Mentioned in SAL (#wikimedia-cloud-feed) [2026-03-12T15:36:28Z] <dcaro@cloudcumin1001> START - Cookbook wmcs.openstack.quota_increase by 1 floating-ips (T419582)

Mentioned in SAL (#wikimedia-cloud-feed) [2026-03-12T15:36:35Z] <dcaro@cloudcumin1001> END (PASS) - Cookbook wmcs.openstack.quota_increase (exit_code=0) by 1 floating-ips (T419582)

Just added the floating ip :)

For the vanity domain, you have to follow the steps here: https://wikitech.wikimedia.org/wiki/Help:Using_a_web_proxy_to_reach_Cloud_VPS_servers_from_the_internet#Vanity_domains, once you are done changing the DNS entries and such, ping us back.

Fyi. The certificate will be hosted on CloudVPS proxies (not handled by you).

This was discussed and approved during today's weekly meeting.

In T419582#11702942, @dcaro wrote:

once you are done changing the DNS entries and such, ping us back.

Done.

One thing I wanted to clarify: mailcow handles both a web UI (HTTPS) and raw mail protocols (SMTP, IMAP, POP3). My understanding is that the web proxy can only handle the web UI part, while the mail protocols need to go directly to the floating IP. So I'm thinking the DNS setup should be split like this:

• mail.wikimedia.az (web UI) → CNAME to proxy.project-proxy.eqiad1.wmcloud.org
• MX record → floating IP directly
• A record for mail.wikimedia.az → floating IP directly
• SPF, DKIM, DMARC TXT records → floating IP

Is that correct? Or is there a different recommended way to set this up on Cloud VPS?

Mailcow requires a PTR (reverse DNS) record matching the mail hostname (mail.wikimedia.az) for mail deliverability. Is it possible to set a PTR record for the floating IP you assigned?

I'd also like to set up a web redirect from wikimedia.az to az.wikimedia.org while keeping mail on wikimedia.az. Is that something that can be configured on the proxy side?

@Nemoralis your plan looks fine.

For the PTR record, can you please create a sub-task? We should be able to configure it for you.

Re: web redirect, it would be easier if you can handle it in your server.

https://mail.wikimedia.az/ is live! Thanks!

(Just as an extra note, mailcow’s default logo branding is still present on dark mode, only light mode is using the Wikimedia logo. Not relevant to the task itself but I don’t believe there’s a more specific task on this)

In T419582#11747314, @PixDeVl wrote:

(Just as an extra note, mailcow’s default logo branding is still present on dark mode, only light mode is using the Wikimedia logo. Not relevant to the task itself but I don’t believe there’s a more specific task on this)

I was just fixing that too. Thanks!

Hi @Nemoralis, is there anything else needed here? Can we close the task?

In T419582#11754949, @dcaro wrote:

Hi @Nemoralis, is there anything else needed here? Can we close the task?

Yes, you can close it. I wanted to close it myself but I didn't know who to put as "Assigned To"