1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-20 20:22:38 +02:00
Commit Graph

4470 Commits

Author SHA1 Message Date
Vincent Kling
10583f57dd Add newsfragment 2022-09-26 09:53:10 +02:00
Vincent Kling
102d96bc7d Implement event lister to keep updated_at unchanged on quota_bytes_used updates 2022-09-26 09:48:29 +02:00
Vincent Kling
a02a2c26a7 Fix typo 2022-09-25 10:34:41 +02:00
Vincent Kling
486dd06ca8 Add missing German translation for Start of vacation 2022-09-23 15:17:26 +02:00
Vincent Kling
84f60116ea Add missing Dutch translations 2022-09-23 15:14:15 +02:00
bors[bot]
ba27cdb3a8
Merge #2450
2450: Introduce TLS_PERMISSIVE for port 25 r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

This new advanced setting to harden cipher configuration on port 25. Changing the default is strongly discouraged, please read the documentation before doing so.

This specific feature has been requested numerous times... and while it's a terrible idea, I'm getting tired of explaining why every time. Those that would rather go through the fun of tracing missing emails tomorrow than picking a fight with their auditor today can enable it.

### Related issue(s)
- close #2449
- close #1945
- #1617

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-09-14 11:43:08 +00:00
Florent Daigniere
85a2aafcdf ghostwheel42's suggestions 2022-09-14 11:03:44 +02:00
Florent Daigniere
9a38a22df3 typo 2022-09-14 10:59:38 +02:00
Florent Daigniere
6a0e881522 Introduce TLS_PERMISSIVE for port 25
This new advanced setting to harden cipher configuration on port 25. Changing the default is strongly discouraged, please read the documentation before doing so.
2022-09-12 12:53:57 +02:00
Florent Daigniere
256fa5c90c doh 2022-09-08 17:36:18 +02:00
Florent Daigniere
7272a99d18 fuzzy matching and bayes are two different things
document accordingly
2022-09-08 17:35:08 +02:00
Florent Daigniere
5d09390147 enable rspamd's autolearn feature 2022-09-08 17:32:50 +02:00
bors[bot]
48e1e91a2c
Merge #2444
2444: Remove POD_ADDRESS_RANGE r=mergify[bot] a=DjVinnii

## What type of PR?

Removal

## What does this PR do?

As discussed in #1209 `POD_ADDRESS_RANGE` should be removed in favor of  `SUBNET`. This PR removes the few references that are still left.

### Related issue(s)
- closes #1258

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Vincent Kling <v.kling@vinniict.nl>
2022-09-01 15:03:10 +00:00
Vincent Kling
bab3f0f5a4 Remove POD_ADDRESS_RANGE 2022-09-01 15:08:26 +02:00
bors[bot]
cdb4833e77
Merge #2443
2443: Use RUNNER_TEMP for storing cache files. r=mergify[bot] a=Diman0

## What type of PR?

enhancement

## What does this PR do?
Use RUNNER_TEMP for storing cache files in workflow. This should prevent issues on the self-hosted arm runner. Each runner will store cache files in a runner unique temp folder. This temp folders is cleared at the beginning and the end of the job.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2022-09-01 12:54:16 +00:00
Florent Daigniere
254277a829
runner.temp is what should be used 2022-09-01 14:45:44 +02:00
Dimitri Huisman
22fe65e4d8 Use RUNNER_TEMP for storing cache files. 2022-09-01 12:39:23 +00:00
Dimitri Huisman
56d0e795eb
Push arm images via arm self-hosted runner 2022-08-31 21:07:27 +02:00
bors[bot]
af79ade594
Merge #2441
2441: Switch to ARM64 self-hosted for ARM build r=mergify[bot] a=Diman0

## What type of PR?

enhancement

## What does this PR do?

Switch to ARM64 self-hosted runner for building ARM/v7 and ARM64 images. Depending on the performance we could introduce tests as well in a new PR.

Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2022-08-31 18:24:53 +00:00
Dimitri Huisman
d76d3b4959 Switch to ARM64 self-hosted for ARM build 2022-08-31 18:17:45 +00:00
bors[bot]
7ed1da5bf1
Merge #2440
2440: The ARM wheels don't work r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Remove piwheels to ensure we always rebuild on ARM

### Related issue(s)
- closes #2439
- #1200


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-08-31 13:39:19 +00:00
Florent Daigniere
35a794cfd6 The ARM wheels don't work 2022-08-31 13:44:54 +02:00
bors[bot]
d931cbd528
Merge #2437
2437: Fix mysql r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

In #2422 we have switched from mysqlclient to mysql-connector ... and apparently SQLalchemy needs to be told explicitly.

This hasn't been tested.

