Update first_steps.md

docs/first_steps.md

@@ -13,62 +13,65 @@ mailcow uses 3 domain names that should be covered by your new certificate:
 This is just an example of how to obtain certificates with certbot. There are several methods!
 
 1. Get the certbot client:
-```
+   ```
-wget https://dl.eff.org/certbot-auto -O /usr/local/sbin/certbot && chmod +x /usr/local/sbin/certbot
+   wget https://dl.eff.org/certbot-auto -O /usr/local/sbin/certbot && chmod +x /usr/local/sbin/certbot
-```
+   ```
+   
 2. Make sure you set `HTTP_BIND=0.0.0.0` in `mailcow.conf` or setup a reverse proxy to enable connections to port 80. If you changed HTTP_BIND, then restart Nginx: `docker-compose restart nginx-mailcow`.
 
 3. Request the certificate with the webroot method:
+   ```
+   cd /path/to/git/clone/mailcow-dockerized
+   source mailcow.conf
+   certbot certonly \
+           --webroot \
+           -w ${PWD}/data/web \
+           -d ${MAILCOW_HOSTNAME} \
+           -d autodiscover.example.org \
+           -d autoconfig.example.org \
+           --email you@example.org \
+           --agree-tos
+   ```
 
-```
+4. Create hard links to the full path of the new certificates. Assuming you are still in the mailcow root folder:
-cd /path/to/git/clone/mailcow-dockerized
+   ```
-source mailcow.conf
+   mv data/assets/ssl/cert.{pem,pem.backup}
-certbot certonly \
+   mv data/assets/ssl/key.{pem,pem.backup}
-        --webroot \
+   ln $(readlink -f /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/fullchain.pem) data/assets/ssl/cert.pem
-        -w ${PWD}/data/web \
+   ln $(readlink -f /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/privkey.pem) data/assets/ssl/key.pem
-        -d ${MAILCOW_HOSTNAME} \
+   ```
-        -d autodiscover.example.org \
+   
-        -d autoconfig.example.org \
+5. Restart containers which use the certificate:
-        --email you@example.org \
+   ```
-        --agree-tos
+   docker-compose restart postfix-mailcow dovecot-mailcow nginx-mailcow
-```
+   ```
-
+   
-3. Create hard links to the full path of the new certificates. Assuming you are still in the mailcow root folder:
-```
-mv data/assets/ssl/cert.{pem,pem.backup}
-mv data/assets/ssl/key.{pem,pem.backup}
-ln $(readlink -f /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/fullchain.pem) data/assets/ssl/cert.pem
-ln $(readlink -f /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/privkey.pem) data/assets/ssl/key.pem
-```
-4. Restart containers which use the certificate:
-```
-docker-compose restart postfix-mailcow dovecot-mailcow nginx-mailcow
-```
 When renewing certificates, run the last two steps (link + restart) as post-hook in a script.
 
-# Rspamd Web UI
+# Rspamd UI access
 At first you may want to setup Rspamds web interface which provides some useful features and information.
 
 1. Generate a Rspamd controller password hash:
-```
+   ```
-docker-compose exec rspamd-mailcow rspamadm pw
+   docker-compose exec rspamd-mailcow rspamadm pw
-```
+   ```
+   
 2. Replace the default hash in `data/conf/rspamd/override.d/worker-controller.inc` by your newly generated:
-```
+   ```
-enable_password = "myhash";
+   enable_password = "myhash";
-```
+   ```
+   
 3. Restart rspamd:
-
+   ```
-```
+   docker-compose restart rspamd-mailcow
-docker-compose restart rspamd-mailcow
+   ```
-```
 
 Open https://${MAILCOW_HOSTNAME}/rspamd in a browser and login!
 
 # Optional: Reverse proxy
 
 You don't need to change the Nginx site that comes with mailcow: dockerized.
-mailcow: dockerized trusts the default gateway IP 172.22.1.1 as proxy. This is very important to control access to Rspamd's web UI.
+mailcow: dockerized trusts the default gateway IP 172.22.1.1 as proxy. This is very important to control access to Rspamds web ui.
 
 Make sure you change HTTP_BIND and HTTPS_BIND to a local address and set the ports accordingly, for example:
 ```