From 42dd1a14cf5cd4380b0b7d1f5cbd5de7c74ec3ba Mon Sep 17 00:00:00 2001
From: Aravinda-HWK <aravinda.20@cse.mrt.ac.lk>
Date: Wed, 7 Jan 2026 11:28:57 +0530
Subject: [PATCH 01/10] feat: enhance service scripts to manage SeaweedFS and
 Silver mail services

---
 scripts/service/cleanup-docker.sh | 13 +++++++++++--
 scripts/service/start-silver.sh   | 27 +++++++++++++++++++++++++++
 scripts/service/stop-silver.sh    |  6 +++++-
 3 files changed, 43 insertions(+), 3 deletions(-)

diff --git a/scripts/service/cleanup-docker.sh b/scripts/service/cleanup-docker.sh
index 235f61d..9e2ad3b 100755
--- a/scripts/service/cleanup-docker.sh
+++ b/scripts/service/cleanup-docker.sh
@@ -34,11 +34,20 @@ fi
 
 # Step 1: Stop all containers using docker compose
 echo -e "\n${YELLOW}Step 1/3: Stopping Docker containers${NC}"
+echo "  - Stopping Silver mail services..."
 (cd "${SERVICES_DIR}" && docker compose down)
 if [ $? -eq 0 ]; then
-    echo -e "${GREEN}✓ Containers stopped successfully${NC}"
+    echo -e "${GREEN}  ✓ Silver services stopped successfully${NC}"
 else
-    echo -e "${RED}✗ Failed to stop containers${NC}"
+    echo -e "${RED}  ✗ Failed to stop Silver services${NC}"
+fi
+
+echo "  - Stopping SeaweedFS services..."
+(cd "${SERVICES_DIR}" && docker compose -f docker-compose.seaweedfs.yaml down)
+if [ $? -eq 0 ]; then
+    echo -e "${GREEN}  ✓ SeaweedFS services stopped successfully${NC}"
+else
+    echo -e "${RED}  ✗ Failed to stop SeaweedFS services${NC}"
 fi
 
 # Step 2: Remove all volumes
diff --git a/scripts/service/start-silver.sh b/scripts/service/start-silver.sh
index 2b9b80a..d9412ba 100755
--- a/scripts/service/start-silver.sh
+++ b/scripts/service/start-silver.sh
@@ -92,11 +92,38 @@ fi
 # ================================
 echo -e "\n${YELLOW}Step 3/4: Starting Docker services${NC}"
 
+# Check and setup SeaweedFS S3 configuration
+SEAWEEDFS_CONFIG="${SERVICES_DIR}/seaweedfs/s3-config.json"
+SEAWEEDFS_EXAMPLE="${SERVICES_DIR}/seaweedfs/s3-config.json.example"
+
+if [ ! -f "$SEAWEEDFS_CONFIG" ]; then
+	echo "  - SeaweedFS S3 configuration not found. Creating from example..."
+	if [ -f "$SEAWEEDFS_EXAMPLE" ]; then
+		cp "$SEAWEEDFS_EXAMPLE" "$SEAWEEDFS_CONFIG"
+		echo -e "${YELLOW}  ⚠ WARNING: Using example S3 credentials. Update ${SEAWEEDFS_CONFIG} with secure credentials!${NC}"
+	else
+		echo -e "${RED}✗ SeaweedFS example configuration not found at ${SEAWEEDFS_EXAMPLE}${NC}"
+		exit 1
+	fi
+fi
+
+# Start SeaweedFS services first
+echo "  - Starting SeaweedFS blob storage..."
+(cd "${SERVICES_DIR}" && docker compose -f docker-compose.seaweedfs.yaml up -d)
+if [ $? -ne 0 ]; then
+	echo -e "${RED}✗ SeaweedFS docker compose failed. Please check the logs.${NC}"
+	exit 1
+fi
+echo -e "${GREEN}  ✓ SeaweedFS services started${NC}"
+
+# Start main Silver mail services
+echo "  - Starting Silver mail services..."
 (cd "${SERVICES_DIR}" && docker compose up -d)
 if [ $? -ne 0 ]; then
 	echo -e "${RED}✗ Docker compose failed. Please check the logs.${NC}"
 	exit 1
 fi
+echo -e "${GREEN}  ✓ Silver mail services started${NC}"
 
 sleep 1 # Wait a bit for services to initialize
 
diff --git a/scripts/service/stop-silver.sh b/scripts/service/stop-silver.sh
index ddfd48c..41a133b 100644
--- a/scripts/service/stop-silver.sh
+++ b/scripts/service/stop-silver.sh
@@ -6,4 +6,8 @@ SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 SERVICES_DIR="$(cd "${SCRIPT_DIR}/../../services" && pwd)"
 
 # Navigate to services directory and stop docker services
-(cd "${SERVICES_DIR}" && docker compose down)
\ No newline at end of file
+echo "Stopping Silver mail services..."
+(cd "${SERVICES_DIR}" && docker compose down)
+
+echo "Stopping SeaweedFS services..."
+(cd "${SERVICES_DIR}" && docker compose -f docker-compose.seaweedfs.yaml down)
\ No newline at end of file

From 70f77cb464867891796f1bb854e627c1f91cadc0 Mon Sep 17 00:00:00 2001
From: Aravinda-HWK <aravinda.20@cse.mrt.ac.lk>
Date: Wed, 7 Jan 2026 11:29:16 +0530
Subject: [PATCH 02/10] feat: add SeaweedFS configuration and example S3
 credentials

---
 .gitignore                                |  3 +
 services/docker-compose.seaweedfs.yaml    | 89 +++++++++++++++++++++++
 services/seaweedfs/s3-config.json.example | 18 +++++
 3 files changed, 110 insertions(+)
 create mode 100644 services/docker-compose.seaweedfs.yaml
 create mode 100644 services/seaweedfs/s3-config.json.example

diff --git a/.gitignore b/.gitignore
index b5da28e..2a9c53f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -37,5 +37,8 @@ services/raven/
 services/silver-config
 silver-observability
 
+# Ignore SeaweedFS configuration with credentials
+services/seaweedfs/s3-config.json
+
 # Ignore docker-compose override files
 services/docker-compose.override.yml
\ No newline at end of file
diff --git a/services/docker-compose.seaweedfs.yaml b/services/docker-compose.seaweedfs.yaml
new file mode 100644
index 0000000..cd42e99
--- /dev/null
+++ b/services/docker-compose.seaweedfs.yaml
@@ -0,0 +1,89 @@
+services:
+  master:
+    image: chrislusf/seaweedfs:latest
+    container_name: seaweedfs-master
+    ports:
+      - "9333:9333"
+      - "19333:19333"
+    command: "master -ip=master -ip.bind=0.0.0.0 -port=9333"
+    networks:
+      - seaweedfs-net
+      - mail-network
+    healthcheck:
+      test: ["CMD", "wget", "-q", "--spider", "http://localhost:9333/cluster/status"]
+      interval: 5s
+      timeout: 3s
+      retries: 10
+    restart: unless-stopped
+
+  volume:
+    image: chrislusf/seaweedfs:latest
+    container_name: seaweedfs-volume
+    ports:
+      - "8080:8080"
+      - "18080:18080"
+    command: 'volume -mserver="master:9333" -ip.bind=0.0.0.0 -port=8080 -max=10'
+    depends_on:
+      master:
+        condition: service_healthy
+    networks:
+      - seaweedfs-net
+      - mail-network
+    volumes:
+      - seaweedfs-volume:/data
+    healthcheck:
+      test: ["CMD", "wget", "-q", "--spider", "http://localhost:8080/status"]
+      interval: 5s
+      timeout: 3s
+      retries: 10
+    restart: unless-stopped
+
+  filer:
+    image: chrislusf/seaweedfs:latest
+    container_name: seaweedfs-filer
+    ports:
+      - "8888:8888"
+      - "18888:18888"
+    command: 'filer -master="master:9333" -ip.bind=0.0.0.0'
+    depends_on:
+      master:
+        condition: service_healthy
+      volume:
+        condition: service_healthy
+    networks:
+      - seaweedfs-net
+      - mail-network
+    volumes:
+      - seaweedfs-filer:/data
+    healthcheck:
+      test: ["CMD", "wget", "-q", "--spider", "http://localhost:8888/"]
+      interval: 5s
+      timeout: 3s
+      retries: 10
+    restart: unless-stopped
+
+  s3:
+    image: chrislusf/seaweedfs:latest
+    container_name: seaweedfs-s3
+    ports:
+      - "8333:8333"
+    command: 's3 -filer="filer:8888" -ip.bind=0.0.0.0 -port=8333 -config=/etc/seaweedfs/s3.json'
+    depends_on:
+      filer:
+        condition: service_healthy
+    networks:
+      - seaweedfs-net
+      - mail-network
+    volumes:
+      - ./seaweedfs/s3-config.json:/etc/seaweedfs/s3.json:ro
+    restart: unless-stopped
+
+networks:
+  seaweedfs-net:
+    driver: bridge
+  mail-network:
+    external: true
+
+volumes:
+  seaweedfs-volume:
+  seaweedfs-filer:
diff --git a/services/seaweedfs/s3-config.json.example b/services/seaweedfs/s3-config.json.example
new file mode 100644
index 0000000..e66417f
--- /dev/null
+++ b/services/seaweedfs/s3-config.json.example
@@ -0,0 +1,18 @@
+{
+  "identities": [
+    {
+      "name": "raven",
+      "credentials": [
+        {
+          "accessKey": "your-access-key-here",
+          "secretKey": "your-secret-key-here"
+        }
+      ],
+      "actions": [
+        "Admin",
+        "Read",
+        "Write"
+      ]
+    }
+  ]
+}

