docs: Better document DMS volumes

2024-01-27 16:35:22 +13:00 · 2024-01-27 16:35:22 +13:00 · a93937b20b
parent 9ac11021e1
commit a93937b20b
8 changed files with 64 additions and 28 deletions
--- a/docs/content/config/advanced/optional-config.md
+++ b/docs/content/config/advanced/optional-config.md
@ -4,9 +4,64 @@ hide:
  - toc # Hide Table of Contents for this page
 ---

-This is a list of all configuration files and directories which are optional or automatically generated in your [`docker-data/dms/config/`][docs-dms-config-volume] directory.
+## Volumes

-## Directories
+DMS has several locations in the container which may be worth persisting externally via [Docker Volumes][docker-docs::volumes].
+
+- Often you will want to prefer [bind mount volumes][docker-docs::volumes::bind-mount] for easy access to files at a local location on your filesystem.
+- As a convention for our docs and example configs, the local location has the common prefix `docker-data/dms/` for grouping these related volumes.
+
+!!! info "Reference - Volmes for DMS"
+
+    Our docs may refer to these DMS specific volumes only by name, or the host/container path for brevity.
+
+    - [Config](#volumes-config): `docker-data/dms/config/` => `/tmp/docker-mailserver/`
+    - [Mail Storage](#volumes-mail): `docker-data/dms/mail-data/` => `/var/mail/`
+    - [State](#volumes-state): `docker-data/dms/mail-state/` => `/var/mail-state/`
+    - [Logs](#volumes-logs): `docker-data/dms/mail-logs/` => `/var/log/mail/`
+
+[docker-docs::volumes]: https://docs.docker.com/storage/volumes/
+[docker-docs::volumes::bind-mount]: https://docs.docker.com/storage/bind-mounts/
+
+### Mail Storage Volume { #volumes-mail }
+
+This is the location where mail is delivered to your mailboxes.
+
+### State Volume { #volumes-state }
+
+Run-time specific state lives here, but so does some data you may want to keep if a failure event occurs (_crash, power loss_).
+
+!!! example "Examples of relevant data"
+
+    - The Postfix queue (eg: mail pending delivery attempt)
+    - Fail2Ban blocks.
+    - ClamAV signature updates.
+    - Redis storage for Rspamd.
+
+!!! info "When you run DMS with the ENV variable `ONE_DIR=1` (default)"
+
+    - Service run-time data is [consolidated into the `/var/mail-state/` directory][mail-state-folders]. Otherwise the original locations vary and would need to be mounted individually.
+    - The original locations are updated with symlinks to redirect to their new path in `/var/mail-state/` (_eg: `/var/lib/redis` => `/var/mail-state/lib-redis/`_).
+
+    Supported services: Postfix, Dovecot, Fail2Ban, Amavis, PostGrey, ClamAV, SpamAssassin, Rspamd & Redis, Fetchmail, Getmail, LogRotate, PostSRSd, MTA-STS.
+
+!!! tip
+
+    Sometimes it is helpful to disable this volume when troubleshooting to verify if the data stored here is in a bad state (_eg: caused by a failure event_).
+
+[mail-state-folders]: https://github.com/docker-mailserver/docker-mailserver/blob/v13.3.1/target/scripts/startup/setup.d/mail_state.sh#L13-L33
+
+### Logs Volume { #volumes-log }
+
+This can be a useful volume to persist for troubleshooting needs for the full set of log files.
+
+### Config Volume { #volumes-config }
+
+Most configuration files for Postfix, Dovecot, etc. are persisted here.
+
+This is a list of all configuration files and directories which are optional, automatically generated / updated by our `setup` CLI, or other internal scripts.
+
+#### Directories

 - **sieve-filter:** directory for sieve filter scripts. (Docs: [Sieve][docs-sieve])
 - **sieve-pipe:** directory for sieve pipe scripts. (Docs: [Sieve][docs-sieve])
@ -14,7 +69,7 @@ This is a list of all configuration files and directories which are optional or
 - **ssl:** SSL Certificate directory if `SSL_TYPE` is set to `self-signed` or `custom`. (Docs: [SSL][docs-ssl])
 - **rspamd:** Override directory for custom settings when using Rspamd (Docs: [Rspamd][docs-rspamd-override-d])

