1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Commit Graph

3797 Commits

Author SHA1 Message Date
Florent Daigniere
b28798c74f doh 2022-11-17 18:46:04 +01:00
Florent Daigniere
1bfab1dbfa Maybe fix the test? 2022-11-17 18:32:39 +01:00
Florent Daigniere
6137f93d23 add a GTUBE test to check the antispam 2022-11-17 18:17:41 +01:00
Florent Daigniere
3cb87b6e49 Update entry 2022-11-17 18:10:53 +01:00
Florent Daigniere
e3b875aa6b Well, -i stands for --insecure 2022-11-17 18:09:00 +01:00
Florent Daigniere
3b5b00d87d towncrier 2022-11-17 16:37:17 +01:00
Florent Daigniere
e79d7fed55 Reduce the number of warnings on the CI 2022-11-17 16:21:52 +01:00
Florent Daigniere
699be6f9fa Drop privs when running admin too 2022-11-17 16:03:37 +01:00
Florent Daigniere
42cd5bf2dc Move it to base since admin will also use it 2022-11-17 15:17:24 +01:00
Florent Daigniere
80559ecb71 optimize caching 2022-11-17 14:43:31 +01:00
Florent Daigniere
21b9f76ebc setup doesn't need root 2022-11-17 14:34:55 +01:00
Florent Daigniere
e5a1a353db Upgrade to alpine 3.16.3
This has PHP fixes and a new rspamd
2022-11-17 14:19:22 +01:00
Florent Daigniere
86637f0259 Make setup use the base image 2022-11-17 14:18:51 +01:00
bors[bot]
68bb8da2b7
Merge #2538
2538: Fix the ARM build again r=mergify[bot] a=nextgens

I have double-checked from the builder and this works.

gcc -v from the alpine image tells me that we have  ``--enable-default-pie``

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-17 11:24:25 +00:00
Florent Daigniere
7745420fe0 Fix the ARM build again 2022-11-17 11:25:33 +01:00
bors[bot]
b66f3fe9de
Merge #2537
2537: Fix the armv7 build (again)! r=mergify[bot] a=nextgens

Revert "simplify": ghostwheel42's approach was right
This reverts commit 04f6bd2633.

Without the build still errors-out because of ``set -euxo pipefail``
see https://github.com/Mailu/Mailu/actions/runs/3479399158/jobs/5817902589

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-17 08:46:32 +00:00
Florent Daigniere
b9b0c77d2e Revert "simplify": ghostwheel42's approach was right
This reverts commit 04f6bd2633.
2022-11-17 09:28:26 +01:00
bors[bot]
f43c8c652e
Merge #2483 #2535
2483: Introduce FETCHMAIL_ENABLED r=mergify[bot] a=DjVinnii

## What type of PR?

Enhancement

## What does this PR do?
Add `FETCHMAIL_ENABLED` to enable/disable the Fetchmail functionality in the Admin UI.

### Related issue(s)
- closes #2127

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


2535: fix the linux/arm/v7 build r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

The arm builder is running aarch64 ... and there is no package for arm/v7


Co-authored-by: Vincent Kling <v.kling@vinniict.nl>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-16 12:30:33 +00:00
Dimitri Huisman
8afb544a10
Default FETCHMAIL_ENABLED to False 2022-11-16 12:12:04 +00:00
Florent Daigniere
32f3241569 ensure we have -pie too 2022-11-16 12:47:43 +01:00
Florent Daigniere
7ab3d8f9fe There is no good reason not to export them is the base image too 2022-11-16 12:34:45 +01:00
Florent Daigniere
aa44a42654 ensure we compile the wheels with bells and whistles too 2022-11-16 12:33:05 +01:00
Florent Daigniere
04f6bd2633 simplify 2022-11-16 12:23:14 +01:00
Florent Daigniere
d43e7f72df ghostwheel42's suggestion 2022-11-16 11:55:12 +01:00
Florent Daigniere
1f895d5f82 ghostwheel42's suggestion 2022-11-16 11:53:52 +01:00
Florent Daigniere
031a157ad9 fix the linux/arm/v7 build 2022-11-15 17:25:44 +01:00
bors[bot]
04a196c417
Merge #2525 #2534
2525: Switch to GrapheneOS's hardened_malloc r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

Switch to GrapheneOS's hardened_malloc

This was suggested during the dev meeting of the 18/09/22.

It may break things and it may make things unbearably slow... but it should also make the exploitation of memory corruption bugs a lot harder.

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


2534: Close #2533: document SQLALCHEMY_DATABASE_URI r=mergify[bot] a=nextgens

## What type of PR?

documentation

## What does this PR do?

document SQLALCHEMY_DATABASE_URI

### Related issue(s)
- closes #2533

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-15 12:28:19 +00:00
bors[bot]
40bdf7a6d9
Merge #2530
2530: disable SESSION_COOKIE_SECURE when TLS_FLAVOR=notls r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

People are unlikely to proxy everything

### Related issue(s)
- closes #2527

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-15 12:20:49 +00:00
bors[bot]
3b150ff9a4
Merge #2532
2532: Allow JS debugging, speed-up asset-build, disable redirect-debug. r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

Another bugfix to the run_dev.sh helper

Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2022-11-15 11:49:36 +00:00
Florent Daigniere
b9e5560fb6 Better way to express the same thing
Thanks @ghostwheel42
2022-11-15 12:47:38 +01:00
Florent Daigniere
63513608b9 Close #2533: document SQLALCHEMY_DATABASE_URI 2022-11-15 11:17:15 +01:00
Florent Daigniere
66de1dcec8 Change the logic
The idea here is that if you have set SESSION_COOKIE_SECURE we should
honor that... and if you haven't we should try to do the right thing.
2022-11-15 10:47:20 +01:00
Florent Daigniere
81628149a2 don't fake the library 2022-11-15 09:17:06 +01:00
Florent Daigniere
9b2f018be6 add --no-cache 2022-11-15 09:09:47 +01:00
Florent Daigniere
76f8517e00 This is still required (as TLS_FLAVOR isn't set) 2022-11-14 19:38:17 +01:00
Alexander Graf
6b470ac403
Allow proper JS debugging, speed-up assets dev-build, disable redirect-debug by default. 2022-11-14 17:40:26 +01:00
Florent Daigniere
7aad1158fb @ghostwheel42 will fix it in another PR 2022-11-14 17:31:31 +01:00
Florent Daigniere
a566cb07d6 fix 2022-11-14 16:51:05 +01:00
Florent Daigniere
08b3a2814b Merge branch 'master' of https://github.com/Mailu/Mailu into notls 2022-11-14 16:50:46 +01:00
bors[bot]
d8e2a2960b
Merge #2531
2531: run_dev.sh: Use FLASK_DEBUG, fix assets, show startup errors. r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

fixes bug in run_dev.sh

Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2022-11-14 14:49:13 +00:00
Alexander Graf
b0b64a8e63
Use FLASK_DEBUG, fix assets, show startup errors. 2022-11-14 15:44:12 +01:00
Florent Daigniere
505bb79a78 Don't set the secure Cookie flag if TLS_FLAVOR=notls 2022-11-14 15:11:11 +01:00
Florent Daigniere
455180043d doh 2022-11-14 09:34:43 +01:00
bors[bot]
8a90f83bd0
Merge #2514
2514: Update deps r=mergify[bot] a=ghostwheel42

## What type of PR?

update python dependencies

## What does this PR do?

Update python deps in base image


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2022-11-11 15:53:25 +00:00
Florent Daigniere
f11c451403 Restrict it to arch where there is a package 2022-11-11 14:12:54 +01:00
Florent Daigniere
97df65e9ef Switch to GrapheneOS's hardened_malloc
This was suggested during the dev meeting of the 18/09/22.

It may break things and it may make things unbearably slow
2022-11-11 13:56:04 +01:00
bors[bot]
8d392e8056
Merge #2524
2524: Update the webmail images r=mergify[bot] a=Diman0

Update the webmail images.
Roundcube
  - Switch to base image (alpine)
  - Switch to php-fpm

SnappyMail
  - Switch to base image
  - Upgrade php7 to php8.

## What type of PR?

Feature

## What does this PR do?
Update the webmail images.
Roundcube
  - Switch to base image (alpine)
  - Switch to php-fpm

SnappyMail
  - Switch to base image
  - Upgrade php7 to php8.

### Related issue(s)
- closes #1521

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2022-11-11 12:38:46 +00:00
Dimitri Huisman
0e5443a867
Update php8 to php81. Update snappymail to 2.19.4 2022-11-11 12:08:27 +00:00
Dimitri Huisman
59c5b152b2
Switch to using set -euxo pipefail for better error handling
-e immediately exit when a command fails. No further commands are processed.
-o pipefail, if a series of piped commands fail, do NOt return the last commands returncode, but DO return the return code of the failing command in the pipeline series
-u, raise an error when an unset variable is used. Not using this results in an empty value being used and the script being executed differently without you knowing why.
-x, print each command before executing it. Actual arguments are expanded. So you see the command with the actual parameter values. This is printed in red in the buildx log output.
2022-11-11 09:10:45 +01:00
Dimitri Huisman
f6cdfb3392
Allow Healthcheck requests over IPv6 2022-11-11 08:40:07 +01:00