1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Commit Graph

127 Commits

Author SHA1 Message Date
Dimitri Huisman
36069e3e06
Fix access to radicale 2023-03-28 20:01:43 +00:00
score
bcf2dd8794
Start unbound with intended arguments
Unbound looked like it was meant to be started as if by `unbound -c /etc/unbound/unbound.conf`, but instead the string `-c /etc/unbound/unbound.conf` was set as argv[0] of the unbound command, meaning it is never parsed.
2023-02-16 01:31:16 +00:00
Alexander Graf
25635396e7
Bind webdav to port only 2023-01-28 19:40:26 +01:00
Florent Daigniere
9d555b0eec Don't expose any port (suggestion from ghost) 2023-01-04 19:19:43 +01:00
Florent Daigniere
108958cabb drop privs better 2022-12-23 10:58:06 +01:00
Florent Daigniere
e42d029c25 normalize booleans 2022-12-08 17:41:33 +01:00
Florent Daigniere
4e3874b0c1 Enable dynamic resolution of hostnames 2022-12-08 13:00:50 +01:00
bors[bot]
553b02fb3d
Merge #2529
2529: Improve fetchmail r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Improve fetchmail:
- allow delivery via LMTP (faster, bypassing the filters)
- allow several folders to be retrieved
- run fetchmail as non-root
- tweak the compose file to ensure we have all the dependencies

### Related issue(s)
- closes #1231 
- closes #2246 
- closes #711

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2022-11-21 09:28:15 +00:00
bors[bot]
f43c8c652e
Merge #2483 #2535
2483: Introduce FETCHMAIL_ENABLED r=mergify[bot] a=DjVinnii

## What type of PR?

Enhancement

## What does this PR do?
Add `FETCHMAIL_ENABLED` to enable/disable the Fetchmail functionality in the Admin UI.

### Related issue(s)
- closes #2127

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


2535: fix the linux/arm/v7 build r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

The arm builder is running aarch64 ... and there is no package for arm/v7


Co-authored-by: Vincent Kling <v.kling@vinniict.nl>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2022-11-16 12:30:33 +00:00
Florent Daigniere
385b6ac85d Use string formatting 2022-11-14 16:47:43 +01:00
Florent Daigniere
08a9ab9a56 Improve fetchmail 2022-11-14 12:18:35 +01:00
Vincent Kling
728afdd34a Add basic logging for FETCHMAIL_ENABLED and FETCHMAIL_DELAY 2022-11-08 16:51:35 +01:00
Vincent Kling
4a74cd9afe Resolve conflict 2022-11-08 11:56:08 +01:00
Vincent Kling
6901b0f05e Implement FETCHMAIL_ENABLED in fetchmail.py 2022-11-08 11:47:20 +01:00
Alexander Graf
146921f619
Move curl to base image 2022-10-14 14:34:58 +02:00
Alexander Graf
4c1071a497
Move all requirements*.txt to base image 2022-10-14 14:34:27 +02:00
Alexander Graf
a29f066858
Move even more python deps to base image 2022-10-12 16:32:27 +02:00
Dimitri Huisman
d19208d3d1 Merge branch 'master' of github.com:Mailu/Mailu into feature-switch-snappymail 2022-07-06 12:35:21 +00:00
Alexander Graf
bb0a96c6f7
Add pytz module 2022-04-11 12:38:19 +02:00
Will
a54a784168 Update alpine-linux to 3.14.5 - Zlib security FIX 2022-03-30 09:08:28 +00:00
Dimitri Huisman
f2f859280c Merge remote-tracking branch 'origin/master' into feature-switch-snappymail 2022-03-22 09:14:53 +00:00
Dimitri Huisman
9519d07ba2 Switch from RainLoop to SnappyMail 2022-03-22 09:04:56 +00:00
Will
d02296c3bc Update alpine-linux to 3.14.4 - OpenSSL security FIX 2022-03-17 10:40:42 +00:00
Will
b2abbc8856 update Dockerfile to alpine 3.14.3 2021-12-22 09:19:44 +00:00
Dimitri Huisman
2efad07c0b Merge branch 'master' of github.com:Diman0/Mailu into remove-mailu-postgresql 2021-12-15 10:00:47 +00:00
bors[bot]
08be233607
Merge #2058
2058: Implement versioning for CI/CD workflow. r=mergify[bot] a=Diman0

## What type of PR?

Feature!

## What does this PR do?
This PR introduces 3 things
- Add versioning (tagging) for branch x.y (1.8). E.g. 1.8.0, 1.8.1 etc.
  - docker repo will contain x.y (latest) and x.y.z (pinned version) images.
  - The X.Y.Z tag is incremented automatically. E.g. if 1.8.0 already exists, then the next merge on 1.8 will result in the new tag 1.8.1 being used.
- Make the version available in the image.
  -  For X.Y and X.Y.Z write the version (X.Y.Z) into /version on the image and add a label with version=X.Y.Z
	  -  This means that the latest X.Y image shows the pinned version (X.Y.Z e.g. 1.8.1) it was based on. Via the tag X.Y.Z you can see the commit hash that triggered the built.
  -  For master write the commit hash into /version on the image and add a label with version={commit hash}
-  Automatic releases. For x.y triggered builts (e.g. merge on 1.9) do a new github release for the pinned x.y.z (e.g. 1.9.2). 
  -  Release shows a static message (see RELEASE_TEMPLATE.md) that explains how to reach the newsfragments folder and change the branch to the tag (x.y.z) mentioned in the release. Now you can get the changelog by reading all newsfragment files in this folder.

This PR does not change anything to our workflow (what we (human persons) do). Our processes are still exactly the same. The above introduced logic is automatic. When we backport to X.Y all the magic for creating the pinned version X.Y.Z is handled by the CI/CD workflow.

### Related issue(s)
- closes #1182

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.

## Testing
Suggested testing steps. This should cover all situations including BORS. It does require that you use your own docker repo or temporarily create a new one.
Suggested testing steps.
1. Create new github repo.
2. Add the required docker secrets to the project (see beginning of CI.yml for the secret names), DOCKER_UN, DOCKER_PW, DOCKER_ORG, DOCKER_ORG_TESTS.
3. Clone the project.
4. Copy the contents of the PR to the cloned project.
5. Push to your new github repo.
6. Now master images are built. Check that images with tag master are pushed to your docker repo
7. Check with docker inspect nginx:master that it has the label version={commit hash}.
8. Run an image, run `docker-compose exec <name> cat /version`. Note that /version also contains the pinned version. For master the pinned version is the commit hash.
9. Create branch 1.8. 
10. Push branch 1.8 to repo.
11. Note that tags 1.8 and 1.8.0 are built and pushed to docker repo
12. Inspect label and /version. Note that 1.8 and 1.8.0 both show version 1.8.0.
13. Push another commit to branch 1.8.
14. Note that tags 1.8 and 1.8.1 are built and pushed to docker repo
15. Inspect label and /version. Note that 1.8 and 1.8.1 both show version 1.8.1.
16. Let's check BORS stuff.
17. Create branch testing.
18. Push the commit with the exact commit text (IMPORTANT!!): `Try #1234:`'.
19. Note that images are built and pushed for tag `pr-1234`.
20. Inspect label and /version. Note that the version is `pr-1234`.
20. Create branch staging.
21. Push the commit with commit text: `Merge #1234`.
22. Note that this image is not pushed to docker (as expected).

but you could also check the GH repo and docker repo I used:
https://github.com/Diman0/Mailu_Fork
https://hub.docker.com/r/diman/rainloop/tags

Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2021-12-15 09:29:08 +00:00
Dimitri Huisman
1eeffe29c0 Remove Mailu PostgreSQL. Make roundcube database configurable via setup. Fix #1838. 2021-12-01 15:59:47 +00:00
Alexander Graf
602accfba7
fixed ipv6 access-control 2021-11-23 10:17:51 +01:00
Dimitri Huisman
f7677543c6 Process code review remarks
- Moved run to bottom of Dockerfile to allow using unmodified / cached states.
- Simplified bash code in deploy.sh.
- Improved the large bash one-liner in CI.yml. It could not handle >9 for 1.x.
2021-11-18 17:21:56 +00:00
Dimitri Huisman
56dd70cf4a Implement versioning for CI/CD workflow (see #1182). 2021-11-17 20:00:04 +00:00
Dimitri Huisman
d7d02152bb Make fetchid file not hidden. 2021-11-13 14:40:22 +00:00
Dimitri Huisman
92e65b33e0 Configure fetchmail to use idfile to keep track of messages.
Run fetchmail as root. This is unfortunately required because
all files are owned by root in the mailu data folder.
In the future  we must switch all images to running all
all processes with a non-root user.
2021-11-10 09:07:03 +00:00
Dimitri Huisman
2404cf2e3d Fix for issue #1223 2021-11-09 14:10:04 +00:00
DjVinnii
225160610b Set default TZ in Dockerfiles 2021-11-04 14:22:12 +01:00
DjVinnii
50d76076ed Add tzdata to optional 2021-11-02 11:19:42 +01:00
Florent Daigniere
1cf0f76b52 not required anymore 2021-09-27 09:04:15 +02:00
Florent Daigniere
e9f84d7d99 Improve the unbound configuration 2021-09-25 16:25:59 +02:00
Alexander Graf
447b237ecb fix freshclam startup
- create pid file in existing folder /run
- let freshclam log to stdout
- remove deprecated SafeBrowsing
2021-09-16 09:05:26 +02:00
Florent Daigniere
d7c2b510c7 Give alpine 3.14.2 a shot 2021-09-01 18:56:44 +02:00
Florent Daigniere
0c4455ccf5 Revert "Rollback to alpine 1.12"
This reverts commit e1ddbb6eec.
2021-09-01 18:53:20 +02:00
Florent Daigniere
e1ddbb6eec Rollback to alpine 1.12
it ships unbound 1.10 that doesn't have the bug I think
08968baec1
2021-08-19 15:33:26 +02:00
Florent Daigniere
0211c06c37 don't need sudo here 2021-07-05 15:54:04 +02:00
Florent Daigniere
420afa53f8 Upgrade to alpine 3.14 2021-07-05 15:50:49 +02:00
parisni
d2803f6f46 Update setup website 2021-06-19 00:38:53 +02:00
parisni
278878d48d Remove unused deps 2021-06-18 23:36:14 +02:00
bors[bot]
42cefab4c2
Merge #1760
1760: Security updates to postgresql r=mergify[bot] a=WebSpider

## What type of PR?

Security update

## What does this PR do?

It fixes vulnerabilities in the sudo package in the postgresql optional container documented in
CVE-2021-23240, CVE-2021-3156 and CVE-2021-23239

### Related issue(s)

None

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Nils Vogels <n.vogels@aves-it.nl>
2021-06-04 07:56:29 +00:00
Dario Ernst
4dbefe8e3a
Merge pull request #1631 from toastboy70/bug/#1536
Change unbound logfile to the empty string
2021-06-03 21:23:29 +02:00
Nils Vogels
6c4fa5432f Provide fix in postgresql container for CVE-2021-23240, CVE-2021-3156, CVE-2021-23239 2021-02-11 12:03:07 +01:00
cbachert
72a9ec5b7c Fix extract_host_port port separation
Regex quantifier should be lazy to make port separation work.
2020-10-24 00:25:53 +01:00
Jon Wilson
5e32447f07 Change unbound logfile to the empty string
This is defined to send log messages to stderr, which is
what we want - fixes #1536 ("Could not open logfile /dev/stdout:
Permission denied")
2020-09-21 15:06:43 +01:00