Files
ProxMailcow/README.md
T
myron b60db8a0d0 Initial infrastructure: NPM + Mailcow on Proxmox
- VM 200: Nginx Proxy Manager (10.48.200.80)
- VM 201: Mailcow email server (10.48.200.82)
- Cloud-init automation for both VMs
- FortiGate VIP/policy documentation
- DNS records for web.orbishosting.com
- NPM proxy host setup guide
- Mailcow post-install checklist
- Cert sync script (NPM → Mailcow)

External IP: 97.176.15.26
2026-04-23 04:37:56 +00:00

63 lines
2.1 KiB
Markdown

# ProxMailcow — Proxmox + Nginx Proxy Manager + Mailcow
Full mail server stack for **web.orbishosting.com** hosted on Proxmox at `10.48.200.90`.
## Infrastructure Overview
| Service | VM ID | Hostname | LAN IP | Role |
|---------|-------|----------|--------|------|
| Nginx Proxy Manager | 200 | npm.web.orbishosting.com | 10.48.200.80 | Reverse proxy, SSL termination |
| Mailcow | 201 | mail.web.orbishosting.com | 10.48.200.82 | Full mail server |
**External IP:** `97.176.15.26`
**Domain:** `web.orbishosting.com`
**Gateway:** `10.48.200.1` (FortiGate)
**FusionPBX** (do not disturb): `orbisne.fortiddns.com` — existing SIP rules left untouched
---
## Quick Start Order
```
1. Configure DNS records → docs/dns-records.md
2. Run Proxmox VM scripts → proxmox/
3. Wait for VMs to boot (~5 min)
4. Configure NPM proxy hosts → nginx-proxy-manager/
5. Configure FortiGate → docs/fortigate-changes.md (REVIEW BEFORE APPLYING)
6. Set up Mailcow domains/users → mailcow/
```
---
## Default Credentials (Change Immediately!)
| Service | URL | Username | Password |
|---------|-----|----------|----------|
| NPM Admin | http://10.48.200.80:81 | admin@example.com | changeme |
| Mailcow Admin | https://mail.web.orbishosting.com | admin | moohoo |
| NPM VM SSH | 10.48.200.80 | ubuntu | mailstack2024! |
| Mailcow VM SSH | 10.48.200.82 | ubuntu | mailstack2024! |
---
## Architecture
```
Internet
FortiGate (97.176.15.26 / 10.48.200.1)
├── Port 80, 443 ──────────────► NPM VM (10.48.200.80)
│ │
│ └── Proxies ──► Mailcow web UI (10.48.200.82:8080)
├── Port 25, 465, 587 ─────────► Mailcow VM (10.48.200.82)
└── Port 143, 993, 110, 995 ──► Mailcow VM (10.48.200.82)
```
SSL flow:
- NPM obtains Let's Encrypt cert for `mail.web.orbishosting.com` (web UI)
- Mailcow's internal ACME obtains its own cert via HTTP-01 challenge forwarded through NPM
- Mailcow uses its cert for all mail protocols (SMTP/IMAP/POP3)