1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Commit Graph

106 Commits

Author SHA1 Message Date
Will
a54a784168 Update alpine-linux to 3.14.5 - Zlib security FIX 2022-03-30 09:08:28 +00:00
Will
d02296c3bc Update alpine-linux to 3.14.4 - OpenSSL security FIX 2022-03-17 10:40:42 +00:00
Will
b2abbc8856 update Dockerfile to alpine 3.14.3 2021-12-22 09:19:44 +00:00
Dimitri Huisman
2efad07c0b Merge branch 'master' of github.com:Diman0/Mailu into remove-mailu-postgresql 2021-12-15 10:00:47 +00:00
bors[bot]
08be233607
Merge #2058
2058: Implement versioning for CI/CD workflow. r=mergify[bot] a=Diman0

## What type of PR?

Feature!

## What does this PR do?
This PR introduces 3 things
- Add versioning (tagging) for branch x.y (1.8). E.g. 1.8.0, 1.8.1 etc.
  - docker repo will contain x.y (latest) and x.y.z (pinned version) images.
  - The X.Y.Z tag is incremented automatically. E.g. if 1.8.0 already exists, then the next merge on 1.8 will result in the new tag 1.8.1 being used.
- Make the version available in the image.
  -  For X.Y and X.Y.Z write the version (X.Y.Z) into /version on the image and add a label with version=X.Y.Z
	  -  This means that the latest X.Y image shows the pinned version (X.Y.Z e.g. 1.8.1) it was based on. Via the tag X.Y.Z you can see the commit hash that triggered the built.
  -  For master write the commit hash into /version on the image and add a label with version={commit hash}
-  Automatic releases. For x.y triggered builts (e.g. merge on 1.9) do a new github release for the pinned x.y.z (e.g. 1.9.2). 
  -  Release shows a static message (see RELEASE_TEMPLATE.md) that explains how to reach the newsfragments folder and change the branch to the tag (x.y.z) mentioned in the release. Now you can get the changelog by reading all newsfragment files in this folder.

This PR does not change anything to our workflow (what we (human persons) do). Our processes are still exactly the same. The above introduced logic is automatic. When we backport to X.Y all the magic for creating the pinned version X.Y.Z is handled by the CI/CD workflow.

### Related issue(s)
- closes #1182

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.

## Testing
Suggested testing steps. This should cover all situations including BORS. It does require that you use your own docker repo or temporarily create a new one.
Suggested testing steps.
1. Create new github repo.
2. Add the required docker secrets to the project (see beginning of CI.yml for the secret names), DOCKER_UN, DOCKER_PW, DOCKER_ORG, DOCKER_ORG_TESTS.
3. Clone the project.
4. Copy the contents of the PR to the cloned project.
5. Push to your new github repo.
6. Now master images are built. Check that images with tag master are pushed to your docker repo
7. Check with docker inspect nginx:master that it has the label version={commit hash}.
8. Run an image, run `docker-compose exec <name> cat /version`. Note that /version also contains the pinned version. For master the pinned version is the commit hash.
9. Create branch 1.8. 
10. Push branch 1.8 to repo.
11. Note that tags 1.8 and 1.8.0 are built and pushed to docker repo
12. Inspect label and /version. Note that 1.8 and 1.8.0 both show version 1.8.0.
13. Push another commit to branch 1.8.
14. Note that tags 1.8 and 1.8.1 are built and pushed to docker repo
15. Inspect label and /version. Note that 1.8 and 1.8.1 both show version 1.8.1.
16. Let's check BORS stuff.
17. Create branch testing.
18. Push the commit with the exact commit text (IMPORTANT!!): `Try #1234:`'.
19. Note that images are built and pushed for tag `pr-1234`.
20. Inspect label and /version. Note that the version is `pr-1234`.
20. Create branch staging.
21. Push the commit with commit text: `Merge #1234`.
22. Note that this image is not pushed to docker (as expected).

but you could also check the GH repo and docker repo I used:
https://github.com/Diman0/Mailu_Fork
https://hub.docker.com/r/diman/rainloop/tags

Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2021-12-15 09:29:08 +00:00
Dimitri Huisman
1eeffe29c0 Remove Mailu PostgreSQL. Make roundcube database configurable via setup. Fix #1838. 2021-12-01 15:59:47 +00:00
Alexander Graf
602accfba7
fixed ipv6 access-control 2021-11-23 10:17:51 +01:00
Dimitri Huisman
f7677543c6 Process code review remarks
- Moved run to bottom of Dockerfile to allow using unmodified / cached states.
- Simplified bash code in deploy.sh.
- Improved the large bash one-liner in CI.yml. It could not handle >9 for 1.x.
2021-11-18 17:21:56 +00:00
Dimitri Huisman
56dd70cf4a Implement versioning for CI/CD workflow (see #1182). 2021-11-17 20:00:04 +00:00
Dimitri Huisman
d7d02152bb Make fetchid file not hidden. 2021-11-13 14:40:22 +00:00
Dimitri Huisman
92e65b33e0 Configure fetchmail to use idfile to keep track of messages.
Run fetchmail as root. This is unfortunately required because
all files are owned by root in the mailu data folder.
In the future  we must switch all images to running all
all processes with a non-root user.
2021-11-10 09:07:03 +00:00
Dimitri Huisman
2404cf2e3d Fix for issue #1223 2021-11-09 14:10:04 +00:00
DjVinnii
225160610b Set default TZ in Dockerfiles 2021-11-04 14:22:12 +01:00
DjVinnii
50d76076ed Add tzdata to optional 2021-11-02 11:19:42 +01:00
Florent Daigniere
1cf0f76b52 not required anymore 2021-09-27 09:04:15 +02:00
Florent Daigniere
e9f84d7d99 Improve the unbound configuration 2021-09-25 16:25:59 +02:00
Alexander Graf
447b237ecb fix freshclam startup
- create pid file in existing folder /run
- let freshclam log to stdout
- remove deprecated SafeBrowsing
2021-09-16 09:05:26 +02:00
Florent Daigniere
d7c2b510c7 Give alpine 3.14.2 a shot 2021-09-01 18:56:44 +02:00
Florent Daigniere
0c4455ccf5 Revert "Rollback to alpine 1.12"
This reverts commit e1ddbb6eec.
2021-09-01 18:53:20 +02:00
Florent Daigniere
e1ddbb6eec Rollback to alpine 1.12
it ships unbound 1.10 that doesn't have the bug I think
08968baec1
2021-08-19 15:33:26 +02:00
Florent Daigniere
0211c06c37 don't need sudo here 2021-07-05 15:54:04 +02:00
Florent Daigniere
420afa53f8 Upgrade to alpine 3.14 2021-07-05 15:50:49 +02:00
parisni
d2803f6f46 Update setup website 2021-06-19 00:38:53 +02:00
parisni
278878d48d Remove unused deps 2021-06-18 23:36:14 +02:00
bors[bot]
42cefab4c2
Merge #1760
1760: Security updates to postgresql r=mergify[bot] a=WebSpider

## What type of PR?

Security update

## What does this PR do?

It fixes vulnerabilities in the sudo package in the postgresql optional container documented in
CVE-2021-23240, CVE-2021-3156 and CVE-2021-23239

