From adf9daa9b7ec757a0cdc7ed92a5ad53579c2f32c Mon Sep 17 00:00:00 2001
From: Fabian Schlenz <mail@fabianonline.de>
Date: Fri, 16 Nov 2018 12:09:55 +0100
Subject: [PATCH 01/17] Modified the update check in update.sh to fetch the
 newest revision directly from github without having to run git fetch first.

---
 update.sh | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/update.sh b/update.sh
index 5b38d7d0..fe5aafe0 100755
--- a/update.sh
+++ b/update.sh
@@ -62,8 +62,12 @@ while (($#)); do
   case "${1}" in
     --check|-c)
       echo "Checking remote code for updates..."
-      git fetch origin #${BRANCH}
-      if [[ -z $(git log HEAD --pretty=format:"%H" | grep $(git rev-parse origin/${BRANCH})) ]]; then
+      LATEST_REV=$(git ls-remote --exit-code --refs --quiet https://github.com/mailcow/mailcow-dockerized ${BRANCH} | cut -f1)
+      if [ $? -ne 0 ]; then
+        echo "A problem occurred while trying to fetch the latest revision from github."
+        exit 99
+	  fi
+      if [[ -z $(git log HEAD --pretty=format:"%H" | grep "${LATEST_REV}") ]]; then
         echo "Updated code is available."
         exit 0
       else

From 4bbb6d78e3db78eca6dd2b4ce154a1b57e4c14a4 Mon Sep 17 00:00:00 2001
From: Robert Christian <soulsymphonies@users.noreply.github.com>
Date: Sun, 10 Mar 2019 17:20:46 +0100
Subject: [PATCH 02/17] fix solr query ngram

---
 data/conf/solr/solr-schema-7.7.0.xml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/data/conf/solr/solr-schema-7.7.0.xml b/data/conf/solr/solr-schema-7.7.0.xml
index a41cbb47..f66d1eda 100644
--- a/data/conf/solr/solr-schema-7.7.0.xml
+++ b/data/conf/solr/solr-schema-7.7.0.xml
@@ -18,7 +18,6 @@
     </analyzer>
     <analyzer type="query">
       <tokenizer class="solr.StandardTokenizerFactory"/>
-      <filter class="solr.EdgeNGramFilterFactory" minGramSize="3" maxGramSize="20"/>
       <filter class="solr.SynonymGraphFilterFactory" expand="true" ignoreCase="true" synonyms="synonyms.txt"/>
       <filter class="solr.FlattenGraphFilterFactory"/>
       <filter class="solr.StopFilterFactory" words="stopwords.txt" ignoreCase="true"/>

From 680ddec6874001d78b77784e1f466e72a9e6f5a9 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Mon, 11 Mar 2019 08:56:46 +0100
Subject: [PATCH 03/17] [Helper] Do not delete updater

---
 helper-scripts/nextcloud.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/helper-scripts/nextcloud.sh b/helper-scripts/nextcloud.sh
index d04f52d4..e5dab400 100755
--- a/helper-scripts/nextcloud.sh
+++ b/helper-scripts/nextcloud.sh
@@ -76,7 +76,7 @@ elif [[ ${NC_UPDATE} == "y" ]]; then
     curl -L# -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/latest-15.tar.bz2" || { echo "Failed to download Nextcloud archive."; exit 1; } \
       && tar -xjf nextcloud.tar.bz2 -C ./data/web/ \
       && rm nextcloud.tar.bz2 \
-      && rm -rf ./data/web/nextcloud/updater \
+      #&& rm -rf ./data/web/nextcloud/updater \
       && mkdir -p ./data/web/nextcloud/data \
       && mkdir -p ./data/web/nextcloud/custom_apps \
       && chmod +x ./data/web/nextcloud/occ
@@ -106,7 +106,7 @@ elif [[ ${NC_INSTALL} == "y" ]]; then
   curl -L# -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/latest-15.tar.bz2" || { echo "Failed to download Nextcloud archive."; exit 1; } \
     && tar -xjf nextcloud.tar.bz2 -C ./data/web/ \
     && rm nextcloud.tar.bz2 \
-    && rm -rf ./data/web/nextcloud/updater \
+    #&& rm -rf ./data/web/nextcloud/updater \
     && mkdir -p ./data/web/nextcloud/data \
     && mkdir -p ./data/web/nextcloud/custom_apps \
     && chmod +x ./data/web/nextcloud/occ

From 40a826a3471db61349eb64f58dd35bdddd0ae19e Mon Sep 17 00:00:00 2001
From: Aaron Larisch <aaron-github@openlarry.de>
Date: Mon, 11 Mar 2019 15:29:30 +0100
Subject: [PATCH 04/17] Fix rejected mails not being quarantized properly if
 they are tagged

---
 data/conf/rspamd/meta_exporter/pipe.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/data/conf/rspamd/meta_exporter/pipe.php b/data/conf/rspamd/meta_exporter/pipe.php
index 3e29d207..692a0c2e 100644
--- a/data/conf/rspamd/meta_exporter/pipe.php
+++ b/data/conf/rspamd/meta_exporter/pipe.php
@@ -84,6 +84,9 @@ $rcpt_final_mailboxes = array();
 
