoint` - *Required, String* - The K2V endpoint of the Garage instance
|
🔑 `k2v_endpoint` - *Required, String* - The K2V endpoint of the Garage instance
|
||||||
🔑 `users.aws_region` - *Required, String* - Regions are an AWS thing, for example `us-east-1`. If you followed Garage's documentation, you probably configured `garage` as your region.
|
🔑 `aws_region` - *Required, String* - Regions are an AWS thing, for example `us-east-1`. If you followed Garage's documentation, you probably configured `garage` as your region.
|
||||||
🔑 `users.aws_access_key_id_attr` - *Required, String* - The LDAP attribute that will contain user's key id: each user has its own key, its own bucket, and so on.
|
🔑 `aws_access_key_id_attr` - *Required, String* - The LDAP attribute that will contain user's key id: each user has its own key, its own bucket, and so on.
|
||||||
🔑 `users.aws_secret_access_key_attr` - *Required, String* - The LDAP attribute that will contain user's secret key.
|
🔑 `aws_secret_access_key_attr` - *Required, String* - The LDAP attribute that will contain user's secret key.
|
||||||
🔑 `users.bucket_attr` - *Optional, String* - The LDAP attribute that will contain user's bucket that is dedicated to Aerogramme. Again, each user has its own bucket.
|
🔑 `bucket_attr` - *Optional, String* - The LDAP attribute that will contain user's bucket that is dedicated to Aerogramme. Again, each user has its own bucket.
|
||||||
🔑 `users.default_bucket` - *Optional, String* - If `bucket_attr` is not set, we assume that all users have a bucket named following this parameter (as Garage has a local bucket namespace in addition to the global namespace, so it's possible for different users to have independant buckets with the same name).
|
🔑 `default_bucket` - *Optional, String* - If `bucket_attr` is not set, we assume that all users have a bucket named following this parameter (as Garage has a local bucket namespace in addition to the global namespace, so it's possible for different users to have independant buckets with the same name).
|
||||||
|
|
||||||
### Static user_driver
|
### Static user_driver
|
||||||
|
|
||||||
|
@ -127,8 +133,8 @@ user_driver = "Static"
|
||||||
user_list = "/etc/aerogramme/users.toml"
|
user_list = "/etc/aerogramme/users.toml"
|
||||||
```
|
```
|
||||||
|
|
||||||
🔑 `users.user_driver="Static"` - to configure user management through LDAP, the `user_driver` value introduced in the previous section must be set to `Ldap`.
|
🔑 `user_driver="Static"` - to configure user management through LDAP, the `user_driver` value introduced in the previous section must be set to `Ldap`.
|
||||||
🔑 `users.user_list` - *Required, Path (String)* - the path to the file that will contain the list of your users, the hash of their password, and where their data is stored. The file must exist, but it can be blank.
|
🔑 `user_list` - *Required, Path (String)* - the path to the file that will contain the list of your users, the hash of their password, and where their data is stored. The file must exist, but it can be blank.
|
||||||
|
|
||||||
The syntax of the user list file is described in the dedicated reference page [User List](@/documentation/reference/user-list.md).
|
The syntax of the user list file is described in the dedicated reference page [User List](@/documentation/reference/user-list.md).
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue