Merge #2985

2985: Roundcube 1.6.4 r=nextgens a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Upgrade roundcube to 1.6.4 to fix an XSS, clarify what is supported.

### Related issue(s)


## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>

core/admin/start.py

@@ -1,6 +1,8 @@
 #!/usr/bin/env python3
 
 import os
+import os.path
+import time
 import logging as log
 import sys
 from socrate import system
@@ -23,6 +25,14 @@ if account is not None and domain is not None and password is not None:
     log.info("Creating initial admin account %s@%s with mode %s", account, domain, mode)
     os.system("flask mailu admin %s %s '%s' --mode %s" % (account, domain, password, mode))
 
+def test_unsupported():
+    import codecs
+    if os.path.isfile(codecs.decode('/.qbpxrerai', 'rot13')) or os.environ.get(codecs.decode('V_XABJ_ZL_FRGHC_QBRFAG_SVG_ERDHVERZRAGF_NAQ_JBAG_SVYR_VFFHRF_JVGUBHG_CNGPURF', 'rot13'), None):
+        return
+    print('Your system is not supported. Please start by reading the documentation and then http://www.catb.org/~esr/faqs/smart-questions.html')
+    while True:
+        time.sleep(5)
+
 def test_DNS():
     import dns.resolver
     import dns.exception
@@ -50,6 +60,7 @@ def test_DNS():
             time.sleep(5)
 
 test_DNS()
+test_unsupported()
 
 cmdline = [
     "gunicorn",

docs/faq.rst

@@ -880,6 +880,13 @@ We have seen a fair amount of support requests related to the following:
 
 .. _`netplan does not play nicely with docker`: https://github.com/Mailu/Mailu/issues/2868#issuecomment-1606014184
 
+How can I use Mailu without docker?
+```````````````````````````````````
+
+Running Mailu without docker is not supported. If you want to do so, you need to export an environment variable called ``I_KNOW_MY_SETUP_DOESNT_FIT_REQUIREMENTS_AND_WONT_FILE_ISSUES_WITHOUT_PATCHES`` to the ``admin`` container.
+
+We welcome patches but do not have the bandwidth to test and fix issues related to your unsupported setup. If you do want to help, we welcome new maintainers: please get in touch.
+
 How can I add more languages to roundcube's spellchecker?
 `````````````````````````````````````````````````````````
 

towncrier/newsfragments/2985.misc

@@ -0,0 +1,2 @@
+- Upgrade to roundcube 1.6.4 (fix XSS)
+- Implement a new check to make it clear that unsupported setups are unsupported

webmails/Dockerfile

@@ -27,7 +27,7 @@ RUN set -euxo pipefail \
   ; mkdir -p /run/nginx /conf
 
 # roundcube
-ENV ROUNDCUBE_URL https://github.com/roundcube/roundcubemail/releases/download/1.6.3/roundcubemail-1.6.3-complete.tar.gz
+ENV ROUNDCUBE_URL https://github.com/roundcube/roundcubemail/releases/download/1.6.4/roundcubemail-1.6.4-complete.tar.gz
 ENV CARDDAV_URL https://github.com/mstilkerich/rcmcarddav/releases/download/v5.1.0/carddav-v5.1.0.tar.gz
 
 RUN set -euxo pipefail \