1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Commit Graph

117 Commits

Author SHA1 Message Date
Dimitri Huisman
5f14c8ced1
Fix unmet dependency 2023-04-04 12:51:59 +00:00
Dimitri Huisman
a2655e3c79
Update dependencies with CVEs 2023-04-04 12:35:27 +00:00
Dimitri Huisman
57a42ff3c8
Update instructions for syncing alpine image 2023-03-28 21:04:22 +02:00
Dimitri Huisman
250a200edb
Mirror alpine image to ghcr.io/mailu docker org to prevent docker pull rate limit.
Use mirrored ghcr.io/mailu/alpine image as base image.
2023-03-28 18:23:35 +00:00
Dimitri Huisman
6d31831cf5
Sigh. Forgot to actually save the modified requirements-dev.txt file.
Remove the pinned version for requirements for dev.
The blocking issue is resolved, so no need to pin the old version.
2023-03-26 13:28:40 +00:00
Dimitri Huisman
709edb522b
Introduce connection string (database url) for roundcube.
Remove database choice from setup.
Remove the old *DB_* database env variables from the documentation.
The env vars are deprecated now. They will be removed after the upcoming
Mailu release.
2023-03-26 12:21:00 +00:00
Florent Daigniere
fed5ab1564 Alpine 3.17.2 2023-02-16 14:28:54 +01:00
Florent Daigniere
802ab533d2 Upgrade to alpine 3.17.1
New openssl, new dovecot
2023-01-29 18:13:49 +01:00
Dimitri Huisman
18b900699c
Bump version of Flask-RESTX to 1.0.5.
This resolves all deprecation warnings caused by Flask-RESTX.
2023-01-25 16:12:14 +00:00
bors[bot]
dae9e9242b
Merge #2624
2624: Move runtime environment variables to the end r=nextgens a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

This moves the environment variables used at runtime from the system to the base image.
It's a workaround for a strange build issue observed when building with hardened malloc enabled.



Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2023-01-13 09:58:34 +00:00
bors[bot]
bbf0ac5d47
Merge #2464
2464: Introduce RESTful API r=mergify[bot] a=Diman0

## What type of PR?

Feature

## What does this PR do?
Introduces a RESTful API for changing the complete Mailu config.
Anything that can be configured in the web administration interface, can also be configured via the Mailu RESTful API.

Via the swagger.json endpoint the complete OpenAPI specification can be retrieved.
Via the endpoint swaggerui, a web client is available which shows all the endpoints, data models and allows you to submit requests.

See docs/api.rst and docs/configuration.rst for details for enabling it.

### Related issue(s)
- closes #445 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2023-01-12 18:48:32 +00:00
Alexander Graf
712679b4d8
Duh 2023-01-12 18:19:35 +01:00
Alexander Graf
d558be20f6
Move runtime environment variables to the end 2023-01-12 15:23:00 +01:00
Florent Daigniere
052f8e41ba Upgrade to snuffleupagus 0.9.0 2023-01-10 12:28:38 +01:00
Dimitri Huisman
bcceac359d
Merge branch 'apiv1' of https://github.com/ghostwheel42/Mailu into feature-445-restful-api-ghostwheel 2023-01-05 10:18:02 +00:00
Alexander Graf
6f71ea833b
Update python dependencies as suggested by dependabot 2022-12-29 15:36:07 +01:00
Alexander Graf
be40781394
Add default for WEB_API, re-add flask-restx to deps, remove whitespace 2022-12-27 14:28:25 +01:00
Florent Daigniere
108958cabb drop privs better 2022-12-23 10:58:06 +01:00
Florent Daigniere
cea533ae57 Merge remote-tracking branch 'upstream/master' into oletools 2022-12-19 12:05:27 +01:00
bors[bot]
251db0b1af
Merge #2562
2562: Dynamic address resolution everywhere r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Use dynamic address resolution everywhere.
Derive a new key for admin/SECRET_KEY
Cleanup the environment

This should allow restarting containers.

### Related issue(s)
- closes #1341
- closes #1013
- closes #1430

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-12-19 10:12:26 +00:00
Florent Daigniere
df924b0864 doh 2022-12-19 11:04:25 +01:00
Florent Daigniere
0fa239da11 These tests are not required anymore 2022-12-19 10:43:40 +01:00
bors[bot]
f169f81436
Merge #2571
2571: Upgrade to alpine 3.17.0 r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Upgrade to alpine 3.17.0.

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-12-08 20:35:17 +00:00
Florent Daigniere
e42d029c25 normalize booleans 2022-12-08 17:41:33 +01:00
Florent Daigniere
ae6af92b1d it's called libretls! 2022-12-08 16:38:06 +01:00
Florent Daigniere
4e3874b0c1 Enable dynamic resolution of hostnames 2022-12-08 13:00:50 +01:00
Florent Daigniere
dfaba5bb17
No need for two commands here 2022-12-07 15:51:54 +01:00
fastlorenzo
0209825277
Add net_bind_service capability for python executable
Signed-off-by: fastlorenzo <git@bernardi.be>
2022-12-07 11:43:26 +01:00
Florent Daigniere
622e093122 not required anymore 2022-12-02 17:23:58 +01:00
Florent Daigniere
73107ba112 libressl-dev is broken in the new release 2022-12-02 17:19:11 +01:00
Florent Daigniere
619a5fbda2 Upgrade to alpine 3.17.0 2022-12-02 16:44:44 +01:00
Florent Daigniere
3e38e7b89d Remove the dependency on pyOpenSSL 2022-11-27 16:07:48 +01:00
bors[bot]
a8630c5a3b
Merge #2550
2550: Webmail hardening r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Add [Snuffleupagus](https://github.com/jvoisin/snuffleupagus/) (a modern Suhosin replacement) to protect webmails.

It may be possible to harden further, by encrypting some of the cookies and auditing the usage of gpg more closely.

This seems to work for me.

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-24 13:36:12 +00:00
Florent Daigniere
e03d91a1ec Merge remote-tracking branch 'upstream/master' into oletools 2022-11-24 10:35:03 +01:00
Florent Daigniere
9fcff5e745 Pin what we get from edge 2022-11-24 10:13:04 +01:00
Florent Daigniere
63a12d9857 changes requested by ghost 2022-11-24 10:00:00 +01:00
Florent Daigniere
4881e0db2a ghost is right, it should be pinned here too 2022-11-23 17:15:03 +01:00
Florent Daigniere
adacf579fc Rollback to mysql-connector-python==8.0.29
See #2553
2022-11-23 15:49:58 +01:00
Florent Daigniere
3e45a791cf Implement oletools to filter out bad macros 2022-11-23 15:42:46 +01:00
Florent Daigniere
9e61a33cb2 Merge branch 'master' of https://github.com/Mailu/Mailu into webmail-hardening 2022-11-22 10:03:38 +01:00
Florent Daigniere
d3d7916b58 Merge remote-tracking branch 'upstream/master' into upgrade-alpine 2022-11-21 17:22:15 +01:00
bors[bot]
31c6c26ec8
Merge #2547
2547: Disable libhardened-malloc for non x86. r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Support is going to be a nightmare if RPI4 is not working; We can always reintroduce it later.

### Related issue(s)
- closes #2541 


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-20 16:55:19 +00:00
Florent Daigniere
db9ed1fd59 Disable libhardened-malloc for non x86.
@see #2541

Support is going to be a nightmare if RPI4 is not working.
2022-11-20 16:26:27 +01:00
Florent Daigniere
e5ab9821f9 Add snuffleupagus
This seems to work in my limited testing.
2022-11-18 13:25:02 +01:00
Florent Daigniere
42cd5bf2dc Move it to base since admin will also use it 2022-11-17 15:17:24 +01:00
Florent Daigniere
e5a1a353db Upgrade to alpine 3.16.3
This has PHP fixes and a new rspamd
2022-11-17 14:19:22 +01:00
bors[bot]
68bb8da2b7
Merge #2538
2538: Fix the ARM build again r=mergify[bot] a=nextgens

I have double-checked from the builder and this works.

gcc -v from the alpine image tells me that we have  ``--enable-default-pie``

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-17 11:24:25 +00:00
Florent Daigniere
7745420fe0 Fix the ARM build again 2022-11-17 11:25:33 +01:00
bors[bot]
b66f3fe9de
Merge #2537
2537: Fix the armv7 build (again)! r=mergify[bot] a=nextgens

Revert "simplify": ghostwheel42's approach was right
This reverts commit 04f6bd2633.

Without the build still errors-out because of ``set -euxo pipefail``
see https://github.com/Mailu/Mailu/actions/runs/3479399158/jobs/5817902589

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-17 08:46:32 +00:00
Florent Daigniere
b9b0c77d2e Revert "simplify": ghostwheel42's approach was right
This reverts commit 04f6bd2633.
2022-11-17 09:28:26 +01:00