I reinstalled citadel via docker a few weeks ago and for some reason the HTTP port keeps returning a 404 Not Found on every endpoint.
There is not other software running on the same port which might be using the HTTP port, the HTTPS port works fine.

Does anyone know how I can HTTP to work again?

I found the answer to my docker port problem here:

https://spacelift.io/blog/docker-expose-port

I

So I did install citadel via docker, because easyinstall refused to install on Void Linux. I no longer use Debian or anything with systemd.

Well, you could run Easy Install without systemd, but you'd have to write your own startup scripts.

Now I have no access to configuration files, startup scripts, aliases, sendmail etc.
Unless I login and configure it in the container, but that will break upgrades.

Hehe.  You might be surprised to find that none of that stuff exists anymore.  The global alias table is now inside Citadel, for example.  We really did our best to get rid of configuration files that have to be edited on the host system.  Just about all that's needed these days is the SSL key/certificate and the file directories ... and those are in the same persistent-mount that your database lives in, so you can get to them from the host system if you're doing a bind mount.

That having been said, I also had complex needs, which is why I decided to run Docker inside LXC.  For example, my spamassassin instance runs inside the same LXC as the Citadel container.  I've also got a DNS resolver running in there because I was hitting limits on RBL's when I used public resolvers.  So the Dockerized solution doesn't take care of everything, it just keeps you from having to build it all.

By the way, I did this docker thing for citadel way back 9 years ago: https://hub.docker.com/r/robotamer/citadel

 I do remember that.  It was before I knew anything about containers.  I'm curious how you got it all running.  I ended up writing a supervisor process to act as a mini-init for the whole system, getting the various components started and restarting anything that accidentally crashed.  Funny story about that: the supervisor process was originally intended for an AppImage build of the Citadel system so it could be distributed as a single binary that would run on any compatible host.  It sort of worked, but the build was so fragile that I couldn't in good conscience commit to maintaining it.  Eventually I realized that the supervisor we built for it, combined with the fact that we had shed a bunch of baggage such as being able to run in both consolidated and LHFS file layouts, meant that Docker would be a good target.   So there it is.

I remember when I posted my docker setup here 9 years ago, I was laughed out of town! 

I have posted a manual in "Citadel Documentation" for the docker installation.
That is with your docker setup. It let's you proxy webcit from a webserver.
Here is the link
I will also post my lighttpd proxy webserver setup soon!

My docker setup from 9 years ago is here:
https://bitbucket.org/robotamer/dockerfile/src/master/citadel/

 If you have any questions about my docker setup, or what ever let me know. You can find me at mail.hansaray.pw

How did you change the Lobby /dotskip?room=_BASEROOM_  to wiki?page=home?

How do wiki pages work?
It seams you create a new post every edit.
Can one delete old pages? I am guessing one could do that in an IMAP login, is that save to do?
What does publish to Blog do, or what is it supposed to do? It does not do anything on my server.

Yes that wiki trick is clever.

Can you tell me what is happening here. I am using Let's Encrypt from: https://citadel.org/sslcertificates.html

telnet mail.hansaray.pw 587                                                                0.977s (master) 20:54
Trying 107.189.21.115...
Connected to mail.hansaray.pw.
Escape character is '^]'.
220 mail.hansaray.pw ESMTP Citadel server ready.
ehlo
250-Hello  (37.155.91.16 [37.155.91.16])
250-HELP
250-SIZE 10485760
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
starttls
554 TLS not supported here
quit
221 Goodbye...
Connection closed by foreign host.
~/P/go.hansaray.pw►telnet mail.hansaray.pw 587                                                                  27.261s (master) 21:10
Trying 107.189.21.115...
Connected to mail.hansaray.pw.
Escape character is '^]'.
220 mail.hansaray.pw ESMTP Citadel server ready.
ehlo
250-Hello  (37.155.91.16 [37.155.91.16])
250-HELP
250-SIZE 10485760
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
starttls
554 TLS not supported here
quit
221 Goodbye...
Connection closed by foreign host.
~/P/go.hansaray.pw►telnet mail.hansaray.pw 25                                                                    22.01s (master) 21:12
Trying 107.189.21.115...
Connected to mail.hansaray.pw.
Escape character is '^]'.
220 mail.hansaray.pw ESMTP Citadel server ready.
helo
250 Hello  (37.155.91.16 [37.155.91.16])
starttls
554 TLS not supported here
ehlo
250-Hello  (37.155.91.16 [37.155.91.16])
250-HELP
250-SIZE 10485760
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
 

