Move the Mailu Docker network to a fixed subnet.

This will make network configuration and host based authentication
more robust, across different deployment platforms.
The options `RELAYNETS` and`POD_ADDRESS_RANGE` are kept for compatibility.
However, their usage have become optional.

setup/flavors/compose/mailu.env

@@ -25,8 +25,8 @@ SECRET_KEY={{ secret(16) }}
 # PUBLIC_IPV4= {{ bind4 }} (default: 127.0.0.1)
 # PUBLIC_IPV6= {{ bind6 }} (default: ::1)
 
-# Subnet
-SUBNET={{ subnet }}
+# Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!)
+SUBNET=192.168.203.0/24
 
 # Main mail domain
 DOMAIN={{ domain }}
@@ -75,9 +75,9 @@ ANTISPAM={{ antispam_enabled or 'none'}}
 # Default: accept messages up to 50MB
 MESSAGE_SIZE_LIMIT={{ message_size_limit or '50000000' }}
 
-# Networks granted relay permissions, make sure that you include your Docker
-# internal network (default to 172.17.0.0/16)
-RELAYNETS={{ relaynets or '172.17.0.0/16' }}
+# Networks granted relay permissions
+# Use this with care, all hosts in this networks will be able to send mail without authentication!
+RELAYNETS=
 
 # Will relay all outgoing mails if configured
 RELAYHOST={{ relayhost }}

setup/flavors/stack/docker-compose.yml

@@ -29,7 +29,7 @@ services:
       - "{{ root }}/certs:/certs"
     deploy:
       replicas: {{ front_replicas }}
-      
+
   {% if resolver_enabled %}
   resolver:
     image: mailu/unbound:{{ version }}
@@ -56,8 +56,6 @@ services:
     image: ${DOCKER_ORG:-mailu}/dovecot:${MAILU_VERSION:-{{ version }}}
     env_file: {{ env }}
     environment:
-    # Default to 10.0.1.0/24
-      - POD_ADDRESS_RANGE={{ subnet }}
     volumes:
       - "{{ root }}/mail:/mail"
       - "{{ root }}/overrides:/overrides"
@@ -67,8 +65,6 @@ services:
   smtp:
     image: ${DOCKER_ORG:-mailu}/postfix:${MAILU_VERSION:-{{ version }}}
     env_file: {{ env }}
-    environment:
-      - POD_ADDRESS_RANGE={{ subnet }}
     volumes:
       - "{{ root }}/overrides:/overrides"
     deploy:
@@ -81,8 +77,6 @@ services:
   antispam:
     image: ${DOCKER_ORG:-mailu}/rspamd:${MAILU_VERSION:-{{ version }}}
     env_file: {{ env }}
-    environment:
-      - POD_ADDRESS_RANGE={{ subnet }}
     volumes:
       - "{{ root }}/filter:/var/lib/rspamd"
       - "{{ root }}/dkim:/dkim"

setup/templates/steps/compose/03_expose.html

@@ -34,9 +34,9 @@ avoid generic all-interfaces addresses like <code>0.0.0.0</code> or <code>::</co
 </div>
 
 <div class="form-group">
-  <label>Subnet</label>
+  <label>Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!)</label>
   <input class="form-control" type="text" name="subnet" required pattern="^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))$"
-  		value="192.168.0.0/24">
+    value="192.168.203.0/24">
 </div>
 
 <p>You server will be available under a main hostname but may expose multiple public

setup/templates/steps/stack/03_expose.html

@@ -11,9 +11,9 @@ you expose it to the world.</p>
 </div>
 
 <div class="form-group">
-  <label>Subnet</label>
+  <label>Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!)</label>
   <input class="form-control" type="text" name="subnet" required pattern="^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))$"
-  		value="192.168.0.0/24">
+    value="192.168.203.0/24">
 </div>
 
 <p>You server will be available under a main hostname but may expose multiple public