diff --git a/data/Dockerfiles/dovecot/docker-entrypoint.sh b/data/Dockerfiles/dovecot/docker-entrypoint.sh index 9ac2dc64..aa1aa0ae 100755 --- a/data/Dockerfiles/dovecot/docker-entrypoint.sh +++ b/data/Dockerfiles/dovecot/docker-entrypoint.sh @@ -307,12 +307,29 @@ namespace { } EOF +# Get SOGo IPv6 from Dig +SOGO_V6=$(dig +answer sogo AAAA +short) + +if [ $SOGO_V6 ]; then +cat < /etc/dovecot/sogo_trusted_ip.conf +# Autogenerated by mailcow +remote ${IPV4_NETWORK}.248 { + disable_plaintext_auth = no +} + +remote ${SOGO_V6} { + disable_plaintext_auth = no +} +EOF + +else cat < /etc/dovecot/sogo_trusted_ip.conf # Autogenerated by mailcow remote ${IPV4_NETWORK}.248 { disable_plaintext_auth = no } EOF +fi # Create random master Password for SOGo SSO RAND_PASS=$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 32 | head -n 1) @@ -349,6 +366,14 @@ sievec /var/vmail/sieve/global_sieve_after.sieve sievec /usr/lib/dovecot/sieve/report-spam.sieve sievec /usr/lib/dovecot/sieve/report-ham.sieve +for file in /var/vmail/*/*/sieve/*.sieve ; do + if [[ "$file" == "/var/vmail/*/*/sieve/*.sieve" ]]; then + continue + fi + sievec "$file" "$(dirname "$file")/../.dovecot.svbin" + chown vmail:vmail "$(dirname "$file")/../.dovecot.svbin" +done + # Fix permissions chown root:root /etc/dovecot/sql/*.conf chown root:dovecot /etc/dovecot/sql/dovecot-dict-sql-sieve* /etc/dovecot/sql/dovecot-dict-sql-quota* /etc/dovecot/lua/passwd-verify.lua diff --git a/data/Dockerfiles/sogo/Dockerfile b/data/Dockerfiles/sogo/Dockerfile index 72f7d816..f08600ac 100644 --- a/data/Dockerfiles/sogo/Dockerfile +++ b/data/Dockerfiles/sogo/Dockerfile @@ -2,7 +2,7 @@ FROM debian:bullseye-slim LABEL maintainer "Andre Peters " ARG DEBIAN_FRONTEND=noninteractive -ARG SOGO_DEBIAN_REPOSITORY=http://packages.inverse.ca/SOGo/nightly/5/debian/ +ARG SOGO_DEBIAN_REPOSITORY=http://packages.sogo.nu/nightly/5/debian/ ENV LC_ALL C ENV GOSU_VERSION 1.14 @@ -30,7 +30,7 @@ RUN echo "Building from repository $SOGO_DEBIAN_REPOSITORY" \ && gosu nobody true \ && mkdir /usr/share/doc/sogo \ && touch /usr/share/doc/sogo/empty.sh \ - && apt-key adv --keyserver keyserver.ubuntu.com --recv-key 0x810273C4 \ + && apt-key adv --keyserver keys.openpgp.org --recv-key 74FFC6D72B925A34B5D356BDF8A27B36A6E2EAE9 \ && echo "deb ${SOGO_DEBIAN_REPOSITORY} bullseye bullseye" > /etc/apt/sources.list.d/sogo.list \ && apt-get update && apt-get install -y --no-install-recommends \ sogo \ @@ -52,4 +52,4 @@ RUN chmod +x /bootstrap-sogo.sh \ ENTRYPOINT ["/docker-entrypoint.sh"] -CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf +CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf \ No newline at end of file diff --git a/data/conf/dovecot/dovecot.conf b/data/conf/dovecot/dovecot.conf index b7aca757..33a6e409 100644 --- a/data/conf/dovecot/dovecot.conf +++ b/data/conf/dovecot/dovecot.conf @@ -194,7 +194,6 @@ plugin { fts_solr = url=http://solr:8983/solr/dovecot-fts/ quota = dict:Userquota::proxy::sqlquota quota_rule2 = Trash:storage=+100%% - sieve = /var/vmail/sieve/%u.sieve sieve_plugins = sieve_imapsieve sieve_extprograms sieve_vacation_send_from_recipient = yes sieve_redirect_envelope_from = recipient diff --git a/data/web/css/build/008-mailcow.css b/data/web/css/build/008-mailcow.css index f557084f..b118ca01 100644 --- a/data/web/css/build/008-mailcow.css +++ b/data/web/css/build/008-mailcow.css @@ -269,6 +269,7 @@ code { padding: 10px; background: #fbfbfb; border: 1px solid #ededed; + min-height: 110px; } .tag-box { diff --git a/data/web/inc/footer.inc.php b/data/web/inc/footer.inc.php index b2f1d4d5..61d81dff 100644 --- a/data/web/inc/footer.inc.php +++ b/data/web/inc/footer.inc.php @@ -48,7 +48,14 @@ if (isset($pending_tfa_authmechs['u2f'])) { $globalVariables = [ 'mailcow_info' => array( 'version_tag' => $GLOBALS['MAILCOW_GIT_VERSION'], - 'git_project_url' => $GLOBALS['MAILCOW_GIT_URL'] + 'last_version_tag' => $GLOBALS['MAILCOW_LAST_GIT_VERSION'], + 'git_owner' => $GLOBALS['MAILCOW_GIT_OWNER'], + 'git_repo' => $GLOBALS['MAILCOW_GIT_REPO'], + 'git_project_url' => $GLOBALS['MAILCOW_GIT_URL'], + 'git_commit' => $GLOBALS['MAILCOW_GIT_COMMIT'], + 'git_commit_date' => $GLOBALS['MAILCOW_GIT_COMMIT_DATE'], + 'mailcow_branch' => $GLOBALS['MAILCOW_BRANCH'], + 'updated_at' => $GLOBALS['MAILCOW_UPDATEDAT'] ), 'js_path' => '/cache/'.basename($JSPath), 'pending_tfa_methods' => @$_SESSION['pending_tfa_methods'], diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php index 08963888..c26682c6 100644 --- a/data/web/inc/functions.inc.php +++ b/data/web/inc/functions.inc.php @@ -935,38 +935,47 @@ function check_login($user, $pass, $app_passwd_data = false) { $stmt->execute(array(':user' => $user)); $rows = array_merge($rows, $stmt->fetchAll(PDO::FETCH_ASSOC)); } - foreach ($rows as $row) { + foreach ($rows as $row) { // verify password if (verify_hash($row['password'], $pass) !== false) { - // check for tfa authenticators - $authenticators = get_tfa($user); - if (isset($authenticators['additional']) && is_array($authenticators['additional']) && count($authenticators['additional']) > 0) { - $_SESSION['pending_mailcow_cc_username'] = $user; - $_SESSION['pending_mailcow_cc_role'] = "user"; - $_SESSION['pending_tfa_methods'] = $authenticators['additional']; - unset($_SESSION['ldelay']); - $_SESSION['return'][] = array( - 'type' => 'success', - 'log' => array(__FUNCTION__, $user, '*'), - 'msg' => array('logged_in_as', $user) - ); - return "pending"; - } else { - if ($app_passwd_data['eas'] === true || $app_passwd_data['dav'] === true) { - $service = ($app_passwd_data['eas'] === true) ? 'EAS' : 'DAV'; - $stmt = $pdo->prepare("REPLACE INTO sasl_log (`service`, `app_password`, `username`, `real_rip`) VALUES (:service, :app_id, :username, :remote_addr)"); - $stmt->execute(array( - ':service' => $service, - ':app_id' => $row['app_passwd_id'], - ':username' => $user, - ':remote_addr' => ($_SERVER['HTTP_X_REAL_IP'] ?? $_SERVER['REMOTE_ADDR']) - )); + if (!array_key_exists("app_passwd_id", $row)){ + // password is not a app password + // check for tfa authenticators + $authenticators = get_tfa($user); + if (isset($authenticators['additional']) && is_array($authenticators['additional']) && count($authenticators['additional']) > 0 && + $app_passwd_data['eas'] !== true && $app_passwd_data['dav'] !== true) { + // authenticators found, init TFA flow + $_SESSION['pending_mailcow_cc_username'] = $user; + $_SESSION['pending_mailcow_cc_role'] = "user"; + $_SESSION['pending_tfa_methods'] = $authenticators['additional']; + unset($_SESSION['ldelay']); + $_SESSION['return'][] = array( + 'type' => 'success', + 'log' => array(__FUNCTION__, $user, '*'), + 'msg' => array('logged_in_as', $user) + ); + return "pending"; + } else if (!isset($authenticators['additional']) || !is_array($authenticators['additional']) || count($authenticators['additional']) == 0) { + // no authenticators found, login successfull + // Reactivate TFA if it was set to "deactivate TFA for next login" + $stmt = $pdo->prepare("UPDATE `tfa` SET `active`='1' WHERE `username` = :user"); + $stmt->execute(array(':user' => $user)); + + unset($_SESSION['ldelay']); + return "user"; } + } elseif ($app_passwd_data['eas'] === true || $app_passwd_data['dav'] === true) { + // password is a app password + $service = ($app_passwd_data['eas'] === true) ? 