Wed Apr 02 2025 17:55:23 UTC from IGnatius T Foobar Subject: Re: _BASEROOM_

How did you change the Lobby /dotskip?room=_BASEROOM_  to
wiki?page=home?

webcit has a "-g" flag that will enter its value as the first command sent to it. (The container has a similar flag that will pass it along to webcit.)
So you can do something like

webcit [other commands] -g "/dotgoto?room=Welcome to UNCENSORED!"

You can put anything in there you want. I chose to go with the welcome wiki because we can control exactly what it says on the front page.

I like that, but How?
Do I modify the docker run command? Can you post an example please?

See it works fine for webcit. You can see it here: https://mail.hansaray.pw/

Wed Apr 02 2025 18:24:01 UTC from TaMeR

 

Yes that wiki trick is clever.

Can you tell me what is happening here. I am using Let's Encrypt from: https://citadel.org/sslcertificates.html

telnet mail.hansaray.pw 587                                                                0.977s (master) 20:54
Trying 107.189.21.115...
Connected to mail.hansaray.pw.
Escape character is '^]'.
220 mail.hansaray.pw ESMTP Citadel server ready.
ehlo
250-Hello  (37.155.91.16 [37.155.91.16])
250-HELP
250-SIZE 10485760
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
starttls
554 TLS not supported here
quit
221 Goodbye...
Connection closed by foreign host.
~/P/go.hansaray.pw►telnet mail.hansaray.pw 587                                                                  27.261s (master) 21:10
Trying 107.189.21.115...
Connected to mail.hansaray.pw.
Escape character is '^]'.
220 mail.hansaray.pw ESMTP Citadel server ready.
ehlo
250-Hello  (37.155.91.16 [37.155.91.16])
250-HELP
250-SIZE 10485760
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
starttls
554 TLS not supported here
quit
221 Goodbye...
Connection closed by foreign host.
~/P/go.hansaray.pw►telnet mail.hansaray.pw 25                                                                    22.01s (master) 21:12
Trying 107.189.21.115...
Connected to mail.hansaray.pw.
Escape character is '^]'.
220 mail.hansaray.pw ESMTP Citadel server ready.
helo
250 Hello  (37.155.91.16 [37.155.91.16])
starttls
554 TLS not supported here
ehlo
250-Hello  (37.155.91.16 [37.155.91.16])
250-HELP
250-SIZE 10485760
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
 

 

lighttpd webserver to proxy webcit

 Make sure you have set the host IP 127.0.1.2 to mail.example.net

server.modules += ( "mod_proxy", "mod_openssl" )

$HTTP["host"] == "mail.example.net" { proxy.balance = "hash" proxy.server = ( "" => ( "citadel" => ( "host" => "127.0.1.2", "port" => "8080" ) ) ) ssl.pemfile = "/etc/letsencrypt/live/mail.example.net/fullchain.pem" ssl.privkey = "/etc/letsencrypt/live/mail.example.net/privkey.pem" }
 

Something is wrong with the ssl. Hope you can help out.

