1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Commit Graph

4698 Commits

Author SHA1 Message Date
bors[bot]
f17aa85b54
Merge #2896
2896: Update python deps to fix CVEs and build r=mergify[bot] a=ghostwheel42

## What type of PR?

Security

## What does this PR do?

Fixes CVEs shown by depandabot and fixes build.


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2023-08-06 17:39:13 +00:00
Alexander Graf
2d9b348eb0
Update python deps to fix CVEs and build 2023-08-06 17:03:51 +02:00
bors[bot]
62096c77c0
Merge #2895
2895: Avoid a stack-trace when the ratelimit is hit r=nextgens a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Avoid a stack-trace when the ratelimit is hit. This is only affecting the last few commits of master.

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-08-06 11:26:33 +00:00
bors[bot]
2e3e8bb0d8
Merge #2894
2894: fix fail2ban regexp r=nextgens a=nextgens

## What type of PR?

documentation

## What does this PR do?

There is now a second log line we also need to match

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-08-06 05:12:06 +00:00
Florent Daigniere
40b5e7ca39 Avoid a stack-trace when the ratelimit is hit 2023-08-05 18:24:11 +02:00
Florent Daigniere
a0c93da850 fix fail2ban regexp 2023-08-05 18:16:31 +02:00
bors[bot]
890f847f6c
Merge #2677
2677: Apply DEFAULT_QUOTA to user creation admin ui page r=mergify[bot] a=PMExtra

## What type of PR?

Feature

## What does this PR do?

Apply `DEFAULT_QUOTA` settings to user creation admin ui page.

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] ~In case of feature or enhancement: documentation updated accordingly~
- [ ] ~Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.~

I'm sorry for that I'm not good at English to update the documentation. But this is not a completed new feature. `DEFAULT_QUOTA` is an existing configuration. I just completed the behaviors. Although this configuration was never documented.

Co-authored-by: PM Extra <pm@jubeat.net>
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2023-06-28 10:22:18 +00:00
bors[bot]
809b21b757
Merge #2873
2873: Fix issue #2811. Clamav Healthcheck created zombie processes r=mergify[bot] a=Diman0

## What type of PR?

bug-fix

## What does this PR do?
The healthcheck of clamav results in zombie processes for some users. This PR addresses this issue. Now the healtcheck checks for the existence of the pid file of clamd and freshclam

Note: [kill -0](https://unix.stackexchange.com/questions/169898/what-does-kill-0-do) can be used to check if a process exists and perform an error check.

### Related issue(s)
- closes #2811 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2023-06-28 08:44:00 +00:00
Dimitri Huisman
4cf9993117
Fix issue #2811. Clamav Healthcheck created zombie processes 2023-06-28 08:33:04 +00:00
bors[bot]
69229436cf
Merge #2866
2866: Improve tokens (add ipranges) r=nextgens a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Allow multiple IP addresses/networks to be set for tokens.

### Related issue(s)


## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-06-26 10:02:58 +00:00
bors[bot]
5995979d60
Merge #2871
2871: Document that the default config for netplan is broken r=mergify[bot] a=nextgens

## What type of PR?

documentation

## What does this PR do?

Document in the FAQ that what looks like DNSSEC failures may be netplan related.

### Related issue(s)
- #2868 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-06-25 19:55:52 +00:00
Florent Daigniere
e1e765bc00 Add a clue 2023-06-25 18:40:16 +02:00
Florent Daigniere
6ca97d112e Document that the default config for netplan is broken 2023-06-25 18:32:05 +02:00
bors[bot]
8b23e8318c
Merge #2869
2869: increase the number of postfix workers r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

increase the number of postfix workers. It was reduced when we were using postscreen ... but this specific part hasn't been reverted properly.

The practical effect is that we should see less ``451 4.3.2 Internal server error``.

### Related issue(s)
- #2861

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-06-25 06:57:26 +00:00
Florent Daigniere
a6d217c455 increase the number of postfix workers 2023-06-24 18:54:18 +02:00
bors[bot]
39777d5b1b
Merge #2847
2847: Use dovecot-proxy r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Use dovecot-proxy instead of nginx's mail module.

This will be required if we want to have BURL, XOAUTH2 or HA/load-balancing (with more than one IMAP instance).

pros:
- fixes $remote_port

cons:
- seems to break SSL resumption

### Related issue(s)
- closes #2848

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-06-24 14:15:04 +00:00
Florent Daigniere
ea0f63ae0d newsfragment 2023-06-24 16:13:05 +02:00
Florent Daigniere
372f008eab bugfix for dovecot-proxy 2023-06-23 16:01:24 +02:00
Florent Daigniere
fbc2f47003 bugfix for dovecot-proxy 2023-06-23 15:57:37 +02:00
Florent Daigniere
8597bb0ebe add migration 2023-06-23 15:56:51 +02:00
Florent Daigniere
29cd857c5f Allow multiple IP addresses/networks to be set for tokens 2023-06-23 15:56:41 +02:00
Alexander Graf
d1e3894b20
Add doc for DEFAULT_QUOTA 2023-06-23 14:51:16 +02:00
Alexander Graf
849f8c0167
Update database.rst
"Set up" is correct in this case.
2023-06-23 14:34:22 +02:00
bors[bot]
0e42f0270b
Merge #2815
2815: Update version to 2.+ in release template r=mergify[bot] a=OdyX

## What type of PR?

Documentation

## What does this PR do?

It's really weird that releases 2.0+ such as https://github.com/Mailu/Mailu/releases/tag/2.0.12 mention 1.9 and 1.9.1; fixin' this.