'EAS' : 'DAV'; + $stmt = $pdo->prepare("REPLACE INTO sasl_log (`service`, `app_password`, `username`, `real_rip`) VALUES (:service, :app_id, :username, :remote_addr)"); + $stmt->execute(array( + ':service' => $service, + ':app_id' => $row['app_passwd_id'], + ':username' => $user, + ':remote_addr' => ($_SERVER['HTTP_X_REAL_IP'] ?? $_SERVER['REMOTE_ADDR']) + )); unset($_SESSION['ldelay']); - // Reactivate TFA if it was set to "deactivate TFA for next login" - $stmt = $pdo->prepare("UPDATE `tfa` SET `active`='1' WHERE `username` = :user"); - $stmt->execute(array(':user' => $user)); return "user"; } } @@ -1626,12 +1635,8 @@ function verify_tfa_login($username, $_data) { global $WebAuthn; if ($_data['tfa_method'] != 'u2f'){ - $stmt = $pdo->prepare("SELECT `authmech` FROM `tfa` - WHERE `username` = :username AND `id` = :id AND `active` = '1'"); - $stmt->execute(array(':username' => $username, ':id' => $_data['id'])); - $row = $stmt->fetch(PDO::FETCH_ASSOC); - switch ($row["authmech"]) { + switch ($_data["tfa_method"]) { case "yubi_otp": if (!ctype_alnum($_data['token']) || strlen($_data['token']) != 44) { $_SESSION['return'][] = array( @@ -1645,10 +1650,9 @@ function verify_tfa_login($username, $_data) { $stmt = $pdo->prepare("SELECT `id`, `secret` FROM `tfa` WHERE `username` = :username AND `authmech` = 'yubi_otp' - AND `id` = :id AND `active` = '1' AND `secret` LIKE :modhex"); - $stmt->execute(array(':username' => $username, ':modhex' => '%' . $yubico_modhex_id, ':id' => $_data['id'])); + $stmt->execute(array(':username' => $username, ':modhex' => '%' . $yubico_modhex_id)); $row = $stmt->fetch(PDO::FETCH_ASSOC); $yubico_auth = explode(':', $row['secret']); $yubi = new Auth_Yubico($yubico_auth[0], $yubico_auth[1]); diff --git a/data/web/inc/vars.inc.php b/data/web/inc/vars.inc.php index 02366c75..87684b7a 100644 --- a/data/web/inc/vars.inc.php +++ b/data/web/inc/vars.inc.php @@ -100,6 +100,7 @@ $AVAILABLE_LANGUAGES = array( 'ru' => 'Pусский (Russian)', 'sk' => 'Slovenčina (Slovak)', 'sv' => 'Svenska (Swedish)', + 'tr' => 'Türkçe (Turkish)', 'uk' => 'Українська (Ukrainian)', 'zh' => '中文 (Chinese)' ); diff --git a/data/web/lang/lang.cs.json b/data/web/lang/lang.cs.json index 309331aa..e8b70b4a 100644 --- a/data/web/lang/lang.cs.json +++ b/data/web/lang/lang.cs.json @@ -839,7 +839,7 @@ "confirm_delete": "Potvrdit smazání prvku.", "danger": "Nebezpečí", "deliver_inbox": "Doručit do schránky", - "disabled_by_config": "Funkce karanténa je momentálně vypnuta v nastavení systému.", + "disabled_by_config": "Funkce karanténa je momentálně vypnuta v nastavení systému. Nastavte, prosím, prvkům karantény hodnoty \"počet zadržených zpráv\" a \"maximální velikost\".", "download_eml": "Stáhnout (.eml)", "empty": "Žádné výsledky", "high_danger": "Vysoké nebezpečí", diff --git a/data/web/lang/lang.fr.json b/data/web/lang/lang.fr.json index 02d35d35..f3ff355c 100644 --- a/data/web/lang/lang.fr.json +++ b/data/web/lang/lang.fr.json @@ -102,7 +102,8 @@ "timeout2": "Délai d'expiration pour la connexion à l'hôte local", "username": "Nom d'utilisateur", "validate": "Valider", - "validation_success": "Validation réussie" + "validation_success": "Validation réussie", + "bcc_dest_format": "La destination Cci doit être une seule adresse e-mail valide.
Si vous avez besoin d'envoyer une copie à plusieurs adresses, créez un alias et utilisez-le ici." }, "admin": { "access": "Accès", @@ -322,7 +323,9 @@ "yes": "✓", "api_read_write": "Accès Lecture-Écriture", "oauth2_add_client": "Ajouter un client OAuth2", - "password_policy": "Politique de mots de passe" + "password_policy": "Politique de mots de passe", + "admins": "Administrateurs", + "api_read_only": "Accès lecture-seule" }, "danger": { "access_denied": "Accès refusé ou données de formulaire non valides", diff --git a/data/web/lang/lang.it.json b/data/web/lang/lang.it.json index 569951e0..a4a636a9 100644 --- a/data/web/lang/lang.it.json +++ b/data/web/lang/lang.it.json @@ -973,7 +973,8 @@ "verified_fido2_login": "Verified FIDO2 login", "verified_totp_login": "Verified TOTP login", "verified_webauthn_login": "Verified WebAuthn login", - "verified_yotp_login": "Verified Yubico OTP login" + "verified_yotp_login": "Verified Yubico OTP login", + "domain_add_dkim_available": "Esisteva già una chiave DKIM" }, "tfa": { "api_register": "%s usa le API Yubico Cloud. Richiedi una chiave API qui", diff --git a/data/web/lang/lang.ro.json b/data/web/lang/lang.ro.json index e769e041..65030ea4 100644 --- a/data/web/lang/lang.ro.json +++ b/data/web/lang/lang.ro.json @@ -979,7 +979,8 @@ "verified_totp_login": "Autentificarea TOTP verificată", "verified_webauthn_login": "Autentificarea WebAuthn verificată", "verified_fido2_login": "Conectare FIDO2 verificată", - "verified_yotp_login": "Autentificarea Yubico OTP verificată" + "verified_yotp_login": "Autentificarea Yubico OTP verificată", + "domain_add_dkim_available": "O cheie DKIM deja a existat" }, "tfa": { "api_register": "%s utilizează API-ul Yubico Cloud. Obțineți o cheie API pentru cheia dvs. de aici", @@ -990,7 +991,7 @@ "enter_qr_code": "Codul tău TOTP dacă dispozitivul tău nu poate scana codurile QR", "error_code": "Cod de eroare", "init_webauthn": "Inițializare, vă rugăm așteptați...", - "key_id": "Un identificator pentru YubiKey", + "key_id": "Un identificator pentru dispozitiv", "key_id_totp": "Un identificator pentru cheia ta", "none": "Dezactivează", "reload_retry": "- (reîncărcați browserul dacă eroarea persistă)", diff --git a/data/web/lang/lang.tr.json b/data/web/lang/lang.tr.json new file mode 100644 index 00000000..697c7483 --- /dev/null +++ b/data/web/lang/lang.tr.json @@ -0,0 +1,85 @@ +{ + "acl": { + "alias_domains": "Takma alan adı ekle", + "app_passwds": "Uygulama şifrelerini yönet", + "delimiter_action": "Sınırlama işlemi", + "domain_relayhost": "Bir alan adı için relayhost sunucusunu değiştir", + "eas_reset": "EAS cihazlarını sıfırla", + "mailbox_relayhost": "Bir posta kutusunun relayhost sunucularını değiştir", + "pushover": "Bildirim", + "quarantine": "Karantina işlemleri", + "quarantine_attachments": "Ekleri karantinaya al", + "quarantine_notification": "Karantina bildirimlerini değiştir", + "smtp_ip_access": "SMTP sunucularının değiştirilmesine izin ver", + "sogo_access": "SOGo erişiminin yönetilmesine izin ver", + "domain_desc": "Alan adı açıklamasını değiştir", + "extend_sender_acl": "Gönderenin acl'sini harici adreslere göre genişletmeye izin ver", + "spam_policy": "Engellenenler / İzin verilenler" + }, + "add": { + "activate_filter_warn": "Aktif edilirse diğer tüm filtreler devre dışı bırakılacak.", + "add_domain_only": "Sadece alan adı ekle", + "alias_address": "Takma ad adres(leri)", + "alias_domain": "Takma alan adı", + "alias_domain_info": "Sadece geçerli alan adları (virgülle ayırın).", + "backup_mx_options": "İletme ayarları", + "delete2": "Kaynakta olmayan hedefteki mesajları sil", + "delete2duplicates": "Hedefteki kopyaları sil", + "disable_login": "Giriş yapmaya izin verme ( Gelen mailler yine de kabul edilir)", + "domain": "Alan adı", + "domain_matches_hostname": "Alan adı %s ana bilgisayar adıyla eşleşiyor", + "add_domain_restart": "Alan adı ekleyin ve SOGo'yu yeniden başlatın", + "alias_address_info": "Bir alan adına ilişkin tüm iletileri yakalamak için tam e-posta adresi veya @example.com olacak şeklinde girin (virgülle ayırın).sadece mailcow alan adları.", + "domain_quota_m": "Toplam alan adı kotası (MiB)", + "generate": "oluştur", + "goto_ham": "Ham olarakişaretle", + "goto_null": "Postaları sessizce çöpe at", + "goto_spam": "Spam olarakişaretle", + "hostname": "Ana sunucu", + "kind": "Tür", + "mailbox_quota_m": "Posta kutusu başına maksimum kota (MiB)", + "max_aliases": "Maksimum olası takma adı", + "max_mailboxes": "Maksimum olası posta kutusu", + "nexthop": "Sonraki atlama", + "port": "Port", + "public_comment": "Genel yorum", + "relay_all": "Tüm alıcılara ilet", + "relay_all_info": "Eğer hiçbir alıcıya iletilmemesini seçerseniz, aktarılması gereken her alıcı için bir (\"kör\") posta kutusu eklemeniz gerekecektir.", + "relay_domain": "Bu alan adını ilet", + "relay_transport_info": "
Bilgi
Bu etki alanı için özel bir hedef için aktarım eşlemeleri tanımlayabilirsiniz. Ayarlanmazsa, bir MX araması yapılacaktır.", + "relay_unknown_only": "Yalnızca mevcut olmayan posta kutularını ilet. Mevcut posta kutuları yerel olarak teslim edilecektir.", + "relayhost_wrapped_tls_info": "Lütfen TLS ile örtülmüş portları kullanmayın (çoğu 465 portunda çalışır).