openssl s_client -debug -starttls smtp -crlf -connect mail.hansaray.pw:587                                                  01:25
Connecting to 107.189.21.115
CONNECTED(00000003)
read from 0x5613738ac620 [0x5613738ab340] (4096 bytes => 50 (0x32))
0000 - 32 32 30 20 6d 61 69 6c-2e 68 61 6e 73 61 72 61   220 mail.hansara
0010 - 79 2e 70 77 20 45 53 4d-54 50 20 43 69 74 61 64   y.pw ESMTP Citad
0020 - 65 6c 20 73 65 72 76 65-72 20 72 65 61 64 79 2e   el server ready.
0030 - 0d 0a                                             ..
write to 0x5613738ac620 [0x5613738adae0] (23 bytes => 23 (0x17))
0000 - 45 48 4c 4f 20 6d 61 69-6c 2e 65 78 61 6d 70 6c   EHLO mail.exampl
0010 - 65 2e 63 6f 6d 0d 0a                              e.com..
read from 0x5613738ac620 [0x5613738ab340] (4096 bytes => 58 (0x3A))
0000 - 32 35 30 2d 48 65 6c 6c-6f 20 6d 61 69 6c 2e 65   250-Hello mail.e
0010 - 78 61 6d 70 6c 65 2e 63-6f 6d 20 28 33 37 2e 31   xample.com (37.1
0020 - 35 35 2e 39 31 2e 31 36-20 5b 33 37 2e 31 35 35   55.91.16 [37.155
0030 - 2e 39 31 2e 31 36 5d 29-0d 0a                     .91.16])..
read from 0x5613738ac620 [0x5613738ab340] (4096 bytes => 101 (0x65))
0000 - 32 35 30 2d 48 45 4c 50-0d 0a 32 35 30 2d 53 49   250-HELP..250-SI
0010 - 5a 45 20 31 30 34 38 35-37 36 30 0d 0a 32 35 30   ZE 10485760..250
0020 - 2d 53 54 41 52 54 54 4c-53 0d 0a 32 35 30 2d 41   -STARTTLS..250-A
0030 - 55 54 48 20 4c 4f 47 49-4e 20 50 4c 41 49 4e 0d   UTH LOGIN PLAIN.
0040 - 0a 32 35 30 2d 41 55 54-48 3d 4c 4f 47 49 4e 20   .250-AUTH=LOGIN 
0050 - 50 4c 41 49 4e 0d 0a 32-35 30 20 38 42 49 54 4d   PLAIN..250 8BITM
0060 - 49 4d 45 0d 0a                                    IME..
write to 0x5613738ac620 [0x7ffc42ccb550] (10 bytes => 10 (0xA))
0000 - 53 54 41 52 54 54 4c 53-0d 0a                     STARTTLS..
read from 0x5613738ac620 [0x5613738505e0] (8192 bytes => 28 (0x1C))
0000 - 35 35 34 20 54 4c 53 20-6e 6f 74 20 73 75 70 70   554 TLS not supp
0010 - 6f 72 74 65 64 20 68 65-72 65 0d 0a               orted here..
write to 0x5613738ac620 [0x5613738b2e40] (324 bytes => 324 (0x144))
0000 - 16 03 01 01 3f 01 00 01-3b 03 03 b3 32 d1 80 5e   ....?...;...2..^
0010 - 7a a7 90 f7 b1 0c a2 6c-1b 62 66 6e de fd 93 fe   z......l.bfn....
0020 - 8a 58 25 2e 6a 30 38 7e-34 7c 5e 20 8c 6b 4f ea   .X%.j08~4|^ .kO.
0030 - 6a 33 68 af 6e 49 a9 52-f1 cc 90 15 00 26 35 f2   j3h.nI.R.....&5.
0040 - 6c 1e 8a 38 3d 5b 01 6e-76 de 86 29 00 3e 13 02   l..8=[.nv..).>..
0050 - 13 03 13 01 c0 2c c0 30-00 9f cc a9 cc a8 cc aa   .....,.0........
0060 - c0 2b c0 2f 00 9e c0 24-c0 28 00 6b c0 23 c0 27   .+./...$.(.k.#.'
0070 - 00 67 c0 0a c0 14 00 39-c0 09 c0 13 00 33 00 9d   .g.....9.....3..
0080 - 00 9c 00 3d 00 3c 00 35-00 2f 00 ff 01 00 00 b4   ...=. 0)

Dear All,

I want to configure my server with "Fully qualified domain name".

The email subdomain will be mail.host.net  (as an example).

There is a setting of "Fully qualified domain name" in the Citadel.

I have several questions:

1st Can I set the Fully qualified domain name as mail.host.net and the emails addresses as xxxxxxx@host.net? What must be done for that?

2nd What to put in the below setting? "host.net"?

3th I suppose I must set my DNS registry to answer also to "mail.host.net"

4th I suppose I must put the reverse DNS as "mail.host.net"

5th In the email client configuration the servers will be "mail.host.net".

Thank you for the possible answers,

Luís Gonçalves.

Thu Apr 03 2025 15:38:03 UTCfrom luisgo Subject: Help need in "Fully qualified domain name" configuration.

