From 52449afdc00e365f4deb8448e08e586874b6c200 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Peters?= Date: Sun, 11 Feb 2018 13:28:40 +0100 Subject: [PATCH 1/8] [Web] Fixes to Sieve validation (fixes #1027) --- data/web/inc/lib/sieve/extensions/fileinto.xml | 1 + data/web/inc/lib/sieve/extensions/mailbox.xml | 8 ++++++++ 2 files changed, 9 insertions(+) create mode 100644 data/web/inc/lib/sieve/extensions/mailbox.xml diff --git a/data/web/inc/lib/sieve/extensions/fileinto.xml b/data/web/inc/lib/sieve/extensions/fileinto.xml index 3b48a5c09..de3974c22 100644 --- a/data/web/inc/lib/sieve/extensions/fileinto.xml +++ b/data/web/inc/lib/sieve/extensions/fileinto.xml @@ -3,6 +3,7 @@ + diff --git a/data/web/inc/lib/sieve/extensions/mailbox.xml b/data/web/inc/lib/sieve/extensions/mailbox.xml new file mode 100644 index 000000000..c21960f34 --- /dev/null +++ b/data/web/inc/lib/sieve/extensions/mailbox.xml @@ -0,0 +1,8 @@ + + + + + + + + From e85cd389453e2843b30d3b9249ca60819c0f0008 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Peters?= Date: Mon, 12 Feb 2018 21:32:49 +0100 Subject: [PATCH 2/8] [SOGo] SOGo refuses to bind to IPv6, so force IPv4 in proxy_pass, fixes #1006 --- .gitignore | 3 +-- data/conf/nginx/site.conf | 8 ++++---- data/conf/nginx/templates/sogo.template | 1 + data/conf/nginx/templates/sogo_eas.template | 1 + data/conf/nginx/templates/sogo_proxy.template | 0 docker-compose.yml | 4 ++++ 6 files changed, 11 insertions(+), 6 deletions(-) create mode 100644 data/conf/nginx/templates/sogo.template create mode 100644 data/conf/nginx/templates/sogo_eas.template create mode 100644 data/conf/nginx/templates/sogo_proxy.template diff --git a/.gitignore b/.gitignore index 69c24f9e2..867de80c2 100644 --- a/.gitignore +++ b/.gitignore @@ -3,8 +3,7 @@ data/conf/sogo/sieve.creds data/conf/dovecot/dovecot-master.passwd mailcow.conf mailcow.conf_backup -data/conf/nginx/listen*active -data/conf/nginx/server_name.active +data/conf/nginx/*.active data/conf/postfix/sql data/conf/dovecot/sql data/conf/nextcloud-*.bak diff --git a/data/conf/nginx/site.conf b/data/conf/nginx/site.conf index 8a8962645..6305b9184 100644 --- a/data/conf/nginx/site.conf +++ b/data/conf/nginx/site.conf @@ -108,7 +108,7 @@ server { } location ^~ /Microsoft-Server-ActiveSync { - proxy_pass http://sogo:20000/SOGo/Microsoft-Server-ActiveSync; + include /etc/nginx/conf.d/sogo_eas.active; proxy_connect_timeout 1000; proxy_next_upstream timeout error; proxy_send_timeout 1000; @@ -130,7 +130,7 @@ server { } location ^~ /SOGo { - proxy_pass http://sogo:20000; + include /etc/nginx/conf.d/sogo.active; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; @@ -290,7 +290,7 @@ server { } location ^~ /Microsoft-Server-ActiveSync { - proxy_pass http://sogo:20000/SOGo/Microsoft-Server-ActiveSync; + include /etc/nginx/conf.d/templates/sogo_proxy.template; proxy_connect_timeout 1000; proxy_next_upstream timeout error; proxy_send_timeout 1000; @@ -312,7 +312,7 @@ server { } location ^~ /SOGo { - proxy_pass http://sogo:20000; + include /etc/nginx/conf.d/sogo.active; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; diff --git a/data/conf/nginx/templates/sogo.template b/data/conf/nginx/templates/sogo.template new file mode 100644 index 000000000..2c084389f --- /dev/null +++ b/data/conf/nginx/templates/sogo.template @@ -0,0 +1 @@ +proxy_pass http://${IPV4_NETWORK}.248:20000; diff --git a/data/conf/nginx/templates/sogo_eas.template b/data/conf/nginx/templates/sogo_eas.template new file mode 100644 index 000000000..3cea9f988 --- /dev/null +++ b/data/conf/nginx/templates/sogo_eas.template @@ -0,0 +1 @@ +proxy_pass http://${IPV4_NETWORK}.248:20000/SOGo/Microsoft-Server-ActiveSync; diff --git a/data/conf/nginx/templates/sogo_proxy.template b/data/conf/nginx/templates/sogo_proxy.template new file mode 100644 index 000000000..e69de29bb diff --git a/docker-compose.yml b/docker-compose.yml index 62c07b931..1b0f6a037 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -144,6 +144,7 @@ services: - ${IPV4_NETWORK:-172.22.1}.254 networks: mailcow-network: + ipv4_address: ${IPV4_NETWORK:-172.22.1}.248 aliases: - sogo @@ -233,6 +234,8 @@ services: command: /bin/sh -c "envsubst < /etc/nginx/conf.d/templates/listen_plain.template > /etc/nginx/conf.d/listen_plain.active && envsubst < /etc/nginx/conf.d/templates/listen_ssl.template > /etc/nginx/conf.d/listen_ssl.active && envsubst < /etc/nginx/conf.d/templates/server_name.template > /etc/nginx/conf.d/server_name.active && + envsubst < /etc/nginx/conf.d/templates/sogo.template > /etc/nginx/conf.d/sogo.active && + envsubst < /etc/nginx/conf.d/templates/sogo_eas.template > /etc/nginx/conf.d/sogo_eas.active && nginx -qt && until ping phpfpm -c1 > /dev/null; do sleep 1; done && until ping sogo -c1 > /dev/null; do sleep 1; done && @@ -242,6 +245,7 @@ services: - HTTPS_PORT=${HTTPS_PORT:-443} - HTTP_PORT=${HTTP_PORT:-80} - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME} + - IPV4_NETWORK= volumes: - ./data/web:/web:ro - ./data/conf/rspamd/dynmaps:/dynmaps:ro From bcfd181ac364ede1df31ac1cb90083581c97fdd4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Peters?= Date: Mon, 12 Feb 2018 21:36:10 +0100 Subject: [PATCH 3/8] [Compose] Add missing var --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 1b0f6a037..f3652466e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -245,7 +245,7 @@ services: - HTTPS_PORT=${HTTPS_PORT:-443} - HTTP_PORT=${HTTP_PORT:-80} - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME} - - IPV4_NETWORK= + - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}.254 volumes: - ./data/web:/web:ro - ./data/conf/rspamd/dynmaps:/dynmaps:ro From 6ad9fbe436a7382d7ea55b212d560df2d476d7b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Peters?= Date: Mon, 12 Feb 2018 21:37:18 +0100 Subject: [PATCH 4/8] [Compose] Add missing var --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index f3652466e..0cd2c175c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -245,7 +245,7 @@ services: - HTTPS_PORT=${HTTPS_PORT:-443} - HTTP_PORT=${HTTP_PORT:-80} - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME} - - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}.254 + - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1} volumes: - ./data/web:/web:ro - ./data/conf/rspamd/dynmaps:/dynmaps:ro From 21e8edae4394e37eb3216ed3bbe31ae363f9ce44 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Peters?= Date: Tue, 13 Feb 2018 09:09:41 +0100 Subject: [PATCH 5/8] [Nginx] Fix EAS --- .gitignore | 3 +-- data/conf/nginx/site.conf | 19 ++++++------------- data/conf/nginx/templates/sogo.template | 1 + data/conf/nginx/templates/sogo_eas.template | 1 + 4 files changed, 9 insertions(+), 15 deletions(-) create mode 100644 data/conf/nginx/templates/sogo.template create mode 100644 data/conf/nginx/templates/sogo_eas.template diff --git a/.gitignore b/.gitignore index 69c24f9e2..e08d42243 100644 --- a/.gitignore +++ b/.gitignore @@ -3,8 +3,7 @@ data/conf/sogo/sieve.creds data/conf/dovecot/dovecot-master.passwd mailcow.conf mailcow.conf_backup -data/conf/nginx/listen*active -data/conf/nginx/server_name.active +data/conf/nginx/*active data/conf/postfix/sql data/conf/dovecot/sql data/conf/nextcloud-*.bak diff --git a/data/conf/nginx/site.conf b/data/conf/nginx/site.conf index 8a8962645..bb2ea2669 100644 --- a/data/conf/nginx/site.conf +++ b/data/conf/nginx/site.conf @@ -7,13 +7,6 @@ map $http_x_forwarded_proto $client_req_scheme { https https; } -server { - listen 80 default_server; - listen [::]:80 default_server; - include /etc/nginx/conf.d/server_name.active; - return 301 https://$host$request_uri; -} - server { include /etc/nginx/mime.types; charset utf-8; @@ -50,7 +43,7 @@ server { set_real_ip_from 10.0.0.0/8; set_real_ip_from 172.16.0.0/12; set_real_ip_from 192.168.0.0/16; - set_real_ip_from fd00::/8; + set_real_ip_from fc00::/7; real_ip_header X-Forwarded-For; real_ip_recursive on; @@ -108,7 +101,7 @@ server { } location ^~ /Microsoft-Server-ActiveSync { - proxy_pass http://sogo:20000/SOGo/Microsoft-Server-ActiveSync; + include /etc/nginx/conf.d/sogo_eas.active; proxy_connect_timeout 1000; proxy_next_upstream timeout error; proxy_send_timeout 1000; @@ -130,7 +123,7 @@ server { } location ^~ /SOGo { - proxy_pass http://sogo:20000; + include /etc/nginx/conf.d/sogo.active; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; @@ -232,7 +225,7 @@ server { set_real_ip_from 10.0.0.0/8; set_real_ip_from 172.16.0.0/12; set_real_ip_from 192.168.0.0/16; - set_real_ip_from fd00::/8; + set_real_ip_from fc00::/7; real_ip_header X-Forwarded-For; real_ip_recursive on; @@ -290,7 +283,7 @@ server { } location ^~ /Microsoft-Server-ActiveSync { - proxy_pass http://sogo:20000/SOGo/Microsoft-Server-ActiveSync; + include /etc/nginx/conf.d/templates/sogo_eas.template; proxy_connect_timeout 1000; proxy_next_upstream timeout error; proxy_send_timeout 1000; @@ -312,7 +305,7 @@ server { } location ^~ /SOGo { - proxy_pass http://sogo:20000; + include /etc/nginx/conf.d/sogo.active; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; diff --git a/data/conf/nginx/templates/sogo.template b/data/conf/nginx/templates/sogo.template new file mode 100644 index 000000000..2c084389f --- /dev/null +++ b/data/conf/nginx/templates/sogo.template @@ -0,0 +1 @@ +proxy_pass http://${IPV4_NETWORK}.248:20000; diff --git a/data/conf/nginx/templates/sogo_eas.template b/data/conf/nginx/templates/sogo_eas.template new file mode 100644 index 000000000..3cea9f988 --- /dev/null +++ b/data/conf/nginx/templates/sogo_eas.template @@ -0,0 +1 @@ +proxy_pass http://${IPV4_NETWORK}.248:20000/SOGo/Microsoft-Server-ActiveSync; From 458dfc8418cf89591bf216586b693fed43fd269f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Peters?= Date: Tue, 13 Feb 2018 09:11:13 +0100 Subject: [PATCH 6/8] [Nginx] Remove unused file --- data/conf/nginx/templates/sogo_proxy.template | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 data/conf/nginx/templates/sogo_proxy.template diff --git a/data/conf/nginx/templates/sogo_proxy.template b/data/conf/nginx/templates/sogo_proxy.template deleted file mode 100644 index e69de29bb..000000000 From fb92619aac6274aff29261ecf8edb2b8f33ac994 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Peters?= Date: Tue, 13 Feb 2018 09:12:21 +0100 Subject: [PATCH 7/8] [Nginx] Fix EAS... --- data/conf/nginx/site.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/conf/nginx/site.conf b/data/conf/nginx/site.conf index bb2ea2669..1210d18ef 100644 --- a/data/conf/nginx/site.conf +++ b/data/conf/nginx/site.conf @@ -283,7 +283,7 @@ server { } location ^~ /Microsoft-Server-ActiveSync { - include /etc/nginx/conf.d/templates/sogo_eas.template; + include /etc/nginx/conf.d/sogo_eas.active; proxy_connect_timeout 1000; proxy_next_upstream timeout error; proxy_send_timeout 1000; From a0cdc1e4ff0ab1f891327000a23a58a50f270c00 Mon Sep 17 00:00:00 2001 From: Kristian Klausen Date: Tue, 13 Feb 2018 23:45:49 +0100 Subject: [PATCH 8/8] Remove "empty" folders There seems to be no reason for this empty folders. --- data/Dockerfiles/memcached/.empty | 0 data/Dockerfiles/mysql/.empty | 0 data/Dockerfiles/nginx/.empty | 0 data/Dockerfiles/redis/.empty | 0 4 files changed, 0 insertions(+), 0 deletions(-) delete mode 100644 data/Dockerfiles/memcached/.empty delete mode 100644 data/Dockerfiles/mysql/.empty delete mode 100644 data/Dockerfiles/nginx/.empty delete mode 100644 data/Dockerfiles/redis/.empty diff --git a/data/Dockerfiles/memcached/.empty b/data/Dockerfiles/memcached/.empty deleted file mode 100644 index e69de29bb..000000000 diff --git a/data/Dockerfiles/mysql/.empty b/data/Dockerfiles/mysql/.empty deleted file mode 100644 index e69de29bb..000000000 diff --git a/data/Dockerfiles/nginx/.empty b/data/Dockerfiles/nginx/.empty deleted file mode 100644 index e69de29bb..000000000 diff --git a/data/Dockerfiles/redis/.empty b/data/Dockerfiles/redis/.empty deleted file mode 100644 index e69de29bb..000000000