No OneTemporary
Actions

Size

114 KB

Referenced Files

None

订阅者

None

View Options

	diff --git a/data/Dockerfiles/watchdog/watchdog.sh b/data/Dockerfiles/watchdog/watchdog.sh
	index d4de6d8d..7f125f76 100755
	--- a/data/Dockerfiles/watchdog/watchdog.sh
	+++ b/data/Dockerfiles/watchdog/watchdog.sh
	@@ -1,1122 +1,1126 @@
	#!/bin/bash

	trap "exit" INT TERM
	trap "kill 0" EXIT

	# Prepare
	BACKGROUND_TASKS=()
	echo "Waiting for containers to settle..."
	for i in {30..1}; do
	echo "${i}"
	sleep 1
	done

	if [[ "${USE_WATCHDOG}" =~ ^([nN][oO]\|[nN])+$ ]]; then
	echo -e "$(date) - USE_WATCHDOG=n, skipping watchdog..."
	sleep 365d
	exec $(readlink -f "$0")
	fi

	if [[ "${WATCHDOG_VERBOSE}" =~ ^([yY][eE][sS]\|[yY])+$ ]]; then
	SMTP_VERBOSE="--verbose"
	CURL_VERBOSE="--verbose"
	set -xv
	else
	SMTP_VERBOSE=""
	CURL_VERBOSE=""
	exec 2>/dev/null
	fi

	# Checks pipe their corresponding container name in this pipe
	if [[ ! -p /tmp/com_pipe ]]; then
	mkfifo /tmp/com_pipe
	fi

	# Wait for containers
	while ! mysqladmin status --socket=/var/run/mysqld/mysqld.sock -u${DBUSER} -p${DBPASS} --silent; do
	echo "Waiting for SQL..."
	sleep 2
	done

	# Do not attempt to write to slave
	if [[ ! -z ${REDIS_SLAVEOF_IP} ]]; then
	REDIS_CMDLINE="redis-cli -h ${REDIS_SLAVEOF_IP} -p ${REDIS_SLAVEOF_PORT}"
	else
	REDIS_CMDLINE="redis-cli -h redis -p 6379"
	fi

	until [[ $(${REDIS_CMDLINE} PING) == "PONG" ]]; do
	echo "Waiting for Redis..."
	sleep 2
	done

	${REDIS_CMDLINE} DEL F2B_RES > /dev/null

	# Common functions
	get_ipv6(){
	local IPV6=
	local IPV6_SRCS=
	local TRY=
	IPV6_SRCS[0]="ip6.mailcow.email"
	IPV6_SRCS[1]="ip6.nevondo.com"
	until [[ ! -z ${IPV6} ]] \|\| [[ ${TRY} -ge 10 ]]; do
	IPV6=$(curl --connect-timeout 3 -m 10 -L6s ${IPV6_SRCS[$RANDOM % ${#IPV6_SRCS[@]} ]} \| grep "^$[0-9a-fA-F]\{0,4\}:$\{1,7\}[0-9a-fA-F]\{0,4\}$")
	[[ ! -z ${TRY} ]] && sleep 1
	TRY=$((TRY+1))
	done
	echo ${IPV6}
	}

	array_diff() {
	# https://stackoverflow.com/questions/2312762, Alex Offshore
	eval local ARR1=$\"\${$2[@]}\"$
	eval local ARR2=$\"\${$3[@]}\"$
	local IFS=$'\n'
	mapfile -t $1 < <(comm -23 <(echo "${ARR1[]}" \| sort) <(echo "${ARR2[]}" \| sort))
	}

	progress() {
	SERVICE=${1}
	TOTAL=${2}
	CURRENT=${3}
	DIFF=${4}
	[[ -z ${DIFF} ]] && DIFF=0
	[[ -z ${TOTAL} \|\| -z ${CURRENT} ]] && return
	[[ ${CURRENT} -gt ${TOTAL} ]] && return
	[[ ${CURRENT} -lt 0 ]] && CURRENT=0
	PERCENT=$(( 200 * ${CURRENT} / ${TOTAL} % 2 + 100 * ${CURRENT} / ${TOTAL} ))
	${REDIS_CMDLINE} LPUSH WATCHDOG_LOG "{\"time\":\"$(date +%s)\",\"service\":\"${SERVICE}\",\"lvl\":\"${PERCENT}\",\"hpnow\":\"${CURRENT}\",\"hptotal\":\"${TOTAL}\",\"hpdiff\":\"${DIFF}\"}" > /dev/null
	log_msg "${SERVICE} health level: ${PERCENT}% (${CURRENT}/${TOTAL}), health trend: ${DIFF}" no_redis
	# Return 10 to indicate a dead service
	[ ${CURRENT} -le 0 ] && return 10
	}

	log_msg() {
	if [[ ${2} != "no_redis" ]]; then
	${REDIS_CMDLINE} LPUSH WATCHDOG_LOG "{\"time\":\"$(date +%s)\",\"message\":\"$(printf '%s' "${1}" \| \
	tr '\r\n%&;$"_[]{}-' ' ')\"}" > /dev/null
	fi
	echo $(date) $(printf '%s\n' "${1}")
	}

	function notify_error() {
	# Check if one of the notification options is enabled
	[[ -z ${WATCHDOG_NOTIFY_EMAIL} ]] && [[ -z ${WATCHDOG_NOTIFY_WEBHOOK} ]] && return 0
	THROTTLE=
	[[ -z ${1} ]] && return 1
	# If exists, body will be the content of "/tmp/${1}", even if ${2} is set
	[[ -z ${2} ]] && BODY="Service was restarted on $(date), please check your mailcow installation." \|\| BODY="$(date) - ${2}"
	# If exists, mail will be throttled by argument in seconds
	[[ ! -z ${3} ]] && THROTTLE=${3}
	if [[ ! -z ${THROTTLE} ]]; then
	TTL_LEFT="$(${REDIS_CMDLINE} TTL THROTTLE_${1} 2> /dev/null)"
	if [[ "${TTL_LEFT}" == "-2" ]]; then
	# Delay key not found, setting a delay key now
	${REDIS_CMDLINE} SET THROTTLE_${1} 1 EX ${THROTTLE}
	else
	log_msg "Not sending notification email now, blocked for ${TTL_LEFT} seconds..."
	return 1
	fi
	fi
	WATCHDOG_NOTIFY_EMAIL=$(echo "${WATCHDOG_NOTIFY_EMAIL}" \| sed 's/"//;s\|"$\|\|')
	# Some exceptions for subject and body formats
	if [[ ${1} == "fail2ban" ]]; then
	SUBJECT="${BODY}"
	BODY="Please see netfilter-mailcow for more details and triggered rules."
	else
	SUBJECT="${WATCHDOG_SUBJECT}: ${1}"
	fi

	# Send mail notification if enabled
	if [[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]]; then
	IFS=',' read -r -a MAIL_RCPTS <<< "${WATCHDOG_NOTIFY_EMAIL}"
	for rcpt in "${MAIL_RCPTS[@]}"; do
	RCPT_DOMAIN=
	RCPT_MX=
	RCPT_DOMAIN=$(echo ${rcpt} \| awk -F @ {'print $NF'})
	CHECK_FOR_VALID_MX=$(dig +short ${RCPT_DOMAIN} mx)
	if [[ -z ${CHECK_FOR_VALID_MX} ]]; then
	log_msg "Cannot determine MX for ${rcpt}, skipping email notification..."
	return 1
	fi
	[ -f "/tmp/${1}" ] && BODY="/tmp/${1}"
	timeout 10s ./smtp-cli --missing-modules-ok \
	"${SMTP_VERBOSE}" \
	--charset=UTF-8 \
	--subject="${SUBJECT}" \
	--body-plain="${BODY}" \
	--add-header="X-Priority: 1" \
	--to=${rcpt} \
	--from="watchdog@${MAILCOW_HOSTNAME}" \
	--hello-host=${MAILCOW_HOSTNAME} \
	--ipv4
	if [[ $? -eq 1 ]]; then # exit code 1 is fine
	log_msg "Sent notification email to ${rcpt}"
	else
	if [[ "${SMTP_VERBOSE}" == "" ]]; then
	log_msg "Error while sending notification email to ${rcpt}. You can enable verbose logging by setting 'WATCHDOG_VERBOSE=y' in mailcow.conf."
	else
	log_msg "Error while sending notification email to ${rcpt}."
	fi
	fi
	done
	fi

	# Send webhook notification if enabled
	if [[ ! -z ${WATCHDOG_NOTIFY_WEBHOOK} ]]; then
	if [[ -z ${WATCHDOG_NOTIFY_WEBHOOK_BODY} ]]; then
	log_msg "No webhook body set, skipping webhook notification..."
	return 1
	fi

	+ # Escape subject and body (https://stackoverflow.com/a/2705678)
	+ ESCAPED_SUBJECT=$(echo ${SUBJECT} \| sed -e 's/[\/&]/\\&/g')
	+ ESCAPED_BODY=$(echo ${BODY} \| sed -e 's/[\/&]/\\&/g')
	+
	# Replace subject and body placeholders
	- WEBHOOK_BODY=$(echo ${WATCHDOG_NOTIFY_WEBHOOK_BODY} \| sed "s/\$SUBJECT\\|\${SUBJECT}/$SUBJECT/g" \| sed "s/\$BODY\\|\${BODY}/$BODY/g")
	-
	+ WEBHOOK_BODY=$(echo ${WATCHDOG_NOTIFY_WEBHOOK_BODY} \| sed -e "s/\$SUBJECT\\|\${SUBJECT}/$ESCAPED_SUBJECT/g" -e "s/\$BODY\\|\${BODY}/$ESCAPED_BODY/g")
	+
	# POST to webhook
	curl -X POST -H "Content-Type: application/json" ${CURL_VERBOSE} -d "${WEBHOOK_BODY}" ${WATCHDOG_NOTIFY_WEBHOOK}

	log_msg "Sent notification using webhook"
	fi
	}

	get_container_ip() {
	# ${1} is container
	CONTAINER_ID=()
	CONTAINER_IPS=()
	CONTAINER_IP=
	LOOP_C=1
	until [[ ${CONTAINER_IP} =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]] \|\| [[ ${LOOP_C} -gt 5 ]]; do
	if [ ${IP_BY_DOCKER_API} -eq 0 ]; then
	CONTAINER_IP=$(dig a "${1}" +short)
	else
	sleep 0.5
	# get long container id for exact match
	CONTAINER_ID=($(curl --silent --insecure https://dockerapi.${COMPOSE_PROJECT_NAME}_mailcow-network/containers/json \| jq -r ".[] \| {name: .Config.Labels[\"com.docker.compose.service\"], project: .Config.Labels[\"com.docker.compose.project\"], id: .Id}" \| jq -rc "select( .name \| tostring == \"${1}\") \| select( .project \| tostring \| contains(\"${COMPOSE_PROJECT_NAME,,}\")) \| .id"))
	# returned id can have multiple elements (if scaled), shuffle for random test
	CONTAINER_ID=($(printf "%s\n" "${CONTAINER_ID[@]}" \| shuf))
	if [[ ! -z ${CONTAINER_ID} ]]; then
	for matched_container in "${CONTAINER_ID[@]}"; do
	CONTAINER_IPS=($(curl --silent --insecure https://dockerapi.${COMPOSE_PROJECT_NAME}_mailcow-network/containers/${matched_container}/json \| jq -r '.NetworkSettings.Networks[].IPAddress'))
	for ip_match in "${CONTAINER_IPS[@]}"; do
	# grep will do nothing if one of these vars is empty
	[[ -z ${ip_match} ]] && continue
	[[ -z ${IPV4_NETWORK} ]] && continue
	# only return ips that are part of our network
	if ! grep -q ${IPV4_NETWORK} <(echo ${ip_match}); then
	continue
	else
	CONTAINER_IP=${ip_match}
	break
	fi
	done
	[[ ! -z ${CONTAINER_IP} ]] && break
	done
	fi
	fi
	LOOP_C=$((LOOP_C + 1))
	done
	[[ ${LOOP_C} -gt 5 ]] && echo 240.0.0.0 \|\| echo ${CONTAINER_IP}
	}

	# One-time check
	if grep -qi "$(echo ${IPV6_NETWORK} \| cut -d: -f1-3)" <<< "$(ip a s)"; then
	if [[ -z "$(get_ipv6)" ]]; then
	notify_error "ipv6-config" "enable_ipv6 is true in docker-compose.yml, but an IPv6 link could not be established. Please verify your IPv6 connection."
	fi
	fi

	external_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${EXTERNAL_CHECKS_THRESHOLD}
	# Reduce error count by 2 after restarting an unhealthy container
	GUID=$(mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT version FROM versions WHERE application = 'GUID'" -BN)
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	err_c_cur=${err_count}
	CHECK_REPONSE="$(curl --connect-timeout 3 -m 10 -4 -s https://checks.mailcow.email -X POST -dguid=${GUID} 2> /dev/null)"
	if [[ ! -z "${CHECK_REPONSE}" ]] && [[ "$(echo ${CHECK_REPONSE} \| jq -r .response)" == "critical" ]]; then
	echo ${CHECK_REPONSE} \| jq -r .out > /tmp/external_checks
	err_count=$(( ${err_count} + 1 ))
	fi
	CHECK_REPONSE6="$(curl --connect-timeout 3 -m 10 -6 -s https://checks.mailcow.email -X POST -dguid=${GUID} 2> /dev/null)"
	if [[ ! -z "${CHECK_REPONSE6}" ]] && [[ "$(echo ${CHECK_REPONSE6} \| jq -r .response)" == "critical" ]]; then
	echo ${CHECK_REPONSE} \| jq -r .out > /tmp/external_checks
	err_count=$(( ${err_count} + 1 ))
	fi
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "External checks" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 60
	else
	diff_c=0
	sleep $(( ( RANDOM % 20 ) + 1800 ))
	fi
	done
	return 1
	}

	nginx_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${NGINX_THRESHOLD}
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	touch /tmp/nginx-mailcow; echo "$(tail -50 /tmp/nginx-mailcow)" > /tmp/nginx-mailcow
	host_ip=$(get_container_ip nginx-mailcow)
	err_c_cur=${err_count}
	/usr/lib/nagios/plugins/check_http -4 -H ${host_ip} -u / -p 8081 2>> /tmp/nginx-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "Nginx" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 1
	else
	diff_c=0
	sleep $(( ( RANDOM % 60 ) + 20 ))
	fi
	done
	return 1
	}

	unbound_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${UNBOUND_THRESHOLD}
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	touch /tmp/unbound-mailcow; echo "$(tail -50 /tmp/unbound-mailcow)" > /tmp/unbound-mailcow
	host_ip=$(get_container_ip unbound-mailcow)
	err_c_cur=${err_count}
	/usr/lib/nagios/plugins/check_dns -s ${host_ip} -H stackoverflow.com 2>> /tmp/unbound-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	DNSSEC=$(dig com +dnssec \| egrep 'flags:.+ad')
	if [[ -z ${DNSSEC} ]]; then
	echo "DNSSEC failure" 2>> /tmp/unbound-mailcow 1>&2
	err_count=$(( ${err_count} + 1))
	else
	echo "DNSSEC check succeeded" 2>> /tmp/unbound-mailcow 1>&2
	fi
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "Unbound" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 1
	else
	diff_c=0
	sleep $(( ( RANDOM % 60 ) + 20 ))
	fi
	done
	return 1
	}

	redis_checks() {
	# A check for the local redis container
	err_count=0
	diff_c=0
	THRESHOLD=${REDIS_THRESHOLD}
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	touch /tmp/redis-mailcow; echo "$(tail -50 /tmp/redis-mailcow)" > /tmp/redis-mailcow
	host_ip=$(get_container_ip redis-mailcow)
	err_c_cur=${err_count}
	/usr/lib/nagios/plugins/check_tcp -4 -H redis-mailcow -p 6379 -E -s "PING\n" -q "QUIT" -e "PONG" 2>> /tmp/redis-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "Redis" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 1
	else
	diff_c=0
	sleep $(( ( RANDOM % 60 ) + 20 ))
	fi
	done
	return 1
	}

	mysql_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${MYSQL_THRESHOLD}
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	touch /tmp/mysql-mailcow; echo "$(tail -50 /tmp/mysql-mailcow)" > /tmp/mysql-mailcow
	err_c_cur=${err_count}
	/usr/lib/nagios/plugins/check_mysql -s /var/run/mysqld/mysqld.sock -u ${DBUSER} -p ${DBPASS} -d ${DBNAME} 2>> /tmp/mysql-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	/usr/lib/nagios/plugins/check_mysql_query -s /var/run/mysqld/mysqld.sock -u ${DBUSER} -p ${DBPASS} -d ${DBNAME} -q "SELECT COUNT(*) FROM information_schema.tables" 2>> /tmp/mysql-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "MySQL/MariaDB" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 1
	else
	diff_c=0
	sleep $(( ( RANDOM % 60 ) + 20 ))
	fi
	done
	return 1
	}

	mysql_repl_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${MYSQL_REPLICATION_THRESHOLD}
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	touch /tmp/mysql_repl_checks; echo "$(tail -50 /tmp/mysql_repl_checks)" > /tmp/mysql_repl_checks
	err_c_cur=${err_count}
	/usr/lib/nagios/plugins/check_mysql_slavestatus.sh -S /var/run/mysqld/mysqld.sock -u root -p ${DBROOT} 2>> /tmp/mysql_repl_checks 1>&2; err_count=$(( ${err_count} + $? ))
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "MySQL/MariaDB replication" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 60
	else
	diff_c=0
	sleep $(( ( RANDOM % 60 ) + 20 ))
	fi
	done
	return 1
	}

	sogo_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${SOGO_THRESHOLD}
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	touch /tmp/sogo-mailcow; echo "$(tail -50 /tmp/sogo-mailcow)" > /tmp/sogo-mailcow
	host_ip=$(get_container_ip sogo-mailcow)
	err_c_cur=${err_count}
	/usr/lib/nagios/plugins/check_http -4 -H ${host_ip} -u /SOGo.index/ -p 20000 2>> /tmp/sogo-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "SOGo" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 1
	else
	diff_c=0
	sleep $(( ( RANDOM % 60 ) + 20 ))
	fi
	done
	return 1
	}

	postfix_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${POSTFIX_THRESHOLD}
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	touch /tmp/postfix-mailcow; echo "$(tail -50 /tmp/postfix-mailcow)" > /tmp/postfix-mailcow
	host_ip=$(get_container_ip postfix-mailcow)
	err_c_cur=${err_count}
	/usr/lib/nagios/plugins/check_smtp -4 -H ${host_ip} -p 589 -f "watchdog@invalid" -C "RCPT TO:watchdog@localhost" -C DATA -C . -R 250 2>> /tmp/postfix-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	/usr/lib/nagios/plugins/check_smtp -4 -H ${host_ip} -p 589 -S 2>> /tmp/postfix-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "Postfix" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 1
	else
	diff_c=0
	sleep $(( ( RANDOM % 60 ) + 20 ))
	fi
	done
	return 1
	}

	clamd_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${CLAMD_THRESHOLD}
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	touch /tmp/clamd-mailcow; echo "$(tail -50 /tmp/clamd-mailcow)" > /tmp/clamd-mailcow
	host_ip=$(get_container_ip clamd-mailcow)
	err_c_cur=${err_count}
	/usr/lib/nagios/plugins/check_clamd -4 -H ${host_ip} 2>> /tmp/clamd-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "Clamd" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 1
	else
	diff_c=0
	sleep $(( ( RANDOM % 120 ) + 20 ))
	fi
	done
	return 1
	}

	dovecot_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${DOVECOT_THRESHOLD}
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	touch /tmp/dovecot-mailcow; echo "$(tail -50 /tmp/dovecot-mailcow)" > /tmp/dovecot-mailcow
	host_ip=$(get_container_ip dovecot-mailcow)
	err_c_cur=${err_count}
	/usr/lib/nagios/plugins/check_smtp -4 -H ${host_ip} -p 24 -f "watchdog@invalid" -C "RCPT TO:<watchdog@invalid>" -L -R "User doesn't exist" 2>> /tmp/dovecot-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	/usr/lib/nagios/plugins/check_imap -4 -H ${host_ip} -p 993 -S -e "OK " 2>> /tmp/dovecot-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	/usr/lib/nagios/plugins/check_imap -4 -H ${host_ip} -p 143 -e "OK " 2>> /tmp/dovecot-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	/usr/lib/nagios/plugins/check_tcp -4 -H ${host_ip} -p 10001 -e "VERSION" 2>> /tmp/dovecot-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	/usr/lib/nagios/plugins/check_tcp -4 -H ${host_ip} -p 4190 -e "Dovecot ready" 2>> /tmp/dovecot-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "Dovecot" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 1
	else
	diff_c=0
	sleep $(( ( RANDOM % 60 ) + 20 ))
	fi
	done
	return 1
	}

	dovecot_repl_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${DOVECOT_REPL_THRESHOLD}
	D_REPL_STATUS=$(redis-cli -h redis -r GET DOVECOT_REPL_HEALTH)
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	err_c_cur=${err_count}
	D_REPL_STATUS=$(redis-cli --raw -h redis GET DOVECOT_REPL_HEALTH)
	if [[ "${D_REPL_STATUS}" != "1" ]]; then
	err_count=$(( ${err_count} + 1 ))
	fi
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "Dovecot replication" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 60
	else
	diff_c=0
	sleep $(( ( RANDOM % 60 ) + 20 ))
	fi
	done
	return 1
	}

	cert_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=7
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	touch /tmp/certcheck; echo "$(tail -50 /tmp/certcheck)" > /tmp/certcheck
	host_ip_postfix=$(get_container_ip postfix)
	host_ip_dovecot=$(get_container_ip dovecot)
	err_c_cur=${err_count}
	/usr/lib/nagios/plugins/check_smtp -H ${host_ip_postfix} -p 589 -4 -S -D 7 2>> /tmp/certcheck 1>&2; err_count=$(( ${err_count} + $? ))
	/usr/lib/nagios/plugins/check_imap -H ${host_ip_dovecot} -p 993 -4 -S -D 7 2>> /tmp/certcheck 1>&2; err_count=$(( ${err_count} + $? ))
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "Primary certificate expiry check" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	# Always sleep 5 minutes, mail notifications are limited
	sleep 300
	done
	return 1
	}

	phpfpm_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${PHPFPM_THRESHOLD}
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	touch /tmp/php-fpm-mailcow; echo "$(tail -50 /tmp/php-fpm-mailcow)" > /tmp/php-fpm-mailcow
	host_ip=$(get_container_ip php-fpm-mailcow)
	err_c_cur=${err_count}
	/usr/lib/nagios/plugins/check_tcp -H ${host_ip} -p 9001 2>> /tmp/php-fpm-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	/usr/lib/nagios/plugins/check_tcp -H ${host_ip} -p 9002 2>> /tmp/php-fpm-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "PHP-FPM" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 1
	else
	diff_c=0
	sleep $(( ( RANDOM % 60 ) + 20 ))
	fi
	done
	return 1
	}

	ratelimit_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${RATELIMIT_THRESHOLD}
	RL_LOG_STATUS=$(redis-cli -h redis LRANGE RL_LOG 0 0 \| jq .qid)
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	err_c_cur=${err_count}
	RL_LOG_STATUS_PREV=${RL_LOG_STATUS}
	RL_LOG_STATUS=$(redis-cli -h redis LRANGE RL_LOG 0 0 \| jq .qid)
	if [[ ${RL_LOG_STATUS_PREV} != ${RL_LOG_STATUS} ]]; then
	err_count=$(( ${err_count} + 1 ))
	echo 'Last 10 applied ratelimits (may overlap with previous reports).' > /tmp/ratelimit
	echo 'Full ratelimit buckets can be emptied by deleting the ratelimit hash from within mailcow UI (see /debug -> Protocols -> Ratelimit):' >> /tmp/ratelimit
	echo >> /tmp/ratelimit
	redis-cli --raw -h redis LRANGE RL_LOG 0 10 \| jq . >> /tmp/ratelimit
	fi
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "Ratelimit" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 1
	else
	diff_c=0
	sleep $(( ( RANDOM % 60 ) + 20 ))
	fi
	done
	return 1
	}

	mailq_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${MAILQ_THRESHOLD}
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	touch /tmp/mail_queue_status; echo "$(tail -50 /tmp/mail_queue_status)" > /tmp/mail_queue_status
	MAILQ_LOG_STATUS=$(find /var/spool/postfix/deferred -type f \| wc -l)
	echo "Mail queue contains ${MAILQ_LOG_STATUS} items (critical limit is ${MAILQ_CRIT}) at $(date)" >> /tmp/mail_queue_status
	err_c_cur=${err_count}
	if [ ${MAILQ_LOG_STATUS} -ge ${MAILQ_CRIT} ]; then
	err_count=$(( ${err_count} + 1 ))
	echo "Mail queue contains ${MAILQ_LOG_STATUS} items (critical limit is ${MAILQ_CRIT}) at $(date)" >> /tmp/mail_queue_status
	fi
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "Mail queue" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 60
	else
	diff_c=0
	sleep $(( ( RANDOM % 60 ) + 20 ))
	fi
	done
	return 1
	}

	fail2ban_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${FAIL2BAN_THRESHOLD}
	F2B_LOG_STATUS=($(${REDIS_CMDLINE} --raw HKEYS F2B_ACTIVE_BANS))
	F2B_RES=
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	err_c_cur=${err_count}
	F2B_LOG_STATUS_PREV=(${F2B_LOG_STATUS[@]})
	F2B_LOG_STATUS=($(${REDIS_CMDLINE} --raw HKEYS F2B_ACTIVE_BANS))
	array_diff F2B_RES F2B_LOG_STATUS F2B_LOG_STATUS_PREV
	if [[ ! -z "${F2B_RES}" ]]; then
	err_count=$(( ${err_count} + 1 ))
	echo -n "${F2B_RES[@]}" \| tr -cd "[a-fA-F0-9.:/] " \| timeout 3s ${REDIS_CMDLINE} -x SET F2B_RES > /dev/null
	if [ $? -ne 0 ]; then
	${REDIS_CMDLINE} -x DEL F2B_RES
	fi
	fi
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "Fail2ban" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 1
	else
	diff_c=0
	sleep $(( ( RANDOM % 60 ) + 20 ))
	fi
	done
	return 1
	}

	acme_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${ACME_THRESHOLD}
	ACME_LOG_STATUS=$(redis-cli -h redis GET ACME_FAIL_TIME)
	if [[ -z "${ACME_LOG_STATUS}" ]]; then
	${REDIS_CMDLINE} SET ACME_FAIL_TIME 0
	ACME_LOG_STATUS=0
	fi
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	err_c_cur=${err_count}
	ACME_LOG_STATUS_PREV=${ACME_LOG_STATUS}
	ACME_LC=0
	until [[ ! -z ${ACME_LOG_STATUS} ]] \|\| [ ${ACME_LC} -ge 3 ]; do
	ACME_LOG_STATUS=$(redis-cli -h redis GET ACME_FAIL_TIME 2> /dev/null)
	sleep 3
	ACME_LC=$((ACME_LC+1))
	done
	if [[ ${ACME_LOG_STATUS_PREV} != ${ACME_LOG_STATUS} ]]; then
	err_count=$(( ${err_count} + 1 ))
	fi
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "ACME" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 1
	else
	diff_c=0
	sleep $(( ( RANDOM % 60 ) + 20 ))
	fi
	done
	return 1
	}

	rspamd_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${RSPAMD_THRESHOLD}
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	touch /tmp/rspamd-mailcow; echo "$(tail -50 /tmp/rspamd-mailcow)" > /tmp/rspamd-mailcow
	host_ip=$(get_container_ip rspamd-mailcow)
	err_c_cur=${err_count}
	SCORE=$(echo 'To: null@localhost
	From: watchdog@localhost

	Empty
	' \| usr/bin/curl --max-time 10 -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd.${COMPOSE_PROJECT_NAME}_mailcow-network/scan \| jq -rc .default.required_score \| sed 's/\..*//' )
	if [[ ${SCORE} -ne 9999 ]]; then
	echo "Rspamd settings check failed, score returned: ${SCORE}" 2>> /tmp/rspamd-mailcow 1>&2
	err_count=$(( ${err_count} + 1))
	else
	echo "Rspamd settings check succeeded, score returned: ${SCORE}" 2>> /tmp/rspamd-mailcow 1>&2
	fi
	# A dirty hack until a PING PONG event is implemented to worker proxy
	# We expect an empty response, not a timeout
	if [ "$(curl -s --max-time 10 ${host_ip}:9900 2> /dev/null ; echo $?)" == "28" ]; then
	echo "Milter check failed" 2>> /tmp/rspamd-mailcow 1>&2; err_count=$(( ${err_count} + 1 ));
	else
	echo "Milter check succeeded" 2>> /tmp/rspamd-mailcow 1>&2
	fi
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "Rspamd" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 1
	else
	diff_c=0
	sleep $(( ( RANDOM % 60 ) + 20 ))
	fi
	done
	return 1
	}

	olefy_checks() {
	err_count=0
	diff_c=0
	THRESHOLD=${OLEFY_THRESHOLD}
	# Reduce error count by 2 after restarting an unhealthy container
	trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
	while [ ${err_count} -lt ${THRESHOLD} ]; do
	touch /tmp/olefy-mailcow; echo "$(tail -50 /tmp/olefy-mailcow)" > /tmp/olefy-mailcow
	host_ip=$(get_container_ip olefy-mailcow)
	err_c_cur=${err_count}
	/usr/lib/nagios/plugins/check_tcp -4 -H ${host_ip} -p 10055 -s "PING\n" 2>> /tmp/olefy-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
	[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
	[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
	progress "Olefy" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
	if [[ $? == 10 ]]; then
	diff_c=0
	sleep 1
	else
	diff_c=0
	sleep $(( ( RANDOM % 60 ) + 20 ))
	fi
	done
	return 1
	}

	# Notify about start
	if [[ ${WATCHDOG_NOTIFY_START} =~ ^([yY][eE][sS]\|[yY])+$ ]]; then
	notify_error "watchdog-mailcow" "Watchdog started monitoring mailcow."
	fi

	# Create watchdog agents

	(
	while true; do
	if ! nginx_checks; then
	log_msg "Nginx hit error limit"
	echo nginx-mailcow > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned nginx_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})

	if [[ ${WATCHDOG_EXTERNAL_CHECKS} =~ ^([yY][eE][sS]\|[yY])+$ ]]; then
	(
	while true; do
	if ! external_checks; then
	log_msg "External checks hit error limit"
	echo external_checks > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned external_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})
	fi

	if [[ ${WATCHDOG_MYSQL_REPLICATION_CHECKS} =~ ^([yY][eE][sS]\|[yY])+$ ]]; then
	(
	while true; do
	if ! mysql_repl_checks; then
	log_msg "MySQL replication check hit error limit"
	echo mysql_repl_checks > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned mysql_repl_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})
	fi

	(
	while true; do
	if ! mysql_checks; then
	log_msg "MySQL hit error limit"
	echo mysql-mailcow > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned mysql_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})

	(
	while true; do
	if ! redis_checks; then
	log_msg "Local Redis hit error limit"
	echo redis-mailcow > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned redis_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})

	(
	while true; do
	if ! phpfpm_checks; then
	log_msg "PHP-FPM hit error limit"
	echo php-fpm-mailcow > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned phpfpm_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})

	if [[ "${SKIP_SOGO}" =~ ^([nN][oO]\|[nN])+$ ]]; then
	(
	while true; do
	if ! sogo_checks; then
	log_msg "SOGo hit error limit"
	echo sogo-mailcow > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned sogo_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})
	fi

	if [ ${CHECK_UNBOUND} -eq 1 ]; then
	(
	while true; do
	if ! unbound_checks; then
	log_msg "Unbound hit error limit"
	echo unbound-mailcow > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned unbound_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})
	fi

	if [[ "${SKIP_CLAMD}" =~ ^([nN][oO]\|[nN])+$ ]]; then
	(
	while true; do
	if ! clamd_checks; then
	log_msg "Clamd hit error limit"
	echo clamd-mailcow > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned clamd_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})
	fi

	(
	while true; do
	if ! postfix_checks; then
	log_msg "Postfix hit error limit"
	echo postfix-mailcow > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned postfix_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})

	(
	while true; do
	if ! mailq_checks; then
	log_msg "Mail queue hit error limit"
	echo mail_queue_status > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned mailq_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})

	(
	while true; do
	if ! dovecot_checks; then
	log_msg "Dovecot hit error limit"
	echo dovecot-mailcow > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned dovecot_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})

	(
	while true; do
	if ! dovecot_repl_checks; then
	log_msg "Dovecot hit error limit"
	echo dovecot_repl_checks > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned dovecot_repl_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})

	(
	while true; do
	if ! rspamd_checks; then
	log_msg "Rspamd hit error limit"
	echo rspamd-mailcow > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned rspamd_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})

	(
	while true; do
	if ! ratelimit_checks; then
	log_msg "Ratelimit hit error limit"
	echo ratelimit > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned ratelimit_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})

	(
	while true; do
	if ! fail2ban_checks; then
	log_msg "Fail2ban hit error limit"
	echo fail2ban > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned fail2ban_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})

	(
	while true; do
	if ! cert_checks; then
	log_msg "Cert check hit error limit"
	echo certcheck > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned cert_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})

	(
	while true; do
	if ! olefy_checks; then
	log_msg "Olefy hit error limit"
	echo olefy-mailcow > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned olefy_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})

	(
	while true; do
	if ! acme_checks; then
	log_msg "ACME client hit error limit"
	echo acme-mailcow > /tmp/com_pipe
	fi
	done
	) &
	PID=$!
	echo "Spawned acme_checks with PID ${PID}"
	BACKGROUND_TASKS+=(${PID})

	# Monitor watchdog agents, stop script when agents fails and wait for respawn by Docker (restart:always:n)
	(
	while true; do
	for bg_task in ${BACKGROUND_TASKS[*]}; do
	if ! kill -0 ${bg_task} 1>&2; then
	log_msg "Worker ${bg_task} died, stopping watchdog and waiting for respawn..."
	kill -TERM 1
	fi
	sleep 10
	done
	done
	) &

	# Monitor dockerapi
	(
	while true; do
	while nc -z dockerapi 443; do
	sleep 3
	done
	log_msg "Cannot find dockerapi-mailcow, waiting to recover..."
	kill -STOP ${BACKGROUND_TASKS[*]}
	until nc -z dockerapi 443; do
	sleep 3
	done
	kill -CONT ${BACKGROUND_TASKS[*]}
	kill -USR1 ${BACKGROUND_TASKS[*]}
	done
	) &

	# Actions when threshold limit is reached
	while true; do
	CONTAINER_ID=
	HAS_INITDB=
	read com_pipe_answer </tmp/com_pipe
	if [ -s "/tmp/${com_pipe_answer}" ]; then
	cat "/tmp/${com_pipe_answer}"
	fi
	if [[ ${com_pipe_answer} == "ratelimit" ]]; then
	log_msg "At least one ratelimit was applied"
	notify_error "${com_pipe_answer}"
	elif [[ ${com_pipe_answer} == "mail_queue_status" ]]; then
	log_msg "Mail queue status is critical"
	notify_error "${com_pipe_answer}"
	elif [[ ${com_pipe_answer} == "external_checks" ]]; then
	log_msg "Your mailcow is an open relay!"
	# Define $2 to override message text, else print service was restarted at ...
	notify_error "${com_pipe_answer}" "Please stop mailcow now and check your network configuration!"
	elif [[ ${com_pipe_answer} == "mysql_repl_checks" ]]; then
	log_msg "MySQL replication is not working properly"
	# Define $2 to override message text, else print service was restarted at ...
	# Once mail per 10 minutes
	notify_error "${com_pipe_answer}" "Please check the SQL replication status" 600
	elif [[ ${com_pipe_answer} == "dovecot_repl_checks" ]]; then
	log_msg "Dovecot replication is not working properly"
	# Define $2 to override message text, else print service was restarted at ...
	# Once mail per 10 minutes
	notify_error "${com_pipe_answer}" "Please check the Dovecot replicator status" 600
	elif [[ ${com_pipe_answer} == "certcheck" ]]; then
	log_msg "Certificates are about to expire"
	# Define $2 to override message text, else print service was restarted at ...
	# Only mail once a day
	notify_error "${com_pipe_answer}" "Please renew your certificate" 86400
	elif [[ ${com_pipe_answer} == "acme-mailcow" ]]; then
	log_msg "acme-mailcow did not complete successfully"
	# Define $2 to override message text, else print service was restarted at ...
	notify_error "${com_pipe_answer}" "Please check acme-mailcow for further information."
	elif [[ ${com_pipe_answer} == "fail2ban" ]]; then
	F2B_RES=($(timeout 4s ${REDIS_CMDLINE} --raw GET F2B_RES 2> /dev/null))
	if [[ ! -z "${F2B_RES}" ]]; then
	${REDIS_CMDLINE} DEL F2B_RES > /dev/null
	host=
	for host in "${F2B_RES[@]}"; do
	log_msg "Banned ${host}"
	rm /tmp/fail2ban 2> /dev/null
	timeout 2s whois "${host}" > /tmp/fail2ban
	[[ ${WATCHDOG_NOTIFY_BAN} =~ ^([yY][eE][sS]\|[yY])+$ ]] && notify_error "${com_pipe_answer}" "IP ban: ${host}"
	done
	fi
	elif [[ ${com_pipe_answer} =~ .+-mailcow ]]; then
	kill -STOP ${BACKGROUND_TASKS[*]}
	sleep 10
	CONTAINER_ID=$(curl --silent --insecure https://dockerapi.${COMPOSE_PROJECT_NAME}_mailcow-network/containers/json \| jq -r ".[] \| {name: .Config.Labels[\"com.docker.compose.service\"], project: .Config.Labels[\"com.docker.compose.project\"], id: .Id}" \| jq -rc "select( .name \| tostring \| contains(\"${com_pipe_answer}\")) \| select( .project \| tostring \| contains(\"${COMPOSE_PROJECT_NAME,,}\")) \| .id")
	if [[ ! -z ${CONTAINER_ID} ]]; then
	if [[ "${com_pipe_answer}" == "php-fpm-mailcow" ]]; then
	HAS_INITDB=$(curl --silent --insecure -XPOST https://dockerapi.${COMPOSE_PROJECT_NAME}_mailcow-network/containers/${CONTAINER_ID}/top \| jq '.msg.Processes[] \| contains(["php -c /usr/local/etc/php -f /web/inc/init_db.inc.php"])' \| grep true)
	fi
	S_RUNNING=$(($(date +%s) - $(curl --silent --insecure https://dockerapi.${COMPOSE_PROJECT_NAME}_mailcow-network/containers/${CONTAINER_ID}/json \| jq .State.StartedAt \| xargs -n1 date +%s -d)))
	if [ ${S_RUNNING} -lt 360 ]; then
	log_msg "Container is running for less than 360 seconds, skipping action..."
	elif [[ ! -z ${HAS_INITDB} ]]; then
	log_msg "Database is being initialized by php-fpm-mailcow, not restarting but delaying checks for a minute..."
	sleep 60
	else
	log_msg "Sending restart command to ${CONTAINER_ID}..."
	curl --silent --insecure -XPOST https://dockerapi.${COMPOSE_PROJECT_NAME}_mailcow-network/containers/${CONTAINER_ID}/restart
	notify_error "${com_pipe_answer}"
	log_msg "Wait for restarted container to settle and continue watching..."
	sleep 35
	fi
	fi
	kill -CONT ${BACKGROUND_TASKS[*]}
	sleep 1
	kill -USR1 ${BACKGROUND_TASKS[*]}
	fi
	done