 // Loop through all rcpts
 foreach (json_decode($rcpts, true) as $rcpt) {
+  // Remove tag
+  $rcpt = preg_replace('/^(.*?)\+.*(@.*)$/', '$1$2', $rcpt);
+  
   // Break rcpt into local part and domain part
   $parsed_rcpt = parse_email($rcpt);
   

From 1c3daedc39051097eb46b64d76d375c879777bf9 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Tue, 12 Mar 2019 01:28:04 +0100
Subject: [PATCH 05/17] [Rspamd] Remove headers var from dyn maps

---
 data/conf/rspamd/dynmaps/settings.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/conf/rspamd/dynmaps/settings.php b/data/conf/rspamd/dynmaps/settings.php
index 66c576f2..a2be8ceb 100644
--- a/data/conf/rspamd/dynmaps/settings.php
+++ b/data/conf/rspamd/dynmaps/settings.php
@@ -7,7 +7,7 @@ then any of these will trigger the rule. If a rule is triggered then no more rul
 header('Content-Type: text/plain');
 require_once "vars.inc.php";
 // Getting headers sent by the client.
-$headers = apache_request_headers();
+//$headers = apache_request_headers();
 
 ini_set('error_reporting', 0);
 

From 884c7fade1f9991692d3b77b032928c9ec243b2b Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Tue, 12 Mar 2019 02:49:31 +0100
Subject: [PATCH 06/17] [Helper] Remove custom_apps from NC

---
 helper-scripts/nextcloud.sh | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/helper-scripts/nextcloud.sh b/helper-scripts/nextcloud.sh
index e5dab400..2ddac47a 100755
--- a/helper-scripts/nextcloud.sh
+++ b/helper-scripts/nextcloud.sh
@@ -78,7 +78,6 @@ elif [[ ${NC_UPDATE} == "y" ]]; then
       && rm nextcloud.tar.bz2 \
       #&& rm -rf ./data/web/nextcloud/updater \
       && mkdir -p ./data/web/nextcloud/data \
-      && mkdir -p ./data/web/nextcloud/custom_apps \
       && chmod +x ./data/web/nextcloud/occ
     docker exec -it $(docker ps -f name=php-fpm-mailcow -q) bash -c "chown www-data:www-data -R /web/nextcloud"
     docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) bash -c "/web/nextcloud/occ --no-warnings upgrade"
@@ -108,10 +107,9 @@ elif [[ ${NC_INSTALL} == "y" ]]; then
     && rm nextcloud.tar.bz2 \
     #&& rm -rf ./data/web/nextcloud/updater \
     && mkdir -p ./data/web/nextcloud/data \
-    && mkdir -p ./data/web/nextcloud/custom_apps \
     && chmod +x ./data/web/nextcloud/occ
 
-  docker exec -it $(docker ps -f name=php-fpm-mailcow -q) /bin/bash -c "chown -R www-data:www-data /web/nextcloud/data /web/nextcloud/config /web/nextcloud/apps /web/nextcloud/custom_apps"
+  docker exec -it $(docker ps -f name=php-fpm-mailcow -q) /bin/bash -c "chown -R www-data:www-data /web/nextcloud/data /web/nextcloud/config /web/nextcloud/apps"
   docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) /web/nextcloud/occ --no-warnings maintenance:install \
     --database mysql \
     --database-host mysql \

From 8f6c24e60abc32323695aac0fa10afdb9c9323bb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9=20Peters?= <andre.peters@debinux.de>
Date: Tue, 12 Mar 2019 17:21:45 +0100
Subject: [PATCH 07/17] Update update.sh

---
 update.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/update.sh b/update.sh
index fe5aafe0..2d528e64 100755
--- a/update.sh
+++ b/update.sh
@@ -66,7 +66,7 @@ while (($#)); do
       if [ $? -ne 0 ]; then
         echo "A problem occurred while trying to fetch the latest revision from github."
         exit 99
-	  fi
+      fi
       if [[ -z $(git log HEAD --pretty=format:"%H" | grep "${LATEST_REV}") ]]; then
         echo "Updated code is available."
         exit 0

From 9d5758362405015b22f5a69df60af9883544af56 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristia=CC=81n=20Feldsam?= <feldsam@gmail.com>
Date: Tue, 12 Mar 2019 21:54:31 +0100
Subject: [PATCH 08/17] Quarantine - Enhanced JS + Show btn fix event binding
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Kristián Feldsam <feldsam@gmail.com>
---
 data/web/js/site/quarantine.js | 86 +++++++++++++++++-----------------
 1 file changed, 43 insertions(+), 43 deletions(-)