From 32bde45ac8de698de0061e5a9e03013adc9d440c Mon Sep 17 00:00:00 2001
From: Aravinda-HWK <aravinda.20@cse.mrt.ac.lk>
Date: Wed, 7 Jan 2026 11:39:21 +0530
Subject: [PATCH 03/10] refactor: remove mail-network from SeaweedFS
 docker-compose configuration

---
 services/docker-compose.seaweedfs.yaml | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/services/docker-compose.seaweedfs.yaml b/services/docker-compose.seaweedfs.yaml
index cd42e99..4dbf82f 100644
--- a/services/docker-compose.seaweedfs.yaml
+++ b/services/docker-compose.seaweedfs.yaml
@@ -8,7 +8,6 @@ services:
     command: "master -ip=master -ip.bind=0.0.0.0 -port=9333"
     networks:
       - seaweedfs-net
-      - mail-network
     healthcheck:
       test: ["CMD", "wget", "-q", "--spider", "http://localhost:9333/cluster/status"]
       interval: 5s
@@ -28,7 +27,6 @@ services:
         condition: service_healthy
     networks:
       - seaweedfs-net
-      - mail-network
     volumes:
       - seaweedfs-volume:/data
     healthcheck:
@@ -52,7 +50,6 @@ services:
         condition: service_healthy
     networks:
       - seaweedfs-net
-      - mail-network
     volumes:
       - seaweedfs-filer:/data
     healthcheck:
@@ -73,17 +70,13 @@ services:
         condition: service_healthy
     networks:
       - seaweedfs-net
-      - mail-network
     volumes:
-      - ./seaweedfs/s3-config.json:/etc/seaweedfs/s3.json:ro
+      - ./s3-config.json:/etc/seaweedfs/s3.json:ro
     restart: unless-stopped
-
 networks:
   seaweedfs-net:
     driver: bridge
-  mail-network:
-    external: true
 
 volumes:
   seaweedfs-volume:
-  seaweedfs-filer:
+  seaweedfs-filer:
\ No newline at end of file

From 2cc80838a706cadd9b895c0b20e4ae94e2efb0bb Mon Sep 17 00:00:00 2001
From: Aravinda-HWK <aravinda.20@cse.mrt.ac.lk>
Date: Wed, 7 Jan 2026 11:43:01 +0530
Subject: [PATCH 04/10] fix: update volume service ports in SeaweedFS
 docker-compose configuration