	diff --git a/data/web/lang/lang.si-si.json b/data/web/lang/lang.si-si.json
	index 3a424631..e9468e0c 100644
	--- a/data/web/lang/lang.si-si.json
	+++ b/data/web/lang/lang.si-si.json
	@@ -1,556 +1,660 @@
	{
	"acl": {
	"app_passwds": "Upravljaj gesla aplikacij",
	"bcc_maps": "Preslikave SKP (BCC)",
	"delimiter_action": "Dejanje ločila",
	"domain_relayhost": "Spremeni gostitelja relay za domeno",
	"eas_reset": "Ponastavi EAS naprave",
	"filters": "Filtri",
	"login_as": "Prijavi se kot uporabnik poštnega predala",
	"mailbox_relayhost": "Spremeni gostitelja relay za poštni predal",
	"prohibited": "Prepovedano z ACL",
	"protocol_access": "Spremeni dostop do protokola",
	"pushover": "Pushover",
	"quarantine": "Dejanja karantene",
	"quarantine_attachments": "Priponke v karanteno",
	"quarantine_notification": "Spremeni obvestila o karanteni",
	"ratelimit": "Omejitev pošiljanja",
	"recipient_maps": "Preslikave prejemnikov",
	"smtp_ip_access": "Spremeni dovoljene gostitelje za SMTP",
	"sogo_access": "Dovoli upravljanje SOGo dostopov",
	"sogo_profile_reset": "Ponastavi SOGo profil",
	"spam_alias": "Začasni aliasi",
	"spam_policy": "Blacklist/Whitelist",
	"spam_score": "Ocena neželene pošte",
	"tls_policy": "Politika TLS",
	"unlimited_quota": "Neomejena kvota za poštne predale",
	"alias_domains": "Dodaj alias domene",
	"domain_desc": "Spremeni opis domene",
	"extend_sender_acl": "Dovoli razširitev pošiljateljevega ACL z zunanjimi e-poštnimi naslovi",
	"quarantine_category": "Spremeni kategorijo obvestil o karanteni",
	"syncjobs": "Opravila sinhronizacije"
	},
	"add": {
	"active": "Aktivno",
	"add": "Dodaj",
	"add_domain_only": "Dodaj samo domeno",
	"add_domain_restart": "Dodaj domeno in ponovno zaženi SOGo",
	"alias_address": "Alias naslov/i",
	"alias_domain": "Alias domena",
	"alias_domain_info": "<small>Samo veljavne domene (ločene z vejico).</small>",
	"app_name": "Ime aplikacije",
	"app_password": "Dodaj geslo aplikacije",
	"app_passwd_protocols": "Dovoljeni protokoli za geslo aplikacije",
	"automap": "Poskusi samodejno preslikati mape (\"Sent items\", \"Sent\" => \"Poslano\" ipd.)",
	"backup_mx_options": "Možnosti posredovanja (relay)",
	"comment_info": "Zasebni komentarji niso vidni uporabnikom, javni komentarji pa so prikazani kot tooltip, ko se z miško postavimo nad uporabnika v pregledu",
	"custom_params": "Parametri po meri",
	"custom_params_hint": "Pravilno: --param=xy, napačno: --param xy",
	"delete1": "Izbriši na viru, ko je končano",
	"delete2": "Izbriši sporočila na cilju, ki niso na viru",
	"delete2duplicates": "Izbriši dvojnike na cilju",
	"description": "Opis",
	"destination": "Cilj",
	"domain": "Domena",
	"domain_matches_hostname": "Domena %s se ujema z nazivom gostitelja (hostname)",
	"domain_quota_m": "Kvota za celotno domeno (MiB)",
	"enc_method": "Metoda kriptiranja",
	"exclude": "Izključi objekte (regex)",
	"full_name": "Polno ime",
	"gal": "Globalni seznam stikov (GAL)",
	"generate": "generiraj",
	"goto_ham": "Prepoznaj kot <span class=\"text-success\"><b>ham</b></span>",
	"goto_null": "Odstrani e-poštno sporočilo brez obvestila",
	"goto_spam": "Prepoznaj kot <span class=\"text-danger\"><b>spam</b></span>",
	"hostname": "Gostitelj",
	"inactive": "Neaktivno",
	"kind": "Tip",
	"mailbox_quota_def": "Privzeta kvota za poštni predal",
	"mailbox_username": "Uporabniško ime (levi del e-poštnega naslova)",
	"max_aliases": "Največje število dovoljenih aliasov",
	"max_mailboxes": "Največje dovoljeno število poštnih predalov",
	"mins_interval": "Interval preverjanja (minute)",
	"multiple_bookings": "Več rezervacij",
	"nexthop": "Naslednji korak",
	"password_repeat": "Potrditev gesla (ponovi)",
	"port": "Vrata (port)",
	"private_comment": "Zasebni komentar",
	"public_comment": "Javni komentar",
	"quota_mb": "Kvota (MiB)",
	"relay_all": "Posreduj vse prejemnike (relay)",
	"relay_all_info": "↪ Če izberete da <b>ne</b> posredujete vse prejemnike, morate ustvariti (\"slepi\") poštni predal za vsakega prejemnika, za katerega želite posredovati e-pošto.",
	"relay_domain": "Posreduj to domeno (relay)",
	"relay_unknown_only": "Posreduj samo neobstoječe poštne predale. V obstoječe poštne predale bo e-pošta dostavljena lokalno.",
	"relayhost_wrapped_tls_info": "Prosim <b>ne</b> uporabljajte TLS-wrapped vrata (večinoma uporabljeno na vratih 465).<br>\nUporabite katera koli non-wrapped vrata in ustvarite STARTTLS. TLS politika za obvezno uporabo TLS se lahko ustvari pod \"Preslikave TLS politik\"",
	"select": "Prosim izberite...",
	"select_domain": "Prosim najprej izberite domeno",
	"sieve_desc": "Kratek opis",
	"sieve_type": "Vrsta filtra",
	"skipcrossduplicates": "Preskoči podvojena sporočila po mapah (prvi pride, prvi melje)",
	"subscribeall": "Prijavi vse mape",
	"syncjob": "Dodaj opravilo sinhronizacije",
	"tags": "Oznake",
	"target_address": "Goto naslov",
	"target_address_info": "<small>Polni e-poštni naslov/i (ločeni z vejico).</small>",
	"target_domain": "Ciljna domena",
	"timeout1": "Časovna omejitev za povezavo do oddaljenega gostitelja",
	"username": "Uporabniško ime",
	"validate": "Preveri",
	"validation_success": "Uspešno preverjeno",
	"activate_filter_warn": "Ko je aktivni izbran, bodo vsi ostali filtri deaktivirani.",
	"alias_address_info": "<small>Polni email naslov/i oziroma @example.com za zajem vseh sporočil domene (ločeno z vejico), <b>samo domene mailcow</b>.</small>",
	"bcc_dest_format": "BCC naslov mora biti en veljaven e-poštni naslov.<br>Če morate poslati kopijo na več naslov, ustvarite alias in ga uporabite tukaj.",
	"disable_login": "Prepovej vpis (vhodna e-pošta je še vedno sprejeta)",
	"gal_info": "GAL vsebuje vse objekte domene in ga uporabniki ne morejo urejati. Informacija o zasedenosti v SOGo ni na voljo, če je onemogočena! <b>Ponovno zaženi SOGo za uveljavitev sprememb.</b>",
	"mailbox_quota_m": "Najvišja kvota na poštni predal (MiB)",
	"password": "Geslo",
	"post_domain_add": "SOGo container \"sogo-mailcow\" mora biti ponovno zagnan po dodajanju nove domene!<br><br>Dodatno se mora preveriti DNS konfiguracija domene. Ko je DNS konfiguracija domene odobrena, ponovno zaženite \"acme-mailcow\" za samodejno generiranje certifikatov za novo domeno (autoconfig.<domain>, autodiscover.<domain>).<br>Ta korak je opcijski in se ponovno poskuša vsakih 24 ur.",
	"relay_transport_info": "<div class=\"badge fs-6 bg-info\">Info</div> Definirate lahko preslikave transportov za cilj po meri za to domeno. Če ni nastavljena, se ustvari MX poizvedba.",
	"syncjob_hint": "Pozor! Gesla se morajo shraniti v plain-text!",
	- "timeout2": "Časovna omejitev za povezavo do lokalnega gostitelja"
	+ "timeout2": "Časovna omejitev za povezavo do lokalnega gostitelja",
	+ "dry": "Simuliraj sinhronizacijo"
	},
	"admin": {
	"access": "Dostop",
	"action": "Dejanje",
	"activate_api": "Aktiviraj API",
	"activate_send": "Aktiviraj gumb \"Pošlji\"",
	"active": "Aktivno",
	"active_rspamd_settings_map": "Aktivna preslikava nastavitev",
	"add": "Dodaj",
	"add_domain_admin": "Dodaj skrbnika domene",
	"add_forwarding_host": "Dodaj gostitelja za posredovanje",
	"add_relayhost": "Dodaj transport odvisen od pošiljatelja",
	"add_row": "Dodaj vrstico",
	"add_settings_rule": "Dodaj pravilo nastavitev",
	"add_transport": "Dodaj transport",
	"add_transports_hint": "Prosimo zavedajte se, da se podatki za avtentikacijo, če obstajajo, shranijo v plain text.",
	"additional_rows": " nove vrstice so bile dodane",
	"admin_details": "Uredi podrobnosti skrbnika",
	"admin_domains": "Dodeljene domene",
	"admins": "Skrbniki",
	"admins_ldap": "LDAP skrbniki",
	"advanced_settings": "Napredne nastavitve",
	"api_info": "API je v razvoju. Dokumentacija je na voljo na naslovu <a href=\"/api\">/api</a>",
	"api_key": "API ključ",
	"api_read_only": "Dostop samo za branje",
	"api_read_write": "Dostop za branje in urejanje",
	"api_skip_ip_check": "Preskoči preverjanje IP za API",
	"app_links": "Povezave aplikacij",
	"app_name": "Ime aplikacije",
	"arrival_time": "Čas prispetja (strežniški čas)",
	"authed_user": "Prij. uporabnik",
	"ays": "Ste prepričani, da želite nadaljevati?",
	"change_logo": "Zamenjaj logotip",
	"configuration": "Konfiguracija",
	"convert_html_to_text": "Pretvori HTML v golo besedilo",
	"credentials_transport_warning": "<b>Opozorilo</b>: Dodajanje nove preslikave transporta bo posodobilo poverilnice za vse vnose, ki imajo enako vrednost v stolpcu naslednji skok.",
	"customer_id": "ID stranke",
	"customize": "Prilagodi",
	"destination": "Cilj",
	"dkim_add_key": "Dodaj ARC/DKIM ključ",
	"dkim_domains_selector": "Izbira",
	"dkim_domains_wo_keys": "Izberi domene z manjkajočimi ključi",
	"dkim_from": "Od",
	"dkim_from_title": "Izvorna domena od katere prekopiram podatke",
	"dkim_key_missing": "Manjka ključ",
	"dkim_key_unused": "Ključ ni v rabi",
	"dkim_key_valid": "Veljaven ključ",
	"dkim_keys": "ARC/DKIM ključi",
	"dkim_overwrite_key": "Prepiši obstoječi DKIM ključ",
	"dkim_private_key": "Zasebni ključ",
	"dkim_to": "Za",
	"domain": "Domena",
	"domain_admin": "Skrbnik domene",
	"domain_admins": "Skrbniki domene",
	"domain_s": "Domena/e",
	"duplicate": "Podvoji",
	"duplicate_dkim": "Podvoji DKIM zapis",
	"edit": "Uredi",
	"empty": "Ni rezultatov",
	"excludes": "Izključuje te prejemnike",
	"f2b_ban_time": "Čas blokade (s)",
	"f2b_ban_time_increment": "Čas blokade se poveča z vsako blokado",
	"f2b_blacklist": "Mreže/gostitelji na blacklisti",
	"f2b_filter": "Regex filtri",
	"f2b_max_attempts": "Največ poskusov",
	"f2b_max_ban_time": "Maksimalno trajanje blokade (s)",
	"f2b_netban_ipv4": "velikost subneta IPv4 za blokiranje (8-32)",
	"f2b_netban_ipv6": "Velikost subneta IPv6 za blokiranje (8-128)",
	"f2b_parameters": "Fail2ban parametri",
	"f2b_regex_info": "Upoštevajo se dnevniki SOGo, Postfix, Dovecot, PHP-FPM.",
	"f2b_retry_window": "Upoštevan čas (s) za največ poskusov",
	"f2b_whitelist": "Mreže/gostitelji na whitelisti",
	"filter_table": "Filtriraj tabelo",
	"from": "Od",
	"generate": "ustvari",
	"guid": "GUID - enolični ID instance",
	"guid_and_license": "GUID & licenca",
	"hash_remove_info": "Odstranitev hasha za omejitev (če obstaja) bo povsem ponastavilo njen števec.<br>\n Vsak hash je prikazan z individualno barvo.",
	"help_text": "Zamenjaj tekst za pomoč pod masko za prijavo (HTML je dovoljen)",
	"host": "Gostitelj",
	"html": "HTML",
	"import": "Uvozi",
	"import_private_key": "Uvozi zasebni ključ",
	"in_use_by": "V uporabi",
	"inactive": "Neaktivno",
	"include_exclude": "Vključi/Izključi",
	"include_exclude_info": "Privzeto - če ni izbire - so vključeni <b>vsi poštni predali</b>",
	"includes": "Vključi te prejemnike",
	"ip_check": "Kontrola IP",
	"ip_check_disabled": "Kontrola IP je onemogočena. Lahko jo omogočite pod <br/> <strong>Sistem > Konfiguracija > Možnosti > Prilagodi</strong>",
	"ip_check_opt_in": "Opt-in za uporabo zunanje storitve <strong>ipv4.mailcow.email</strong> in <strong>ipv6.mailcow.email</strong> za razreševanje zunanjih IP.",
	"is_mx_based": "Glede na MX",
	"last_applied": "Nazadnje aplicirano",
	"link": "Povezava",
	"loading": "Prosim počakajte...",
	"login_time": "Čas prijave",
	"logo_info": "Vaša slika bo pomanjšana na velikost 40px za zgornjo navigacijo in največjo velikost 250px za začetno stran. Zelo priporočena je uporaba grafike brez izgube kakovosti ob spremembi velikosti.",
	"message": "Sporočilo",
	"message_size": "Velikost sporočila",
	"nexthop": "Naslednji skok",
	"no": "✕",
	"no_active_bans": "Ni aktivnih blokad",
	"no_new_rows": "Ni dodatnih vrstic",
	"no_record": "Ni zapisa",
	"oauth2_apps": "OAuth2 aplikacije",
	"oauth2_add_client": "Dodaj OAuth2 klienta",
	"oauth2_client_id": "ID klienta",
	"oauth2_client_secret": "Skrivnost (secret)",
	"oauth2_redirect_uri": "URI za preusmeritev",
	"oauth2_renew_secret": "Generiraj nov client secret",
	"oauth2_revoke_tokens": "Zavrni vse tokene klientov",
	"optional": "opcijsko",
	"options": "Možnosti",
	"password": "Geslo",
	"password_length": "Dolžina gesla",
	"password_policy": "Politika gesel",
	"password_policy_chars": "Mora vsebovati vsaj eno črko",
	"password_policy_length": "Minimalna dolžina gesla je %d",
	"password_policy_lowerupper": "Mora vsebovati male in velike črke",
	"password_policy_numbers": "Mora vsebovati vsaj eno številko",
	"password_policy_special_chars": "Mora vsebovati posebne znake",
	"password_repeat": "Potrditev gesla (ponovite)",
	"priority": "Prioriteta",
	"private_key": "Zasebni ključ",
	"quarantine": "Karantena",
	"quarantine_bcc": "Pošlji kopijo vseh obvestil (BCC) temu prejemniku:<br><small>Pustite prazno za izklop te funkcije. <b>Nepodpisana, nepreverjena pošta. Uporabljalo naj bi se samo za interno dostavo.</b></small>",
	"quarantine_exclude_domains": "Izključi domene in alias-domene",
	"quarantine_max_age": "Maksimalna starost v dnevnih<br><small>Vrednost mora biti večja ali enaka 1 dnevu</small>",
	"quarantine_max_score": "Opusti obvestilo, če je ocena spama večja od te vrednosti:<br><small>Privzeto 9999.0</small>",
	"quarantine_max_size": "Največja velikost v MiB (Večji elementi so zavrženi):<br><small>0 <b>ne</b> pomeni neomejeno.</small>",
	"quarantine_notification_html": "Predloga sporočila za obvestilo:<br><small>Pustite prazno za obnovitev privzete predloge.</small>",
	"quarantine_notification_sender": "Pošiljatelj obvestila",
	"quarantine_notification_subject": "Naslov obvestila",
	"quarantine_release_format": "Oblika sproščenih elementov",
	"quarantine_release_format_att": "Kot priponka",
	"quarantine_release_format_raw": "Nespremenjen original",
	"quarantine_retention_size": "Število zadržanj na poštni predal: <br><small>0 pomeni <b>neaktivno</b>,</small>",
	"quota_notification_sender": "Pošiljatelj obvestila",
	"quota_notification_subject": "Predmet obvestila",
	"quota_notifications": "Obvestila o omejitvi",
	"quota_notifications_info": "Obvestila o omejitvi so poslana uporabnikom enkrat, ko presežejo 80% in enkrat ko presežejo 95% zasedenosti.",
	"queue_unban": "odblokiraj",
	"r_active": "Aktivne omejitve",
	"r_inactive": "Neaktivne omejitve",
	"rate_name": "Ime omejitve",
	"recipients": "Prejemniki",
	"refresh": "Osveži",
	"regen_api_key": "Ponovno generiraj API ključ",
	"regex_maps": "Regex preslikave",
	"relay_from": "\"Od:\" naslov",
	"relay_rcpt": "\"Za:\" naslov",
	"relay_run": "Izvedi test",
	"relayhosts": "Transporti glede na pošiljatelja",
	"remove": "Odstrani",
	"remove_row": "Odstrani vrstico",
	"reset_default": "Ponastavi na privzeto",
	"reset_limit": "Odstrani hash",
	"routing": "Routing",
	"rsetting_add_rule": "Dodaj pravilo",
	"rsetting_content": "Vsebina pravila",
	"rsetting_desc": "Kratek opis",
	"rsetting_no_selection": "Prosim izberite pravilo",
	"rsetting_none": "Ni pravil na voljo",
	"rsettings_insert_preset": "Vstavi prednastavljen primer \"%s\"",
	"rsettings_preset_1": "Onemogoči vse razen DKIM in omejitve za prijavljene uporabnike",
	"rsettings_preset_2": "Postmasterji želijo spam",
	"rsettings_preset_3": "Dovoli samo specifične pošiljatelje za poštni predal (npr. uporaba samo kot interni poštni predal)",
	"rsettings_preset_4": "Onemogoči Rspamd za domeno",
	"rspamd_com_settings": "Ime nastavitve bo samodejno generirano. Prosim oglejte si primere nastavitev spodaj. Za več informacij si oglejte <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">dokumentacijo Rspamd</a>",
	"rspamd_global_filters": "Globalne preslikave filtrov",
	"rspamd_global_filters_agree": "Previden bom!",
	"rspamd_global_filters_info": "Globalne preslikave filtrov vsebujejo različne vrste globalnih blacklist in whitelist.",
	"add_admin": "Dodaj skrbnika",
	"add_relayhost_hint": "Prosimo zavedajte se, da se podatki za avtentikacijo, če obstajajo, shranijo v plain text.",
	"admin": "Skrbnik",
	"api_allow_from": "Dovoli API dostop s teh IP naslovov / CIDR mrežnih zapisov",
	"apps_name": "Ime aplikacije v mailcow",
	"ban_list_info": "Oglejte si seznam blokiranih IP naslovov spodaj: <b>network (remaining ban time) - [actions]</b>.<br />. IPji v vrsti za odstranitev blokade bodo odstranjeni iz aktivnega seznama blokad v nekaj sekundah.<br />Rdeče oznake prikazujejo trajne blokade z blacklisto.",
	"dkim_key_length": "Dolžina DKIM ključa (v bitih)",
	"dkim_to_title": "Ciljne domene bodo prepisane",
	"f2b_list_info": "Gostitelj ali omrežje na blacklisti bo vedno prevladal zapis na whitelisti. <b>Apliciranje sprememb seznama traja nekaj sekund.</b>",
	"forwarding_hosts": "Gostitelji za posredovanje",
	"forwarding_hosts_add_hint": "Lahko vpišete IPv4/IPv6 naslove, mreže v CIDR obliki, imena gostiteljev (kateri se prevedejo v IP naslove) ali imena domen (katera se prevedejo v IP naslove glede na poizvedbo po SPF zapisih, v primeru manjkajočih zapisov pa MX zapisih).",
	"forwarding_hosts_hint": "Dohodna sporočila so brezpogojno sprejeta od katerih koli gostiteljev v tem seznamu. Ti gostitelji se ne bodo preverjali po DNSBL seznamih in ne bodo dodani v greyliste. Prejeti spam s teh gostiteljev ni nikoli zavrnjen, opcijsko pa se lahko premakne v mapo neželene pošte. Najpogostejša uporaba za to je navedba poštnih strežnikov, iz katerih ste nastavili pravilo za posredovanje pošte na vaš mailcow strežnik.",
	"license_info": "Licenca ni zahtevana, a pomaga pri nadaljnjem razvoju. <br><a href=\"https://www.servercow.de/mailcow?lang=en#sal\" target=\"_blank\" alt=\"Naročilo SAL\">Registrirajte svoj GUID tukaj</a> ali <a href=\"https://www.servercow.de/mailcow?lang=en#support\" target=\"_blank\" alt=\"Naročilo podpora\">Kupite podporo za svojo namestitev Mailcow.</a>",
	"lookup_mx": "Cilj je regular expression za ujemanje MX zapisov (<code>.*\\.google\\.com</code> za usmeritev vse pošte na MX, ki se konča z google.com, preko tega skoka)",
	"main_name": "Naziv \"mailcow UI\"",
	"merged_vars_hint": "Sive vrstice so združene iz <code>vars.(local.)inc.php</code> in jih ni mogoče spremeniti.",
	"oauth2_info": "OAuth2 implementacija omogoča grant vrste \"Authorization code\" in izdaja refresh tokene.<br>\nStrežnik prav tako izda nove refresh tokene, ko je bil refresh token uporabljen<br><br>\n• Privzeti obseg je <i>profile</i>. Samo uporabniki poštnih predalov se lahko prijavijo s pomočjo OAuth2. Če parameter obsega ni vnesen, se nastavi na <i>profile</i>.<br>\n• Parameter <i>state</i> mora biti poslan s strani klienta kot del zahtevka za avtorizacijo .<br><br>\nPoti za OAuth2 API: <br>\n<ul>\n <li>Endpoint za avtorizacijo: <code>/oauth/authorize</code></li>\n <li>Endpoint za tokene: <code>/oauth/token</code></li>\n <li>Stran vira: <code>/oauth/profile</code></li>\n</ul>\nPonovno generiranje client secret ne bo razveljavilo obstoječih avtorizacijskih kod, ne bodo pa mogle obnoviti svoje tokene.<br><br>\nZavrnitev client tokenov bo povzročilo tekojčno prekinitev aktivnih sej. Vsi klienti se bodo morali ponovno prijaviti.",
	"quarantine_redirect": "<b>Preusmeri vsa obvestila</b> k temu prejemniku:<br><small>Pustite prazno, da onemogočite. <b>Nepodpisana, nepreverjena pošta. Uporabljalo bi se naj samo za interno dostavo.</b></small>",
	"quota_notification_html": "Predloga sporočila za obvestilo:<br><small>Pustite prazno za obnovitev privzete predloge.</small>",
	"quota_notifications_vars": "{{percent}} pomeni trenutna omejitev uporabnika<br>{{username}} je ime poštnega predala",
	"r_info": "Sivi/onemogočeni elementi v seznamu aktivnih omejitev niso znane kot veljavne omejitve za mailcow in ne morejo biti premaknjene. Neznane omejitve bodo kljub temu nastavljene po vrstnem redu pojavitve. <br>Nove elemente lahko dodate v <code>inc/vars.local.inc.php</code> da jih lahko vklopite ali izklopite.",
	"relayhosts_hint": "Določite transporte glede na pošiljatelja, da jih lahko izberete v konfiguraciji domene.<br>\nTransportni servis je vedno \"smtp:\" in bo poskušal s TLS ko bo na voljo. Wrapped TLS (SMTPS) ni podprto. Upošteva se uporabnikova politika odhodnega TLS.<br>\nVpliva na izbrane domene vključno z alias domenami.",
	"transport_dest_format": "Regex ali sintaksa: example.org, .example.org, *, box@example.org (več vrednosti ločite z vejico)",
	"transport_test_rcpt_info": "• Uporabite null@hosted.mailcow.de za testiranje relaya na drugo destinacijo.",
	"rspamd_global_filters_regex": "Njihovi nazivi pojasnijo njihov namen. Vsa vsebina mora imeti veljaven regular expression v obliki \"/pattern/options\" (npr. <code>/.+@domain\\.tld/i</code>).<br>\nČeprav se v vsaki vrstici regexa izvedejo osnovni pregledi, je lahko funkcionalnost programa Rspamd motena, če sintaksa ni pravilna.<br>\nRspamd bo poskušal prebrati vsebino preslikave, ko bo spremenjena. Če imate težave, <a href=\"\" data-toggle=\"modal\" data-container=\"rspamd-mailcow\" data-target=\"#RestartContainer\">ponovno zaženite Rspamd</a>, da prisilite ponovno nalaganje preslikav.<br> Elementi z Blackliste so izključeni iz karantene.",
	"rspamd_settings_map": "Preslikava nastavitev Rspamd",
	"sal_level": "Moo stopnja",
	"save": "Shrani spremembe",
	"search_domain_da": "Išči domene",
	"send": "Pošlji",
	"sender": "Pošiljatelj",
	"service": "Servis",
	"service_id": "ID servisa",
	"source": "Vir",
	"spamfilter": "Spam filter",
	"subject": "Predmet",
	"success": "Uspešno",
	"sys_mails": "Sistemska pošta",
	"text": "Besedilo",
	"time": "Čas",
	"title": "Naziv",
	"title_name": "Naziv spletnega mesta \"mailcow UI\"",
