Repository files navigation

• Stable branch
• Development branch

• Stable branch
• Development branch

Thanks toFramasoft, two mailing lists have been created, onefor general questions, suggestions and support, and another one dedicated for development.

• General questions.
• Development.

• Install packages only from Debian stable (Bookworm).
• Automaticletsencrypt certificates generation using DNS challenge.
• Automatic security updates.
• Centralised authentication with an LDAP users database and password policies.
• AppArmor activated, with a profile for all daemons.
• Random passwords generated and optionally saved usingpass.
• Can be used at home, on a dedicated or virtual server hosted online.
• Flexible IP address support: IPv4 only, IPv6 only, and IPv4+IPv4 or IPv4+IPv6.
• Embedded DNS server, with CAA, DNSSEC and SSH fingerprint (SSHFP records).
• All the http sites rankedA+, with HSTS implemented out of the box.
• Automatic firewall rules for inbound, outbound and forwarding traffic, using nftables.
• Filtered outbound traffic as well.
• Automatic update of DNS servers and glue records on Gandi.
• Automatic configuration of OpenPGP Web Key Directory.

• Postfix configuration and installation, with LDAP lookups, internationalised emailaliases, fully SSL compliant.
• Generate DKIM keys, SPF, DMARC and DANE DNS records. The DKIM keys are generated everyyear.
• Automatic copy of sent emails into the sent folder.
• Automatic creation of the postmaster account and special associated email addressesusingRFC 2142 specifications.
• Dovecot configuration, IMAPS, POP3S, Quotas, ManageSieve, simple spam and ham learningby moving emails in and out the Junk folder, sieve and vacation scripts.
• Virtual folders for server search: unread messages, conversations view, all messages,flagged and messages labelled as "important".
• Email addresses with recipient delimiter included, e.g.john.doe+lists@dbcooper.com.
• Optional master user creation, e.g. for families with children or moderated communities.
• Server side full text search inside emails, attached documents and files and compressedarchives.
• Modern and responsive web access to emails, calendars and address books.
• Powerful and light antispam system withrspamd and optionalaccess to the web interface.
• Antivirus for inboundand outbound emails withclamav.
• Automatic configuration for Thunderbird and Outlook using published XML and otherclients with special DNS records (RFC 6186).

• Install and configure a CalDAV / CardDAV server, with DNS based automatic discovery(RFC 6186).
• Groupware functionality in a web interface, withSOGo.
• Recurring events, email alerts, shared address books and calendars.
• Mobile devices compatibility: Android, Apple iOS, BlackBerry 10 and Windows mobilethrough Microsoft ActiveSync.

• Static web site skeleton configuration, with https certificates and A+ security grade.
• Jabber server, usingejabberd, with LDAP authentication,direct or offline file transfer and optional server to server communication.
• Incremental backups, encrypted, on multiple destination (SFTP, S3, Samba share or USBdrive), with email and Jabber reporting.
• Wireguard VPN server, with QR code generation, multiple configuration per clients, andoptional split tunnelling.
• SSH certificates for users, with restricted commands, options and expiration date, withconfiguration files sent by email automatically.
• Small and secure git server per user, with automatic repository creation on the firstpush.

• YAML files validation on each commit, usingtravis-ci.
• End to end integration tests for the majority of components.
• Playbooks to facilitate the installation or removal of development packages.
• Global debug flag to activate the debug mode of all components.
• Fully open source Ansible scripts licensed under GPLv3.