\nÖrtülmemiş port kullan ve STARTTLS üzerinden yayınla. TLS'yi zorlamak için bir TLS ilkesi \"TLS ilke eşlemeleri\" sayfası içinde oluşturulabilir.", + "skipcrossduplicates": "Klasörler arasında yinelenen mesajları atlayın (ilk mesaj seçilir)", + "target_address": "Adreslere git", + "target_address_info": "Tam e-posta adres(leri) girin ( virgülle ayırın).", + "target_domain": "Hedef alan adı", + "timeout1": "Uzak ana bilgisayara bağlantısı zaman aşımına uğradı", + "timeout2": "Yerel ana bilgisayara bağlantı zaman aşımına uğradı" + }, + "admin": { + "action": "İşlem", + "add_forwarding_host": "Yönlendirme sunucusu ekle", + "add_transport": "İletim ekle", + "admin_details": "Yönetici detaylarını düzenle", + "admin_domains": "Alan adı atamaları", + "add_domain_admin": "Alan adı yöneticisi ekle", + "api_info": "API üzerinde çalışmalar devam etmektedir. Belgeler /apiadresinde bulunabilir", + "apps_name": "\"mailcow Uygulamaları\" adı", + "authed_user": "Yetkili kullanıcı", + "ban_list_info": "Aşağıdaki yasaklı IP'lerin listesine bakın: ağ (kalan yasak süresi) - [işlemler].
Yasağı kaldırılmak üzere sıraya alınan IP'ler birkaç saniye içinde aktif yasak listesinden kaldırılacaktır.
Kırmızı etiketler, kara listeye alınarak aktif kalıcı yasakları gösterir.", + "configuration": "Yapılandırma", + "dkim_from_title": "Verilerin kopyalanacağı kaynak alan adı", + "dkim_to": "Kime", + "dkim_to_title": "Hedef alan ad(ları) üzerinde yazılacak", + "dkim_domains_wo_keys": "Eksik anahtarları olan alan adlarını seçin", + "domain": "Alan adı", + "domain_admin": "Alan adı yöneticisi", + "domain_admins": "Alan adı yöneticileri", + "domain_s": "Alan ad(ları)", + "duplicate": "Çift", + "duplicate_dkim": "Çift DKIM kayıtları", + "f2b_ban_time": "Yasaklama süresi (saniye)", + "f2b_max_attempts": "Maksimum giriş denemesi", + "f2b_retry_window": "Maksimum girişim için deneme pencere(leri)" + } +} diff --git a/data/web/templates/base.twig b/data/web/templates/base.twig index 37c27e21..b19c548a 100644 --- a/data/web/templates/base.twig +++ b/data/web/templates/base.twig @@ -182,30 +182,19 @@ function recursiveBase64StrToArrayBuffer(obj) { keyboard: false }); - // validate Yubi OTP tfa - $("#pending_tfa_tab_yubi_otp").click(function(){ - $(".totp-authenticator-selection").removeClass("active"); - $(".webauthn-authenticator-selection").removeClass("active"); - $("#collapseTotpTFA").collapse('hide'); - $("#collapseWebAuthnTFA").collapse('hide'); - }); - $(".yubi-authenticator-selection").click(function(){ - $(".yubi-authenticator-selection").removeClass("active"); - $(this).addClass("active"); - - var id = $(this).children('input').first().val(); - $("#yubi_selected_id").val(id); - - $("#collapseYubiTFA").collapse('show'); - }); // validate Time based OTP tfa $("#pending_tfa_tab_totp").click(function(){ - $(".yubi-authenticator-selection").removeClass("active"); $(".webauthn-authenticator-selection").removeClass("active"); - - $("#collapseYubiTFA").collapse('hide'); $("#collapseWebAuthnTFA").collapse('hide'); + + // select default if only one authenticator exists + if ($('.totp-authenticator-selection').length == 1){ + $('.totp-authenticator-selection').addClass("active"); + var id = $('.totp-authenticator-selection').children('input').first().val(); + $("#totp_selected_id").val(id); + $("#collapseTotpTFA").collapse('show'); + } }); $(".totp-authenticator-selection").click(function(){ $(".totp-authenticator-selection").removeClass("active"); @@ -216,13 +205,37 @@ function recursiveBase64StrToArrayBuffer(obj) { $("#collapseTotpTFA").collapse('show'); }); + if ($('.totp-authenticator-selection').length == 1 && + $('#pending_tfa_tab_yubi_otp').length == 0 && + $('.webauthn-authenticator-selection').length == 0){ + + // select default if only one authenticator exists + $('.totp-authenticator-selection').addClass("active"); + + var id = $('.totp-authenticator-selection').children('input').first().val(); + $("#totp_selected_id").val(id); + + $("#collapseTotpTFA").collapse('show'); + setTimeout(function() { $("#collapseTotpTFA").find('input[name="token"]').focus(); }, 1000); + } + $('#pending_tfa_tab_totp').on('shown.bs.tab', function() { + // autofocus + setTimeout(function() { $("#collapseTotpTFA").find('input[name="token"]').focus(); }, 200); + }); + // validate Yubi OTP tfa + if ($('.webauthn-authenticator-selection').length == 0){ + // autofocus + setTimeout(function() { $("#collapseYubiTFA").find('input[name="token"]').focus(); }, 1000); + } + $('#pending_tfa_tab_yubi_otp').on('shown.bs.tab', function() { + // autofocus + $("#collapseYubiTFA").find('input[name="token"]').focus(); + }); // validate WebAuthn tfa $("#pending_tfa_tab_webauthn").click(function(){ $(".totp-authenticator-selection").removeClass("active"); - $(".yubi-authenticator-selection").removeClass("active"); $("#collapseTotpTFA").collapse('hide'); - $("#collapseYubiTFA").collapse('hide'); }); $(".webauthn-authenticator-selection").click(function(){ $(".webauthn-authenticator-selection").removeClass("active"); @@ -477,13 +490,20 @@ function recursiveBase64StrToArrayBuffer(obj) { {% if ui_texts.ui_footer %}
{{ ui_texts.ui_footer|rot13|raw }} {% endif %} - {% if mailcow_cc_username and mailcow_info.version_tag|default %} + {% if mailcow_cc_username and mailcow_info.mailcow_branch|lower == "master" and mailcow_info.version_tag|default %} 🐮 + 🐋 = 💕 - - Version: {{ mailcow_info.version_tag }} + Version: {{ mailcow_info.version_tag }} + {% endif %} + {% if mailcow_cc_username and mailcow_info.mailcow_branch|lower == "nightly" and mailcow_info.version_tag|default %} + + 🛠️🐮 + 🐋 = 💕 + Nightly: {{ mailcow_info.version_tag }} +
+ Build: {{ mailcow_info.git_commit_date }} + {% endif %} diff --git a/data/web/templates/modals/footer.twig b/data/web/templates/modals/footer.twig index 67cc3482..52e89e00 100644 --- a/data/web/templates/modals/footer.twig +++ b/data/web/templates/modals/footer.twig @@ -206,20 +206,9 @@
- Authenticators + Authenticate -
- {% for authenticator in pending_tfa_methods %} - {% if authenticator["authmech"] == "yubi_otp" %} - - - {{ authenticator["key_id"] }} - - - {% endif %} - {% endfor %} -
-
+
Yubicon Icon diff --git a/data/web/templates/user/tab-user-auth.twig b/data/web/templates/user/tab-user-auth.twig index 675c22e1..7596a036 100644 --- a/data/web/templates/user/tab-user-auth.twig +++ b/data/web/templates/user/tab-user-auth.twig @@ -18,10 +18,6 @@ {{ lang.user.open_webmail_sso }} {% endif %} -
@@ -47,6 +43,8 @@

{{ mailboxdata.quota_used|formatBytes(2) }} / {% if mailboxdata.quota == 0 %}∞{% else %}{{ mailboxdata.quota|formatBytes(2) }}{% endif %}
{{ mailboxdata.messages }} {{ lang.user.messages }}

+
+

{{ lang.user.change_password }}

diff --git a/docker-compose.yml b/docker-compose.yml index 91266e00..9fbfef59 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -168,7 +168,7 @@ services: - phpfpm sogo-mailcow: - image: mailcow/sogo:1.109 + image: mailcow/sogo:1.110 environment: - DBNAME=${DBNAME} - DBUSER=${DBUSER} @@ -215,7 +215,7 @@ services: - sogo dovecot-mailcow: - image: mailcow/dovecot:1.17 + image: mailcow/dovecot:1.18 depends_on: - mysql-mailcow dns: diff --git a/generate_config.sh b/generate_config.sh index de285178..afd1d892 100755 --- a/generate_config.sh +++ b/generate_config.sh @@ -16,19 +16,49 @@ if [[ "$(uname -r)" =~ ^4\.4\. ]]; then fi fi -if grep --help 2>&1 | grep -q -i "busybox"; then - echo "BusyBox grep detected, please install gnu grep, \"apk add --no-cache --upgrade grep\"" - exit 1 -fi -if cp --help 2>&1 | grep -q -i "busybox"; then - echo "BusyBox cp detected, please install coreutils, \"apk add --no-cache --upgrade coreutils\"" - exit 1 -fi +if grep --help 2>&1 | head -n 1 | grep -q -i "busybox"; then echo "BusyBox grep detected, please install gnu grep, \"apk add --no-cache --upgrade grep\""; exit 1; fi +# This will also cover sort +if cp --help 2>&1 | head -n 1 | grep -q -i "busybox"; then echo "BusyBox cp detected, please install coreutils, \"apk add --no-cache --upgrade coreutils\""; exit 1; fi +if sed --help 2>&1 | head -n 1 | grep -q -i "busybox"; then echo "BusyBox sed detected, please install gnu sed, \"apk add --no-cache --upgrade sed\""; exit 1; fi -for bin in openssl curl docker docker-compose git awk sha1sum; do +for bin in openssl curl docker git awk sha1sum; do if [[ -z $(which ${bin}) ]]; then echo "Cannot find ${bin}, exiting..."; exit 1; fi done +if docker compose > /dev/null 2>&1; then + if docker compose version --short | grep "^2." > /dev/null 2>&1; then + COMPOSE_VERSION=native + echo -e "\e[31mFound Docker Compose Plugin (native).\e[0m" + echo -e "\e[31mSetting the DOCKER_COMPOSE_VERSION Variable to native\e[0m" + sleep 2 + echo -e "\e[33mNotice: You´ll have to update this Compose Version via your Package Manager manually!\e[0m" + else + echo -e "\e[31mCannot find Docker Compose with a Version Higher than 2.X.X.\e[0m" + echo -e "\e[31mPlease update/install it manually regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/\e[0m" + exit 1 + fi +elif docker-compose > /dev/null 2>&1; then + if ! [[ $(alias docker-compose 2> /dev/null) ]] ; then + if docker-compose version --short | grep "^2." > /dev/null 2>&1; then + COMPOSE_VERSION=standalone + echo -e "\e[31mFound Docker Compose Standalone.\e[0m" + echo -e "\e[31mSetting the DOCKER_COMPOSE_VERSION Variable to standalone\e[0m" + sleep 2 + echo -e "\e[33mNotice: For an automatic update of docker-compose please use the update_compose.sh scripts located at the helper-scripts folder.\e[0m" + else + echo -e "\e[31mCannot find Docker Compose with a Version Higher than 2.X.X.\e[0m" + echo -e "\e[31mPlease update/install manually regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/\e[0m" + exit 1 + fi + fi + +else + echo -e "\e[31mCannot find Docker Compose.\e[0m" + echo -e "\e[31mPlease install it regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/\e[0m" + exit 1 +fi + + if [ -f mailcow.conf ]; then read -r -p "A config file exists and will be overwritten, are you sure you want to continue? [y/N] " response case $response in @@ -105,6 +135,25 @@ else SKIP_SOLR=n fi +echo "Which branch of mailcow do you want to use?" +echo "" +echo "Available Branches:" +echo "- master branch (stable updates) | default, recommended [1]" +echo "- nightly branch (unstable updates, testing) | not-production ready [2]" +sleep 1 +read -r -p "Choose the Branch with it´s number [1/2] " branch + case $branch in + [2]) + git_branch="nightly" + ;; + *) + git_branch="master" + ;; + esac + +git fetch --all +git checkout -f $git_branch + [ ! -f ./data/conf/rspamd/override.d/worker-controller-password.inc ] && echo '# Placeholder' > ./data/conf/rspamd/override.d/worker-controller-password.inc cat << EOF > mailcow.conf @@ -183,6 +232,14 @@ TZ=${MAILCOW_TZ} COMPOSE_PROJECT_NAME=mailcowdockerized +# Used Docker Compose version +# Switch here between native (compose plugin) and standalone +# For more informations take a look at the mailcow docs regarding the configuration options. +# Normally this should be untouched but if you decided to use either of those you can switch it manually here. +# Please be aware that at least one of those variants should be installed on your maschine or mailcow will fail. + +DOCKER_COMPOSE_VERSION=${COMPOSE_VERSION} + # Set this to "allow" to enable the anyone pseudo user. Disabled by default. # When enabled, ACL can be created, that apply to "All authenticated users" # This should probably only be activated on mail hosts, that are used exclusivly by one organisation. @@ -363,16 +420,42 @@ echo "Copying snake-oil certificate..." cp -n -d data/assets/ssl-example/*.pem data/assets/ssl/ # Set app_info.inc.php -mailcow_git_version=$(git describe --tags `git rev-list --tags --max-count=1`) +if [ ${git_branch} == "master" ]; then + mailcow_git_version=$(git describe --tags `git rev-list --tags --max-count=1`) +elif [ ${git_branch} == "nightly" ]; then + mailcow_git_version=$(git rev-parse --short $(git rev-parse @{upstream})) + mailcow_last_git_version="" +else + mailcow_git_version=$(git rev-parse --short HEAD) + mailcow_last_git_version="" +fi + +mailcow_git_commit=$(git rev-parse origin/${git_branch}) +mailcow_git_commit_date=$(git log -1 --format=%ci @{upstream} ) + if [ $? -eq 0 ]; then echo ' data/web/inc/app_info.inc.php echo ' $MAILCOW_GIT_VERSION="'$mailcow_git_version'";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_LAST_GIT_VERSION="";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_OWNER="mailcow";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_REPO="mailcow-dockerized";' >> data/web/inc/app_info.inc.php echo ' $MAILCOW_GIT_URL="https://github.com/mailcow/mailcow-dockerized";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_COMMIT="'$mailcow_git_commit'";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_COMMIT_DATE="'$mailcow_git_commit_date'";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_BRANCH="'$git_branch'";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_UPDATEDAT='$(date +%s)';' >> data/web/inc/app_info.inc.php echo '?>' >> data/web/inc/app_info.inc.php else echo ' data/web/inc/app_info.inc.php - echo ' $MAILCOW_GIT_VERSION="";' >> data/web/inc/app_info.inc.php - echo ' $MAILCOW_GIT_URL="";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_VERSION="'$mailcow_git_version'";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_LAST_GIT_VERSION="";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_OWNER="mailcow";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_REPO="mailcow-dockerized";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_URL="https://github.com/mailcow/mailcow-dockerized";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_COMMIT="";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_COMMIT_DATE="";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_BRANCH="'$git_branch'";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_UPDATEDAT='$(date +%s)';' >> data/web/inc/app_info.inc.php echo '?>' >> data/web/inc/app_info.inc.php echo -e "\e[33mCannot determine current git repository version...\e[0m" -fi +fi \ No newline at end of file diff --git a/helper-scripts/_cold-standby.sh b/helper-scripts/_cold-standby.sh index fadee6f6..0e8885a3 100755 --- a/helper-scripts/_cold-standby.sh +++ b/helper-scripts/_cold-standby.sh @@ -77,7 +77,7 @@ function preflight_local_checks() { exit 1 fi - for bin in rsync docker docker-compose grep cut; do + for bin in rsync docker grep cut; do if [[ -z $(which ${bin}) ]]; then >&2 echo -e "\e[31mCannot find ${bin} in local PATH, exiting...\e[0m" exit 1 @@ -111,7 +111,7 @@ function preflight_remote_checks() { exit 1 fi - for bin in rsync docker docker-compose; do + for bin in rsync docker; do if ! ssh -o StrictHostKeyChecking=no \ -i "${REMOTE_SSH_KEY}" \ ${REMOTE_SSH_HOST} \ @@ -121,17 +121,44 @@ function preflight_remote_checks() { exit 1 fi done + + ssh -o StrictHostKeyChecking=no \ + -i "${REMOTE_SSH_KEY}" \ + ${REMOTE_SSH_HOST} \ + -p ${REMOTE_SSH_PORT} \ + "bash -s" << "EOF" +if docker compose > /dev/null 2>&1; then + exit 0 +elif docker-compose version --short | grep "^2." > /dev/null 2>&1; then + exit 1 +else +exit 2 +fi +EOF + +if [ $? = 0 ]; then + COMPOSE_COMMAND="docker compose" + echo "DEBUG: Using native docker compose on remote" + +elif [ $? = 1 ]; then + COMPOSE_COMMAND="docker-compose" + echo "DEBUG: Using standalone docker compose on remote" + +else + echo -e "\e[31mCannot find any Docker Compose on remote, exiting...\e[0m" + exit 1 +fi } +SCRIPT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) +source "${SCRIPT_DIR}/../mailcow.conf" +COMPOSE_FILE="${SCRIPT_DIR}/../docker-compose.yml" +CMPS_PRJ=$(echo ${COMPOSE_PROJECT_NAME} | tr -cd 'A-Za-z-_') +SQLIMAGE=$(grep -iEo '(mysql|mariadb)\:.+' "${COMPOSE_FILE}") + preflight_local_checks preflight_remote_checks -SCRIPT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) -COMPOSE_FILE="${SCRIPT_DIR}/../docker-compose.yml" -source "${SCRIPT_DIR}/../mailcow.conf" -CMPS_PRJ=$(echo ${COMPOSE_PROJECT_NAME} | tr -cd 'A-Za-z-_') -SQLIMAGE=$(grep -iEo '(mysql|mariadb)\:.+' "${COMPOSE_FILE}") - echo echo -e "\033[1mFound compose project name ${CMPS_PRJ} for ${MAILCOW_HOSTNAME}\033[0m" echo -e "\033[1mFound SQL ${SQLIMAGE}\033[0m" @@ -258,7 +285,7 @@ echo "OK" -i "${REMOTE_SSH_KEY}" \ ${REMOTE_SSH_HOST} \ -p ${REMOTE_SSH_PORT} \ - docker-compose -f "${SCRIPT_DIR}/../docker-compose.yml" pull --no-parallel --quiet 2>&1 ; then + ${COMPOSE_COMMAND} -f "${SCRIPT_DIR}/../docker-compose.yml" pull --no-parallel --quiet 2>&1 ; then >&2 echo -e "\e[31m[ERR]\e[0m - Could not pull images on remote" fi @@ -271,13 +298,4 @@ if ! ssh -o StrictHostKeyChecking=no \ >&2 echo -e "\e[31m[ERR]\e[0m - Could not cleanup old images on remote" fi -echo -e "\033[1mExecuting update script and checking for new docker-compose Version on remote...\033[0m" -if ! ssh -o StrictHostKeyChecking=no \ - -i "${REMOTE_SSH_KEY}" \ - ${REMOTE_SSH_HOST} \ - -p ${REMOTE_SSH_PORT} \ - ${SCRIPT_DIR}/../update.sh -f --update-compose ; then - >&2 echo -e "\e[31m[ERR]\e[0m - Could not fetch docker-compose on remote" -fi - -echo -e "\e[32mDone\e[0m" +echo -e "\e[32mDone\e[0m" \ No newline at end of file diff --git a/helper-scripts/backup_and_restore.sh b/helper-scripts/backup_and_restore.sh index 506420b4..6781600f 100755 --- a/helper-scripts/backup_and_restore.sh +++ b/helper-scripts/backup_and_restore.sh @@ -160,12 +160,24 @@ function backup() { } function restore() { - for bin in docker docker-compose; do + for bin in docker; do if [[ -z $(which ${bin}) ]]; then >&2 echo -e "\e[31mCannot find ${bin} in local PATH, exiting...\e[0m" exit 1 fi - done + done + + if [ "${DOCKER_COMPOSE_VERSION}" == "native" ]; then + COMPOSE_COMMAND="docker compose" + + elif [ "${DOCKER_COMPOSE_VERSION}" == "standalone" ]; then + COMPOSE_COMMAND="docker-compose" + + else + echo -e "\e[31mCan not read DOCKER_COMPOSE_VERSION variable from mailcow.conf! Is your mailcow up to date? Exiting...\e[0m" + exit 1 + fi + echo echo "Stopping watchdog-mailcow..." docker stop $(docker ps -qf name=watchdog-mailcow) @@ -244,7 +256,7 @@ function restore() { continue else echo "Stopping mailcow..." - docker-compose -f ${COMPOSE_FILE} --env-file ${ENV_FILE} down + ${COMPOSE_COMMAND} -f ${COMPOSE_FILE} --env-file ${ENV_FILE} down fi #docker stop $(docker ps -qf name=mysql-mailcow) if [[ -d "${RESTORE_LOCATION}/mysql" ]]; then @@ -282,7 +294,7 @@ function restore() { sed -i --follow-symlinks "/DBROOT/c\DBROOT=${DBROOT}" ${SCRIPT_DIR}/../mailcow.conf source ${SCRIPT_DIR}/../mailcow.conf echo "Starting mailcow..." - docker-compose -f ${COMPOSE_FILE} --env-file ${ENV_FILE} up -d + ${COMPOSE_COMMAND} -f ${COMPOSE_FILE} --env-file ${ENV_FILE} up -d #docker start $(docker ps -aqf name=mysql-mailcow) fi ;; diff --git a/helper-scripts/update_compose.sh b/helper-scripts/update_compose.sh new file mode 100755 index 00000000..c58eabea --- /dev/null +++ b/helper-scripts/update_compose.sh @@ -0,0 +1,70 @@ +#!/bin/bash +SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" + +source ${SCRIPT_DIR}/../mailcow.conf + +if [ "${DOCKER_COMPOSE_VERSION}" == "standalone" ]; then +LATEST_COMPOSE=$(curl -#L https://www.servercow.de/docker-compose/latest.php) +COMPOSE_VERSION=$(docker-compose version --short) +if [[ "$LATEST_COMPOSE" != "$COMPOSE_VERSION" ]]; then + echo -e "\e[33mA new docker-compose Version is available: $LATEST_COMPOSE\e[0m" + echo -e "\e[33mYour Version is: $COMPOSE_VERSION\e[0m" +else + echo -e "\e[32mYour docker-compose Version is up to date! Not updating it...\e[0m" + exit 0 +fi +read -r -p "Do you want to update your docker-compose Version? It will automatic upgrade your docker-compose installation (recommended)? [y/N] " updatecomposeresponse + if [[ ! "${updatecomposeresponse}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then + echo "OK, not updating docker-compose." + exit 0 + fi +echo -e "\e[32mFetching new docker-compose (standalone) version...\e[0m" +echo -e "\e[32mTrying to determine GLIBC version...\e[0m" + if ldd --version > /dev/null; then + GLIBC_V=$(ldd --version | grep -E '(GLIBC|GNU libc)' | rev | cut -d ' ' -f1 | rev | cut -d '.' -f2) + if [ ! -z "${GLIBC_V}" ] && [ ${GLIBC_V} -gt 27 ]; then + DC_DL_SUFFIX= + else + DC_DL_SUFFIX=legacy + fi + else + DC_DL_SUFFIX=legacy + fi + sleep 1 + if [[ $(command -v pip 2>&1) && $(pip list --local 2>&1 | grep -v DEPRECATION | grep -c docker-compose) == 1 || $(command -v pip3 2>&1) && $(pip3 list --local 2>&1 | grep -v DEPRECATION | grep -c docker-compose) == 1 ]]; then + echo -e "\e[33mFound a docker-compose Version installed with pip!\e[0m" + echo -e "\e[31mPlease uninstall the pip Version of docker-compose since it doesn´t support Versions higher than 1.29.2.\e[0m" + sleep 2 + echo -e "\e[33mExiting...\e[0m" + exit 1 + #prevent breaking a working docker-compose installed with pip + elif [[ $(curl -sL -w "%{http_code}" https://www.servercow.de/docker-compose/latest.php?vers=${DC_DL_SUFFIX} -o /dev/null) == "200" ]]; then + LATEST_COMPOSE=$(curl -#L https://www.servercow.de/docker-compose/latest.php) + COMPOSE_VERSION=$(docker-compose version --short) + if [[ "$LATEST_COMPOSE" != "$COMPOSE_VERSION" ]]; then + COMPOSE_PATH=$(command -v docker-compose) + if [[ -w ${COMPOSE_PATH} ]]; then + curl -#L https://github.com/docker/compose/releases/download/v${LATEST_COMPOSE}/docker-compose-$(uname -s)-$(uname -m) > $COMPOSE_PATH + chmod +x $COMPOSE_PATH + echo -e "\e[32mYour Docker Compose (standalone) has been updated to: $LATEST_COMPOSE\e[0m" + exit 0 + else + echo -e "\e[33mWARNING: $COMPOSE_PATH is not writable, but new version $LATEST_COMPOSE is available (installed: $COMPOSE_VERSION)\e[0m" + return 1 + fi + fi + else + echo -e "\e[33mCannot determine latest docker-compose version, skipping...\e[0m" + exit 1 + fi + +elif [ "${DOCKER_COMPOSE_VERSION}" == "native" ]; then + echo -e "\e[31mYou are using the native Docker Compose Plugin. This Script is for the standalone Docker Compose Version only.\e[0m" + sleep 2 + echo -e "\e[33mNotice: You´ll have to update this Compose Version via your Package Manager manually!\e[0m" + exit 1 + +else + echo -e "\e[31mCan not read DOCKER_COMPOSE_VERSION variable from mailcow.conf! Is your mailcow up to date? Exiting...