-## Files
+#### Files

 - **{user_email_address}.dovecot.sieve:** User specific Sieve filter file. (Docs: [Sieve][docs-sieve])
 - **before.dovecot.sieve:** Global Sieve filter file, applied prior to the `${login}.dovecot.sieve` filter. (Docs: [Sieve][docs-sieve])
@ -42,7 +97,6 @@ This is a list of all configuration files and directories which are optional or
 - **user-patches.sh:** this file will be run after all configuration files are set up, but before the postfix, amavis and other daemons are started. (Docs: [FAQ - How to adjust settings with the `user-patches.sh` script][docs-faq-userpatches])
 - **rspamd/custom-commands.conf:** list of simple commands to adjust Rspamd modules in an easy way (Docs: [Rspamd][docs-rspamd-commands])

-[docs-dms-config-volume]: ../../faq.md#what-about-the-docker-datadmsconfig-directory
 [docs-accounts-quota]: ../../config/user-management.md#quotas
 [docs-aliases-regex]: ../../config/user-management.md#configuring-regexp-aliases
 [docs-dkim]: ../../config/best-practices/dkim_dmarc_spf.md#dkim
--- a/docs/content/config/best-practices/dkim_dmarc_spf.md
+++ b/docs/content/config/best-practices/dkim_dmarc_spf.md
@ -345,7 +345,7 @@ volumes:
 ```

 [docs-accounts-add]: ../user-management.md#adding-a-new-account
-[docs-volumes-config]: ../advanced/optional-config.md
+[docs-volumes-config]: ../advanced/optional-config.md#volumes-config
 [docs-env-opendkim]: ../environment.md#enable_opendkim
 [docs-env-rspamd]: ../environment.md#enable_rspamd
 [docs-rspamd-config-dropin]: ../security/rspamd.md#manually
--- a/docs/content/config/security/fail2ban.md
+++ b/docs/content/config/security/fail2ban.md
@ -44,7 +44,7 @@ This following configuration files inside the `docker-data/dms/config/` volume w
    - with this file, you can adjust F2B behavior in general
    - there is an example provided [in our repository on GitHub][github-file-f2bconfig]

-[docs-dms-config-volume]: ../../faq.md#what-about-the-docker-datadmsconfig-directory
+[docs-dms-config-volume]: ../advanced/optional-config.md#volumes-config
 [github-file-f2bjail]: https://github.com/docker-mailserver/docker-mailserver/blob/master/config-examples/fail2ban-jail.cf
 [github-file-f2bconfig]: https://github.com/docker-mailserver/docker-mailserver/blob/master/config-examples/fail2ban-fail2ban.cf

--- a/docs/content/config/security/rspamd.md
+++ b/docs/content/config/security/rspamd.md
@ -155,8 +155,8 @@ If you want to overwrite the default settings and / or provide your own settings

    Note that when also [using the `custom-commands.conf` file](#with-the-help-of-a-custom-file), files in `override.d` may be overwritten in case you adjust them manually and with the help of the file.

+[docs-dms-config-volume]: ../advanced/optional-config.md#volumes-config
 [rspamd-docs-override-dir]: https://www.rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
-[docs-dms-config-volume]: ../../faq.md#what-about-the-docker-datadmsconfig-directory
 [rspamd-docs-config-directories]: https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories

 ### With the Help of a Custom File
--- a/docs/content/config/security/ssl.md
+++ b/docs/content/config/security/ssl.md
@ -634,7 +634,7 @@ This setup only comes with one caveat: The domain has to be configured on anothe

    Use self-signed certificates only for testing purposes!

-This feature requires you to provide the following files into your [`docker-data/dms/config/ssl/` directory][docs-optional-config] (_internal location: `/tmp/docker-mailserver/ssl/`_):
+This feature requires you to provide the following files into your [`docker-data/dms/config/ssl/` directory][docs-dms-config-volume] (_internal location: `/tmp/docker-mailserver/ssl/`_):

 - `<FQDN>-key.pem`
 - `<FQDN>-cert.pem`
@ -876,7 +876,7 @@ By default DMS uses [`ffdhe4096`][ffdhe4096-src] from [IETF RFC 7919][ietf::rfc:
 Despite this, if you must use non-standard DH parameters or you would like to swap `ffdhe4096` for a different group (eg `ffdhe2048`); Add your own PEM encoded DH params file via a volume to `/tmp/docker-mailserver/dhparams.pem`. This will replace DH params for both Dovecot and Postfix services during container startup.