### Related issue(s)

None

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Nils Vogels <n.vogels@aves-it.nl>
2021-06-04 07:56:29 +00:00
Dario Ernst
4dbefe8e3a
Merge pull request #1631 from toastboy70/bug/#1536
Change unbound logfile to the empty string
2021-06-03 21:23:29 +02:00
Nils Vogels
6c4fa5432f Provide fix in postgresql container for CVE-2021-23240, CVE-2021-3156, CVE-2021-23239 2021-02-11 12:03:07 +01:00
cbachert
72a9ec5b7c Fix extract_host_port port separation
Regex quantifier should be lazy to make port separation work.
2020-10-24 00:25:53 +01:00
Jon Wilson
5e32447f07 Change unbound logfile to the empty string
This is defined to send log messages to stderr, which is
what we want - fixes #1536 ("Could not open logfile /dev/stdout:
Permission denied")
2020-09-21 15:06:43 +01:00
Richard Gomes
b414757ff8 Fix hardcoded reference to admin container. 2020-08-23 14:32:02 +02:00
ofthesun9
539114a3d6
Merge branch 'master' into test-alpine-3.12 2020-08-09 16:37:45 +02:00
ofthesun9
16ec9adadd
Update optional/radicale/Dockerfile
Co-authored-by: Dario Ernst <github@kanojo.de>
2020-08-09 14:54:00 +02:00
ofthesun9
e8b72099a7 Switching to alpine:3.12 and use fetchmail from alpine repository
alpine3:12 provides fetchmail 6.4.5, so building fetchmail from alpha branch
is not needed anymore (ssl wrapped mode issue fixed) since 6.4.2
2020-06-16 09:19:37 +02:00
ofthesun9
e5f892ce70 Adjust radicale Dockerfile for alpine:3.12 & layers optimisation 2020-06-15 17:48:15 +02:00
ofthesun9
cff2e76269 Switching to alpine:3.12 2020-06-15 17:32:56 +02:00
ofthesun9
506b7e9372 Use Radicale 3.x for webdav service
- remove ==2.1.12 in Dockerfile pip3 install radicale
- remove -f flag in Dockerfile CMD
- remove deprecated daemon and dns_lookup settings from radicale.conf
- move realm setting from [server] to [auth] in radicale.conf
- add newsfragment
2020-05-28 14:57:54 +02:00
ofthesun9
6647c96bf9 Fixed typo in Dockerfile 2020-05-20 08:40:57 +02:00
ofthesun9
45f3772c26 Stick radicale to 2.1.12 version
As 3.0 is breaking compatibility with 2.1 branch
2020-05-20 08:21:59 +02:00
Tim Möhlmann
dd07b0e3aa
Postgresql: default SUBNET6 in pg_hba 2020-05-03 22:53:22 +03:00
bors[bot]
564ca741a4
Merge #1257
1257: Allow local IPv6 connections to Postgres r=mergify[bot] a=tulir

## What type of PR?

bug-fix

## What does this PR do?

Fix postgres connection not working when IPv6 is enabled

Co-authored-by: Tulir Asokan <tulir@maunium.net>
2020-04-30 21:42:06 +00:00
Alexander A. Klimov
313e98c1a2 fetchmail: print unhandled exceptions, but don't crash
refs #1295
2020-03-07 21:41:45 +01:00
kaiyou
7507345ce9 Fix encoding of custom fields in fetchmailrc 2020-02-07 21:44:23 +01:00
Nick Young
0281205313
Upgrade alpine to get new clamav. 2019-12-23 08:57:41 -06:00
bors[bot]
cfd838f310
Merge #1215
1215: Allow specifying the traefik version for cert dumping r=mergify[bot] a=timoschwarzer

## What type of PR?

Enhancement

## What does this PR do?

### Related issue(s)
- #1011 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Timo Schwarzer <me@timoschwarzer.com>
2019-12-09 11:55:17 +00:00
Michael Wyraz
09ee3ce95c Install py3-multidict from repository before installing socrate to avoid the need of gcc during build 2019-12-04 19:05:14 +01:00
Tulir Asokan
dcef6ff3e3
Allow local IPv6 connections to Postgres 2019-11-18 14:15:05 +02:00
Dario Ernst
b374072892 Radicale: Use pip package instead of alpine repo
Required to fix failing builds caused by [alpine]upstream package rebuild against different python version
2019-11-17 14:54:57 +01:00
Tim Möhlmann
4e4b071fb0
Move services into core and optional 2019-10-23 18:27:25 +03:00
Timo Schwarzer
0c82caf817
Allow specifying the traefik version for cert dumping 2019-10-13 21:36:34 +02:00
Aurélien Bondis
124b1d4c71 rebase and update for 3.10, avoid adding qemu file to x86 images 2019-08-21 12:24:30 -04:00