1
0
mirror of https://github.com/Mailu/Mailu.git synced 2025-06-15 00:05:11 +02:00
Commit Graph

317 Commits

Author SHA1 Message Date
a875d7fe6a Fix #3450 2024-09-12 10:43:49 +02:00
c4f457e7f9 Fix 3420 - fixed syntax errors in certwatcher.py 2024-09-09 13:01:12 +00:00
a1d19897be Merge #3308
3308: Update network graph r=mergify[bot] a=nextgens

## What type of PR?

documentation

## What does this PR do?

### Related issue(s)

Update network graph, fix fetchmail when PROXY_PROTOCOL_25 is set

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2024-08-11 16:30:31 +00:00
98f671dc2e Do the same with Client-Ip 2024-08-08 11:18:50 +02:00
ee243ea735 Fix #3364 2024-08-08 09:35:27 +02:00
3309464605 Merge #3307
3307: ports not in PORTS should not be bound r=nextgens a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Ensure we only bind ports that do feature in PORTS.
Previously we would bind ports 110 and 143 even though we shouldn't have.

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2024-06-26 11:48:19 +00:00
5be25b5887 do not put real_ip_recursive within the for-loop 2024-06-25 13:34:17 +02:00
28f3b60615 nginx should recursively set the realip until the first no trusted address is found 2024-06-25 12:38:51 +02:00
0ff18c6079 Handle the case where PROXY_PROTOCOL_25 is set 2024-06-24 09:46:06 +02:00
5fb44bd719 Don't let people disable 465 and 993
This is what we use for the other type of autoconfig... and really what
everyone should be using.
2024-06-22 10:23:14 +02:00
b7dcf45267 ports not in PORTS should not be bound 2024-06-22 10:16:15 +02:00
89ff26660f better 2024-06-19 15:35:44 +02:00
e9db8c4509 another one
nginx: [warn] the "listen ... http2" directive is deprecated, use the "http2" directive instead in /etc/nginx/nginx.conf:90
2024-06-19 14:54:57 +02:00
12c1affc05 remove another warning
ERROR:root:Not sure what to do with  in PROXY_PROTOCOL (None)
2024-06-19 14:52:43 +02:00
52e02d4c56 Update core/nginx/dovecot/proxy.conf
Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
2024-06-09 11:59:12 +02:00
c63bd0ce38 Update core/nginx/conf/nginx.conf
Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
2024-06-09 11:59:05 +02:00
614042344d document 2024-04-08 09:46:39 +02:00
c701358c9d simplify 2024-04-08 09:09:43 +02:00
e0b64a9e54 simplify config with TLS, PORTS and PROXY_PROTOCOL 2024-04-06 18:00:57 +02:00
494147eedf Need newer cryptography 2024-03-10 16:17:49 +01:00
86adf07461 Ensure we always send an ISRG root for DANE 2024-03-10 12:19:40 +01:00
dec5fecdb4 Ensure that nginx and dovecot are reloaded 2024-03-05 10:12:45 +01:00
60b9ff0090 Fixed log filter not filtering out log messages for dovecot/nginx/postfix.
Fixed postfix not logging to standard out.
Fixed not all containers logging to journald.
Removed POSTFIX_LOG_FILE functionality. Added documentation on how to achieve the same (log to file) via journald & rsyslogd (see new FAQ entry 'How can I view and export the logs of a Mailu container?').
2023-10-27 14:10:13 +00:00
055b216627 log.critical() where useful 2023-10-17 14:05:08 +02:00
9f93ed6593 Fix letsencrypt on master 2023-10-17 13:58:38 +02:00
eb44783eb2 we need this in front too 2023-10-09 17:41:04 +02:00
5230c28713 Fix letsencrypt on master 2023-10-06 13:48:09 +02:00
585549ce92 Merge #2924
2924: Remove the usage of capabilities, use port 8080 for admin r=nextgens a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

In the real world users can't get them to work... I wonder if they use patched-up kernels or if xattrs are lost somehow... in any case, we can do without capabilities so let's do that.

Ensure that dovecot doesn't attempt to bind a v6 socket if SUBNET6 is not configured

Also, document that systemd-resolve may cause trouble with DNSSEC.

### Related issue(s)
- closes #2906
- closes #2913

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-08-29 06:19:42 +00:00
8d4abe55ed doh 2023-08-29 08:18:45 +02:00
45ef205887 Serve actual content as requested in review 2023-08-28 17:43:20 +02:00
b2a5a80e12 Ensure that dovecot doesn't bind v6 if not required 2023-08-28 11:56:25 +02:00
562cd8c135 Remove the usage of capabilities use port 8080
In the real world users can't get them to work...
2023-08-28 11:34:51 +02:00
e7e169f1c1 Fix the obvious issue 2023-08-09 19:10:07 +02:00
f3cd401450 PROXY_PROTOCOL=all-but-http for traefik 2023-08-09 15:31:14 +02:00
64ce3d1c96 Implement a busy loop for letsencrypt 2023-08-09 15:28:07 +02:00
f143aa3dc8 Use dovecot-proxy where appropriate 2023-06-05 10:23:30 +02:00
589c426601 Merge #2818
2818: Improve auth-related logging r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Improve auth-related logging

### Related issue(s)
- closes #2803 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2023-05-30 09:01:42 +00:00
632fe1908a Rename as requested by reviewer 2023-05-10 09:54:56 +02:00
7d39741c47 Make webmails use a different port without proxy protocol 2023-05-09 12:06:04 +02:00
a9c92f19ef Add this endpoint back too 2023-05-09 09:54:52 +02:00
2e26c7ad80 change healtcheck again 2023-05-09 09:51:53 +02:00
6ee913502e Improve auth-related logging 2023-05-06 17:37:16 +02:00
88f7ab48f7 Deal with certwatcher too 2023-04-27 09:26:24 +02:00
1d0c4e67aa noticket 2023-04-23 09:11:58 +02:00
5d93ae205e Simplify the health-check 2023-04-21 17:36:24 +02:00
e6b9285f86 Send rport too 2023-04-21 11:04:08 +02:00
d4bc99626f Ensure we log rport 2023-04-21 10:29:28 +02:00
0025d06c4e maybe fix healthcheck 2023-04-21 10:08:32 +02:00
915c1a75f1 Make it generic. Should we implement TARPIT? 2023-04-21 09:21:11 +02:00
2d8b2b15fe tweak-logs 2023-04-21 09:13:11 +02:00