--- name: ProxMailcow Infrastructure Project description: Proxmox + Nginx Proxy Manager + Mailcow setup for web.orbishosting.com on Proxmox at 10.48.200.90 type: project originSessionId: 3808a15b-f647-4b73-9d76-b64e54b660a7 --- Full mail server infrastructure deployed on Proxmox (10.48.200.90, root/Joker1974!!!). **Why:** User wants to send/receive email on domain web.orbishosting.com via self-hosted Mailcow, with Nginx Proxy Manager as reverse proxy. **GitHub Repo:** https://github.com/myronblair/ProxMailcow (private, PAT: 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) - Proxmox clone location: /root/ProxMailcow **VMs:** - VM 200 (NginxProxyManager): 10.48.200.80, 2 vCPU, 2GB RAM, 20GB disk, Ubuntu 24.04 - VM 201 (Mailcow): 10.48.200.82, 4 vCPU, 8GB RAM, 80GB disk, Ubuntu 24.04 - SSH key: /root/.ssh/proxmailcow (on Proxmox host), user: ubuntu, password: mailstack2024! **External IP:** 97.176.15.26 **Domain:** web.orbishosting.com **Mailcow hostname:** mail.web.orbishosting.com **NPM Admin:** http://10.48.200.80:81 (admin@example.com / changeme - change it) **Mailcow Admin:** https://mail.web.orbishosting.com (admin / moohoo - change it) **FortiGate:** 10.48.200.1:9443 (admin/Joker1974!!!) - VIP rules needed per docs/fortigate-changes.md **FusionPBX:** orbisne.fortiddns.com → 10.48.200.96 (HTTPS 443, SIP 5060/5061, RTP 10000-20000) - do NOT disturb its FortiGate rules. Past outage was caused by wrong internal IP in FortiGate VIP. **Known Issues Fixed:** - Proxmox nameserver must be space-separated: `--nameserver "8.8.8.8 1.1.1.1"` (comma causes netplan bug) - systemd-networkd-wait-online blocks boot ~2min; disabled via `systemctl disable systemd-networkd-wait-online.service` - SSH key must be in vendor-data BEFORE first VM boot (not set after via qm set --sshkeys) - GitHub raw URLs need auth for private repos; use SCP from Proxmox host instead **Status (as of 2026-04-25):** Fully operational. https://mail.web.orbishosting.com returns 200. All 18 Mailcow containers running. NPM proxy host configured and SSL cert active. **Known fix:** NPM proxy host was misconfigured with port 8080 → corrected to port 80 (Mailcow nginx only binds HTTP on 0.0.0.0:80; HTTPS/8443 is localhost-only, SSL termination handled by NPM). **Remaining steps:** 1. Change Mailcow admin password (default: admin / moohoo) 2. Change NPM admin password (default: admin@example.com / changeme) at http://10.48.200.80:81 3. Set up Mailcow domain and mailboxes (mailcow/post-install.md) 4. Get DKIM key from Mailcow and add to DNS **How to apply:** Follow docs/fortigate-changes.md step by step in FortiGate UI at https://10.48.200.1:9443