1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Commit Graph

841 Commits

Author SHA1 Message Date
Dimitri Huisman
55a601de5a Add missing import for validators, improve behaviour when an error occurs. 2022-02-17 13:09:15 +00:00
Dimitri Huisman
7d801c560c Improve if statement 2022-02-17 12:45:35 +00:00
Kevin Falcoz
3fe1dbe881
Add input validation for domain creation 2022-02-01 13:08:30 +01:00
Florent Daigniere
b9e614145f there too 2022-01-21 15:01:23 +01:00
Florent Daigniere
b7fb8c661a switch to new API 2022-01-21 14:54:49 +01:00
Billy Chan
90394d7d8c 🎨 use resolver.resolve 2022-01-21 21:17:37 +08:00
shing6326
32446f03e7
Update start.py
fix missing leading . for the resolver test
2022-01-21 15:47:22 +08:00
bors[bot]
1e53530164
Merge #2144
2144: Enable unbound by default, warn if the DNS resolver doesn't work r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Enable unbound by default, warn if the DNS resolver doesn't work

### Related issue(s)
- close #2135

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2022-01-12 13:21:49 +00:00
Florent Daigniere
a9da0c084a
syntax error 2022-01-12 13:44:17 +01:00
Florent Daigniere
a2f6243382
remove the error variable 2022-01-12 13:34:18 +01:00
Florent Daigniere
b12616b93f
Make the recommendation clearer 2022-01-12 09:55:14 +01:00
Alexander Graf
f809be39bf
supply missing fields argument 2022-01-11 18:53:01 +01:00
Florent Daigniere
7bd1fd3489 fix 2145 2022-01-07 09:07:32 +01:00
Florent Daigniere
379fe18f7a test dns resolvers at startup 2022-01-05 18:49:30 +01:00
Florent Daigniere
98973223fd
reduce TTL to 1d 2022-01-05 11:37:29 +01:00
Florent Daigniere
792893caae change TTL to 1y 2022-01-05 10:41:25 +01:00
Florent Daigniere
671f3e382a Fix 2138: Pin DANE with the full cert 2022-01-05 10:38:27 +01:00
Florent Daigniere
7f89a29790 Fix 2125
Make the caller responsible to know whether the rate-limit code should
be called or not
2022-01-03 13:38:21 +01:00
bors[bot]
65d905fe62
Merge #2099
2099: update Dockerfile to alpine 3.14.3 r=mergify[bot] a=willofr

## What type of PR?
Security fix

## What does this PR do?
Updated the Dockerfile to use the latest alpine version 3.14.3 where several CVEs have been fixed: https://alpinelinux.org/posts/Alpine-3.14.3-released.html
New images successfully built on my test env.

### Related issue(s)
None

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Will <will@packer-output-c8fcfb40-3d93-4475-8f87-e14a9dd683b6>
Co-authored-by: willofr <willofr@users.noreply.github.com>
2021-12-31 12:06:53 +00:00
bors[bot]
3eca813182
Merge #2116
2116: fix 2114: redirect old path r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Old paths may still be cached in browsers, it's easy enough to redirect them

### Related issue(s)
- close #2114


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2021-12-30 15:24:51 +00:00
Florent Daigniere
c4675e6e75 fix 2114: redirect old path 2021-12-30 15:29:56 +01:00
Dimitri Huisman
b4d3d4b3c9 Preparations for 1.9 release. 2021-12-29 14:40:45 +00:00
Dimitri Huisman
51d94b8d14 Fix issue 2102 2021-12-22 17:40:51 +00:00
Will
b2abbc8856 update Dockerfile to alpine 3.14.3 2021-12-22 09:19:44 +00:00
Florent Daigniere
bee6e980e3 doh 2021-12-21 16:23:27 +01:00
Florent Daigniere
58d0faff7f ensure we clear the token on delete() 2021-12-21 15:59:00 +01:00
Florent Daigniere
2b29cfb3f0 fix cleanup_sessions() 2021-12-21 15:55:59 +01:00
Florent Daigniere
f0247a2faf Use self where appropriate 2021-12-21 15:45:05 +01:00
Florent Daigniere
c161a2c987 syntax 2021-12-21 15:42:12 +01:00
bors[bot]
18865bf03b
Merge #2094
2094: Sessions tweaks r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

- Make all sessions permanent, introduce SESSION_TIMEOUT and PERMANENT_SESSION_LIFETIME.
- Prevent the creation of a session before there is a login attempt
- Ensure that webmail tokens are in sync with sessions

### Related issue(s)
- close #2080 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2021-12-21 13:08:48 +00:00
Dimitri Huisman
d40be05117 Fix missing edit buttons in alias, relay and fetchmail lists in admin. 2021-12-21 12:10:04 +00:00
Florent Daigniere
a28c7f903e do it once 2021-12-21 09:50:01 +01:00
Dimitri Huisman
f88daa1e77 Add missing cast to int 2021-12-20 21:07:25 +00:00
Florent Daigniere
5f313310d4 regenerate() shouldn't extend lifetime 2021-12-20 09:37:11 +01:00
Florent Daigniere
fe18cf9743 Fix 2080
Ensure that webmail tokens are in sync with sessions
2021-12-19 23:24:44 +01:00
Florent Daigniere
02c93c44f2 Tweak sessions
simplify:
- make all sessions permanent by default
- update the TTL of sessions on access (save always)
- fix session-expiry, modulo 8byte precision
2021-12-19 20:52:51 +01:00
Florent Daigniere
ea96a68eb4 don't create a session if we don't have to 2021-12-19 20:48:29 +01:00
Florent Daigniere
346ace5fb3 Make webmail the default action 2021-12-18 15:38:07 +01:00
bors[bot]
08be233607
Merge #2058
2058: Implement versioning for CI/CD workflow. r=mergify[bot] a=Diman0

## What type of PR?

Feature!

## What does this PR do?
This PR introduces 3 things
- Add versioning (tagging) for branch x.y (1.8). E.g. 1.8.0, 1.8.1 etc.
  - docker repo will contain x.y (latest) and x.y.z (pinned version) images.
  - The X.Y.Z tag is incremented automatically. E.g. if 1.8.0 already exists, then the next merge on 1.8 will result in the new tag 1.8.1 being used.
- Make the version available in the image.
  -  For X.Y and X.Y.Z write the version (X.Y.Z) into /version on the image and add a label with version=X.Y.Z
	  -  This means that the latest X.Y image shows the pinned version (X.Y.Z e.g. 1.8.1) it was based on. Via the tag X.Y.Z you can see the commit hash that triggered the built.
  -  For master write the commit hash into /version on the image and add a label with version={commit hash}
-  Automatic releases. For x.y triggered builts (e.g. merge on 1.9) do a new github release for the pinned x.y.z (e.g. 1.9.2). 
  -  Release shows a static message (see RELEASE_TEMPLATE.md) that explains how to reach the newsfragments folder and change the branch to the tag (x.y.z) mentioned in the release. Now you can get the changelog by reading all newsfragment files in this folder.

This PR does not change anything to our workflow (what we (human persons) do). Our processes are still exactly the same. The above introduced logic is automatic. When we backport to X.Y all the magic for creating the pinned version X.Y.Z is handled by the CI/CD workflow.

### Related issue(s)
- closes #1182

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.

## Testing
Suggested testing steps. This should cover all situations including BORS. It does require that you use your own docker repo or temporarily create a new one.
Suggested testing steps.
1. Create new github repo.
2. Add the required docker secrets to the project (see beginning of CI.yml for the secret names), DOCKER_UN, DOCKER_PW, DOCKER_ORG, DOCKER_ORG_TESTS.
3. Clone the project.
4. Copy the contents of the PR to the cloned project.
5. Push to your new github repo.
6. Now master images are built. Check that images with tag master are pushed to your docker repo
7. Check with docker inspect nginx:master that it has the label version={commit hash}.
8. Run an image, run `docker-compose exec <name> cat /version`. Note that /version also contains the pinned version. For master the pinned version is the commit hash.
9. Create branch 1.8. 
10. Push branch 1.8 to repo.
11. Note that tags 1.8 and 1.8.0 are built and pushed to docker repo
12. Inspect label and /version. Note that 1.8 and 1.8.0 both show version 1.8.0.
13. Push another commit to branch 1.8.
14. Note that tags 1.8 and 1.8.1 are built and pushed to docker repo
15. Inspect label and /version. Note that 1.8 and 1.8.1 both show version 1.8.1.
16. Let's check BORS stuff.
17. Create branch testing.
18. Push the commit with the exact commit text (IMPORTANT!!): `Try #1234:`'.
19. Note that images are built and pushed for tag `pr-1234`.
20. Inspect label and /version. Note that the version is `pr-1234`.
20. Create branch staging.
21. Push the commit with commit text: `Merge #1234`.
22. Note that this image is not pushed to docker (as expected).

but you could also check the GH repo and docker repo I used:
https://github.com/Diman0/Mailu_Fork
https://hub.docker.com/r/diman/rainloop/tags

Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2021-12-15 09:29:08 +00:00
Dimitri Huisman
d76773b1df Also check the SMTP port for webmail/token 2021-12-14 14:52:15 +00:00
Dimitri Huisman
f26fa8da84 Fix Webmail token check. Fix Auth-Port for Webmail. #2079 2021-12-14 11:26:33 +00:00
Florent Daigniere
4fffdd95e9 Reduce logging level 2021-12-05 15:07:06 +01:00
Dimitri Huisman
f7677543c6 Process code review remarks
- Moved run to bottom of Dockerfile to allow using unmodified / cached states.
- Simplified bash code in deploy.sh.
- Improved the large bash one-liner in CI.yml. It could not handle >9 for 1.x.
2021-11-18 17:21:56 +00:00
Dimitri Huisman
56dd70cf4a Implement versioning for CI/CD workflow (see #1182). 2021-11-17 20:00:04 +00:00
Alexander Graf
aa1d605665
Merge remote-tracking branch 'upstream/master' into passlib 2021-11-16 10:21:08 +01:00
Alexander Graf
84a5514a97
fixed auto reply form 2021-11-12 12:19:45 +01:00
Alexander Graf
cf7914d050
fixed field iteration 2021-11-11 16:00:00 +01:00
Alexander Graf
fd5bdc8650
added localized date output 2021-11-11 12:20:52 +01:00
Alexander Graf
0315ed78d9
Merge remote-tracking branch 'upstream/master' into update_deps 2021-11-11 11:49:48 +01:00
bors[bot]
56cbc56df7
Merge #2044
2044: Vault/rspamd: don't return any key for relayed domains r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR 

Don't return any key for relayed domains. We may want to revisit this (ARC signing)... but in the meantime it saves from a scary message in rspamd.
    
```signing failure: cannot request data from the vault url: /internal/rspamd/vault/v1/dkim/ ...```


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2021-11-08 16:01:10 +00:00