Please wait...
0 files
If you have a preference then go with your preference. Neither method of installation is going away anytime soon, and they both get updated on the same day whenever there is a new release.
LOL, yes that sounds crazy. You must be on your computer working on this on a daily bases.
I would loose track of a setup like that by just doing something else for a few days.
Anyhow. thanks for the quick reply.
By the way I saw you are finally working on a face lift for webcit. Way to go, I think that alone will bring more people to this project.
I was thinking of doing an citadel admin panel add on for Roundcube once many moons ago. But I hate php, specially php after version 5.
LOL, yes that sounds crazy. You must be on your computer working
on this on a daily bases.
I would loose track of a setup like that by just doing something
else for a few days.
Heh. I've gotten into the habit of documenting what I did in /root/README.txt in both the host itself and inside any container that does something non-obvious.
That way if I forget what I did I'll have a reminder ... or if someone else takes over later on they'll know what I did.
That last bit is because I'm now in my 50s and thinking that I really want both Citadel and Uncensored to outlive me, and although I am very healthy right now, we never know how much more time we've got, right? I intend to keep doing this for the rest of my life, and my Calabrese DNA makes me stubborn enough to actually do it. On the other hand, my dad's "never retire" posture was cut short by Alzheimer's disease, so we really never know how long a "forever" intention will last.
Ok that got dark fast. I'm here and I'm not stopping. And yes, you're correct, the WebCit rewrite is a huge project but I believe it will pay off. Check the screenshots at https://www.citadel.org/roadmap.html if you haven't already.
LOL, yes that sounds crazy. You must be on your computer working
on this on a daily bases.
I would loose track of a setup like that by just doing something
else for a few days.
Heh. I've gotten into the habit of documenting what I did in /root/README.txt in both the host itself and inside any container that does something non-obvious.
That way if I forget what I did I'll have a reminder ... or if someone else takes over later on they'll know what I did.
That last bit is because I'm now in my 50s and thinking that I really want both Citadel and Uncensored to outlive me, and although I am very healthy right now, we never know how much more time we've got, right? I intend to keep doing this for the rest of my life, and my Calabrese DNA makes me stubborn enough to actually do it. On the other hand, my dad's "never retire" posture was cut short by Alzheimer's disease, so we really never know how long a "forever" intention will last.
Ok that got dark fast. I'm here and I'm not stopping. And yes, you're correct, the WebCit rewrite is a huge project but I believe it will pay off. Check the screenshots at https://www.citadel.org/roadmap.html if you haven't already.
I have seen the screenshots, and they look fantastic. I have been following your work for many years now, way more then one likes to admit. I am turning 60 this year so yes I know exactly where you are coming from, and what you are talking about. Back when I was BBSing on my Commodore 64 2400 baud, and later Amiga 1200 with a 9600 baud supra modem I hadn't discovered Citadel. I think it was around 2000 when I first came across Citadel. In other words the text client was already nostalgia for a long time by then. But I had fun with it, because it took be back to my teen years, when a text client like that was all we had.
I am glad that you are still keeping Citadel not only alive but usable and relevant. When I see hosts using these fragile, glued together systems to provide email, I wonder why they don't look in to Citadel.
I guess it has something to do with the user management system. They don't want to give system/pam access, they don't want to use LDAP, and they don't want to manage users with the citadel internal system.
Since they need to give users access to other services such as http, ftp etc. I think if you had made a different user access system which they can control via sql, Citadel would have been more successful.
But hey, what do I know. I am just glad that Citadel is around and that I can come back to it when ever I need to. Maybe it is even for the best who knows. Look at what they did to other projects such as Gogs and Gitea.
We are here for a blink of an eye, all we can do is make the best of it. Everyone in it's on way. You are a good man, doing good work, and I am glad people like you exist. Keep it up, and keep your head up.
So I did install citadel via docker, because easyinstall refused to install on Void Linux. I no longer use Debian or anything with systemd.
Now I have no access to configuration files, startup scripts, aliases, sendmail etc.
Unless I login and configure it in the container, but that will break upgrades.
Currently what I need is limiting webcit to a domain such as mail.example.net rather then 0.0.0.0:80
Or at leased a way to change the port so I can proxy it behind a webserver.
Thanks for the help, I promise I will publish my notes / write up a manual in markdown for everything I figure out ... with your help.
By the way, I did this docker thing for citadel way back 9 years ago: https://hub.docker.com/r/robotamer/citadel
I reinstalled citadel via docker a few weeks ago and for some reason the HTTP port keeps returning a 404 Not Found on every endpoint.
There is not other software running on the same port which might be using the HTTP port, the HTTPS port works fine.
Does anyone know how I can HTTP to work again?
So I did install citadel via docker, because easyinstall refused to install on Void Linux. I no longer use Debian or anything with systemd.
Well, you could run Easy Install without systemd, but you'd have to write your own startup scripts.
Now I have no access to configuration files, startup scripts, aliases, sendmail etc.
Unless I login and configure it in the container, but that will break upgrades.
Hehe. You might be surprised to find that none of that stuff exists anymore. The global alias table is now inside Citadel, for example. We really did our best to get rid of configuration files that have to be edited on the host system. Just about all that's needed these days is the SSL key/certificate and the file directories ... and those are in the same persistent-mount that your database lives in, so you can get to them from the host system if you're doing a bind mount.
That having been said, I also had complex needs, which is why I decided to run Docker inside LXC. For example, my spamassassin instance runs inside the same LXC as the Citadel container. I've also got a DNS resolver running in there because I was hitting limits on RBL's when I used public resolvers. So the Dockerized solution doesn't take care of everything, it just keeps you from having to build it all.
By the way, I did this docker thing for citadel way back 9 years ago: https://hub.docker.com/r/robotamer/citadel
I do remember that. It was before I knew anything about containers. I'm curious how you got it all running. I ended up writing a supervisor process to act as a mini-init for the whole system, getting the various components started and restarting anything that accidentally crashed. Funny story about that: the supervisor process was originally intended for an AppImage build of the Citadel system so it could be distributed as a single binary that would run on any compatible host. It sort of worked, but the build was so fragile that I couldn't in good conscience commit to maintaining it. Eventually I realized that the supervisor we built for it, combined with the fact that we had shed a bunch of baggage such as being able to run in both consolidated and LHFS file layouts, meant that Docker would be a good target. So there it is.
I remember when I posted my docker setup here 9 years ago, I was laughed out of town!
I have posted a manual in "Citadel Documentation" for the docker installation.
That is with your docker setup. It let's you proxy webcit from a webserver.
Here is the link
I will also post my lighttpd proxy webserver setup soon!
My docker setup from 9 years ago is here:
https://bitbucket.org/robotamer/dockerfile/src/master/citadel/
If you have any questions about my docker setup, or what ever let me know. You can find me at mail.hansaray.pw
How did you change the Lobby /dotskip?room=_BASEROOM_ to wiki?page=home?
How do wiki pages work?
It seams you create a new post every edit.
Can one delete old pages? I am guessing one could do that in an IMAP login, is that save to do?
What does publish to Blog do, or what is it supposed to do? It does not do anything on my server.
I remember when I posted my docker setup here 9 years ago, I was laughed
out of town!
Well let's just say that you were more forward thinking than the rest of us :)
I took a look at your Dockerfile and I see you were supervising several programs with a shell script, whereas the new official Dockerfile use a custom supervisor.
I'm sure there are SOA purists out there who will point out that one should never run multiple services from the same container, but we did this for ease of installation, not for SOA.
How did you change the Lobby /dotskip?room=_BASEROOM_ to
wiki?page=home?
webcit has a "-g" flag that will enter its value as the first command sent to it. (The container has a similar flag that will pass it along to webcit.)
So you can do something like
webcit [other commands] -g "/dotgoto?room=Welcome to UNCENSORED!"
You can put anything in there you want. I chose to go with the welcome wiki because we can control exactly what it says on the front page.
How do wiki pages work?
It seams you create a new post every edit.
Yes, it does create a new post every edit, but the new post has the same EUID as the one being replaced, so it shows up indexed in the same place.
There is also a hidden chain of MIME parts containing diffs of the edit history.
Clever, right? ;)
Yes that wiki trick is clever.
Can you tell me what is happening here. I am using Let's Encrypt from: https://citadel.org/sslcertificates.html
telnet mail.hansaray.pw 587 0.977s (master) 20:54
Trying 107.189.21.115...
Connected to mail.hansaray.pw.
Escape character is '^]'.
220 mail.hansaray.pw ESMTP Citadel server ready.
ehlo
250-Hello (37.155.91.16 [37.155.91.16])
250-HELP
250-SIZE 10485760
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
starttls
554 TLS not supported here
quit
221 Goodbye...
Connection closed by foreign host.
~/P/go.hansaray.pw►telnet mail.hansaray.pw 587 27.261s (master) 21:10
Trying 107.189.21.115...
Connected to mail.hansaray.pw.
Escape character is '^]'.
220 mail.hansaray.pw ESMTP Citadel server ready.
ehlo
250-Hello (37.155.91.16 [37.155.91.16])
250-HELP
250-SIZE 10485760
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
starttls
554 TLS not supported here
quit
221 Goodbye...
Connection closed by foreign host.
~/P/go.hansaray.pw►telnet mail.hansaray.pw 25 22.01s (master) 21:12
Trying 107.189.21.115...
Connected to mail.hansaray.pw.
Escape character is '^]'.
220 mail.hansaray.pw ESMTP Citadel server ready.
helo
250 Hello (37.155.91.16 [37.155.91.16])
starttls
554 TLS not supported here
ehlo
250-Hello (37.155.91.16 [37.155.91.16])
250-HELP
250-SIZE 10485760
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
How did you change the Lobby /dotskip?room=_BASEROOM_ to
wiki?page=home?
webcit has a "-g" flag that will enter its value as the first command sent to it. (The container has a similar flag that will pass it along to webcit.)
So you can do something like
webcit [other commands] -g "/dotgoto?room=Welcome to UNCENSORED!"
You can put anything in there you want. I chose to go with the welcome wiki because we can control exactly what it says on the front page.
I like that, but How?
Do I modify the docker run command? Can you post an example please?
See it works fine for webcit. You can see it here: https://mail.hansaray.pw/
Wed Apr 02 2025 18:24:01 UTC from TaMeR
Yes that wiki trick is clever.
Can you tell me what is happening here. I am using Let's Encrypt from: https://citadel.org/sslcertificates.html
telnet mail.hansaray.pw 587 0.977s (master) 20:54
Trying 107.189.21.115...
Connected to mail.hansaray.pw.
Escape character is '^]'.
220 mail.hansaray.pw ESMTP Citadel server ready.
ehlo
250-Hello (37.155.91.16 [37.155.91.16])
250-HELP
250-SIZE 10485760
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
starttls
554 TLS not supported here
quit
221 Goodbye...
Connection closed by foreign host.
~/P/go.hansaray.pw►telnet mail.hansaray.pw 587 27.261s (master) 21:10
Trying 107.189.21.115...
Connected to mail.hansaray.pw.
Escape character is '^]'.
220 mail.hansaray.pw ESMTP Citadel server ready.
ehlo
250-Hello (37.155.91.16 [37.155.91.16])
250-HELP
250-SIZE 10485760
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
starttls
554 TLS not supported here
quit
221 Goodbye...
Connection closed by foreign host.
~/P/go.hansaray.pw►telnet mail.hansaray.pw 25 22.01s (master) 21:12
Trying 107.189.21.115...
Connected to mail.hansaray.pw.
Escape character is '^]'.
220 mail.hansaray.pw ESMTP Citadel server ready.
helo
250 Hello (37.155.91.16 [37.155.91.16])
starttls
554 TLS not supported here
ehlo
250-Hello (37.155.91.16 [37.155.91.16])
250-HELP
250-SIZE 10485760
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
lighttpd webserver to proxy webcit
Make sure you have set the host IP 127.0.1.2 to mail.example.net
server.modules += ( "mod_proxy", "mod_openssl" )
$HTTP["host"] == "mail.example.net" { proxy.balance = "hash" proxy.server = ( "" => ( "citadel" => ( "host" => "127.0.1.2", "port" => "8080" ) ) ) ssl.pemfile = "/etc/letsencrypt/live/mail.example.net/fullchain.pem" ssl.privkey = "/etc/letsencrypt/live/mail.example.net/privkey.pem" }
Something is wrong with the ssl. Hope you can help out.
openssl s_client -debug -starttls smtp -crlf -connect mail.hansaray.pw:587 01:25 Connecting to 107.189.21.115 CONNECTED(00000003) read from 0x5613738ac620 [0x5613738ab340] (4096 bytes => 50 (0x32)) 0000 - 32 32 30 20 6d 61 69 6c-2e 68 61 6e 73 61 72 61 220 mail.hansara 0010 - 79 2e 70 77 20 45 53 4d-54 50 20 43 69 74 61 64 y.pw ESMTP Citad 0020 - 65 6c 20 73 65 72 76 65-72 20 72 65 61 64 79 2e el server ready. 0030 - 0d 0a .. write to 0x5613738ac620 [0x5613738adae0] (23 bytes => 23 (0x17)) 0000 - 45 48 4c 4f 20 6d 61 69-6c 2e 65 78 61 6d 70 6c EHLO mail.exampl 0010 - 65 2e 63 6f 6d 0d 0a e.com.. read from 0x5613738ac620 [0x5613738ab340] (4096 bytes => 58 (0x3A)) 0000 - 32 35 30 2d 48 65 6c 6c-6f 20 6d 61 69 6c 2e 65 250-Hello mail.e 0010 - 78 61 6d 70 6c 65 2e 63-6f 6d 20 28 33 37 2e 31 xample.com (37.1 0020 - 35 35 2e 39 31 2e 31 36-20 5b 33 37 2e 31 35 35 55.91.16 [37.155 0030 - 2e 39 31 2e 31 36 5d 29-0d 0a .91.16]).. read from 0x5613738ac620 [0x5613738ab340] (4096 bytes => 101 (0x65)) 0000 - 32 35 30 2d 48 45 4c 50-0d 0a 32 35 30 2d 53 49 250-HELP..250-SI 0010 - 5a 45 20 31 30 34 38 35-37 36 30 0d 0a 32 35 30 ZE 10485760..250 0020 - 2d 53 54 41 52 54 54 4c-53 0d 0a 32 35 30 2d 41 -STARTTLS..250-A 0030 - 55 54 48 20 4c 4f 47 49-4e 20 50 4c 41 49 4e 0d UTH LOGIN PLAIN. 0040 - 0a 32 35 30 2d 41 55 54-48 3d 4c 4f 47 49 4e 20 .250-AUTH=LOGIN 0050 - 50 4c 41 49 4e 0d 0a 32-35 30 20 38 42 49 54 4d PLAIN..250 8BITM 0060 - 49 4d 45 0d 0a IME.. write to 0x5613738ac620 [0x7ffc42ccb550] (10 bytes => 10 (0xA)) 0000 - 53 54 41 52 54 54 4c 53-0d 0a STARTTLS.. read from 0x5613738ac620 [0x5613738505e0] (8192 bytes => 28 (0x1C)) 0000 - 35 35 34 20 54 4c 53 20-6e 6f 74 20 73 75 70 70 554 TLS not supp 0010 - 6f 72 74 65 64 20 68 65-72 65 0d 0a orted here.. write to 0x5613738ac620 [0x5613738b2e40] (324 bytes => 324 (0x144)) 0000 - 16 03 01 01 3f 01 00 01-3b 03 03 b3 32 d1 80 5e ....?...;...2..^ 0010 - 7a a7 90 f7 b1 0c a2 6c-1b 62 66 6e de fd 93 fe z......l.bfn.... 0020 - 8a 58 25 2e 6a 30 38 7e-34 7c 5e 20 8c 6b 4f ea .X%.j08~4|^ .kO. 0030 - 6a 33 68 af 6e 49 a9 52-f1 cc 90 15 00 26 35 f2 j3h.nI.R.....&5. 0040 - 6c 1e 8a 38 3d 5b 01 6e-76 de 86 29 00 3e 13 02 l..8=[.nv..).>.. 0050 - 13 03 13 01 c0 2c c0 30-00 9f cc a9 cc a8 cc aa .....,.0........ 0060 - c0 2b c0 2f 00 9e c0 24-c0 28 00 6b c0 23 c0 27 .+./...$.(.k.#.' 0070 - 00 67 c0 0a c0 14 00 39-c0 09 c0 13 00 33 00 9d .g.....9.....3.. 0080 - 00 9c 00 3d 00 3c 00 35-00 2f 00 ff 01 00 00 b4 ...=. 0)