1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-16 10:59:53 +02:00
Commit Graph

3561 Commits

Author SHA1 Message Date
bors[bot]
3327500f96
Merge #2221
2221: Add support for custom NGINX config r=mergify[bot] a=easybe

## What type of PR?

enhancement

## What does this PR do?

Add support for custom NGINX config. Including *.conf files in /etc/nginx/conf.d same as the default NGINX configuration gives the user more flexibility.

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Ezra Buehler <ezra@easyb.ch>
2022-08-17 18:18:29 +00:00
bors[bot]
1069c02bc8
Merge #2357
2357: Switch to ffdhe3072 to enable RFC 7919 r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

The idea being:
- it's a "nothing up my sleeves" group
- it may help shave off some bytes of the SSL handshake; That being said, I doubt that clients that are modern enough to support this RFC won't offer an EC kex

https://raw.githubusercontent.com/internetstandards/dhe_groups/master/ffdhe3072.pem

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-08-17 17:58:07 +00:00
bors[bot]
3993a6d288
Merge #2415
2415: Update roundcube to 1.5.3 and rcmcarddav plugin r=mergify[bot] a=willofr

## What type of PR?
Bugfix

## What does this PR do?
Updates:
- roundcube to 1.5.3: https://github.com/roundcube/roundcubemail/releases/tag/1.5.3
- rcmcarddav plugin to 4.4.2

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Will <will@packer-output-c8fcfb40-3d93-4475-8f87-e14a9dd683b6>
Co-authored-by: willofr <willofr@users.noreply.github.com>
2022-08-17 17:24:42 +00:00
willofr
a7d7d2ece1
Create 2415.bugfix 2022-08-14 23:09:17 +02:00
Will
72a5bbf53d Update roundcube to 1.5.3 and rcmcarddav plugin 2022-08-14 21:01:56 +00:00
bors[bot]
4894c555d1
Merge #2409
2409: Fix error in reverse proxy example for how to include nginx override. r=mergify[bot] a=Diman0


## What type of PR?

documentation

## What does this PR do?
The reverse proxy documentation contained an error in an example section. The nginx override file is incorrectly overridden in the sample. Also clarified how the file is included and that you should define location blocks (because it is included in the main mailu server block).

### Related issue(s)
- closes #2232 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [n/a] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2022-08-13 14:01:49 +00:00
Dimitri Huisman
a54baeff00 Fixed error in reverse.rst and remove unneeded example block. 2022-08-05 15:42:37 +00:00
bors[bot]
0a439891ee
Merge #2408
2408: Remove the misleading text in mailu.env that zstd and lz4 are supported r=Diman0 a=Diman0

## What type of PR?

bug-fix

## What does this PR do?
Remove the misleading text in mailu.env that zstd and lz4 are supported  for dovecot mail compression.
Zstd and lz4 are not supported. The reason is that the alpine project does not compile this into the dovecot package.
Users who want this functionality, can kindly request the alpine project to compile dovecot with lz4&zstd support.

### Related issue(s)
- closes #2139

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2022-08-05 14:26:18 +00:00
Dimitri Huisman
aae10e856b Add newsfragment for bugfix for issue 2139 2022-08-05 13:42:42 +00:00
Dimitri Huisman
10c02c0a32 Fix error in reverse proxy example for how to include nginx override.
Also clarified where the file is included in the nginx configuration file.
2022-08-05 13:39:12 +00:00
Dimitri Huisman
bfbdfbe312 Remove the misleading text in mailu.env that zstd and lz4 are supported for dovecot mail compression.
Zstd and lz4 are not supported. The reason is that the alpine project does not compile this
into the dovecot package.
Users who want this funcionality, can kindly request the alpine project to compile dovecot
with lz4&zstd support.
2022-08-05 13:19:31 +00:00
bors[bot]
e910bfd71d
Merge #2407
2407: Fix small typo in config-import example template r=mergify[bot] a=Diman0

## What type of PR?

documentation fix

## What does this PR do?
Fixes a small typo in the full yaml template example  for the config-import. The entry ``alias:`` was incorrectly displayed as ``aliases:``.

### Related issue(s)
- closes #2387 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ n/a ] In case of feature or enhancement: documentation updated accordingly
- [ n/a ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2022-08-05 08:09:59 +00:00
Dimitri Huisman
28e409f5ea Fix small typo in config-import example template 2022-08-05 07:17:45 +00:00
bors[bot]
bae15c0af3
Merge #2404
2404: Forwarding emails option in user settings did not support 1 letter do… r=mergify[bot] a=Diman0

…mains.