	"to_top": "Nazaj na vrh",
	"transport_maps": "Preslikave transportov",
	"transports_hint": "• Vpis preslikave transporta <b>nadredi</b> preslikavo transporta odvisno od pošiljatelja.<br>\n• Preferenčno se uporabljajo transporti glede na MX zapise.<br>\n• Izhodne TLS politike na uporabnika so ignorirane in se lahko vsilijo samo s preslikavami TLS politik.<br>\n• Transportni servis za definirane transporte je vedno \"smtp:\" in bo posledično poskušal TLS ko bo ponujeno. Wrapped TLS (SMTPS) ni podprto.<br>\n• Naslovi, ki se ujemajo z \"/localhost$/\" bodo vedno preneseni preko \"local:\", in zato destinacija \"*\" ne bo vplivala na te naslove.<br>\n• Za določitev poverilnic za naslednji skok (npr. \"[host]:25\"), Postfix <b>vedno</b> preveri \"host\" preden išče \"[host]:25\". Zaradi takšnega obnašanja je nemogoče hkrati uporabiti \"host\" in \"[host]:25\".",
	"ui_footer": "Noga (HTML dovoljen)",
	"ui_header_announcement": "Obvestila",
	"ui_header_announcement_active": "Nastavi obvestilo kot aktivno",
	"ui_header_announcement_content": "Besedilo (HTML dovoljen)",
	"ui_header_announcement_help": "Obvestilo je vidno za vse prijavljene uporabnike in na vmesniku za prijavo.",
	"ui_header_announcement_select": "Izberite vrsto obvestila",
	"ui_header_announcement_type": "Vrsta",
	"ui_header_announcement_type_danger": "Zelo pomembno",
	"ui_header_announcement_type_info": "Info",
	"ui_header_announcement_type_warning": "Pomembno",
	"ui_texts": "Oznake in besedila UI",
	"unban_pending": "unban v postopku",
	"unchanged_if_empty": "Če je nespremenjeno, pustite prazno",
	"upload": "Naloži",
	"username": "Uporabniško ime",
	"validate_license_now": "Potrdi GUID z licenčnim strežnikom",
	"verify": "Preveri",
	"yes": "✓",
	"logo_normal_label": "Navadno",
	"logo_dark_label": "Za temni način",
	"cors_settings": "Nastavitve CORS",
	"allowed_methods": "Dovoljene metode za upravljanje dostopa",
	- "allowed_origins": "Upravljanje-dostopa-Dovoljeni-Viri"
	+ "allowed_origins": "Upravljanje-dostopa-Dovoljeni-Viri",
	+ "copy_to_clipboard": "Besedilo kopirano v odložišče!",
	+ "f2b_manage_external": "Zunanje upravljanje Fail2Ban",
	+ "f2b_manage_external_info": "Fail2ban bo še vedno vzdrževal seznam prepovedi, vendar ne bo aktivno nastavil pravil za blokiranje prometa. Uporabite spodnji ustvarjeni seznam prepovedi za zunanje blokiranje prometa."
	},
	"danger": {
	"alias_goto_identical": "Alias in goto naslov morata biti identična",
	"aliasd_targetd_identical": "Alias domena ne sme biti enaka ciljni domeni: %s",
	"bcc_exists": "BCC preslikava obstaja za vrsto %s",
	"dkim_domain_or_sel_exists": "DKIM ključ za \"%s\" obstaja in ne bo prepisan.",
	"domain_quota_m_in_use": "Kvota domene mora biti večja ali enaka %s MiB",
	"extra_acl_invalid_domain": "Zunanji pošiljatelj \"%s\" uporablja neveljavno domeno",
	"global_map_write_error": "Ni mogoče zapisati ID globalne preslikave %s: %s",
	"img_tmp_missing": "Ni mogoče preveriti slikovne datoteke: začasne datoteke ni mogoče najti",
	"invalid_nexthop": "Oblika naslednjega skoka ni veljavna",
	"invalid_nexthop_authenticated": "Naslednji skok obstaja z drugačnimi poverilnicami. Prosim najprej posodobite obstoječe poverilnice za ta naslednji skok.",
	"demo_mode_enabled": "Demo način je omogočen",
	"access_denied": "Dostop zavrnjen ali pa so podatki obrazca napačni",
	"alias_domain_invalid": "Alias domena %s ni veljavna",
	"alias_empty": "Alias naslov ne sme biti prazen",
	"alias_invalid": "Alias naslov %s ni veljaven",
	"aliases_in_use": "Max. aliasov mora biti večje ali enako %d",
	"app_name_empty": "Naziv aplikacije ne more biti prazno",
	"app_passwd_id_invalid": "ID gesla aplikacije %s je neveljaven",
	"bcc_empty": "BCC cilj ne more biti prazen",
	"bcc_must_be_email": "BCC cilj %s ni veljaven e-poštni naslov",
	"comment_too_long": "Komentar je predolg, dovoljeno je največ 100 znakov.",
	"defquota_empty": "Privzeta kvota na poštni predal ne more biti 0",
	"description_invalid": "Opis resursa za %s ni veljaven",
	"dkim_domain_or_sel_invalid": "Domena ali izbirnik DKIM ni veljaven: %s",
	"domain_cannot_match_hostname": "Domena se ne more ujemati z imenom gostitelja",
	"domain_exists": "Domena %s že obstaja",
	"domain_invalid": "Manjka ali napačno ime domene",
	"domain_not_empty": "Ne morem odstraniti ne-prazno domeno %s",
	"domain_not_found": "Domene %s ni bilo mogoče najti",
	"extended_sender_acl_denied": "manjka ACL za določitev naslovov zunanjih pošiljateljev",
	"extra_acl_invalid": "Naslov zunanjega pošiljatelja \"%s\" ni veljaven",
	"fido2_verification_failed": "Preverjanje FIDO2 ni uspelo: %s",
	"file_open_error": "Datoteka ne more biti odprta za urejanje",
	"filter_type": "Napačna vrsta filtra",
	"from_invalid": "Pošiljatelj ne sme biti prazno",
	"global_filter_write_error": "Ni mogoče zapisati datoteke filtra: %s",
	"global_map_invalid": "ID globalne preslikave %s ni veljaven",
	"goto_empty": "Alias naslov mora vsebovati vsaj en veljaven goto naslov",
	"goto_invalid": "Goto naslov %s ni veljaven",
	"ham_learn_error": "Napaka pri učenju Ham: %s",
	"imagick_exception": "Napaka: Imagick napaka pri branju slike",
	"img_invalid": "Ni možno preveriti slikovne datoteke",
	"invalid_bcc_map_type": "Neveljavna vrsta preslikave BCC",
	"invalid_destination": "Ciljna oblika \"%s\" ni veljavna",
	"invalid_filter_type": "Neveljavna vrsta filtra",
	"invalid_host": "Naveden je neveljaven gostitelj (host): %s",
	"invalid_mime_type": "Neveljaven mime type",
	"max_quota_in_use": "Kvota poštnega predala mora biti večja ali enaka %d MB",
	"password_complexity": "Geslo ne ustreza varnostni politiki",
	"pushover_credentials_missing": "Manjka Pushover token ali ključ",
	"release_send_failed": "Sporočila ni bilo mogoče sprostiti: %s",
	"tls_policy_map_dest_invalid": "Cilj politike ni veljaven",
	"webauthn_authenticator_failed": "Izbrani avtentikator ni bil najden",
	"reset_f2b_regex": "Regex filter ni bilo možno ponastaviti v ustreznem času. Prosim poskusite ponovno ali počakajte nekaj sekund in ponovno naložite stran.",
	"target_domain_invalid": "Ciljna domena %s ni veljavna",
	"validity_missing": "Prosim nastavite obdobje veljavnosti",
	"invalid_recipient_map_old": "Naveden neveljaven izvirni prejemnik: %s",
	"ip_list_empty": "Seznam dovoljenih IPjev ne sme biti prazen",
	"is_alias": "%s je že znan kot alias naslov",
	"is_alias_or_mailbox": "%s je že znan kot alias, poštni naslov, ali alias izveden iz alias domene",
	"is_spam_alias": "%s že obstaja kot začasen alias (spam alias naslov)",
	"last_key": "Zadnji ključ ne more biti izbrisan, prosim raje deaktivirajte dvofaktorsko avtentikacijo (TFA)",
	"login_failed": "Prijava ni uspela",
	"mailbox_defquota_exceeds_mailbox_maxquota": "Privzeta kvota presega najvišjo omejitev",
	"mailbox_invalid": "Ime poštnega predala ni veljavno",
	"mailbox_quota_exceeded": "Kvota presega omejitev domene (maksimalno %d MB)",
	"mailbox_quota_exceeds_domain_quota": "Najvišja kvota presega omejitev domene",
	"mailbox_quota_left_exceeded": "Ni dovolj prostora (preostali prostor: %d MB)",
	"mailboxes_in_use": "Največje število poštnih predalov mora biti večje ali enako %d",
	"malformed_username": "Nepravilno oblikovano uporabniško ime",
	"map_content_empty": "Preslikava vsebine ne more biti prazna",
	"max_alias_exceeded": "Preseženo največje število aliasov",
	"max_mailbox_exceeded": "Preseženo največje število poštnih predalov (%d od %d)",
	"maxquota_empty": "Največja kvota na poštni predal ne more biti 0",
	"mysql_error": "Napaka MySQL: %s",
	"network_host_invalid": "Nepravilno omrežje ali gostitel: %s",
	"next_hop_interferes": "% moti naslednji skok %s",
	"next_hop_interferes_any": "Obstoječi naslednji skok moti %s",
	"nginx_reload_failed": "Ponovni zagon Nginx ni uspel: %s",
	"no_user_defined": "Uporabnik ni določen",
	"object_exists": "Objekt %s že obstaja",
	"object_is_not_numeric": "Vrednost %s ni numerična",
	"password_empty": "Geslo ne sme biti prazno",
	"password_mismatch": "Potrditev gesla se ne ujema z geslom",
	"policy_list_from_exists": "Zapis z tem imenom že obstaja",
	"policy_list_from_invalid": "Zapis ima nepravilno obliko",
	"private_key_error": "Napaka zasebnega ključa: %s",
	"pushover_key": "Pushover ključ ni v pravilni obliki",
	"pushover_token": "Pushover token ni v pravilni obliki",
	"quota_not_0_not_numeric": "Quota mora biti število in večje ali enako 0",
	"recipient_map_entry_exists": "Preslikava prejemnika \"%s\" že obstaja",
	"redis_error": "Napaka Redis: %s",
	"relayhost_invalid": "Vnos preslikave %s ni pravilen",
	"resource_invalid": "Ime vira je neveljavno",
	"rl_timeframe": "Časovni okvir za rate limit je nepravilen",
	"rspamd_ui_pw_length": "Rspamd UI geslo mora biti dolgo vsaj 6 znakov",
	"script_empty": "Script ne more biti prazen",
	"sender_acl_invalid": "Vrednost ACL pošiljatelja %s ni veljavna",
	"set_acl_failed": "Ni uspelo nastaviti ACL",
	"settings_map_invalid": "ID preslikave nastavitev %s ni veljaven",
	"sieve_error": "Napaka Sieve parserja: %s",
	"spam_learn_error": "Napaka pri učenju spama: %s",
	"subject_empty": "Predmet ne sme biti prazno",
	"targetd_not_found": "Ciljna domena %s ni bila najdena",
	"targetd_relay_domain": "Ciljna domena %s je relay domena",
	"template_exists": "Predloga %s že obstaja",
	"template_id_invalid": "ID predloge %s ni veljaven",
	"template_name_invalid": "Ime predloge ni veljavno",
	"text_empty": "Besedilo ne sme biti prazno",
	"tfa_token_invalid": "Neveljaven token TFA",
	"tls_policy_map_entry_exists": "Vpis preslikave TLS \"%s\" že obstaja",
	"tls_policy_map_parameter_invalid": "Parameter politike ni pravilen",
	"totp_verification_failed": "Neuspešno preverjanje TOTP",
	"transport_dest_exists": "Cilj transporta \"%s\" že obstaja",
	"webauthn_verification_failed": "Preverjanje WebAuthn ni uspelo: %s",
	"webauthn_publickey_failed": "Na izbranem avtentikatorju ni shranjenega javnega ključa",
	"webauthn_username_failed": "Izbrani avtentikator pripada drugemu uporabniškemu računu",
	"unknown": "Pojavila se je neznana napaka",
	"unknown_tfa_method": "Neznana metoda TFA",
	"unlimited_quota_acl": "Neomejena kvota je prepovedana z ACL",
	"username_invalid": "Uporabniško ime %s ne more biti uporabljeno",
	"value_missing": "Prosim vnesite vse vrednosti",
	"yotp_verification_failed": "Preverjanje Yubico OTP ni uspelo: %s",
	"temp_error": "Začasna napaka",
	"cors_invalid_method": "Navedena neveljavna Allow metoda",
	"cors_invalid_origin": "Naveden neveljaven Allow-Origin",
	- "invalid_recipient_map_new": "Naveden neveljaven nov prejemnik: %s"
	+ "invalid_recipient_map_new": "Naveden neveljaven nov prejemnik: %s",
	+ "img_dimensions_exceeded": "Slika presega največje dovoljene dimenzije",
	+ "img_size_exceeded": "Slika presega največjo dovoljeno velikost datoteke"
	},
	"debug": {
	"containers_info": "Informacije o vsebniku (containerju)",
	"architecture": "Arhitektura",
	"chart_this_server": "Diagram (ta strežnik)",
	"container_running": "Aktiven",
	"container_disabled": "Ustavljen ali onemogočen",
	"container_stopped": "Ustavljen",
	"cores": "Jedra",
	"current_time": "Sistemski čas",
	"disk_usage": "Zasedenost diska",
	"docs": "Dokumenti",
	"error_show_ip": "Ni mogoče preveriti javnega IP naslova",
	"external_logs": "Zunanji dnevniki",
	"last_modified": "Nazadnje spremenjeno",
	"history_all_servers": "Zgodovina (vsi strežniki)",
	"in_memory_logs": "In-memory dnevniki",
	"jvm_memory_solr": "JVM zasedenost spomina",
	"service": "Servis",
	"show_ip": "Prikaži javni IP",
	"size": "Velikost",
	"solr_dead": "Solr se zaganja, je onemogočen ali se je ustavil.",
	"solr_status": "Status Solr",
	"started_at": "Zagnano ob",
	"started_on": "Zagnano na",
	"static_logs": "Statični dnevniki",
	"success": "Uspešno",
	"system_containers": "Sistem in Containerji",
	"timezone": "Časovni pas",
	"uptime": "Čas delovanja",
	"update_available": "Posodobitev je na voljo",
	"no_update_available": "Sistem je na najnovejši verziji",
	"update_failed": "Ni mogoče preveriti za posodobitve",
	"username": "Uporabniško ime",
	- "wip": "Trenutno v delu"
	+ "wip": "Trenutno v delu",
	+ "log_info": "<p>mailcow <b>in-memory dnevniki</b> se zbirajo v Redis seznamih in se vsako minuto omejijo na LOG_LINES (%d) da se zmanjša obremenitev.\n <br>In-memory dnevniki niso namenjeni trajnemu shranjevanju. Vse aplikacije, ki beležijo dnevnike in-memory, tudi beležijo v Docker daemon in posledično v privzeti gonilnik za dnevnik.\n <br>In-memory dnevniki se naj uporabljajo za odpravljanje manjših napak s containerji.</p>\n <p><b>Eksterni dnevniki</b> se zbirajo preko API-ja posamezne aplikacije.</p>\n <p><b>Statični dnevniki</b> so večinoma dnevniki aktivnosti, ki se ne beležijo v Dockerd, a jih je vseeno treba hraniti (razen API dnevnikov).</p>",
	+ "login_time": "Čas",
	+ "logs": "Dnevniki",
	+ "memory": "Spomin",
	+ "online_users": "Prijavljeni uporabniki",
	+ "restart_container": "Ponovno zaženi"
	},
	"datatables": {
	"infoFiltered": "(filtrirano od _MAX_ skupaj zapisov)",
	"collapse_all": "Strni vse",
	"decimal": ",",
	"emptyTable": "Ni podatkov",
	"expand_all": "Razširi vse",
	"info": "Prikazano _START_ do _END_ od _TOTAL_ zapisov",
	"infoEmpty": "Prikazano 0 do 0 od 0 zapisov",
	"thousands": ".",
	"lengthMenu": "Prikaži _MENU_ zapise",
	"loadingRecords": "Nalaganje...",
	"processing": "Prosim počakajte...",
	"search": "Iskanje:",
	"zeroRecords": "Ni ujemajočih zapisov",
	"paginate": {
	"first": "Prva",
	"last": "Zadnja",
	"previous": "Prejšnja",
	"next": "Naslednja"
	},
	"aria": {
	"sortAscending": ": aktivirajte za razvrstitev stolpca naraščajoče",
	"sortDescending": ": aktivirajte za razvrstitev stolpca padajoče"
	}
	},
	"diagnostics": {
	"cname_from_a": "Vrednost pridobljena iz A/AAAA zapisa. To je podprto, če zapis kaže na pravilen resurs.",
	"dns_records": "DNS zapisi",
	"dns_records_24hours": "Prosim upoštevajte, da lahko traja do 24 ur da se spremembe v DNS pravilno prikažejo na tej strani. Namen je da lahko enostavno vidite, kako konfigurirati svoje DNS zapise in preverite ali so vaši zapisi pravilno shranjeni v DNS.",
	"dns_records_data": "Pravilni podatki",
	"dns_records_docs": "Prosim preverite tudi <a target=\"_blank\" href=\"https://docs.mailcow.email/getstarted/prerequisite-dns\">dokumentacijo</a>.",
	"dns_records_name": "Ime",
	"dns_records_status": "Trenutno stanje",
	"dns_records_type": "Vrsta",
	"optional": "Ta zapis je opcijski."
	},
	"edit": {
	"acl": "ACL (Dovoljenje)",
	- "active": "Aktivno"
	+ "active": "Aktivno",
	+ "allow_from_smtp": "Dovoli samo tem IP naslovom da uporabijo <b>SMTP</b>",
	+ "bcc_dest_format": "Cilj BCC mora biti en veljaven email naslov.<br>Če morate poslati kopijo na več naslovov, ustvarite alias in ga uporabite tukaj.",
	+ "automap": "Poskušaj samodejno preslikati mape (\"Sent items\", \"Sent\" => \"Poslano\" ipd.)",
	+ "admin": "Uredi skrbnika",
	+ "domain_footer_info_vars": {
	+ "custom": "{= foo =} - Če ima poštni predal atribut po meri \"foo\" z vrednostjo \"bar\", spremenljivka vrne \"bar\"",
	+ "auth_user": "{= auth_user =} - Prijavljeno uporabniško ime, ki ga določi MTA",
	+ "from_user": "{= from_user =} - leva stran email naslova uporabnika, npr. za \"moo@mailcow.tld\" vrne \"moo\"",
	+ "from_name": "{= from_name =} - Prikazno ime, npr. za \"Mailcow <moo@mailcow.tld>\" vrne \"Mailcow\"",
	+ "from_addr": "{= from_addr =} - e-poštni naslov \"Od\"",
	+ "from_domain": "{= from_domain =} - domena e-poštnega naslova \"Od\""
	+ },
	+ "dont_check_sender_acl": "Onemogoči kontrolo pošiljatelja za domeno %s (+ alias domene)",
	+ "pushover_title": "Naslov obvestila",
	+ "domains": "Domene",
	+ "extended_sender_acl_info": "Če je DKIM domenski ključ na voljo, ga uvozite.<br>\n Ne pozabite dodati ta strežnik k ustreznemu SPF TXT zapisu.<br>\n Kadar koli je domena ali alias domena dodana k tem strežniku, ki se prekriva z zunanjim naslovom, je zunanji naslov odstranjen.<br>\n uporabite @domain.tld da dovolite pošiljanje kot *@domain.tld.",
	+ "lookup_mx": "Cilj je regular expression za ujemanje MX zapisov (<code>.*\\.google\\.com</code> za usmeritev vse pošte na MX, ki se konča z google.com, preko tega skoka)",
	+ "maxbytespersecond": "Največ bytov na sekundo <br><small>(0 = neomejeno)</small>",
	+ "pushover_sender_array": "Upoštevaj samo sledeče e-poštne naslove pošiljateljev <small>(ločeni z vejico)</small>",
	+ "mbox_rl_info": "Ta omejitev velja za SASL uporabniško ime, preverja se ujemanje s katerim koli \"from\" naslovom, ki ga uporablja prijavljeni uporabnik. Omejitev pošiljanja za poštni predal preglasi pravilo omejitve za domeno.",
	+ "kind": "Tip",
	+ "client_secret": "Client secret",
	+ "comment_info": "Zasebni komentar ni viden uporabniku, javni komentar pa je viden kot tooltip v uporabnikovem pregledu.",
	+ "created_on": "Ustvarjeno",
	+ "custom_attributes": "Atributi po meri",
	+ "delete1": "Izbriši na viru, ko je končano",
	+ "delete2": "Izbriši sporočila na cilju, ki ne obstajajo na viru",
	+ "delete2duplicates": "Izbriši dvojnike na cilju",
	+ "delete_ays": "Prosim potrdite proces izbrisa.",
	+ "description": "Opis",
	+ "disable_login": "Onemogoči prijavo (dohodna pošta je še vedno sprejeta)",
	+ "domain": "Uredi domeno",
	+ "domain_admin": "Uredi domenskega skrbnika",
	+ "domain_footer": "Noga za celo domeno",
	+ "domain_footer_html": "HTML noga",
	+ "pushover_vars": "Če ni definiran noben filter pošiljatelja, bodo upoštevana vsa sporočila.<br>Regex filtre in natančna preverjanja pošiljateljev je mogoče definirati posamezno in bodo obravnavani v nadaljevanju. Niso odvisni drug od drugega.<br>Uporabne spremenljivke za besedilo in naslov (prosimo, upoštevajte politike varstva podatkov)",
	+ "pushover_verify": "Preveri poverilnice",
	+ "quota_mb": "Omejitev (MiB)",
	+ "quota_warning_bcc": "BCC za sporočilo z opozorilom omejitve",
	+ "quota_warning_bcc_info": "Opozorila bodo poslana kot ločene kopije sledečim prejemnikom. K naslovu sporočila bo dodano uporabniško ime v oklepajih, npr. <code>Opozorilo omejitve (user@example.com)</code>",
	+ "ratelimit": "Omejitev pošiljanja",
	+ "advanced_settings": "Napredne nastavitve",
	+ "allow_from_smtp_info": "Pustite prazno da dovolite vse pošiljatelje.<br>IPv4/IPv6 naslovi in omrežja.",
	+ "allowed_protocols": "Dovoljeni protokoli",
	+ "app_name": "Ime aplikacije",
	+ "app_passwd": "Geslo aplikacije",
	+ "app_passwd_protocols": "Dovoljeni protokoli za geslo aplikacije",
	+ "backup_mx_options": "Možnosti posredovanja (relay)",
	+ "client_id": "Client ID",
	+ "domain_footer_info": "Noge za celo domeno so dodane k vsem izhodnim e-poštnim sporočilom v tej domeni.<br> V nogi se lahko uporabijo sledeče spremenljivke:",
	+ "domain_footer_plain": "PLAIN noga",
	+ "domain_footer_skip_replies": "Ne dodajaj noge v odgovorih na e-poštna sporočila",
	+ "domain_quota": "Omejitev (kvota) domene",
	+ "edit_alias_domain": "Uredi alias domeno",
	+ "exclude": "Izključi objekte (regex)",
	+ "extended_sender_acl": "Naslovi zunanjih pošiljateljev",
	+ "force_pw_update": "Obvezna zamenjava gesla ob naslednji prijavi",
	+ "force_pw_update_info": "Ta uporabnik se bo lahko prijavil samo v %s. Gesla aplikacij ostajajo v rabi.",
	+ "footer_exclude": "Izključi iz noge",
	+ "full_name": "Polno ime",
	+ "gal": "Globalni seznam naslovov (GAL)",
	+ "gal_info": "GAL vsebuje vse objekte v domeni in jih uporabniki ne morejo urejati. Če je onemogočeno, ni podatkov o o zasedenosti objekta! <b>Ponovno zaženite SOGo za uveljavitev sprememb.</b>",
	+ "generate": "generiraj",
	+ "grant_types": "Vrste dovoljenj",
	+ "hostname": "Ime gostitelja",
	+ "inactive": "Neaktivno",
	+ "last_modified": "Nazadnje spremenjeno",
	+ "mailbox": "Uredi poštni predal",
	+ "mailbox_quota_def": "Privzeta omejitev/kvota za poštni predal",
	+ "mailbox_relayhost_info": "Velja samo za poštni predal in neposredne aliase. Ne prepiše domenskega relay gostitelja.",
	+ "max_aliases": "Največ aliasov",
	+ "max_mailboxes": "Največ možnih poštnih predalov",
	+ "max_quota": "Največja omejitev/kvota na poštni predal (MiB)",
	+ "maxage": "Največja starost sporočil (v dnevih), po katerih bo poizvedeno iz oddaljenega vira <br><small>(0 = ne omejuj)</small>",
	+ "mins_interval": "Interval (min)",
	+ "multiple_bookings": "Več rezervacij",
	+ "none_inherit": "Brez / podeduj",
	+ "nexthop": "Naslednji skok",
	+ "password": "Geslo",
	+ "password_repeat": "Potrditev gesla (ponovite)",
	+ "previous": "Prejšnja stran",
	+ "private_comment": "Zasebni komentar",
	+ "public_comment": "Javni komentar",
	+ "pushover": "Pushover",
	+ "pushover_evaluate_x_prio": "Eskaliraj visoko prednostno pošto [<code>X-Priority: 1</code>]",
	+ "pushover_info": "Nastavitve potisnih obvestil bodo veljala za vsa čisto (ne spam) elektronsko pošto dostavljeno v <b>%s</b> vključno z aliasi (deljeni, nedeljeni, označeni)",
	+ "pushover_only_x_prio": "Upoštevaj samo pošto z visoko prioriteto [<code>X-Priority: 1</code>]",
	+ "pushover_sender_regex": "Upoštevaj sledeči regex za pošiljatelja",
	+ "pushover_text": "Besedilo obvestila",
	+ "pushover_sound": "Zvok",
	+ "encryption": "Šifriranje",
	+ "alias": "Uredi alias"
	}
	}
	diff --git a/docker-compose.yml b/docker-compose.yml
	index 783613c2..a96bdc15 100644
	--- a/docker-compose.yml
	+++ b/docker-compose.yml
	@@ -1,687 +1,688 @@
	services:

	unbound-mailcow:
	image: mailcow/unbound:1.22
	environment:
	- TZ=${TZ}
	- SKIP_UNBOUND_HEALTHCHECK=${SKIP_UNBOUND_HEALTHCHECK:-n}
	volumes:
	- ./data/hooks/unbound:/hooks:Z
	- ./data/conf/unbound/unbound.conf:/etc/unbound/unbound.conf:ro,Z
	restart: always
	tty: true
	networks:
	mailcow-network:
	ipv4_address: ${IPV4_NETWORK:-172.22.1}.254
	aliases:
	- unbound

	mysql-mailcow:
	image: mariadb:10.5
	depends_on:
	- unbound-mailcow
	- netfilter-mailcow
	stop_grace_period: 45s
	volumes:
	- mysql-vol-1:/var/lib/mysql/
	- mysql-socket-vol-1:/var/run/mysqld/
	- ./data/conf/mysql/:/etc/mysql/conf.d/:ro,Z
	environment:
	- TZ=${TZ}
	- MYSQL_ROOT_PASSWORD=${DBROOT}
	- MYSQL_DATABASE=${DBNAME}
	- MYSQL_USER=${DBUSER}
	- MYSQL_PASSWORD=${DBPASS}
	- MYSQL_INITDB_SKIP_TZINFO=1
	restart: always
	ports:
	- "${SQL_PORT:-127.0.0.1:13306}:3306"
	networks:
	mailcow-network:
	aliases:
	- mysql