diff --git a/data/web/js/site/quarantine.js b/data/web/js/site/quarantine.js
index 090b5054..4df1dbd4 100644
--- a/data/web/js/site/quarantine.js
+++ b/data/web/js/site/quarantine.js
@@ -1,11 +1,13 @@
 // Base64 functions
 var Base64={_keyStr:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",encode:function(r){var t,e,o,a,h,n,c,d="",C=0;for(r=Base64._utf8_encode(r);C<r.length;)a=(t=r.charCodeAt(C++))>>2,h=(3&t)<<4|(e=r.charCodeAt(C++))>>4,n=(15&e)<<2|(o=r.charCodeAt(C++))>>6,c=63&o,isNaN(e)?n=c=64:isNaN(o)&&(c=64),d=d+this._keyStr.charAt(a)+this._keyStr.charAt(h)+this._keyStr.charAt(n)+this._keyStr.charAt(c);return d},decode:function(r){var t,e,o,a,h,n,c="",d=0;for(r=r.replace(/[^A-Za-z0-9\+\/\=]/g,"");d<r.length;)t=this._keyStr.indexOf(r.charAt(d++))<<2|(a=this._keyStr.indexOf(r.charAt(d++)))>>4,e=(15&a)<<4|(h=this._keyStr.indexOf(r.charAt(d++)))>>2,o=(3&h)<<6|(n=this._keyStr.indexOf(r.charAt(d++))),c+=String.fromCharCode(t),64!=h&&(c+=String.fromCharCode(e)),64!=n&&(c+=String.fromCharCode(o));return c=Base64._utf8_decode(c)},_utf8_encode:function(r){r=r.replace(/\r\n/g,"\n");for(var t="",e=0;e<r.length;e++){var o=r.charCodeAt(e);o<128?t+=String.fromCharCode(o):o>127&&o<2048?(t+=String.fromCharCode(o>>6|192),t+=String.fromCharCode(63&o|128)):(t+=String.fromCharCode(o>>12|224),t+=String.fromCharCode(o>>6&63|128),t+=String.fromCharCode(63&o|128))}return t},_utf8_decode:function(r){for(var t="",e=0,o=c1=c2=0;e<r.length;)(o=r.charCodeAt(e))<128?(t+=String.fromCharCode(o),e++):o>191&&o<224?(c2=r.charCodeAt(e+1),t+=String.fromCharCode((31&o)<<6|63&c2),e+=2):(c2=r.charCodeAt(e+1),c3=r.charCodeAt(e+2),t+=String.fromCharCode((15&o)<<12|(63&c2)<<6|63&c3),e+=3);return t}};
+
 jQuery(function($){
   acl_data = JSON.parse(acl);
   // http://stackoverflow.com/questions/24816/escaping-html-strings-with-jquery
   var entityMap={"&":"&amp;","<":"&lt;",">":"&gt;",'"':"&quot;","'":"&#39;","/":"&#x2F;","`":"&#x60;","=":"&#x3D;"};
   function escapeHtml(n){return String(n).replace(/[&<>"'`=\/]/g,function(n){return entityMap[n]})}
   function humanFileSize(i){if(Math.abs(i)<1024)return i+" B";var B=["KiB","MiB","GiB","TiB","PiB","EiB","ZiB","YiB"],e=-1;do{i/=1024,++e}while(Math.abs(i)>=1024&&e<B.length-1);return i.toFixed(1)+" "+B[e]}
+
   function draw_quarantine_table() {
     ft_quarantinetable = FooTable.init('#quarantinetable', {
       "columns": [
@@ -56,54 +58,52 @@ jQuery(function($){
       "empty": lang.empty,
       "paging": {"enabled": true,"limit": 5,"size": pagination_size},
       "sorting": {"enabled": true},
-      "on": {
-        "ready.ft.table": btn_group_quarantine,
-        "after.ft.paging": btn_group_quarantine
-      },
       "filtering": {"enabled": true,"position": "left","connectors": false,"placeholder": lang.filter_table},
     });
   }
 
-  btn_group_quarantine = function(ev, ft){
-    $('.show_qid_info').on('click', function (e) {
-      e.preventDefault();
-      var qitem = $(this).data('item');
-      $('#qidDetailModal').modal('show');
-      $( "#qid_error" ).hide();
-      $.ajax({
-        url: '/inc/ajax/qitem_details.php',
-        data: { id: qitem },
-        dataType: 'json',
-        success: function(data){
-          if (typeof data.error !== 'undefined') {
-            $( "#qid_error" ).text(data.error);
-            $( "#qid_error" ).show();
-          }
-          $( "li" ).each(function( index ) {
-            console.log( index + ": " + $( this ).text() );
-          });
-          $('[data-id="qitems_single"]').each(function( index ) {
-            $(this).attr("data-item", qitem);
-          });
-          $('#qid_detail_subj').text(data.subject);
-          $('#qid_detail_text').text(data.text_plain);
-          $('#qid_detail_text_from_html').text(data.text_html);
-          if (typeof data.attachments !== 'undefined') {
-            $( "#qid_detail_atts" ).text('');
-            $.each(data.attachments, function( index, value ) {
-              $( "#qid_detail_atts" ).append(
-                '<p><a href="/inc/ajax/qitem_details.php?id=' + qitem + '&att=' + index + '" target="_blank">' + value[0] + '</a> (' + value[1] + ')' +
-                ' - <small><a href="' + value[3] + '" target="_blank">' + lang.check_hash + '</a></small></p>'
-              );
-            });
-          }
-          else {
-            $( "#qid_detail_atts" ).text('-');
-          }
+  $('body').on('click', '.show_qid_info', function (e) {
+    e.preventDefault();
+    var qitem = $(this).data('item');
+    var qError = $("#qid_error");
+
+    $('#qidDetailModal').modal('show');
+    qError.hide();
+
+    $.ajax({
+      url: '/inc/ajax/qitem_details.php',
+      data: { id: qitem },
+      dataType: 'json',
+      success: function(data){
+        if (typeof data.error !== 'undefined') {
+          qError.text(data.error);
+          qError.show();
         }
-      });
-    })
-  }
+        $('[data-id="qitems_single"]').each(function(index) {
+          $(this).attr("data-item", qitem);
+        });
+
+        $('#qid_detail_subj').text(data.subject);
+        $('#qid_detail_text').text(data.text_plain);
+        $('#qid_detail_text_from_html').text(data.text_html);
+
+        if (typeof data.attachments !== 'undefined') {
+          qAtts = $("#qid_detail_atts");
+          qAtts.text('');
+          $.each(data.attachments, function(index, value) {
+            qAtts.append(
+              '<p><a href="/inc/ajax/qitem_details.php?id=' + qitem + '&att=' + index + '" target="_blank">' + value[0] + '</a> (' + value[1] + ')' +
+              ' - <small><a href="' + value[3] + '" target="_blank">' + lang.check_hash + '</a></small></p>'
+            );
+          });
+        }
+        else {
+          qAtts.text('-');
+        }
+      }
+    });
+  });
+
   // Initial table drawings
   draw_quarantine_table();
 });

