1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Commit Graph

2937 Commits

Author SHA1 Message Date
Alexander Graf
b63081cb48 display error (not exception) when creating admin
repleace misleading python exception (mailu broken)
with error message stating that the admin user is
already present
2021-09-13 14:49:49 +02:00
Alexander Graf
065215d4d1 Merge remote-tracking branch 'upstream/master' into adminlte3_fixes 2021-09-11 12:36:19 +02:00
Alexander Graf
7bec8029a4 strip not necessary anymore 2021-09-09 21:41:03 +02:00
bors[bot]
239e3d82a6
Merge #1974
1974: handle DEFER_ON_TLS_ERROR as bool r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

DEFER_ON_TLS_ERROR is a bool and not a string: fixed jinja2 templates
move mta-sts-daemon.yml to core/postfix/conf

### Related issue(s)

closes #1973

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2021-09-09 17:18:27 +00:00
Alexander Graf
05c79b0e3c copy (and not parse) mta sts override config 2021-09-09 18:45:39 +02:00
Alexander Graf
b02ceab72f handle DEFER_ON_TLS_ERROR as bool
use /conf/mta-sts-daemon.yml when override is missing
2021-09-09 18:00:48 +02:00
Alexander Graf
1e8b41f731 Merge remote-tracking branch 'upstream/master' into adminlte3_fixes 2021-09-09 13:22:15 +02:00
Alexander Graf
b883e3c4a6 duh. 2021-09-09 12:10:34 +02:00
Alexander Graf
bb40ccc4b0 normalize HOSTNAMES
should be moved to python lib and normalized in start.py
2021-09-09 11:58:27 +02:00
Dimitri Huisman
5a1e6dfb61 Added documentation for new LOGO_BACKGROUND and LOGO_URL env variables. 2021-09-08 12:30:28 +00:00
Alexander Graf
45a2be3766 Updated Polish translation.
Used pl/LC_MESSAGES/messages.po from PR#1751 created by martys71
2021-09-06 18:42:50 +02:00
bors[bot]
d464187477
Merge #1964
1964: Alpine3.14.2 r=mergify[bot] a=nextgens

Upgrade to alpine 3.14.2, retry upgrading unbound & switch back to libressl

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2021-09-06 15:59:10 +00:00
Alexander Graf
a319ecde29 also precompress static txt files 2021-09-06 13:52:35 +02:00
Alexander Graf
6c510e2e86 enabled caching via .htaccess 2021-09-06 13:48:13 +02:00
Alexander Graf
b445d9ddd1 set expire headers only for mailu content
also moved robots.txt from config to static folder.
2021-09-06 13:45:48 +02:00
Alexander Graf
698ee4e521 added tiff and webp to list of cached content 2021-09-06 09:10:59 +02:00
Alexander Graf
0094268410 allow to change logo. default color for flash msg
- two new environment variables allow to change logo background color
  and graphic
- flash messages are now green (not cyan)
2021-09-06 09:08:51 +02:00
Alexander Graf
d8b4a016af use blue color from https://mailu.io/ 2021-09-06 08:41:49 +02:00
bors[bot]
6fe265b548
Merge #1968
1968: optimize handle_authentication r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

catch utf-8 decoding errors and log a warning in handle_authentication instead of writing a traceback into the log.

### Related issue(s)

closes #1361

## Prerequistes

Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2021-09-05 20:19:00 +00:00
bors[bot]
d8dc765f04
Merge #1967
1967: fix 1789: ensure that nginx resolves ipv4 addresses r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

This fixes ipv6 enabled setup by disabling it. If you were using SUBNET6 in your configuration, odds are it's broken since gunicorn isn't bound on an on an ipv6 enabled socket.

Should we backport this?

### Related issue(s)
- close #1789
- close #1802


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2021-09-05 19:11:50 +00:00
bors[bot]
e38844cfcd
Merge #1961
1961: Implement MTA-STS and DANE validation r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

Implement MTA-STS: the tls_policy_map will now be auto-configured based on the policies published by the various domains. A FAQ entry has been added to document how to publish a policy using Mailu.

As configured by default there is no persistence. If we want persistence we can have either sqlite3 (with a db in the mailqueue) or redis...

This also introduces a DEFER_ON_TLS_ERROR (default: True) setting that will harden policy enforcement and defer emails that shouldn't be delivered. Turn it off if you never want to set an override.