### Related issue(s)
- close #2435

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-08-30 12:41:50 +00:00
Florent Daigniere
8a26934db5 towncrier 2022-08-30 14:27:41 +02:00
Florent Daigniere
355589a23c Apparently SQLAlchemy needs to be told explictely 2022-08-30 14:26:10 +02:00
bors[bot]
60f94abc94
Merge #2430
2430: Prevent signups for accounts where an alias exists r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

This prevent signups for accounts where an SQL like alias exists; we already do it for non-SQL like aliases

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-08-29 08:19:00 +00:00
Florent Daigniere
30b3a3771e Prevent signups with accounts where an alias exists 2022-08-27 18:09:52 +02:00
bors[bot]
d0113800fe
Merge #2426
2426: Update docs to mention .inc.php for roundcube r=nextgens a=DannyDaemonic

My recent patch updated the roundcube overrides to use .inc.php vs .inc (as is done in roundcube and as suggested by roundcube plugin docs). I updated the overrides section in the docs but a page that links to the overrides section still had the old ".inc" file name. This fixes that oversight. Sorry about that.

## What type of PR?

documentation

## What does this PR do?

Updates configuration.rst to also reflect the new extension.

## Prerequisites
This patch neither adds features nor requires a towncrier.

Co-authored-by: Danny Daemonic <DannyDaemonic@gmail.com>
2022-08-24 09:06:25 +00:00
bors[bot]
6bed48e2ac
Merge #2427
2427: Switch ci/cd workflow to use local build cache for buildx r=mergify[bot] a=Diman0

## What type of PR?
enhancement

## What does this PR do?
Switch to local build cache, cached via actions/cache@v3
The previous method of using gha cache via buildx proved to be unreliable. Using a local cache via actions/cache@v3 is much more reliable. The build job will re-use cache from previous workflow runs.
The total workflow time is still similar ~12 minutes.

If the cache action does intermittently seem to have issues with slow download, we can configure a lower timeout. It is now set on the default 60 minutes.

Some important tidbits:
Cache fragment in build step:
```
     - name: Configure actions/cache@v3 action for storing build cache in the /tmp/cache folder
        uses: actions/cache@v3
        with:
          path: /tmp/cache/${{ matrix.target }}
          key: ${{ github.ref }}-${{ inputs.mailu_version }}-${{ matrix.target }}-${{ github.run_id }}
          restore-keys: |
            ${{ github.ref }}-${{ inputs.mailu_version }}-${{ matrix.target }}
```
- actions/cache will never update a cache. So on cache-hit (key is found), the cache will not be updated. 
  - To workaround this, it is possible to use a key that will not have a cache hit. And use restore-keys to lookup and load an existing cache. `${{ github.ref }}-${{ inputs.mailu_version }}-${{ matrix.target }}` matches with `${{ github.ref }}-${{ inputs.mailu_version }}-${{ matrix.target }}-${{ github.run_id }}`.
  - So this will result the cache being loaded from a previous workflow. For more info see https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows#example-using-multiple-restore-keys
- Two jobs cannot write to the same cache simultaneously. If two jobs (in the same workflow or between workflows) access the same cache (key), then only one of the two workflows can update the cache. For this reason the cache key used in the build step must be unique.
- ${{ inputs.mailu_version }} is used to make sure x64 and arm do not access each others build cache.

 Unfortunately it is not possible to use a for loop to loop through steps. For this reason it is not possible possible to shorten the amount of action/Cache@v3 steps. The only possibility is to create our own [composite action](https://docs.github.com/en/actions/creating-actions/creating-a-composite-action). But this makes it maybe to complex. Then the action.yml of the composite action must be maintained as well.

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a] In case of feature or enhancement: documentation updated accordingly
- [n/a] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2022-08-24 08:55:18 +00:00
Dimitri Huisman
25413eaf2a
Create SECURITY.md 2022-08-24 08:51:47 +02:00
Dimitri Huisman
5732b2316f Switch to local build cache, cached via actions/cache@v3
The previous method of using gha cache via buildx proved to be
unreliable. Using local cache via actions/cache@v3 is much more
reliable.
The build job will re-use cache from previous workflow runs.
The total workflow time is still similar ~12 minutes.
2022-08-23 21:09:03 +00:00
Danny Daemonic
ed5e8cce0e Update docs to mention .inc.php for roundcube
A recent patch updated the roundcube overrides to use .inc.php vs .inc,
as it's done in roundcube (and as suggested by roundcube plugin docs).

It corrected the overrides and fixed it's section in the faq, but missed
a section in the configuration docs that to the overrides. This fixes
that oversight.
2022-08-22 00:30:15 -07:00
bors[bot]
04a932bf66
Merge #2423
2423: Correct the extension of files used for Roundcube overrides r=mergify[bot] a=DannyDaemonic

This adds ".inc.php" files to the included overrides while maintaining support for existing ".inc" files previously included via overrides. It also updates the corresponding documentation.

Roundcube itself uses "inc.php" files and these overrides are expected to match that format. Switching to "inc.php" both tells the user that these need to be proper php files and conveys they are used for changing the same settings that Roundcube's inc.php files modify.

## What type of PR?

bug-fix, documentation

## What does this PR do?

- Adds ".inc.php" to the list of include files being built in roundcube's start.py
- Updates override information in the faq section: [How can I override settings?](https://github.com/Mailu/Mailu/blob/master/docs/faq.rst#how-can-i-override-settings)
- Includes changelog recommends using .inc.php moving forward

## Related issue(s)
- This addresses confusion seen in issues like: #2388

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Danny Daemonic <DannyDaemonic@gmail.com>
2022-08-20 15:56:04 +00:00
bors[bot]
d30bc033ae
Merge #2425
2425: Hotfix for workflow. For build step do not build from cache. r=mergify[bot] a=Diman0

Hotfix for workflow. For build step do not build from cache.
Make sure cache layers are unique by using ${{ github.ref }}

The build job uses the cache-from. This is not required. Due to non-unique cache keys it also resulted the build step building from cache. 
As a precaution the ${{ github.ref }} and ${{ github.run_id }} are appended to the cache key for the build cache layers. This should make sure the cache keys are unique among workflow runs

## What type of PR?

bug-fix

## What does this PR do?

### Related issue(s)
n/a

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a] In case of feature or enhancement: documentation updated accordingly
- [n/a ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2022-08-20 09:21:01 +00:00
Dimitri Huisman
312a733ae3 prefix the cache key with a hash (to help with sharding) 2022-08-20 09:18:54 +00:00
Dimitri Huisman
f35d82b3a0 Also ${{ github.run_id }} for cache key.
This makes rue that the cache key is unique across workflow runs
2022-08-20 08:51:56 +00:00
Dimitri Huisman
d56eb16f52 Hotfix for workflow. For build step do not build from cache.
Make sure cache layers are unique by using ${{ github.ref }}
2022-08-20 08:43:27 +00:00
bors[bot]
840d1dc8e6
Merge #2424
2424: Switch to mode=min for GHA cache for docker buildx  r=mergify[bot] a=Diman0

Switch to mode=min for GHA cache for docker buildx to prevent rate limiting in GHA workflow.
It has hardly any influence on build times. 
See https://github.com/Diman0/Mailu_Fork/actions/runs/2893811188
It is still ~12 minutes.

For example search for SHA256 in the logs of https://github.com/Mailu/Mailu/runs/7923068540?check_suite_focus=true:
- 304 hits!
- With 6 tests that is 1824 cache hits

Search for SHA256 in the logs  of https://github.com/Diman0/Mailu_Fork/runs/7929824199?check_suite_focus=true
- 186 hits
- With 6 tests that is 1116 cache hits

That is better. I hope this will prevent rate limiting issues.

## What type of PR?

enhancement

## What does this PR do?

### Related issue(s)
None

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a] In case of feature or enhancement: documentation updated accordingly
- [n/a] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2022-08-20 08:16:43 +00:00
Dimitri Huisman
dd3f1a3376 Switch to mode=min for GHA cache for docker buildx to prevent ratelimiting in GHA workflow 2022-08-20 07:49:36 +00:00
bors[bot]
b962319ba1
Merge #2422
2422: Build wheels only if we have to. r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

This massively speeds the CI up; We don't need to install a compiler and rebuild when we have wheels available... with this admin builds 4 times faster.

### Related issue(s)
- #1830


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2022-08-20 05:53:38 +00:00
Danny Daemonic
3eeb7962c2 Correct the extension used for Roundcube overrides
This adds ".inc.php" files to the included overrides while maintaining
support for existing ".inc" files previously included via overrides.

Roundcube itself uses "inc.php" files and these overrides are expected
to match that format. Switching to "inc.php" both tells the user that
these need to be proper php files and conveys they are used for changing
the same settings that Roundcube's inc.php files modify.
2022-08-19 15:56:02 -07:00
Dimitri Huisman
3493e9ffa9 Doh! 2022-08-19 20:32:53 +00:00
Dimitri Huisman
867c71ca83 Fix date (deadline) calculation and comparison in test.py 2022-08-19 20:24:07 +00:00
Dimitri Huisman
9339ce78e8 Fix datetime usage in test.py 2022-08-19 18:57:58 +00:00
Florent Daigniere
72b8939ad7 doh 2022-08-19 20:25:34 +02:00
Florent Daigniere
6fb554bc2e Do the same for the postfix container 2022-08-19 20:21:00 +02:00
Florent Daigniere
630a23da3c Don't wait for the timeout in the tests
If the containers are ready use them.
2022-08-19 20:04:45 +02:00
Dimitri Huisman
81c9e01d24 finishing touches for PR# 2328
Antispam.rst contained a syntax error.
Move config description to common section which is more fitting.
Fixed wrong assignment of default value for DEFAULT_SPAM_THRESHOLD in models.py.
2022-08-19 17:58:33 +00:00
Florent Daigniere
1500936232 Some people will need this at runtime 2022-08-19 19:32:42 +02:00
Florent Daigniere
bd5fd9536d doh 2022-08-19 19:25:49 +02:00