Add pdns resolver, changed some other files

README.md

@@ -1,18 +1,81 @@
 # mailcow-dockerized
 
+mailcow dockerized comes with 11 containers linked in a mailcow network:
+Dovecot, Memcached, Redis, MariaDB, PowerDNS Recursor, PHP-FPM, Postfix, Nginx, Rmilter, Rspamd and SOGo.
+
 ## Installation
 
 1. Open mailcow.conf and change stuff, do not use special chars in passwords. This will be fixed soon.
 
 2. Run ./build-all.sh
 
-3. Set a rspamd controller password (see section "rspamd")
-
 Done.
 
-The default username for mailcow is `admin` with password `moohoo`.
+You can now access https://${MAILCOW_HOSTNAME} with the default credentials `admin` + password `moohoo`.
 
-## Usage
+## Configuration after installation
+
+### Rspamd UI access
+If you want to use Rspamds web UI, you need to set a Rspamd controller password:
+
+```
+# Generate hash
+docker exec -it rspamd-mailcow rspamadm pw
+```
+
+Replace given hash in data/conf/rspamd/override.d/worker-controller.inc:
+```
+enable_password = "myhash";
+```
+
+Restart rspamd:
+```
+docker restart rspamd-mailcow
+```
+
+Open https://${MAILCOW_HOSTNAME}/rspamd in a browser.
+
+### SSL (or: How to use Let's Encrypt)
+mailcow dockerized comes with a self-signed certificate.
+
+First you should renew the DH parameters. Assuming you are in the mailcow root folder:
+```
+openssl dhparam -out ./data/assets/ssl/dhparams.pem 2048
+```
+
+Get the certbot client:
+```
+wget https://dl.eff.org/certbot-auto && chmod +x certbot-auto
+```
+
+Please disable applications blocking port 80 and run certbot:
+```
+./certbot-auto certonly \
+	--standalone \
+	--standalone-supported-challenges http-01 \
+	-d ${MAILCOW_HOSTNAME} \
+	--email you@example.org \
+	--agree-tos
+```
+
+Link certificates to assets directory. Assuming you are still in the mailcow root folder:
+```
+mv data/assets/ssl/mail.{crt,crt_old}
+mv data/assets/ssl/mail.{key,key_old}
+ln -s /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/fullchain.pem data/assets/ssl/mail.crt
+ln -s /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/privkey.pem data/assets/ssl/mail.key
+```
+
+Restart containers which use the certificate:
+```
+docker restart postfix-mailcow
+docker restart dovecot-mailcow
+docker restart nginx-mailcow
+```
+
+When renewing certificates, run the last two steps as post-hook in certbot.
+
+## Special usage
 ### build-*.files
 
 (Re)build a container:
@@ -52,6 +115,10 @@ Dump database to file backup_${DBNAME}_${DATE}.sql:
 ./build-sql.sh --dump
 ```
 
+Restore database from a file:
+```
+./build-sql.sh --restore filename
+
 ### Redis
 
 Connect to redis database:
@@ -59,7 +126,7 @@ Connect to redis database:
 ./build-sql.sh --client
 ```
 
-### rspamd
+### Rspamd examples
 
 Use rspamadm:
 ```
@@ -71,22 +138,6 @@ Use rspamc:
 docker exec -it rspamd-mailcow rspamc --help
 ```
 
-Set rspamd controller password:
-```
-# Generate hash
-docker exec -it rspamd-mailcow rspamadm pw
-```
-
-Replace given hash in data/conf/rspamd/override.d/worker-controller.inc:
-```
-enable_password = "myhash";
-```
-
-Restart rspamd:
-```
-docker restart rspamd-mailcow
-```
-
 ### Remove persistent data
 
 MariaDB: