echo"Found deprecated label \"latest\" for repository $REPOSITORY, it should be deleted."
IMGS_TO_DELETE+=($REPOSITORY:$existing_tag)
elif[[$V_MAIN_EXISTING -lt $V_MAIN]];then
echo"Found tag $existing_tag for $REPOSITORY, which is older than the current tag $TAG and should be deleted."
IMGS_TO_DELETE+=($REPOSITORY:$existing_tag)
elif[[$V_SUB_EXISTING -lt $V_SUB]];then
echo"Found tag $existing_tag for $REPOSITORY, which is older than the current tag $TAG and should be deleted."
IMGS_TO_DELETE+=($REPOSITORY:$existing_tag)
fi
done
done
if[[ ! -z ${IMGS_TO_DELETE[*]}]];then
echo"Run the following command to delete unused image tags:"
echo
echo" docker rmi ${IMGS_TO_DELETE[*]}"
echo
if[ ! $FORCE];then
read -r -p "Do you want to delete old image tags right now? [y/N] " response
if[["$response"=~ ^([yY][eE][sS]|[yY])+$ ]];then
docker rmi ${IMGS_TO_DELETE[*]}
else
echo"OK, skipped."
fi
else
echo"Running image removal without extra confirmation due to force mode."
docker rmi ${IMGS_TO_DELETE[*]}
fi
echo -e "\e[32mFurther cleanup...\e[0m"
echo"If you want to cleanup further garbage collected by Docker, please make sure all containers are up and running before cleaning your system by executing \"docker system prune\""
echo -e "\e[33mWarning:\e[0m You seem to have modified the /etc/docker/daemon.json configuration by yourself and not fully/correctly activated the native IPv6 NAT implementation."
echo"You will need to merge your existing configuration manually or fix/delete the existing daemon.json configuration before trying the update process again."
echo -e "Please merge the following content and restart the Docker daemon:\n"
echo -e "\e[33mNot fetching latest docker-compose, because you are using Alpine Linux without glibc support. Please update docker-compose via apk!\e[0m"
read -r -p "Do you want to update your docker-compose Version? It will automatic upgrade your docker-compose installation (recommended)? [y/N] " updatecomposeresponse
############## End Function Section ##############
for bin in curl docker git awk sha1sum;do
if[[ -z $(which ${bin})]];then
echo"Cannot find ${bin}, exiting..."
exit 1;
elif[[ -z $(which docker-compose)]];then
echo"Cannot find docker-compose Standalone. Please install it manually regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/"
sleep 3
exit 1;
fi
done
## Check if docker-compose >= v2
if ! docker-compose version --short | grep "^2." > /dev/null 2>&1;then
echo -e "\e[33mYour docker-compose Version is not up to date!\e[0m"
if sed --help 2>&1| head -n 1| grep -q -i "busybox";thenecho"BusyBox sed detected, please install gnu sed, \"apk add --no-cache --upgrade sed\"";exit 1;fi
CONFIG_ARRAY=(
"SKIP_LETS_ENCRYPT"
"SKIP_SOGO"
"USE_WATCHDOG"
"WATCHDOG_NOTIFY_EMAIL"
"WATCHDOG_NOTIFY_BAN"
"WATCHDOG_EXTERNAL_CHECKS"
"WATCHDOG_SUBJECT"
"SKIP_CLAMD"
"SKIP_IP_CHECK"
"ADDITIONAL_SAN"
"DOVEADM_PORT"
"IPV4_NETWORK"
"IPV6_NETWORK"
"LOG_LINES"
"SNAT_TO_SOURCE"
"SNAT6_TO_SOURCE"
"COMPOSE_PROJECT_NAME"
"SQL_PORT"
"API_KEY"
"API_KEY_READ_ONLY"
"API_ALLOW_FROM"
"MAILDIR_GC_TIME"
"MAILDIR_SUB"
"ACL_ANYONE"
"SOLR_HEAP"
"SKIP_SOLR"
"ENABLE_SSL_SNI"
"ALLOW_ADMIN_EMAIL_LOGIN"
"SKIP_HTTP_VERIFICATION"
"SOGO_EXPIRE_SESSION"
"REDIS_PORT"
"DOVECOT_MASTER_USER"
"DOVECOT_MASTER_PASS"
"MAILCOW_PASS_SCHEME"
"ADDITIONAL_SERVER_NAMES"
"ACME_CONTACT"
"WATCHDOG_VERBOSE"
"WEBAUTHN_ONLY_TRUSTED_VENDORS"
)
sed -i --follow-symlinks '$a\' mailcow.conf
for option in ${CONFIG_ARRAY[@]};do
if[[${option}=="ADDITIONAL_SAN"]];then
if ! grep -q ${option} mailcow.conf;then
echo"Adding new option \"${option}\" to mailcow.conf"
echo"${option}=" >> mailcow.conf
fi
elif[[${option}=="COMPOSE_PROJECT_NAME"]];then
if ! grep -q ${option} mailcow.conf;then
echo"Adding new option \"${option}\" to mailcow.conf"
echo"Adding new option \"${option}\" to mailcow.conf"
echo'# Bind SQL to 127.0.0.1 on port 13306' >> mailcow.conf
echo"SQL_PORT=127.0.0.1:13306" >> mailcow.conf
fi
elif[[${option}=="API_KEY"]];then
if ! grep -q ${option} mailcow.conf;then
echo"Adding new option \"${option}\" to mailcow.conf"
echo'# Create or override API key for web UI' >> mailcow.conf
echo"#API_KEY=" >> mailcow.conf
fi
elif[[${option}=="API_KEY_READ_ONLY"]];then
if ! grep -q ${option} mailcow.conf;then
echo"Adding new option \"${option}\" to mailcow.conf"
echo'# Create or override read-only API key for web UI' >> mailcow.conf
echo"#API_KEY_READ_ONLY=" >> mailcow.conf
fi
elif[[${option}=="API_ALLOW_FROM"]];then
if ! grep -q ${option} mailcow.conf;then
echo"Adding new option \"${option}\" to mailcow.conf"
echo'# Must be set for API_KEY to be active' >> mailcow.conf
echo'# IPs only, no networks (networks can be set via UI)' >> mailcow.conf
echo"#API_ALLOW_FROM=" >> mailcow.conf
fi
elif[[${option}=="SNAT_TO_SOURCE"]];then
if ! grep -q ${option} mailcow.conf;then
echo"Adding new option \"${option}\" to mailcow.conf"
echo'# Use this IPv4 for outgoing connections (SNAT)' >> mailcow.conf
echo"#SNAT_TO_SOURCE=" >> mailcow.conf
fi
elif[[${option}=="SNAT6_TO_SOURCE"]];then
if ! grep -q ${option} mailcow.conf;then
echo"Adding new option \"${option}\" to mailcow.conf"
echo'# Use this IPv6 for outgoing connections (SNAT)' >> mailcow.conf
echo"#SNAT6_TO_SOURCE=" >> mailcow.conf
fi
elif[[${option}=="MAILDIR_GC_TIME"]];then
if ! grep -q ${option} mailcow.conf;then
echo"Adding new option \"${option}\" to mailcow.conf"
echo'# Garbage collector cleanup' >> mailcow.conf
echo'# Deleted domains and mailboxes are moved to /var/vmail/_garbage/timestamp_sanitizedstring' >> mailcow.conf
echo'# How long should objects remain in the garbage until they are being deleted? (value in minutes)' >> mailcow.conf
echo'# Check interval is hourly' >> mailcow.conf
echo'MAILDIR_GC_TIME=1440' >> mailcow.conf
fi
elif[[${option}=="ACL_ANYONE"]];then
if ! grep -q ${option} mailcow.conf;then
echo"Adding new option \"${option}\" to mailcow.conf"
echo'# Set this to "allow" to enable the anyone pseudo user. Disabled by default.' >> mailcow.conf
echo'# When enabled, ACL can be created, that apply to "All authenticated users"' >> mailcow.conf
echo'# This should probably only be activated on mail hosts, that are used exclusivly by one organisation.' >> mailcow.conf
echo'# Otherwise a user might share data with too many other users.' >> mailcow.conf
echo'ACL_ANYONE=disallow' >> mailcow.conf
fi
elif[[${option}=="SOLR_HEAP"]];then
if ! grep -q ${option} mailcow.conf;then
echo"Adding new option \"${option}\" to mailcow.conf"
echo'# Solr heap size, there is no recommendation, please see Solr docs.' >> mailcow.conf
echo'# Solr is a prone to run OOM on large systems and should be monitored. Unmonitored Solr setups are not recommended.' >> mailcow.conf
echo'# Solr will refuse to start with total system memory below or equal to 2 GB.' >> mailcow.conf
echo"SOLR_HEAP=1024" >> mailcow.conf
fi
elif[[${option}=="SKIP_SOLR"]];then
if ! grep -q ${option} mailcow.conf;then
echo"Adding new option \"${option}\" to mailcow.conf"
echo'# Solr is disabled by default after upgrading from non-Solr to Solr-enabled mailcows.' >> mailcow.conf
echo'# Disable Solr or if you do not want to store a readable index of your mails in solr-vol-1.' >> mailcow.conf
echo"SKIP_SOLR=y" >> mailcow.conf
fi
elif[[${option}=="ENABLE_SSL_SNI"]];then
if ! grep -q ${option} mailcow.conf;then
echo"Adding new option \"${option}\" to mailcow.conf"
echo'# Create seperate certificates for all domains - y/n' >> mailcow.conf
echo'# this will allow adding more than 100 domains, but some email clients will not be able to connect with alternative hostnames' >> mailcow.conf