Co-authored-by: Didier 'OdyX' Raboud <odyx@raksha.ch>
2023-06-20 18:04:54 +00:00
Florent Daigniere
f143aa3dc8 Use dovecot-proxy where appropriate 2023-06-05 10:23:30 +02:00
bors[bot]
9299b68c62
Merge #2844
2844: Ensure we log which account is invalid r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Ensure we log which account is invalid

### Related issue(s)


## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-06-02 13:25:45 +00:00
Florent Daigniere
15569c62df Fix the bug @ghost has reported 2023-06-02 14:53:25 +02:00
Florent Daigniere
50f8a5cb65 Ensure we log which account is invalid 2023-06-02 11:39:42 +02:00
bors[bot]
6f3ee32351
Merge #2838
2838: Authentication failed for email clients when the password contained a non latin-1 character. r=mergify[bot] a=Diman0

## What type of PR?

bug fix

## What does this PR do?
Fixes a bug that results in authentication failing for email clients when the password contains a non latin-1 character.
Issue was caused by the header Auth-Password being returned with non latin-1 characters. Headers must always be latin-1 encoded. Resolved the issue by url encoding the password.

Since the returned password is only used as a partial hash for the rate limiter, I did not add code for un-quoting the password in the /internal/email endpoint.

### Related issue(s)
- closes #2837 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2023-05-31 09:37:18 +00:00
Florent Daigniere
22edc15de2
Update core/admin/mailu/internal/views/auth.py 2023-05-31 11:36:28 +02:00
Dimitri Huisman
9ad7cea515
Update 05_connectivity test to use UTF8 password. 2023-05-31 09:17:59 +00:00
Dimitri Huisman
8c206e8a9b
Retrieve raw password on the correct location 2023-05-31 09:08:03 +00:00
Dimitri Huisman
10a3d1eabb
Get the password from the source.
Remove password from response (not needed)
2023-05-30 15:06:32 +00:00
Dimitri Huisman
008cbdb6b1
Also url encode the password when authentication fails 2023-05-30 14:31:29 +00:00
Dimitri Huisman
5f94be871c
Authentication failed for email clients when the password contained a non latin-1 character. 2023-05-30 14:09:16 +00:00
bors[bot]
097bad138f
Merge #2835
2835: Note ports that need to be open in the firewall r=mergify[bot] a=strugee

## What type of PR?

Documentation

## What does this PR do?

The primary purpose of this change is to include the keyword "firwall" because when I went to open up ports in my network security group I expected a search for "firewall" in the docs to instantly bring this information up, but it didn't.

### Related issue(s)

🤷 none that I saw offhand

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: AJ Jordan <alex@strugee.net>
2023-05-30 09:52:56 +00:00
bors[bot]
589c426601
Merge #2818
2818: Improve auth-related logging r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Improve auth-related logging

### Related issue(s)
- closes #2803 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2023-05-30 09:01:42 +00:00
AJ Jordan
a6c7fdf810
Note ports that need to be open in the firewall
The primary purpose of this change is to include the
keyword "firwall" because when I went to open up ports in my
network security group I expected a search for "firewall" in the
docs to instantly bring this information up, but it didn't.
2023-05-29 19:23:15 -04:00
bors[bot]
b6c093dfd6
Merge #2790
2790: Implement managesieve support r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

This is a better a alternative to #2773

Expose managesieve to the outside world.

### Related issue(s)
- close #2773
- #428
- #113
- #81
- #1222

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-05-26 14:11:33 +00:00
bors[bot]
9921b1c224
Merge #2829
2829: update docs r=mergify[bot] a=nextgens

## What type of PR?

documentation

## What does this PR do?

Update the documentation:
 - debian Stretch -> debian stable (see #2826)
 - docker 24.0.0 is broken (see #2827)
 - document how to get rid of "mount: Deactivated successfully" messages from moby (see #2797)

### Related issue(s)
- closes #2826
- closes #2827 
- closes #2797

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-05-19 15:25:12 +00:00
Florent Daigniere
41757334e2 update docs 2023-05-19 14:58:51 +02:00
bors[bot]
2d09f0d538
Merge #2823
2823: Don't send ooo messages to noreply@ r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Don't send ooo messages to noreply@

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-05-16 14:45:30 +00:00
Florent Daigniere
cab27f77c1 Don't send ooo messages to noreply@ 2023-05-16 10:29:39 +02:00
Florent Daigniere
c68f4d93cf Merge remote-tracking branch 'origin/improve-logs' into improve-logs 2023-05-13 11:59:22 +02:00
Florent Daigniere
1ffb78103f quote the comments 2023-05-13 11:55:54 +02:00
Florent Daigniere
1042911732
Update nginx.py
Fix typo
2023-05-12 21:14:39 +02:00
Florent Daigniere
e88199e274
Update nginx.py
Doh
2023-05-12 20:27:29 +02:00
Florent Daigniere
c60e2fa52c add token.comment too 2023-05-12 19:41:32 +02:00
Florent Daigniere
bd3986131d review 2023-05-12 19:35:06 +02:00
Florent Daigniere
632fe1908a Rename as requested by reviewer 2023-05-10 09:54:56 +02:00