## What type of PR?

Bug-fix

## What does this PR do?

Forwarding emails option in user setting did not support 1 letter domains. The regex for checking the validity of  multiple email addresses string has been modified to allow 1 letter domains and to allow 1 letter local part.

### Related issue(s)
- closes #2402 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2022-08-04 15:33:11 +00:00
Dimitri Huisman
57865495d4 Forwarding emails option in user settings did not support 1 letter domains. 2022-08-04 14:51:20 +00:00
bors[bot]
51945aa316
Merge #2397
2397: Fix resolving alias addresses for postfix when target is a punycode domain r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

- fix splitting of localpart in resolve_destination
- idna-enode domain-part of email addresses before returning to postfix

### Related issue(s)
- closes #2393


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2022-08-04 14:47:00 +00:00
Dimitri Huisman
ae18217e07 Fix adding -arm tag correctly to PINNED_MAILU_VERSION in arm.yml. 2022-08-03 13:15:32 +00:00
Dimitri Huisman
4bb0bd8fb2 Forgot to update snappymail test 2022-08-03 11:45:01 +00:00
Dimitri Huisman
7e21ab4007 Merge master cont'd 2022-08-03 09:48:54 +00:00
Dimitri Huisman
3aafecafe7 Merge branch 'master' into feat-switch-buildx 2022-08-03 09:45:20 +00:00
Dimitri Huisman
f6de2b2938 Switch from docker build to buildx for CI/CD.
- The main workflow file has been optimised and simplified.
- Images are built in parallel when building locally resulting in faster build times.
- The github action workflow is about 50% faster.
- Arm images are built as well. These images are not tested due to restrictions of github actions (no arm runners). The tags of the images have -arm appended to it.
- Arm images can also be built locally.
- Reusable workflow is introduced for building, testing and deploying the images.
  This allows the workflow to be reused for other purposes in the future.
- Workflow can be manually triggered. This allows forked Mailu projects to also use the workflow for building images.
2022-08-03 09:36:53 +00:00
bors[bot]
cb70f10a49
Merge #2391
2391: Documentation fixes r=mergify[bot] a=adamward-git

## What type of PR?

(documentation)

## What does this PR do?
Spelling corrections, gammar fixes.

### Related issue(s)
N/A

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

N/A

Co-authored-by: Adam Ward <awjob@internode.on.net>
Co-authored-by: adamward-git <82577349+adamward-git@users.noreply.github.com>
2022-07-29 13:17:24 +00:00
adamward-git
89cc6e0716
Update requirements.rst
Fix grammar.
2022-07-29 20:42:04 +08:00
bors[bot]
238daef6d8
Merge #2295
2295: Switch from Rainloop to SnappyMail r=mergify[bot] a=Diman0

## What type of PR?

Feature

## What does this PR do?
As discussed in the project meeting (#1582), we decided we want to switch from Rainloop to an alternative. Rainloop has multiple open security issues which were not patched for a long time. 

We decided to switch to SnappyMail because it is more secure and based on RainLoop. This means that users using RainLoop will still have a webmail that looks familiar for them.

This PR replaces RainLoop with SnappyMail.

### Related issue(s)
- #2215 
- #1582

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2022-07-28 16:14:19 +00:00
bors[bot]
d0a5ea6427
Merge #2395
2395: fix FAQ typo r=mergify[bot] a=rayrrr

## What type of PR?

documentation

## What does this PR do?

Fix a typo: stripped as in whitespace, not striped as in tiger :)

Co-authored-by: Ray <7869818+rayrrr@users.noreply.github.com>
2022-07-28 14:30:11 +00:00
Alexander Graf
c478e26d68
Encode domain part of email addresses before returning. 2022-07-28 16:21:34 +02:00
Alexander Graf
5179cf0618
Fix localpart splitting and make code more readable. 2022-07-28 16:20:01 +02:00
adamward-git
b4df9407d0
Update general.rst
Component changing sentence correction.
2022-07-28 20:02:51 +08:00
adamward-git
a91e0a47eb
Update faq.rst
Fix broken archive.org link.
My preference is still to use archive.org in case the original blog post goes away.
2022-07-28 19:56:46 +08:00
adamward-git
58170b4f0a
Update database.rst
Spelling correction.
See https://writingexplained.org/incase-or-in-case-difference 
"Incase is a misspelling of encase"
2022-07-28 19:44:31 +08:00
Ray
8e8c4937da
fix FAQ typo
Stripped as in whitespace, not striped as in tiger
2022-07-27 20:44:10 -04:00
adamward-git
1d9c29cb8d
Update setup.rst
Revert block edit.
2022-07-26 19:29:46 +08:00
adamward-git
c72b3a0d33
Update guidelines.rst 2022-07-26 18:27:22 +08:00
Adam Ward
c423eabc07 Documentation:
- spelling corrections
 - minor grammar changes.
2022-07-26 18:16:18 +08:00
Dimitri Huisman
2a527a38cf Deny access to hidden files for snappymail 2022-07-15 14:34:39 +00:00
bors[bot]
e50f6c58c0
Merge #2360
2360: roundcube: disable apache2 access log r=mergify[bot] a=pommi