---
 services/docker-compose.seaweedfs.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/services/docker-compose.seaweedfs.yaml b/services/docker-compose.seaweedfs.yaml
index 4dbf82f..584dffa 100644
--- a/services/docker-compose.seaweedfs.yaml
+++ b/services/docker-compose.seaweedfs.yaml
@@ -19,8 +19,8 @@ services:
     image: chrislusf/seaweedfs:latest
     container_name: seaweedfs-volume
     ports:
-      - "8080:8080"
-      - "18080:18080"
+      - "8081:8080"
+      - "18081:18080"
     command: 'volume -mserver="master:9333" -ip.bind=0.0.0.0 -port=8080 -max=10'
     depends_on:
       master:

From 276bc7704d7d31b3911be432aefac46818362963 Mon Sep 17 00:00:00 2001
From: Aravinda-HWK <aravinda.20@cse.mrt.ac.lk>
Date: Wed, 7 Jan 2026 12:11:53 +0530
Subject: [PATCH 05/10] fix: correct path for S3 configuration file in
 SeaweedFS docker-compose

---
 services/docker-compose.seaweedfs.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/docker-compose.seaweedfs.yaml b/services/docker-compose.seaweedfs.yaml
index 584dffa..aaa2b0f 100644
--- a/services/docker-compose.seaweedfs.yaml
+++ b/services/docker-compose.seaweedfs.yaml
@@ -71,7 +71,7 @@ services:
     networks:
       - seaweedfs-net
     volumes:
-      - ./s3-config.json:/etc/seaweedfs/s3.json:ro
+      - ./seaweedfs/s3-config.json:/etc/seaweedfs/s3.json:ro
     restart: unless-stopped
 networks:
   seaweedfs-net:

From 6437c94c830d57cb19046978d8272d50beb1bf38 Mon Sep 17 00:00:00 2001
From: Aravinda-HWK <aravinda.20@cse.mrt.ac.lk>
Date: Thu, 8 Jan 2026 11:25:22 +0530
Subject: [PATCH 06/10] feat: add SeaweedFS configuration files and credential
 generation script

---
 .gitignore                                    |   1 +
 .../utils/generate-seaweedfs-credentials.sh   | 125 ++++++++++++++++++
 services/config-scripts/gen-raven-conf.sh     |  42 ++++++
 services/seaweedfs/.env.example               |  13 ++
 services/seaweedfs/README.md                  |  79 +++++++++++
 5 files changed, 260 insertions(+)
 create mode 100755 scripts/utils/generate-seaweedfs-credentials.sh
 create mode 100644 services/seaweedfs/.env.example
 create mode 100644 services/seaweedfs/README.md

diff --git a/.gitignore b/.gitignore
index 2a9c53f..4728693 100644
--- a/.gitignore
+++ b/.gitignore
@@ -39,6 +39,7 @@ silver-observability
 
 # Ignore SeaweedFS configuration with credentials
 services/seaweedfs/s3-config.json
+services/seaweedfs/.env
 
 # Ignore docker-compose override files
 services/docker-compose.override.yml
\ No newline at end of file
diff --git a/scripts/utils/generate-seaweedfs-credentials.sh b/scripts/utils/generate-seaweedfs-credentials.sh
new file mode 100755
index 0000000..93e6e89
--- /dev/null
+++ b/scripts/utils/generate-seaweedfs-credentials.sh
@@ -0,0 +1,125 @@
+#!/bin/bash
+
+# ============================================
+#  SeaweedFS S3 Credentials Generator
+# ============================================
+#  This script generates secure S3 credentials
+#  for SeaweedFS configuration
+# ============================================
+
+# Colors
+CYAN="\033[0;36m"
+GREEN="\033[0;32m"
+YELLOW="\033[1;33m"
+NC="\033[0m" # No Color
+
+echo -e "${CYAN}"
+echo "========================================="
+echo "  SeaweedFS S3 Credentials Generator"
+echo "========================================="
+echo -e "${NC}"
+
+# Check if openssl is available
+if ! command -v openssl &> /dev/null; then
+    echo -e "${YELLOW}⚠ Warning: openssl not found. Using basic random generation.${NC}"
+    ACCESS_KEY=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 20)
+    SECRET_KEY=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 40)
+else
+    # Generate secure random credentials
+    ACCESS_KEY=$(openssl rand -base64 32 | tr -d /=+ | cut -c -20)
+    SECRET_KEY=$(openssl rand -base64 32)
+fi
+
+echo ""
+echo -e "${GREEN}Generated Credentials:${NC}"
+echo "---------------------------------------------"
+echo "Access Key: ${ACCESS_KEY}"
+echo "Secret Key: ${SECRET_KEY}"
+echo "---------------------------------------------"
+echo ""
+
+# Get the script directory
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+SERVICES_DIR="$(cd "${SCRIPT_DIR}/../../services" && pwd)"
+CONFIG_FILE="${SERVICES_DIR}/seaweedfs/s3-config.json"
+EXAMPLE_FILE="${SERVICES_DIR}/seaweedfs/s3-config.json.example"
+ENV_FILE="${SERVICES_DIR}/seaweedfs/.env"
+ENV_EXAMPLE="${SERVICES_DIR}/seaweedfs/.env.example"
+
+echo "S3 Config file: ${CONFIG_FILE}"
+echo "Environment file: ${ENV_FILE}"
+echo ""
+
+# Ask if user wants to update the config files
+read -p "Do you want to update configuration files with these credentials? (y/n): " UPDATE_CONFIG
+
+if [[ "$UPDATE_CONFIG" == "y" || "$UPDATE_CONFIG" == "Y" ]]; then
+    # Create directory if it doesn't exist
+    mkdir -p "$(dirname "$CONFIG_FILE")"
+    
+    # Create s3-config.json
+    cat > "$CONFIG_FILE" <<EOF
+{
+  "identities": [
+    {
+      "name": "raven",
+      "credentials": [
+        {
+          "accessKey": "${ACCESS_KEY}",
+          "secretKey": "${SECRET_KEY}"
+        }
+      ],
+      "actions": [
+        "Admin",
+        "Read",
+        "Write"
+      ]
+    }
+  ]
+}
+EOF
+    
+    echo -e "${GREEN}✓ s3-config.json updated successfully!${NC}"
+    
+    # Create .env file
+    cat > "$ENV_FILE" <<EOF
+# SeaweedFS S3 Configuration
+# NEVER commit this file to git!
+
+# S3 Access Credentials
+S3_ACCESS_KEY=${ACCESS_KEY}
+S3_SECRET_KEY=${SECRET_KEY}
+
+# S3 Endpoint Configuration
+S3_ENDPOINT=http://seaweedfs-s3:8333
+S3_REGION=us-east-1
+S3_BUCKET=email-attachments
+S3_TIMEOUT=30
+EOF
+    
+    echo -e "${GREEN}✓ .env file created successfully!${NC}"
+    echo ""
+    echo -e "${YELLOW}Next steps:${NC}"
+    echo "1. Configuration files updated:"
+    echo "   - ${CONFIG_FILE}"
+    echo "   - ${ENV_FILE}"
+    echo "2. Restart SeaweedFS S3 service: docker restart seaweedfs-s3"
+    echo "3. Regenerate Raven configuration: cd services/config-scripts && ./gen-raven-conf.sh"
+    echo "4. Restart Raven service: docker restart raven"
+    echo "5. Store these credentials securely (e.g., password manager)"
+    echo ""
+    echo -e "${YELLOW}⚠ IMPORTANT: Both files are in .gitignore - never commit them to git!${NC}"
+else
+    echo "Configuration files not updated."
+    echo ""
+    echo "You can manually update:"
+    echo "1. ${CONFIG_FILE}"
+    echo "2. ${ENV_FILE}"
+    echo ""
+    echo "Or copy from examples:"
+    echo "  cp ${ENV_EXAMPLE} ${ENV_FILE}"
+    echo "  # Then edit with your credentials"
+fi
+
+echo ""
+echo -e "${CYAN}Done!${NC}"
diff --git a/services/config-scripts/gen-raven-conf.sh b/services/config-scripts/gen-raven-conf.sh
index c33375d..b906c69 100644
--- a/services/config-scripts/gen-raven-conf.sh
+++ b/services/config-scripts/gen-raven-conf.sh
@@ -14,12 +14,44 @@ GEN_DIR="${ROOT_DIR}/silver-config/raven" # Base path
 CONFIG_FILE="${ROOT_DIR}/../conf/silver.yaml"
 OUTPUT_FILE="${GEN_DIR}/conf/raven.yaml"
 MAILS_DB_PATH="${GEN_DIR}/data/databases/shared.db"
+SEAWEEDFS_ENV_FILE="${ROOT_DIR}/services/seaweedfs/.env"
+SEAWEEDFS_ENV_EXAMPLE="${ROOT_DIR}/services/seaweedfs/.env.example"
 
 # --- Extract primary (first) domain from silver.yaml ---
 # Look for the first domain entry under the domains list
 MAIL_DOMAIN=$(grep -m 1 '^\s*-\s*domain:' "$CONFIG_FILE" | sed 's/.*domain:\s*//' | xargs)
 MAIL_DOMAIN=${MAIL_DOMAIN:-example.local}
 
+# --- Load SeaweedFS credentials from .env file ---
+if [ -f "$SEAWEEDFS_ENV_FILE" ]; then
+	# Source the .env file
+	set -a  # automatically export all variables
+	source "$SEAWEEDFS_ENV_FILE"
+	set +a
+	echo "✅ Loaded SeaweedFS credentials from .env file"
+else
+	echo "⚠️  Warning: SeaweedFS .env file not found at $SEAWEEDFS_ENV_FILE"
+	if [ -f "$SEAWEEDFS_ENV_EXAMPLE" ]; then
+		echo "   Creating .env from .env.example..."
+		cp "$SEAWEEDFS_ENV_EXAMPLE" "$SEAWEEDFS_ENV_FILE"
+		set -a
+		source "$SEAWEEDFS_ENV_FILE"
+		set +a
+		echo "   ⚠️  Using example credentials. Please update $SEAWEEDFS_ENV_FILE with secure credentials!"
+	else
+		echo "   ❌ Error: .env.example not found. Using fail to prevent insecure defaults."
+		exit 1
+	fi
+fi
+
+# Set defaults if variables are not set
+S3_ACCESS_KEY=${S3_ACCESS_KEY:-raven}
+S3_SECRET_KEY=${S3_SECRET_KEY:-raven-secret}
+S3_ENDPOINT=${S3_ENDPOINT:-http://seaweedfs-s3:8333}
+S3_REGION=${S3_REGION:-us-east-1}
+S3_BUCKET=${S3_BUCKET:-email-attachments}
+S3_TIMEOUT=${S3_TIMEOUT:-30}
+
 # --- Certificate paths ---
 LETSENCRYPT_PATH="${ROOT_DIR}/silver-config/certbot/keys/etc/live/${MAIL_DOMAIN}"
 RAVEN_CERT_PATH="${ROOT_DIR}/silver-config/raven/certs"
@@ -31,6 +63,16 @@ mkdir -p "$(dirname "$OUTPUT_FILE")" "$(dirname "$MAILS_DB_PATH")" "$RAVEN_CERT_
 cat >"$OUTPUT_FILE" <<EOF
 domain: ${MAIL_DOMAIN}
 auth_server_url: https://thunder-server:8090/auth/credentials/authenticate
+
+# S3-Compatible Blob Storage Configuration
+blob_storage:
+  enabled: true
+  endpoint: "${S3_ENDPOINT}"
+  region: "${S3_REGION}"
+  bucket: "${S3_BUCKET}"
+  access_key: "${S3_ACCESS_KEY}"
+  secret_key: "${S3_SECRET_KEY}"
+  timeout: ${S3_TIMEOUT}  # seconds
 EOF
 
 echo "✅ Generated: $OUTPUT_FILE (domain: ${MAIL_DOMAIN})"
diff --git a/services/seaweedfs/.env.example b/services/seaweedfs/.env.example
new file mode 100644
index 0000000..200a6c2
--- /dev/null
+++ b/services/seaweedfs/.env.example
@@ -0,0 +1,13 @@
+# SeaweedFS S3 Configuration
+# Copy this file to .env and update with your actual credentials
+# NEVER commit the .env file to git!
+
+# S3 Access Credentials
+S3_ACCESS_KEY=your-access-key-here
+S3_SECRET_KEY=your-secret-key-here
+
+# S3 Endpoint Configuration
+S3_ENDPOINT=http://seaweedfs-s3:8333
+S3_REGION=us-east-1
+S3_BUCKET=email-attachments
+S3_TIMEOUT=30
diff --git a/services/seaweedfs/README.md b/services/seaweedfs/README.md
new file mode 100644
index 0000000..3e64faf
--- /dev/null
+++ b/services/seaweedfs/README.md
@@ -0,0 +1,79 @@
+# SeaweedFS Configuration Files
+
+This directory contains configuration files for SeaweedFS S3 gateway.
+
+## Quick Start
+
+### Option 1: Automatic Setup (Recommended)
+
+Run the credential generator script:
+
+```bash
+../../scripts/utils/generate-seaweedfs-credentials.sh
+```
+
+This will:
+- Generate secure random credentials
+- Create both `.env` and `s3-config.json` files
+- Display credentials for you to store securely
+
+### Option 2: Manual Setup
+
+```bash
+# Copy example files
+cp .env.example .env
+cp s3-config.json.example s3-config.json
+
+# Edit .env with your credentials
+nano .env
+
+# Edit s3-config.json with the SAME credentials
+nano s3-config.json
+```
+
+## Configuration Details
+
+### .env File
+
+Used by `gen-raven-conf.sh` to configure Raven's S3 integration:
+
+```bash
+# S3 Access Credentials
+S3_ACCESS_KEY=your-access-key
+S3_SECRET_KEY=your-secret-key
+
+# S3 Endpoint Configuration
+S3_ENDPOINT=http://seaweedfs-s3:8333
+S3_REGION=us-east-1
+S3_BUCKET=email-attachments
+S3_TIMEOUT=30
+```
+
+### s3-config.json File
+
+Used by SeaweedFS S3 gateway for authentication:
+
+```json
+{
+  "identities": [
+    {
+      "name": "raven",
+      "credentials": [
+        {
+          "accessKey": "your-access-key",
+          "secretKey": "your-secret-key"
+        }
+      ],
+      "actions": ["Admin", "Read", "Write"]
+    }
+  ]
+}
+```
+
+## Important: Keep Credentials Synchronized
+
+⚠️ **The credentials in `.env` and `s3-config.json` MUST match!**
+
+- `.env` is used by Raven (mail server) to connect to S3
+- `s3-config.json` is used by SeaweedFS S3 gateway for authentication
+- If they don't match, Raven won't be able to store/retrieve attachments
\ No newline at end of file

From 3a9b77fc55c42729713b64a907e3a91a5b7d1320 Mon Sep 17 00:00:00 2001
From: Aravinda-HWK <aravinda.20@cse.mrt.ac.lk>
Date: Thu, 8 Jan 2026 11:26:03 +0530
Subject: [PATCH 07/10] fix: remove unused delivery.yaml volume from
 raven-server configuration

---
 services/docker-compose.yaml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/services/docker-compose.yaml b/services/docker-compose.yaml
index 82dea96..36cb973 100644
--- a/services/docker-compose.yaml
+++ b/services/docker-compose.yaml
@@ -36,7 +36,6 @@ services:
       - ./silver-config/raven/conf:/etc/raven:rw
       - ./silver-config/raven/data:/app/data:rw
       - ./silver-config/raven/certs:/certs:ro
-      - ./silver-config/raven/delivery.yaml:/etc/raven/delivery.yaml:ro
     environment:
       - DB_FILE=/app/data/databases/shared.db
     networks:

From 7ae08d1e13352c2789f62317f37c8d0321360109 Mon Sep 17 00:00:00 2001
From: Aravinda-HWK <aravinda.20@cse.mrt.ac.lk>
Date: Thu, 8 Jan 2026 11:26:57 +0530
Subject: [PATCH 08/10] fix: update permissions for
 generate-rspamd-worker-controller.sh script

---
 scripts/utils/generate-rspamd-worker-controller.sh | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 mode change 100644 => 100755 scripts/utils/generate-rspamd-worker-controller.sh

diff --git a/scripts/utils/generate-rspamd-worker-controller.sh b/scripts/utils/generate-rspamd-worker-controller.sh
old mode 100644
new mode 100755

From 1ee87e09b3bbbc22e687f55c8af7621bc6f060c0 Mon Sep 17 00:00:00 2001
From: Aravinda-HWK <aravinda.20@cse.mrt.ac.lk>
Date: Thu, 8 Jan 2026 11:56:14 +0530
Subject: [PATCH 09/10] feat: add delivery.yaml update with S3 credentials in
 raven configuration script

---
 services/config-scripts/gen-raven-conf.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/services/config-scripts/gen-raven-conf.sh b/services/config-scripts/gen-raven-conf.sh
index b906c69..d702241 100644
--- a/services/config-scripts/gen-raven-conf.sh
+++ b/services/config-scripts/gen-raven-conf.sh
@@ -14,8 +14,8 @@ GEN_DIR="${ROOT_DIR}/silver-config/raven" # Base path
 CONFIG_FILE="${ROOT_DIR}/../conf/silver.yaml"
 OUTPUT_FILE="${GEN_DIR}/conf/raven.yaml"
 MAILS_DB_PATH="${GEN_DIR}/data/databases/shared.db"
-SEAWEEDFS_ENV_FILE="${ROOT_DIR}/services/seaweedfs/.env"
-SEAWEEDFS_ENV_EXAMPLE="${ROOT_DIR}/services/seaweedfs/.env.example"
+SEAWEEDFS_ENV_FILE="${ROOT_DIR}/seaweedfs/.env"
+SEAWEEDFS_ENV_EXAMPLE="${ROOT_DIR}/seaweedfs/.env.example"
 
 # --- Extract primary (first) domain from silver.yaml ---
 # Look for the first domain entry under the domains list

From b23466a05dfd2d34f0f3d17ad6f53f68e2e5414a Mon Sep 17 00:00:00 2001
From: Aravinda-HWK <aravinda.20@cse.mrt.ac.lk>
Date: Thu, 8 Jan 2026 12:27:01 +0530
Subject: [PATCH 10/10] feat: update delivery.yaml with blob_storage
 configuration in raven configuration script

---
 services/config-scripts/gen-raven-conf.sh | 29 +++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/services/config-scripts/gen-raven-conf.sh b/services/config-scripts/gen-raven-conf.sh
index d702241..54eaf6b 100644
--- a/services/config-scripts/gen-raven-conf.sh
+++ b/services/config-scripts/gen-raven-conf.sh
@@ -13,6 +13,7 @@ GEN_DIR="${ROOT_DIR}/silver-config/raven" # Base path
 
 CONFIG_FILE="${ROOT_DIR}/../conf/silver.yaml"
 OUTPUT_FILE="${GEN_DIR}/conf/raven.yaml"
+DELIVERY_FILE="${GEN_DIR}/conf/delivery.yaml"
 MAILS_DB_PATH="${GEN_DIR}/data/databases/shared.db"
 SEAWEEDFS_ENV_FILE="${ROOT_DIR}/seaweedfs/.env"
 SEAWEEDFS_ENV_EXAMPLE="${ROOT_DIR}/seaweedfs/.env.example"
@@ -77,6 +78,34 @@ EOF
 
 echo "✅ Generated: $OUTPUT_FILE (domain: ${MAIL_DOMAIN})"
 
+if [ -f "$DELIVERY_FILE" ]; then
+	echo "ℹ️ Updating blob_storage section in delivery.yaml"
+
+	awk '
+	BEGIN { skip=0 }
+	/^blob_storage:/ { skip=1; next }
+	skip && /^[^[:space:]]/ { skip=0 }
+	!skip { print }
+	' "$DELIVERY_FILE" > "${DELIVERY_FILE}.tmp"
+
+	cat >> "${DELIVERY_FILE}.tmp" <<EOF
+
+blob_storage:
+  enabled: true
+  endpoint: "${S3_ENDPOINT}"
+  region: "${S3_REGION}"
+  bucket: "${S3_BUCKET}"
+  access_key: "${S3_ACCESS_KEY}"
+  secret_key: "${S3_SECRET_KEY}"
+  timeout: ${S3_TIMEOUT}
+EOF
+
+	mv "${DELIVERY_FILE}.tmp" "$DELIVERY_FILE"
+	echo "✅ blob_storage section updated in delivery.yaml"
+else
+	echo "⚠️ Warning: delivery.yaml not found at $DELIVERY_FILE"
+fi
+
 # --- Create shared.db if not exists ---
 if [ ! -f "$MAILS_DB_PATH" ]; then
 	touch "$MAILS_DB_PATH"