	redis-mailcow:
	image: redis:7-alpine
	volumes:
	- redis-vol-1:/data/
	restart: always
	depends_on:
	- netfilter-mailcow
	ports:
	- "${REDIS_PORT:-127.0.0.1:7654}:6379"
	environment:
	- TZ=${TZ}
	sysctls:
	- net.core.somaxconn=4096
	networks:
	mailcow-network:
	ipv4_address: ${IPV4_NETWORK:-172.22.1}.249
	aliases:
	- redis

	clamd-mailcow:
	image: mailcow/clamd:1.66
	restart: always
	depends_on:
	unbound-mailcow:
	condition: service_healthy
	dns:
	- ${IPV4_NETWORK:-172.22.1}.254
	environment:
	- TZ=${TZ}
	- SKIP_CLAMD=${SKIP_CLAMD:-n}
	volumes:
	- ./data/conf/clamav/:/etc/clamav/:Z
	- clamd-db-vol-1:/var/lib/clamav
	networks:
	mailcow-network:
	aliases:
	- clamd

	rspamd-mailcow:
	image: mailcow/rspamd:1.97
	stop_grace_period: 30s
	depends_on:
	- dovecot-mailcow
	environment:
	- TZ=${TZ}
	- IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
	- IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
	- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
	- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
	- SPAMHAUS_DQS_KEY=${SPAMHAUS_DQS_KEY:-}
	volumes:
	- ./data/hooks/rspamd:/hooks:Z
	- ./data/conf/rspamd/custom/:/etc/rspamd/custom:z
	- ./data/conf/rspamd/override.d/:/etc/rspamd/override.d:Z
	- ./data/conf/rspamd/local.d/:/etc/rspamd/local.d:Z
	- ./data/conf/rspamd/plugins.d/:/etc/rspamd/plugins.d:Z
	- ./data/conf/rspamd/lua/:/etc/rspamd/lua/:ro,Z
	- ./data/conf/rspamd/rspamd.conf.local:/etc/rspamd/rspamd.conf.local:Z
	- ./data/conf/rspamd/rspamd.conf.override:/etc/rspamd/rspamd.conf.override:Z
	- rspamd-vol-1:/var/lib/rspamd
	restart: always
	hostname: rspamd
	dns:
	- ${IPV4_NETWORK:-172.22.1}.254
	networks:
	mailcow-network:
	aliases:
	- rspamd

	php-fpm-mailcow:
	image: mailcow/phpfpm:1.88
	command: "php-fpm -d date.timezone=${TZ} -d expose_php=0"
	depends_on:
	- redis-mailcow
	volumes:
	- ./data/hooks/phpfpm:/hooks:Z
	- ./data/web:/web:z
	- ./data/conf/rspamd/dynmaps:/dynmaps:ro,z
	- ./data/conf/rspamd/custom/:/rspamd_custom_maps:z
	- ./data/conf/dovecot/auth/mailcowauth.php:/mailcowauth/mailcowauth.php:z
	- ./data/web/inc/functions.inc.php:/mailcowauth/functions.inc.php:z
	- ./data/web/inc/functions.auth.inc.php:/mailcowauth/functions.auth.inc.php:z
	- ./data/web/inc/sessions.inc.php:/mailcowauth/sessions.inc.php:z
	- ./data/web/inc/functions.mailbox.inc.php:/mailcowauth/functions.mailbox.inc.php:z
	- ./data/web/inc/functions.ratelimit.inc.php:/mailcowauth/functions.ratelimit.inc.php:z
	- rspamd-vol-1:/var/lib/rspamd
	- mysql-socket-vol-1:/var/run/mysqld/
	- ./data/conf/sogo/:/etc/sogo/:z
	- ./data/conf/rspamd/meta_exporter:/meta_exporter:ro,z
	- ./data/conf/phpfpm/crons:/crons:z
	- ./data/conf/phpfpm/sogo-sso/:/etc/sogo-sso/:z
	- ./data/conf/phpfpm/php-fpm.d/pools.conf:/usr/local/etc/php-fpm.d/z-pools.conf:Z
	- ./data/conf/phpfpm/php-conf.d/opcache-recommended.ini:/usr/local/etc/php/conf.d/opcache-recommended.ini:Z
	- ./data/conf/phpfpm/php-conf.d/upload.ini:/usr/local/etc/php/conf.d/upload.ini:Z
	- ./data/conf/phpfpm/php-conf.d/other.ini:/usr/local/etc/php/conf.d/zzz-other.ini:Z
	- ./data/conf/dovecot/global_sieve_before:/global_sieve/before:z
	- ./data/conf/dovecot/global_sieve_after:/global_sieve/after:z
	- ./data/assets/templates:/tpls:z
	- ./data/conf/nginx/:/etc/nginx/conf.d/:z
	dns:
	- ${IPV4_NETWORK:-172.22.1}.254
	environment:
	- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
	- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
	- LOG_LINES=${LOG_LINES:-9999}
	- TZ=${TZ}
	- DBNAME=${DBNAME}
	- DBUSER=${DBUSER}
	- DBPASS=${DBPASS}
	- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
	- MAILCOW_PASS_SCHEME=${MAILCOW_PASS_SCHEME:-BLF-CRYPT}
	- IMAP_PORT=${IMAP_PORT:-143}
	- IMAPS_PORT=${IMAPS_PORT:-993}
	- POP_PORT=${POP_PORT:-110}
	- POPS_PORT=${POPS_PORT:-995}
	- SIEVE_PORT=${SIEVE_PORT:-4190}
	- IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
	- IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
	- SUBMISSION_PORT=${SUBMISSION_PORT:-587}
	- SMTPS_PORT=${SMTPS_PORT:-465}
	- SMTP_PORT=${SMTP_PORT:-25}
	- API_KEY=${API_KEY:-invalid}
	- API_KEY_READ_ONLY=${API_KEY_READ_ONLY:-invalid}
	- API_ALLOW_FROM=${API_ALLOW_FROM:-invalid}
	- COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized}
	- SKIP_SOLR=${SKIP_SOLR:-y}
	- SKIP_CLAMD=${SKIP_CLAMD:-n}
	- SKIP_SOGO=${SKIP_SOGO:-n}
	- ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
	- MASTER=${MASTER:-y}
	- DEV_MODE=${DEV_MODE:-n}
	- DEMO_MODE=${DEMO_MODE:-n}
	- WEBAUTHN_ONLY_TRUSTED_VENDORS=${WEBAUTHN_ONLY_TRUSTED_VENDORS:-n}
	- CLUSTERMODE=${CLUSTERMODE:-}
	restart: always
	labels:
	ofelia.enabled: "true"
	ofelia.job-exec.phpfpm_keycloak_sync.schedule: "@every 1m"
	ofelia.job-exec.phpfpm_keycloak_sync.no-overlap: "true"
	ofelia.job-exec.phpfpm_keycloak_sync.command: "/bin/bash -c \"php /crons/keycloak-sync.php \|\| exit 0\""
	ofelia.job-exec.phpfpm_ldap_sync.schedule: "@every 1m"
	ofelia.job-exec.phpfpm_ldap_sync.no-overlap: "true"
	ofelia.job-exec.phpfpm_ldap_sync.command: "/bin/bash -c \"php /crons/ldap-sync.php \|\| exit 0\""
	networks:
	mailcow-network:
	aliases:
	- phpfpm

	sogo-mailcow:
	image: mailcow/sogo:nightly-20240731
	environment:
	- DBNAME=${DBNAME}
	- DBUSER=${DBUSER}
	- DBPASS=${DBPASS}
	- TZ=${TZ}
	- LOG_LINES=${LOG_LINES:-9999}
	- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
	- MAILCOW_PASS_SCHEME=${MAILCOW_PASS_SCHEME:-BLF-CRYPT}
	- ACL_ANYONE=${ACL_ANYONE:-disallow}
	- ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
	- IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
	- SOGO_EXPIRE_SESSION=${SOGO_EXPIRE_SESSION:-480}
	- SKIP_SOGO=${SKIP_SOGO:-n}
	- MASTER=${MASTER:-y}
	- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
	- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
	dns:
	- ${IPV4_NETWORK:-172.22.1}.254
	volumes:
	- ./data/hooks/sogo:/hooks:Z
	- ./data/conf/sogo/:/etc/sogo/:z
	- ./data/web/inc/init_db.inc.php:/init_db.inc.php:z
	- ./data/conf/sogo/custom-favicon.ico:/usr/lib/GNUstep/SOGo/WebServerResources/img/sogo.ico:z
	- ./data/conf/sogo/custom-theme.js:/usr/lib/GNUstep/SOGo/WebServerResources/js/theme.js:z
	- ./data/conf/sogo/custom-sogo.js:/usr/lib/GNUstep/SOGo/WebServerResources/js/custom-sogo.js:z
	- mysql-socket-vol-1:/var/run/mysqld/
	- sogo-web-vol-1:/sogo_web
	- sogo-userdata-backup-vol-1:/sogo_backup
	labels:
	ofelia.enabled: "true"
	ofelia.job-exec.sogo_sessions.schedule: "@every 1m"
	ofelia.job-exec.sogo_sessions.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-tool -v expire-sessions $${SOGO_EXPIRE_SESSION} \|\| exit 0\""
	ofelia.job-exec.sogo_ealarms.schedule: "@every 1m"
	ofelia.job-exec.sogo_ealarms.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-ealarms-notify -p /etc/sogo/sieve.creds \|\| exit 0\""
	ofelia.job-exec.sogo_eautoreply.schedule: "@every 5m"
	ofelia.job-exec.sogo_eautoreply.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-tool update-autoreply -p /etc/sogo/sieve.creds \|\| exit 0\""
	ofelia.job-exec.sogo_backup.schedule: "@every 24h"
	ofelia.job-exec.sogo_backup.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-tool backup /sogo_backup ALL \|\| exit 0\""
	restart: always
	networks:
	mailcow-network:
	ipv4_address: ${IPV4_NETWORK:-172.22.1}.248
	aliases:
	- sogo

	dovecot-mailcow:
	image: mailcow/dovecot:nightly-20240807
	depends_on:
	- mysql-mailcow
	- netfilter-mailcow
	dns:
	- ${IPV4_NETWORK:-172.22.1}.254
	cap_add:
	- NET_BIND_SERVICE
	volumes:
	- ./data/hooks/dovecot:/hooks:Z
	- ./data/conf/dovecot:/etc/dovecot:z
	- ./data/assets/ssl:/etc/ssl/mail/:ro,z
	- ./data/conf/sogo/:/etc/sogo/:z
	- ./data/conf/phpfpm/sogo-sso/:/etc/phpfpm/:z
	- vmail-vol-1:/var/vmail
	- vmail-index-vol-1:/var/vmail_index
	- crypt-vol-1:/mail_crypt/
	- ./data/conf/rspamd/custom/:/etc/rspamd/custom:z
	- ./data/assets/templates:/templates:z
	- rspamd-vol-1:/var/lib/rspamd
	- mysql-socket-vol-1:/var/run/mysqld/
	environment:
	- DOVECOT_MASTER_USER=${DOVECOT_MASTER_USER:-}
	- DOVECOT_MASTER_PASS=${DOVECOT_MASTER_PASS:-}
	- MAILCOW_REPLICA_IP=${MAILCOW_REPLICA_IP:-}
	- DOVEADM_REPLICA_PORT=${DOVEADM_REPLICA_PORT:-}
	- LOG_LINES=${LOG_LINES:-9999}
	- DBNAME=${DBNAME}
	- DBUSER=${DBUSER}
	- DBPASS=${DBPASS}
	- TZ=${TZ}
	- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
	- MAILCOW_PASS_SCHEME=${MAILCOW_PASS_SCHEME:-BLF-CRYPT}
	- IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
	- ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
	- MAILDIR_GC_TIME=${MAILDIR_GC_TIME:-7200}
	- ACL_ANYONE=${ACL_ANYONE:-disallow}
	- SKIP_SOLR=${SKIP_SOLR:-y}
	- MAILDIR_SUB=${MAILDIR_SUB:-}
	- MASTER=${MASTER:-y}
	- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
	- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
	- COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized}
	- FLATCURVE_EXPERIMENTAL=${FLATCURVE_EXPERIMENTAL:-n}
	ports:
	- "${DOVEADM_PORT:-127.0.0.1:19991}:12345"
	- "${IMAP_PORT:-143}:143"
	- "${IMAPS_PORT:-993}:993"
	- "${POP_PORT:-110}:110"
	- "${POPS_PORT:-995}:995"
	- "${SIEVE_PORT:-4190}:4190"
	restart: always
	tty: true
	labels:
	ofelia.enabled: "true"
	ofelia.job-exec.dovecot_imapsync_runner.schedule: "@every 1m"
	ofelia.job-exec.dovecot_imapsync_runner.no-overlap: "true"
	ofelia.job-exec.dovecot_imapsync_runner.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu nobody /usr/local/bin/imapsync_runner.pl \|\| exit 0\""
	ofelia.job-exec.dovecot_trim_logs.schedule: "@every 1m"
	ofelia.job-exec.dovecot_trim_logs.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu vmail /usr/local/bin/trim_logs.sh \|\| exit 0\""
	ofelia.job-exec.dovecot_quarantine.schedule: "@every 20m"
	ofelia.job-exec.dovecot_quarantine.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu vmail /usr/local/bin/quarantine_notify.py \|\| exit 0\""
	ofelia.job-exec.dovecot_clean_q_aged.schedule: "@every 24h"
	ofelia.job-exec.dovecot_clean_q_aged.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu vmail /usr/local/bin/clean_q_aged.sh \|\| exit 0\""
	ofelia.job-exec.dovecot_maildir_gc.schedule: "@every 30m"
	ofelia.job-exec.dovecot_maildir_gc.command: "/bin/bash -c \"source /source_env.sh ; /usr/local/bin/gosu vmail /usr/local/bin/maildir_gc.sh\""
	ofelia.job-exec.dovecot_sarules.schedule: "@every 24h"
	ofelia.job-exec.dovecot_sarules.command: "/bin/bash -c \"/usr/local/bin/sa-rules.sh\""
	ofelia.job-exec.dovecot_fts.schedule: "@every 24h"
	ofelia.job-exec.dovecot_fts.command: "/bin/bash -c \"/usr/local/bin/gosu vmail /usr/local/bin/optimize-fts.sh\""
	ofelia.job-exec.dovecot_repl_health.schedule: "@every 5m"
	ofelia.job-exec.dovecot_repl_health.command: "/bin/bash -c \"/usr/local/bin/gosu vmail /usr/local/bin/repl_health.sh\""
	ulimits:
	nproc: 65535
	nofile:
	soft: 20000
	hard: 40000
	networks:
	mailcow-network:
	ipv4_address: ${IPV4_NETWORK:-172.22.1}.250
	aliases:
	- dovecot