## What type of PR?

bug-fix

## What does this PR do?

It disables the access log of apache2 in the roundcube webmail container. Requests are already logged by the front container. The requests logged in the roundcube container contained contained the wrong client IP: the IP address of the front container.

----

Original PR:

~~Roundcube webmail is accessed through the nginx reverse proxy in the front container. Each access logline logged by apache2 in the roundcube container did not contain the actual client IP address, but the IP address of the front container, for example:~~

```
192.168.203.3 - - [28/May/2022:12:33:52 +0000] "POST /?_task=mail&_action=refresh HTTP/1.1" 200 677 "https://[REDACTED]/roundcube/?_task=mail&_mbox=INBOX" "Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101 Firefox/100.0"
^
IP address of the front container
```

~~By enabling the apache2 remoteip module and configuring it to get the actual client IP address from the X-Forwarded-For header, it logs the correct client IP address to the access log.~~

### Related issue(s)
- None

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

**No changelog or documentation necessary for this minor change.**


Co-authored-by: Pim van den Berg <pim@nethuis.nl>
2022-07-07 09:18:58 +00:00
bors[bot]
3844339899
Merge #2364
2364: Update Dockerfile r=mergify[bot] a=twekkel

apt is intended for interactive usage, for scripts use apt-get (https://manpages.debian.org/bullseye/apt/apt.8.en.html) to avoid warnings.

## What type of PR?

minor enhancement

## What does this PR do?

replace apt with apt-get to avoid below warning

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.


## Prerequisites

-

Co-authored-by: Eddy Vervest <57325478+twekkel@users.noreply.github.com>
2022-07-06 16:12:15 +00:00
Dimitri Huisman
ee78a34da4 Process code review feedback
Remove unneeded IF statement in /admin block in nginx.conf of front.
Fix contributions made to Dockerfile, add missing trailing \ and add back curl
Change healthcheck to monitoring page of fpm. Now we check nginx and fpm.
2022-07-06 13:42:13 +00:00
Dimitri Huisman
9d0c49a844 Merge branch 'feature-switch-snappymail' of github.com:Diman0/Mailu into feature-switch-snappymail 2022-07-06 13:28:55 +00:00
Dimitri Huisman
d19208d3d1 Merge branch 'master' of github.com:Mailu/Mailu into feature-switch-snappymail 2022-07-06 12:35:21 +00:00
bors[bot]
e91f28082b
Merge #2384
2384: Re-enable the built-in nginx resolver for traffic going through the mail plugin r=mergify[bot] a=Diman0

## What type of PR?

Bug-fix

## What does this PR do?
Re-enable the built-in nginx resolver for traffic going through the mail plugin
This is required for passing rDNS/ptr information to postfix.
The mail proxy uses the resolver info for passing XCLIENT info.
See http://nginx.org/en/docs/mail/ngx_mail_proxy_module.html#xclient
Without this info rspamd will flag all messages with DHFILTER_HOSTNAME_UNKNOWN due to the missing rDNS/ptr info.

Yes this re-introduces these `cannot resolve` error  messages. If we really want to get rid of these, then we can consider logging to a rsyslog daemon where we filter out these messages.

### Related issue(s)
- Auto close an issue like: closes #2368

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2022-07-06 09:18:32 +00:00
Dimitri Huisman
4b491d9de5 Re-enable the built-in nginx resolver for traffic going through the mail plugin.
This is required for passing rDNS/ptr information to postfix.
The mail proxy uses the resolver info for passing XCLIENT info.
See http://nginx.org/en/docs/mail/ngx_mail_proxy_module.html#xclient
Without this info rspamd will flag all messages with DHFILTER_HOSTNAME_UNKNOWN due to the missing rDNS/ptr info.
2022-07-06 08:51:59 +00:00
Pim van den Berg
6f884c6c93 roundcube: disable access log
As per discussion in #2360: The front container (nginx reverse proxy) is
already logging all requests, disable the access logs for apache2 in the
roundcube container completely.
2022-06-16 14:26:27 +02:00
bors[bot]
519ef804a7
Merge #2370
2370: Fix docs build error r=mergify[bot] a=Diman0

Set language to English for sphinx in conf.py

The docs have always been generated with the option to treat warnings as errors. 
Recently (due to an update?) sphinx-build reports using language=None as a warning. It is expected that a specific
language is set. This causes the build to fail. ALL open PR's are affected by this.
```
Warning, treated as error:
Invalid configuration value found: 'language = None'. Update your configuration to a valid langauge code. Falling back to 'en' (English).
```


## What type of PR?

bug-fix



Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2022-06-07 13:07:32 +00:00
Dimitri Huisman
5ef383f572 Set language to English for sphinx in conf.py.
The docs have always been generated with the option to treat
warnings as errors. Recently sphinx-build reports using
language=None as a warning. It is expected that a specific
language is set.
2022-06-07 11:20:07 +00:00
Eddy Vervest
baea3d4086
Update Dockerfile
missed this one
2022-05-30 19:18:35 +02:00
Eddy Vervest
c4c442d000
Update Dockerfile
apt is intended for interactive usage, for scripts use apt-get (https://manpages.debian.org/bullseye/apt/apt.8.en.html) to avoid warnings.
2022-05-30 18:38:32 +02:00
bors[bot]
c2d85ecc32
Merge #2325
2325: postfix: wrap IPv6 CIDRs in square brackets for RELAYNETS r=mergify[bot] a=pommi

## What type of PR?

bug-fix

## What does this PR do?

This PR wraps IPv6 CIDRs in the `RELAYNETS` environment variable in square brackets for the postfix configuration.

The `RELAYNETS` environment variable is used for configuring both postfix `mynetworks` and rspamd `local_networks`. Postfix requires IPv6 addresses to be wrapped in square brackets (eg. `[2001:db8::]/64`).

When an IPv6 address is not wrapped in square brackets in the postfix configuration for `mynetworks` it results in this error while processing an incoming email from an IPv6 sender:
```
postfix/smtpd[340]: warning: 2001:db8::/64 is unavailable. unsupported dictionary type: 2001
postfix/smtpd[340]: warning: smtpd_client_event_limit_exceptions: 2001:db8::/64: table lookup problem
```

The sender sees an error and the incoming email is refused:
```
451 4.3.0 <unknown[2001:xxx:xxx:xxx:xxx:xxx:xxx:xxx]>: Temporary lookup failure
```

I tried to work around this issue by wrapping the IPv6 CIDR in square brackets in the `RELAYNETS` environment variable, but it segfaults rspamd, because it can't deal with this non-standard IPv6 notation used by postfix:
```
kernel: [4305632.603704] rspamd[1954299]: segfault at 0 ip 00007fb848983871 sp 00007ffe02cc6d1
8 error 4 in ld-musl-x86_64.so.1[7fb848948000+48000]
```

### Related issue(s)
- #2293
- #2272

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

**No changelog or documentation necessary for this minor change.**

Co-authored-by: Pim van den Berg <pim@nethuis.nl>
2022-05-28 14:13:40 +00:00
Pim van den Berg
e8b7d6afed roundcube: log actual client ip by using apache2 remoteip
Roundcube webmail is accessed through the nginx reverse proxy in the
front container. Each access logline logged by apache2 in the roundcube
container did not contain the actual client IP address, but the IP
address of the front container, for example:

> 192.168.203.3 - - [28/May/2022:12:33:52 +0000] "POST /?_task=mail&_action=refresh HTTP/1.1" 200 677 "https://[REDACTED]/roundcube/?_task=mail&_mbox=INBOX" "Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101 Firefox/100.0"
  ^
  IP address of the front container

By enabling the apache2 remoteip module and configuring it to get the
actual client IP address from the X-Forwarded-For header, it logs the
correct client IP address to the access log.
2022-05-28 15:02:47 +02:00
Pim van den Berg
d495052b52 postfix: wrap IPv6 CIDRs in square brackets for RELAYNETS
The RELAYNETS environment variable is used for configuring both postfix
`mynetworks` and rspamd `local_networks`. Postfix requires IPv6
addresses to be wrapped in square brackets (eg. [2001:db8::]/64).
2022-05-26 20:11:02 +02:00