mirror of
https://github.com/mailcow/mailcow-dockerized.git
synced 2025-01-12 04:23:24 +02:00
Fix metrics
This commit is contained in:
commit
25ee53289b
4
.gitignore
vendored
4
.gitignore
vendored
@ -7,14 +7,18 @@ data/conf/nginx/listen*active
|
||||
data/conf/nginx/server_name.active
|
||||
data/conf/postfix/sql
|
||||
data/conf/dovecot/sql
|
||||
data/conf/nextcloud-*.bak
|
||||
data/web/inc/vars.local.inc.php
|
||||
data/assets/ssl/*
|
||||
.vscode/*
|
||||
data/web/.well-known/acme-challenge
|
||||
data/web/nextcloud/
|
||||
data/conf/rspamd/local.d/*
|
||||
data/conf/rspamd/override.d/*
|
||||
!data/conf/nginx/dynmaps.conf
|
||||
!data/conf/nginx/site.conf
|
||||
data/conf/nginx/*.conf
|
||||
data/conf/nginx/*.custom
|
||||
data/conf/nginx/*.bak
|
||||
data/conf/dovecot/extra.conf
|
||||
data/conf/rspamd/custom/*
|
||||
|
@ -9,8 +9,9 @@ RUN apk add --update --no-cache \
|
||||
openssl \
|
||||
bind-tools \
|
||||
jq \
|
||||
mariadb-client
|
||||
mariadb-client \
|
||||
tini
|
||||
|
||||
COPY docker-entrypoint.sh /srv/docker-entrypoint.sh
|
||||
|
||||
ENTRYPOINT ["/srv/docker-entrypoint.sh"]
|
||||
CMD ["/sbin/tini", "-g", "--", "/srv/docker-entrypoint.sh"]
|
||||
|
@ -1,4 +1,6 @@
|
||||
#!/bin/bash
|
||||
set -o pipefail
|
||||
exec 5>&1
|
||||
|
||||
ACME_BASE=/var/lib/acme
|
||||
SSL_EXAMPLE=/var/lib/ssl-example
|
||||
@ -8,20 +10,36 @@ mkdir -p ${ACME_BASE}/acme/private
|
||||
restart_containers(){
|
||||
for container in $*; do
|
||||
echo "Restarting ${container}..."
|
||||
curl -X POST \
|
||||
--unix-socket /var/run/docker.sock \
|
||||
"http/containers/${container}/restart"
|
||||
curl -X POST http://dockerapi:8080/containers/${container}/restart
|
||||
done
|
||||
}
|
||||
|
||||
log_f() {
|
||||
if [[ ${2} == "no_nl" ]]; then
|
||||
echo -n "$(date) - ${1}"
|
||||
elif [[ ${2} == "no_date" ]]; then
|
||||
echo "${1}"
|
||||
else
|
||||
echo "$(date) - ${1}"
|
||||
fi
|
||||
}
|
||||
|
||||
array_diff() {
|
||||
# https://stackoverflow.com/questions/2312762, Alex Offshore
|
||||
eval local ARR1=\(\"\${$2[@]}\"\)
|
||||
eval local ARR2=\(\"\${$3[@]}\"\)
|
||||
local IFS=$'\n'
|
||||
mapfile -t $1 < <(comm -23 <(echo "${ARR1[*]}" | sort) <(echo "${ARR2[*]}" | sort))
|
||||
}
|
||||
|
||||
verify_hash_match(){
|
||||
CERT_HASH=$(openssl x509 -noout -modulus -in "${1}" | openssl md5)
|
||||
KEY_HASH=$(openssl rsa -noout -modulus -in "${2}" | openssl md5)
|
||||
if [[ ${CERT_HASH} != ${KEY_HASH} ]]; then
|
||||
echo "Certificate and key hashes do not match!"
|
||||
log_f "Certificate and key hashes do not match!"
|
||||
return 1
|
||||
else
|
||||
echo "Verified hashes."
|
||||
log_f "Verified hashes."
|
||||
return 0
|
||||
fi
|
||||
}
|
||||
@ -31,7 +49,7 @@ get_ipv4(){
|
||||
local IPV4_SRCS=
|
||||
local TRY=
|
||||
IPV4_SRCS[0]="api.ipify.org"
|
||||
IPV4_SRCS[1]="ifconfig.co"
|
||||
IPV4_SRCS[1]="ifconfig.co"-
|
||||
IPV4_SRCS[2]="icanhazip.com"
|
||||
IPV4_SRCS[3]="v4.ident.me"
|
||||
IPV4_SRCS[4]="ipecho.net/plain"
|
||||
@ -49,7 +67,7 @@ get_ipv4(){
|
||||
if [[ -f ${ACME_BASE}/cert.pem ]] && [[ -f ${ACME_BASE}/key.pem ]]; then
|
||||
ISSUER=$(openssl x509 -in ${ACME_BASE}/cert.pem -noout -issuer)
|
||||
if [[ ${ISSUER} != *"Let's Encrypt"* && ${ISSUER} != *"mailcow"* ]]; then
|
||||
echo "Found certificate with issuer other than mailcow snake-oil CA and Let's Encrypt, skipping ACME client..."
|
||||
log_f "Found certificate with issuer other than mailcow snake-oil CA and Let's Encrypt, skipping ACME client..."
|
||||
sleep 3650d
|
||||
exec $(readlink -f "$0")
|
||||
else
|
||||
@ -57,30 +75,36 @@ if [[ -f ${ACME_BASE}/cert.pem ]] && [[ -f ${ACME_BASE}/key.pem ]]; then
|
||||
SAN_NAMES=$(openssl x509 -noout -text -in ${ACME_BASE}/cert.pem | awk '/X509v3 Subject Alternative Name/ {getline;gsub(/ /, "", $0); print}' | tr -d "DNS:")
|
||||
if [[ ! -z ${SAN_NAMES} ]]; then
|
||||
IFS=',' read -a SAN_ARRAY_NOW <<< ${SAN_NAMES}
|
||||
echo "Found Let's Encrypt or mailcow snake-oil CA issued certificate with SANs: ${SAN_ARRAY_NOW[*]}"
|
||||
log_f "Found Let's Encrypt or mailcow snake-oil CA issued certificate with SANs: ${SAN_ARRAY_NOW[*]}"
|
||||
fi
|
||||
fi
|
||||
else
|
||||
if [[ -f ${ACME_BASE}/acme/fullchain.pem ]] && [[ -f ${ACME_BASE}/acme/private/privkey.pem ]]; then
|
||||
if verify_hash_match ${ACME_BASE}/acme/fullchain.pem ${ACME_BASE}/acme/private/privkey.pem; then
|
||||
echo "Restoring previous acme certificate and restarting script..."
|
||||
log_f "Restoring previous acme certificate and restarting script..."
|
||||
cp ${ACME_BASE}/acme/fullchain.pem ${ACME_BASE}/cert.pem
|
||||
cp ${ACME_BASE}/acme/private/privkey.pem ${ACME_BASE}/key.pem
|
||||
# Restarting with env var set to trigger a restart,
|
||||
exec env TRIGGER_RESTART=1 $(readlink -f "$0")
|
||||
fi
|
||||
ISSUER="mailcow"
|
||||
else
|
||||
echo "Restoring mailcow snake-oil certificates and restarting script..."
|
||||
log_f "Restoring mailcow snake-oil certificates and restarting script..."
|
||||
cp ${SSL_EXAMPLE}/cert.pem ${ACME_BASE}/cert.pem
|
||||
cp ${SSL_EXAMPLE}/key.pem ${ACME_BASE}/key.pem
|
||||
exec env TRIGGER_RESTART=1 $(readlink -f "$0")
|
||||
fi
|
||||
fi
|
||||
|
||||
while ! mysqladmin ping --host mysql -u${DBUSER} -p${DBPASS} --silent; do
|
||||
echo "Waiting for database to come up..."
|
||||
sleep 2
|
||||
done
|
||||
|
||||
while true; do
|
||||
if [[ "${SKIP_LETS_ENCRYPT}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
|
||||
echo "SKIP_LETS_ENCRYPT=y, skipping Let's Encrypt..."
|
||||
sleep 3650d
|
||||
log_f "SKIP_LETS_ENCRYPT=y, skipping Let's Encrypt..."
|
||||
sleep 365d
|
||||
exec $(readlink -f "$0")
|
||||
fi
|
||||
if [[ "${SKIP_IP_CHECK}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
|
||||
@ -95,54 +119,58 @@ while true; do
|
||||
IFS=',' read -r -a ADDITIONAL_SAN_ARR <<< "${ADDITIONAL_SAN}"
|
||||
IPV4=$(get_ipv4)
|
||||
# Container ids may have changed
|
||||
CONTAINERS_RESTART=($(curl --silent --unix-socket /var/run/docker.sock http/containers/json | jq -rc 'map(select(.Names[] | contains ("nginx-mailcow") or contains ("postfix-mailcow") or contains ("dovecot-mailcow"))) | .[] .Id' | tr "\n" " "))
|
||||
CONTAINERS_RESTART=($(curl --silent http://dockerapi:8080/containers/json | jq -r '.[] | {name: .Config.Labels["com.docker.compose.service"], id: .Id}' | jq -rc 'select( .name | tostring | contains("nginx-mailcow") or contains("postfix-mailcow") or contains("dovecot-mailcow")) | .id' | tr "\n" " "))
|
||||
|
||||
while read domain; do
|
||||
SQL_DOMAIN_ARR+=("${domain}")
|
||||
done < <(mysql -h mysql-mailcow -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT domain FROM domain WHERE backupmx=0" -Bs)
|
||||
while read alias_domain; do
|
||||
SQL_DOMAIN_ARR+=("${alias_domain}")
|
||||
done < <(mysql -h mysql-mailcow -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT alias_domain FROM alias_domain" -Bs)
|
||||
log_f "Waiting for domain tables... " no_nl
|
||||
while [[ -z ${DOMAIN_TABLE} ]]; do
|
||||
DOMAIN_TABLE=$(mysql -h mysql-mailcow -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SHOW TABLES LIKE 'domain'" -Bs)
|
||||
[[ -z ${DOMAIN_TABLE} ]] && sleep 10
|
||||
done
|
||||
log_f "OK" no_date
|
||||
|
||||
while read domains; do
|
||||
SQL_DOMAIN_ARR+=("${domains}")
|
||||
done < <(mysql -h mysql-mailcow -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT domain FROM domain WHERE backupmx=0 UNION SELECT alias_domain FROM alias_domain" -Bs)
|
||||
|
||||
for SQL_DOMAIN in "${SQL_DOMAIN_ARR[@]}"; do
|
||||
A_CONFIG=$(dig A autoconfig.${SQL_DOMAIN} +short | tail -n 1)
|
||||
if [[ ! -z ${A_CONFIG} ]]; then
|
||||
echo "Found A record for autoconfig.${SQL_DOMAIN}: ${A_CONFIG}"
|
||||
log_f "Found A record for autoconfig.${SQL_DOMAIN}: ${A_CONFIG}"
|
||||
if [[ ${IPV4:-ERR} == ${A_CONFIG} ]] || [[ ${SKIP_IP_CHECK} == "y" ]]; then
|
||||
echo "Confirmed A record autoconfig.${SQL_DOMAIN}"
|
||||
log_f "Confirmed A record autoconfig.${SQL_DOMAIN}"
|
||||
VALIDATED_CONFIG_DOMAINS+=("autoconfig.${SQL_DOMAIN}")
|
||||
else
|
||||
echo "Cannot match your IP ${IPV4} against hostname autoconfig.${SQL_DOMAIN} (${A_CONFIG})"
|
||||
log_f "Cannot match your IP ${IPV4} against hostname autoconfig.${SQL_DOMAIN} (${A_CONFIG})"
|
||||
fi
|
||||
else
|
||||
echo "No A record for autoconfig.${SQL_DOMAIN} found"
|
||||
log_f "No A record for autoconfig.${SQL_DOMAIN} found"
|
||||
fi
|
||||
|
||||
A_DISCOVER=$(dig A autodiscover.${SQL_DOMAIN} +short | tail -n 1)
|
||||
if [[ ! -z ${A_DISCOVER} ]]; then
|
||||
echo "Found A record for autodiscover.${SQL_DOMAIN}: ${A_DISCOVER}"
|
||||
log_f "Found A record for autodiscover.${SQL_DOMAIN}: ${A_DISCOVER}"
|
||||
if [[ ${IPV4:-ERR} == ${A_DISCOVER} ]] || [[ ${SKIP_IP_CHECK} == "y" ]]; then
|
||||
echo "Confirmed A record autodiscover.${SQL_DOMAIN}"
|
||||
log_f "Confirmed A record autodiscover.${SQL_DOMAIN}"
|
||||
VALIDATED_CONFIG_DOMAINS+=("autodiscover.${SQL_DOMAIN}")
|
||||
else
|
||||
echo "Cannot match your IP ${IPV4} against hostname autodiscover.${SQL_DOMAIN} (${A_DISCOVER})"
|
||||
log_f "Cannot match your IP ${IPV4} against hostname autodiscover.${SQL_DOMAIN} (${A_DISCOVER})"
|
||||
fi
|
||||
else
|
||||
echo "No A record for autodiscover.${SQL_DOMAIN} found"
|
||||
log_f "No A record for autodiscover.${SQL_DOMAIN} found"
|
||||
fi
|
||||
done
|
||||
|
||||
A_MAILCOW_HOSTNAME=$(dig A ${MAILCOW_HOSTNAME} +short | tail -n 1)
|
||||
if [[ ! -z ${A_MAILCOW_HOSTNAME} ]]; then
|
||||
echo "Found A record for ${MAILCOW_HOSTNAME}: ${A_MAILCOW_HOSTNAME}"
|
||||
log_f "Found A record for ${MAILCOW_HOSTNAME}: ${A_MAILCOW_HOSTNAME}"
|
||||
if [[ ${IPV4:-ERR} == ${A_MAILCOW_HOSTNAME} ]] || [[ ${SKIP_IP_CHECK} == "y" ]]; then
|
||||
echo "Confirmed A record ${MAILCOW_HOSTNAME}"
|
||||
log_f "Confirmed A record ${MAILCOW_HOSTNAME}"
|
||||
VALIDATED_MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
|
||||
else
|
||||
echo "Cannot match your IP ${IPV4} against hostname ${MAILCOW_HOSTNAME} (${A_MAILCOW_HOSTNAME}) "
|
||||
log_f "Cannot match your IP ${IPV4} against hostname ${MAILCOW_HOSTNAME} (${A_MAILCOW_HOSTNAME}) "
|
||||
fi
|
||||
else
|
||||
echo "No A record for ${MAILCOW_HOSTNAME} found"
|
||||
log_f "No A record for ${MAILCOW_HOSTNAME} found"
|
||||
fi
|
||||
|
||||
for SAN in "${ADDITIONAL_SAN_ARR[@]}"; do
|
||||
@ -151,31 +179,31 @@ while true; do
|
||||
fi
|
||||
A_SAN=$(dig A ${SAN} +short | tail -n 1)
|
||||
if [[ ! -z ${A_SAN} ]]; then
|
||||
echo "Found A record for ${SAN}: ${A_SAN}"
|
||||
log_f "Found A record for ${SAN}: ${A_SAN}"
|
||||
if [[ ${IPV4:-ERR} == ${A_SAN} ]] || [[ ${SKIP_IP_CHECK} == "y" ]]; then
|
||||
echo "Confirmed A record ${SAN}"
|
||||
log_f "Confirmed A record ${SAN}"
|
||||
ADDITIONAL_VALIDATED_SAN+=("${SAN}")
|
||||
else
|
||||
echo "Cannot match your IP against hostname ${SAN}"
|
||||
log_f "Cannot match your IP against hostname ${SAN}"
|
||||
fi
|
||||
else
|
||||
echo "No A record for ${SAN} found"
|
||||
log_f "No A record for ${SAN} found"
|
||||
fi
|
||||
done
|
||||
|
||||
# Unique elements
|
||||
ALL_VALIDATED=(${VALIDATED_MAILCOW_HOSTNAME} $(echo ${VALIDATED_CONFIG_DOMAINS[*]} ${ADDITIONAL_VALIDATED_SAN[*]} | xargs -n1 | sort -u | xargs))
|
||||
if [[ -z ${ALL_VALIDATED[*]} ]]; then
|
||||
echo "Cannot validate hostnames, skipping Let's Encrypt for 1 hour."
|
||||
echo "Use SKIP_LETS_ENCRYPT=y in mailcow.conf to skip it permanently."
|
||||
log_f "Cannot validate hostnames, skipping Let's Encrypt for 1 hour."
|
||||
log_f "Use SKIP_LETS_ENCRYPT=y in mailcow.conf to skip it permanently."
|
||||
sleep 1h
|
||||
exec $(readlink -f "$0")
|
||||
fi
|
||||
|
||||
ORPHANED_SAN=($(echo ${SAN_ARRAY_NOW[*]} ${ALL_VALIDATED[*]} | tr ' ' '\n' | sort | uniq -u ))
|
||||
array_diff ORPHANED_SAN SAN_ARRAY_NOW ALL_VALIDATED
|
||||
if [[ ! -z ${ORPHANED_SAN[*]} ]] && [[ ${ISSUER} != *"mailcow"* ]]; then
|
||||
DATE=$(date +%Y-%m-%d_%H_%M_%S)
|
||||
echo "Found orphaned SAN ${ORPHANED_SAN[*]} in certificate, moving old files to ${ACME_BASE}/acme/private/${DATE}.bak/, keeping key file..."
|
||||
log_f "Found orphaned SAN ${ORPHANED_SAN[*]} in certificate, moving old files to ${ACME_BASE}/acme/private/${DATE}.bak/, keeping key file..."
|
||||
mkdir -p ${ACME_BASE}/acme/private/${DATE}.bak/
|
||||
[[ -f ${ACME_BASE}/acme/private/account.key ]] && mv ${ACME_BASE}/acme/private/account.key ${ACME_BASE}/acme/private/${DATE}.bak/
|
||||
[[ -f ${ACME_BASE}/acme/fullchain.pem ]] && mv ${ACME_BASE}/acme/fullchain.pem ${ACME_BASE}/acme/private/${DATE}.bak/
|
||||
@ -183,12 +211,12 @@ while true; do
|
||||
cp ${ACME_BASE}/acme/private/privkey.pem ${ACME_BASE}/acme/private/${DATE}.bak/ # Keep key for TLSA 3 1 1 records
|
||||
fi
|
||||
|
||||
acme-client \
|
||||
ACME_RESPONSE=$(acme-client \
|
||||
-v -e -b -N -n \
|
||||
-f ${ACME_BASE}/acme/private/account.key \
|
||||
-k ${ACME_BASE}/acme/private/privkey.pem \
|
||||
-c ${ACME_BASE}/acme \
|
||||
${ALL_VALIDATED[*]}
|
||||
${ALL_VALIDATED[*]} 2>&1 | tee /dev/fd/5)
|
||||
|
||||
case "$?" in
|
||||
0) # new certs
|
||||
@ -198,73 +226,82 @@ while true; do
|
||||
|
||||
# restart docker containers
|
||||
if ! verify_hash_match ${ACME_BASE}/cert.pem ${ACME_BASE}/key.pem; then
|
||||
echo "Certificate was successfully requested, but key and certificate have non-matching hashes, restoring mailcow snake-oil and restarting containers..."
|
||||
log_f "Certificate was successfully requested, but key and certificate have non-matching hashes, restoring mailcow snake-oil and restarting containers..."
|
||||
cp ${SSL_EXAMPLE}/cert.pem ${ACME_BASE}/cert.pem
|
||||
cp ${SSL_EXAMPLE}/key.pem ${ACME_BASE}/key.pem
|
||||
fi
|
||||
restart_containers ${CONTAINERS_RESTART[*]}
|
||||
;;
|
||||
1) # failure
|
||||
if [[ $ACME_RESPONSE =~ "No registration exists" ]]; then
|
||||
log_f "Registration keys are invalid, deleting old keys and restarting..."
|
||||
rm ${ACME_BASE}/acme/private/account.key
|
||||
rm ${ACME_BASE}/acme/private/privkey.pem
|
||||
exec $(readlink -f "$0")
|
||||
fi
|
||||
if [[ -f ${ACME_BASE}/acme/private/${DATE}.bak/fullchain.pem ]] && [[ -f ${ACME_BASE}/acme/private/${DATE}.bak/privkey.pem ]]; then
|
||||
echo "Error requesting certificate, restoring previous certificate from backup and restarting containers...."
|
||||
log_f "Error requesting certificate, restoring previous certificate from backup and restarting containers...."
|
||||
cp ${ACME_BASE}/acme/private/${DATE}.bak/fullchain.pem ${ACME_BASE}/cert.pem
|
||||
cp ${ACME_BASE}/acme/private/${DATE}.bak/privkey.pem ${ACME_BASE}/key.pem
|
||||
TRIGGER_RESTART=1
|
||||
elif [[ -f ${ACME_BASE}/acme/fullchain.pem ]] && [[ -f ${ACME_BASE}/acme/private/privkey.pem ]]; then
|
||||
echo "Error requesting certificate, restoring from previous acme request and restarting containers..."
|
||||
log_f "Error requesting certificate, restoring from previous acme request and restarting containers..."
|
||||
cp ${ACME_BASE}/acme/fullchain.pem ${ACME_BASE}/cert.pem
|
||||
cp ${ACME_BASE}/acme/private/privkey.pem ${ACME_BASE}/key.pem
|
||||
TRIGGER_RESTART=1
|
||||
fi
|
||||
if ! verify_hash_match ${ACME_BASE}/cert.pem ${ACME_BASE}/key.pem; then
|
||||
echo "Error verifying certificates, restoring mailcow snake-oil and restarting containers..."
|
||||
log_f "Error verifying certificates, restoring mailcow snake-oil and restarting containers..."
|
||||
cp ${SSL_EXAMPLE}/cert.pem ${ACME_BASE}/cert.pem
|
||||
cp ${SSL_EXAMPLE}/key.pem ${ACME_BASE}/key.pem
|
||||
TRIGGER_RESTART=1
|
||||
fi
|
||||
[[ ${TRIGGER_RESTART} == 1 ]] && restart_containers ${CONTAINERS_RESTART[*]}
|
||||
echo "Retrying in 30 minutes..."
|
||||
log_f "Retrying in 30 minutes..."
|
||||
sleep 30m
|
||||
exec $(readlink -f "$0")
|
||||
;;
|
||||
2) # no change
|
||||
if ! diff ${ACME_BASE}/acme/fullchain.pem ${ACME_BASE}/cert.pem; then
|
||||
echo "Certificate was not changed, but active certificate does not match the verified certificate, fixing and restarting containers..."
|
||||
log_f "Certificate was not changed, but active certificate does not match the verified certificate, fixing and restarting containers..."
|
||||
cp ${ACME_BASE}/acme/fullchain.pem ${ACME_BASE}/cert.pem
|
||||
cp ${ACME_BASE}/acme/private/privkey.pem ${ACME_BASE}/key.pem
|
||||
restart_containers ${CONTAINERS_RESTART[*]}
|
||||
TRIGGER_RESTART=1
|
||||
fi
|
||||
if ! verify_hash_match ${ACME_BASE}/cert.pem ${ACME_BASE}/key.pem; then
|
||||
echo "Certificate was not changed, but hashes do not match, restoring from previous acme request and restarting containers..."
|
||||
log_f "Certificate was not changed, but hashes do not match, restoring from previous acme request and restarting containers..."
|
||||
cp ${ACME_BASE}/acme/fullchain.pem ${ACME_BASE}/cert.pem
|
||||
cp ${ACME_BASE}/acme/private/privkey.pem ${ACME_BASE}/key.pem
|
||||
restart_containers ${CONTAINERS_RESTART[*]}
|
||||
TRIGGER_RESTART=1
|
||||
fi
|
||||
[[ ${TRIGGER_RESTART} == 1 ]] && restart_containers ${CONTAINERS_RESTART[*]}
|
||||
;;
|
||||
*) # unspecified
|
||||
if [[ -f ${ACME_BASE}/acme/private/${DATE}.bak/fullchain.pem ]] && [[ -f ${ACME_BASE}/acme/private/${DATE}.bak/privkey.pem ]]; then
|
||||
echo "Error requesting certificate, restoring previous certificate from backup and restarting containers...."
|
||||
log_f "Error requesting certificate, restoring previous certificate from backup and restarting containers...."
|
||||
cp ${ACME_BASE}/acme/private/${DATE}.bak/fullchain.pem ${ACME_BASE}/cert.pem
|
||||
cp ${ACME_BASE}/acme/private/${DATE}.bak/privkey.pem ${ACME_BASE}/key.pem
|
||||
TRIGGER_RESTART=1
|
||||
elif [[ -f ${ACME_BASE}/acme/fullchain.pem ]] && [[ -f ${ACME_BASE}/acme/private/privkey.pem ]]; then
|
||||
echo "Error requesting certificate, restoring from previous acme request and restarting containers..."
|
||||
log_f "Error requesting certificate, restoring from previous acme request and restarting containers..."
|
||||
cp ${ACME_BASE}/acme/fullchain.pem ${ACME_BASE}/cert.pem
|
||||
cp ${ACME_BASE}/acme/private/privkey.pem ${ACME_BASE}/key.pem
|
||||
TRIGGER_RESTART=1
|
||||
fi
|
||||
if ! verify_hash_match ${ACME_BASE}/cert.pem ${ACME_BASE}/key.pem; then
|
||||
echo "Error verifying certificates, restoring mailcow snake-oil..."
|
||||
log_f "Error verifying certificates, restoring mailcow snake-oil..."
|
||||
cp ${SSL_EXAMPLE}/cert.pem ${ACME_BASE}/cert.pem
|
||||
cp ${SSL_EXAMPLE}/key.pem ${ACME_BASE}/key.pem
|
||||
TRIGGER_RESTART=1
|
||||
fi
|
||||
[[ ${TRIGGER_RESTART} == 1 ]] && restart_containers ${CONTAINERS_RESTART[*]}
|
||||
sleep 3650d
|
||||
log_f "Retrying in 30 minutes..."
|
||||
sleep 30m
|
||||
exec $(readlink -f "$0")
|
||||
;;
|
||||
esac
|
||||
|
||||
echo "ACME certificate validation done. Sleeping for another day."
|
||||
log_f "ACME certificate validation done. Sleeping for another day."
|
||||
sleep 1d
|
||||
|
||||
done
|
||||
|
BIN
data/Dockerfiles/acme/tini
Executable file
BIN
data/Dockerfiles/acme/tini
Executable file
Binary file not shown.
@ -7,7 +7,7 @@ COPY dl_files.sh bootstrap.sh ./
|
||||
|
||||
# Installation
|
||||
RUN apk add --update \
|
||||
&& apk add --no-cache clamav clamav-libunrar curl bash \
|
||||
&& apk add --no-cache clamav clamav-libunrar curl bash tini \
|
||||
&& chmod +x /dl_files.sh \
|
||||
&& set -ex; /bin/bash /dl_files.sh \
|
||||
&& mkdir /run/clamav \
|
||||
@ -15,12 +15,14 @@ RUN apk add --update \
|
||||
&& chmod 750 /run/clamav \
|
||||
&& sed -i '/Foreground yes/s/^#//g' /etc/clamav/clamd.conf \
|
||||
&& sed -i '/TCPSocket 3310/s/^#//g' /etc/clamav/clamd.conf \
|
||||
&& sed -i 's#LogFile /var/log/clamav/clamd.log#LogFile /tmp/logpipe_clamd#g' /etc/clamav/clamd.conf \
|
||||
&& sed -i 's/#PhishingSignatures yes/PhishingSignatures no/g' /etc/clamav/clamd.conf \
|
||||
&& sed -i 's/#PhishingScanURLs yes/PhishingScanURLs no/g' /etc/clamav/clamd.conf \
|
||||
&& sed -i 's#UpdateLogFile /var/log/clamav/freshclam.log#UpdateLogFile /tmp/logpipe_freshclam#g' /etc/clamav/freshclam.conf \
|
||||
&& sed -i '/Foreground yes/s/^#//g' /etc/clamav/freshclam.conf
|
||||
|
||||
# Port provision
|
||||
EXPOSE 3310
|
||||
|
||||
# AV daemon bootstrapping
|
||||
CMD ["/bootstrap.sh"]
|
||||
CMD ["/sbin/tini", "-g", "--", "/bootstrap.sh"]
|
||||
|
@ -1,13 +1,34 @@
|
||||
#!/bin/bash
|
||||
touch /var/log/clamav/clamd.log /var/log/clamav/freshclam.log
|
||||
chown -R clamav:clamav /var/log/clamav/
|
||||
|
||||
if [[ "${SKIP_CLAMD}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
|
||||
echo "SKIP_CLAMD=y, skipping ClamAV..."
|
||||
sleep 365d
|
||||
exit 0
|
||||
fi
|
||||
|
||||
freshclam -d &
|
||||
clamd &
|
||||
# Create log pipes
|
||||
touch /var/log/clamav/clamd.log /var/log/clamav/freshclam.log
|
||||
mkfifo -m 600 /tmp/logpipe_clamd
|
||||
mkfifo -m 600 /tmp/logpipe_freshclam
|
||||
chown -R clamav:clamav /var/log/clamav/ /tmp/logpipe_*
|
||||
cat <> /tmp/logpipe_clamd 1>&2 &
|
||||
cat <> /tmp/logpipe_freshclam 1>&2 &
|
||||
|
||||
tail -f /var/log/clamav/clamd.log /var/log/clamav/freshclam.log
|
||||
# Prepare
|
||||
BACKGROUND_TASKS=()
|
||||
|
||||
freshclam -d &
|
||||
BACKGROUND_TASKS+=($!)
|
||||
|
||||
clamd &
|
||||
BACKGROUND_TASKS+=($!)
|
||||
|
||||
while true; do
|
||||
for bg_task in ${BACKGROUND_TASKS[*]}; do
|
||||
if ! kill -0 ${bg_task} 1>&2; then
|
||||
echo "Worker ${bg_task} died, stopping container waiting for respawn..."
|
||||
kill -TERM 1
|
||||
fi
|
||||
sleep 10
|
||||
done
|
||||
done
|
||||
|
8
data/Dockerfiles/dockerapi/Dockerfile
Normal file
8
data/Dockerfiles/dockerapi/Dockerfile
Normal file
@ -0,0 +1,8 @@
|
||||
FROM python:2-alpine
|
||||
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
|
||||
|
||||
RUN apk add -U --no-cache iptables ip6tables
|
||||
RUN pip install docker flask flask-restful
|
||||
|
||||
COPY server.py /
|
||||
CMD ["python2", "-u", "/server.py"]
|
62
data/Dockerfiles/dockerapi/server.py
Normal file
62
data/Dockerfiles/dockerapi/server.py
Normal file
@ -0,0 +1,62 @@
|
||||
from flask import Flask
|
||||
from flask_restful import Resource, Api
|
||||
from flask import jsonify
|
||||
import docker
|
||||
|
||||
docker_client = docker.DockerClient(base_url='unix://var/run/docker.sock')
|
||||
app = Flask(__name__)
|
||||
api = Api(app)
|
||||
|
||||
class containers_get(Resource):
|
||||
def get(self):
|
||||
containers = {}
|
||||
for container in docker_client.containers.list(all=True):
|
||||
containers.update({container.attrs['Id']: container.attrs})
|
||||
return containers
|
||||
|
||||
class container_get(Resource):
|
||||
def get(self, container_id):
|
||||
if container_id and container_id.isalnum():
|
||||
for container in docker_client.containers.list(all=True, filters={"id": container_id}):
|
||||
return container.attrs
|
||||
else:
|
||||
return jsonify(message='No or invalid id defined')
|
||||
|
||||
class container_post(Resource):
|
||||
def post(self, container_id, post_action):
|
||||
if container_id and container_id.isalnum() and post_action:
|
||||
if post_action == 'stop':
|
||||
try:
|
||||
for container in docker_client.containers.list(all=True, filters={"id": container_id}):
|
||||
container.stop()
|
||||
except:
|
||||
return 'Error'
|
||||
else:
|
||||
return 'OK'
|
||||
elif post_action == 'start':
|
||||
try:
|
||||
for container in docker_client.containers.list(all=True, filters={"id": container_id}):
|
||||
container.start()
|
||||
except:
|
||||
return 'Error'
|
||||
else:
|
||||
return 'OK'
|
||||
elif post_action == 'restart':
|
||||
try:
|
||||
for container in docker_client.containers.list(all=True, filters={"id": container_id}):
|
||||
container.restart()
|
||||
except:
|
||||
return 'Error'
|
||||
else:
|
||||
return 'OK'
|
||||
else:
|
||||
return jsonify(message='Invalid action')
|
||||
else:
|
||||
return jsonify(message='Invalid container id or missing action')
|
||||
|
||||
api.add_resource(containers_get, '/containers/json')
|
||||
api.add_resource(container_get, '/containers/<string:container_id>/json')
|
||||
api.add_resource(container_post, '/containers/<string:container_id>/<string:post_action>')
|
||||
|
||||
if __name__ == '__main__':
|
||||
app.run(debug=False, host='0.0.0.0', port='8080')
|
@ -39,12 +39,13 @@ destination d_redis_cleanup {
|
||||
);
|
||||
};
|
||||
filter f_mail { facility(mail); };
|
||||
filter f_not_watchdog { not message("172\.22\.1\.248"); };
|
||||
log {
|
||||
source(s_src);
|
||||
filter(f_not_watchdog);
|
||||
destination(d_stdout);
|
||||
filter(f_mail);
|
||||
destination(d_redis_ui_log);
|
||||
destination(d_redis_f2b_channel);
|
||||
destination(d_redis_cleanup);
|
||||
|
||||
};
|
||||
|
@ -14,7 +14,8 @@ import json
|
||||
|
||||
yes_regex = re.compile(r'([yY][eE][sS]|[yY])+$')
|
||||
if re.search(yes_regex, os.getenv('SKIP_FAIL2BAN', 0)):
|
||||
print "Skipping Fail2ban container..."
|
||||
print "SKIP_FAIL2BAN=y, Skipping Fail2ban container..."
|
||||
time.sleep(31536000)
|
||||
raise SystemExit
|
||||
|
||||
r = redis.StrictRedis(host='172.22.1.249', decode_responses=True, port=6379, db=0)
|
||||
|
@ -1,8 +1,17 @@
|
||||
FROM php:7.1-fpm-alpine
|
||||
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
|
||||
|
||||
ENV REDIS_PECL 3.1.4
|
||||
ENV MEMCACHED_PECL 3.0.3
|
||||
ENV APCU_PECL 5.1.8
|
||||
ENV IMAGICK_PECL 3.4.3
|
||||
|
||||
RUN apk add -U --no-cache libxml2-dev \
|
||||
icu-dev \
|
||||
imap-dev \
|
||||
libmemcached-dev \
|
||||
cyrus-sasl-dev \
|
||||
pcre-dev \
|
||||
icu-libs \
|
||||
redis \
|
||||
mysql-client \
|
||||
@ -11,13 +20,42 @@ RUN apk add -U --no-cache libxml2-dev \
|
||||
g++ \
|
||||
make \
|
||||
openssl \
|
||||
&& pecl install redis \
|
||||
openssl-dev \
|
||||
samba-client \
|
||||
libpng \
|
||||
libpng-dev \
|
||||
libjpeg-turbo-dev \
|
||||
libwebp-dev \
|
||||
zlib-dev \
|
||||
libxpm-dev \
|
||||
c-client \
|
||||
imagemagick-dev \
|
||||
imagemagick \
|
||||
libtool \
|
||||
librsvg \
|
||||
&& pear install channel://pear.php.net/Net_IDNA2-0.2.0 \
|
||||
channel://pear.php.net/Auth_SASL-1.1.0 \
|
||||
Net_IMAP \
|
||||
NET_SMTP \
|
||||
Mail_mime \
|
||||
&& pecl install redis-${REDIS_PECL} memcached-${MEMCACHED_PECL} APCu-${APCU_PECL} imagick-${IMAGICK_PECL} \
|
||||
&& docker-php-ext-enable redis apcu memcached imagick \
|
||||
&& pecl clear-cache \
|
||||
&& docker-php-ext-configure intl \
|
||||
&& docker-php-ext-install intl pdo pdo_mysql xmlrpc \
|
||||
&& docker-php-ext-enable redis \
|
||||
&& pear install channel://pear.php.net/Net_IDNA2-0.1.1 Auth_SASL Net_IMAP NET_SMTP Net_IDNA2 Mail_mime \
|
||||
&& apk del autoconf g++ make libxml2-dev icu-dev
|
||||
&& docker-php-ext-install -j 4 intl pdo pdo_mysql xmlrpc gd zip pcntl opcache \
|
||||
&& docker-php-ext-configure imap --with-imap --with-imap-ssl \
|
||||
&& docker-php-ext-install -j 4 imap \
|
||||
&& apk del --purge autoconf g++ make libxml2-dev icu-dev imap-dev openssl-dev cyrus-sasl-dev pcre-dev libpng-dev libpng-dev libjpeg-turbo-dev libwebp-dev zlib-dev imagemagick-dev \
|
||||
&& { \
|
||||
echo 'opcache.enable=1'; \
|
||||
echo 'opcache.enable_cli=1'; \
|
||||
echo 'opcache.interned_strings_buffer=8'; \
|
||||
echo 'opcache.max_accelerated_files=10000'; \
|
||||
echo 'opcache.memory_consumption=128'; \
|
||||
echo 'opcache.save_comments=1'; \
|
||||
echo 'opcache.revalidate_freq=1'; \
|
||||
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
|
||||
|
||||
|
||||
COPY ./docker-entrypoint.sh /
|
||||
|
||||
|
@ -13,7 +13,17 @@ user = ${DBUSER}
|
||||
password = ${DBPASS}
|
||||
hosts = mysql
|
||||
dbname = ${DBNAME}
|
||||
query = SELECT DISTINCT CASE WHEN '%d' IN (SELECT domain FROM domain WHERE relay_all_recipients=1 AND domain='%d' AND backupmx=1) THEN '%s' ELSE (SELECT goto FROM alias WHERE address='%s' AND active='1') END AS result;
|
||||
query = SELECT DISTINCT
|
||||
CASE WHEN '%d' IN (
|
||||
SELECT domain FROM domain
|
||||
WHERE relay_all_recipients=1
|
||||
AND domain='%d'
|
||||
AND backupmx=1
|
||||
)
|
||||
THEN '%s' ELSE (
|
||||
SELECT goto FROM alias WHERE address='%s' AND active='1'
|
||||
)
|
||||
END AS result;
|
||||
EOF
|
||||
|
||||
cat <<EOF > /opt/postfix/conf/sql/mysql_tls_enforce_in_policy.cf
|
||||
@ -21,7 +31,16 @@ user = ${DBUSER}
|
||||
password = ${DBPASS}
|
||||
hosts = mysql
|
||||
dbname = ${DBNAME}
|
||||
query = SELECT IF( EXISTS( SELECT 'TLS_ACTIVE' FROM alias LEFT OUTER JOIN mailbox ON mailbox.username = alias.goto WHERE (address='%s' OR address IN (SELECT CONCAT('%u', '@', target_domain) FROM alias_domain WHERE alias_domain='%d')) AND mailbox.tls_enforce_in = '1' AND mailbox.active = '1'), 'reject_plaintext_session', NULL) AS 'tls_enforce_in';
|
||||
query = SELECT IF(EXISTS(
|
||||
SELECT 'TLS_ACTIVE' FROM alias
|
||||
LEFT OUTER JOIN mailbox ON mailbox.username = alias.goto
|
||||
WHERE (address='%s'
|
||||
OR address IN (
|
||||
SELECT CONCAT('%u', '@', target_domain) FROM alias_domain
|
||||
WHERE alias_domain='%d'
|
||||
)
|
||||
) AND mailbox.tls_enforce_in = '1' AND mailbox.active = '1'
|
||||
), 'reject_plaintext_session', NULL) AS 'tls_enforce_in';
|
||||
EOF
|
||||
|
||||
cat <<EOF > /opt/postfix/conf/sql/mysql_sender_dependent_default_transport_maps.cf
|
||||
@ -31,9 +50,26 @@ hosts = mysql
|
||||
dbname = ${DBNAME}
|
||||
query = SELECT GROUP_CONCAT(transport SEPARATOR '') AS transport_maps
|
||||
FROM (
|
||||
SELECT IF(EXISTS(SELECT 'smtp_type' FROM alias LEFT OUTER JOIN mailbox ON mailbox.username = alias.goto WHERE (address = '%s' OR address IN (SELECT CONCAT('%u', '@', target_domain) FROM alias_domain WHERE alias_domain = '%d')) AND mailbox.tls_enforce_out = '1' AND mailbox.active = '1'), 'smtp_enforced_tls:', 'smtp:') AS 'transport'
|
||||
SELECT IF(EXISTS(SELECT 'smtp_type' FROM alias
|
||||
LEFT OUTER JOIN mailbox ON mailbox.username = alias.goto
|
||||
WHERE (address = '%s'
|
||||
OR address IN (
|
||||
SELECT CONCAT('%u', '@', target_domain) FROM alias_domain
|
||||
WHERE alias_domain = '%d'
|
||||
)
|
||||
)
|
||||
AND mailbox.tls_enforce_out = '1'
|
||||
AND mailbox.active = '1'
|
||||
), 'smtp_enforced_tls:', 'smtp:') AS 'transport'
|
||||
UNION ALL
|
||||
SELECT hostname AS transport FROM relayhosts LEFT OUTER JOIN domain ON domain.relayhost = relayhosts.id WHERE relayhosts.active = '1' AND domain = '%d' OR domain IN (SELECT target_domain FROM alias_domain WHERE alias_domain = '%d')
|
||||
SELECT hostname AS transport FROM relayhosts
|
||||
LEFT OUTER JOIN domain ON domain.relayhost = relayhosts.id
|
||||
WHERE relayhosts.active = '1'
|
||||
AND domain = '%d'
|
||||
OR domain IN (
|
||||
SELECT target_domain FROM alias_domain
|
||||
WHERE alias_domain = '%d'
|
||||
)
|
||||
)
|
||||
AS transport_view;
|
||||
EOF
|
||||
@ -43,7 +79,11 @@ user = ${DBUSER}
|
||||
password = ${DBPASS}
|
||||
hosts = mysql
|
||||
dbname = ${DBNAME}
|
||||
query = SELECT CONCAT_WS(':', username, password) AS auth_data FROM relayhosts WHERE id IN (SELECT relayhost FROM domain WHERE CONCAT('@', domain) = '%s');
|
||||
query = SELECT CONCAT_WS(':', username, password) AS auth_data FROM relayhosts
|
||||
WHERE id IN (
|
||||
SELECT relayhost FROM domain
|
||||
WHERE CONCAT('@', domain) = '%s'
|
||||
);
|
||||
EOF
|
||||
|
||||
cat <<EOF > /opt/postfix/conf/sql/mysql_virtual_alias_domain_catchall_maps.cf
|
||||
@ -51,7 +91,10 @@ user = ${DBUSER}
|
||||
password = ${DBPASS}
|
||||
hosts = mysql
|
||||
dbname = ${DBNAME}
|
||||
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
|
||||
query = SELECT goto FROM alias, alias_domain
|
||||
WHERE alias_domain.alias_domain = '%d'
|
||||
AND alias.address = CONCAT('@', alias_domain.target_domain)
|
||||
AND alias.active = 1 AND alias_domain.active='1'
|
||||
EOF
|
||||
|
||||
cat <<EOF > /opt/postfix/conf/sql/mysql_virtual_alias_domain_maps.cf
|
||||
@ -59,7 +102,11 @@ user = ${DBUSER}
|
||||
password = ${DBPASS}
|
||||
hosts = mysql
|
||||
dbname = ${DBNAME}
|
||||
query = SELECT username FROM mailbox,alias_domain WHERE alias_domain.alias_domain = '%d' and mailbox.username = CONCAT('%u', '@', alias_domain.target_domain) AND mailbox.active = 1 AND alias_domain.active='1'
|
||||
query = SELECT username FROM mailbox, alias_domain
|
||||
WHERE alias_domain.alias_domain = '%d'
|
||||
AND mailbox.username = CONCAT('%u', '@', alias_domain.target_domain)
|
||||
AND mailbox.active = '1'
|
||||
AND alias_domain.active='1'
|
||||
EOF
|
||||
|
||||
cat <<EOF > /opt/postfix/conf/sql/mysql_virtual_alias_maps.cf
|
||||
@ -67,7 +114,9 @@ user = ${DBUSER}
|
||||
password = ${DBPASS}
|
||||
hosts = mysql
|
||||
dbname = ${DBNAME}
|
||||
query = SELECT goto FROM alias WHERE address='%s' AND active='1';
|
||||
query = SELECT goto FROM alias
|
||||
WHERE address='%s'
|
||||
AND active='1';
|
||||
EOF
|
||||
|
||||
cat <<EOF > /opt/postfix/conf/sql/mysql_virtual_domains_maps.cf
|
||||
@ -75,7 +124,12 @@ user = ${DBUSER}
|
||||
password = ${DBPASS}
|
||||
hosts = mysql
|
||||
dbname = ${DBNAME}
|
||||
query = SELECT alias_domain from alias_domain WHERE alias_domain='%s' AND active='1' UNION SELECT domain FROM domain WHERE domain='%s' AND active = '1' AND backupmx = '0'
|
||||
query = SELECT alias_domain from alias_domain WHERE alias_domain='%s' AND active='1'
|
||||
UNION
|
||||
SELECT domain FROM domain
|
||||
WHERE domain='%s'
|
||||
AND active = '1'
|
||||
AND backupmx = '0'
|
||||
EOF
|
||||
|
||||
cat <<EOF > /opt/postfix/conf/sql/mysql_virtual_mailbox_maps.cf
|
||||
@ -99,7 +153,39 @@ user = ${DBUSER}
|
||||
password = ${DBPASS}
|
||||
hosts = mysql
|
||||
dbname = ${DBNAME}
|
||||
query = SELECT goto FROM alias WHERE address='%s' AND active='1' AND (domain IN (SELECT domain FROM domain WHERE domain='%d' AND active='1') OR domain in (SELECT target_domain FROM alias_domain WHERE alias_domain='%d' AND active='1')) UNION SELECT logged_in_as FROM sender_acl WHERE send_as='@%d' OR send_as='%s' OR send_as IN ( SELECT CONCAT ('@',target_domain) FROM alias_domain WHERE alias_domain = '%d') OR send_as IN ( SELECT CONCAT ('%u','@',target_domain) FROM alias_domain WHERE alias_domain = '%d' ) AND logged_in_as NOT IN (SELECT goto FROM alias WHERE address='%s') UNION SELECT username FROM mailbox,alias_domain WHERE alias_domain.alias_domain = '%d' AND mailbox.username = CONCAT('%u','@',alias_domain.target_domain) AND mailbox.active ='1' AND alias_domain.active='1'
|
||||
# First select queries domain and alias_domain to determine if domains are active.
|
||||
query = SELECT goto FROM alias
|
||||
WHERE address='%s'
|
||||
AND active='1'
|
||||
AND (domain IN
|
||||
(SELECT domain FROM domain
|
||||
WHERE domain='%d'
|
||||
AND active='1')
|
||||
OR domain in (
|
||||
SELECT alias_domain FROM alias_domain
|
||||
WHERE alias_domain='%d'
|
||||
AND active='1'
|
||||
)
|
||||
)
|
||||
UNION
|
||||
SELECT logged_in_as FROM sender_acl
|
||||
WHERE send_as='@%d'
|
||||
OR send_as='%s'
|
||||
OR send_as IN (
|
||||
SELECT CONCAT('@',target_domain) FROM alias_domain
|
||||
WHERE alias_domain = '%d')
|
||||
OR send_as IN (
|
||||
SELECT CONCAT('%u','@',target_domain) FROM alias_domain
|
||||
WHERE alias_domain = '%d')
|
||||
AND logged_in_as NOT IN (
|
||||
SELECT goto FROM alias
|
||||
WHERE address='%s')
|
||||
UNION
|
||||
SELECT username FROM mailbox, alias_domain
|
||||
WHERE alias_domain.alias_domain = '%d'
|
||||
AND mailbox.username = CONCAT('%u','@',alias_domain.target_domain)
|
||||
AND mailbox.active ='1'
|
||||
AND alias_domain.active='1'
|
||||
EOF
|
||||
|
||||
cat <<EOF > /opt/postfix/conf/sql/mysql_virtual_spamalias_maps.cf
|
||||
@ -107,7 +193,9 @@ user = ${DBUSER}
|
||||
password = ${DBPASS}
|
||||
hosts = mysql
|
||||
dbname = ${DBNAME}
|
||||
query = SELECT goto FROM spamalias WHERE address='%s' AND validity >= UNIX_TIMESTAMP()
|
||||
query = SELECT goto FROM spamalias
|
||||
WHERE address='%s'
|
||||
AND validity >= UNIX_TIMESTAMP()
|
||||
EOF
|
||||
|
||||
# Reset GPG key permissions
|
||||
|
@ -1,5 +1,6 @@
|
||||
[supervisord]
|
||||
nodaemon=true
|
||||
user=root
|
||||
|
||||
[program:syslog-ng]
|
||||
command=/usr/sbin/syslog-ng --foreground --no-caps
|
||||
@ -12,14 +13,3 @@ autostart=true
|
||||
[program:postfix]
|
||||
command=/opt/postfix.sh
|
||||
autorestart=true
|
||||
|
||||
[unix_http_server]
|
||||
file=/var/tmp/supervisord.sock
|
||||
chmod=0770
|
||||
chown=nobody:nogroup
|
||||
|
||||
[supervisorctl]
|
||||
serverurl=unix:///var/tmp/supervisord.sock
|
||||
|
||||
[rpcinterface:supervisor]
|
||||
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
|
||||
|
@ -39,8 +39,10 @@ destination d_redis_cleanup {
|
||||
);
|
||||
};
|
||||
filter f_mail { facility(mail); };
|
||||
filter f_skip_local { not facility (local0, local1, local2, local3, local4, local5, local6, local7); };
|
||||
log {
|
||||
source(s_src);
|
||||
filter(f_skip_local);
|
||||
destination(d_stdout);
|
||||
filter(f_mail);
|
||||
destination(d_redis_ui_log);
|
||||
|
@ -22,7 +22,8 @@ COPY settings.conf /etc/rspamd/modules.d/settings.conf
|
||||
#COPY ratelimit.lua /usr/share/rspamd/lua/ratelimit.lua
|
||||
#COPY lua_util.lua /usr/share/rspamd/lib/lua_util.lua
|
||||
COPY docker-entrypoint.sh /docker-entrypoint.sh
|
||||
COPY tini /sbin/tini
|
||||
|
||||
ENTRYPOINT ["/docker-entrypoint.sh"]
|
||||
|
||||
CMD /usr/bin/rspamd -f -u _rspamd -g _rspamd
|
||||
CMD ["/usr/bin/rspamd", "-f", "-u", "_rspamd", "-g", "_rspamd"]
|
||||
|
@ -2,4 +2,4 @@
|
||||
|
||||
chown -R _rspamd:_rspamd /var/lib/rspamd
|
||||
|
||||
exec "$@"
|
||||
exec /sbin/tini -- "$@"
|
||||
|
BIN
data/Dockerfiles/rspamd/tini
Executable file
BIN
data/Dockerfiles/rspamd/tini
Executable file
Binary file not shown.
@ -28,8 +28,8 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
|
||||
RUN mkdir /usr/share/doc/sogo \
|
||||
&& touch /usr/share/doc/sogo/empty.sh \
|
||||
&& apt-key adv --keyserver sks.labs.nic.cz --recv-key A04BE668 \
|
||||
&& echo "deb http://www.axis.cz/linux/debian stretch sogo-v3" > /etc/apt/sources.list.d/sogo.list \
|
||||
&& apt-key adv --keyserver keys.gnupg.net --recv-key 0x810273C4 \
|
||||
&& echo "deb http://packages.inverse.ca/SOGo/nightly/3/debian/ stretch stretch" > /etc/apt/sources.list.d/sogo.list \
|
||||
&& apt-get update && apt-get install -y --force-yes \
|
||||
sogo \
|
||||
sogo-activesync \
|
||||
|
@ -1,5 +1,6 @@
|
||||
[supervisord]
|
||||
nodaemon=true
|
||||
user=root
|
||||
|
||||
[program:syslog-ng]
|
||||
command=/usr/sbin/syslog-ng --foreground --no-caps
|
||||
@ -32,12 +33,3 @@ priority=3
|
||||
startretries=10
|
||||
autorestart=true
|
||||
stopwaitsecs=120
|
||||
|
||||
[inet_http_server]
|
||||
port=9191
|
||||
|
||||
[rpcinterface:supervisor]
|
||||
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
|
||||
|
||||
[supervisorctl]
|
||||
serverurl=http://localhost:9191
|
||||
|
33
data/Dockerfiles/watchdog/Dockerfile
Normal file
33
data/Dockerfiles/watchdog/Dockerfile
Normal file
@ -0,0 +1,33 @@
|
||||
FROM alpine:3.6
|
||||
LABEL maintainer "André Peters <andre.peters@servercow.de>"
|
||||
|
||||
# Installation
|
||||
RUN apk add --update \
|
||||
&& apk add --no-cache nagios-plugins-smtp \
|
||||
nagios-plugins-tcp \
|
||||
nagios-plugins-http \
|
||||
nagios-plugins-ping \
|
||||
curl \
|
||||
bash \
|
||||
jq \
|
||||
fcgi \
|
||||
nagios-plugins-mysql \
|
||||
nagios-plugins-dns \
|
||||
nagios-plugins-disk \
|
||||
bind-tools \
|
||||
redis \
|
||||
perl \
|
||||
perl-io-socket-ssl \
|
||||
perl-socket \
|
||||
perl-socket6 \
|
||||
perl-mime-lite \
|
||||
perl-term-readkey \
|
||||
tini \
|
||||
&& curl https://raw.githubusercontent.com/mludvig/smtp-cli/v3.8/smtp-cli -o /smtp-cli \
|
||||
&& chmod +x smtp-cli
|
||||
|
||||
COPY watchdog.sh /watchdog.sh
|
||||
|
||||
ENTRYPOINT ["/sbin/tini", "-g", "--"]
|
||||
# Less verbose
|
||||
CMD /watchdog.sh 2> /dev/null
|
BIN
data/Dockerfiles/watchdog/tini
Executable file
BIN
data/Dockerfiles/watchdog/tini
Executable file
Binary file not shown.
381
data/Dockerfiles/watchdog/watchdog.sh
Executable file
381
data/Dockerfiles/watchdog/watchdog.sh
Executable file
@ -0,0 +1,381 @@
|
||||
#!/bin/bash
|
||||
|
||||
trap "exit" INT TERM
|
||||
trap "kill 0" EXIT
|
||||
|
||||
# Prepare
|
||||
BACKGROUND_TASKS=()
|
||||
|
||||
if [[ "${USE_WATCHDOG}" =~ ^([nN][oO]|[nN])+$ ]]; then
|
||||
echo -e "$(date) - USE_WATCHDOG=n, skipping watchdog..."
|
||||
sleep 365d
|
||||
exec $(readlink -f "$0")
|
||||
fi
|
||||
|
||||
# Checks pipe their corresponding container name in this pipe
|
||||
if [[ ! -p /tmp/com_pipe ]]; then
|
||||
mkfifo /tmp/com_pipe
|
||||
fi
|
||||
|
||||
# Common functions
|
||||
progress() {
|
||||
SERVICE=${1}
|
||||
TOTAL=${2}
|
||||
CURRENT=${3}
|
||||
DIFF=${4}
|
||||
[[ -z ${DIFF} ]] && DIFF=0
|
||||
[[ -z ${TOTAL} || -z ${CURRENT} ]] && return
|
||||
[[ ${CURRENT} -gt ${TOTAL} ]] && return
|
||||
[[ ${CURRENT} -lt 0 ]] && CURRENT=0
|
||||
PERCENT=$(( 200 * ${CURRENT} / ${TOTAL} % 2 + 100 * ${CURRENT} / ${TOTAL} ))
|
||||
echo -ne "$(date) - ${SERVICE} health level: \e[7m${PERCENT}%\e[0m (${CURRENT}/${TOTAL}), health trend: "
|
||||
[[ ${DIFF} =~ ^-[1-9] ]] && echo -en '[\e[41m \e[0m] ' || echo -en '[\e[42m \e[0m] '
|
||||
echo "(${DIFF})"
|
||||
}
|
||||
|
||||
log_to_redis() {
|
||||
redis-cli -h redis LPUSH WATCHDOG_LOG "{\"time\":\"$(date +%s)\",\"message\":\"$(printf '%s' "${1}")\"}"
|
||||
}
|
||||
|
||||
function mail_error() {
|
||||
[[ -z ${1} ]] && return 1
|
||||
[[ -z ${2} ]] && return 2
|
||||
RCPT_DOMAIN=$(echo ${1} | awk -F @ {'print $NF'})
|
||||
RCPT_MX=$(dig +short ${RCPT_DOMAIN} mx | sort -n | awk '{print $2; exit}')
|
||||
if [[ -z ${RCPT_MX} ]]; then
|
||||
log_to_redis "Cannot determine MX for ${1}, skipping email notification..."
|
||||
echo "Cannot determine MX for ${1}"
|
||||
return 1
|
||||
fi
|
||||
./smtp-cli --missing-modules-ok \
|
||||
--subject="Watchdog: ${2} service hit the error rate limit" \
|
||||
--body-plain="Service was restarted, please check your mailcow installation." \
|
||||
--to=${1} \
|
||||
--from="watchdog@${MAILCOW_HOSTNAME}" \
|
||||
--server="${RCPT_MX}" \
|
||||
--hello-host=${MAILCOW_HOSTNAME}
|
||||
}
|
||||
|
||||
|
||||
get_container_ip() {
|
||||
# ${1} is container
|
||||
CONTAINER_ID=
|
||||
CONTAINER_IP=
|
||||
LOOP_C=1
|
||||
until [[ ${CONTAINER_IP} =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]] || [[ ${LOOP_C} -gt 5 ]]; do
|
||||
sleep 1
|
||||
CONTAINER_ID=$(curl --silent http://dockerapi:8080/containers/json | jq -r ".[] | {name: .Config.Labels[\"com.docker.compose.service\"], id: .Id}" | jq -rc "select( .name | tostring | contains(\"${1}\")) | .id")
|
||||
if [[ ! -z ${CONTAINER_ID} ]]; then
|
||||
CONTAINER_IP=$(curl --silent http://dockerapi:8080/containers/${CONTAINER_ID}/json | jq -r '.NetworkSettings.Networks[].IPAddress')
|
||||
fi
|
||||
LOOP_C=$((LOOP_C + 1))
|
||||
done
|
||||
[[ ${LOOP_C} -gt 5 ]] && echo 240.0.0.0 || echo ${CONTAINER_IP}
|
||||
}
|
||||
|
||||
# Check functions
|
||||
nginx_checks() {
|
||||
err_count=0
|
||||
diff_c=0
|
||||
THRESHOLD=16
|
||||
# Reduce error count by 2 after restarting an unhealthy container
|
||||
trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
|
||||
while [ ${err_count} -lt ${THRESHOLD} ]; do
|
||||
host_ip=$(get_container_ip nginx-mailcow)
|
||||
err_c_cur=${err_count}
|
||||
/usr/lib/nagios/plugins/check_ping -4 -H ${host_ip} -w 2000,10% -c 4000,100% -p2 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
/usr/lib/nagios/plugins/check_http -4 -H ${host_ip} -u / -p 8081 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
|
||||
[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
|
||||
progress "Nginx" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
|
||||
diff_c=0
|
||||
sleep $(( ( RANDOM % 30 ) + 10 ))
|
||||
done
|
||||
return 1
|
||||
}
|
||||
|
||||
mysql_checks() {
|
||||
err_count=0
|
||||
diff_c=0
|
||||
THRESHOLD=12
|
||||
# Reduce error count by 2 after restarting an unhealthy container
|
||||
trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
|
||||
while [ ${err_count} -lt ${THRESHOLD} ]; do
|
||||
host_ip=$(get_container_ip mysql-mailcow)
|
||||
err_c_cur=${err_count}
|
||||
/usr/lib/nagios/plugins/check_mysql -H ${host_ip} -P 3306 -u ${DBUSER} -p ${DBPASS} -d ${DBNAME} 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
/usr/lib/nagios/plugins/check_mysql_query -H ${host_ip} -P 3306 -u ${DBUSER} -p ${DBPASS} -d ${DBNAME} -q "SELECT COUNT(*) FROM information_schema.tables" 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
|
||||
[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
|
||||
progress "MySQL/MariaDB" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
|
||||
diff_c=0
|
||||
sleep $(( ( RANDOM % 30 ) + 10 ))
|
||||
done
|
||||
return 1
|
||||
}
|
||||
|
||||
sogo_checks() {
|
||||
err_count=0
|
||||
diff_c=0
|
||||
THRESHOLD=20
|
||||
# Reduce error count by 2 after restarting an unhealthy container
|
||||
trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
|
||||
while [ ${err_count} -lt ${THRESHOLD} ]; do
|
||||
host_ip=$(get_container_ip sogo-mailcow)
|
||||
err_c_cur=${err_count}
|
||||
/usr/lib/nagios/plugins/check_http -4 -H ${host_ip} -u /WebServerResources/css/theme-default.css -p 9192 -R md-default-theme 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
/usr/lib/nagios/plugins/check_http -4 -H ${host_ip} -u /SOGo.index/ -p 20000 -R "SOGo\sGroupware" 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
|
||||
[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
|
||||
progress "SOGo" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
|
||||
diff_c=0
|
||||
sleep $(( ( RANDOM % 30 ) + 10 ))
|
||||
done
|
||||
return 1
|
||||
}
|
||||
|
||||
postfix_checks() {
|
||||
err_count=0
|
||||
diff_c=0
|
||||
THRESHOLD=16
|
||||
# Reduce error count by 2 after restarting an unhealthy container
|
||||
trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
|
||||
while [ ${err_count} -lt ${THRESHOLD} ]; do
|
||||
host_ip=$(get_container_ip postfix-mailcow)
|
||||
err_c_cur=${err_count}
|
||||
/usr/lib/nagios/plugins/check_smtp -4 -H ${host_ip} -p 589 -f watchdog -C "RCPT TO:null@localhost" -C DATA -C . -R 250 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
/usr/lib/nagios/plugins/check_smtp -4 -H ${host_ip} -p 589 -S 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
|
||||
[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
|
||||
progress "Postfix" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
|
||||
diff_c=0
|
||||
sleep $(( ( RANDOM % 30 ) + 10 ))
|
||||
done
|
||||
return 1
|
||||
}
|
||||
|
||||
dovecot_checks() {
|
||||
err_count=0
|
||||
diff_c=0
|
||||
THRESHOLD=24
|
||||
# Reduce error count by 2 after restarting an unhealthy container
|
||||
trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
|
||||
while [ ${err_count} -lt ${THRESHOLD} ]; do
|
||||
host_ip=$(get_container_ip dovecot-mailcow)
|
||||
err_c_cur=${err_count}
|
||||
/usr/lib/nagios/plugins/check_smtp -4 -H ${host_ip} -p 24 -f "watchdog" -C "RCPT TO:<watchdog@invalid>" -L -R "User doesn't exist" 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
/usr/lib/nagios/plugins/check_imap -4 -H ${host_ip} -p 993 -S -e "OK " 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
/usr/lib/nagios/plugins/check_imap -4 -H ${host_ip} -p 143 -e "OK " 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
/usr/lib/nagios/plugins/check_tcp -4 -H ${host_ip} -p 10001 -e "VERSION" 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
/usr/lib/nagios/plugins/check_tcp -4 -H ${host_ip} -p 4190 -e "Dovecot ready" 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
|
||||
[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
|
||||
progress "Dovecot" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
|
||||
diff_c=0
|
||||
sleep $(( ( RANDOM % 30 ) + 10 ))
|
||||
done
|
||||
return 1
|
||||
}
|
||||
|
||||
phpfpm_checks() {
|
||||
err_count=0
|
||||
diff_c=0
|
||||
THRESHOLD=10
|
||||
# Reduce error count by 2 after restarting an unhealthy container
|
||||
trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
|
||||
while [ ${err_count} -lt ${THRESHOLD} ]; do
|
||||
host_ip=$(get_container_ip php-fpm-mailcow)
|
||||
err_c_cur=${err_count}
|
||||
cgi-fcgi -bind -connect ${host_ip}:9000 | grep "Content-type" 1>&2; err_count=$(( ${err_count} + ($? * 2)))
|
||||
/usr/lib/nagios/plugins/check_ping -4 -H ${host_ip} -w 2000,10% -c 4000,100% -p2 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
|
||||
[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
|
||||
progress "PHP-FPM" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
|
||||
diff_c=0
|
||||
sleep $(( ( RANDOM % 30 ) + 10 ))
|
||||
done
|
||||
return 1
|
||||
}
|
||||
|
||||
rspamd_checks() {
|
||||
err_count=0
|
||||
diff_c=0
|
||||
THRESHOLD=10
|
||||
# Reduce error count by 2 after restarting an unhealthy container
|
||||
trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
|
||||
while [ ${err_count} -lt ${THRESHOLD} ]; do
|
||||
host_ip=$(get_container_ip rspamd-mailcow)
|
||||
err_c_cur=${err_count}
|
||||
SCORE=$(curl --silent ${host_ip}:11333/scan -d '
|
||||
To: null@localhost
|
||||
From: watchdog@localhost
|
||||
|
||||
Empty
|
||||
' | jq -rc .required_score)
|
||||
if [[ ${SCORE} != "9999" ]]; then
|
||||
echo "Rspamd settings check failed" 1>&2
|
||||
err_count=$(( ${err_count} + 1))
|
||||
else
|
||||
echo "Rspamd settings check succeeded" 1>&2
|
||||
fi
|
||||
/usr/lib/nagios/plugins/check_ping -4 -H ${host_ip} -w 2000,10% -c 4000,100% -p2 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
|
||||
[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
|
||||
progress "Rspamd" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
|
||||
diff_c=0
|
||||
sleep $(( ( RANDOM % 30 ) + 10 ))
|
||||
done
|
||||
return 1
|
||||
}
|
||||
|
||||
dns_checks() {
|
||||
err_count=0
|
||||
diff_c=0
|
||||
THRESHOLD=28
|
||||
# Reduce error count by 2 after restarting an unhealthy container
|
||||
trap "[ ${err_count} -gt 1 ] && err_count=$(( ${err_count} - 2 ))" USR1
|
||||
while [ ${err_count} -lt ${THRESHOLD} ]; do
|
||||
host_ip=$(get_container_ip unbound-mailcow)
|
||||
err_c_cur=${err_count}
|
||||
/usr/lib/nagios/plugins/check_dns -H google.com 1>&2; err_count=$(( ${err_count} + ($? * 2)))
|
||||
/usr/lib/nagios/plugins/check_dns -s ${host_ip} -H google.com 1>&2; err_count=$(( ${err_count} + ($? * 2)))
|
||||
dig +dnssec org. @${host_ip} | grep -E 'flags:.+ad' 1>&2; err_count=$(( ${err_count} + ($? * 2)))
|
||||
[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
|
||||
[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
|
||||
progress "Unbound" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
|
||||
diff_c=0
|
||||
sleep $(( ( RANDOM % 30 ) + 10 ))
|
||||
done
|
||||
return 1
|
||||
}
|
||||
|
||||
# Create watchdog agents
|
||||
(
|
||||
while true; do
|
||||
if ! nginx_checks; then
|
||||
log_to_redis "Nginx hit error limit"
|
||||
[[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${WATCHDOG_NOTIFY_EMAIL}" "nginx-mailcow"
|
||||
echo -e "\e[31m$(date) - Nginx hit error limit\e[0m"
|
||||
echo nginx-mailcow > /tmp/com_pipe
|
||||
fi
|
||||
done
|
||||
) &
|
||||
BACKGROUND_TASKS+=($!)
|
||||
|
||||
(
|
||||
while true; do
|
||||
if ! mysql_checks; then
|
||||
log_to_redis "MySQL hit error limit"
|
||||
[[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${WATCHDOG_NOTIFY_EMAIL}" "mysql-mailcow"
|
||||
echo -e "\e[31m$(date) - MySQL hit error limit\e[0m"
|
||||
echo mysql-mailcow > /tmp/com_pipe
|
||||
fi
|
||||
done
|
||||
) &
|
||||
BACKGROUND_TASKS+=($!)
|
||||
|
||||
(
|
||||
while true; do
|
||||
if ! phpfpm_checks; then
|
||||
log_to_redis "PHP-FPM hit error limit"
|
||||
[[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${WATCHDOG_NOTIFY_EMAIL}" "php-fpm-mailcow"
|
||||
echo -e "\e[31m$(date) - PHP-FPM hit error limit\e[0m"
|
||||
echo php-fpm-mailcow > /tmp/com_pipe
|
||||
fi
|
||||
done
|
||||
) &
|
||||
BACKGROUND_TASKS+=($!)
|
||||
|
||||
(
|
||||
while true; do
|
||||
if ! sogo_checks; then
|
||||
log_to_redis "SOGo hit error limit"
|
||||
[[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${WATCHDOG_NOTIFY_EMAIL}" "sogo-mailcow"
|
||||
echo -e "\e[31m$(date) - SOGo hit error limit\e[0m"
|
||||
echo sogo-mailcow > /tmp/com_pipe
|
||||
fi
|
||||
done
|
||||
) &
|
||||
BACKGROUND_TASKS+=($!)
|
||||
|
||||
(
|
||||
while true; do
|
||||
if ! postfix_checks; then
|
||||
log_to_redis "Postfix hit error limit"
|
||||
[[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${WATCHDOG_NOTIFY_EMAIL}" "postfix-mailcow"
|
||||
echo -e "\e[31m$(date) - Postfix hit error limit\e[0m"
|
||||
echo postfix-mailcow > /tmp/com_pipe
|
||||
fi
|
||||
done
|
||||
) &
|
||||
BACKGROUND_TASKS+=($!)
|
||||
|
||||
(
|
||||
while true; do
|
||||
if ! dovecot_checks; then
|
||||
log_to_redis "Dovecot hit error limit"
|
||||
[[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${WATCHDOG_NOTIFY_EMAIL}" "dovecot-mailcow"
|
||||
echo -e "\e[31m$(date) - Dovecot hit error limit\e[0m"
|
||||
echo dovecot-mailcow > /tmp/com_pipe
|
||||
fi
|
||||
done
|
||||
) &
|
||||
BACKGROUND_TASKS+=($!)
|
||||
|
||||
(
|
||||
while true; do
|
||||
if ! dns_checks; then
|
||||
log_to_redis "Unbound hit error limit"
|
||||
[[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${WATCHDOG_NOTIFY_EMAIL}" "unbound-mailcow"
|
||||
echo -e "\e[31m$(date) - Unbound hit error limit\e[0m"
|
||||
#echo unbound-mailcow > /tmp/com_pipe
|
||||
fi
|
||||
done
|
||||
) &
|
||||
BACKGROUND_TASKS+=($!)
|
||||
|
||||
(
|
||||
while true; do
|
||||
if ! rspamd_checks; then
|
||||
log_to_redis "Rspamd hit error limit"
|
||||
[[ ! -z ${WATCHDOG_NOTIFY_EMAIL} ]] && mail_error "${WATCHDOG_NOTIFY_EMAIL}" "rspamd-mailcow"
|
||||
echo -e "\e[31m$(date) - Rspamd hit error limit\e[0m"
|
||||
echo rspamd-mailcow > /tmp/com_pipe
|
||||
fi
|
||||
done
|
||||
) &
|
||||
BACKGROUND_TASKS+=($!)
|
||||
|
||||
# Monitor watchdog agents, stop script when agents fails and wait for respawn by Docker (restart:always:n)
|
||||
(
|
||||
while true; do
|
||||
for bg_task in ${BACKGROUND_TASKS[*]}; do
|
||||
if ! kill -0 ${bg_task} 1>&2; then
|
||||
echo "Worker ${bg_task} died, stopping watchdog and waiting for respawn..."
|
||||
log_to_redis "Worker ${bg_task} died, stopping watchdog and waiting for respawn..."
|
||||
kill -TERM 1
|
||||
fi
|
||||
sleep 10
|
||||
done
|
||||
done
|
||||
) &
|
||||
|
||||
# Restart container when threshold limit reached
|
||||
while true; do
|
||||
CONTAINER_ID=
|
||||
read com_pipe_answer </tmp/com_pipe
|
||||
if [[ ${com_pipe_answer} =~ .+-mailcow ]]; then
|
||||
kill -STOP ${BACKGROUND_TASKS[*]}
|
||||
sleep 3
|
||||
CONTAINER_ID=$(curl --silent http://dockerapi:8080/containers/json | jq -r ".[] | {name: .Config.Labels[\"com.docker.compose.service\"], id: .Id}" | jq -rc "select( .name | tostring | contains(\"${com_pipe_answer}\")) | .id")
|
||||
if [[ ! -z ${CONTAINER_ID} ]]; then
|
||||
log_to_redis "Sending restart command to ${CONTAINER_ID}..."
|
||||
echo "Sending restart command to ${CONTAINER_ID}..."
|
||||
curl --silent -XPOST http://dockerapi:8080/containers/${CONTAINER_ID}/restart
|
||||
fi
|
||||
echo "Wait for restarted container to settle and continue watching..."
|
||||
sleep 30s
|
||||
kill -CONT ${BACKGROUND_TASKS[*]}
|
||||
kill -USR1 ${BACKGROUND_TASKS[*]}
|
||||
fi
|
||||
done
|
186
data/assets/nextcloud/nextcloud.conf
Normal file
186
data/assets/nextcloud/nextcloud.conf
Normal file
@ -0,0 +1,186 @@
|
||||
map $http_x_forwarded_proto $client_req_scheme_nc {
|
||||
default $scheme;
|
||||
https https;
|
||||
}
|
||||
|
||||
server {
|
||||
include /etc/nginx/conf.d/listen_ssl.active;
|
||||
include /etc/nginx/mime.types;
|
||||
charset utf-8;
|
||||
override_charset on;
|
||||
|
||||
ssl on;
|
||||
ssl_certificate /etc/ssl/mail/cert.pem;
|
||||
ssl_certificate_key /etc/ssl/mail/key.pem;
|
||||
ssl_protocols TLSv1.2;
|
||||
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_session_cache shared:SSL:50m;
|
||||
ssl_session_timeout 1d;
|
||||
ssl_session_tickets off;
|
||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Robots-Tag none;
|
||||
add_header X-Download-Options noopen;
|
||||
add_header X-Permitted-Cross-Domain-Policies none;
|
||||
|
||||
server_name NC_SERVER_SUB;
|
||||
|
||||
root /web/nextcloud/;
|
||||
|
||||
location = /robots.txt {
|
||||
allow all;
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
location = /.well-known/carddav {
|
||||
return 301 $client_req_scheme_nc://$host/remote.php/dav;
|
||||
}
|
||||
location = /.well-known/caldav {
|
||||
return 301 $client_req_scheme_nc://$host/remote.php/dav;
|
||||
}
|
||||
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 4;
|
||||
gzip_min_length 256;
|
||||
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
|
||||
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
|
||||
|
||||
set_real_ip_from 172.22.1.1;
|
||||
real_ip_header X-Forwarded-For;
|
||||
real_ip_recursive on;
|
||||
|
||||
location / {
|
||||
rewrite ^ /index.php$uri;
|
||||
}
|
||||
|
||||
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
|
||||
fastcgi_split_path_info ^(.+\.php)(/.*)$;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
#Avoid sending the security headers twice
|
||||
fastcgi_param modHeadersAvailable true;
|
||||
fastcgi_param front_controller_active true;
|
||||
fastcgi_pass phpfpm:9000;
|
||||
fastcgi_intercept_errors on;
|
||||
fastcgi_request_buffering off;
|
||||
}
|
||||
|
||||
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
|
||||
try_files $uri/ =404;
|
||||
index index.php;
|
||||
}
|
||||
|
||||
location ~ \.(?:css|js|woff|svg|gif)$ {
|
||||
try_files $uri /index.php$uri$is_args$args;
|
||||
add_header Cache-Control "public, max-age=15778463";
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Robots-Tag none;
|
||||
add_header X-Download-Options noopen;
|
||||
add_header X-Permitted-Cross-Domain-Policies none;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
|
||||
try_files $uri /index.php$uri$is_args$args;
|
||||
access_log off;
|
||||
}
|
||||
}
|
||||
server {
|
||||
include /etc/nginx/conf.d/listen_ssl.active;
|
||||
include /etc/nginx/mime.types;
|
||||
charset utf-8;
|
||||
override_charset on;
|
||||
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Robots-Tag none;
|
||||
add_header X-Download-Options noopen;
|
||||
add_header X-Permitted-Cross-Domain-Policies none;
|
||||
|
||||
server_name NC_SERVER_SUB;
|
||||
|
||||
root /web/nextcloud/;
|
||||
|
||||
location = /robots.txt {
|
||||
allow all;
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
location = /.well-known/carddav {
|
||||
return 301 $client_req_scheme_nc://$host/remote.php/dav;
|
||||
}
|
||||
location = /.well-known/caldav {
|
||||
return 301 $client_req_scheme_nc://$host/remote.php/dav;
|
||||
}
|
||||
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 4;
|
||||
gzip_min_length 256;
|
||||
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
|
||||
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
|
||||
|
||||
set_real_ip_from 172.22.1.1;
|
||||
real_ip_header X-Forwarded-For;
|
||||
real_ip_recursive on;
|
||||
|
||||
location / {
|
||||
rewrite ^ /index.php$uri;
|
||||
}
|
||||
|
||||
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
|
||||
fastcgi_split_path_info ^(.+\.php)(/.*)$;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
fastcgi_param modHeadersAvailable true;
|
||||
fastcgi_param front_controller_active true;
|
||||
fastcgi_pass phpfpm:9000;
|
||||
fastcgi_intercept_errors on;
|
||||
fastcgi_request_buffering off;
|
||||
}
|
||||
|
||||
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
|
||||
try_files $uri/ =404;
|
||||
index index.php;
|
||||
}
|
||||
|
||||
location ~ \.(?:css|js|woff|svg|gif)$ {
|
||||
try_files $uri /index.php$uri$is_args$args;
|
||||
add_header Cache-Control "public, max-age=15778463";
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Robots-Tag none;
|
||||
add_header X-Download-Options noopen;
|
||||
add_header X-Permitted-Cross-Domain-Policies none;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
|
||||
try_files $uri /index.php$uri$is_args$args;
|
||||
access_log off;
|
||||
}
|
||||
}
|
2
data/assets/nextcloud/occ
Executable file
2
data/assets/nextcloud/occ
Executable file
@ -0,0 +1,2 @@
|
||||
#!/bin/bash
|
||||
docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) /web/nextcloud/occ ${@}
|
41
data/assets/nextcloud/site.nextcloud.custom
Normal file
41
data/assets/nextcloud/site.nextcloud.custom
Normal file
@ -0,0 +1,41 @@
|
||||
location ^~ /nextcloud {
|
||||
location /nextcloud {
|
||||
rewrite ^ /nextcloud/index.php$uri;
|
||||
}
|
||||
location ~ ^/nextcloud/(?:build|tests|config|lib|3rdparty|templates|data)/ {
|
||||
deny all;
|
||||
}
|
||||
location ~ ^/nextcloud/(?:\.|autotest|occ|issue|indie|db_|console) {
|
||||
deny all;
|
||||
}
|
||||
location ~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
|
||||
fastcgi_split_path_info ^(.+\.php)(/.*)$;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
fastcgi_param HTTPS on;
|
||||
fastcgi_param modHeadersAvailable true;
|
||||
fastcgi_param front_controller_active true;
|
||||
fastcgi_pass phpfpm:9000;
|
||||
fastcgi_intercept_errors on;
|
||||
fastcgi_request_buffering off;
|
||||
}
|
||||
location ~ ^/nextcloud/(?:updater|ocs-provider)(?:$|/) {
|
||||
try_files $uri/ =404;
|
||||
index index.php;
|
||||
}
|
||||
location ~ \.(?:css|js|woff|svg|gif)$ {
|
||||
try_files $uri /nextcloud/index.php$uri$is_args$args;
|
||||
add_header Cache-Control "public, max-age=15778463";
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Robots-Tag none;
|
||||
add_header X-Download-Options noopen;
|
||||
add_header X-Permitted-Cross-Domain-Policies none;
|
||||
access_log off;
|
||||
}
|
||||
location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
|
||||
try_files $uri /nextcloud/index.php$uri$is_args$args;
|
||||
access_log off;
|
||||
}
|
||||
}
|
@ -1,9 +1,6 @@
|
||||
server_tokens off;
|
||||
|
||||
# includes to http {
|
||||
proxy_cache_path /tmp levels=1:2 keys_zone=sogo:10m inactive=24h max_size=1g;
|
||||
server_names_hash_bucket_size 64;
|
||||
# }
|
||||
|
||||
map $http_x_forwarded_proto $client_req_scheme {
|
||||
default $scheme;
|
||||
@ -11,7 +8,174 @@ map $http_x_forwarded_proto $client_req_scheme {
|
||||
}
|
||||
|
||||
server {
|
||||
include /etc/nginx/conf.d/listen_ssl.active;
|
||||
include /etc/nginx/mime.types;
|
||||
charset utf-8;
|
||||
override_charset on;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Robots-Tag none;
|
||||
add_header X-Download-Options noopen;
|
||||
add_header X-Permitted-Cross-Domain-Policies none;
|
||||
|
||||
index index.php index.html;
|
||||
|
||||
include /etc/nginx/conf.d/listen_plain.active;
|
||||
include /etc/nginx/conf.d/server_name.active;
|
||||
|
||||
error_log /var/log/nginx/error.log;
|
||||
access_log /var/log/nginx/access.log;
|
||||
absolute_redirect off;
|
||||
root /web;
|
||||
|
||||
location ~ ^/api/v1/(.*)$ {
|
||||
try_files $uri $uri/ /json_api.php?query=$1;
|
||||
}
|
||||
|
||||
location ^~ /.well-known/acme-challenge/ {
|
||||
allow all;
|
||||
default_type "text/plain";
|
||||
}
|
||||
|
||||
# If behind reverse proxy, forwards the correct IP
|
||||
set_real_ip_from 172.22.1.1;
|
||||
real_ip_header X-Forwarded-For;
|
||||
real_ip_recursive on;
|
||||
|
||||
rewrite ^/.well-known/caldav$ /SOGo/dav/ permanent;
|
||||
rewrite ^/.well-known/carddav$ /SOGo/dav/ permanent;
|
||||
|
||||
location ^~ /principals {
|
||||
return 301 /SOGo/dav;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
try_files $uri =404;
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass phpfpm:9000;
|
||||
fastcgi_index index.php;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
fastcgi_param PHP_VALUE "max_execution_time = 1200
|
||||
max_input_time = 1200
|
||||
memory_limit = 64M";
|
||||
fastcgi_read_timeout 1200;
|
||||
}
|
||||
|
||||
location /rspamd/ {
|
||||
proxy_pass http://172.22.1.253:11334/;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_redirect off;
|
||||
}
|
||||
|
||||
location ~* ^/Autodiscover/Autodiscover.xml {
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass phpfpm:9000;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
try_files /autodiscover.php =404;
|
||||
}
|
||||
|
||||
location ~* ^/Autodiscover/Autodiscover.json {
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass phpfpm:9000;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
try_files /autodiscover-json.php =404;
|
||||
}
|
||||
|
||||
location ~ /(?:m|M)ail/(?:c|C)onfig-v1.1.xml {
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass phpfpm:9000;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
try_files /autoconfig.php =404;
|
||||
}
|
||||
|
||||
location ^~ /Microsoft-Server-ActiveSync {
|
||||
proxy_pass http://172.22.1.252:20000/SOGo/Microsoft-Server-ActiveSync;
|
||||
proxy_connect_timeout 1000;
|
||||
proxy_next_upstream timeout error;
|
||||
proxy_send_timeout 1000;
|
||||
proxy_read_timeout 1000;
|
||||
proxy_buffer_size 8k;
|
||||
proxy_buffers 4 32k;
|
||||
proxy_temp_file_write_size 64k;
|
||||
proxy_busy_buffers_size 64k;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
|
||||
proxy_set_header x-webobjects-remote-host $remote_addr;
|
||||
proxy_set_header x-webobjects-server-name $server_name;
|
||||
proxy_set_header x-webobjects-server-url $client_req_scheme://$http_host;
|
||||
proxy_set_header x-webobjects-server-port $server_port;
|
||||
client_body_buffer_size 128k;
|
||||
client_max_body_size 0;
|
||||
}
|
||||
|
||||
location ^~ /SOGo {
|
||||
proxy_pass http://172.22.1.252:20000;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
|
||||
proxy_set_header x-webobjects-remote-host $remote_addr;
|
||||
proxy_set_header x-webobjects-server-name $server_name;
|
||||
proxy_set_header x-webobjects-server-url $client_req_scheme://$http_host;
|
||||
proxy_set_header x-webobjects-server-port $server_port;
|
||||
client_body_buffer_size 128k;
|
||||
client_max_body_size 0;
|
||||
break;
|
||||
}
|
||||
|
||||
location /SOGo.woa/WebServerResources/ {
|
||||
proxy_pass http://172.22.1.252:9192/WebServerResources/;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_cache sogo;
|
||||
proxy_cache_valid 200 1d;
|
||||
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
|
||||
#alias /usr/lib/GNUstep/SOGo/WebServerResources/;
|
||||
allow all;
|
||||
}
|
||||
|
||||
location /.woa/WebServerResources/ {
|
||||
proxy_pass http://172.22.1.252:9192/WebServerResources/;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_cache sogo;
|
||||
proxy_cache_valid 200 1d;
|
||||
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
|
||||
#alias /usr/lib/GNUstep/SOGo/WebServerResources/;
|
||||
allow all;
|
||||
}
|
||||
|
||||
location /SOGo/WebServerResources/ {
|
||||
proxy_pass http://172.22.1.252:9192/WebServerResources/;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_cache sogo;
|
||||
proxy_cache_valid 200 1d;
|
||||
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
|
||||
#alias /usr/lib/GNUstep/SOGo/WebServerResources/;
|
||||
allow all;
|
||||
}
|
||||
|
||||
location (^/SOGo/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$ {
|
||||
proxy_pass http://172.22.1.252:9192/$1.SOGo/Resources/$2;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_cache sogo;
|
||||
proxy_cache_valid 200 1d;
|
||||
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
|
||||
#alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
|
||||
}
|
||||
|
||||
include /etc/nginx/conf.d/site.*.custom;
|
||||
}
|
||||
|
||||
server {
|
||||
include /etc/nginx/mime.types;
|
||||
charset utf-8;
|
||||
override_charset on;
|
||||
@ -22,14 +186,22 @@ server {
|
||||
ssl_protocols TLSv1.2;
|
||||
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
|
||||
ssl_prefer_server_ciphers on;
|
||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
|
||||
ssl_session_cache shared:SSL:50m;
|
||||
ssl_session_timeout 1d;
|
||||
ssl_session_tickets off;
|
||||
add_header Strict-Transport-Security max-age=15768000;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Robots-Tag none;
|
||||
add_header X-Download-Options noopen;
|
||||
add_header X-Permitted-Cross-Domain-Policies none;
|
||||
|
||||
index index.php index.html;
|
||||
|
||||
include /etc/nginx/conf.d/listen_ssl.active;
|
||||
include /etc/nginx/conf.d/server_name.active;
|
||||
|
||||
error_log /var/log/nginx/error.log;
|
||||
access_log /var/log/nginx/access.log;
|
||||
absolute_redirect off;
|
||||
@ -86,151 +258,12 @@ server {
|
||||
try_files /autodiscover.php =404;
|
||||
}
|
||||
|
||||
location ~ /(?:m|M)ail/(?:c|C)onfig-v1.1.xml {
|
||||
location ~* ^/Autodiscover/Autodiscover.json {
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass phpfpm:9000;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
try_files /autoconfig.php =404;
|
||||
}
|
||||
|
||||
location ^~ /Microsoft-Server-ActiveSync {
|
||||
proxy_pass http://172.22.1.252:20000/SOGo/Microsoft-Server-ActiveSync;
|
||||
proxy_connect_timeout 1000;
|
||||
proxy_next_upstream timeout error;
|
||||
proxy_send_timeout 1000;
|
||||
proxy_read_timeout 1000;
|
||||
proxy_buffer_size 8k;
|
||||
proxy_buffers 4 32k;
|
||||
proxy_temp_file_write_size 64k;
|
||||
proxy_busy_buffers_size 64k;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
|
||||
proxy_set_header x-webobjects-remote-host $remote_addr;
|
||||
proxy_set_header x-webobjects-server-name $server_name;
|
||||
proxy_set_header x-webobjects-server-url $client_req_scheme://$http_host;
|
||||
proxy_set_header x-webobjects-server-port $server_port;
|
||||
client_body_buffer_size 128k;
|
||||
client_max_body_size 0;
|
||||
}
|
||||
|
||||
location ^~ /SOGo {
|
||||
proxy_pass http://172.22.1.252:20000;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
|
||||
proxy_set_header x-webobjects-remote-host $remote_addr;
|
||||
proxy_set_header x-webobjects-server-name $server_name;
|
||||
proxy_set_header x-webobjects-server-url $client_req_scheme://$http_host;
|
||||
proxy_set_header x-webobjects-server-port $server_port;
|
||||
client_body_buffer_size 128k;
|
||||
client_max_body_size 0;
|
||||
break;
|
||||
}
|
||||
|
||||
location /SOGo.woa/WebServerResources/ {
|
||||
proxy_pass http://172.22.1.252:9192/WebServerResources/;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_cache sogo;
|
||||
proxy_cache_valid 200 1d;
|
||||
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
|
||||
#alias /usr/lib/GNUstep/SOGo/WebServerResources/;
|
||||
allow all;
|
||||
}
|
||||
|
||||
location /.woa/WebServerResources/ {
|
||||
proxy_pass http://172.22.1.252:9192/WebServerResources/;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_cache sogo;
|
||||
proxy_cache_valid 200 1d;
|
||||
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
|
||||
#alias /usr/lib/GNUstep/SOGo/WebServerResources/;
|
||||
allow all;
|
||||
}
|
||||
|
||||
location /SOGo/WebServerResources/ {
|
||||
proxy_pass http://172.22.1.252:9192/WebServerResources/;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_cache sogo;
|
||||
proxy_cache_valid 200 1d;
|
||||
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
|
||||
#alias /usr/lib/GNUstep/SOGo/WebServerResources/;
|
||||
allow all;
|
||||
}
|
||||
|
||||
location (^/SOGo/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$ {
|
||||
proxy_pass http://172.22.1.252:9192/$1.SOGo/Resources/$2;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_cache sogo;
|
||||
proxy_cache_valid 200 1d;
|
||||
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
|
||||
#alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
|
||||
}
|
||||
}
|
||||
server {
|
||||
include /etc/nginx/conf.d/listen_plain.active;
|
||||
include /etc/nginx/mime.types;
|
||||
charset utf-8;
|
||||
override_charset on;
|
||||
index index.php index.html;
|
||||
include /etc/nginx/conf.d/server_name.active;
|
||||
error_log /var/log/nginx/error.log;
|
||||
access_log /var/log/nginx/access.log;
|
||||
absolute_redirect off;
|
||||
root /web;
|
||||
|
||||
location ~ ^/api/v1/(.*)$ {
|
||||
try_files $uri $uri/ /json_api.php?query=$1;
|
||||
}
|
||||
|
||||
location ^~ /.well-known/acme-challenge/ {
|
||||
allow all;
|
||||
default_type "text/plain";
|
||||
}
|
||||
|
||||
# If behind reverse proxy, forwards the correct IP
|
||||
set_real_ip_from 172.22.1.1;
|
||||
real_ip_header X-Forwarded-For;
|
||||
real_ip_recursive on;
|
||||
|
||||
rewrite ^/.well-known/caldav$ /SOGo/dav/ permanent;
|
||||
rewrite ^/.well-known/carddav$ /SOGo/dav/ permanent;
|
||||
|
||||
location ^~ /principals {
|
||||
return 301 /SOGo/dav;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
try_files $uri =404;
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass phpfpm:9000;
|
||||
fastcgi_index index.php;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
fastcgi_param PHP_VALUE "max_execution_time = 1200
|
||||
max_input_time = 1200
|
||||
memory_limit = 64M";
|
||||
fastcgi_read_timeout 1200;
|
||||
}
|
||||
|
||||
location /rspamd/ {
|
||||
proxy_pass http://172.22.1.253:11334/;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_redirect off;
|
||||
}
|
||||
|
||||
location ~* ^/Autodiscover/Autodiscover.xml {
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass phpfpm:9000;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
try_files /autodiscover.php =404;
|
||||
try_files /autodiscover-json.php =404;
|
||||
}
|
||||
|
||||
location ~ /(?:m|M)ail/(?:c|C)onfig-v1.1.xml {
|
||||
@ -317,4 +350,5 @@ server {
|
||||
#alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
|
||||
}
|
||||
|
||||
include /etc/nginx/conf.d/site.*.custom;
|
||||
}
|
||||
|
@ -62,7 +62,7 @@ smtpd_sasl_authenticated_header = yes
|
||||
smtpd_sasl_path = inet:dovecot:10001
|
||||
smtpd_sasl_type = dovecot
|
||||
smtpd_sender_login_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_sender_acl.cf
|
||||
smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch, permit_mynetworks, reject_sender_login_mismatch, permit_sasl_authenticated, reject_unlisted_sender, reject_unknown_sender_domain
|
||||
smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch, permit_mynetworks, permit_sasl_authenticated, reject_unlisted_sender, reject_unknown_sender_domain
|
||||
smtpd_soft_error_limit = 3
|
||||
smtpd_tls_auth_only = yes
|
||||
smtpd_tls_dh1024_param_file = /etc/ssl/mail/dhparams.pem
|
||||
|
@ -44,6 +44,8 @@ anvil unix - - n - 1 anvil
|
||||
scache unix - - n - 1 scache
|
||||
maildrop unix - n n - - pipe flags=DRhu
|
||||
user=vmail argv=/usr/bin/maildrop -d ${recipient}
|
||||
|
||||
# start zeyple
|
||||
zeyple unix - n n - - pipe
|
||||
user=zeyple argv=/usr/local/bin/zeyple.py ${recipient}
|
||||
127.0.0.1:10026 inet n - n - 10 smtpd
|
||||
@ -55,5 +57,34 @@ zeyple unix - n n - - pipe
|
||||
-o smtpd_recipient_restrictions=permit_mynetworks,reject
|
||||
-o mynetworks=127.0.0.0/8
|
||||
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
|
||||
# end zeyple
|
||||
|
||||
# start whitelist_fwd
|
||||
127.0.0.1:10027 inet n n n - 0 spawn user=nobody argv=/usr/local/bin/whitelist_forwardinghosts.sh
|
||||
# end whitelist_fwd
|
||||
|
||||
# start watchdog-specific
|
||||
589 inet n - n - - smtpd
|
||||
-o smtpd_client_restrictions=permit_mynetworks,reject
|
||||
-o syslog_name=watchdog
|
||||
-o syslog_facility=local7
|
||||
-o smtpd_milters=
|
||||
-o cleanup_service_name=watchdog_cleanup
|
||||
-o non_smtpd_milters=
|
||||
watchdog_cleanup unix n - n - 0 cleanup
|
||||
-o syslog_name=watchdog
|
||||
-o syslog_facility=local7
|
||||
-o queue_service_name=watchdog_qmgr
|
||||
watchdog_qmgr fifo n - n 300 1 qmgr
|
||||
-o syslog_facility=local7
|
||||
-o syslog_name=watchdog
|
||||
-o rewrite_service_name=watchdog_rewrite
|
||||
watchdog_rewrite unix - - n - - trivial-rewrite
|
||||
-o syslog_facility=local7
|
||||
-o syslog_name=watchdog
|
||||
-o local_transport=watchdog_discard
|
||||
watchdog_discard unix - - n - - discard
|
||||
-o syslog_facility=local7
|
||||
-o syslog_name=watchdog
|
||||
|
||||
# end watchdog-specific
|
||||
|
@ -28,6 +28,7 @@ function in_net($addr, $net) {
|
||||
return substr($addr_bin, 0, $mask) == substr($net_bin, 0, $mask);
|
||||
}
|
||||
|
||||
if (isset($_GET['host'])) {
|
||||
try {
|
||||
foreach ($redis->hGetAll('WHITELISTED_FWD_HOST') as $host => $source) {
|
||||
if (in_net($_GET['host'], $host)) {
|
||||
@ -41,4 +42,14 @@ catch (RedisException $e) {
|
||||
echo '200 DUNNO';
|
||||
exit;
|
||||
}
|
||||
} else {
|
||||
try {
|
||||
foreach ($redis->hGetAll('WHITELISTED_FWD_HOST') as $host => $source) {
|
||||
echo $host . "\n";
|
||||
}
|
||||
}
|
||||
catch (RedisException $e) {
|
||||
exit;
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
2
data/conf/rspamd/dynmaps/index.html
Normal file
2
data/conf/rspamd/dynmaps/index.html
Normal file
@ -0,0 +1,2 @@
|
||||
<html>
|
||||
</html>
|
@ -97,6 +97,18 @@ function ucl_rcpts($object, $type) {
|
||||
}
|
||||
?>
|
||||
settings {
|
||||
watchdog {
|
||||
priority = 10;
|
||||
rcpt = "/null@localhost/i";
|
||||
from = "/watchdog@localhost/i";
|
||||
apply "default" {
|
||||
actions {
|
||||
reject = 9999.0;
|
||||
greylist = 9998.0;
|
||||
"add header" = 9997.0;
|
||||
}
|
||||
}
|
||||
}
|
||||
<?php
|
||||
|
||||
/*
|
||||
|
@ -2,7 +2,7 @@ rules {
|
||||
DKIM_FAIL {
|
||||
action = "add header";
|
||||
expression = "R_DKIM_REJECT & !MAILLIST & !MAILCOW_WHITE & !MAILCOW_BLACK";
|
||||
require_action = ["no action", "greylist"];
|
||||
require_action = ["no action", "greylist", "soft reject"];
|
||||
}
|
||||
VIRUS_FOUND {
|
||||
action = "reject";
|
||||
@ -19,4 +19,9 @@ rules {
|
||||
expression = "WHITELISTED_FWD_HOST";
|
||||
require_action = ["greylist", "soft reject"];
|
||||
}
|
||||
ADD_UNAUTH_SUBJ {
|
||||
action = "rewrite subject";
|
||||
subject = "[Unauth] %s";
|
||||
expression = "SPOOFED_SENDER";
|
||||
}
|
||||
}
|
||||
|
1
data/conf/rspamd/local.d/greylist.conf
Normal file
1
data/conf/rspamd/local.d/greylist.conf
Normal file
@ -0,0 +1 @@
|
||||
whitelisted_ip = "http://172.22.1.251:8081/forwardinghosts.php";
|
@ -34,3 +34,7 @@ group "MX" {
|
||||
one_shot = "true";
|
||||
}
|
||||
}
|
||||
symbol "SPOOFED_SENDER" {
|
||||
description = "Sender is not authenticated but part of mailcow managed domains";
|
||||
score = 1.0;
|
||||
}
|
||||
|
@ -1,22 +1,29 @@
|
||||
RCPT_MAILCOW_DOMAIN {
|
||||
type = "rcpt";
|
||||
filter = "email:domain"
|
||||
map = "redis://DOMAIN_MAP"
|
||||
filter = "email:domain";
|
||||
map = "redis://DOMAIN_MAP";
|
||||
}
|
||||
|
||||
RCPT_WANTS_SUBJECT_TAG {
|
||||
type = "rcpt";
|
||||
filter = "email:addr"
|
||||
map = "redis://RCPT_WANTS_SUBJECT_TAG"
|
||||
map = "redis://RCPT_WANTS_SUBJECT_TAG";
|
||||
}
|
||||
|
||||
WHITELISTED_FWD_HOST {
|
||||
type = "ip";
|
||||
map = "redis://WHITELISTED_FWD_HOST"
|
||||
map = "redis://WHITELISTED_FWD_HOST";
|
||||
}
|
||||
|
||||
KEEP_SPAM {
|
||||
type = "ip";
|
||||
map = "redis://KEEP_SPAM"
|
||||
map = "redis://KEEP_SPAM";
|
||||
action = "accept";
|
||||
}
|
||||
|
||||
SPOOFED_SENDER {
|
||||
type = "rcpt";
|
||||
filter = "email:domain:tld";
|
||||
map = "redis://DOMAIN_MAP";
|
||||
require_symbols = "AUTH_NA | !RCVD_VIA_SMTP_AUTH";
|
||||
}
|
||||
|
@ -1,5 +1 @@
|
||||
# rspamd.conf.local
|
||||
history_redis {}
|
||||
worker "log_helper" {
|
||||
count = 1;
|
||||
}
|
||||
|
@ -58,6 +58,9 @@ rspamd_config:register_symbol({
|
||||
local redis_params = rspamd_parse_redis_server('dyn_rl')
|
||||
local rspamd_logger = require "rspamd_logger"
|
||||
local envfrom = task:get_from(1)
|
||||
if not envfrom then
|
||||
return false
|
||||
end
|
||||
local env_from_domain = envfrom[1].domain:lower() -- get smtp from domain in lower case
|
||||
local env_from_addr = envfrom[1].addr:lower() -- get smtp from addr in lower case
|
||||
|
||||
@ -108,3 +111,15 @@ rspamd_config:register_symbol({
|
||||
end,
|
||||
priority = 20
|
||||
})
|
||||
|
||||
rspamd_config:register_symbol({
|
||||
name = 'NO_LOG_STAT',
|
||||
type = 'postfilter',
|
||||
callback = function(task)
|
||||
local from = task:get_header('From')
|
||||
if from and (from == 'monitoring-system@everycloudtech.us' or from == 'watchdog@localhost') then
|
||||
task:set_flag('no_log')
|
||||
task:set_flag('no_stat')
|
||||
end
|
||||
end
|
||||
})
|
||||
|
14
data/conf/rspamd/override.d/ratelimit.conf
Normal file
14
data/conf/rspamd/override.d/ratelimit.conf
Normal file
@ -0,0 +1,14 @@
|
||||
rates {
|
||||
# Format: "1 / 1h" or "20 / 1m" etc. - global ratelimits are disabled by default
|
||||
to = "100 / 1s";
|
||||
to_ip = "100 / 1s";
|
||||
to_ip_from = "100 / 1s";
|
||||
bounce_to = "100 / 1s";
|
||||
bounce_to_ip = "100 / 1s";
|
||||
user = "100 / 1s";
|
||||
}
|
||||
whitelisted_rcpts = "postmaster,mailer-daemon";
|
||||
max_rcpt = 5;
|
||||
custom_keywords = "/etc/rspamd/custom/ratelimit.lua";
|
||||
user_keywords = ["user", "customrl"];
|
||||
dynamic_rates = { customrl = "customrl"}
|
@ -43,8 +43,8 @@
|
||||
SOGoInternalSyncInterval = 30;
|
||||
SOGoMaximumSyncInterval = 354;
|
||||
|
||||
SOGoMaximumSyncWindowSize = 0;
|
||||
SOGoMaximumSyncResponseSize = 1024;
|
||||
SOGoMaximumSyncWindowSize = 100;
|
||||
SOGoMaximumSyncResponseSize = 5172;
|
||||
|
||||
WOWatchDogRequestTimeout = 10;
|
||||
WOListenQueueSize = 300;
|
||||
|
@ -19,6 +19,7 @@ server:
|
||||
private-address: 169.254.0.0/16
|
||||
private-address: fd00::/8
|
||||
private-address: fe80::/10
|
||||
private-address: fd4d:6169:6c63:6f77::/64
|
||||
root-hints: "/etc/unbound/root.hints"
|
||||
hide-identity: yes
|
||||
hide-version: yes
|
||||
|
@ -24,6 +24,7 @@ $tfa_data = get_tfa();
|
||||
<li role="presentation"><a href="#tab-sogo-logs" aria-controls="tab-sogo-logs" role="tab" data-toggle="tab">SOGo</a></li>
|
||||
<li role="presentation"><a href="#tab-fail2ban-logs" aria-controls="tab-fail2ban-logs" role="tab" data-toggle="tab">Fail2ban</a></li>
|
||||
<li role="presentation"><a href="#tab-rspamd-history" aria-controls="tab-rspamd-history" role="tab" data-toggle="tab">Rspamd</a></li>
|
||||
<li role="presentation"><a href="#tab-autodiscover-logs" aria-controls="tab-autodiscover-logs" role="tab" data-toggle="tab">Autodiscover</a></li>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
@ -128,6 +129,7 @@ $tfa_data = get_tfa();
|
||||
<a href="#fwdhosts" class="list-group-item"><?=$lang['admin']['forwarding_hosts'];?></a>
|
||||
<a href="#f2bparams" class="list-group-item"><?=$lang['admin']['f2b_parameters'];?></a>
|
||||
<a href="#relayhosts" class="list-group-item">Relayhosts</a>
|
||||
<a href="#customize" class="list-group-item"><?=$lang['admin']['customize'];?></a>
|
||||
<a href="#top" class="list-group-item" style="border-top:1px dashed #dadada">↸ <?=$lang['admin']['to_top'];?></a>
|
||||
</div>
|
||||
</div>
|
||||
@ -149,10 +151,10 @@ $tfa_data = get_tfa();
|
||||
<div class="row">
|
||||
<div class="col-xs-1"><input type="checkbox" data-id="dkim" name="multi_select" value="<?=$domain;?>" /></div>
|
||||
<div class="col-xs-2">
|
||||
<p>Domain: <strong><?=htmlspecialchars($domain);?></strong><br />
|
||||
<span class="label label-success"><?=$lang['admin']['dkim_key_valid'];?></span>
|
||||
<span class="label label-primary">Selector '<?=$dkim['dkim_selector'];?>'</span>
|
||||
<span class="label label-info"><?=$dkim['length'];?> bit</span>
|
||||
<p>Domain: <strong><?=htmlspecialchars($domain);?></strong>
|
||||
<p><span class="label label-success"><?=$lang['admin']['dkim_key_valid'];?></span></p>
|
||||
<p><span class="label label-primary">Selector '<?=$dkim['dkim_selector'];?>'</span></p>
|
||||
<p><span class="label label-info"><?=$dkim['length'];?> bit</span></p>
|
||||
</p>
|
||||
</div>
|
||||
<div class="col-xs-9">
|
||||
@ -179,10 +181,10 @@ $tfa_data = get_tfa();
|
||||
<div class="row">
|
||||
<div class="col-xs-1"><input type="checkbox" data-id="dkim" name="multi_select" value="<?=$alias_domain;?>" /></div>
|
||||
<div class="col-xs-1 col-xs-offset-1">
|
||||
<p><small>↳ Alias-Domain: <strong><?=htmlspecialchars($alias_domain);?></strong><br /></small>
|
||||
<span class="label label-success"><?=$lang['admin']['dkim_key_valid'];?></span>
|
||||
<span class="label label-primary">Selector '<?=$dkim['dkim_selector'];?>'</span>
|
||||
<span class="label label-info"><?=$dkim['length'];?> bit</span>
|
||||
<p><small>↳ Alias-Domain: <strong><?=htmlspecialchars($alias_domain);?></strong></small>
|
||||
<p><span class="label label-success"><?=$lang['admin']['dkim_key_valid'];?></span></p>
|
||||
<p><span class="label label-primary">Selector '<?=$dkim['dkim_selector'];?>'</span></p>
|
||||
<p><span class="label label-info"><?=$dkim['length'];?> bit</span></p>
|
||||
</p>
|
||||
</div>
|
||||
<div class="col-xs-9">
|
||||
@ -211,10 +213,10 @@ $tfa_data = get_tfa();
|
||||
<div class="row">
|
||||
<div class="col-xs-1"><input type="checkbox" data-id="dkim" name="multi_select" value="<?=$blind;?>" /></div>
|
||||
<div class="col-xs-2">
|
||||
<p>Domain: <strong><?=htmlspecialchars($blind);?></strong><br />
|
||||
<span class="label label-warning"><?=$lang['admin']['dkim_key_unused'];?></span>
|
||||
<span class="label label-primary">Selector '<?=$dkim['dkim_selector'];?>'</span>
|
||||
<span class="label label-info"><?=$dkim['length'];?> bit</span>
|
||||
<p>Domain: <strong><?=htmlspecialchars($blind);?></strong>
|
||||
<p><span class="label label-warning"><?=$lang['admin']['dkim_key_unused'];?></span></p>
|
||||
<p><span class="label label-primary">Selector '<?=$dkim['dkim_selector'];?>'</span></p>
|
||||
<p><span class="label label-info"><?=$dkim['length'];?> bit</span></p>
|
||||
</p>
|
||||
</div>
|
||||
<div class="col-xs-9">
|
||||
@ -259,9 +261,7 @@ $tfa_data = get_tfa();
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="private_key_file"><?=$lang['admin']['private_key'];?>:</label>
|
||||
<textarea class="form-control" rows="5" name="private_key_file" id="private_key_file" required placeholder="-----BEGIN RSA PRIVATE KEY-----
|
||||
XYZ
|
||||
-----END RSA PRIVATE KEY-----"></textarea>
|
||||
<textarea class="form-control" rows="5" name="private_key_file" id="private_key_file" required placeholder="-----BEGIN RSA KEY-----"></textarea>
|
||||
</div>
|
||||
<button class="btn btn-default" id="add_item" data-id="dkim_import" data-api-url='add/dkim_import' data-api-attr='{}' href="#"><span class="glyphicon glyphicon-plus"></span> <?=$lang['admin']['import'];?></button>
|
||||
</form>
|
||||
@ -375,6 +375,82 @@ XYZ
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<span class="anchor" id="customize"></span>
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-heading"><?=$lang['admin']['customize'];?></div>
|
||||
<div class="panel-body">
|
||||
<legend><?=$lang['admin']['change_logo'];?></legend>
|
||||
<p class="help-block"><?=$lang['admin']['logo_info'];?></p>
|
||||
<form class="form-inline" role="form" method="post" enctype="multipart/form-data">
|
||||
<p>
|
||||
<input type="file" name="main_logo" class="filestyle" data-buttonName="btn-default" data-buttonText="Select" accept="image/gif, image/jpeg, image/pjpeg, image/x-png, image/png, image/svg+xml">
|
||||
<button name="submit_main_logo" type="submit" class="btn btn-success"><span class="glyphicon glyphicon-cloud-upload"></span> <?=$lang['admin']['upload'];?></button>
|
||||
</p>
|
||||
</form>
|
||||
<?php
|
||||
if ($main_logo = customize('get', 'main_logo')):
|
||||
$specs = customize('get', 'main_logo_specs');
|
||||
?>
|
||||
<div class="row">
|
||||
<div class="col-sm-3">
|
||||
<div class="thumbnail">
|
||||
<img class="img-thumbnail" src="<?=$main_logo;?>" alt="mailcow logo">
|
||||
<div class="caption">
|
||||
<span class="label label-info"><?=$specs['geometry']['width'];?>x<?=$specs['geometry']['height'];?> px</span>
|
||||
<span class="label label-info"><?=$specs['mimetype'];?></span>
|
||||
<span class="label label-info"><?=$specs['fileSize'];?></span>
|
||||
</div>
|
||||
</div>
|
||||
<hr>
|
||||
<form class="form-inline" role="form" method="post">
|
||||
<p><button name="reset_main_logo" type="submit" class="btn btn-xs btn-default"><?=$lang['admin']['reset_default'];?></button></p>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
endif;
|
||||
?>
|
||||
<legend><?=$lang['admin']['app_links'];?></legend>
|
||||
<p class="help-block"><?=$lang['admin']['merged_vars_hint'];?></p>
|
||||
<form class="form-inline" data-id="app_links" role="form" method="post">
|
||||
<table class="table table-condensed" style="width:1%;white-space: nowrap;" id="app_link_table">
|
||||
<tr>
|
||||
<th><?=$lang['admin']['app_name'];?></th>
|
||||
<th><?=$lang['admin']['link'];?></th>
|
||||
<th> </th>
|
||||
</tr>
|
||||
<?php
|
||||
$app_links = customize('get', 'app_links');
|
||||
foreach ($app_links as $row) {
|
||||
foreach ($row as $key => $val):
|
||||
?>
|
||||
<tr>
|
||||
<td><input class="input-sm form-control" data-id="app_links" type="text" name="app" required value="<?=$key;?>"></td>
|
||||
<td><input class="input-sm form-control" data-id="app_links" type="text" name="href" required value="<?=$val;?>"></td>
|
||||
<td><a href="#" role="button" class="btn btn-xs btn-default" type="button"><?=$lang['admin']['remove_row'];?></a></td>
|
||||
</tr>
|
||||
<?php
|
||||
endforeach;
|
||||
}
|
||||
foreach ($MAILCOW_APPS as $app):
|
||||
?>
|
||||
<tr>
|
||||
<td><input class="input-sm form-control" value="<?=htmlspecialchars($app['name']);?>" disabled></td>
|
||||
<td><input class="input-sm form-control" value="<?=htmlspecialchars($app['link']);?>" disabled></td>
|
||||
<td> </td>
|
||||
</tr>
|
||||
<?php
|
||||
endforeach;
|
||||
?>
|
||||
</table>
|
||||
<div class="btn-group">
|
||||
<button class="btn btn-success" id="edit_selected" data-item="admin" data-id="app_links" data-reload="no" data-api-url='edit/app_links' data-api-attr='{}' href="#"><?=$lang['admin']['save'];?></button>
|
||||
<button class="btn btn-default" type="button" id="add_app_link_row"><?=$lang['admin']['add_row'];?></button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
@ -469,6 +545,24 @@ XYZ
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div role="tabpanel" class="tab-pane" id="tab-autodiscover-logs">
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-heading">Autodiscover
|
||||
<div class="btn-group pull-right">
|
||||
<a class="btn btn-xs btn-default dropdown-toggle" data-toggle="dropdown" href="#"><?=$lang['admin']['action'];?> <span class="caret"></span></a>
|
||||
<ul class="dropdown-menu">
|
||||
<li><a href="#" id="refresh_autodiscover_log"><?=$lang['admin']['refresh'];?></a></li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<div class="table-responsive">
|
||||
<table class="table table-striped table-condensed" id="autodiscover_log"></table>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div> <!-- /container -->
|
||||
<?php
|
||||
|
32
data/web/api.php
Normal file
32
data/web/api.php
Normal file
@ -0,0 +1,32 @@
|
||||
<?php
|
||||
set_time_limit (0);
|
||||
|
||||
$address = '0.0.0.0';
|
||||
|
||||
$port = 7777;
|
||||
$con = 1;
|
||||
$word = "";
|
||||
|
||||
$sock = socket_create(AF_INET, SOCK_STREAM, 0);
|
||||
$bind = socket_bind($sock, $address, $port);
|
||||
|
||||
socket_listen($sock);
|
||||
|
||||
while ($con == 1)
|
||||
{
|
||||
$client = socket_accept($sock);
|
||||
$input = socket_read($client, 2024);
|
||||
|
||||
if ($input == 'exit')
|
||||
{
|
||||
$close = socket_close($sock);
|
||||
$con = 0;
|
||||
}
|
||||
|
||||
if($con == 1)
|
||||
{
|
||||
$word .= $input;
|
||||
}
|
||||
}
|
||||
|
||||
echo $word;
|
21
data/web/autodiscover-json.php
Normal file
21
data/web/autodiscover-json.php
Normal file
@ -0,0 +1,21 @@
|
||||
<?php
|
||||
require_once 'inc/vars.inc.php';
|
||||
require_once 'inc/functions.inc.php';
|
||||
$default_autodiscover_config = $autodiscover_config;
|
||||
if(file_exists('inc/vars.local.inc.php')) {
|
||||
include_once 'inc/vars.local.inc.php';
|
||||
}
|
||||
$autodiscover_config = array_merge($default_autodiscover_config, $autodiscover_config);
|
||||
|
||||
header('Content-type: application/json');
|
||||
if ($_GET['Protocol'] == 'ActiveSync') {
|
||||
echo '{"Protocol":"ActiveSync","Url":"' . $autodiscover_config['activesync']['url'] . '"}';
|
||||
}
|
||||
elseif ($_GET['Protocol'] == 'AutodiscoverV1') {
|
||||
echo '{"Protocol":"AutodiscoverV1","Url":"https://' . $_SERVER['HTTP_HOST'] . '/autodiscover/autodiscover.xml"}';
|
||||
}
|
||||
else {
|
||||
http_response_code(400);
|
||||
echo '{"ErrorCode":"InvalidProtocol","ErrorMessage":"The given protocol value \u0027' . $_GET['Protocol'] . '\u0027 is invalid. Supported values are \u0027ActiveSync,AutodiscoverV1\u0027"}';
|
||||
}
|
||||
?>
|
@ -15,14 +15,13 @@ error_reporting(0);
|
||||
|
||||
$data = trim(file_get_contents("php://input"));
|
||||
|
||||
// Desktop client needs IMAP, unless it's Outlook 2013 or higher on Windows
|
||||
if (strpos($data, 'autodiscover/outlook/responseschema') !== false) { // desktop client
|
||||
if (strpos($data, 'autodiscover/outlook/responseschema') !== false) {
|
||||
$autodiscover_config['autodiscoverType'] = 'imap';
|
||||
if ($autodiscover_config['useEASforOutlook'] == 'yes' &&
|
||||
// Office for macOS does not support EAS
|
||||
strpos($_SERVER['HTTP_USER_AGENT'], 'Mac') === false &&
|
||||
// Outlook 2013 (version 15) or higher
|
||||
preg_match('/(Outlook|Office).+1[5-9]\./', $_SERVER['HTTP_USER_AGENT'])
|
||||
preg_match('/(Outlook|Office).+15\./', $_SERVER['HTTP_USER_AGENT'])
|
||||
) {
|
||||
$autodiscover_config['autodiscoverType'] = 'activesync';
|
||||
}
|
||||
@ -39,7 +38,26 @@ $login_user = strtolower(trim($_SERVER['PHP_AUTH_USER']));
|
||||
$login_role = check_login($login_user, $_SERVER['PHP_AUTH_PW']);
|
||||
|
||||
if (!isset($_SERVER['PHP_AUTH_USER']) OR $login_role !== "user") {
|
||||
header('WWW-Authenticate: Basic realm=""');
|
||||
try {
|
||||
$json = json_encode(
|
||||
array(
|
||||
"time" => time(),
|
||||
"ua" => $_SERVER['HTTP_USER_AGENT'],
|
||||
"user" => "none",
|
||||
"service" => "Error: must be authenticated"
|
||||
)
|
||||
);
|
||||
$redis->lPush('AUTODISCOVER_LOG', $json);
|
||||
$redis->lTrim('AUTODISCOVER_LOG', 0, 100);
|
||||
}
|
||||
catch (RedisException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'Redis: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
header('WWW-Authenticate: Basic realm="' . $_SERVER['HTTP_HOST'] . '"');
|
||||
header('HTTP/1.0 401 Unauthorized');
|
||||
exit(0);
|
||||
}
|
||||
@ -52,6 +70,25 @@ else {
|
||||
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
|
||||
<?php
|
||||
if(!$data) {
|
||||
try {
|
||||
$json = json_encode(
|
||||
array(
|
||||
"time" => time(),
|
||||
"ua" => $_SERVER['HTTP_USER_AGENT'],
|
||||
"user" => $_SERVER['PHP_AUTH_USER'],
|
||||
"service" => "Error: invalid or missing request data"
|
||||
)
|
||||
);
|
||||
$redis->lPush('AUTODISCOVER_LOG', $json);
|
||||
$redis->lTrim('AUTODISCOVER_LOG', 0, 100);
|
||||
}
|
||||
catch (RedisException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'Redis: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
list($usec, $sec) = explode(' ', microtime());
|
||||
?>
|
||||
<Response>
|
||||
@ -82,12 +119,30 @@ else {
|
||||
die("Failed to determine name from SQL");
|
||||
}
|
||||
if (!empty($MailboxData['name'])) {
|
||||
$displayname = utf8_encode($MailboxData['name']);
|
||||
$displayname = $MailboxData['name'];
|
||||
}
|
||||
else {
|
||||
$displayname = $email;
|
||||
}
|
||||
|
||||
try {
|
||||
$json = json_encode(
|
||||
array(
|
||||
"time" => time(),
|
||||
"ua" => $_SERVER['HTTP_USER_AGENT'],
|
||||
"user" => $_SERVER['PHP_AUTH_USER'],
|
||||
"service" => $autodiscover_config['autodiscoverType']
|
||||
)
|
||||
);
|
||||
$redis->lPush('AUTODISCOVER_LOG', $json);
|
||||
$redis->lTrim('AUTODISCOVER_LOG', 0, 100);
|
||||
}
|
||||
catch (RedisException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'Redis: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
if ($autodiscover_config['autodiscoverType'] == 'imap') {
|
||||
?>
|
||||
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
|
||||
@ -121,13 +176,13 @@ else {
|
||||
</Protocol>
|
||||
<Protocol>
|
||||
<Type>CalDAV</Type>
|
||||
<Server>https://<?=$autodiscover_config['caldav']['server'];?><?php if ($autodiscover_config['caldav']['port'] != 443) echo ':'.$autodiscover_config['caldav']['port']; ?>/SOGo/dav/<?=$email;?>/Calendar</Server>
|
||||
<Server>https://<?=$autodiscover_config['caldav']['server'];?><?php if ($autodiscover_config['caldav']['port'] != 443) echo ':'.$autodiscover_config['caldav']['port']; ?>/SOGo/dav/<?=$email;?>/</Server>
|
||||
<DomainRequired>off</DomainRequired>
|
||||
<LoginName><?=$email;?></LoginName>
|
||||
</Protocol>
|
||||
<Protocol>
|
||||
<Type>CardDAV</Type>
|
||||
<Server>https://<?=$autodiscover_config['carddav']['server'];?><?php if ($autodiscover_config['caldav']['port'] != 443) echo ':'.$autodiscover_config['carddav']['port']; ?>/SOGo/dav/<?=$email;?>/Contacts</Server>
|
||||
<Server>https://<?=$autodiscover_config['carddav']['server'];?><?php if ($autodiscover_config['caldav']['port'] != 443) echo ':'.$autodiscover_config['carddav']['port']; ?>/SOGo/dav/<?=$email;?>/</Server>
|
||||
<DomainRequired>off</DomainRequired>
|
||||
<LoginName><?=$email;?></LoginName>
|
||||
</Protocol>
|
||||
|
@ -53,3 +53,7 @@ body.modal-open {
|
||||
top: 65px;
|
||||
z-index: 1;
|
||||
}
|
||||
.thumbnail img {
|
||||
min-height:100px;
|
||||
height:100px;
|
||||
}
|
@ -83,6 +83,9 @@ body.modal-open {
|
||||
overflow: inherit;
|
||||
padding-right: inherit !important;
|
||||
}
|
||||
body {
|
||||
font-size:11pt;
|
||||
}
|
||||
#mailcow-alert {
|
||||
position: fixed;
|
||||
bottom: 8px;
|
||||
@ -99,3 +102,12 @@ legend {
|
||||
-o-user-select: none;
|
||||
user-select: none;
|
||||
}
|
||||
.navbar .navbar-brand {
|
||||
padding-top: 5px;
|
||||
}
|
||||
.navbar .navbar-brand img {
|
||||
height: 40px;
|
||||
}
|
||||
.mailcow-logo img {
|
||||
max-width: 250px;
|
||||
}
|
@ -457,6 +457,23 @@ if (isset($_SESSION['mailcow_cc_role'])) {
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
$mailbox_acl = get_acl($mailbox);
|
||||
?>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="sender_acl">ACL:</label>
|
||||
<div class="col-sm-10">
|
||||
<select multiple data-width="100%" style="width:100%" >
|
||||
<?php
|
||||
foreach ($mailbox_acl as $key => $val) {
|
||||
?>
|
||||
<option value="<?=$key;?>" <?=($val == 1) ? 'selected' : null;?>><?=$lang['edit'][$key];?></option>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="password"><?=$lang['edit']['password'];?></label>
|
||||
<div class="col-sm-10">
|
||||
|
@ -5,36 +5,117 @@ if (!isset($_SESSION['mailcow_cc_role']) OR !in_array($_SESSION['mailcow_cc_role
|
||||
echo "Not allowed." . PHP_EOL;
|
||||
exit();
|
||||
}
|
||||
|
||||
function docker($service_name, $action, $post_action = null, $post_fields = null) {
|
||||
$curl = curl_init();
|
||||
curl_setopt($curl, CURLOPT_HTTPHEADER,array( 'Content-Type: application/json' ));
|
||||
switch($action) {
|
||||
case 'get_id':
|
||||
curl_setopt($curl, CURLOPT_URL, 'http://dockerapi:8080/containers/json');
|
||||
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
|
||||
curl_setopt($curl, CURLOPT_POST, 0);
|
||||
$response = curl_exec($curl);
|
||||
if ($response === false) {
|
||||
$err = curl_error($curl);
|
||||
curl_close($curl);
|
||||
return $err;
|
||||
}
|
||||
else {
|
||||
curl_close($curl);
|
||||
$containers = json_decode($response, true);
|
||||
if (!empty($containers)) {
|
||||
foreach ($containers as $container) {
|
||||
if ($container['Config']['Labels']['com.docker.compose.service'] == $service_name) {
|
||||
return trim($container['Id']);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return false;
|
||||
break;
|
||||
case 'info':
|
||||
$container_id = docker($service_name, 'get_id');
|
||||
if (ctype_xdigit($container_id)) {
|
||||
curl_setopt($curl, CURLOPT_URL, 'http://dockerapi:8080/containers/' . $container_id . '/json');
|
||||
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
|
||||
curl_setopt($curl, CURLOPT_POST, 0);
|
||||
$response = curl_exec($curl);
|
||||
if ($response === false) {
|
||||
$err = curl_error($curl);
|
||||
curl_close($curl);
|
||||
return $err;
|
||||
}
|
||||
else {
|
||||
curl_close($curl);
|
||||
if (empty($response)) {
|
||||
return true;
|
||||
}
|
||||
else {
|
||||
return json_decode($response, true);
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
return false;
|
||||
}
|
||||
break;
|
||||
case 'post':
|
||||
if (!empty($post_action)) {
|
||||
$container_id = docker($service_name, 'get_id');
|
||||
if (ctype_xdigit($container_id) && ctype_alnum($post_action)) {
|
||||
curl_setopt($curl, CURLOPT_URL, 'http://dockerapi:8080/containers/' . $container_id . '/' . $post_action);
|
||||
curl_setopt($curl, CURLOPT_POST, 1);
|
||||
if (!empty($post_fields)) {
|
||||
curl_setopt( $curl, CURLOPT_POSTFIELDS, json_encode($post_fields));
|
||||
}
|
||||
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
|
||||
$response = curl_exec($curl);
|
||||
if ($response === false) {
|
||||
$err = curl_error($curl);
|
||||
curl_close($curl);
|
||||
return $err;
|
||||
}
|
||||
else {
|
||||
curl_close($curl);
|
||||
if (empty($response)) {
|
||||
return true;
|
||||
}
|
||||
else {
|
||||
return $response;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if ($_GET['ACTION'] == "start") {
|
||||
$request = xmlrpc_encode_request("supervisor.startProcess", 'bootstrap-sogo', array('encoding'=>'utf-8'));
|
||||
$context = stream_context_create(array('http' => array(
|
||||
'method' => "POST",
|
||||
'header' => "Content-Length: " . strlen($request),
|
||||
'content' => $request
|
||||
)));
|
||||
$file = @file_get_contents("http://sogo:9191/RPC2", false, $context) or die("Cannot connect to $remote_server:$listener_port");
|
||||
$response = xmlrpc_decode($file);
|
||||
if (isset($response['faultString'])) {
|
||||
echo '<b><span class="pull-right text-warning">' . $response['faultString'] . '</span></b>';
|
||||
$retry = 0;
|
||||
while (docker('sogo-mailcow', 'info')['State']['Running'] != 1 && $retry <= 3) {
|
||||
$response = docker('sogo-mailcow', 'post', 'start');
|
||||
$last_response = (trim($response) == "\"OK\"") ? '<b><span class="pull-right text-success">OK</span></b>' : '<b><span class="pull-right text-danger">Error: ' . $response . '</span></b>';
|
||||
if (trim($response) == "\"OK\"") {
|
||||
break;
|
||||
}
|
||||
else {
|
||||
echo '<b><span class="pull-right text-success">OK</span></b>';
|
||||
usleep(1500000);
|
||||
$retry++;
|
||||
}
|
||||
echo (!isset($last_response)) ? '<b><span class="pull-right text-warning">Already running</span></b>' : $last_response;
|
||||
}
|
||||
elseif ($_GET['ACTION'] == "stop") {
|
||||
$request = xmlrpc_encode_request("supervisor.stopProcess", 'bootstrap-sogo', array('encoding'=>'utf-8'));
|
||||
$context = stream_context_create(array('http' => array(
|
||||
'method' => "POST",
|
||||
'header' => "Content-Length: " . strlen($request),
|
||||
'content' => $request
|
||||
)));
|
||||
$file = @file_get_contents("http://sogo:9191/RPC2", false, $context) or die("Cannot connect to $remote_server:$listener_port");
|
||||
$response = xmlrpc_decode($file);
|
||||
if (isset($response['faultString'])) {
|
||||
echo '<b><span class="pull-right text-warning">' . $response['faultString'] . '</span></b>';
|
||||
|
||||
if ($_GET['ACTION'] == "stop") {
|
||||
$retry = 0;
|
||||
while (docker('sogo-mailcow', 'info')['State']['Running'] == 1 && $retry <= 3) {
|
||||
$response = docker('sogo-mailcow', 'post', 'stop');
|
||||
$last_response = (trim($response) == "\"OK\"") ? '<b><span class="pull-right text-success">OK</span></b>' : '<b><span class="pull-right text-danger">Error: ' . $response . '</span></b>';
|
||||
if (trim($response) == "\"OK\"") {
|
||||
break;
|
||||
}
|
||||
else {
|
||||
echo '<b><span class="pull-right text-success">OK</span></b>';
|
||||
usleep(1500000);
|
||||
$retry++;
|
||||
}
|
||||
echo (!isset($last_response)) ? '<b><span class="pull-right text-warning">Not running</span></b>' : $last_response;
|
||||
}
|
||||
|
||||
?>
|
||||
|
@ -6,10 +6,14 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/modals/footer.php';
|
||||
<script src="/js/bootstrap-switch.min.js"></script>
|
||||
<script src="/js/bootstrap-slider.min.js"></script>
|
||||
<script src="/js/bootstrap-select.min.js"></script>
|
||||
<script src="/js/bootstrap-filestyle.min.js"></script>
|
||||
<script src="/js/notifications.min.js"></script>
|
||||
<script src="/js/u2f-api.js"></script>
|
||||
<script src="/js/api.js"></script>
|
||||
<script>
|
||||
$(window).scroll(function() {
|
||||
sessionStorage.scrollTop = $(this).scrollTop();
|
||||
});
|
||||
// Select language and reopen active URL without POST
|
||||
function setLang(sel) {
|
||||
$.post( "<?= $_SERVER['REQUEST_URI']; ?>", {lang: sel} );
|
||||
@ -192,6 +196,9 @@ $(document).ready(function() {
|
||||
|
||||
// CSRF
|
||||
$('<input type="hidden" value="<?= $_SESSION['CSRF']['TOKEN']; ?>">').attr('id', 'csrf_token').attr('name', 'csrf_token').appendTo('form');
|
||||
if (sessionStorage.scrollTop != "undefined") {
|
||||
$(window).scrollTop(sessionStorage.scrollTop);
|
||||
}
|
||||
});
|
||||
</script>
|
||||
|
||||
|
119
data/web/inc/functions.autoconfiguration.inc.php
Normal file
119
data/web/inc/functions.autoconfiguration.inc.php
Normal file
@ -0,0 +1,119 @@
|
||||
<?php
|
||||
function autoconfiguration($_action, $_type, $_data = null) {
|
||||
global $pdo;
|
||||
global $lang;
|
||||
switch ($_action) {
|
||||
case 'edit':
|
||||
if (!isset($_SESSION['acl']['eas_autoconfig']) || $_SESSION['acl']['eas_autoconfig'] != "1" ) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['access_denied'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
switch ($_type) {
|
||||
case 'autodiscover':
|
||||
$objects = (array)$_data['object'];
|
||||
foreach ($objects as $object) {
|
||||
if (is_valid_domain_name($object) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
|
||||
$exclude_regex = (isset($_data['exclude_regex'])) ? $_data['exclude_regex'] : null;
|
||||
$exclude_regex = (isset($_data['exclude_regex'])) ? $_data['exclude_regex'] : null;
|
||||
try {
|
||||
$stmt = $pdo->prepare("SELECT COUNT(`domain`) AS `domain_c` FROM `autodiscover`
|
||||
WHERE `domain` = :domain");
|
||||
$stmt->execute(array(':domain' => $object));
|
||||
$num_results = $stmt->fetchColumn();
|
||||
if ($num_results > 0) {
|
||||
$stmt = $pdo->prepare("SELECT COUNT(`domain`) AS `domain_c` FROM `autodiscover`
|
||||
WHERE `domain` = :domain");
|
||||
}
|
||||
}
|
||||
catch(PDOException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'MySQL: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
elseif (filter_var($object, FILTER_VALIDATE_EMAIL) === true && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
|
||||
|
||||
}
|
||||
}
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'success',
|
||||
'msg' => sprintf($lang['success']['domain_modified'], htmlspecialchars(implode(', ', $objects)))
|
||||
);
|
||||
break;
|
||||
}
|
||||
break;
|
||||
case 'get':
|
||||
switch ($_type) {
|
||||
case 'autodiscover':
|
||||
$autodiscover = array();
|
||||
if (is_valid_domain_name($_data) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
|
||||
try {
|
||||
$stmt = $pdo->prepare("SELECT * FROM `autodiscover`
|
||||
WHERE `domain` = :domain");
|
||||
$stmt->execute(array(':domain' => $_data));
|
||||
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
while($row = array_shift($rows)) {
|
||||
$autodiscover['mailbox'] = $row['mailbox'];
|
||||
$autodiscover['domain'] = $row['domain'];
|
||||
$autodiscover['service'] = $row['service'];
|
||||
$autodiscover['exclude_regex'] = $row['exclude_regex'];
|
||||
$autodiscover['created'] = $row['created'];
|
||||
$autodiscover['modified'] = $row['modified'];
|
||||
}
|
||||
}
|
||||
catch(PDOException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'MySQL: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
elseif (filter_var($_data, FILTER_VALIDATE_EMAIL) === true && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
|
||||
try {
|
||||
$stmt = $pdo->prepare("SELECT * FROM `autodiscover`
|
||||
WHERE `mailbox` = :mailbox");
|
||||
$stmt->execute(array(':mailbox' => $_data));
|
||||
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
while($row = array_shift($rows)) {
|
||||
$autodiscover['mailbox'] = $row['mailbox'];
|
||||
$autodiscover['domain'] = $row['domain'];
|
||||
$autodiscover['service'] = $row['service'];
|
||||
$autodiscover['exclude_regex'] = $row['exclude_regex'];
|
||||
$autodiscover['created'] = $row['created'];
|
||||
$autodiscover['modified'] = $row['modified'];
|
||||
}
|
||||
}
|
||||
catch(PDOException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'MySQL: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return $autodiscover;
|
||||
break;
|
||||
}
|
||||
break;
|
||||
case 'reset':
|
||||
switch ($_type) {
|
||||
case 'autodiscover':
|
||||
if ($_SESSION['mailcow_cc_role'] != "admin" && $_SESSION['mailcow_cc_role'] != "domainadmin") {
|
||||
return false;
|
||||
}
|
||||
break;
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
$miau = "Microsoft Office/15.0 (Windows NT 5.1; macOS Outlook 16.0.4734; Pro)";
|
||||
preg_match("/^((?!.*Mac|.*emClient).)*(Outlook|Office).+1[5-9].*/i", $miau, $output_array);
|
||||
if (empty($output_array)) {
|
||||
echo "imap";
|
||||
}
|
180
data/web/inc/functions.customize.inc.php
Normal file
180
data/web/inc/functions.customize.inc.php
Normal file
@ -0,0 +1,180 @@
|
||||
<?php
|
||||
|
||||
function customize($_action, $_item, $_data = null) {
|
||||
global $redis;
|
||||
global $lang;
|
||||
switch ($_action) {
|
||||
case 'add':
|
||||
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['access_denied'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
switch ($_item) {
|
||||
case 'main_logo':
|
||||
if (in_array($_data['main_logo']['type'], array('image/gif', 'image/jpeg', 'image/pjpeg', 'image/x-png', 'image/png', 'image/svg+xml'))) {
|
||||
try {
|
||||
if (file_exists($_data['main_logo']['tmp_name']) !== true) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'Cannot validate image file: Temporary file not found'
|
||||
);
|
||||
return false;
|
||||
}
|
||||
$image = new Imagick($_data['main_logo']['tmp_name']);
|
||||
if ($image->valid() !== true) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'Cannot validate image file'
|
||||
);
|
||||
return false;
|
||||
}
|
||||
$image->destroy();
|
||||
}
|
||||
catch (ImagickException $e) {
|
||||
$image->destroy();
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'Cannot validate image file'
|
||||
);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
else {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'Invalid mime type'
|
||||
);
|
||||
return false;
|
||||
}
|
||||
try {
|
||||
$redis->Set('MAIN_LOGO', 'data:' . $_data['main_logo']['type'] . ';base64,' . base64_encode(file_get_contents($_data['main_logo']['tmp_name'])));
|
||||
}
|
||||
catch (RedisException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'Redis: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'success',
|
||||
'msg' => 'File uploaded successfully'
|
||||
);
|
||||
break;
|
||||
}
|
||||
break;
|
||||
case 'edit':
|
||||
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['access_denied'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
switch ($_item) {
|
||||
case 'app_links':
|
||||
$apps = (array)$_data['app'];
|
||||
$links = (array)$_data['href'];
|
||||
$out = array();
|
||||
if (count($apps) == count($links)) {;
|
||||
for ($i = 0; $i < count($apps); $i++) {
|
||||
$out[] = array($apps[$i] => $links[$i]);
|
||||
}
|
||||
try {
|
||||
$redis->set('APP_LINKS', json_encode($out));
|
||||
}
|
||||
catch (RedisException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'Redis: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'success',
|
||||
'msg' => 'Saved changes to app links'
|
||||
);
|
||||
break;
|
||||
}
|
||||
break;
|
||||
case 'delete':
|
||||
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['access_denied'])
|
||||
);
|
||||
return false;
|
||||
}
|
||||
switch ($_item) {
|
||||
case 'main_logo':
|
||||
try {
|
||||
if ($redis->del('MAIN_LOGO')) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'success',
|
||||
'msg' => 'Reset default logo'
|
||||
);
|
||||
return true;
|
||||
}
|
||||
}
|
||||
catch (RedisException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'Redis: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
break;
|
||||
}
|
||||
break;
|
||||
case 'get':
|
||||
switch ($_item) {
|
||||
case 'app_links':
|
||||
try {
|
||||
$app_links = json_decode($redis->get('APP_LINKS'), true);
|
||||
}
|
||||
catch (RedisException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'Redis: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
return ($app_links) ? $app_links : false;
|
||||
break;
|
||||
case 'main_logo':
|
||||
try {
|
||||
return $redis->get('MAIN_LOGO');
|
||||
}
|
||||
catch (RedisException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'Redis: '.$e
|
||||
);
|
||||
return false;
|
||||
}
|
||||
break;
|
||||
case 'main_logo_specs':
|
||||
try {
|
||||
$image = new Imagick();
|
||||
$img_data = explode('base64,', customize('get', 'main_logo'));
|
||||
if ($img_data[1]) {
|
||||
$image->readImageBlob(base64_decode($img_data[1]));
|
||||
}
|
||||
return $image->identifyImage();
|
||||
}
|
||||
catch (ImagickException $e) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => 'Error: Imagick exception while reading image'
|
||||
);
|
||||
return false;
|
||||
}
|
||||
break;
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
@ -244,6 +244,23 @@ function set_acl() {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
function get_acl($username) {
|
||||
global $pdo;
|
||||
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
||||
return false;
|
||||
}
|
||||
$username = strtolower(trim($username));
|
||||
$stmt = $pdo->prepare("SELECT * FROM `user_acl` WHERE `username` = :username");
|
||||
$stmt->execute(array(':username' => $username));
|
||||
$acl = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
unset($acl['username']);
|
||||
if (!empty($acl)) {
|
||||
return $acl;
|
||||
}
|
||||
else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
function formatBytes($size, $precision = 2) {
|
||||
if(!is_numeric($size)) {
|
||||
return "0";
|
||||
@ -900,6 +917,14 @@ function get_logs($container, $lines = 100) {
|
||||
return $data_array;
|
||||
}
|
||||
}
|
||||
if ($container == "autodiscover-mailcow") {
|
||||
if ($data = $redis->lRange('AUTODISCOVER_LOG', 0, $lines)) {
|
||||
foreach ($data as $json_line) {
|
||||
$data_array[] = json_decode($json_line, true);
|
||||
}
|
||||
return $data_array;
|
||||
}
|
||||
}
|
||||
if ($container == "rspamd-history") {
|
||||
$curl = curl_init();
|
||||
curl_setopt($curl, CURLOPT_URL,"http://rspamd-mailcow:11334/history");
|
||||
|
@ -755,7 +755,7 @@ function mailbox($_action, $_type, $_data = null) {
|
||||
':active' => $active
|
||||
));
|
||||
$stmt = $pdo->prepare("INSERT INTO `quota2` (`username`, `bytes`, `messages`)
|
||||
VALUES (:username, '0', '0')");
|
||||
VALUES (:username, '0', '0') ON DUPLICATE KEY UPDATE `bytes` = '0', `messages` = '0';");
|
||||
$stmt->execute(array(':username' => $username));
|
||||
$stmt = $pdo->prepare("INSERT INTO `alias` (`address`, `goto`, `domain`, `active`)
|
||||
VALUES (:username1, :username2, :domain, :active)");
|
||||
@ -1291,11 +1291,11 @@ function mailbox($_action, $_type, $_data = null) {
|
||||
$port1 = (!empty($_data['port1'])) ? $_data['port1'] : $is_now['port1'];
|
||||
$password1 = (!empty($_data['password1'])) ? $_data['password1'] : $is_now['password1'];
|
||||
$host1 = (!empty($_data['host1'])) ? $_data['host1'] : $is_now['host1'];
|
||||
$subfolder2 = (!empty($_data['subfolder2'])) ? $_data['subfolder2'] : $is_now['subfolder2'];
|
||||
$subfolder2 = (isset($_data['subfolder2'])) ? $_data['subfolder2'] : $is_now['subfolder2'];
|
||||
$enc1 = (!empty($_data['enc1'])) ? $_data['enc1'] : $is_now['enc1'];
|
||||
$mins_interval = (!empty($_data['mins_interval'])) ? $_data['mins_interval'] : $is_now['mins_interval'];
|
||||
$exclude = (!empty($_data['exclude'])) ? $_data['exclude'] : $is_now['exclude'];
|
||||
$maxage = (!empty($_data['maxage'])) ? $_data['maxage'] : $is_now['maxage'];
|
||||
$exclude = (!empty($_data['exclude'])) ? $_data['exclude'] : '';
|
||||
$maxage = (isset($_data['maxage']) && $_data['maxage'] != "") ? intval($_data['maxage']) : $is_now['maxage'];
|
||||
}
|
||||
else {
|
||||
$_SESSION['return'] = array(
|
||||
|
@ -32,7 +32,7 @@ function policy($_action, $_scope, $_data = null) {
|
||||
$object_list = "whitelist_from";
|
||||
}
|
||||
$object_from = preg_replace('/\.+/', '.', rtrim(preg_replace("/\.\*/", "*", trim(strtolower($_data['object_from']))), '.'));
|
||||
if (!ctype_alnum(str_replace(array('@', '.', '-', '*'), '', $object_from))) {
|
||||
if (!ctype_alnum(str_replace(array('@', '_', '.', '-', '*'), '', $object_from))) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['policy_list_from_invalid'])
|
||||
@ -112,7 +112,7 @@ function policy($_action, $_scope, $_data = null) {
|
||||
$object_list = "whitelist_from";
|
||||
}
|
||||
$object_from = preg_replace('/\.+/', '.', rtrim(preg_replace("/\.\*/", "*", trim(strtolower($_data['object_from']))), '.'));
|
||||
if (!ctype_alnum(str_replace(array('@', '.', '-', '*'), '', $object_from))) {
|
||||
if (!ctype_alnum(str_replace(array('@', '_', '.', '-', '*'), '', $object_from))) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
'msg' => sprintf($lang['danger']['policy_list_from_invalid'])
|
||||
|
@ -27,7 +27,7 @@ function relayhost($_action, $_data = null) {
|
||||
$stmt->execute(array(
|
||||
':hostname' => $hostname,
|
||||
':username' => $username,
|
||||
':password' => $password,
|
||||
':password' => str_replace(':', '\:', $password),
|
||||
':active' => '1'
|
||||
));
|
||||
}
|
||||
|
@ -39,7 +39,7 @@
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
</button>
|
||||
<a class="navbar-brand" href="/"><img height="32" alt="mailcow-logo" style="margin-top: -5px;" src="/img/cow_mailcow.svg"></a>
|
||||
<a class="navbar-brand" href="/"><img alt="mailcow-logo" src="<?=($main_logo = customize('get', 'main_logo')) ? $main_logo : '/img/cow_mailcow.svg';?>"></a>
|
||||
</div>
|
||||
<div id="navbar" class="navbar-collapse collapse">
|
||||
<ul class="nav navbar-nav navbar-right">
|
||||
@ -102,6 +102,14 @@
|
||||
<li title="<?= htmlspecialchars($app['description']); ?>"><a href="<?= htmlspecialchars($app['link']); ?>"><?= htmlspecialchars($app['name']); ?></a></li>
|
||||
<?php
|
||||
endforeach;
|
||||
$app_links = customize('get', 'app_links');
|
||||
foreach ($app_links as $row) {
|
||||
foreach ($row as $key => $val):
|
||||
?>
|
||||
<li><a href="<?= htmlspecialchars($val); ?>"><?= htmlspecialchars($key); ?></a></li>
|
||||
<?php
|
||||
endforeach;
|
||||
}
|
||||
?>
|
||||
</ul>
|
||||
</li>
|
||||
|
@ -3,7 +3,7 @@ function init_db_schema() {
|
||||
try {
|
||||
global $pdo;
|
||||
|
||||
$db_version = "15092017_0754";
|
||||
$db_version = "25102017_0748";
|
||||
|
||||
$stmt = $pdo->query("SHOW TABLES LIKE 'versions'");
|
||||
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
|
||||
@ -165,7 +165,6 @@ function init_db_schema() {
|
||||
"delimiter_action" => "TINYINT(1) NOT NULL DEFAULT '1'",
|
||||
"syncjobs" => "TINYINT(1) NOT NULL DEFAULT '1'",
|
||||
"eas_reset" => "TINYINT(1) NOT NULL DEFAULT '1'",
|
||||
"eas_autoconfig" => "TINYINT(1) NOT NULL DEFAULT '1'"
|
||||
),
|
||||
"keys" => array(
|
||||
"fkey" => array(
|
||||
@ -498,6 +497,13 @@ function init_db_schema() {
|
||||
$stmt = $pdo->query("SHOW TABLES LIKE '" . $table . "'");
|
||||
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
|
||||
if ($num_results != 0) {
|
||||
$stmt = $pdo->prepare("SELECT CONCAT('ALTER TABLE ', `table_schema`, '.', `table_name`, ' DROP FOREIGN KEY ', `constraint_name`, ';') AS `FKEY_DROP` FROM `information_schema`.`table_constraints`
|
||||
WHERE `constraint_type` = 'FOREIGN KEY' AND `table_name` = :table;");
|
||||
$stmt->execute(array(':table' => $table));
|
||||
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
while ($row = array_shift($rows)) {
|
||||
$pdo->query($row['FKEY_DROP']);
|
||||
}
|
||||
foreach($properties['cols'] as $column => $type) {
|
||||
$stmt = $pdo->query("SHOW COLUMNS FROM `" . $table . "` LIKE '" . $column . "'");
|
||||
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
|
||||
@ -542,7 +548,7 @@ function init_db_schema() {
|
||||
$stmt = $pdo->query("SHOW KEYS FROM `" . $table . "` WHERE Key_name = '" . $key_name . "'");
|
||||
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
|
||||
if ($num_results != 0) {
|
||||
$pdo->query("ALTER TABLE `" . $table . "` DROP FOREIGN KEY `" . $key_name . "`");
|
||||
$pdo->query("ALTER TABLE `" . $table . "` DROP INDEX `" . $key_name . "`");
|
||||
}
|
||||
@list($table_ref, $field_ref) = explode('.', $key_values['ref']);
|
||||
$pdo->query("ALTER TABLE `" . $table . "` ADD FOREIGN KEY `" . $key_name . "` (" . $key_values['col'] . ") REFERENCES `" . $table_ref . "` (`" . $field_ref . "`)
|
||||
@ -582,14 +588,9 @@ function init_db_schema() {
|
||||
// Step 2: Drop all vanished indexes
|
||||
while ($row = array_shift($keys_in_table)) {
|
||||
if (!in_array($row['Key_name'], $keys_to_exist)) {
|
||||
try {
|
||||
$pdo->query("ALTER TABLE `" . $table . "` DROP FOREIGN KEY `" . $row['Key_name'] . "`");
|
||||
}
|
||||
finally {
|
||||
$pdo->query("ALTER TABLE `" . $table . "` DROP INDEX `" . $row['Key_name'] . "`");
|
||||
}
|
||||
}
|
||||
}
|
||||
// Step 3: Drop all vanished primary keys
|
||||
if (!isset($properties['keys']['primary'])) {
|
||||
$stmt = $pdo->query("SHOW KEYS FROM `" . $table . "` WHERE Key_name = 'PRIMARY'");
|
||||
|
11
data/web/inc/lib/composer.lock
generated
11
data/web/inc/lib/composer.lock
generated
@ -8,19 +8,20 @@
|
||||
"packages": [
|
||||
{
|
||||
"name": "phpmailer/phpmailer",
|
||||
"version": "v5.2.23",
|
||||
"version": "v5.2.25",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/PHPMailer/PHPMailer.git",
|
||||
"reference": "7115df4a6f76281109ebe352900c42403b728bb4"
|
||||
"reference": "2baf20b01690fba8cf720c1ebcf9b988eda50915"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/7115df4a6f76281109ebe352900c42403b728bb4",
|
||||
"reference": "7115df4a6f76281109ebe352900c42403b728bb4",
|
||||
"url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/2baf20b01690fba8cf720c1ebcf9b988eda50915",
|
||||
"reference": "2baf20b01690fba8cf720c1ebcf9b988eda50915",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
"ext-ctype": "*",
|
||||
"php": ">=5.0.0"
|
||||
},
|
||||
"require-dev": {
|
||||
@ -80,7 +81,7 @@
|
||||
}
|
||||
],
|
||||
"description": "PHPMailer is a full-featured email creation and transfer class for PHP",
|
||||
"time": "2017-03-15T19:32:56+00:00"
|
||||
"time": "2017-08-28T11:12:07+00:00"
|
||||
},
|
||||
{
|
||||
"name": "robthree/twofactorauth",
|
||||
|
13
data/web/inc/lib/vendor/composer/installed.json
vendored
13
data/web/inc/lib/vendor/composer/installed.json
vendored
@ -91,20 +91,21 @@
|
||||
},
|
||||
{
|
||||
"name": "phpmailer/phpmailer",
|
||||
"version": "v5.2.23",
|
||||
"version_normalized": "5.2.23.0",
|
||||
"version": "v5.2.25",
|
||||
"version_normalized": "5.2.25.0",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/PHPMailer/PHPMailer.git",
|
||||
"reference": "7115df4a6f76281109ebe352900c42403b728bb4"
|
||||
"reference": "2baf20b01690fba8cf720c1ebcf9b988eda50915"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/7115df4a6f76281109ebe352900c42403b728bb4",
|
||||
"reference": "7115df4a6f76281109ebe352900c42403b728bb4",
|
||||
"url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/2baf20b01690fba8cf720c1ebcf9b988eda50915",
|
||||
"reference": "2baf20b01690fba8cf720c1ebcf9b988eda50915",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
"ext-ctype": "*",
|
||||
"php": ">=5.0.0"
|
||||
},
|
||||
"require-dev": {
|
||||
@ -130,7 +131,7 @@
|
||||
"suggest": {
|
||||
"league/oauth2-google": "Needed for Google XOAUTH2 authentication"
|
||||
},
|
||||
"time": "2017-03-15T19:32:56+00:00",
|
||||
"time": "2017-08-28T11:12:07+00:00",
|
||||
"type": "library",
|
||||
"installation-source": "dist",
|
||||
"autoload": {
|
||||
|
1
data/web/inc/lib/vendor/phpmailer/phpmailer/.github/ISSUE_TEMPLATE.md
vendored
Normal file
1
data/web/inc/lib/vendor/phpmailer/phpmailer/.github/ISSUE_TEMPLATE.md
vendored
Normal file
@ -0,0 +1 @@
|
||||
Non-security issues and pull requests are no longer being accepted for the legacy PHPMailer 5.2 branch. Migrate to PHPMailer 6.0 (or later) and report your issue there.
|
1
data/web/inc/lib/vendor/phpmailer/phpmailer/.github/PULL_REQUEST_TEMPLATE.md
vendored
Normal file
1
data/web/inc/lib/vendor/phpmailer/phpmailer/.github/PULL_REQUEST_TEMPLATE.md
vendored
Normal file
@ -0,0 +1 @@
|
||||
Non-security issues and pull requests are no longer being accepted for the legacy PHPMailer 5.2 branch. Migrate to PHPMailer 6.0 (or later) and report your issue there.
|
@ -1 +1 @@
|
||||
5.2.23
|
||||
5.2.25
|
||||
|
@ -31,7 +31,7 @@ class PHPMailer
|
||||
* The PHPMailer Version number.
|
||||
* @var string
|
||||
*/
|
||||
public $Version = '5.2.23';
|
||||
public $Version = '5.2.25';
|
||||
|
||||
/**
|
||||
* Email priority.
|
||||
@ -440,9 +440,9 @@ class PHPMailer
|
||||
*
|
||||
* Parameters:
|
||||
* boolean $result result of the send action
|
||||
* string $to email address of the recipient
|
||||
* string $cc cc email addresses
|
||||
* string $bcc bcc email addresses
|
||||
* array $to email addresses of the recipients
|
||||
* array $cc cc email addresses
|
||||
* array $bcc bcc email addresses
|
||||
* string $subject the subject
|
||||
* string $body the email body
|
||||
* string $from email address of sender
|
||||
@ -1622,8 +1622,13 @@ class PHPMailer
|
||||
|
||||
foreach ($hosts as $hostentry) {
|
||||
$hostinfo = array();
|
||||
if (!preg_match('/^((ssl|tls):\/\/)*([a-zA-Z0-9\.-]*):?([0-9]*)$/', trim($hostentry), $hostinfo)) {
|
||||
if (!preg_match(
|
||||
'/^((ssl|tls):\/\/)*([a-zA-Z0-9\.-]*|\[[a-fA-F0-9:]+\]):?([0-9]*)$/',
|
||||
trim($hostentry),
|
||||
$hostinfo
|
||||
)) {
|
||||
// Not a valid host entry
|
||||
$this->edebug('Ignoring invalid host: ' . $hostentry);
|
||||
continue;
|
||||
}
|
||||
// $hostinfo[2]: optional ssl or tls prefix
|
||||
@ -1742,6 +1747,7 @@ class PHPMailer
|
||||
'dk' => 'da',
|
||||
'no' => 'nb',
|
||||
'se' => 'sv',
|
||||
'sr' => 'rs'
|
||||
);
|
||||
|
||||
if (isset($renamed_langcodes[$langcode])) {
|
||||
@ -2024,10 +2030,7 @@ class PHPMailer
|
||||
{
|
||||
$result = '';
|
||||
|
||||
if ($this->MessageDate == '') {
|
||||
$this->MessageDate = self::rfcDate();
|
||||
}
|
||||
$result .= $this->headerLine('Date', $this->MessageDate);
|
||||
$result .= $this->headerLine('Date', $this->MessageDate == '' ? self::rfcDate() : $this->MessageDate);
|
||||
|
||||
// To be created automatically by mail()
|
||||
if ($this->SingleTo) {
|
||||
@ -4033,7 +4036,7 @@ class phpmailerException extends Exception
|
||||
*/
|
||||
public function errorMessage()
|
||||
{
|
||||
$errorMsg = '<strong>' . $this->getMessage() . "</strong><br />\n";
|
||||
$errorMsg = '<strong>' . htmlspecialchars($this->getMessage()) . "</strong><br />\n";
|
||||
return $errorMsg;
|
||||
}
|
||||
}
|
||||
|
@ -34,7 +34,7 @@ class POP3
|
||||
* @var string
|
||||
* @access public
|
||||
*/
|
||||
public $Version = '5.2.23';
|
||||
public $Version = '5.2.25';
|
||||
|
||||
/**
|
||||
* Default POP3 port number.
|
||||
|
@ -30,7 +30,7 @@ class SMTP
|
||||
* The PHPMailer SMTP version number.
|
||||
* @var string
|
||||
*/
|
||||
const VERSION = '5.2.23';
|
||||
const VERSION = '5.2.25';
|
||||
|
||||
/**
|
||||
* SMTP line break constant.
|
||||
@ -81,7 +81,7 @@ class SMTP
|
||||
* @deprecated Use the `VERSION` constant instead
|
||||
* @see SMTP::VERSION
|
||||
*/
|
||||
public $Version = '5.2.23';
|
||||
public $Version = '5.2.25';
|
||||
|
||||
/**
|
||||
* SMTP server port number.
|
||||
@ -151,9 +151,8 @@ class SMTP
|
||||
public $Timelimit = 300;
|
||||
|
||||
/**
|
||||
* @var array patterns to extract smtp transaction id from smtp reply
|
||||
* Only first capture group will be use, use non-capturing group to deal with it
|
||||
* Extend this class to override this property to fulfil your needs.
|
||||
* @var array Patterns to extract an SMTP transaction id from reply to a DATA command.
|
||||
* The first capture group in each regex will be used as the ID.
|
||||
*/
|
||||
protected $smtp_transaction_id_patterns = array(
|
||||
'exim' => '/[0-9]{3} OK id=(.*)/',
|
||||
@ -161,6 +160,12 @@ class SMTP
|
||||
'postfix' => '/[0-9]{3} 2.0.0 Ok: queued as (.*)/'
|
||||
);
|
||||
|
||||
/**
|
||||
* @var string The last transaction ID issued in response to a DATA command,
|
||||
* if one was detected
|
||||
*/
|
||||
protected $last_smtp_transaction_id;
|
||||
|
||||
/**
|
||||
* The socket for the server connection.
|
||||
* @var resource
|
||||
@ -227,7 +232,7 @@ class SMTP
|
||||
break;
|
||||
case 'html':
|
||||
//Cleans up output a bit for a better looking, HTML-safe output
|
||||
echo htmlentities(
|
||||
echo gmdate('Y-m-d H:i:s') . ' ' . htmlentities(
|
||||
preg_replace('/[\r\n]+/', '', $str),
|
||||
ENT_QUOTES,
|
||||
'UTF-8'
|
||||
@ -709,6 +714,7 @@ class SMTP
|
||||
$savetimelimit = $this->Timelimit;
|
||||
$this->Timelimit = $this->Timelimit * 2;
|
||||
$result = $this->sendCommand('DATA END', '.', 250);
|
||||
$this->recordLastTransactionID();
|
||||
//Restore timelimit
|
||||
$this->Timelimit = $savetimelimit;
|
||||
return $result;
|
||||
@ -989,7 +995,10 @@ class SMTP
|
||||
public function client_send($data)
|
||||
{
|
||||
$this->edebug("CLIENT -> SERVER: $data", self::DEBUG_CLIENT);
|
||||
return fwrite($this->smtp_conn, $data);
|
||||
set_error_handler(array($this, 'errorHandler'));
|
||||
$result = fwrite($this->smtp_conn, $data);
|
||||
restore_error_handler();
|
||||
return $result;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -1089,8 +1098,10 @@ class SMTP
|
||||
$this->edebug("SMTP -> get_lines(): \$data is \"$data\"", self::DEBUG_LOWLEVEL);
|
||||
$this->edebug("SMTP -> get_lines(): \$str is \"$str\"", self::DEBUG_LOWLEVEL);
|
||||
$data .= $str;
|
||||
// If 4th character is a space, we are done reading, break the loop, micro-optimisation over strlen
|
||||
if ((isset($str[3]) and $str[3] == ' ')) {
|
||||
// If response is only 3 chars (not valid, but RFC5321 S4.2 says it must be handled),
|
||||
// or 4th character is a space, we are done reading, break the loop,
|
||||
// string array access is a micro-optimisation over strlen
|
||||
if (!isset($str[3]) or (isset($str[3]) and $str[3] == ' ')) {
|
||||
break;
|
||||
}
|
||||
// Timed-out? Log and break
|
||||
@ -1226,26 +1237,40 @@ class SMTP
|
||||
}
|
||||
|
||||
/**
|
||||
* Will return the ID of the last smtp transaction based on a list of patterns provided
|
||||
* in SMTP::$smtp_transaction_id_patterns.
|
||||
* Extract and return the ID of the last SMTP transaction based on
|
||||
* a list of patterns provided in SMTP::$smtp_transaction_id_patterns.
|
||||
* Relies on the host providing the ID in response to a DATA command.
|
||||
* If no reply has been received yet, it will return null.
|
||||
* If no pattern has been matched, it will return false.
|
||||
* If no pattern was matched, it will return false.
|
||||
* @return bool|null|string
|
||||
*/
|
||||
public function getLastTransactionID()
|
||||
protected function recordLastTransactionID()
|
||||
{
|
||||
$reply = $this->getLastReply();
|
||||
|
||||
if (empty($reply)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$this->last_smtp_transaction_id = null;
|
||||
} else {
|
||||
$this->last_smtp_transaction_id = false;
|
||||
foreach ($this->smtp_transaction_id_patterns as $smtp_transaction_id_pattern) {
|
||||
if (preg_match($smtp_transaction_id_pattern, $reply, $matches)) {
|
||||
return $matches[1];
|
||||
$this->last_smtp_transaction_id = $matches[1];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
return $this->last_smtp_transaction_id;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the queue/transaction ID of the last SMTP transaction
|
||||
* If no reply has been received yet, it will return null.
|
||||
* If no pattern was matched, it will return false.
|
||||
* @return bool|null|string
|
||||
* @see recordLastTransactionID()
|
||||
*/
|
||||
public function getLastTransactionID()
|
||||
{
|
||||
return $this->last_smtp_transaction_id;
|
||||
}
|
||||
}
|
||||
|
@ -20,6 +20,7 @@
|
||||
}
|
||||
],
|
||||
"require": {
|
||||
"ext-ctype": "*",
|
||||
"php": ">=5.0.0"
|
||||
},
|
||||
"require-dev": {
|
||||
|
@ -58,46 +58,53 @@ class phpmailerAppException extends phpmailerException
|
||||
$example_code .= "\n\nclass phpmailerAppException extends phpmailerException {}";
|
||||
$example_code .= "\n\ntry {";
|
||||
|
||||
// Convert a string to its JavaScript representation.
|
||||
function JSString($s) {
|
||||
static $from = array("\\", "/", "\n", "\t", "\r", "\b", "\f", '"');
|
||||
static $to = array('\\\\', '\\/', '\\n', '\\t', '\\r', '\\b', '\\f', '\\"');
|
||||
return is_null($s)? 'null': '"' . str_replace($from, $to, "$s") . '"';
|
||||
}
|
||||
|
||||
try {
|
||||
if (isset($_POST["submit"]) && $_POST['submit'] == "Submit") {
|
||||
$to = $_POST['To_Email'];
|
||||
$to = $to_email;
|
||||
if (!PHPMailer::validateAddress($to)) {
|
||||
throw new phpmailerAppException("Email address " . $to . " is invalid -- aborting!");
|
||||
}
|
||||
|
||||
$example_code .= "\n\$to = '{$_POST['To_Email']}';";
|
||||
$example_code .= "\n\$to = '" . addslashes($to_email) . "';";
|
||||
$example_code .= "\nif(!PHPMailer::validateAddress(\$to)) {";
|
||||
$example_code .= "\n throw new phpmailerAppException(\"Email address \" . " .
|
||||
"\$to . \" is invalid -- aborting!\");";
|
||||
$example_code .= "\n}";
|
||||
|
||||
switch ($_POST['test_type']) {
|
||||
switch ($test_type) {
|
||||
case 'smtp':
|
||||
$mail->isSMTP(); // telling the class to use SMTP
|
||||
$mail->SMTPDebug = (integer)$_POST['smtp_debug'];
|
||||
$mail->Host = $_POST['smtp_server']; // SMTP server
|
||||
$mail->Port = (integer)$_POST['smtp_port']; // set the SMTP port
|
||||
if ($_POST['smtp_secure']) {
|
||||
$mail->SMTPSecure = strtolower($_POST['smtp_secure']);
|
||||
$mail->SMTPDebug = (integer)$smtp_debug;
|
||||
$mail->Host = $smtp_server; // SMTP server
|
||||
$mail->Port = (integer)$smtp_port; // set the SMTP port
|
||||
if ($smtp_secure) {
|
||||
$mail->SMTPSecure = strtolower($smtp_secure);
|
||||
}
|
||||
$mail->SMTPAuth = array_key_exists('smtp_authenticate', $_POST); // enable SMTP authentication?
|
||||
if (array_key_exists('smtp_authenticate', $_POST)) {
|
||||
$mail->Username = $_POST['authenticate_username']; // SMTP account username
|
||||
$mail->Password = $_POST['authenticate_password']; // SMTP account password
|
||||
$mail->Username = $authenticate_username; // SMTP account username
|
||||
$mail->Password = $authenticate_password; // SMTP account password
|
||||
}
|
||||
|
||||
$example_code .= "\n\$mail->isSMTP();";
|
||||
$example_code .= "\n\$mail->SMTPDebug = " . $_POST['smtp_debug'] . ";";
|
||||
$example_code .= "\n\$mail->Host = \"" . $_POST['smtp_server'] . "\";";
|
||||
$example_code .= "\n\$mail->Port = \"" . $_POST['smtp_port'] . "\";";
|
||||
$example_code .= "\n\$mail->SMTPSecure = \"" . strtolower($_POST['smtp_secure']) . "\";";
|
||||
$example_code .= "\n\$mail->SMTPDebug = " . (integer) $smtp_debug . ";";
|
||||
$example_code .= "\n\$mail->Host = \"" . addslashes($smtp_server) . "\";";
|
||||
$example_code .= "\n\$mail->Port = \"" . addslashes($smtp_port) . "\";";
|
||||
$example_code .= "\n\$mail->SMTPSecure = \"" . addslashes(strtolower($smtp_secure)) . "\";";
|
||||
$example_code .= "\n\$mail->SMTPAuth = " . (array_key_exists(
|
||||
'smtp_authenticate',
|
||||
$_POST
|
||||
) ? 'true' : 'false') . ";";
|
||||
if (array_key_exists('smtp_authenticate', $_POST)) {
|
||||
$example_code .= "\n\$mail->Username = \"" . $_POST['authenticate_username'] . "\";";
|
||||
$example_code .= "\n\$mail->Password = \"" . $_POST['authenticate_password'] . "\";";
|
||||
$example_code .= "\n\$mail->Username = \"" . addslashes($authenticate_username) . "\";";
|
||||
$example_code .= "\n\$mail->Password = \"" . addslashes($authenticate_password) . "\";";
|
||||
}
|
||||
break;
|
||||
case 'mail':
|
||||
@ -118,59 +125,59 @@ try {
|
||||
|
||||
try {
|
||||
if ($_POST['From_Name'] != '') {
|
||||
$mail->addReplyTo($_POST['From_Email'], $_POST['From_Name']);
|
||||
$mail->setFrom($_POST['From_Email'], $_POST['From_Name']);
|
||||
$mail->addReplyTo($from_email, $from_name);
|
||||
$mail->setFrom($from_email, $from_name);
|
||||
|
||||
$example_code .= "\n\$mail->addReplyTo(\"" .
|
||||
$_POST['From_Email'] . "\", \"" . $_POST['From_Name'] . "\");";
|
||||
addslashes($from_email) . "\", \"" . addslashes($from_name) . "\");";
|
||||
$example_code .= "\n\$mail->setFrom(\"" .
|
||||
$_POST['From_Email'] . "\", \"" . $_POST['From_Name'] . "\");";
|
||||
addslashes($from_email) . "\", \"" . addslashes($from_name) . "\");";
|
||||
} else {
|
||||
$mail->addReplyTo($_POST['From_Email']);
|
||||
$mail->setFrom($_POST['From_Email'], $_POST['From_Email']);
|
||||
$mail->addReplyTo($from_email);
|
||||
$mail->setFrom($from_email, $from_email);
|
||||
|
||||
$example_code .= "\n\$mail->addReplyTo(\"" . $_POST['From_Email'] . "\");";
|
||||
$example_code .= "\n\$mail->addReplyTo(\"" . addslashes($from_email) . "\");";
|
||||
$example_code .= "\n\$mail->setFrom(\"" .
|
||||
$_POST['From_Email'] . "\", \"" . $_POST['From_Email'] . "\");";
|
||||
addslashes($from_email) . "\", \"" . addslashes($from_email) . "\");";
|
||||
}
|
||||
|
||||
if ($_POST['To_Name'] != '') {
|
||||
$mail->addAddress($to, $_POST['To_Name']);
|
||||
$example_code .= "\n\$mail->addAddress(\"$to\", \"" . $_POST['To_Name'] . "\");";
|
||||
$mail->addAddress($to, $to_name);
|
||||
$example_code .= "\n\$mail->addAddress(\"$to\", \"" . addslashes($to_name) . "\");";
|
||||
} else {
|
||||
$mail->addAddress($to);
|
||||
$example_code .= "\n\$mail->addAddress(\"$to\");";
|
||||
}
|
||||
|
||||
if ($_POST['bcc_Email'] != '') {
|
||||
$indiBCC = explode(" ", $_POST['bcc_Email']);
|
||||
$indiBCC = explode(" ", $bcc_email);
|
||||
foreach ($indiBCC as $key => $value) {
|
||||
$mail->addBCC($value);
|
||||
$example_code .= "\n\$mail->addBCC(\"$value\");";
|
||||
$example_code .= "\n\$mail->addBCC(\"" . addslashes($value) . "\");";
|
||||
}
|
||||
}
|
||||
|
||||
if ($_POST['cc_Email'] != '') {
|
||||
$indiCC = explode(" ", $_POST['cc_Email']);
|
||||
$indiCC = explode(" ", $cc_Email);
|
||||
foreach ($indiCC as $key => $value) {
|
||||
$mail->addCC($value);
|
||||
$example_code .= "\n\$mail->addCC(\"$value\");";
|
||||
$example_code .= "\n\$mail->addCC(\"" . addslashes($value) . "\");";
|
||||
}
|
||||
}
|
||||
} catch (phpmailerException $e) { //Catch all kinds of bad addressing
|
||||
throw new phpmailerAppException($e->getMessage());
|
||||
}
|
||||
$mail->Subject = $_POST['Subject'] . ' (PHPMailer test using ' . strtoupper($_POST['test_type']) . ')';
|
||||
$example_code .= "\n\$mail->Subject = \"" . $_POST['Subject'] .
|
||||
' (PHPMailer test using ' . strtoupper($_POST['test_type']) . ')";';
|
||||
$mail->Subject = $subject . ' (PHPMailer test using ' . strtoupper($test_type) . ')';
|
||||
$example_code .= "\n\$mail->Subject = \"" . addslashes($subject) .
|
||||
' (PHPMailer test using ' . addslashes(strtoupper($test_type)) . ')";';
|
||||
|
||||
if ($_POST['Message'] == '') {
|
||||
$body = file_get_contents('contents.html');
|
||||
} else {
|
||||
$body = $_POST['Message'];
|
||||
$body = $message;
|
||||
}
|
||||
|
||||
$example_code .= "\n\$body = <<<'EOT'\n" . htmlentities($body) . "\nEOT;";
|
||||
$example_code .= "\n\$body = <<<'EOT'\n$body\nEOT;";
|
||||
|
||||
$mail->WordWrap = 78; // set word wrap to the RFC2822 limit
|
||||
$mail->msgHTML($body, dirname(__FILE__), true); //Create message bodies and embed images
|
||||
@ -187,7 +194,7 @@ try {
|
||||
$example_code .= "\n\ntry {";
|
||||
$example_code .= "\n \$mail->send();";
|
||||
$example_code .= "\n \$results_messages[] = \"Message has been sent using " .
|
||||
strtoupper($_POST['test_type']) . "\";";
|
||||
addslashes(strtoupper($test_type)) . "\";";
|
||||
$example_code .= "\n}";
|
||||
$example_code .= "\ncatch (phpmailerException \$e) {";
|
||||
$example_code .= "\n throw new phpmailerAppException('Unable to send to: ' . \$to. ': '.\$e->getMessage());";
|
||||
@ -195,7 +202,7 @@ try {
|
||||
|
||||
try {
|
||||
$mail->send();
|
||||
$results_messages[] = "Message has been sent using " . strtoupper($_POST["test_type"]);
|
||||
$results_messages[] = "Message has been sent using " . strtoupper($test_type);
|
||||
} catch (phpmailerException $e) {
|
||||
throw new phpmailerAppException("Unable to send to: " . $to . ': ' . $e->getMessage());
|
||||
}
|
||||
@ -309,22 +316,22 @@ $example_code .= "\n}";
|
||||
|
||||
function startAgain() {
|
||||
var post_params = {
|
||||
"From_Name": "<?php echo $from_name; ?>",
|
||||
"From_Email": "<?php echo $from_email; ?>",
|
||||
"To_Name": "<?php echo $to_name; ?>",
|
||||
"To_Email": "<?php echo $to_email; ?>",
|
||||
"cc_Email": "<?php echo $cc_email; ?>",
|
||||
"bcc_Email": "<?php echo $bcc_email; ?>",
|
||||
"Subject": "<?php echo $subject; ?>",
|
||||
"Message": "<?php echo $message; ?>",
|
||||
"test_type": "<?php echo $test_type; ?>",
|
||||
"smtp_debug": "<?php echo $smtp_debug; ?>",
|
||||
"smtp_server": "<?php echo $smtp_server; ?>",
|
||||
"smtp_port": "<?php echo $smtp_port; ?>",
|
||||
"smtp_secure": "<?php echo $smtp_secure; ?>",
|
||||
"smtp_authenticate": "<?php echo $smtp_authenticate; ?>",
|
||||
"authenticate_username": "<?php echo $authenticate_username; ?>",
|
||||
"authenticate_password": "<?php echo $authenticate_password; ?>"
|
||||
"From_Name": <?php echo JSString($from_name); ?>,
|
||||
"From_Email": <?php echo JSString($from_email); ?>,
|
||||
"To_Name": <?php echo JSString($to_name); ?>,
|
||||
"To_Email": <?php echo JSString($to_email); ?>,
|
||||
"cc_Email": <?php echo JSString($cc_email); ?>,
|
||||
"bcc_Email": <?php echo JSString($bcc_email); ?>,
|
||||
"Subject": <?php echo JSString($subject); ?>,
|
||||
"Message": <?php echo JSString($message); ?>,
|
||||
"test_type": <?php echo JSString($test_type); ?>,
|
||||
"smtp_debug": <?php echo JSString($smtp_debug); ?>,
|
||||
"smtp_server": <?php echo JSString($smtp_server); ?>,
|
||||
"smtp_port": <?php echo JSString($smtp_port); ?>,
|
||||
"smtp_secure": <?php echo JSString($smtp_secure); ?>,
|
||||
"smtp_authenticate": <?php echo JSString($smtp_authenticate); ?>,
|
||||
"authenticate_username": <?php echo JSString($authenticate_username); ?>,
|
||||
"authenticate_password": <?php echo JSString($authenticate_password); ?>
|
||||
};
|
||||
|
||||
var resetForm = document.createElement("form");
|
||||
@ -374,7 +381,7 @@ if (isset($_POST["submit"]) && $_POST["submit"] == "Submit") {
|
||||
echo "<button type=\"submit\" onclick=\"startAgain();\">Start Over</button><br>\n";
|
||||
echo "<br><span>Script:</span>\n";
|
||||
echo "<pre class=\"brush: php;\">\n";
|
||||
echo $example_code;
|
||||
echo htmlentities($example_code);
|
||||
echo "\n</pre>\n";
|
||||
echo "\n<hr style=\"margin: 3em;\">\n";
|
||||
}
|
||||
@ -390,7 +397,7 @@ if (isset($_POST["submit"]) && $_POST["submit"] == "Submit") {
|
||||
<label for="From_Name"><strong>From</strong> Name</label>
|
||||
</td>
|
||||
<td class="colrite">
|
||||
<input type="text" id="From_Name" name="From_Name" value="<?php echo $from_name; ?>"
|
||||
<input type="text" id="From_Name" name="From_Name" value="<?php echo htmlentities($from_name); ?>"
|
||||
style="width:95%;" autofocus placeholder="Your Name">
|
||||
</td>
|
||||
</tr>
|
||||
@ -399,7 +406,7 @@ if (isset($_POST["submit"]) && $_POST["submit"] == "Submit") {
|
||||
<label for="From_Email"><strong>From</strong> Email Address</label>
|
||||
</td>
|
||||
<td class="colrite">
|
||||
<input type="text" id="From_Email" name="From_Email" value="<?php echo $from_email; ?>"
|
||||
<input type="text" id="From_Email" name="From_Email" value="<?php echo htmlentities($from_email); ?>"
|
||||
style="width:95%;" required placeholder="Your.Email@example.com">
|
||||
</td>
|
||||
</tr>
|
||||
@ -408,7 +415,7 @@ if (isset($_POST["submit"]) && $_POST["submit"] == "Submit") {
|
||||
<label for="To_Name"><strong>To</strong> Name</label>
|
||||
</td>
|
||||
<td class="colrite">
|
||||
<input type="text" id="To_Name" name="To_Name" value="<?php echo $to_name; ?>"
|
||||
<input type="text" id="To_Name" name="To_Name" value="<?php echo htmlentities($to_name); ?>"
|
||||
style="width:95%;" placeholder="Recipient's Name">
|
||||
</td>
|
||||
</tr>
|
||||
@ -417,7 +424,7 @@ if (isset($_POST["submit"]) && $_POST["submit"] == "Submit") {
|
||||
<label for="To_Email"><strong>To</strong> Email Address</label>
|
||||
</td>
|
||||
<td class="colrite">
|
||||
<input type="text" id="To_Email" name="To_Email" value="<?php echo $to_email; ?>"
|
||||
<input type="text" id="To_Email" name="To_Email" value="<?php echo htmlentities($to_email); ?>"
|
||||
style="width:95%;" required placeholder="Recipients.Email@example.com">
|
||||
</td>
|
||||
</tr>
|
||||
@ -428,7 +435,7 @@ if (isset($_POST["submit"]) && $_POST["submit"] == "Submit") {
|
||||
</label>
|
||||
</td>
|
||||
<td class="colrite">
|
||||
<input type="text" id="cc_Email" name="cc_Email" value="<?php echo $cc_email; ?>"
|
||||
<input type="text" id="cc_Email" name="cc_Email" value="<?php echo htmlentities($cc_email); ?>"
|
||||
style="width:95%;" placeholder="cc1@example.com, cc2@example.com">
|
||||
</td>
|
||||
</tr>
|
||||
@ -439,7 +446,7 @@ if (isset($_POST["submit"]) && $_POST["submit"] == "Submit") {
|
||||
</label>
|
||||
</td>
|
||||
<td class="colrite">
|
||||
<input type="text" id="bcc_Email" name="bcc_Email" value="<?php echo $bcc_email; ?>"
|
||||
<input type="text" id="bcc_Email" name="bcc_Email" value="<?php echo htmlentities($bcc_email); ?>"
|
||||
style="width:95%;" placeholder="bcc1@example.com, bcc2@example.com">
|
||||
</td>
|
||||
</tr>
|
||||
@ -448,7 +455,7 @@ if (isset($_POST["submit"]) && $_POST["submit"] == "Submit") {
|
||||
<label for="Subject"><strong>Subject</strong></label>
|
||||
</td>
|
||||
<td class="colrite">
|
||||
<input type="text" name="Subject" id="Subject" value="<?php echo $subject; ?>"
|
||||
<input type="text" name="Subject" id="Subject" value="<?php echo htmlentities($subject); ?>"
|
||||
style="width:95%;" placeholder="Email Subject">
|
||||
</td>
|
||||
</tr>
|
||||
@ -460,7 +467,7 @@ if (isset($_POST["submit"]) && $_POST["submit"] == "Submit") {
|
||||
</td>
|
||||
<td class="colrite">
|
||||
<textarea name="Message" id="Message" style="width:95%;height:5em;"
|
||||
placeholder="Body of your email"><?php echo $message; ?></textarea>
|
||||
placeholder="Body of your email"><?php echo htmlentities($message); ?></textarea>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
@ -531,7 +538,7 @@ if (isset($_POST["submit"]) && $_POST["submit"] == "Submit") {
|
||||
<td class="colleft"><label for="smtp_server">SMTP Server</label></td>
|
||||
<td class="colrite">
|
||||
<input type="text" id="smtp_server" name="smtp_server"
|
||||
value="<?php echo $smtp_server; ?>" style="width:95%;"
|
||||
value="<?php echo htmlentities($smtp_server); ?>" style="width:95%;"
|
||||
placeholder="smtp.server.com">
|
||||
</td>
|
||||
</tr>
|
||||
@ -539,7 +546,7 @@ if (isset($_POST["submit"]) && $_POST["submit"] == "Submit") {
|
||||
<td class="colleft" style="width: 5em;"><label for="smtp_port">SMTP Port</label></td>
|
||||
<td class="colrite">
|
||||
<input type="text" name="smtp_port" id="smtp_port" size="3"
|
||||
value="<?php echo $smtp_port; ?>" placeholder="Port">
|
||||
value="<?php echo htmlentities($smtp_port); ?>" placeholder="Port">
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
@ -560,14 +567,14 @@ if (isset($_POST["submit"]) && $_POST["submit"] == "Submit") {
|
||||
<?php if ($smtp_authenticate != '') {
|
||||
echo "checked";
|
||||
} ?>
|
||||
value="<?php echo $smtp_authenticate; ?>">
|
||||
value="true">
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="colleft"><label for="authenticate_username">Authenticate Username</label></td>
|
||||
<td class="colrite">
|
||||
<input type="text" id="authenticate_username" name="authenticate_username"
|
||||
value="<?php echo $authenticate_username; ?>" style="width:95%;"
|
||||
value="<?php echo htmlentities($authenticate_username); ?>" style="width:95%;"
|
||||
placeholder="SMTP Server Username">
|
||||
</td>
|
||||
</tr>
|
||||
@ -575,7 +582,7 @@ if (isset($_POST["submit"]) && $_POST["submit"] == "Submit") {
|
||||
<td class="colleft"><label for="authenticate_password">Authenticate Password</label></td>
|
||||
<td class="colrite">
|
||||
<input type="password" name="authenticate_password" id="authenticate_password"
|
||||
value="<?php echo $authenticate_password; ?>" style="width:95%;"
|
||||
value="<?php echo htmlentities($authenticate_password); ?>" style="width:95%;"
|
||||
placeholder="SMTP Server Password">
|
||||
</td>
|
||||
</tr>
|
||||
|
@ -1,6 +1,7 @@
|
||||
<?php
|
||||
/**
|
||||
* This example shows settings to use when sending via Google's Gmail servers.
|
||||
* The IMAP section shows how to save this message to the 'Sent Mail' folder using IMAP commands.
|
||||
*/
|
||||
|
||||
//SMTP needs accurate times, and the PHP time zone MUST be set
|
||||
@ -72,4 +73,27 @@ if (!$mail->send()) {
|
||||
echo "Mailer Error: " . $mail->ErrorInfo;
|
||||
} else {
|
||||
echo "Message sent!";
|
||||
//Section 2: IMAP
|
||||
//Uncomment these to save your message in the 'Sent Mail' folder.
|
||||
#if (save_mail($mail)) {
|
||||
# echo "Message saved!";
|
||||
#}
|
||||
}
|
||||
|
||||
//Section 2: IMAP
|
||||
//IMAP commands requires the PHP IMAP Extension, found at: https://php.net/manual/en/imap.setup.php
|
||||
//Function to call which uses the PHP imap_*() functions to save messages: https://php.net/manual/en/book.imap.php
|
||||
//You can use imap_getmailboxes($imapStream, '/imap/ssl') to get a list of available folders or labels, this can
|
||||
//be useful if you are trying to get this working on a non-Gmail IMAP server.
