1
0
mirror of https://github.com/Mailu/Mailu.git synced 2025-02-21 19:19:39 +02:00

181 Commits

Author SHA1 Message Date
bors[bot]
238daef6d8
Merge
2295: Switch from Rainloop to SnappyMail r=mergify[bot] a=Diman0

## What type of PR?

Feature

## What does this PR do?
As discussed in the project meeting (), we decided we want to switch from Rainloop to an alternative. Rainloop has multiple open security issues which were not patched for a long time. 

We decided to switch to SnappyMail because it is more secure and based on RainLoop. This means that users using RainLoop will still have a webmail that looks familiar for them.

This PR replaces RainLoop with SnappyMail.

### Related issue(s)
-  
- 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2022-07-28 16:14:19 +00:00
Dimitri Huisman
2a527a38cf Deny access to hidden files for snappymail 2022-07-15 14:34:39 +00:00
bors[bot]
e50f6c58c0
Merge
2360: roundcube: disable apache2 access log r=mergify[bot] a=pommi

## What type of PR?

bug-fix

## What does this PR do?

It disables the access log of apache2 in the roundcube webmail container. Requests are already logged by the front container. The requests logged in the roundcube container contained contained the wrong client IP: the IP address of the front container.

----

Original PR:

~~Roundcube webmail is accessed through the nginx reverse proxy in the front container. Each access logline logged by apache2 in the roundcube container did not contain the actual client IP address, but the IP address of the front container, for example:~~

```
192.168.203.3 - - [28/May/2022:12:33:52 +0000] "POST /?_task=mail&_action=refresh HTTP/1.1" 200 677 "https://[REDACTED]/roundcube/?_task=mail&_mbox=INBOX" "Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101 Firefox/100.0"
^
IP address of the front container
```

~~By enabling the apache2 remoteip module and configuring it to get the actual client IP address from the X-Forwarded-For header, it logs the correct client IP address to the access log.~~

### Related issue(s)
- None

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

**No changelog or documentation necessary for this minor change.**


Co-authored-by: Pim van den Berg <pim@nethuis.nl>
2022-07-07 09:18:58 +00:00
Dimitri Huisman
ee78a34da4 Process code review feedback
Remove unneeded IF statement in /admin block in nginx.conf of front.
Fix contributions made to Dockerfile, add missing trailing \ and add back curl
Change healthcheck to monitoring page of fpm. Now we check nginx and fpm.
2022-07-06 13:42:13 +00:00
Pim van den Berg
6f884c6c93 roundcube: disable access log
As per discussion in : The front container (nginx reverse proxy) is
already logging all requests, disable the access logs for apache2 in the
roundcube container completely.
2022-06-16 14:26:27 +02:00
Eddy Vervest
baea3d4086
Update Dockerfile
missed this one
2022-05-30 19:18:35 +02:00
Eddy Vervest
c4c442d000
Update Dockerfile
apt is intended for interactive usage, for scripts use apt-get (https://manpages.debian.org/bullseye/apt/apt.8.en.html) to avoid warnings.
2022-05-30 18:38:32 +02:00
Pim van den Berg
e8b7d6afed roundcube: log actual client ip by using apache2 remoteip
Roundcube webmail is accessed through the nginx reverse proxy in the
front container. Each access logline logged by apache2 in the roundcube
container did not contain the actual client IP address, but the IP
address of the front container, for example:

> 192.168.203.3 - - [28/May/2022:12:33:52 +0000] "POST /?_task=mail&_action=refresh HTTP/1.1" 200 677 "https://[REDACTED]/roundcube/?_task=mail&_mbox=INBOX" "Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101 Firefox/100.0"
  ^
  IP address of the front container

By enabling the apache2 remoteip module and configuring it to get the
actual client IP address from the X-Forwarded-For header, it logs the
correct client IP address to the access log.
2022-05-28 15:02:47 +02:00
Florent Daigniere
c5c2ee9f1c
simplify 2022-05-22 18:02:13 +02:00
Dimitri Huisman
dc7613b34a Fix healthcheck 2022-03-22 16:01:26 +00:00
Dimitri Huisman
22010ddb4f fix applications.ini 2022-03-22 09:18:51 +00:00
Dimitri Huisman
f2f859280c Merge remote-tracking branch 'origin/master' into feature-switch-snappymail 2022-03-22 09:14:53 +00:00
Dimitri Huisman
9519d07ba2 Switch from RainLoop to SnappyMail 2022-03-22 09:04:56 +00:00
the-djmaze
a3c01a2bbf
Update application.ini
`contacts_autosave` is part of `[defaults]`, not `[plugins]`
2022-03-11 12:26:13 +01:00
bors[bot]
bcecbda9de
Merge
2195: roundcube: Add /overrides directory in include r=mergify[bot] a=mnival

Added the /overrides directory in the roundcube config.inc.php file

## What type of PR?

bug-fix

## What does this PR do?

### Related issue(s)
none

Co-authored-by: mnival <1595998+mnival@users.noreply.github.com>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2022-02-18 10:42:17 +00:00
bors[bot]
b73963aae5
Merge
2207: Update webmail container configuration to support MESSAGE_SIZE_LIMIT r=mergify[bot] a=marioja

## What type of PR?

bug-fix

## What does this PR do?

### Related issue(s)
- Auto close an issue like: closes  

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Mario Jauvin <marioja@users.noreply.github.com>
2022-02-17 14:04:59 +00:00
Mario Jauvin
490e27e229 Start fastcgi process manager after config files updated 2022-02-13 20:40:08 -05:00
bors[bot]
6d348b1650
Merge
2196: roundcube-carddav : Use des_key for pwstore_scheme  r=nextgens a=mnival

roundcube-carddav: Configuring pwstore_scheme in carddav plugin with des_key because Mailu is incompatible with encrypted

https://github.com/mstilkerich/rcmcarddav/blob/master/doc/ADMIN-SETTINGS.md#password-storing-scheme

## What type of PR?

bug-fix

## What does this PR do?

### Related issue(s)
- closes 

Co-authored-by: mnival <1595998+mnival@users.noreply.github.com>
2022-02-13 15:56:38 +00:00
Mario Jauvin
e47d9bf9be Revert "Set client_max_body_size in default nginx config file"
This reverts commit db39d6b1e238f35ea1d9a9b08a6f25316ce74b8f.
2022-01-31 21:44:59 -05:00
Mario Jauvin
db39d6b1e2 Set client_max_body_size in default nginx config file 2022-01-31 16:37:23 -05:00
Mario Jauvin
53a8543772 update permission 2022-01-31 13:59:08 -05:00
Mario Jauvin
5a909bd45d Add config.py and set permissions 2022-01-31 13:53:40 -05:00
Mario Jauvin
7dc9802447 Added subprocess import 2022-01-31 12:19:15 -05:00
Mario Jauvin
a9f4fc1b3c Use MESSAGE_SIZE_LIMIT in webmail container also
The webmail container should use the same value as the front container.
2022-01-31 11:40:33 -05:00
mnival
5695bbb0f6 Configuring pwstore_scheme in carddav plugin with des_key because Mailu is incompatible with encrypted 2022-01-28 22:03:18 +01:00
Eric
d9ea9f7009
Update php.ini
matching rainloop php to roundcube's: timezone is a parameter in mailu.env
2022-01-28 10:45:39 -07:00
mnival
4b9781210f Add /overrides directory in include 2022-01-28 16:02:27 +01:00
Alexander Graf
37855153b8
fixed plugin path 2022-01-17 18:12:53 +01:00
willofr
93a94d33ce
update roundcube to 1.5.2 (security fix)
New roundcube release (1.5.2) where a XSS is addressed: https://roundcube.net/news/2021/12/30/update-1.5.2-released
2022-01-05 11:17:31 +01:00
bkraul
d494dd7d2a Fixes 2022-01-03 07:56:52 -06:00
Dimitri Huisman
b248026933 Fix . Gpg-agent package was missing for roundcube image. 2022-01-01 10:51:11 +00:00
Florent Daigniere
6d5926ef29 prettify 2021-12-21 16:06:34 +01:00
Dimitri Huisman
385cb28bf2 Correctly calculate and set SESSION_TIMEOUT in roundcube 2021-12-20 22:13:18 +00:00
Dimitri Huisman
ab80316df6 Fix error in roundcube config 2021-12-20 21:24:03 +00:00
Florent Daigniere
3a46ee073c Make roundcube use SESSION_TIMEOUT 2021-12-20 11:36:56 +01:00
Alexander Graf
1a41657f90
add documentation, allow overrides, clean plugins 2021-12-18 17:43:21 +01:00
Alexander Graf
b3d48cc20f
fixed health check 2021-12-18 16:43:18 +01:00
Alexander Graf
e7e283663d
Merge remote-tracking branch 'upstream/master' into update_roundcube 2021-12-17 22:23:08 +01:00
Alexander Graf
64acfacc73
duh. typo 2021-12-17 15:55:16 +01:00
Alexander Graf
547ad253e1
added plugin selection, derive key, clean env 2021-12-17 15:54:05 +01:00
Alexander Graf
7c2c2dc65a
updated to carddav 4.3.0 2021-11-30 17:18:59 +01:00
Alexander Graf
1ebdb26979
updated to rc 1.5.1 2021-11-29 14:21:26 +01:00
Dimitri Huisman
f7677543c6 Process code review remarks
- Moved run to bottom of Dockerfile to allow using unmodified / cached states.
- Simplified bash code in deploy.sh.
- Improved the large bash one-liner in CI.yml. It could not handle >9 for 1.x.
2021-11-18 17:21:56 +00:00
Dimitri Huisman
56dd70cf4a Implement versioning for CI/CD workflow (see ). 2021-11-17 20:00:04 +00:00
Alexander Graf
423b8a6b9b
Merge branch 'master' into update_roundcube 2021-11-07 21:35:53 +01:00
DjVinnii
a6beb234ff Set timezone in roundcube.ini 2021-11-04 16:17:11 +01:00
DjVinnii
225160610b Set default TZ in Dockerfiles 2021-11-04 14:22:12 +01:00
Alexander Graf
6003e11533 duh. add timezone (again) 2021-11-03 19:32:31 +01:00
Alexander Graf
949efcf537 prevent endless redirect loop on nginx failure 2021-11-03 19:16:37 +01:00
Alexander Graf
c89045ed03 duh 2021-11-03 15:20:30 +01:00