1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-16 10:59:53 +02:00
Commit Graph

4060 Commits

Author SHA1 Message Date
Chris Schäpers
35331a4295
Make gunicorn IPv6 conditional
Only listen on [::]:80 in case SUBNET6 is defined, otherwise do the normal :80
2023-01-28 19:39:39 +01:00
Chris
9f6848110a
Make gunicorn listen on ipv6 2023-01-28 19:39:39 +01:00
bors[bot]
e1a85a450f
Merge #2634
2634: Upgrade webmails r=mergify[bot] a=nextgens

## What type of PR?

Enhancement

## What does this PR do?

Upgrade webmails: snappymail to 2.25.0, roundcube to 1.6.1 and carddav to 5.0.1

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-01-28 18:25:05 +00:00
Florent Daigniere
926570f1ca Need this too 2023-01-28 18:30:33 +01:00
Florent Daigniere
9803c51d55 Use a hostname 2023-01-28 18:23:10 +01:00
Florent Daigniere
6533f41f48 Trust the IP address from the local subnet
This will only work when SUBNET autodetection is merged
2023-01-28 17:37:16 +01:00
Florent Daigniere
760ec301e3 harden the trusted hosts 2023-01-28 17:22:52 +01:00
Florent Daigniere
9d2046f43f Upgrade webmails 2023-01-28 16:59:09 +01:00
bors[bot]
db2a490256
Merge #2633
2633: Don't apply antispoof rules on locally generated emails r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Don't apply antispoof rules on locally generated emails; This was breaking the auto-responder and sieve rules.

### Related issue(s)


## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-01-28 15:05:38 +00:00
bors[bot]
3ffe1d2a9e
Merge #2606
2606: Modify the healtchecks to make them disapear from the logs. r=nextgens a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Modify the healtchecks to make them disapear from the logs.
This is not perfect...
- dovecot now complains about waitpid/finding a new process
- postfix is still regularly pinging rspamd / his milter and that generates a few lines worth of logs each time.

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-01-28 13:29:20 +00:00
Florent Daigniere
46f05cb651 Merge branch 'master' of https://github.com/Mailu/Mailu into reduce-logging 2023-01-28 14:28:26 +01:00
Florent Daigniere
5304311e0e Doh 2023-01-28 14:14:38 +01:00
Florent Daigniere
36623188b5 Don't apply antispoof rules on locally generated emails 2023-01-28 14:12:14 +01:00
bors[bot]
179c624116
Merge #2631
2631: Restful api finishing touches r=mergify[bot] a=Diman0

## What type of PR?

enhancement

## What does this PR do?
Some finishing touches for the restful api.

- Make the API configurable via the setup utility.  
  - Configured exactly the same as the ADMIN and WEBMAIL. 
- We have a single config (API) that configures whether it is exposed (via front). Just like ADMIN. The API is always reachable by directly connecting to the admin container.
- API_TOKEN does not enable/disable the API anymore. When it is not configured, an error is returned (via the internet browser) that the API_TOKEN must be configured in mailu.env.
- Fix some small bugs in the setup utility ( selecting none in the dropdown boxes, now correctly changes the config)
- Update Flask-RestX to 1.0.5. This resolves the deprecation warnings introduced by Flask-RestX.

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2023-01-27 18:46:57 +00:00
Dimitri Huisman
8cb7265eb2
By default disable the API in the setup utility.
Generate a sample token value for API_TOKEN.
Fix small rendering issue when API was disabled in setup.
2023-01-27 13:17:36 +00:00
bors[bot]
43e500faf5
Merge #2628
2628: Set default for FETCHMAIL_ENABLED r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

Set the default for FETCHMAIL_ENABLED to true in the admin container.
This keeps existing functionality for people upgrading without re-creating the `mailu.env`.


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2023-01-27 07:53:10 +00:00
Alexander Graf
02c4862427
Enable fetchmail for fetchmail test case 2023-01-25 20:22:38 +01:00
Dimitri Huisman
18b900699c
Bump version of Flask-RESTX to 1.0.5.
This resolves all deprecation warnings caused by Flask-RESTX.
2023-01-25 16:12:14 +00:00
Dimitri Huisman
d6e7314f05
Make API configurable via the setup utility
Fix some small bugs in the setup utility
Improve documentation on the API.
2023-01-25 15:30:25 +00:00
bors[bot]
cc6c808838
Merge #2604
2604: Really fix creation of deep structures using import in update mode r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

Fix creation of deep structures using import in update mode

### Related issue(s)

- closes #2493


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2023-01-25 13:04:01 +00:00
Alexander Graf
c4ca1cffaf
Set default for FETCHMAIL_ENABLED 2023-01-25 12:20:17 +01:00
Alexander Graf
5c968256e6
Really fix creation of deep structures using import in update mode 2023-01-25 10:34:44 +01:00
bors[bot]
151601744f
Merge #2627
2627: Add SUBNET6 to places where SUBNET is used r=nextgens a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

Also add SUBNET6 where SUBNET is used.

Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2023-01-24 16:58:04 +00:00
bors[bot]
6d994525c4
Merge #2625
2625: Disable fetchmail r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

Only show "fetched accounts" button in user list when fetchmail feature is enabled.


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2023-01-24 11:34:44 +00:00
Alexander Graf
10562233ca
Add SUBNET6 to places where SUBNET is used 2023-01-24 12:15:36 +01:00
bors[bot]
7e60ba4e98
Merge #2613
2613: Enhance network segregation r=nextgens a=nextgens

## What type of PR?

enhancement

## What does this PR do?

- put radicale and webmail on their own network: this is done for security: that way they have no privileged access anywhere (no access to redis, no access to XCLIENT, ...)
- remove the EXPOSE statements from the dockerfiles. These ports are for internal comms and are not meant to be exposed in any way to the outside world.

### Related issue(s)
- #2611

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-01-24 09:28:29 +00:00
Alexander Graf
1697da6e23
Disable "Fetched accounts" button in user list. 2023-01-23 20:50:56 +01:00
bors[bot]
dae9e9242b
Merge #2624
2624: Move runtime environment variables to the end r=nextgens a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

This moves the environment variables used at runtime from the system to the base image.
It's a workaround for a strange build issue observed when building with hardened malloc enabled.



Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2023-01-13 09:58:34 +00:00
bors[bot]
bbf0ac5d47
Merge #2464
2464: Introduce RESTful API r=mergify[bot] a=Diman0

## What type of PR?

Feature

## What does this PR do?
Introduces a RESTful API for changing the complete Mailu config.
Anything that can be configured in the web administration interface, can also be configured via the Mailu RESTful API.

Via the swagger.json endpoint the complete OpenAPI specification can be retrieved.
Via the endpoint swaggerui, a web client is available which shows all the endpoints, data models and allows you to submit requests.

See docs/api.rst and docs/configuration.rst for details for enabling it.

### Related issue(s)
- closes #445 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2023-01-12 18:48:32 +00:00
Alexander Graf
712679b4d8
Duh 2023-01-12 18:19:35 +01:00
bors[bot]
cfebfdbd1f
Merge #2623
2623: Fix ipv6 subnet for xclient_hosts r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

this puts the ipv6 prefix into square brackets in the xclient_hosts configuration.
strictly speaking putting the square brackets also around the netmask is not correct, but it's okay for postfix
this will be cleaned when all configuration variables and normalizations are moved to the base container.


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2023-01-12 14:31:42 +00:00
Alexander Graf
d558be20f6
Move runtime environment variables to the end 2023-01-12 15:23:00 +01:00
Alexander Graf
3b08b113bf
Fix ipv6 subnet for xclient_hosts 2023-01-12 15:15:52 +01:00
Dimitri Huisman
b0569035ae
Change PUT method to PATCH method.
This better reflects what the interface does.
2023-01-12 10:55:49 +00:00
bors[bot]
3acec43224
Merge #2622
2622: Fix smtplib.LMTP wrong argument name: ip -> host r=mergify[bot] a=zozzz

## What type of PR?

bug-fix

## What does this PR do?

Bug fix when sending welcome message.

### Related issue(s)
- Mention an issue like: -
- Auto close an issue like: closes -

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Vetési Zoltán <zozzz@trigon.hu>
2023-01-12 07:55:24 +00:00
Vetési Zoltán
e76e857ae7 Fix smtplib.LMTP wrong argument name: ip -> host 2023-01-11 18:05:19 +01:00
bors[bot]
e857d242d6
Merge #2621
2621: Upgrade to snuffleupagus 0.9.0 r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Upgrade to snuffleupagus 0.9.0. This has a better way to deal with unserialize() and a better compatibility with PHP8.2

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-01-10 13:30:15 +00:00
Florent Daigniere
052f8e41ba Upgrade to snuffleupagus 0.9.0 2023-01-10 12:28:38 +01:00
bors[bot]
4295eafb64
Merge #2617
2617: doh r=nextgens a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

### Related issue(s)


## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-01-05 21:45:14 +00:00
Florent Daigniere
ee6975b109 doh 2023-01-05 18:14:19 +01:00
Dimitri Huisman
bcceac359d
Merge branch 'apiv1' of https://github.com/ghostwheel42/Mailu into feature-445-restful-api-ghostwheel 2023-01-05 10:18:02 +00:00
Florent Daigniere
9d555b0eec Don't expose any port (suggestion from ghost) 2023-01-04 19:19:43 +01:00
bors[bot]
da36bc585f
Merge #2615
2615: Fix snappymail r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

This was broken in #2611. The other is non-consequential security-wise as nginx filters XHOST... but it's worth fixing regardless.

### Related issue(s)
- #2580
- #2611

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-01-04 16:26:05 +00:00
Florent Daigniere
8b9bb350ec towncrier 2023-01-04 15:11:29 +01:00
Florent Daigniere
f18776fa0f Step2: put radicale and webmails on their own network 2023-01-04 15:07:47 +01:00
Florent Daigniere
e85a2a7e99 Step1: expose managesieve, make the webmails use it 2023-01-04 14:51:15 +01:00
Florent Daigniere
92c0016e32 Fix snappymail 2023-01-04 14:49:57 +01:00
Florent Daigniere
b263db72df Restrict XHOST to where useful 2023-01-04 13:03:13 +01:00
Florent Daigniere
bf0c345bb9 Fix snappymail 2023-01-04 13:03:05 +01:00
bors[bot]
44d36cbb8b
Merge #2612
2612: Remove duplicated 'actionstart = ' in fail2ban conf. r=mergify[bot] a=lucassith

In fail2ban example configuration for ipset `option #2`, there is a duplicated string which makes the ipset and fail2ban fail to create the set. 
Fail2ban will never ban any ip due to this error.

## What type of PR?

documentation

Co-authored-by: Łukasz Sitarski <Lucassith@gmail.com>
2023-01-03 16:55:29 +00:00