### Related issue(s)
- closes #1798
- closes #707 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2021-09-05 17:51:02 +00:00
Alexander Graf
90c96bdddc optimize handle_authentication
- catch decoding of nginx headers (utf-8 exception)
- re-ordered function
2021-09-05 19:47:10 +02:00
Florent Daigniere
7aa403573d no with here 2021-09-05 19:06:20 +02:00
Florent Daigniere
0ee52ba65b Doh 2021-09-05 19:03:54 +02:00
Florent Daigniere
0f0459e9b2 suggestions from @ghostwheel42 2021-09-05 18:49:07 +02:00
Florent Daigniere
9888efe55d Document as suggested on #mailu-dev 2021-09-05 18:23:08 +02:00
Alexander Graf
7bede55fce more verbose cleaning message 2021-09-05 17:48:20 +02:00
Alexander Graf
4c4031ab74 added feature file 2021-09-05 17:48:02 +02:00
Florent Daigniere
a9a1b3e55e Reduce the EDNS0 size to 1232
@see
https://github.com/dns-violations/dnsflagday/issues/125
2021-09-05 15:28:59 +02:00
Florent Daigniere
72ba5ca3f9 fix 1789: ensure that nginx resolves ipv4 addresses 2021-09-03 21:59:53 +02:00
Alexander Graf
7fd605cc21 fixed brand link target for normal users 2021-09-03 13:41:33 +02:00
Florent Daigniere
d8c22db547 Merge remote-tracking branch 'upstream/master' into policyd-mta-sts 2021-09-03 11:37:43 +02:00
Alexander Graf
8cdd7e911d duh. removed debug 2021-09-02 23:36:49 +02:00
Alexander Graf
34df8b3168 AdminLTE3 optimizations & compression and caching
- fixed copy of qemu-arm-static for alpine
- added 'set -eu' safeguard
- silenced npm update notification
- added color to webpack call
- changed Admin-LTE default blue
  (core/admin/Dockerfile)

- AdminLTE 3 style tweaks
  (core/admin/assets/app.css)
  (core/admin/mailu/ui/templates/base.html)
  (core/admin/mailu/ui/templates/sidebar.html)

- localized datatables
  (core/admin/Dockerfile)
  (core/admin/assets/app.js)
  (core/admin/package.json)

- moved external javascript code to vendor.js
  (core/admin/assets/app.js)
  (core/admin/assets/vendor.js)
  (core/admin/webpack.config.js)

- added mailu logo
  (core/admin/assets/app.js)
  (core/admin/assets/app.css)
  (core/admin/assets/mailu.png)

- moved all inline javascript to app.js
  (core/admin/assets/app.js)
  (core/admin/mailu/ui/templates/domain/create.html)
  (core/admin/mailu/ui/templates/user/create.html)

- added iframe display of rspamd page
  (core/admin/assets/app.js)
  (core/admin/mailu/ui/views/base.py)
  (core/admin/mailu/ui/templates/sidebar.html)
  (core/admin/mailu/ui/templates/antispam.html)

- updated language-selector to display full language names and use post
  (core/admin/assets/app.js)
  (core/admin/mailu/__init__.py)
  (core/admin/mailu/utils.py)
  (core/admin/mailu/ui/views/languages.py)

- added fieldset to group and en/disable input fields
  (core/admin/assets/app.js)
  (core/admin/mailu/ui/templates/macros.html)
  (core/admin/mailu/ui/templates/user/settings.html)
  (core/admin/mailu/ui/templates/user/reply.html)

- added clipboard copy buttons
  (core/admin/assets/app.js)
  (core/admin/assets/vendor.js)
  (core/admin/mailu/ui/templates/macros.html)
  (core/admin/mailu/ui/templates/domain/details.html)

- cleaned external javascript imports
  (core/admin/assets/vendor.js)

- pre-split first hostname for further use
  (core/admin/mailu/__init__.py)
  (core/admin/mailu/models.py)
  (core/admin/mailu/ui/templates/client.html)
  (core/admin/mailu/ui/templates/domain/signup.html)

- cache dns_* properties of domain object (immutable during runtime)
  (core/admin/mailu/models.py)
  (core/admin/mailu/ui/templates/domain/details.html)

- fixed and splitted dns_dkim property of domain object (space missing)
- added autoconfig and tlsa properties to domain object
  (core/admin/mailu/models.py)

- suppressed extra vertical spacing in jinja2 templates
- improved accessibility for screen reader
  (core/admin/mailu/ui/templates/**.html)

- deleted unused/broken /user/forward route
  (core/admin/mailu/ui/templates/user/forward.html)
  (core/admin/mailu/ui/views/users.py)

- updated gunicorn to 20.1.0 to get rid of buffering error at startup
  (core/admin/requirements-prod.txt)

- switched webpack to production mode
  (core/admin/webpack.config.js)

- added css and javascript minimization
- added pre-compression of assets (gzip)
  (core/admin/webpack.config.js)
  (core/admin/package.json)

- removed obsolte dependencies
- switched from node-sass to dart-sass
  (core/admin/package.json)

- changed startup cleaning message from error to info
  (core/admin/mailu/utils.py)

- move client config to "my account" section when logged in
  (core/admin/mailu/ui/templates/sidebar.html)
2021-09-02 22:49:36 +02:00
Alexander Graf
f4e7ce0990 enabled caching, gzip and robots.txt 2021-09-02 20:48:44 +02:00
Alexander Graf
103918ba57 pre-compress assets (*.ico for now) 2021-09-02 20:46:56 +02:00
Alexander Graf
39d7a5c504 pngcrushed images 2021-09-02 20:46:08 +02:00
bors[bot]
71cc8b0a81
Merge #1800
1800: AdminLTE 3 r=mergify[bot] a=DjVinnii

## What type of PR?

Enhancement

## What does this PR do?

This PR implements AdminLTE 3 for the admin interface. It also includes the implementation of DataTables and a language selector.

### Related issue(s)
- closes: #1567
- closes: #1764 

## Prerequistes

- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Vincent Kling <vincentkling@msn.com>
Co-authored-by: DjVinnii <vincentkling@msn.com>
Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
Co-authored-by: Diman0 <diman@huisman.xyz>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2021-09-02 07:42:57 +00:00
bors[bot]
f815075929
Merge #1965
1965: postfix/tls_policy: Use lmdb map instead of hash r=mergify[bot] a=tonobo

## What type of PR?

bug-fix

## What does this PR do?

### Related issue(s)

#1918

https://github.com/Mailu/Mailu/pull/1902/#issuecomment-902108080



Co-authored-by: Tim Foerster <timhormersdorf@googlemail.com>
2021-09-02 07:24:17 +00:00
Tim Foerster
9ec9d4d4fb
postfix/tls_policy: Use lmdb map instead of hash
The alpine postfix package seems to have removed support for btree and hash map type. #1918 
The tls_policy.map stuff has been introduced in #1902 and it has been merged without fixing this before (https://github.com/Mailu/Mailu/pull/1902/#issuecomment-902108080)
2021-09-01 22:40:47 +02:00
Florent Daigniere
d7c2b510c7 Give alpine 3.14.2 a shot 2021-09-01 18:56:44 +02:00
Florent Daigniere
0c4455ccf5 Revert "Rollback to alpine 1.12"
This reverts commit e1ddbb6eec.
2021-09-01 18:53:20 +02:00
Florent Daigniere
fe186afb6f Revert "Switch to openssl to workaround alpine #12763"
This reverts commit f8362d04e4.
2021-09-01 18:52:35 +02:00
Florent Daigniere
4abf49edf4 indent 2021-09-01 09:15:13 +02:00
Florent Daigniere
c1d94bb725 Ensure that postfix will be able to use the TLSA records
see https://www.huque.com/dane/testsite/ for the testcases
2021-09-01 09:01:04 +02:00
Florent Daigniere
ef5f82362c Merge remote-tracking branch 'upstream/master' into policyd-mta-sts 2021-09-01 08:45:13 +02:00
Florent Daigniere
92cc664e82 Cosmetic change 2021-09-01 08:41:59 +02:00
Florent Daigniere
489520f067 forgot about alpine/lmdb 2021-09-01 08:41:39 +02:00
Florent Daigniere
9f66e2672b Use DEFER_ON_TLS_ERROR here too
We just don't know whether the lookup failed because we are under attack
or whether it's a glitch; the safe behaviour is to defer
2021-08-31 20:44:57 +02:00
Florent Daigniere
a1da4daa4c Implement the DANE-only lookup policyd
https://github.com/Snawoot/postfix-mta-sts-resolver/issues/67 for
context
2021-08-31 20:24:06 +02:00