 [docs-env::ssl-type]: ../environment.md#ssl_type
-[docs-optional-config]: ../advanced/optional-config.md
+[docs-dms-config-volume]: ../advanced/optional-config.md#volumes-config
 [docs-faq-baredomain]: ../../faq.md#can-i-use-a-nakedbare-domain-ie-no-hostname

 [github-file-compose]: https://github.com/docker-mailserver/docker-mailserver/blob/master/compose.yaml
--- a/docs/content/examples/tutorials/mailserver-behind-proxy.md
+++ b/docs/content/examples/tutorials/mailserver-behind-proxy.md
@ -125,5 +125,3 @@ service imap-login {

 !!! note
    Port `10993` is used here to avoid conflicts with internal systems like `postscreen` and `amavis` as they will exchange messages on the default port and obviously have a different origin then compared to the proxy.
-
-[docs-optionalconfig]: ../../config/advanced/optional-config.md
--- a/docs/content/faq.md
+++ b/docs/content/faq.md
@ -360,20 +360,6 @@ DMS does not manage those concerns, verify they are not causing your delivery pr
 - [mail-tester](https://www.mail-tester.com/) can test your deliverability.
 - [helloinbox](https://www.helloinbox.email/) provides a checklist of things to improve your deliverability.

-### Special Directories
-
-#### What About the `docker-data/dms/config/` Directory?
-
-This documentation and all example configuration files in the GitHub repository use `docker-data/dms/config/` to refer to the directory in the host that is mounted (e.g. via a bind mount) to `/tmp/docker-mailserver/` inside the container.
-
-Most configuration files for Postfix, Dovecot, etc. are persisted here. [Optional configuration][docs-optional-configuration] is stored here as well.
-
-#### What About the `docker-data/dms/mail-state/` Directory?
-
-This documentation and all example configuration files in the GitHub repository use `docker-data/dms/mail-state/` to refer to the directory in the host that is mounted (e.g. via a bind mount) to `/var/mail-state/` inside the container.
-
-When you run DMS with the ENV variable `ONE_DIR=1` (default), this directory will provide support to persist Fail2Ban blocks, ClamAV signature updates, and the like when the container is restarted or recreated. Service data is [relocated to the `mail-state` folder][mail-state-folders] for the following services: Postfix, Dovecot, Fail2Ban, Amavis, PostGrey, ClamAV, SpamAssassin, Rspamd & Redis.
-
 ### SpamAssasin

 #### How can I manage my custom SpamAssassin rules?
@ -498,7 +484,6 @@ $spam_quarantine_to       = "quarantine\@example.com";
 [docs-maintenance]: ./config/advanced/maintenance/update-and-cleanup.md
 [docs-override-postfix]: ./config/advanced/override-defaults/postfix.md
 [docs-userpatches]: ./config/advanced/override-defaults/user-patches.md
-[docs-optional-configuration]: ./config/advanced/optional-config.md
 [docs::env::sa_env]: ./config/environment.md#spamassassin
 [docs::env::sa_kill]: ./config/environment.md#sa_kill
 [github-comment-baredomain]: https://github.com/docker-mailserver/docker-mailserver/issues/3048#issuecomment-1432358353
@ -510,4 +495,3 @@ $spam_quarantine_to       = "quarantine\@example.com";
 [github-issue-1639]: https://github.com/docker-mailserver/docker-mailserver/issues/1639
 [github-issue-1792]: https://github.com/docker-mailserver/docker-mailserver/pull/1792
 [hanscees-userpatches]: https://github.com/hanscees/dockerscripts/blob/master/scripts/tomav-user-patches.sh
-[mail-state-folders]: https://github.com/docker-mailserver/docker-mailserver/blob/c7e498194546416fb7231cb03254e77e085d18df/target/scripts/startup/misc-stack.sh#L24-L33
--- a/docs/content/usage.md
+++ b/docs/content/usage.md
@ -4,7 +4,7 @@ title: Usage

 This pages explains how to get started with DMS. The guide uses Docker Compose as a reference. In our examples, a volume mounts the host location [`docker-data/dms/config/`][docs-dms-config-volume] to `/tmp/docker-mailserver/` inside the container.

-[docs-dms-config-volume]: ./faq.md#what-about-the-docker-datadmsconfig-directory
+[docs-dms-config-volume]: ./config/advanced/optional-config.md#volumes-config

 ## Preliminary Steps