echo'# see https://wiki.dovecot.org/SSL/SNIClientSupport' >> mailcow.conf
echo"ENABLE_SSL_SNI=n" >> mailcow.conf
fi
elif[[${option}=="SKIP_SOGO"]];then
if ! grep -q ${option} mailcow.conf;then
echo"Adding new option \"${option}\" to mailcow.conf"
echo'# Skip SOGo: Will disable SOGo integration and therefore webmail, DAV protocols and ActiveSync support (experimental, unsupported, not fully implemented) - y/n' >> mailcow.conf
echo"SKIP_SOGO=n" >> mailcow.conf
fi
elif[[${option}=="MAILDIR_SUB"]];then
if ! grep -q ${option} mailcow.conf;then
echo"Adding new option \"${option}\" to mailcow.conf"
echo'# MAILDIR_SUB defines a path in a users virtual home to keep the maildir in. Leave empty for updated setups.' >> mailcow.conf
echo"#MAILDIR_SUB=Maildir" >> mailcow.conf
echo"MAILDIR_SUB=" >> mailcow.conf
fi
elif[[${option}=="WATCHDOG_NOTIFY_BAN"]];then
if ! grep -q ${option} mailcow.conf;then
echo"Adding new option \"${option}\" to mailcow.conf"
echo'# Notify about banned IP. Includes whois lookup.' >> mailcow.conf
echo"WATCHDOG_NOTIFY_BAN=y" >> mailcow.conf
fi
elif[[${option}=="WATCHDOG_SUBJECT"]];then
if ! grep -q ${option} mailcow.conf;then
echo"Adding new option \"${option}\" to mailcow.conf"
echo'# Subject for watchdog mails. Defaults to "Watchdog ALERT" followed by the error message.' >> mailcow.conf
echo'# Additional server names for mailcow UI' >> mailcow.conf
echo'#' >> mailcow.conf
echo'# Specify alternative addresses for the mailcow UI to respond to' >> mailcow.conf
echo'# This is useful when you set mail.* as ADDITIONAL_SAN and want to make sure mail.maildomain.com will always point to the mailcow UI.' >> mailcow.conf
echo'# If the server name does not match a known site, Nginx decides by best-guess and may redirect users to the wrong web root.' >> mailcow.conf
echo'# You can understand this as server_name directive in Nginx.' >> mailcow.conf
echo'# Comma separated list without spaces! Example: ADDITIONAL_SERVER_NAMES=a.b.c,d.e.f' >> mailcow.conf
git commit -am "Before update on ${DATE}" > /dev/null
echo -e "\e[32mFetching updated code from remote...\e[0m"
git fetch origin #${BRANCH}
echo -e "\e[32mMerging local with remote code (recursive, strategy: \"${MERGE_STRATEGY:-theirs}\", options: \"patience\"...\e[0m"
git config merge.defaultToUpstream true
git merge -X${MERGE_STRATEGY:-theirs} -Xpatience -m "After update on ${DATE}"
# Need to use a variable to not pass return codes of if checks
MERGE_RETURN=$?
if[[${MERGE_RETURN}==128]];then
echo -e "\e[31m\nOh no, what happened?\n=> You most likely added files to your local mailcow instance that were now added to the official mailcow repository. Please move them to another location before updating mailcow.\e[0m"
exit1
elif[[${MERGE_RETURN}==1]];then
echo -e "\e[93mPotenial conflict, trying to fix...\e[0m"
if grep -q 'SYSCTL_IPV6_DISABLED=1' mailcow.conf;then
echo
echo'!! IMPORTANT !!'
echo
echo'SYSCTL_IPV6_DISABLED was removed due to complications. IPv6 can be disabled by editing "docker-compose.yml" and setting "enable_ipv6: true" to "enable_ipv6: false".'
echo'This setting will only be active after a complete shutdown of mailcow by running "docker-compose down" followed by "docker-compose up -d".'
echo
echo'!! IMPORTANT !!'
echo
read -p "Press any key to continue..." < /dev/tty
fi
# Checking for old project name bug
sed -i --follow-symlinks 's#COMPOSEPROJECT_NAME#COMPOSE_PROJECT_NAME#g' mailcow.conf
echo -e "\e[33mWARNING\e[0m - Please migrate your customizations of data/conf/rspamd/local.d/metrics.conf to actions.conf and groups.conf after this update."
echo"The deprecated configuration file metrics.conf will be moved to metrics.conf_deprecated after updating mailcow."