|
||||
function save_mail($mail) {
|
||||
//You can change 'Sent Mail' to any other folder or tag
|
||||
$path = "{imap.gmail.com:993/imap/ssl}[Gmail]/Sent Mail";
|
||||
|
||||
//Tell your server to open an IMAP connection using the same username and password as you used for SMTP
|
||||
$imapStream = imap_open($path, $mail->Username, $mail->Password);
|
||||
|
||||
$result = imap_append($imapStream, $path, $mail->getSentMIMEMessage());
|
||||
imap_close($imapStream);
|
||||
|
||||
return $result;
|
||||
}
|
||||
|
@ -43,8 +43,8 @@ $mail->SMTPAuth = true;
|
||||
//Set AuthType
|
||||
$mail->AuthType = 'XOAUTH2';
|
||||
|
||||
//User Email to use for SMTP authentication - Use the same Email used in Google Developer Console
|
||||
$mail->oauthUserEmail = "someone@gmail.com";
|
||||
//User Email to use for SMTP authentication - user who gave consent to our app
|
||||
$mail->oauthUserEmail = "from@gmail.com";
|
||||
|
||||
//Obtained From Google Developer Console
|
||||
$mail->oauthClientId = "RANDOMCHARS-----duv1n2.apps.googleusercontent.com";
|
||||
|
26
data/web/inc/lib/vendor/phpmailer/phpmailer/language/phpmailer.lang-ba.php
vendored
Normal file
26
data/web/inc/lib/vendor/phpmailer/phpmailer/language/phpmailer.lang-ba.php
vendored
Normal file
@ -0,0 +1,26 @@
|
||||
<?php
|
||||
/**
|
||||
* Bosnian PHPMailer language file: refer to English translation for definitive list
|
||||
* @package PHPMailer
|
||||
* @author Ermin Islamagić <ermin@islamagic.com>
|
||||
*/
|
||||
|
||||
$PHPMAILER_LANG['authenticate'] = 'SMTP Greška: Neuspjela prijava.';
|
||||
$PHPMAILER_LANG['connect_host'] = 'SMTP Greška: Ne moguće se spojiti sa SMTP serverom.';
|
||||
$PHPMAILER_LANG['data_not_accepted'] = 'SMTP Greška: Podatci nisu prihvaćeni.';
|
||||
$PHPMAILER_LANG['empty_message'] = 'Sadržaj poruke je prazan.';
|
||||
$PHPMAILER_LANG['encoding'] = 'Nepoznata kriptografija: ';
|
||||
$PHPMAILER_LANG['execute'] = 'Nije moguće izvršiti naredbu: ';
|
||||
$PHPMAILER_LANG['file_access'] = 'Nije moguće pristupiti datoteci: ';
|
||||
$PHPMAILER_LANG['file_open'] = 'Nije moguće otvoriti datoteku: ';
|
||||
$PHPMAILER_LANG['from_failed'] = 'SMTP Greška: Slanje sa navedenih e-mail adresa nije uspjelo: ';
|
||||
$PHPMAILER_LANG['recipients_failed'] = 'SMTP Greška: Slanje na navedene e-mail adrese nije uspjelo: ';
|
||||
$PHPMAILER_LANG['instantiate'] = 'Ne mogu pokrenuti mail funkcionalnost.';
|
||||
$PHPMAILER_LANG['invalid_address'] = 'E-mail nije poslan. Neispravna e-mail adresa: ';
|
||||
$PHPMAILER_LANG['mailer_not_supported'] = ' mailer nije podržan.';
|
||||
$PHPMAILER_LANG['provide_address'] = 'Definišite barem jednu adresu primaoca.';
|
||||
$PHPMAILER_LANG['signing'] = 'Greška prilikom prijave: ';
|
||||
$PHPMAILER_LANG['smtp_connect_failed'] = 'Spajanje na SMTP server nije uspjelo.';
|
||||
$PHPMAILER_LANG['smtp_error'] = 'SMTP greška: ';
|
||||
$PHPMAILER_LANG['variable_set'] = 'Nije moguće postaviti varijablu ili je vratiti nazad: ';
|
||||
$PHPMAILER_LANG['extension_missing'] = 'Nedostaje ekstenzija: ';
|
@ -1,25 +1,25 @@
|
||||
<?php
|
||||
/**
|
||||
* Norwegian PHPMailer language file: refer to English translation for definitive list
|
||||
* Norwegian Bokmål PHPMailer language file: refer to English translation for definitive list
|
||||
* @package PHPMailer
|
||||
*/
|
||||
|
||||
$PHPMAILER_LANG['authenticate'] = 'SMTP Feil: Kunne ikke autentisere.';
|
||||
$PHPMAILER_LANG['connect_host'] = 'SMTP Feil: Kunne ikke koble til SMTP tjener.';
|
||||
$PHPMAILER_LANG['data_not_accepted'] = 'SMTP Feil: Data ble ikke akseptert.';
|
||||
$PHPMAILER_LANG['empty_message'] = 'Meldingsinnholdet er tomt';
|
||||
$PHPMAILER_LANG['encoding'] = 'Ukjent tegnkoding: ';
|
||||
$PHPMAILER_LANG['data_not_accepted'] = 'SMTP Feil: Datainnhold ikke akseptert.';
|
||||
$PHPMAILER_LANG['empty_message'] = 'Melding kropp tomt';
|
||||
$PHPMAILER_LANG['encoding'] = 'Ukjent koding: ';
|
||||
$PHPMAILER_LANG['execute'] = 'Kunne ikke utføre: ';
|
||||
$PHPMAILER_LANG['file_access'] = 'Får ikke tilgang til filen: ';
|
||||
$PHPMAILER_LANG['file_open'] = 'Fil feil: Kunne ikke åpne filen: ';
|
||||
$PHPMAILER_LANG['from_failed'] = 'Følgende avsenderadresse feilet: ';
|
||||
$PHPMAILER_LANG['instantiate'] = 'Kunne ikke initialisere mailfunksjonen.';
|
||||
$PHPMAILER_LANG['invalid_address'] = 'Meldingen ble ikke sendt, følgende adresse er ugyldig: ';
|
||||
$PHPMAILER_LANG['provide_address'] = 'Du må angi minst en mottakeradresse.';
|
||||
$PHPMAILER_LANG['mailer_not_supported'] = ' mailer er ikke supportert.';
|
||||
$PHPMAILER_LANG['recipients_failed'] = 'SMTP Feil: Følgende mottagere feilet: ';
|
||||
$PHPMAILER_LANG['signing'] = 'Signeringsfeil: ';
|
||||
$PHPMAILER_LANG['smtp_connect_failed'] = 'SMTP Connect() feilet.';
|
||||
$PHPMAILER_LANG['smtp_error'] = 'SMTP-serverfeil: ';
|
||||
$PHPMAILER_LANG['variable_set'] = 'Kan ikke sette eller resette variabelen: ';
|
||||
//$PHPMAILER_LANG['extension_missing'] = 'Extension missing: ';
|
||||
$PHPMAILER_LANG['file_open'] = 'Fil Feil: Kunne ikke åpne filen: ';
|
||||
$PHPMAILER_LANG['from_failed'] = 'Følgende Frå adresse feilet: ';
|
||||
$PHPMAILER_LANG['instantiate'] = 'Kunne ikke initialisere post funksjon.';
|
||||
$PHPMAILER_LANG['invalid_address'] = 'Ugyldig adresse: ';
|
||||
$PHPMAILER_LANG['mailer_not_supported'] = ' sender er ikke støttet.';
|
||||
$PHPMAILER_LANG['provide_address'] = 'Du må opppgi minst en mottakeradresse.';
|
||||
$PHPMAILER_LANG['recipients_failed'] = 'SMTP Feil: Følgende mottakeradresse feilet: ';
|
||||
$PHPMAILER_LANG['signing'] = 'Signering Feil: ';
|
||||
$PHPMAILER_LANG['smtp_connect_failed'] = 'SMTP connect() feilet.';
|
||||
$PHPMAILER_LANG['smtp_error'] = 'SMTP server feil: ';
|
||||
$PHPMAILER_LANG['variable_set'] = 'Kan ikke skrive eller omskrive variabel: ';
|
||||
$PHPMAILER_LANG['extension_missing'] = 'Utvidelse mangler: ';
|
||||
|
@ -5,6 +5,7 @@
|
||||
* @author Paulo Henrique Garcia <paulo@controllerweb.com.br>
|
||||
* @author Lucas Guimarães <lucas@lucasguimaraes.com>
|
||||
* @author Phelipe Alves <phelipealvesdesouza@gmail.com>
|
||||
* @author Fabio Beneditto <fabiobeneditto@gmail.com>
|
||||
*/
|
||||
|
||||
$PHPMAILER_LANG['authenticate'] = 'Erro de SMTP: Não foi possível autenticar.';
|
||||
@ -15,7 +16,7 @@ $PHPMAILER_LANG['encoding'] = 'Codificação desconhecida: ';
|
||||
$PHPMAILER_LANG['execute'] = 'Não foi possível executar: ';
|
||||
$PHPMAILER_LANG['file_access'] = 'Não foi possível acessar o arquivo: ';
|
||||
$PHPMAILER_LANG['file_open'] = 'Erro de Arquivo: Não foi possível abrir o arquivo: ';
|
||||
$PHPMAILER_LANG['from_failed'] = 'Os seguintes remententes falharam: ';
|
||||
$PHPMAILER_LANG['from_failed'] = 'Os seguintes remetentes falharam: ';
|
||||
$PHPMAILER_LANG['instantiate'] = 'Não foi possível instanciar a função mail.';
|
||||
$PHPMAILER_LANG['invalid_address'] = 'Endereço de e-mail inválido: ';
|
||||
$PHPMAILER_LANG['mailer_not_supported'] = ' mailer não é suportado.';
|
||||
|
@ -23,4 +23,4 @@ $PHPMAILER_LANG['signing'] = 'Грешка приликом при
|
||||
$PHPMAILER_LANG['smtp_connect_failed'] = 'Повезивање са SMTP сервером није успело.';
|
||||
$PHPMAILER_LANG['smtp_error'] = 'Грешка SMTP сервера: ';
|
||||
$PHPMAILER_LANG['variable_set'] = 'Није могуће задати променљиву, нити је вратити уназад: ';
|
||||
//$PHPMAILER_LANG['extension_missing'] = 'Extension missing: ';
|
||||
$PHPMAILER_LANG['extension_missing'] = 'Недостаје проширење: ';
|
@ -6,6 +6,7 @@
|
||||
* @author Can Yılmaz
|
||||
* @author Mehmet Benlioğlu
|
||||
* @author @yasinaydin
|
||||
* @author Ogün Karakuş
|
||||
*/
|
||||
|
||||
$PHPMAILER_LANG['authenticate'] = 'SMTP Hatası: Oturum açılamadı.';
|
||||
@ -26,4 +27,4 @@ $PHPMAILER_LANG['signing'] = 'İmzalama hatası: ';
|
||||
$PHPMAILER_LANG['smtp_connect_failed'] = 'SMTP connect() fonksiyonu başarısız.';
|
||||
$PHPMAILER_LANG['smtp_error'] = 'SMTP sunucu hatası: ';
|
||||
$PHPMAILER_LANG['variable_set'] = 'Değişken ayarlanamadı ya da sıfırlanamadı: ';
|
||||
//$PHPMAILER_LANG['extension_missing'] = 'Extension missing: ';
|
||||
$PHPMAILER_LANG['extension_missing'] = 'Eklenti bulunamadı: ';
|
||||
|
@ -4,13 +4,14 @@
|
||||
* @package PHPMailer
|
||||
* @author liqwei <liqwei@liqwei.com>
|
||||
* @author young <masxy@foxmail.com>
|
||||
* @author Teddysun <i@teddysun.com>
|
||||
*/
|
||||
|
||||
$PHPMAILER_LANG['authenticate'] = 'SMTP 错误:登录失败。';
|
||||
$PHPMAILER_LANG['connect_host'] = 'SMTP 错误:无法连接到 SMTP 主机。';
|
||||
$PHPMAILER_LANG['data_not_accepted'] = 'SMTP 错误:数据不被接受。';
|
||||
$PHPMAILER_LANG['empty_message'] = '邮件正文为空。';
|
||||
$PHPMAILER_LANG['encoding'] = '未知编码: ';
|
||||
$PHPMAILER_LANG['encoding'] = '未知编码:';
|
||||
$PHPMAILER_LANG['execute'] = '无法执行:';
|
||||
$PHPMAILER_LANG['file_access'] = '无法访问文件:';
|
||||
$PHPMAILER_LANG['file_open'] = '文件错误:无法打开文件:';
|
||||
@ -22,6 +23,6 @@ $PHPMAILER_LANG['provide_address'] = '必须提供至少一个收件人地
|
||||
$PHPMAILER_LANG['recipients_failed'] = 'SMTP 错误:收件人地址错误:';
|
||||
$PHPMAILER_LANG['signing'] = '登录失败:';
|
||||
$PHPMAILER_LANG['smtp_connect_failed'] = 'SMTP服务器连接失败。';
|
||||
$PHPMAILER_LANG['smtp_error'] = 'SMTP服务器出错: ';
|
||||
$PHPMAILER_LANG['smtp_error'] = 'SMTP服务器出错:';
|
||||
$PHPMAILER_LANG['variable_set'] = '无法设置或重置变量:';
|
||||
//$PHPMAILER_LANG['extension_missing'] = 'Extension missing: ';
|
||||
$PHPMAILER_LANG['extension_missing'] = '丢失模块 Extension:';
|
||||
|
@ -63,6 +63,7 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/lang/lang.en.php';
|
||||
include $_SERVER['DOCUMENT_ROOT'] . '/lang/lang.'.$_SESSION['mailcow_locale'].'.php';
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.inc.php';
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.mailbox.inc.php';
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.customize.inc.php';
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.domain_admin.inc.php';
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.policy.inc.php';
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.dkim.inc.php';
|
||||
|
@ -53,6 +53,7 @@ if (isset($_SESSION['mailcow_cc_role']) && session_check() === false) {
|
||||
'msg' => 'Form token invalid or timed out'
|
||||
);
|
||||
$_POST = array();
|
||||
$_FILES = array();
|
||||
}
|
||||
|
||||
// Handle logouts
|
||||
|
@ -63,4 +63,14 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
|
||||
unset_tfa_key($_POST);
|
||||
}
|
||||
}
|
||||
if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "admin") {
|
||||
if (isset($_POST["submit_main_logo"])) {
|
||||
if ($_FILES['main_logo']['error'] == 0) {
|
||||
customize('add', 'main_logo', $_FILES);
|
||||
}
|
||||
}
|
||||
if (isset($_POST["reset_main_logo"])) {
|
||||
customize('delete', 'main_logo');
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
@ -30,10 +30,12 @@ if ($https_port === FALSE) {
|
||||
//$https_port = 1234;
|
||||
// Other settings =>
|
||||
$autodiscover_config = array(
|
||||
// Enable the autodiscover service for Outlook desktop clients
|
||||
'useEASforOutlook' => 'yes',
|
||||
// General autodiscover service type: "activesync" or "imap"
|
||||
// emClient uses autodiscover, but does not support ActiveSync. mailcow excludes emClient from ActiveSync.
|
||||
'autodiscoverType' => 'activesync',
|
||||
// If autodiscoverType => activesync, also use ActiveSync (EAS) for Outlook desktop clients (>= Outlook 2013 on Windows)
|
||||
// Outlook for Mac does not support ActiveSync
|
||||
'useEASforOutlook' => 'yes',
|
||||
// Please don't use STARTTLS-enabled service ports in the "port" variable.
|
||||
// The autodiscover service will always point to SMTPS and IMAPS (TLS-wrapped services).
|
||||
// The autoconfig service will additionally announce the STARTTLS-enabled ports, specified in the "tlsport" variable.
|
||||
|
@ -23,7 +23,7 @@ $_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-heading"><span class="glyphicon glyphicon-user" aria-hidden="true"></span> <?= $lang['login']['login']; ?></div>
|
||||
<div class="panel-body">
|
||||
<div class="text-center"><img style="max-width: 250px;" src="/img/cow_mailcow.svg" alt="mailcow"></div>
|
||||
<div class="text-center mailcow-logo"><img src="<?=($main_logo = customize('get', 'main_logo')) ? $main_logo : '/img/cow_mailcow.svg';?>" alt="mailcow"></div>
|
||||
<legend>mailcow UI</legend>
|
||||
<form method="post" autofill="off">
|
||||
<div class="form-group">
|
||||
@ -72,6 +72,14 @@ $_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
|
||||
<a href="<?= htmlspecialchars($app['link']); ?>" role="button" title="<?= htmlspecialchars($app['description']); ?>" class="btn btn-lg btn-default"><?= htmlspecialchars($app['name']); ?></a>
|
||||
<?php
|
||||
endforeach;
|
||||
$app_links = customize('get', 'app_links');
|
||||
foreach ($app_links as $row) {
|
||||
foreach ($row as $key => $val):
|
||||
?>
|
||||
<a href="<?= htmlspecialchars($val); ?>" role="button" class="btn btn-lg btn-default"><?= htmlspecialchars($key); ?></a>
|
||||
<?php
|
||||
endforeach;
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -124,6 +124,10 @@ jQuery(function($){
|
||||
e.preventDefault();
|
||||
draw_postfix_logs();
|
||||
});
|
||||
$("#refresh_autodiscover_log").on('click', function(e) {
|
||||
e.preventDefault();
|
||||
draw_autodiscover_logs();
|
||||
});
|
||||
$("#refresh_dovecot_log").on('click', function(e) {
|
||||
e.preventDefault();
|
||||
draw_dovecot_logs();
|
||||
@ -192,6 +196,52 @@ jQuery(function($){
|
||||
}
|
||||
});
|
||||
}
|
||||
function draw_autodiscover_logs() {
|
||||
ft_autodiscover_logs = FooTable.init('#autodiscover_log', {
|
||||
"columns": [
|
||||
{"name":"time","formatter":function unix_time_format(tm) { var date = new Date(tm ? tm * 1000 : 0); return date.toLocaleString();},"title":lang.time,"style":{"width":"170px"}},
|
||||
{"name":"ua","title":"User-Agent","style":{"min-width":"200px"}},
|
||||
{"name":"user","title":"Username","style":{"min-width":"200px"}},
|
||||
{"name":"service","title":"Service"},
|
||||
],
|
||||
"rows": $.ajax({
|
||||
dataType: 'json',
|
||||
url: '/api/v1/get/logs/autodiscover/100',
|
||||
jsonp: false,
|
||||
error: function () {
|
||||
console.log('Cannot draw autodiscover log table');
|
||||
},
|
||||
success: function (data) {
|
||||
$.each(data, function (i, item) {
|
||||
item.ua = '<span style="font-size:small">' + item.ua + '</span>';
|
||||
if (item.service == "activesync") {
|
||||
item.service = '<span class="label label-info">ActiveSync</span>';
|
||||
}
|
||||
else if (item.service == "imap") {
|
||||
item.service = '<span class="label label-success">IMAP, SMTP, Cal-/CardDAV</span>';
|
||||
}
|
||||
else {
|
||||
item.service = '<span class="label label-danger">' + item.service + '</span>';
|
||||
}
|
||||
});
|
||||
}
|
||||
}),
|
||||
"empty": lang.empty,
|
||||
"paging": {
|
||||
"enabled": true,
|
||||
"limit": 5,
|
||||
"size": log_pagination_size
|
||||
},
|
||||
"filtering": {
|
||||
"enabled": true,
|
||||
"position": "left",
|
||||
"placeholder": lang.filter_table
|
||||
},
|
||||
"sorting": {
|
||||
"enabled": true
|
||||
}
|
||||
});
|
||||
}
|
||||
function draw_fail2ban_logs() {
|
||||
ft_fail2ban_logs = FooTable.init('#fail2ban_log', {
|
||||
"columns": [
|
||||
@ -637,6 +687,7 @@ jQuery(function($){
|
||||
});
|
||||
}
|
||||
draw_postfix_logs();
|
||||
draw_autodiscover_logs();
|
||||
draw_dovecot_logs();
|
||||
draw_sogo_logs();
|
||||
draw_fail2ban_logs();
|
||||
@ -679,6 +730,24 @@ jQuery(function($){
|
||||
}
|
||||
});
|
||||
})
|
||||
|
||||
function add_table_row(table_id) {
|
||||
var row = $('<tr />');
|
||||
cols = '<td><input class="input-sm form-control" data-id="app_links" type="text" name="app" required></td>';
|
||||
cols += '<td><input class="input-sm form-control" data-id="app_links" type="text" name="href" required></td>';
|
||||
cols += '<td><a href="#" role="button" class="btn btn-xs btn-default" type="button">Remove row</a></td>';
|
||||
row.append(cols);
|
||||
table_id.append(row);
|
||||
}
|
||||
|
||||
$('#app_link_table').on('click', 'tr a', function (e) {
|
||||
e.preventDefault();
|
||||
$(this).parents('tr').remove();
|
||||
});
|
||||
|
||||
$('#add_app_link_row').click(function() {
|
||||
add_table_row($('#app_link_table'));
|
||||
});
|
||||
});
|
||||
|
||||
$(window).load(function(){
|
||||
|
@ -14,7 +14,7 @@ $(document).ready(function() {
|
||||
});
|
||||
return o;
|
||||
};
|
||||
// Collect values of input fields with name "multi_select" an same data-id to js array multi_data[data-id]
|
||||
// Collect values of input fields with name "multi_select" and same data-id to js array multi_data[data-id]
|
||||
var multi_data = [];
|
||||
$(document).on('change', 'input[name=multi_select]:checkbox', function() {
|
||||
if ($(this).is(':checked') && $(this).data('id')) {
|
||||
@ -105,7 +105,8 @@ $(document).ready(function() {
|
||||
url: '/api/v1/' + api_url,
|
||||
jsonp: false,
|
||||
complete: function(data) {
|
||||
// var reponse = (JSON.parse(data.responseText));
|
||||
var response = (data.responseText);
|
||||
// alert(response);
|
||||
// console.log(reponse.type);
|
||||
// console.log(reponse.msg);
|
||||
window.location = window.location.href.split("#")[0];
|
||||
|
10
data/web/js/bootstrap-filestyle.min.js
vendored
Normal file
10
data/web/js/bootstrap-filestyle.min.js
vendored
Normal file
File diff suppressed because one or more lines are too long
@ -769,6 +769,21 @@ if (isset($_SESSION['mailcow_cc_role']) || isset($_SESSION['pending_mailcow_cc_u
|
||||
echo '{}';
|
||||
}
|
||||
break;
|
||||
case "autodiscover":
|
||||
if (isset($extra) && !empty($extra)) {
|
||||
$extra = intval($extra);
|
||||
$logs = get_logs('autodiscover-mailcow', $extra);
|
||||
}
|
||||
else {
|
||||
$logs = get_logs('autodiscover-mailcow', -1);
|
||||
}
|
||||
if (isset($logs) && !empty($logs)) {
|
||||
echo json_encode($logs, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT);
|
||||
}
|
||||
else {
|
||||
echo '{}';
|
||||
}
|
||||
break;
|
||||
case "sogo":
|
||||
if (isset($extra) && !empty($extra)) {
|
||||
$extra = intval($extra);
|
||||
@ -1780,6 +1795,48 @@ if (isset($_SESSION['mailcow_cc_role']) || isset($_SESSION['pending_mailcow_cc_u
|
||||
));
|
||||
}
|
||||
break;
|
||||
case "app_links":
|
||||
if (isset($_POST['attr'])) {
|
||||
$attr = (array)json_decode($_POST['attr'], true);
|
||||
if (is_array($attr)) {
|
||||
if (customize('edit', 'app_links', $attr) === false) {
|
||||
if (isset($_SESSION['return'])) {
|
||||
echo json_encode($_SESSION['return']);
|
||||
}
|
||||
else {
|
||||
echo json_encode(array(
|
||||
'type' => 'error',
|
||||
'msg' => 'Edit failed'
|
||||
));
|
||||
}
|
||||
exit();
|
||||
}
|
||||
else {
|
||||
if (isset($_SESSION['return'])) {
|
||||
echo json_encode($_SESSION['return']);
|
||||
}
|
||||
else {
|
||||
echo json_encode(array(
|
||||
'type' => 'success',
|
||||
'msg' => 'Task completed'
|
||||
));
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo json_encode(array(
|
||||
'type' => 'error',
|
||||
'msg' => 'Incomplete post data'
|
||||
));
|
||||
}
|
||||
}
|
||||
else {
|
||||
echo json_encode(array(
|
||||
'type' => 'error',
|
||||
'msg' => 'Incomplete post data'
|
||||
));
|
||||
}
|
||||
break;
|
||||
case "relayhost":
|
||||
if (isset($_POST['items']) && isset($_POST['attr'])) {
|
||||
$items = (array)json_decode($_POST['items'], true);
|
||||
|
@ -512,3 +512,14 @@ $lang['success']['relayhost_removed'] = "Relayhost %s wurde entfernt";
|
||||
$lang['success']['relayhost_added'] = "Relayhost %s wurde hinzugefügt";
|
||||
$lang['admin']['relay_from'] = "Absenderadresse";
|
||||
$lang['admin']['relay_run'] = "Test durchführen";
|
||||
$lang['admin']['customize'] = "Anpassung";
|
||||
$lang['admin']['change_logo'] = "Logo ändern";
|
||||
$lang['admin']['logo_info'] = "Die hochgeladene Grafik wird für die Navigationsleiste auf eine Höhe von 40px skaliert. Für die Startseite ist eine Skalierung auf eine maximale Breite von 250px programmiert. Eine frei skalierbare Grafik (etwa SVG) wird empfohlen.";
|
||||
$lang['admin']['upload'] = "Hochladen";
|
||||
$lang['admin']['app_links'] = "App Links";
|
||||
$lang['admin']['app_name'] = "App Name";
|
||||
$lang['admin']['link'] = "Link";
|
||||
$lang['admin']['remove_row'] = "Zeile entfernen";
|
||||
$lang['admin']['add_row'] = "Zeile hinzufügen";
|
||||
$lang['admin']['reset_default'] = "Auf Standard zurücksetzen";
|
||||
$lang['admin']['merged_vars_hint'] = 'Ausgegraute Zeilen wurden aus der Datei <code>vars.inc.(local.)php</code> gelesen und können nicht mittels UI verändert werden.';
|
||||
|
@ -525,3 +525,23 @@ $lang['success']['relayhost_removed'] = "Relayhost %s has been removed";
|
||||
$lang['success']['relayhost_added'] = "Relayhost %s has been added";
|
||||
$lang['admin']['relay_from'] = '"From:" address';
|
||||
$lang['admin']['relay_run'] = "Run test";
|
||||
|
||||
$lang['admin']['customize'] = "Customize";
|
||||
$lang['admin']['change_logo'] = "Change logo";
|
||||
$lang['admin']['logo_info'] = "Your image will be scaled to a height of 40px for the top navigation bar and a max. width of 250px for the start page. A scalable graphic is highly recommended.";
|
||||
$lang['admin']['upload'] = "Upload";
|
||||
$lang['admin']['app_links'] = "App links";
|
||||
$lang['admin']['app_name'] = "App name";
|
||||
$lang['admin']['link'] = "Link";
|
||||
$lang['admin']['remove_row'] = "Remove row";
|
||||
$lang['admin']['add_row'] = "Add row";
|
||||
$lang['admin']['reset_default'] = "Reset to default";
|
||||
$lang['admin']['merged_vars_hint'] = 'Greyed out rows were merged from <code>vars.inc.(local.)php</code> and cannot be modified.';
|
||||
|
||||
$lang['edit']['tls_policy'] = "Change TLS policy";
|
||||
$lang['edit']['spam_score'] = "Set a custom spam score";
|
||||
$lang['edit']['spam_policy'] = "Add or remove items to white-/blacklist";
|
||||
$lang['edit']['delimiter_action'] = "Change delimiter action";
|
||||
$lang['edit']['syncjobs'] = "Add or change sync jobs";
|
||||
$lang['edit']['eas_reset'] = "Reset EAS devices";
|
||||
$lang['edit']['spam_alias'] = "Create or change time limited alias addresses";
|
||||
|
@ -413,6 +413,13 @@ if (!isset($_SESSION['mailcow_cc_role'])) {
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" value="1" name="delete2"> <?=$lang['add']['delete2'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
|
@ -268,8 +268,8 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
|
||||
<h4><?=$lang['user']['spamfilter_behavior'];?></h4>
|
||||
<form class="form-horizontal" role="form" data-id="spam_score" method="post">
|
||||
<div class="form-group">
|
||||
<div class="col-sm-12">
|
||||
<input name="spam_score" id="spam_score" type="text" style="width: 100% !important;"
|
||||
<div class="col-lg-6 col-sm-12">
|
||||
<input name="spam_score" id="spam_score" type="text" style="width: 100%;"
|
||||
data-provide="slider"
|
||||
data-slider-min="1"
|
||||
data-slider-max="2000"
|
||||
@ -321,14 +321,13 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
|
||||
<div class="btn-group">
|
||||
<a class="btn btn-sm btn-default" id="toggle_multi_select_all" data-id="policy_wl_mailbox" href="#"><span class="glyphicon glyphicon-check" aria-hidden="true"></span> <?=$lang['mailbox']['toggle_all'];?></a>
|
||||
<a class="btn btn-sm btn-danger" id="delete_selected" data-id="policy_wl_mailbox" data-api-url='delete/mailbox-policy' href="#"><?=$lang['mailbox']['remove'];?></a></li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
<form class="form-inline" data-id="add_wl_policy_mailbox">
|
||||
<div class="input-group">
|
||||
<input type="text" class="form-control" name="object_from" id="object_from" placeholder="*@example.org" required>
|
||||
<span class="input-group-btn">
|
||||
<button class="btn btn-success" id="add_item" data-id="add_wl_policy_mailbox" data-api-url='add/mailbox-policy' data-api-attr='{"username":"<?= $username; ?>","object_list":"wl"}' href="#"><span class="glyphicon glyphicon-plus"></span> <?=$lang['user']['spamfilter_table_add'];?></button>
|
||||
<button class="btn btn-default" id="add_item" data-id="add_wl_policy_mailbox" data-api-url='add/mailbox-policy' data-api-attr='{"username":"<?= $username; ?>","object_list":"wl"}' href="#"><span class="glyphicon glyphicon-plus"></span> <?=$lang['user']['spamfilter_table_add'];?></button>
|
||||
</span>
|
||||
</div>
|
||||
</form>
|
||||
@ -349,7 +348,6 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
|
||||
<div class="btn-group">
|
||||
<a class="btn btn-sm btn-default" id="toggle_multi_select_all" data-id="policy_bl_mailbox" href="#"><span class="glyphicon glyphicon-check" aria-hidden="true"></span> <?=$lang['mailbox']['toggle_all'];?></a>
|
||||
<a class="btn btn-sm btn-danger" id="delete_selected" data-id="policy_bl_mailbox" data-api-url='delete/mailbox-policy' href="#"><?=$lang['mailbox']['remove'];?></a></li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
<form class="form-inline" data-id="add_bl_policy_mailbox">
|
||||
@ -358,7 +356,7 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
|
||||
<input type="hidden" name="username" value="<?= $username ;?>">
|
||||
<input type="hidden" name="object_list" value="bl">
|
||||
<span class="input-group-btn">
|
||||
<button class="btn btn-success" id="add_item" data-id="add_bl_policy_mailbox" data-api-url='add/mailbox-policy' data-api-attr='{"username":"<?= $username; ?>","object_list":"bl"}' href="#"><span class="glyphicon glyphicon-plus"></span> <?=$lang['user']['spamfilter_table_add'];?></button>
|
||||
<button class="btn btn-default" id="add_item" data-id="add_bl_policy_mailbox" data-api-url='add/mailbox-policy' data-api-attr='{"username":"<?= $username; ?>","object_list":"bl"}' href="#"><span class="glyphicon glyphicon-plus"></span> <?=$lang['user']['spamfilter_table_add'];?></button>
|
||||
</span>
|
||||
</div>
|
||||
</form>
|
||||
|
@ -5,7 +5,6 @@ services:
|
||||
image: mailcow/unbound:1.0
|
||||
build: ./data/Dockerfiles/unbound
|
||||
command: /usr/sbin/unbound
|
||||
init: true
|
||||
depends_on:
|
||||
mysql-mailcow:
|
||||
condition: service_healthy
|
||||
@ -34,11 +33,9 @@ services:
|
||||
- MYSQL_DATABASE=${DBNAME}
|
||||
- MYSQL_USER=${DBUSER}
|
||||
- MYSQL_PASSWORD=${DBPASS}
|
||||
init: true
|
||||
restart: always
|
||||
dns:
|
||||
- 172.22.1.254
|
||||
dns_search: mailcow-network
|
||||
networks:
|
||||
mailcow-network:
|
||||
ipv4_address: 172.22.1.250
|
||||
@ -52,7 +49,6 @@ services:
|
||||
restart: always
|
||||
dns:
|
||||
- 172.22.1.254
|
||||
dns_search: mailcow-network
|
||||
networks:
|
||||
mailcow-network:
|
||||
ipv4_address: 172.22.1.249
|
||||
@ -60,24 +56,22 @@ services:
|
||||
- redis
|
||||
|
||||
clamd-mailcow:
|
||||
image: mailcow/clamd:1.3
|
||||
image: mailcow/clamd:1.5
|
||||
build: ./data/Dockerfiles/clamd
|
||||
restart: on-failure
|
||||
restart: always
|
||||
environment:
|
||||
- SKIP_CLAMD=${SKIP_CLAMD:-n}
|
||||
init: true
|
||||
dns:
|
||||
- 172.22.1.254
|
||||
dns_search: mailcow-network
|
||||
networks:
|
||||
mailcow-network:
|
||||
aliases:
|
||||
- clamd
|
||||
|
||||
rspamd-mailcow:
|
||||
image: mailcow/rspamd:1.8
|
||||
image: mailcow/rspamd:1.12
|
||||
build: ./data/Dockerfiles/rspamd
|
||||
command: "/usr/bin/rspamd -f -u _rspamd -g _rspamd"
|
||||
stop_grace_period: 30s
|
||||
depends_on:
|
||||
- nginx-mailcow
|
||||
volumes:
|
||||
@ -88,10 +82,8 @@ services:
|
||||
- dkim-vol-1:/data/dkim
|
||||
- rspamd-vol-1:/var/lib/rspamd
|
||||
restart: always
|
||||
init: true
|
||||
dns:
|
||||
- 172.22.1.254
|
||||
dns_search: mailcow-network
|
||||
hostname: rspamd
|
||||
networks:
|
||||
mailcow-network:
|
||||
@ -100,13 +92,13 @@ services:
|
||||
- rspamd
|
||||
|
||||
php-fpm-mailcow:
|
||||
image: mailcow/phpfpm:1.1
|
||||
image: mailcow/phpfpm:1.3
|
||||
build: ./data/Dockerfiles/phpfpm
|
||||
command: "php-fpm -d date.timezone=${TZ}"
|
||||
command: "php-fpm -d date.timezone=${TZ} -d expose_php=0"
|
||||
depends_on:
|
||||
- redis-mailcow
|
||||
volumes:
|
||||
- ./data/web:/web:ro
|
||||
- ./data/web:/web:rw
|
||||
- ./data/conf/rspamd/dynmaps:/dynmaps:ro
|
||||
- dkim-vol-1:/data/dkim
|
||||
environment:
|
||||
@ -125,14 +117,13 @@ services:
|
||||
restart: always
|
||||
dns:
|
||||
- 172.22.1.254
|
||||
dns_search: mailcow-network
|
||||
networks:
|
||||
mailcow-network:
|
||||
aliases:
|
||||
- phpfpm
|
||||
|
||||
sogo-mailcow:
|
||||
image: mailcow/sogo:1.8
|
||||
image: mailcow/sogo:1.10
|
||||
build: ./data/Dockerfiles/sogo
|
||||
environment:
|
||||
- DBNAME=${DBNAME}
|
||||
@ -145,7 +136,6 @@ services:
|
||||
restart: always
|
||||
dns:
|
||||
- 172.22.1.254
|
||||
dns_search: mailcow-network
|
||||
networks:
|
||||
mailcow-network:
|
||||
ipv4_address: 172.22.1.252
|
||||
@ -153,7 +143,7 @@ services:
|
||||
- sogo
|
||||
|
||||
dovecot-mailcow:
|
||||
image: mailcow/dovecot:1.8
|
||||
image: mailcow/dovecot:1.9
|
||||
build: ./data/Dockerfiles/dovecot
|
||||
volumes:
|
||||
- ./data/conf/dovecot:/usr/local/etc/dovecot
|
||||
@ -180,7 +170,6 @@ services:
|
||||
hard: 40000
|
||||
dns:
|
||||
- 172.22.1.254
|
||||
dns_search: mailcow-network
|
||||
hostname: ${MAILCOW_HOSTNAME}
|
||||
networks:
|
||||
mailcow-network:
|
||||
@ -188,7 +177,7 @@ services:
|
||||
- dovecot
|
||||
|
||||
postfix-mailcow:
|
||||
image: mailcow/postfix:1.4
|
||||
image: mailcow/postfix:1.7
|
||||
build: ./data/Dockerfiles/postfix
|
||||
volumes:
|
||||
- ./data/conf/postfix:/opt/postfix/conf
|
||||
@ -206,7 +195,6 @@ services:
|
||||
restart: always
|
||||
dns:
|
||||
- 172.22.1.254
|
||||
dns_search: mailcow-network
|
||||
hostname: ${MAILCOW_HOSTNAME}
|
||||
networks:
|
||||
mailcow-network:
|
||||
@ -218,7 +206,6 @@ services:
|
||||
restart: always
|
||||
dns:
|
||||
- 172.22.1.254
|
||||
dns_search: mailcow-network
|
||||
networks:
|
||||
mailcow-network:
|
||||
aliases:
|
||||
@ -232,6 +219,7 @@ services:
|
||||
command: /bin/sh -c "envsubst < /etc/nginx/conf.d/templates/listen_plain.template > /etc/nginx/conf.d/listen_plain.active &&
|
||||
envsubst < /etc/nginx/conf.d/templates/listen_ssl.template > /etc/nginx/conf.d/listen_ssl.active &&
|
||||
envsubst < /etc/nginx/conf.d/templates/server_name.template > /etc/nginx/conf.d/server_name.active &&
|
||||
nginx -qt &&
|
||||
until ping phpfpm -c1 > /dev/null; do sleep 1; done &&
|
||||
exec nginx -g 'daemon off;'"
|
||||
environment:
|
||||
@ -249,7 +237,6 @@ services:
|
||||
restart: always
|
||||
dns:
|
||||
- 172.22.1.254
|
||||
dns_search: mailcow-network
|
||||
networks:
|
||||
mailcow-network:
|
||||
ipv4_address: 172.22.1.251
|
||||
@ -259,12 +246,11 @@ services:
|
||||
acme-mailcow:
|
||||
depends_on:
|
||||
- nginx-mailcow
|
||||
image: mailcow/acme:1.17
|
||||
- mysql-mailcow
|
||||
image: mailcow/acme:1.22
|
||||
build: ./data/Dockerfiles/acme
|
||||
init: true
|
||||
dns:
|
||||
- 172.22.1.254
|
||||
dns_search: mailcow-network
|
||||
environment:
|
||||
- ADDITIONAL_SAN=${ADDITIONAL_SAN}
|
||||
- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
|
||||
@ -277,17 +263,16 @@ services:
|
||||
- ./data/web/.well-known/acme-challenge:/var/www/acme:rw
|
||||
- ./data/assets/ssl:/var/lib/acme/:rw
|
||||
- ./data/assets/ssl-example:/var/lib/ssl-example/:ro
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
# do not restart the container too often. Things get worse when we hit let's encrypt's ratelimit.
|
||||
restart: on-failure:1
|
||||
restart: always
|
||||
networks:
|
||||
mailcow-network:
|
||||
aliases:
|
||||
- acme
|
||||
|
||||
fail2ban-mailcow:
|
||||
image: mailcow/fail2ban:1.6
|
||||
image: mailcow/fail2ban:1.7
|
||||
build: ./data/Dockerfiles/fail2ban
|
||||
stop_grace_period: 30s
|
||||
depends_on:
|
||||
- dovecot-mailcow
|
||||
- postfix-mailcow
|
||||
@ -296,17 +281,45 @@ services:
|
||||
- redis-mailcow
|
||||
restart: always
|
||||
privileged: true
|
||||
init: true
|
||||
environment:
|
||||
- TZ=${TZ}
|
||||
- SKIP_FAIL2BAN=${SKIP_FAIL2BAN:-no}
|
||||
- SKIP_FAIL2BAN=${SKIP_FAIL2BAN:-n}
|
||||
network_mode: "host"
|
||||
dns:
|
||||
- 172.22.1.254
|
||||
dns_search: mailcow-network
|
||||
volumes:
|
||||
- /lib/modules:/lib/modules:ro
|
||||
|
||||
watchdog-mailcow:
|
||||
image: mailcow/watchdog:1.8
|
||||
build: ./data/Dockerfiles/watchdog
|
||||
volumes:
|
||||
- vmail-vol-1:/vmail:ro
|
||||
restart: always
|
||||
environment:
|
||||
- DBNAME=${DBNAME}
|
||||
- DBUSER=${DBUSER}
|
||||
- DBPASS=${DBPASS}
|
||||
- USE_WATCHDOG=${USE_WATCHDOG:-n}
|
||||
- WATCHDOG_NOTIFY_EMAIL=${WATCHDOG_NOTIFY_EMAIL}
|
||||
- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
|
||||
networks:
|
||||
mailcow-network:
|
||||
ipv4_address: 172.22.1.248
|
||||
aliases:
|
||||
- watchdog
|
||||
|
||||
dockerapi-mailcow:
|
||||
image: mailcow/dockerapi:1.0
|
||||
stop_grace_period: 3s
|
||||
build: ./data/Dockerfiles/dockerapi
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
networks:
|
||||
mailcow-network:
|
||||
aliases:
|
||||
- dockerapi
|
||||
|
||||
ipv6nat:
|
||||
image: robbertkl/ipv6nat
|
||||
restart: always
|
||||
|
@ -84,18 +84,23 @@ COMPOSE_PROJECT_NAME=mailcow-dockerized
|
||||
# Additional SAN for the certificate
|
||||
ADDITIONAL_SAN=
|
||||
|
||||
# To never run acme-mailcow for Let's Encrypt, set this to y
|
||||
SKIP_LETS_ENCRYPT=n
|
||||
|
||||
# Skip IPv4 check in ACME container
|
||||
# Skip running ACME (acme-mailcow, Let's Encrypt certs) - y/n
|
||||
SKIP_LETS_ENCRYPT=n
|
||||
# Skip IPv4 check in ACME container - y/n
|
||||
SKIP_IP_CHECK=n
|
||||
|
||||
# To never run fail2ban-mailcow
|
||||
# Skip Fail2ban implementation (fail2ban-mailcow) - y/n
|
||||
SKIP_FAIL2BAN=n
|
||||
|
||||
# To never run clamd-mailcow
|
||||
# Skip ClamAV (clamd-mailcow) anti-virus (Rspamd will auto-detect a missing ClamAV container) - y/n
|
||||
SKIP_CLAMD=n
|
||||
|
||||
# Enable watchdog (watchdog-mailcow) to restart unhealthy containers (experimental)
|
||||
USE_WATCHDOG=n
|
||||
# Send notifications by mail (no DKIM signature, sent from watchdog@MAILCOW_HOSTNAME)
|
||||
#WATCHDOG_NOTIFY_EMAIL=
|
||||
|
||||
EOF
|
||||
|
||||
mkdir -p data/assets/ssl
|
||||
|
36
helper-scripts/mailcow-reset-admin.sh
Executable file
36
helper-scripts/mailcow-reset-admin.sh
Executable file
@ -0,0 +1,36 @@
|
||||
#/bin/bash
|
||||
[[ -f mailcow.conf ]] && source mailcow.conf
|
||||
[[ -f ../mailcow.conf ]] && source ../mailcow.conf
|
||||
|
||||
if [[ -z ${DBUSER} ]] || [[ -z ${DBPASS} ]] || [[ -z ${DBNAME} ]]; then
|
||||
echo "Cannot find mailcow.conf, make sure this script is run from within the mailcow folder."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo -n "Checking MySQL service... "
|
||||
if [[ -z $(docker ps -qf name=mysql-mailcow) ]]; then
|
||||
echo "failed"
|
||||
echo "MySQL (mysql-mailcow) is not up and running, exiting..."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "OK"
|
||||
read -r -p "Are you sure you want to reset the mailcow administrator account? [y/N] " response
|
||||
response=${response,,} # tolower
|
||||
if [[ "$response" =~ ^(yes|y)$ ]]; then
|
||||
echo -e "\nWorking, please wait..."
|
||||
docker exec -it $(docker ps -qf name=mysql-mailcow) mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -e "DELETE FROM admin;"
|
||||
docker exec -it $(docker ps -qf name=mysql-mailcow) mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -e "INSERT INTO admin (username, password, superadmin, created, modified, active) VALUES ('admin', '{SSHA256}K8eVJ6YsZbQCfuJvSUbaQRLr0HPLz5rC9IAp0PAFl0tmNDBkMDc0NDAyOTAxN2Rk', 1, NOW(), NOW(), 1);"
|
||||
docker exec -it $(docker ps -qf name=mysql-mailcow) mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -e "DELETE FROM domain_admins WHERE username='admin';"
|
||||
docker exec -it $(docker ps -qf name=mysql-mailcow) mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -e "INSERT INTO domain_admins (username, domain, created, active) VALUES ('admin', 'ALL', NOW(), 1);"
|
||||
docker exec -it $(docker ps -qf name=mysql-mailcow) mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -e "DELETE FROM tfa WHERE username='admin';"
|
||||
echo "
|
||||
Reset credentials:
|
||||
---
|
||||
Username: admin
|
||||
Password: moohoo
|
||||
TFA: none
|
||||
"
|
||||
else
|
||||
echo "Operation canceled."
|
||||
fi
|
116
helper-scripts/nextcloud.sh
Executable file
116
helper-scripts/nextcloud.sh
Executable file
@ -0,0 +1,116 @@
|
||||
#!/bin/bash
|
||||
|
||||
[[ -z ${1} ]] && { echo "No parameters given"; exit 1; }
|
||||
|
||||
for bin in curl dirmngr; do
|
||||
if [[ -z $(which ${bin}) ]]; then echo "Cannot find ${bin}, exiting..."; exit 1; fi
|
||||
done
|
||||
|
||||
while [ "$1" != '' ]; do
|
||||
case "${1}" in
|
||||
-p|--purge) NC_PURGE=y && shift;;
|
||||
-i|--install) NC_INSTALL=y && shift;;
|
||||
*) echo "Unknown parameter: ${1}" && shift;;
|
||||
esac
|
||||
done
|
||||
|
||||
[[ ${NC_PURGE} == "y" ]] && [[ ${NC_INSTALL} == "y" ]] && { echo "Cannot use -p and -i at the same time"; }
|
||||
|
||||
source ./mailcow.conf
|
||||
|
||||
if [[ ${NC_PURGE} == "y" ]]; then
|
||||
|
||||
docker exec -it $(docker ps -f name=mysql-mailcow -q) mysql -uroot -p${DBROOT} -e \
|
||||
"$(docker exec -it $(docker ps -f name=mysql-mailcow -q) mysql -uroot -p${DBROOT} -e "SELECT GROUP_CONCAT('DROP TABLE ', TABLE_SCHEMA, '.', TABLE_NAME SEPARATOR ';') FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME LIKE 'nc_%' AND TABLE_SCHEMA = '${DBNAME}';" -BN)"
|
||||
docker exec -it $(docker ps -f name=redis-mailcow -q) /bin/sh -c 'redis-cli KEYS "*nextcloud*" | xargs redis-cli DEL'
|
||||
if [ -d ./data/web/nextcloud/config ]; then
|
||||
mv ./data/web/nextcloud/config/ ./data/conf/nextcloud-config-folder-$(date +%s).bak
|
||||
fi
|
||||
[[ -d ./data/web/nextcloud ]] && rm -rf ./data/web/nextcloud
|
||||
|
||||
[[ -f ./data/conf/nginx/site.nextcloud.custom ]] && mv ./data/conf/nginx/site.nextcloud.custom ./data/conf/nginx/site.nextcloud.custom-$(date +%s).bak
|
||||
[[ -f ./data/conf/nginx/nextcloud.conf ]] && mv ./data/conf/nginx/nextcloud.conf ./data/conf/nginx/nextcloud.conf-$(date +%s).bak
|
||||
|
||||
docker-compose restart nginx-mailcow
|
||||
|
||||
elif [[ ${NC_INSTALL} == "y" ]]; then
|
||||
|
||||
NC_TYPE=
|
||||
while [[ ! ${NC_TYPE} =~ ^subfolder$|^subdomain$ ]]; do
|
||||
read -p "Configure as subdomain or subfolder? [subdomain/subfolder] " NC_TYPE
|
||||
done
|
||||
|
||||
|
||||
if [[ ${NC_TYPE} == "subdomain" ]]; then
|
||||
NC_SUBD=
|
||||
while [[ -z ${NC_SUBD} ]]; do
|
||||
read -p "Which subdomain? [format: nextcloud.domain.tld] " NC_SUBD
|
||||
done
|
||||
if ! ping -q -c2 ${NC_SUBD} > /dev/null 2>&1 ; then
|
||||
read -p "Cannot ping subdomain, continue anyway? [y|N] " NC_CONT_FAIL
|
||||
[[ ! ${NC_CONT_FAIL,,} =~ ^(yes|y)$ ]] && { echo "Ok, exiting..."; exit 1; }
|
||||
fi
|
||||
fi
|
||||
|
||||
ADMIN_NC_PASS=$(</dev/urandom tr -dc A-Za-z0-9 | head -c 28)
|
||||
NEXTCLOUD_VERSION=$(curl -s https://www.servercow.de/nextcloud/latest.php)
|
||||
|
||||
[[ -z ${NEXTCLOUD_VERSION} ]] && { echo "Error, cannot determine nextcloud version, exiting..."; exit 1; }
|
||||
|
||||
curl -L# -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \
|
||||
&& curl -L# -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2.asc" \
|
||||
&& export GNUPGHOME="$(mktemp -d)" \
|
||||
&& gpg --keyserver ha.pool.sks-keyservers.net --recv-keys 28806A878AE423A28372792ED75899B9A724937A \
|
||||
&& gpg --batch --verify nextcloud.tar.bz2.asc nextcloud.tar.bz2 \
|
||||
&& rm -r "$GNUPGHOME" nextcloud.tar.bz2.asc \
|
||||
&& tar -xjf nextcloud.tar.bz2 -C ./data/web/ \
|
||||
&& rm nextcloud.tar.bz2 \
|
||||
&& rm -rf ./data/web/nextcloud/updater \
|
||||
&& mkdir -p ./data/web/nextcloud/data \
|
||||
&& mkdir -p ./data/web/nextcloud/custom_apps \
|
||||
&& chmod +x ./data/web/nextcloud/occ
|
||||
|
||||
docker exec -it $(docker ps -f name=php-fpm-mailcow -q) /bin/bash -c "chown -R www-data:www-data /web/nextcloud/data /web/nextcloud/config /web/nextcloud/apps /web/nextcloud/custom_apps"
|
||||
docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) /web/nextcloud/occ maintenance:install \
|
||||
--database mysql \
|
||||
--database-host mysql \
|
||||
--database-name ${DBNAME} \
|
||||
--database-user ${DBUSER} \
|
||||
--database-pass ${DBPASS} \
|
||||
--database-table-prefix nc_ \
|
||||
--admin-user admin \
|
||||
--admin-pass ${ADMIN_NC_PASS} \
|
||||
--data-dir /web/nextcloud/data
|
||||
|
||||
docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) bash -c "/web/nextcloud/occ config:system:set redis host --value=redis --type=string; \
|
||||
/web/nextcloud/occ config:system:set redis port --value=6379 --type=integer; \
|
||||
/web/nextcloud/occ config:system:set memcache.locking --value='\OC\Memcache\Redis' --type=string; \
|
||||
/web/nextcloud/occ config:system:set memcache.local --value='\OC\Memcache\Redis' --type=string; \
|
||||
/web/nextcloud/occ config:system:set trusted_proxies 0 --value=fd4d:6169:6c63:6f77::1; \
|
||||
/web/nextcloud/occ config:system:set trusted_proxies 1 --value=172.22.1.0/24; \
|
||||
/web/nextcloud/occ config:system:set overwritewebroot --value=/nextcloud; \
|
||||
/web/nextcloud/occ config:system:set overwritehost --value=${MAILCOW_HOSTNAME}; \
|
||||
/web/nextcloud/occ config:system:set mail_smtpmode --value=smtp; \
|
||||
/web/nextcloud/occ config:system:set mail_smtpauthtype --value=LOGIN; \
|
||||
/web/nextcloud/occ config:system:set mail_from_address --value=nextcloud; \
|
||||
/web/nextcloud/occ config:system:set mail_domain --value=${MAILCOW_HOSTNAME}; \
|
||||
/web/nextcloud/occ config:system:set mail_smtphost --value=postfix; \
|
||||
/web/nextcloud/occ config:system:set mail_smtpport --value=588
|
||||
/web/nextcloud/occ app:enable user_external
|
||||
/web/nextcloud/occ config:system:set user_backends 0 arguments 0 --value={dovecot:143/imap/tls/novalidate-cert}
|
||||
/web/nextcloud/occ config:system:set user_backends 0 class --value=OC_User_IMAP"
|
||||
|
||||
if [[ ${NC_TYPE} == "subdomain" ]]; then
|
||||
docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) /web/nextcloud/occ config:system:set overwritewebroot --value=/
|
||||
docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) /web/nextcloud/occ config:system:set overwritehost --value=nextcloud.develcow.de
|
||||
cp ./data/assets/nextcloud/nextcloud.conf ./data/conf/nginx/
|
||||
sed sed -i 's/NC_SUBD/${NC_SUBD}/g' ./data/assets/nextcloud/nextcloud.conf
|
||||
elif [[ ${NC_TYPE} == "subfolder" ]]; then
|
||||
cp ./data/assets/nextcloud/site.nextcloud.custom ./data/conf/nginx/
|
||||
fi
|
||||
|
||||
docker-compose restart nginx-mailcow
|
||||
|
||||
echo "Login as admin with password: ${ADMIN_NC_PASS}"
|
||||
|
||||
fi
|
@ -1,36 +0,0 @@
|
||||
#/bin/bash
|
||||
if [[ ! -f mailcow.conf ]]; then
|
||||
echo "Cannot find mailcow.conf, make sure this script is run from within the mailcow folder."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo -n "Checking MySQL service... "
|
||||
docker-compose ps -q mysql-mailcow > /dev/null 2>&1
|
||||
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo "failed"
|
||||
echo "MySQL (mysql-mailcow) is not up and running, exiting..."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "OK"
|
||||
read -r -p "Are you sure you want to reset the mailcow administrator account? [y/N] " response
|
||||
response=${response,,} # tolower
|
||||
if [[ "$response" =~ ^(yes|y)$ ]]; then
|
||||
echo -e "\nWorking, please wait..."
|
||||
source mailcow.conf
|
||||
docker-compose exec -T mysql-mailcow mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -e "DELETE FROM admin;"
|
||||
docker-compose exec -T mysql-mailcow mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -e "INSERT INTO admin (username, password, superadmin, created, modified, active) VALUES ('admin', '{SSHA256}K8eVJ6YsZbQCfuJvSUbaQRLr0HPLz5rC9IAp0PAFl0tmNDBkMDc0NDAyOTAxN2Rk', 1, NOW(), NOW(), 1);"
|
||||
docker-compose exec -T mysql-mailcow mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -e "DELETE FROM domain_admins WHERE username='admin';"
|
||||
docker-compose exec -T mysql-mailcow mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -e "INSERT INTO domain_admins (username, domain, created, active) VALUES ('admin', 'ALL', NOW(), 1);"
|
||||
docker-compose exec -T mysql-mailcow mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -e "DELETE FROM tfa WHERE username='admin';"
|
||||
echo "
|
||||
Reset credentials:
|
||||
---
|
||||
Username: admin
|
||||
Password: moohoo
|
||||
TFA: none
|
||||
"
|
||||
else
|
||||
echo "Operation canceled."
|
||||
fi
|
@ -1,76 +0,0 @@
|
||||
#/bin/bash
|
||||
if [[ ! -f mailcow.conf ]]; then
|
||||
echo "Cannot find mailcow.conf, make sure this script is run from within the mailcow folder."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo -n "Checking Postfix service... "
|
||||
docker-compose ps -q postfix-mailcow > /dev/null 2>&1
|
||||
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo "failed"
|
||||
echo "Postfix (postifx-mailcow) is not up and running, exiting..."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "OK"
|
||||
|
||||
if [[ -z ${1} ]]; then
|
||||
echo "Usage:"
|
||||
echo
|
||||
echo "Setup a relayhost:"
|
||||
echo "${0} relayhost port (username) (password)"
|
||||
echo "Username and password are optional parameters."
|
||||
echo
|
||||
echo "Reset to defaults:"
|
||||
echo "${0} reset"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ ${1} == "reset" ]]; then
|
||||
# Reset modified values to their defaults
|
||||
sed -i "s/^relayhost\ \=.*/relayhost\ \=/" data/conf/postfix/main.cf
|
||||
sed -i "s/^smtp\_sasl\_password\_maps.*/smtp\_sasl\_password\_maps\ \=/" data/conf/postfix/main.cf
|
||||
sed -i "s/^smtp\_sasl\_security\_options.*/smtp\_sasl\_security\_options\ \=\ noplaintext\,\ noanonymous/" data/conf/postfix/main.cf
|
||||
sed -i "s/^smtp\_sasl\_auth\_enable.*/smtp\_sasl\_auth\_enable\ \=\ no/" data/conf/postfix/main.cf
|
||||
# Also delete the plaintext password file
|
||||
rm -f data/conf/postfix/smarthost_passwd*
|
||||
docker-compose exec postfix-mailcow postfix reload
|
||||
# Exit with dc exit code
|
||||
exit $?
|
||||
else
|
||||
# Try a simple connection to host:port but don't recieve any data
|
||||
# Abort after 3 seconds
|
||||
if ! nc -z -v -w3 ${1} ${2} 2>/dev/null; then
|
||||
echo "Connection to relayhost ${1} failed, aborting..."
|
||||
exit 1
|
||||
fi
|
||||
# Use exact hostname as relayhost, don't lookup the MX record of relayhost
|
||||
sed -i "s/relayhost\ \=.*/relayhost\ \=\ \[${1}\]\:${2}/" data/conf/postfix/main.cf
|
||||
if grep -q "smtp_sasl_password_maps" data/conf/postfix/main.cf
|
||||
then
|
||||
sed -i "s/^smtp\_sasl\_password\_maps.*/smtp\_sasl\_password\_maps\ \=\ hash\:\/opt\/postfix\/conf\/smarthost\_passwd/" data/conf/postfix/main.cf
|
||||
else
|
||||
echo "smtp_sasl_password_maps = hash:/opt/postfix/conf/smarthost_passwd" >> data/conf/postfix/main.cf
|
||||
fi
|
||||
if grep -q "smtp_sasl_auth_enable" data/conf/postfix/main.cf
|
||||
then
|
||||
sed -i "s/^smtp\_sasl\_auth\_enable.*/smtp\_sasl\_auth\_enable\ \=\ yes/" data/conf/postfix/main.cf
|
||||
else
|
||||
echo "smtp_sasl_auth_enable = yes" >> data/conf/postfix/main.cf
|
||||
fi
|
||||
if grep -q "smtp_sasl_security_options" data/conf/postfix/main.cf
|
||||
then
|
||||
sed -i "s/^smtp\_sasl\_security\_options.*/smtp\_sasl\_security\_options\ \=/" data/conf/postfix/main.cf
|
||||
else
|
||||
echo "smtp_sasl_security_options =" >> data/conf/postfix/main.cf
|
||||
fi
|
||||
if [[ ! -z ${3} ]]; then
|
||||
echo ${1} ${3}:${4} > data/conf/postfix/smarthost_passwd
|
||||
docker-compose exec postfix-mailcow postmap /opt/postfix/conf/smarthost_passwd
|
||||
fi
|
||||
docker-compose exec postfix-mailcow chown root:postfix /opt/postfix/conf/smarthost_passwd /opt/postfix/conf/smarthost_passwd.db
|
||||
docker-compose exec postfix-mailcow chmod 660 /opt/postfix/conf/smarthost_passwd /opt/postfix/conf/smarthost_passwd.db
|
||||
docker-compose exec postfix-mailcow postfix reload
|
||||
exit $?
|
||||
fi
|
@ -4,7 +4,7 @@ for bin in curl docker-compose docker git awk sha1sum; do
|
||||
if [[ -z $(which ${bin}) ]]; then echo "Cannot find ${bin}, exiting..."; exit 1; fi
|
||||
done
|
||||
|
||||
CONFIG_ARRAY=("SKIP_LETS_ENCRYPT" "SKIP_CLAMD" "SKIP_IP_CHECK" "SKIP_FAIL2BAN" "ADDITIONAL_SAN" "DOVEADM_PORT")
|
||||
CONFIG_ARRAY=("SKIP_LETS_ENCRYPT" "USE_WATCHDOG" "WATCHDOG_NOTIFY_EMAIL" "SKIP_CLAMD" "SKIP_IP_CHECK" "SKIP_FAIL2BAN" "ADDITIONAL_SAN" "DOVEADM_PORT")
|
||||
echo >> mailcow.conf
|
||||
for option in ${CONFIG_ARRAY[@]}; do
|
||||
if [[ ${option} == "ADDITIONAL_SAN" ]]; then
|
||||
@ -22,6 +22,11 @@ for option in ${CONFIG_ARRAY[@]}; do
|
||||
echo "Adding new option \"${option}\" to mailcow.conf"
|
||||
echo "DOVEADM_PORT=127.0.0.1:19991" >> mailcow.conf
|
||||
fi
|
||||
elif [[ ${option} == "WATCHDOG_NOTIFY_EMAIL" ]]; then
|
||||
if ! grep -q ${option} mailcow.conf; then
|
||||
echo "Adding new option \"${option}\" to mailcow.conf"
|
||||
echo "WATCHDOG_NOTIFY_EMAIL=" >> mailcow.conf
|
||||
fi
|
||||
elif ! grep -q ${option} mailcow.conf; then
|
||||
echo "Adding new option \"${option}\" to mailcow.conf"
|
||||
echo "${option}=n" >> mailcow.conf
|
||||
|
Loading…
Reference in New Issue
Block a user