Dear All,

I want to configure my server with "Fully qualified domain name".

The email subdomain will be mail.host.net  (as an example).

There is a setting of "Fully qualified domain name" in the Citadel.

I have several questions:

1st Can I set the Fully qualified domain name as mail.host.net and the emails addresses as xxxxxxx@host.net? What must be done for that?

2nd What to put in the below setting? "host.net"?

Local host aliases

(domains for which this host receives mail)

3th I suppose I must set my DNS registry to answer also to "mail.host.net"

4th I suppose I must put the reverse DNS as "mail.host.net"

5th In the email client configuration the servers will be "mail.host.net".

Thank you for the possible answers,

Luís Gonçalves.

I forgot to ask.

And in the SSL certificates? I will have two. One for "host.net" and "www.host.net" and other for "mail.host.net". Do I put both in citadel?

Thu Apr 03 2025 20:58:20 UTC from TaMeR Subject: Re: Help need in "Fully qualified domain name" configuration.

 

Thu Apr 03 2025 15:38:03 UTCfrom luisgo Subject: Help need in "Fully qualified domain name" configuration.

Dear All,

I want to configure my server with "Fully qualified domain name".

The email subdomain will be mail.host.net  (as an example).

There is a setting of "Fully qualified domain name" in the Citadel.

I have several questions:

1st Can I set the Fully qualified domain name as mail.host.net and the emails addresses as xxxxxxx@host.net? What must be done for that?

Yes,

1. Just go in to the mail.host.net/select_user_to_edit
2. Select user from "Edit or Delete users"
3. Select Edit configuration
4. modify Primary Internet e-mail address to xxx@host.net
5. below at Internet e-mail aliases you can add aliases such as yyy@host.net, yyy@mail.host.net. webmaster@host.net, postmaster@host.net

2nd What to put in the below setting? "host.net"?

Local host aliases

(domains for which this host receives mail)

Yes, You can add multiples, separate with coma such as host.net, mail.host.net

3th I suppose I must set my DNS registry to answer also to "mail.host.net"

Yes

4th I suppose I must put the reverse DNS as "mail.host.net"

Yes

5th In the email client configuration the servers will be "mail.host.net".

Yes

Thank you for the possible answers,

Luís Gonçalves.

 

I forgot to ask.

And in the SSL certificates? I will have two. One for "host.net" and "www.host.net" and other for "mail.host.net". Do I put both in citadel?

And a new DKIM key will be generated or it will be the same?

Thu Apr 03 2025 20:58:20 UTC from TaMeR Subject: Re: Help need in "Fully qualified domain name" configuration.

 

Thu Apr 03 2025 15:38:03 UTCfrom luisgo Subject: Help need in "Fully qualified domain name" configuration.

Dear All,

I want to configure my server with "Fully qualified domain name".

The email subdomain will be mail.host.net  (as an example).

There is a setting of "Fully qualified domain name" in the Citadel.

I have several questions:

1st Can I set the Fully qualified domain name as mail.host.net and the emails addresses as xxxxxxx@host.net? What must be done for that?

Yes,

1. Just go in to the mail.host.net/select_user_to_edit
2. Select user from "Edit or Delete users"
3. Select Edit configuration
4. modify Primary Internet e-mail address to xxx@host.net
5. below at Internet e-mail aliases you can add aliases such as yyy@host.net, yyy@mail.host.net. webmaster@host.net, postmaster@host.net

2nd What to put in the below setting? "host.net"?

Local host aliases

(domains for which this host receives mail)

Yes, You can add multiples, separate with coma such as host.net, mail.host.net

3th I suppose I must set my DNS registry to answer also to "mail.host.net"

Yes

4th I suppose I must put the reverse DNS as "mail.host.net"

Yes

5th In the email client configuration the servers will be "mail.host.net".

Yes

Thank you for the possible answers,

Luís Gonçalves.

 

And a new DKIM key will be generated or it will be the same?

The DKIM key should not change.
However it will be posted to the AIDE room if there is a change. For example if you add a new alias domain, you will get a new DKIM post in to the AIDE room for the new domain.

Where are the webcit static files? In docker that is.
I can't find them anywhere, well the find command can't find them.

They should be in /usr/local/webcit/static but that directory is completely empty.