\e[0m" + exit 1 +fi \ No newline at end of file diff --git a/update.sh b/update.sh index 6659de55..a0ba0729 100755 --- a/update.sh +++ b/update.sh @@ -175,58 +175,48 @@ remove_obsolete_nginx_ports() { done } -update_compose(){ -if [[ ${NO_UPDATE_COMPOSE} == "y" ]]; then - echo -e "\e[33mNot fetching latest docker-compose, please check for updates manually!\e[0m" - return 0 -elif [[ -e /etc/alpine-release ]]; then - echo -e "\e[33mNot fetching latest docker-compose, because you are using Alpine Linux without glibc support. Please update docker-compose via apk!\e[0m" - return 0 -else - if [ ! $FORCE ]; then - read -r -p "Do you want to update your docker-compose Version? It will automatic upgrade your docker-compose installation (recommended)? [y/N] " updatecomposeresponse - if [[ ! "${updatecomposeresponse}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then - echo "OK, not updating docker-compose." - return 0 - fi - fi - echo -e "\e[32mFetching new docker-compose version...\e[0m" - echo -e "\e[32mTrying to determine GLIBC version...\e[0m" - if ldd --version > /dev/null; then - GLIBC_V=$(ldd --version | grep -E '(GLIBC|GNU libc)' | rev | cut -d ' ' -f1 | rev | cut -d '.' -f2) - if [ ! -z "${GLIBC_V}" ] && [ ${GLIBC_V} -gt 27 ]; then - DC_DL_SUFFIX= - else - DC_DL_SUFFIX=legacy - fi - else - DC_DL_SUFFIX=legacy - fi - sleep 1 - if [[ $(command -v pip 2>&1) && $(pip list --local 2>&1 | grep -v DEPRECATION | grep -c docker-compose) == 1 || $(command -v pip3 2>&1) && $(pip3 list --local 2>&1 | grep -v DEPRECATION | grep -c docker-compose) == 1 ]]; then - echo -e "\e[33mFound a docker-compose Version installed with pip!\e[0m" - echo -e "\e[31mPlease uninstall the pip Version of docker-compose since it doesn´t support Versions higher than 1.29.2.\e[0m" - sleep 2 - echo -e "\e[33mExiting...\e[0m" - exit 1 - #prevent breaking a working docker-compose installed with pip - elif [[ $(curl -sL -w "%{http_code}" https://www.servercow.de/docker-compose/latest.php?vers=${DC_DL_SUFFIX} -o /dev/null) == "200" ]]; then - LATEST_COMPOSE=$(curl -#L https://www.servercow.de/docker-compose/latest.php) - COMPOSE_VERSION=$(docker-compose version --short) - if [[ "$LATEST_COMPOSE" != "$COMPOSE_VERSION" ]]; then - COMPOSE_PATH=$(command -v docker-compose) - if [[ -w ${COMPOSE_PATH} ]]; then - curl -#L https://github.com/docker/compose/releases/download/v${LATEST_COMPOSE}/docker-compose-$(uname -s)-$(uname -m) > $COMPOSE_PATH - chmod +x $COMPOSE_PATH +detect_docker_compose_command(){ +if ! [ "${DOCKER_COMPOSE_VERSION}" == "native" ] && ! [ "${DOCKER_COMPOSE_VERSION}" == "standalone" ]; then + if docker compose > /dev/null 2>&1; then + if docker compose version --short | grep "^2." > /dev/null 2>&1; then + DOCKER_COMPOSE_VERSION=native + COMPOSE_COMMAND="docker compose" + echo -e "\e[31mFound Docker Compose Plugin (native).\e[0m" + echo -e "\e[31mSetting the DOCKER_COMPOSE_VERSION Variable to native\e[0m" + sleep 2 + echo -e "\e[33mNotice: You'll have to update this Compose Version via your Package Manager manually!\e[0m" else - echo -e "\e[33mWARNING: $COMPOSE_PATH is not writable, but new version $LATEST_COMPOSE is available (installed: $COMPOSE_VERSION)\e[0m" - return 1 + echo -e "\e[31mCannot find Docker Compose with a Version Higher than 2.X.X.\e[0m" + echo -e "\e[31mPlease update/install it manually regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/\e[0m" + exit 1 + fi + elif docker-compose > /dev/null 2>&1; then + if ! [[ $(alias docker-compose 2> /dev/null) ]] ; then + if docker-compose version --short | grep "^2." > /dev/null 2>&1; then + DOCKER_COMPOSE_VERSION=standalone + COMPOSE_COMMAND="docker-compose" + echo -e "\e[31mFound Docker Compose Standalone.\e[0m" + echo -e "\e[31mSetting the DOCKER_COMPOSE_VERSION Variable to standalone\e[0m" + sleep 2 + echo -e "\e[33mNotice: For an automatic update of docker-compose please use the update_compose.sh scripts located at the helper-scripts folder.[0m" + else + echo -e "\e[31mCannot find Docker Compose with a Version Higher than 2.X.X.\e[0m" + echo -e "\e[31mPlease update/install regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/\e[0m" + exit 1 fi fi + else - echo -e "\e[33mCannot determine latest docker-compose version, skipping...\e[0m" - return 1 + echo -e "\e[31mCannot find Docker Compose.\e[0m" + echo -e "\e[31mPlease install it regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/\e[0m" + exit 1 fi + +elif [ "${DOCKER_COMPOSE_VERSION}" == "native" ]; then + COMPOSE_COMMAND="docker compose" + +elif [ "${DOCKER_COMPOSE_VERSION}" == "standalone" ]; then + COMPOSE_COMMAND="docker-compose" fi } @@ -272,6 +262,10 @@ PATH=$PATH:/opt/bin umask 0022 +# Unset COMPOSE_COMMAND and DOCKER_COMPOSE_VERSION Variable to be on the newest state. +unset COMPOSE_COMMAND +unset DOCKER_COMPOSE_VERSION + for bin in curl docker git awk sha1sum; do if [[ -z $(command -v ${bin}) ]]; then echo "Cannot find ${bin}, exiting..." @@ -279,13 +273,6 @@ for bin in curl docker git awk sha1sum; do fi done -if [[ -z $(command -v docker-compose) ]]; then - echo -e "\e[31mCannot find docker-compose Standalone.\e[0m" - echo -e "\e[31mPlease install it manually regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/\e[0m" - sleep 3 - exit 1; -fi - export LC_ALL=C DATE=$(date +%Y-%m-%d_%H_%M_%S) BRANCH=$(cd ${SCRIPT_DIR}; git rev-parse --abbrev-ref HEAD) @@ -314,11 +301,22 @@ while (($#)); do --skip-start) SKIP_START=y ;; + --skip-ping-check) + SKIP_PING_CHECK=y + ;; + --stable) + CURRENT_BRANCH="$(cd ${SCRIPT_DIR}; git rev-parse --abbrev-ref HEAD)" + NEW_BRANCH="master" + ;; --gc) echo -e "\e[32mCollecting garbage...\e[0m" docker_garbage exit 0 ;; + --nightly) + CURRENT_BRANCH="$(cd ${SCRIPT_DIR}; git rev-parse --abbrev-ref HEAD)" + NEW_BRANCH="nightly" + ;; --prefetch) echo -e "\e[32mPrefetching images...\e[0m" prefetch_images @@ -328,36 +326,17 @@ while (($#)); do echo -e "\e[32mRunning in forced mode...\e[0m" FORCE=y ;; - --no-update-compose) - NO_UPDATE_COMPOSE=y - ;; - --update-compose) - LATEST_COMPOSE=$(curl -#L https://www.servercow.de/docker-compose/latest.php) - COMPOSE_VERSION=$(docker-compose version --short) - if [[ "$LATEST_COMPOSE" != "$COMPOSE_VERSION" ]]; then - echo -e "\e[33mA new docker-compose Version is available: $LATEST_COMPOSE\e[0m" - echo -e "\e[33mYour Version is: $COMPOSE_VERSION\e[0m" - update_compose - echo -e "\e[32mYour docker-compose Version is now up to date!\e[0m" - else - echo -e "\e[32mYour docker-compose Version is up to date! Not updating it...\e[0m" - fi - exit 0 - ;; - --skip-ping-check) - SKIP_PING_CHECK=y - ;; --help|-h) - echo './update.sh [-c|--check, --ours, --gc, --no-update-compose, --update-compose, --prefetch, --skip-start, --skip-ping-check, -f|--force, -h|--help] + echo './update.sh [-c|--check, --ours, --gc, --nightly, --prefetch, --skip-start, --skip-ping-check, --stable, -f|--force, -h|--help] -c|--check - Check for updates and exit (exit codes => 0: update available, 3: no updates) --ours - Use merge strategy option "ours" to solve conflicts in favor of non-mailcow code (local changes over remote changes), not recommended! --gc - Run garbage collector to delete old image tags - --no-update-compose - Skip the docker-compose Updates during the mailcow Update process - --update-compose - Only run the docker-compose Update process (don´t updates your mailcow itself) + --nightly - Switch your mailcow updates to the unstable (nightly) branch. FOR TESTING PURPOSES ONLY!!!! --prefetch - Only prefetch new images and exit (useful to prepare updates) --skip-start - Do not start mailcow after update --skip-ping-check - Skip ICMP Check to public DNS resolvers (Use it only if you´ve blocked any ICMP Connections to your mailcow machine) + --stable - Switch your mailcow updates to the stable (master) branch. Default unless you changed it with --nightly. -f|--force - Force update, do not ask questions ' exit 1 @@ -365,28 +344,16 @@ while (($#)); do shift done -# Check if Docker-Compose is older then v2 before continuing -if ! docker-compose version --short | grep "^2." > /dev/null 2>&1; then - echo -e "\e[33mYour docker-compose Version is not up to date!\e[0m" - echo -e "\e[33mmailcow needs docker-compose > 2.X.X!\e[0m" - echo -e "\e[33mYour current installed Version: $(docker-compose version --short)\e[0m" - sleep 3 - update_compose - if [[ ! "${updatecomposeresponse}" =~ ^([yY][eE][sS]|[yY])+$ ]] && [[ ! ${FORCE} ]]; then - echo -e "\e[31mmailcow does not work with docker-compose < 2.X.X anymore!\e[0m" - echo -e "\e[31mPlease update your docker-compose manually, to run mailcow.\e[0m" - echo -e "\e[31mExiting...\e[0m" - exit 1 - fi -fi - -[[ ! -f mailcow.conf ]] && { echo "mailcow.conf is missing"; exit 1;} chmod 600 mailcow.conf source mailcow.conf + +detect_docker_compose_command + +[[ ! -f mailcow.conf ]] && { echo "mailcow.conf is missing! Is mailcow installed?"; exit 1;} DOTS=${MAILCOW_HOSTNAME//[^.]}; if [ ${#DOTS} -lt 2 ]; then echo "MAILCOW_HOSTNAME (${MAILCOW_HOSTNAME}) is not a FQDN!" - echo "Please change it to a FQDN and run docker-compose down followed by docker-compose up -d" + echo "Please change it to a FQDN and run $COMPOSE_COMMAND down followed by $COMPOSE_COMMAND up -d" exit 1 fi @@ -395,6 +362,14 @@ if grep --help 2>&1 | head -n 1 | grep -q -i "busybox"; then echo "BusyBox grep if cp --help 2>&1 | head -n 1 | grep -q -i "busybox"; then echo "BusyBox cp detected, please install coreutils, \"apk add --no-cache --upgrade coreutils\""; exit 1; fi if sed --help 2>&1 | head -n 1 | grep -q -i "busybox"; then echo "BusyBox sed detected, please install gnu sed, \"apk add --no-cache --upgrade sed\""; exit 1; fi +# Check if Docker Compose is older then v2 before continuing +if ! $COMPOSE_COMMAND version --short | grep "^2." > /dev/null 2>&1; then + echo -e "\e[33mYour Docker Compose Version is not up to date!\e[0m" + echo -e "\e[33mmailcow needs Docker Compose > 2.X.X!\e[0m" + echo -e "\e[33mYour current installed Version: $($COMPOSE_COMMAND version --short)\e[0m" + exit 1 +fi + CONFIG_ARRAY=( "SKIP_LETS_ENCRYPT" "SKIP_SOGO" @@ -413,6 +388,7 @@ CONFIG_ARRAY=( "SNAT_TO_SOURCE" "SNAT6_TO_SOURCE" "COMPOSE_PROJECT_NAME" + "DOCKER_COMPOSE_VERSION" "SQL_PORT" "API_KEY" "API_KEY_READ_ONLY" @@ -448,6 +424,17 @@ for option in ${CONFIG_ARRAY[@]}; do echo "Adding new option \"${option}\" to mailcow.conf" echo "COMPOSE_PROJECT_NAME=mailcowdockerized" >> mailcow.conf fi + elif [[ ${option} == "DOCKER_COMPOSE_VERSION" ]]; then + if ! grep -q ${option} mailcow.conf; then + echo "Adding new option \"${option}\" to mailcow.conf" + echo "# Used Docker Compose version" >> mailcow.conf + echo "# Switch here between native (compose plugin) and standalone" >> mailcow.conf + echo "# For more informations take a look at the mailcow docs regarding the configuration options." >> mailcow.conf + echo "# Normally this should be untouched but if you decided to use either of those you can switch it manually here." >> mailcow.conf + echo "# Please be aware that at least one of those variants should be installed on your maschine or mailcow will fail." >> mailcow.conf + echo "" >> mailcow.conf + echo "DOCKER_COMPOSE_VERSION=${DOCKER_COMPOSE_VERSION}" >> mailcow.conf + fi elif [[ ${option} == "DOVEADM_PORT" ]]; then if ! grep -q ${option} mailcow.conf; then echo "Adding new option \"${option}\" to mailcow.conf" @@ -672,6 +659,82 @@ else fi fi +if ! [ $NEW_BRANCH ]; then + echo -e "\e[33mDetecting which build your mailcow runs on...\e[0m" + sleep 1 + if [ ${BRANCH} == "master" ]; then + echo -e "\e[32mYou are receiving stable updates (master).\e[0m" + echo -e "\e[33mTo change that run the update.sh Script one time with the --nightly parameter to switch to nightly builds.\e[0m" + + elif [ ${BRANCH} == "nightly" ]; then + echo -e "\e[31mYou are receiving unstable updates (nightly). These are for testing purposes only!!!\e[0m" + sleep 1 + echo -e "\e[33mTo change that run the update.sh Script one time with the --stable parameter to switch to stable builds.\e[0m" + + else + echo -e "\e[33mYou are receiving updates from a unsupported branch.\e[0m" + sleep 1 + echo -e "\e[33mThe mailcow stack might still work but it is recommended to switch to the master branch (stable builds).\e[0m" + echo -e "\e[33mTo change that run the update.sh Script one time with the --stable parameter to switch to stable builds.\e[0m" + fi +elif [ $FORCE ]; then + echo -e "\e[31mYou are running in forced mode!\e[0m" + echo -e "\e[31mA Branch Switch can only be performed manually (monitored).\e[0m" + echo -e "\e[31mPlease rerun the update.sh Script without the --force/-f parameter.\e[0m" + sleep 1 +elif [ $NEW_BRANCH == "master" ] && [ $CURRENT_BRANCH != "master" ]; then + echo -e "\e[33mYou are about to switch your mailcow Updates to the stable (master) branch.\e[0m" + sleep 1 + echo -e "\e[33mBefore you do: Please take a backup of all components to ensure that no Data is lost...\e[0m" + sleep 1 + echo -e "\e[31mWARNING: Please see on GitHub or ask in the communitys if a switch to master is stable or not. + In some rear cases a Update back to master can destroy your mailcow configuration in case of Database Upgrades etc. + Normally a upgrade back to master should be safe during each full release. + Check GitHub for Database Changes and Update only if there similar to the full release!\e[0m" + read -r -p "Are you sure you that want to continue upgrading to the stable (master) branch? [y/N] " response + if [[ ! "${response}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then + echo "OK. If you prepared yourself for that please run the update.sh Script with the --stable parameter again to trigger this process here." + exit 0 + fi + BRANCH=$NEW_BRANCH + DIFF_DIRECTORY=update_diffs + DIFF_FILE=${DIFF_DIRECTORY}/diff_before_upgrade_to_master_$(date +"%Y-%m-%d-%H-%M-%S") + mv diff_before_upgrade* ${DIFF_DIRECTORY}/ 2> /dev/null + if ! git diff-index --quiet HEAD; then + echo -e "\e[32mSaving diff to ${DIFF_FILE}...\e[0m" + mkdir -p ${DIFF_DIRECTORY} + git diff ${BRANCH} --stat > ${DIFF_FILE} + git diff ${BRANCH} >> ${DIFF_FILE} + fi + echo -e "\e[32mSwitching Branch to ${BRANCH}...\e[0m" + git fetch origin + git checkout -f ${BRANCH} + +elif [ $NEW_BRANCH == "nightly" ] && [ $CURRENT_BRANCH != "nightly" ]; then + echo -e "\e[33mYou are about to switch your mailcow Updates to the unstable (nightly) branch.\e[0m" + sleep 1 + echo -e "\e[33mBefore you do: Please take a backup of all components to ensure that no Data is lost...\e[0m" + sleep 1 + echo -e "\e[31mWARNING: A switch to nightly is possible any time. But a switch back (to master) isn't.\e[0m" + read -r -p "Are you sure you that want to continue upgrading to the unstable (nightly) branch? [y/N] " response + if [[ ! "${response}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then + echo "OK. If you prepared yourself for that please run the update.sh Script with the --nightly parameter again to trigger this process here." + exit 0 + fi + BRANCH=$NEW_BRANCH + DIFF_DIRECTORY=update_diffs + DIFF_FILE=${DIFF_DIRECTORY}/diff_before_upgrade_to_nightly_$(date +"%Y-%m-%d-%H-%M-%S") + mv diff_before_upgrade* ${DIFF_DIRECTORY}/ 2> /dev/null + if ! git diff-index --quiet HEAD; then + echo -e "\e[32mSaving diff to ${DIFF_FILE}...\e[0m" + mkdir -p ${DIFF_DIRECTORY} + git diff ${BRANCH} --stat > ${DIFF_FILE} + git diff ${BRANCH} >> ${DIFF_FILE} + fi + git fetch origin + git checkout -f ${BRANCH} +fi + echo -e "\e[32mChecking for newer update script...\e[0m" SHA1_1=$(sha1sum update.sh) git fetch origin #${BRANCH} @@ -683,13 +746,6 @@ if [[ ${SHA1_1} != ${SHA1_2} ]]; then exit 2 fi -if [[ -f mailcow.conf ]]; then - source mailcow.conf -else - echo -e "\e[31mNo mailcow.conf - is mailcow installed?\e[0m" - exit 1 -fi - if [ ! $FORCE ]; then read -r -p "Are you sure you want to update mailcow: dockerized? All containers will be stopped. [y/N] " response if [[ ! "${response}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then @@ -699,28 +755,18 @@ if [ ! $FORCE ]; then migrate_docker_nat fi -LATEST_COMPOSE=$(curl -#L https://www.servercow.de/docker-compose/latest.php) -COMPOSE_VERSION=$(docker-compose version --short) -if [[ "$LATEST_COMPOSE" != "$COMPOSE_VERSION" ]]; then - echo -e "\e[33mA new docker-compose Version is available: $LATEST_COMPOSE\e[0m" - echo -e "\e[33mYour Version is: $COMPOSE_VERSION\e[0m" - update_compose -else - echo -e "\e[32mYour docker-compose Version is up to date! Not updating it...\e[0m" -fi - remove_obsolete_nginx_ports echo -e "\e[32mValidating docker-compose stack configuration...\e[0m" sed -i 's/HTTPS_BIND:-:/HTTPS_BIND:-/g' docker-compose.yml sed -i 's/HTTP_BIND:-:/HTTP_BIND:-/g' docker-compose.yml -if ! docker-compose config -q; then +if ! $COMPOSE_COMMAND config -q; then echo -e "\e[31m\nOh no, something went wrong. Please check the error message above.\e[0m" exit 1 fi echo -e "\e[32mChecking for conflicting bridges...\e[0m" -MAILCOW_BRIDGE=$(docker-compose config | grep -i com.docker.network.bridge.name | cut -d':' -f2) +MAILCOW_BRIDGE=$($COMPOSE_COMMAND config | grep -i com.docker.network.bridge.name | cut -d':' -f2) while read NAT_ID; do iptables -t nat -D POSTROUTING $NAT_ID done < <(iptables -L -vn -t nat --line-numbers | grep $IPV4_NETWORK | grep -E 'MASQUERADE.*all' | grep -v ${MAILCOW_BRIDGE} | cut -d' ' -f1) @@ -740,8 +786,8 @@ prefetch_images echo -e "\e[32mStopping mailcow...\e[0m" sleep 2 -MAILCOW_CONTAINERS=($(docker-compose ps -q)) -docker-compose down +MAILCOW_CONTAINERS=($($COMPOSE_COMMAND ps -q)) +$COMPOSE_COMMAND down echo -e "\e[32mChecking for remaining containers...\e[0m" sleep 2 for container in "${MAILCOW_CONTAINERS[@]}"; do @@ -778,13 +824,13 @@ elif [[ ${MERGE_RETURN} == 1 ]]; then elif [[ ${MERGE_RETURN} != 0 ]]; then echo -e "\e[31m\nOh no, something went wrong. Please check the error message above.\e[0m" echo - echo "Run docker-compose up -d to restart your stack without updates or try again after fixing the mentioned errors." + echo "Run $COMPOSE_COMMAND up -d to restart your stack without updates or try again after fixing the mentioned errors." exit 1 fi echo -e "\e[32mFetching new images, if any...\e[0m" sleep 2 -docker-compose pull +$COMPOSE_COMMAND pull # Fix missing SSL, does not overwrite existing files [[ ! -d data/assets/ssl ]] && mkdir -p data/assets/ssl @@ -796,7 +842,7 @@ if grep -q 'SYSCTL_IPV6_DISABLED=1' mailcow.conf; then echo '!! IMPORTANT !!' echo echo 'SYSCTL_IPV6_DISABLED was removed due to complications. IPv6 can be disabled by editing "docker-compose.yml" and setting "enable_ipv6: true" to "enable_ipv6: false".' - echo 'This setting will only be active after a complete shutdown of mailcow by running "docker-compose down" followed by "docker-compose up -d".' + echo 'This setting will only be active after a complete shutdown of mailcow by running $COMPOSE_COMMAND down followed by $COMPOSE_COMMAND up -d".' echo echo '!! IMPORTANT !!' echo @@ -824,26 +870,55 @@ if [ -f "data/conf/rspamd/local.d/metrics.conf" ]; then fi # Set app_info.inc.php -mailcow_git_version=$(git describe --tags `git rev-list --tags --max-count=1`) +if [ ${BRANCH} == "master" ]; then + mailcow_git_version=$(git describe --tags `git rev-list --tags --max-count=1`) +elif [ ${BRANCH} == "nightly" ]; then + mailcow_git_version=$(git rev-parse --short $(git rev-parse @{upstream})) + mailcow_last_git_version="" +else + mailcow_git_version=$(git rev-parse --short HEAD) + mailcow_last_git_version="" +fi + +mailcow_git_commit=$(git rev-parse origin/${BRANCH}) +mailcow_git_commit_date=$(git log -1 --format=%ci @{upstream} ) + if [ $? -eq 0 ]; then echo ' data/web/inc/app_info.inc.php echo ' $MAILCOW_GIT_VERSION="'$mailcow_git_version'";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_LAST_GIT_VERSION="";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_OWNER="mailcow";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_REPO="mailcow-dockerized";' >> data/web/inc/app_info.inc.php echo ' $MAILCOW_GIT_URL="https://github.com/mailcow/mailcow-dockerized";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_COMMIT="'$mailcow_git_commit'";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_COMMIT_DATE="'$mailcow_git_commit_date'";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_BRANCH="'$BRANCH'";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_UPDATEDAT='$(date +%s)';' >> data/web/inc/app_info.inc.php echo '?>' >> data/web/inc/app_info.inc.php else echo ' data/web/inc/app_info.inc.php - echo ' $MAILCOW_GIT_VERSION="";' >> data/web/inc/app_info.inc.php - echo ' $MAILCOW_GIT_URL="";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_VERSION="'$mailcow_git_version'";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_LAST_GIT_VERSION="";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_OWNER="mailcow";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_REPO="mailcow-dockerized";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_URL="https://github.com/mailcow/mailcow-dockerized";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_COMMIT="";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_COMMIT_DATE="";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_BRANCH="'$BRANCH'";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_UPDATEDAT='$(date +%s)';' >> data/web/inc/app_info.inc.php echo '?>' >> data/web/inc/app_info.inc.php echo -e "\e[33mCannot determine current git repository version...\e[0m" fi +# Set DOCKER_COMPOSE_VERSION +sed -i 's/^DOCKER_COMPOSE_VERSION=$/DOCKER_COMPOSE_VERSION='$DOCKER_COMPOSE_VERSION'/g' mailcow.conf + if [[ ${SKIP_START} == "y" ]]; then - echo -e "\e[33mNot starting mailcow, please run \"docker-compose up -d --remove-orphans\" to start mailcow.\e[0m" + echo -e "\e[33mNot starting mailcow, please run \"$COMPOSE_COMMAND up -d --remove-orphans\" to start mailcow.\e[0m" else echo -e "\e[32mStarting mailcow...\e[0m" sleep 2 - docker-compose up -d --remove-orphans + $COMPOSE_COMMAND up -d --remove-orphans fi echo -e "\e[32mCollecting garbage...\e[0m" @@ -858,4 +933,4 @@ fi # echo # git reflog --color=always | grep "Before update on " # echo -# echo "Use \"git reset --hard hash-on-the-left\" and run docker-compose up -d afterwards." \ No newline at end of file +# echo "Use \"git reset --hard hash-on-the-left\" and run $COMPOSE_COMMAND up -d afterwards." \ No newline at end of file