From fc63661fbd9261b766f995b3e04904af18184ee3 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Tue, 12 Mar 2019 23:15:26 +0100
Subject: [PATCH 09/17] [Solr] Change default configset before bootstrapping
 [Solr] Bootstrap cannot be omitted and must occur before mounting the data
 directory

---
 data/Dockerfiles/solr/Dockerfile              |  6 +++-
 data/Dockerfiles/solr/docker-entrypoint.sh    | 33 +++++--------------
 .../solr/solr-config-7.7.0.xml                |  0
 .../solr/solr-schema-7.7.0.xml                |  3 +-
 4 files changed, 16 insertions(+), 26 deletions(-)
 mode change 100755 => 100644 data/Dockerfiles/solr/docker-entrypoint.sh
 rename data/{conf => Dockerfiles}/solr/solr-config-7.7.0.xml (100%)
 rename data/{conf => Dockerfiles}/solr/solr-schema-7.7.0.xml (95%)

diff --git a/data/Dockerfiles/solr/Dockerfile b/data/Dockerfiles/solr/Dockerfile
index 25235664..1c74fde8 100644
--- a/data/Dockerfiles/solr/Dockerfile
+++ b/data/Dockerfiles/solr/Dockerfile
@@ -1,8 +1,12 @@
 FROM solr:7.7-alpine
 USER root
 COPY docker-entrypoint.sh /
+COPY solr-config-7.7.0.xml /
+COPY solr-schema-7.7.0.xml /
+
 
 RUN apk --no-cache add su-exec curl tzdata \
-  && chmod +x /docker-entrypoint.sh
+  && chmod +x /docker-entrypoint.sh \
+  && bash /docker-entrypoint.sh --bootstrap
 
 ENTRYPOINT ["/docker-entrypoint.sh"]
diff --git a/data/Dockerfiles/solr/docker-entrypoint.sh b/data/Dockerfiles/solr/docker-entrypoint.sh
old mode 100755
new mode 100644
index 0634874f..5a33620d
--- a/data/Dockerfiles/solr/docker-entrypoint.sh
+++ b/data/Dockerfiles/solr/docker-entrypoint.sh
@@ -18,16 +18,10 @@ fi
 
 set -e
 
-# allow easier debugging with `docker run -e VERBOSE=yes`
-if [[ "$VERBOSE" = "yes" ]]; then
-  set -x
-fi
-
 # run the optional initdb
 . /opt/docker-solr/scripts/run-initdb
 
 # fixing volume permission
-
 [[ -d /opt/solr/server/solr/dovecot-fts/data ]] && chown -R solr:solr /opt/solr/server/solr/dovecot-fts/data
 if [[ "${1}" != "--bootstrap" ]]; then
   sed -i '/SOLR_HEAP=/c\SOLR_HEAP="'${SOLR_HEAP:-1024}'m"' /opt/solr/bin/solr.in.sh
@@ -35,15 +29,13 @@ else
   sed -i '/SOLR_HEAP=/c\SOLR_HEAP="256m"' /opt/solr/bin/solr.in.sh
 fi
 
-# keep a sentinel file so we don't try to create the core a second time
-# for example when we restart a container.
-# todo: check if a core exists without sentinel file
+if [[ "${1}" == "--bootstrap" ]]; then
+  echo "Creating initial configuration"
+  echo "Modifying default config set"
+  cp /solr-config-7.7.0.xml /opt/solr/server/solr/configsets/_default/conf/solrconfig.xml
+  cp /solr-schema-7.7.0.xml /opt/solr/server/solr/configsets/_default/conf/schema.xml
+  rm /opt/solr/server/solr/configsets/_default/conf/managed-schema
 
-SENTINEL=/opt/docker-solr/fts_core_created
-
-if [[ -f ${SENTINEL} ]]; then
-  echo "skipping core creation"
-else
   echo "Starting local Solr instance to setup configuration"
   su-exec solr start-local-solr
 
@@ -58,19 +50,12 @@ else
   done
 
   echo "Created core \"dovecot-fts\""
-  touch ${SENTINEL}
 
   echo "Stopping local Solr"
   su-exec solr stop-local-solr
+
+  exit 0
 fi
 
-rm -f /opt/solr/server/solr/dovecot-fts/conf/schema.xml
-rm -f /opt/solr/server/solr/dovecot-fts/conf/managed-schema
-rm -f /opt/solr/server/solr/dovecot-fts/conf/solrconfig.xml
-
-cp /etc/solr/solr-config-7.7.0.xml /opt/solr/server/solr/dovecot-fts/conf/solrconfig.xml
-cp /etc/solr/solr-schema-7.7.0.xml /opt/solr/server/solr/dovecot-fts/conf/schema.xml
-
-chown -R solr:solr /opt/solr/server/solr/dovecot-fts/conf/{schema.xml,solrconfig.xml}
-
 exec su-exec solr solr-foreground
+
diff --git a/data/conf/solr/solr-config-7.7.0.xml b/data/Dockerfiles/solr/solr-config-7.7.0.xml
similarity index 100%
rename from data/conf/solr/solr-config-7.7.0.xml
rename to data/Dockerfiles/solr/solr-config-7.7.0.xml
diff --git a/data/conf/solr/solr-schema-7.7.0.xml b/data/Dockerfiles/solr/solr-schema-7.7.0.xml
similarity index 95%
rename from data/conf/solr/solr-schema-7.7.0.xml
rename to data/Dockerfiles/solr/solr-schema-7.7.0.xml
index f66d1eda..31176bd7 100644
--- a/data/conf/solr/solr-schema-7.7.0.xml
+++ b/data/Dockerfiles/solr/solr-schema-7.7.0.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 
-<schema name="dovecot" version="2.0">
+<schema name="dovecot-fts" version="2.0">
   <fieldType name="string" class="solr.StrField" omitNorms="true" sortMissingLast="true"/>
   <fieldType name="long" class="solr.LongPointField" positionIncrementGap="0"/>
   <fieldType name="boolean" class="solr.BoolField" sortMissingLast="true"/>
@@ -18,6 +18,7 @@
     </analyzer>
     <analyzer type="query">
       <tokenizer class="solr.StandardTokenizerFactory"/>
+      <filter class="solr.EdgeNGramFilterFactory" minGramSize="3" maxGramSize="20"/>
       <filter class="solr.SynonymGraphFilterFactory" expand="true" ignoreCase="true" synonyms="synonyms.txt"/>
       <filter class="solr.FlattenGraphFilterFactory"/>
       <filter class="solr.StopFilterFactory" words="stopwords.txt" ignoreCase="true"/>

From 837ee3b3b08a6046c7511e022015ac841f809798 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Tue, 12 Mar 2019 23:20:10 +0100
Subject: [PATCH 10/17] [Solr] Keep EdgeNGramFilterFactory out of query
 [Compose] Update PHP-FPM, Solr and ACME images

---
 data/Dockerfiles/solr/solr-schema-7.7.0.xml | 1 -
 docker-compose.yml                          | 9 ++++-----
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/data/Dockerfiles/solr/solr-schema-7.7.0.xml b/data/Dockerfiles/solr/solr-schema-7.7.0.xml
index 31176bd7..2c2e6343 100644
--- a/data/Dockerfiles/solr/solr-schema-7.7.0.xml
+++ b/data/Dockerfiles/solr/solr-schema-7.7.0.xml
@@ -18,7 +18,6 @@
     </analyzer>
     <analyzer type="query">
       <tokenizer class="solr.StandardTokenizerFactory"/>
-      <filter class="solr.EdgeNGramFilterFactory" minGramSize="3" maxGramSize="20"/>
       <filter class="solr.SynonymGraphFilterFactory" expand="true" ignoreCase="true" synonyms="synonyms.txt"/>
       <filter class="solr.FlattenGraphFilterFactory"/>
       <filter class="solr.StopFilterFactory" words="stopwords.txt" ignoreCase="true"/>
diff --git a/docker-compose.yml b/docker-compose.yml
index 8c1d785f..e15c0cca 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -94,7 +94,7 @@ services:
             - rspamd
 
     php-fpm-mailcow:
-      image: mailcow/phpfpm:1.34
+      image: mailcow/phpfpm:1.35
       build: ./data/Dockerfiles/phpfpm
       command: "php-fpm -d date.timezone=${TZ} -d expose_php=0"
       depends_on:
@@ -296,7 +296,7 @@ services:
     acme-mailcow:
       depends_on:
         - nginx-mailcow
-      image: mailcow/acme:1.48
+      image: mailcow/acme:1.49
       build: ./data/Dockerfiles/acme
       dns:
         - ${IPV4_NETWORK:-172.22.1}.254
@@ -395,12 +395,11 @@ services:
             - dockerapi
 
     solr-mailcow:
-      image: mailcow/solr:1.3
+      image: mailcow/solr:1.4
       build: ./data/Dockerfiles/solr
       restart: always
       volumes:
-        - solr-vol-1:/opt/solr/server/solr/dovecot/data
-        - ./data/conf/solr:/etc/solr
+        - solr-vol-1:/opt/solr/server/solr/dovecot-fts/data
       dns:
         - ${IPV4_NETWORK:-172.22.1}.254
       environment:

From 5b8a983be2a302fda6a7b8f9b27fe0e8919e9353 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Tue, 12 Mar 2019 23:23:38 +0100
Subject: [PATCH 11/17] [Update, Config] Set mode 600 for mailcow.conf

---
 generate_config.sh | 3 +++
 update.sh          | 1 +
 2 files changed, 4 insertions(+)

diff --git a/generate_config.sh b/generate_config.sh
index a882ec08..8cde0ffd 100755
--- a/generate_config.sh
+++ b/generate_config.sh
@@ -16,6 +16,7 @@ if [ -f mailcow.conf ]; then
   case $response in
     [yY][eE][sS]|[yY])
       mv mailcow.conf mailcow.conf_backup
+      chmod 600 mailcow.conf_backup
       ;;
     *)
       exit 1
@@ -237,5 +238,7 @@ EOF
 
 mkdir -p data/assets/ssl
 
+chmod 600 mailcow.conf
+
 # copy but don't overwrite existing certificate
 cp -n data/assets/ssl-example/*.pem data/assets/ssl/
diff --git a/update.sh b/update.sh
index 4fc668fb..05e54928 100755
--- a/update.sh
+++ b/update.sh
@@ -101,6 +101,7 @@ while (($#)); do
 done
 
 [[ ! -f mailcow.conf ]] && { echo "mailcow.conf is missing"; exit 1;}
+chmod 600 mailcow.conf
 source mailcow.conf
 DOTS=${MAILCOW_HOSTNAME//[^.]};
 if [ ${#DOTS} -lt 2 ]; then

From c77368ee705db354bfd1b291c3b0f12e88d8033f Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Tue, 12 Mar 2019 23:24:03 +0100
Subject: [PATCH 12/17] [ACME] Set mode 600 for key files

---
 data/Dockerfiles/acme/docker-entrypoint.sh | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/data/Dockerfiles/acme/docker-entrypoint.sh b/data/Dockerfiles/acme/docker-entrypoint.sh
index bb9a5a53..c8501168 100755
--- a/data/Dockerfiles/acme/docker-entrypoint.sh
+++ b/data/Dockerfiles/acme/docker-entrypoint.sh
@@ -42,7 +42,6 @@ mkdir -p ${ACME_BASE}/acme
 [[ -f ${ACME_BASE}/acme/private/privkey.pem ]] && mv ${ACME_BASE}/acme/private/privkey.pem ${ACME_BASE}/acme/key.pem
 [[ -f ${ACME_BASE}/acme/private/account.key ]] && mv ${ACME_BASE}/acme/private/account.key ${ACME_BASE}/acme/account.pem
 
-
 reload_configurations(){
   # Reading container IDs
   # Wrapping as array to ensure trimmed content when calling $NGINX etc.
@@ -156,6 +155,7 @@ else
     exec env TRIGGER_RESTART=1 $(readlink -f "$0")
   fi
 fi
+chmod 600 ${ACME_BASE}/key.pem
 
 log_f "Waiting for database... " no_nl
 while ! mysqladmin status --socket=/var/run/mysqld/mysqld.sock -u${DBUSER} -p${DBPASS} --silent; do
@@ -196,6 +196,9 @@ while true; do
     log_f "Using existing Lets Encrypt account key ${ACME_BASE}/acme/account.pem"
   fi
 
+  chmod 600 ${ACME_BASE}/acme/key.pem
+  chmod 600 ${ACME_BASE}/acme/account.pem
+
   # Skipping IP check when we like to live dangerously
   if [[ "${SKIP_IP_CHECK}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
     SKIP_IP_CHECK=y

From ffed14c277a2edac9623a8defd4a036cf5ce542a Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Tue, 12 Mar 2019 23:24:22 +0100
Subject: [PATCH 13/17] [PHP-FPM] Fix SQL upgrade script

---
 data/Dockerfiles/phpfpm/docker-entrypoint.sh | 35 +++++++++++---------
 1 file changed, 19 insertions(+), 16 deletions(-)

diff --git a/data/Dockerfiles/phpfpm/docker-entrypoint.sh b/data/Dockerfiles/phpfpm/docker-entrypoint.sh
index 76c4035e..bf055f3a 100755
--- a/data/Dockerfiles/phpfpm/docker-entrypoint.sh
+++ b/data/Dockerfiles/phpfpm/docker-entrypoint.sh
@@ -25,23 +25,26 @@ CONTAINER_ID=
 # Todo: Better check if upgrade failed
 # This can happen due to a broken sogo_view
 [ -s /mysql_upgrade_loop ] && SQL_LOOP_C=$(cat /mysql_upgrade_loop)
-CONTAINER_ID=$(curl --silent --insecure https://dockerapi/containers/json | jq -r ".[] | {name: .Config.Labels[\"com.docker.compose.service\"], id: .Id}" | jq -rc "select( .name | tostring | contains(\"mysql-mailcow\")) | .id")
-if [[ ! -z "${CONTAINER_ID}" ]] && [[ "${CONTAINER_ID}" =~ [^a-zA-Z0-9] ]]; then
-  SQL_UPGRADE_RETURN=$(curl --silent --insecure -XPOST https://dockerapi/containers/${CONTAINER_ID}/exec -d '{"cmd":"system", "task":"mysql_upgrade"}' --silent -H 'Content-type: application/json' | jq -r .type)
-  if [[ ${SQL_UPGRADE_RETURN} == 'warning' ]]; then
-    if [ -z ${SQL_LOOP_C} ]; then
-      echo 1 > /mysql_upgrade_loop
-      echo "MySQL applied an upgrade, restarting PHP-FPM..."
-      exit 1
-    else
-      rm /mysql_upgrade_loop
-      echo "MySQL was not applied previously, skipping. Restart php-fpm-mailcow to retry or run mysql_upgrade manually."
-      while ! mysqladmin status --socket=/var/run/mysqld/mysqld.sock -u${DBUSER} -p${DBPASS} --silent; do
-        echo "Waiting for SQL to return..."
-        sleep 2
-      done
-    fi
+until [[ ! -z "${CONTAINER_ID}" ]] && [[ "${CONTAINER_ID}" =~ ^[[:alnum:]]*$ ]]; do
+  CONTAINER_ID=$(curl --silent --insecure https://dockerapi/containers/json | jq -r ".[] | {name: .Config.Labels[\"com.docker.compose.service\"], id: .Id}" 2> /dev/null | jq -rc "select( .name | tostring | contains(\"mysql-mailcow\")) | .id" 2> /dev/null)
+done
+echo "MySQL @ ${CONTAINER_ID}"
+SQL_UPGRADE_RETURN=$(curl --silent --insecure -XPOST https://dockerapi/containers/${CONTAINER_ID}/exec -d '{"cmd":"system", "task":"mysql_upgrade"}' --silent -H 'Content-type: application/json' | jq -r .type)
+if [[ ${SQL_UPGRADE_RETURN} == 'warning' ]]; then
+  if [ -z ${SQL_LOOP_C} ]; then
+    echo 1 > /mysql_upgrade_loop
+    echo "MySQL applied an upgrade, restarting PHP-FPM..."
+    exit 1
+  else
+    rm /mysql_upgrade_loop
+    echo "MySQL was not applied previously, skipping. Restart php-fpm-mailcow to retry or run mysql_upgrade manually."
+    while ! mysqladmin status --socket=/var/run/mysqld/mysqld.sock -u${DBUSER} -p${DBPASS} --silent; do
+      echo "Waiting for SQL to return..."
+      sleep 2
+    done
   fi
+else
+  echo "MySQL is up-to-date"
 fi
 
 # Trigger db init

From 9482da211fb97ee21b86fb6a08ba8eaa366515f3 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Tue, 12 Mar 2019 23:39:28 +0100
Subject: [PATCH 14/17] [Rspamd] Update to 1.9 stable repository [Compose]
 Update Rspamd image

---
 data/Dockerfiles/rspamd/Dockerfile | 2 +-
 docker-compose.yml                 | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/data/Dockerfiles/rspamd/Dockerfile b/data/Dockerfiles/rspamd/Dockerfile
index 4c2094cf..87d92139 100644
--- a/data/Dockerfiles/rspamd/Dockerfile
+++ b/data/Dockerfiles/rspamd/Dockerfile
@@ -10,7 +10,7 @@ RUN apt-get update && apt-get install -y \
 	gnupg2 \
 	apt-transport-https \
 	&& apt-key adv --fetch-keys https://rspamd.com/apt/gpg.key \
-	&& echo "deb https://rspamd.com/apt/ bionic main" > /etc/apt/sources.list.d/rspamd.list \
+	&& echo "deb https://rspamd.com/apt-stable/ bionic main" > /etc/apt/sources.list.d/rspamd.list \
 	&& apt-get update && apt-get install -y rspamd \
 	&& rm -rf /var/lib/apt/lists/* \
 	&& apt-get autoremove --purge \
diff --git a/docker-compose.yml b/docker-compose.yml
index e15c0cca..49c784eb 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -71,7 +71,7 @@ services:
             - clamd
 
     rspamd-mailcow:
-      image: mailcow/rspamd:1.37
+      image: mailcow/rspamd:1.38
       build: ./data/Dockerfiles/rspamd
       stop_grace_period: 30s
       depends_on:

From d8dbcfac928825bcaad4325b898c0c32d1bf05c2 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Thu, 14 Mar 2019 01:46:15 +0100
Subject: [PATCH 15/17] [Web] Continue when a check in add_alias fails [Web]
 Fix "null" output in mailbox table when comments are missing [Update] Remove
 obsolete check/replace command

---
 data/web/inc/functions.mailbox.inc.php | 10 +++++-----
 data/web/js/site/mailbox.js            | 14 ++++++++++++--
 update.sh                              |  3 +--
 3 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/data/web/inc/functions.mailbox.inc.php b/data/web/inc/functions.mailbox.inc.php
index 82517492..d479f125 100644
--- a/data/web/inc/functions.mailbox.inc.php
+++ b/data/web/inc/functions.mailbox.inc.php
@@ -561,7 +561,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
                 'msg' => array('is_alias_or_mailbox', htmlspecialchars($address))
               );
-              return false;
+              continue;
             }
             $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
               WHERE `domain`= :domain1 OR `domain` = (SELECT `target_domain` FROM `alias_domain` WHERE `alias_domain` = :domain2)");
@@ -573,7 +573,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
                 'msg' => array('domain_not_found', htmlspecialchars($domain))
               );
-              return false;
+              continue;
             }
             $stmt = $pdo->prepare("SELECT `address` FROM `spamalias`
               WHERE `address`= :address");
@@ -585,7 +585,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
                 'msg' => array('is_spam_alias', htmlspecialchars($address))
               );
-              return false;
+              continue;
             }
             if ((!filter_var($address, FILTER_VALIDATE_EMAIL) === true) && !empty($local_part)) {
               $_SESSION['return'][] = array(
@@ -593,7 +593,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
                 'msg' => 'alias_invalid'
               );
-              return false;
+              continue;
             }
             if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
               $_SESSION['return'][] = array(
@@ -601,7 +601,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
                 'msg' => 'access_denied'
               );
-              return false;
+              continue;
             }
             $stmt = $pdo->prepare("INSERT INTO `alias` (`address`, `public_comment`, `private_comment`, `goto`, `domain`, `active`)
               VALUES (:address, :public_comment, :private_comment, :goto, :domain, :active)");
diff --git a/data/web/js/site/mailbox.js b/data/web/js/site/mailbox.js
index 00a815e6..674d6703 100644
--- a/data/web/js/site/mailbox.js
+++ b/data/web/js/site/mailbox.js
@@ -731,8 +731,18 @@ jQuery(function($){
               '</div>';
             item.chkbox = '<input type="checkbox" data-id="alias" name="multi_select" value="' + encodeURIComponent(item.id) + '" />';
             item.goto = escapeHtml(item.goto.replace(/,/g, " "));
-            item.public_comment = escapeHtml(item.public_comment);
-            item.private_comment = escapeHtml(item.private_comment);
+            if (item.public_comment !== null) {
+              item.public_comment = escapeHtml(item.public_comment);
+            }
+            else {
+              item.public_comment = '-';
+            }
+            if (item.private_comment !== null) {
+              item.private_comment = escapeHtml(item.private_comment);
+            }
+            else {
+              item.private_comment = '-';
+            }
             if (item.is_catch_all == 1) {
               item.address = '<div class="label label-default">Catch-All</div> ' + escapeHtml(item.address);
             }
diff --git a/update.sh b/update.sh
index fd5d4f37..be6ef9d7 100755
--- a/update.sh
+++ b/update.sh
@@ -359,9 +359,8 @@ if grep -q 'SYSCTL_IPV6_DISABLED=1' mailcow.conf; then
   read -p "Press any key to continue..." < /dev/tty
 fi
 
-echo -e "Fixing project name... "
+# Checking for old project name bug
 sed -i 's#COMPOSEPROJECT_NAME#COMPOSE_PROJECT_NAME#g' mailcow.conf
-sed -i '/COMPOSE_PROJECT_NAME=/s/-//g' mailcow.conf
 
 echo -e "Fixing PHP-FPM worker ports for Nginx sites..."
 sed -i 's#phpfpm:9000#phpfpm:9002#g' data/conf/nginx/*.conf

From a614d646154aa783b99230e35807838fc503b38d Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Thu, 14 Mar 2019 08:59:24 +0100
Subject: [PATCH 16/17] [SOGo] Adjust sync parameters, revert if you run into
 problems!

---
 data/conf/sogo/sogo.conf | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/data/conf/sogo/sogo.conf b/data/conf/sogo/sogo.conf
index aa1a86ec..b0ebf698 100644
--- a/data/conf/sogo/sogo.conf
+++ b/data/conf/sogo/sogo.conf
@@ -42,15 +42,19 @@
 
     SOGoMaximumPingInterval = 3540;
 
-    SOGoInternalSyncInterval = 45;
+    SOGoInternalSyncInterval = 60;
     SOGoMaximumSyncInterval = 3540;
 
+    // Pre-March-14-2019
     // 100 seems to break some Android clients
     //SOGoMaximumSyncWindowSize = 99;
     // This should do the trick for Outlook 2016
-    SOGoMaximumSyncResponseSize = 512;
+    //SOGoMaximumSyncResponseSize = 512;
+    // Post-March-14-2019
+    SOGoMaximumSyncResponseSize = 2048;
+    SOGoMaximumSyncWindowSize = 32;
 
-    WOWatchDogRequestTimeout = 20;
+    WOWatchDogRequestTimeout = 60;
     WOListenQueueSize = 300;
     WONoDetach = YES;
 

From d8e356f5901624a37c36d0a17adc9a430dca4c87 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Mon, 18 Mar 2019 01:36:32 +0100
Subject: [PATCH 17/17] [SOGo] Revert to previous settings

---
 data/conf/sogo/sogo.conf | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/data/conf/sogo/sogo.conf b/data/conf/sogo/sogo.conf
index b0ebf698..aa1a86ec 100644
--- a/data/conf/sogo/sogo.conf
+++ b/data/conf/sogo/sogo.conf
@@ -42,19 +42,15 @@
 
     SOGoMaximumPingInterval = 3540;
 
-    SOGoInternalSyncInterval = 60;
+    SOGoInternalSyncInterval = 45;
     SOGoMaximumSyncInterval = 3540;
 
-    // Pre-March-14-2019
     // 100 seems to break some Android clients
     //SOGoMaximumSyncWindowSize = 99;
     // This should do the trick for Outlook 2016
-    //SOGoMaximumSyncResponseSize = 512;
-    // Post-March-14-2019
-    SOGoMaximumSyncResponseSize = 2048;
-    SOGoMaximumSyncWindowSize = 32;
+    SOGoMaximumSyncResponseSize = 512;
 
-    WOWatchDogRequestTimeout = 60;
+    WOWatchDogRequestTimeout = 20;
     WOListenQueueSize = 300;
     WONoDetach = YES;