	postfix-mailcow:
	image: mailcow/postfix:1.75
	depends_on:
	mysql-mailcow:
	condition: service_started
	unbound-mailcow:
	condition: service_healthy
	volumes:
	- ./data/hooks/postfix:/hooks:Z
	- ./data/conf/postfix:/opt/postfix/conf:z
	- ./data/assets/ssl:/etc/ssl/mail/:ro,z
	- postfix-vol-1:/var/spool/postfix
	- crypt-vol-1:/var/lib/zeyple
	- rspamd-vol-1:/var/lib/rspamd
	- mysql-socket-vol-1:/var/run/mysqld/
	environment:
	- LOG_LINES=${LOG_LINES:-9999}
	- TZ=${TZ}
	- DBNAME=${DBNAME}
	- DBUSER=${DBUSER}
	- DBPASS=${DBPASS}
	- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
	- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
	- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
	- SPAMHAUS_DQS_KEY=${SPAMHAUS_DQS_KEY:-}
	cap_add:
	- NET_BIND_SERVICE
	ports:
	- "${SMTP_PORT:-25}:25"
	- "${SMTPS_PORT:-465}:465"
	- "${SUBMISSION_PORT:-587}:587"
	restart: always
	dns:
	- ${IPV4_NETWORK:-172.22.1}.254
	networks:
	mailcow-network:
	ipv4_address: ${IPV4_NETWORK:-172.22.1}.253
	aliases:
	- postfix

	memcached-mailcow:
	image: memcached:alpine
	restart: always
	environment:
	- TZ=${TZ}
	networks:
	mailcow-network:
	aliases:
	- memcached

	nginx-mailcow:
	depends_on:
	- sogo-mailcow
	- php-fpm-mailcow
	- redis-mailcow
	image: nginx:mainline-alpine
	dns:
	- ${IPV4_NETWORK:-172.22.1}.254
	command: /bin/sh -c "envsubst < /etc/nginx/conf.d/templates/listen_plain.template > /etc/nginx/conf.d/listen_plain.active &&
	envsubst < /etc/nginx/conf.d/templates/listen_ssl.template > /etc/nginx/conf.d/listen_ssl.active &&
	envsubst < /etc/nginx/conf.d/templates/sogo.template > /etc/nginx/conf.d/sogo.active &&
	. /etc/nginx/conf.d/templates/server_name.template.sh > /etc/nginx/conf.d/server_name.active &&
	. /etc/nginx/conf.d/templates/sites.template.sh > /etc/nginx/conf.d/sites.active &&
	. /etc/nginx/conf.d/templates/sogo_eas.template.sh > /etc/nginx/conf.d/sogo_eas.active &&
	nginx -qt &&
	until ping phpfpm -c1 > /dev/null; do sleep 1; done &&
	until ping sogo -c1 > /dev/null; do sleep 1; done &&
	until ping redis -c1 > /dev/null; do sleep 1; done &&
	until ping rspamd -c1 > /dev/null; do sleep 1; done &&
	exec nginx -g 'daemon off;'"
	environment:
	- HTTPS_PORT=${HTTPS_PORT:-443}
	- HTTP_PORT=${HTTP_PORT:-80}
	- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
	- IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
	- TZ=${TZ}
	- SKIP_SOGO=${SKIP_SOGO:-n}
	- ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
	- ADDITIONAL_SERVER_NAMES=${ADDITIONAL_SERVER_NAMES:-}
	volumes:
	- ./data/web:/web:ro,z
	- ./data/conf/rspamd/dynmaps:/dynmaps:ro,z
	- ./data/assets/ssl/:/etc/ssl/mail/:ro,z
	- ./data/conf/nginx/:/etc/nginx/conf.d/:z
	- ./data/conf/rspamd/meta_exporter:/meta_exporter:ro,z
	- ./data/conf/dovecot/auth/mailcowauth.php:/mailcowauth/mailcowauth.php:z
	- ./data/web/inc/functions.inc.php:/mailcowauth/functions.inc.php:z
	- ./data/web/inc/functions.auth.inc.php:/mailcowauth/functions.auth.inc.php:z
	- ./data/web/inc/sessions.inc.php:/mailcowauth/sessions.inc.php:z
	- sogo-web-vol-1:/usr/lib/GNUstep/SOGo/
	ports:
	- "${HTTPS_BIND:-}:${HTTPS_PORT:-443}:${HTTPS_PORT:-443}"
	- "${HTTP_BIND:-}:${HTTP_PORT:-80}:${HTTP_PORT:-80}"
	restart: always
	networks:
	mailcow-network:
	aliases:
	- nginx

	acme-mailcow:
	depends_on:
	nginx-mailcow:
	condition: service_started
	unbound-mailcow:
	condition: service_healthy
	image: mailcow/acme:1.89
	dns:
	- ${IPV4_NETWORK:-172.22.1}.254
	environment:
	- LOG_LINES=${LOG_LINES:-9999}
	- ACME_CONTACT=${ACME_CONTACT:-}
	- ADDITIONAL_SAN=${ADDITIONAL_SAN}
	- AUTODISCOVER_SAN=${AUTODISCOVER_SAN:-y}
	- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
	- DBNAME=${DBNAME}
	- DBUSER=${DBUSER}
	- DBPASS=${DBPASS}
	- SKIP_LETS_ENCRYPT=${SKIP_LETS_ENCRYPT:-n}
	- COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized}
	- DIRECTORY_URL=${DIRECTORY_URL:-}
	- ENABLE_SSL_SNI=${ENABLE_SSL_SNI:-n}
	- SKIP_IP_CHECK=${SKIP_IP_CHECK:-n}
	- SKIP_HTTP_VERIFICATION=${SKIP_HTTP_VERIFICATION:-n}
	- ONLY_MAILCOW_HOSTNAME=${ONLY_MAILCOW_HOSTNAME:-n}
	- LE_STAGING=${LE_STAGING:-n}
	- TZ=${TZ}
	- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
	- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
	- SNAT_TO_SOURCE=${SNAT_TO_SOURCE:-n}
	- SNAT6_TO_SOURCE=${SNAT6_TO_SOURCE:-n}
	volumes:
	- ./data/web/.well-known/acme-challenge:/var/www/acme:z
	- ./data/assets/ssl:/var/lib/acme/:z
	- ./data/assets/ssl-example:/var/lib/ssl-example/:ro,Z
	- mysql-socket-vol-1:/var/run/mysqld/
	restart: always
	networks:
	mailcow-network:
	aliases:
	- acme

	netfilter-mailcow:
	image: mailcow/netfilter:1.59
	stop_grace_period: 30s
	restart: always
	privileged: true
	environment:
	- TZ=${TZ}
	- IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
	- IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
	- SNAT_TO_SOURCE=${SNAT_TO_SOURCE:-n}
	- SNAT6_TO_SOURCE=${SNAT6_TO_SOURCE:-n}
	- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
	- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
	- MAILCOW_REPLICA_IP=${MAILCOW_REPLICA_IP:-}
	- DISABLE_NETFILTER_ISOLATION_RULE=${DISABLE_NETFILTER_ISOLATION_RULE:-n}
	network_mode: "host"
	volumes:
	- /lib/modules:/lib/modules:ro

	watchdog-mailcow:
	- image: mailcow/watchdog:2.03
	+ image: mailcow/watchdog:2.04
	dns:
	- ${IPV4_NETWORK:-172.22.1}.254
	tmpfs:
	- /tmp
	volumes:
	- rspamd-vol-1:/var/lib/rspamd
	- mysql-socket-vol-1:/var/run/mysqld/
	- postfix-vol-1:/var/spool/postfix
	- ./data/assets/ssl:/etc/ssl/mail/:ro,z
	restart: always
	depends_on:
	- postfix-mailcow
	- dovecot-mailcow
	- mysql-mailcow
	- acme-mailcow
	- redis-mailcow
	environment:
	- IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}
	- LOG_LINES=${LOG_LINES:-9999}
	- TZ=${TZ}
	- DBNAME=${DBNAME}
	- DBUSER=${DBUSER}
	- DBPASS=${DBPASS}
	- DBROOT=${DBROOT}
	- USE_WATCHDOG=${USE_WATCHDOG:-n}
	- WATCHDOG_NOTIFY_EMAIL=${WATCHDOG_NOTIFY_EMAIL:-}
	- WATCHDOG_NOTIFY_BAN=${WATCHDOG_NOTIFY_BAN:-y}
	- WATCHDOG_NOTIFY_START=${WATCHDOG_NOTIFY_START:-y}
	- WATCHDOG_SUBJECT=${WATCHDOG_SUBJECT:-Watchdog ALERT}
	- WATCHDOG_NOTIFY_WEBHOOK=${WATCHDOG_NOTIFY_WEBHOOK:-}
	- WATCHDOG_NOTIFY_WEBHOOK_BODY=${WATCHDOG_NOTIFY_WEBHOOK_BODY:-}
	- WATCHDOG_EXTERNAL_CHECKS=${WATCHDOG_EXTERNAL_CHECKS:-n}
	- WATCHDOG_MYSQL_REPLICATION_CHECKS=${WATCHDOG_MYSQL_REPLICATION_CHECKS:-n}
	- WATCHDOG_VERBOSE=${WATCHDOG_VERBOSE:-n}
	- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
	- COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized}
	- IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
	- IP_BY_DOCKER_API=${IP_BY_DOCKER_API:-0}
	- CHECK_UNBOUND=${CHECK_UNBOUND:-1}
	- SKIP_CLAMD=${SKIP_CLAMD:-n}
	- SKIP_LETS_ENCRYPT=${SKIP_LETS_ENCRYPT:-n}
	- SKIP_SOGO=${SKIP_SOGO:-n}
	- HTTPS_PORT=${HTTPS_PORT:-443}
	- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
	- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
	- EXTERNAL_CHECKS_THRESHOLD=${EXTERNAL_CHECKS_THRESHOLD:-1}
	- NGINX_THRESHOLD=${NGINX_THRESHOLD:-5}
	- UNBOUND_THRESHOLD=${UNBOUND_THRESHOLD:-5}
	- REDIS_THRESHOLD=${REDIS_THRESHOLD:-5}
	- MYSQL_THRESHOLD=${MYSQL_THRESHOLD:-5}
	- MYSQL_REPLICATION_THRESHOLD=${MYSQL_REPLICATION_THRESHOLD:-1}
	- SOGO_THRESHOLD=${SOGO_THRESHOLD:-3}
	- POSTFIX_THRESHOLD=${POSTFIX_THRESHOLD:-8}
	- CLAMD_THRESHOLD=${CLAMD_THRESHOLD:-15}
	- DOVECOT_THRESHOLD=${DOVECOT_THRESHOLD:-12}
	- DOVECOT_REPL_THRESHOLD=${DOVECOT_REPL_THRESHOLD:-20}
	- PHPFPM_THRESHOLD=${PHPFPM_THRESHOLD:-5}
	- RATELIMIT_THRESHOLD=${RATELIMIT_THRESHOLD:-1}
	- FAIL2BAN_THRESHOLD=${FAIL2BAN_THRESHOLD:-1}
	- ACME_THRESHOLD=${ACME_THRESHOLD:-1}
	- RSPAMD_THRESHOLD=${RSPAMD_THRESHOLD:-5}
	- OLEFY_THRESHOLD=${OLEFY_THRESHOLD:-5}
	- MAILQ_THRESHOLD=${MAILQ_THRESHOLD:-20}
	- MAILQ_CRIT=${MAILQ_CRIT:-30}
	networks:
	mailcow-network:
	aliases:
	- watchdog

	dockerapi-mailcow:
	image: mailcow/dockerapi:2.08
	security_opt:
	- label=disable
	restart: always
	dns:
	- ${IPV4_NETWORK:-172.22.1}.254
	environment:
	- DBROOT=${DBROOT}
	- TZ=${TZ}
	- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
	- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
	volumes:
	- /var/run/docker.sock:/var/run/docker.sock:ro
	networks:
	mailcow-network:
	aliases:
	- dockerapi


	##### Will be removed soon #####
	solr-mailcow:
	image: mailcow/solr:1.8.3
	restart: always
	depends_on:
	- netfilter-mailcow
	volumes:
	- solr-vol-1:/opt/solr/server/solr/dovecot-fts/data
	ports:
	- "${SOLR_PORT:-127.0.0.1:18983}:8983"
	environment:
	- TZ=${TZ}
	- SOLR_HEAP=${SOLR_HEAP:-1024}
	- SKIP_SOLR=${SKIP_SOLR:-y}
	- FLATCURVE_EXPERIMENTAL=${FLATCURVE_EXPERIMENTAL:-n}
	networks:
	mailcow-network:
	aliases:
	- solr
	################################

	olefy-mailcow:
	image: mailcow/olefy:1.13
	restart: always
	environment:
	- TZ=${TZ}
	- OLEFY_BINDADDRESS=0.0.0.0
	- OLEFY_BINDPORT=10055
	- OLEFY_TMPDIR=/tmp
	- OLEFY_PYTHON_PATH=/usr/bin/python3
	- OLEFY_OLEVBA_PATH=/usr/bin/olevba
	- OLEFY_LOGLVL=20
	- OLEFY_MINLENGTH=500
	- OLEFY_DEL_TMP=1
	networks:
	mailcow-network:
	aliases:
	- olefy

	ofelia-mailcow:
	image: mcuadros/ofelia:latest
	restart: always
	- command: daemon --docker
	+ command: daemon --docker -f label=com.docker.compose.project=${COMPOSE_PROJECT_NAME}
	environment:
	- TZ=${TZ}
	+ - COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME}
	depends_on:
	- sogo-mailcow
	- dovecot-mailcow
	labels:
	ofelia.enabled: "true"
	security_opt:
	- label=disable
	volumes:
	- /var/run/docker.sock:/var/run/docker.sock:ro
	networks:
	mailcow-network:
	aliases:
	- ofelia

	ipv6nat-mailcow:
	depends_on:
	- unbound-mailcow
	- mysql-mailcow
	- redis-mailcow
	- clamd-mailcow
	- rspamd-mailcow
	- php-fpm-mailcow
	- sogo-mailcow
	- dovecot-mailcow
	- postfix-mailcow
	- memcached-mailcow
	- nginx-mailcow
	- acme-mailcow
	- netfilter-mailcow
	- watchdog-mailcow
	- dockerapi-mailcow
	- solr-mailcow
	environment:
	- TZ=${TZ}
	image: robbertkl/ipv6nat
	security_opt:
	- label=disable
	restart: always
	privileged: true
	network_mode: "host"
	volumes:
	- /var/run/docker.sock:/var/run/docker.sock:ro
	- /lib/modules:/lib/modules:ro

	networks:
	mailcow-network:
	driver: bridge
	driver_opts:
	com.docker.network.bridge.name: br-mailcow
	enable_ipv6: true
	ipam:
	driver: default
	config:
	- subnet: ${IPV4_NETWORK:-172.22.1}.0/24
	- subnet: ${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64}

	volumes:
	vmail-vol-1:
	vmail-index-vol-1:
	mysql-vol-1:
	mysql-socket-vol-1:
	redis-vol-1:
	rspamd-vol-1:
	solr-vol-1:
	postfix-vol-1:
	crypt-vol-1:
	sogo-web-vol-1:
	sogo-userdata-backup-vol-1:
	clamd-db-vol-1:

File Metadata

Mime Type: text/x-diff
Expires: 9月 11 Thu, 1:44 PM (22 h, 15 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 5560
默认替代文本: (114 KB)

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions