Commit Graph

124 Commits

Author SHA1 Message Date
FreddleSpl0it
08d0f9448e [Compose] move then in if statement 2022-06-07 13:59:59 +02:00
Niklas Meyer
714511b0a8
[Compose] Update to Docker Compose v2 (#4605)
* Change default HTTP_BIND, HTTPS_BIND

https://github.com/mailcow/mailcow-dockerized/issues/4315#issuecomment-1083034329

* [Compose] Removed Colon after fallback IP in docker-compose.yml

* [Compose] Remove bind options from volumes (#4577)

(cherry picked from commit 4d53216c05)

* Migration (partially) of update.sh + cold-standby.sh to composev2

* Migration of update.sh + cold-standby.sh to composev2

* Migration of update.sh + cold-standby.sh to composev2

* Migration of update.sh + cold-standby.sh to composev2

* [ClamAV] Fixed ClamAV start before unbound

* Migration of update.sh + cold-standby.sh to composev2

* Formulation and values adjusted (IPv4 bind in generate-config.sh)

Co-authored-by: Amin Vakil <info@aminvakil.com>
Co-authored-by: qupfer <github@qupfer.de>
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
2022-06-07 08:53:08 +02:00
FreddleSpl0it
bdd8b4a5ab
[Web] Footer fix (#4500)
* Fix issue forms

* [GH-Actions][stale] Update to v5.0.0

* [Web] fix version footer

* [Web] fix footer - hard coded repo url

Co-authored-by: Peter <magic@kthx.at>
2022-03-05 23:27:36 +01:00
FreddleSpl0it
f3f6fb8908 [Web] add github version tag error handling 2022-03-02 16:57:07 +01:00
FreddleSpl0it
a1a96bfabb [Web] add github version tag 2022-03-02 16:57:07 +01:00
Niklas Meyer
c520f21d28
🐄 Moorch Update 2022 - ClamAV, Dovecot & Olefy Update (#4497)
* [API] Fix minor issue in api docs

* [GH-Actions][stale] Add neverstale label to exempt list

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag error handling

* [Web] add github version tag error handling

* Passwordless SOGo auth: support for calendar invitations and calendar/contacts subscriptions

Inviting someone to a calendar event triggers a request to /SOGo/so/otheruser@example.com/freebusy.ifb/ajaxRead. Subscribing to someone's calendar/contacts triggers a request to /SOGo/so/otheruser@example.com/foldersSearch. The email address in the URL is different from the logged-in user, which needs to be handled appropriately by sogo-auth.php.

* [Web] add github version tag - adjust css

* [Compose] Update SOGo Autoreply Schedule to 5m

Based on the advice of inverse (SOGo developer). Thanks to https://github.com/jmber

Closes: https://github.com/mailcow/mailcow-dockerized/issues/4436

* [Web] add github version tag - move twig globals

* [Web] add github version tag - missing </div>

* Passwordless SOGo auth: improvements for when accessing other users

* [WebAuthn] fido2 passwordless auth - fix (#4440)

* [WebAuthn] fido2 revert

* [WebAuthn] set UV flags to 'discouraged'

* [WebAuthn] revert - set UV flags to 'discouraged'

* Update clamav to 0.104.2

* Update clamav to 0.104.2

* Update dovecot to 2.3.18

Update gosu to 1.14
Use debian bullseye as base

* [Web] Updated lang.es.json [CI SKIP] (#4453)

Co-authored-by: Fijxu <fijxu@zzls.xyz>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Fijxu <fijxu@zzls.xyz>

* Fix broken documentation links (#4458)

* Fix broken documentation links

* Fix a few more broken documentation links

* Fix broken documentation links in translation files

* Fall back to empty string if WATCHDOG_NOTIFY_EMAIL undefined (#4457)

By default, `.env` (`mailcow.conf`) does not define `WATCHDOG_NOTIFY_EMAIL`.

Using it in `docker-compose.yml` without having it defined leads to Compose v2 displaying this warning on startup:

> WARNING: The WATCHDOG_NOTIFY_EMAIL variable is not set. Defaulting to a blank string.

Related to https://github.com/mailcow/mailcow-dockerized/issues/4315

* [Web] Updated lang.sk.json [CI SKIP] (#4461)

Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Lukáš Matula <lukas@gbely.net>

* oletools: disable template injection detection (#4464)

Seems to be causing a lot of false positives lately

* Fix minor typo in comment (#4466)

Correction of the comment, so that the explanation is correct and can be understood.

* Update issue templates to issue forms (#4465)

This PR updates the issue templates to GitHubs new issue forms

* [Web] Fix padding issue in UI admin panel (#4481)

* [Web] fix admin panel padding issue

* [Web] fix admin panel padding issue

* [Web] Updated lang.sk.json [CI SKIP] (#4489)

Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Lukáš Matula <lukas@gbely.net>

* increase opcache.interned_strings_buffer to 16 (#4487)

since version 23.0.2 Nextcloud recommends having a value greater than 8 for `opcache.interned_strings_buffer`. As this memory will be only used when needed this should have no impact on installations that are not using nextcloud.

related discussion: https://help.nextcloud.com/t/nextcloud-23-02-opcache-interned-strings-buffer/134007/19
related nextcloud issue: https://github.com/nextcloud/server/issues/31223

* nextcloud - add missing redirections (#4366)

adds missing location directives to the nginx configuration of nextcloud 22, to prevent warnings in nextcloud admin center of missing redirections

* Update imapsync to 2.178 (#4491)

* Update and fix oletools (#4479)

As noticed by @MAGICCC (#4464 (comment)), our olefy image does not work anymore if you rebuild it. This is because @HeinleinSupport recently updated their repository with the changes from @decalage2's repository, which renamed olvba3 to olevba. Since @HeinleinSupport does not recommend using its own patched branch and is very slow in pulling in changes from upstream (@decalage2), let's switch to the latter. This also allowed me to revert #4464.

Finally, a minor patch to rspamd is necessary. While the documentation says

In the extended mode the oletools module will not trigger on specific categories, but will always set a threat string with all found flags when at least a macro was found.

This is not actually true -- it only sets it when suspicious or autoexec threats were detected. But it's a one-line patch to make rspamd behave as documented and we should submit that patch to @rspamd too. With this patch, I have confirmed that Mailcow will reject any incoming, non-whitelisted message containing attachments with macros.

* [Web] Fix excluded domain list in quaratine view

Previously excluded domains from quarantine were not shown.

* [Dovecot] Update syslogng Version to 3.28 (#4496)

Co-authored-by: Niklas Meyer <niklas.meyer@tinc.gmbh>

Co-authored-by: ntimo <git@nowitzki.me>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
Co-authored-by: Michael Kuron <mkuron@users.noreply.github.com>
Co-authored-by: milkmaker <milkmaker@mailcow.de>
Co-authored-by: Fijxu <fijxu@zzls.xyz>
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: Max <mail@heavygale.de>
Co-authored-by: Michael Cramer <michael@bigmichi1.de>
Co-authored-by: Robert Christian <soulsymphonies@users.noreply.github.com>
Co-authored-by: André <andre.peters@debinux.de>
Co-authored-by: Niklas Meyer <niklas.meyer@tinc.gmbh>
2022-03-02 16:32:17 +01:00
Niklas Meyer
89fdd1986d
Jan(moo)uary Update 2022 - Revision A (2022-01a) (#4445)
* [API] Fix minor issue in api docs

* [GH-Actions][stale] Add neverstale label to exempt list

* [Web] add github version tag

* [Web] add github version tag error handling

* Passwordless SOGo auth: support for calendar invitations and calendar/contacts subscriptions

Inviting someone to a calendar event triggers a request to /SOGo/so/otheruser@example.com/freebusy.ifb/ajaxRead. Subscribing to someone's calendar/contacts triggers a request to /SOGo/so/otheruser@example.com/foldersSearch. The email address in the URL is different from the logged-in user, which needs to be handled appropriately by sogo-auth.php.

* [Web] add github version tag - adjust css

* [Compose] Update SOGo Autoreply Schedule to 5m

Based on the advice of inverse (SOGo developer). Thanks to https://github.com/jmber

Closes: https://github.com/mailcow/mailcow-dockerized/issues/4436

* [Web] add github version tag - move twig globals

* [Web] add github version tag - missing </div>

* Passwordless SOGo auth: improvements for when accessing other users

* [WebAuthn] fido2 passwordless auth - fix (#4440)

* [WebAuthn] fido2 revert

* [WebAuthn] set UV flags to 'discouraged'

* [WebAuthn] revert - set UV flags to 'discouraged'

Co-authored-by: ntimo <git@nowitzki.me>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
Co-authored-by: Michael Kuron <mkuron@users.noreply.github.com>
2022-02-01 15:26:48 +01:00
FreddleSpl0it
aaf5da240a
[WebAuthn] rename env var 2022-01-20 11:19:00 +01:00
FreddleSpl0it
7df2bb28f8
[WebAuthn] disable rootCA default 2022-01-19 21:35:21 +01:00
FreddleSpl0it
0244e945df
[WebAuthn] update mailcow.conf 2022-01-19 20:43:40 +01:00
FreddleSpl0it
a6ec68e80f
[WebAuthn] update mailcow.conf 2022-01-19 20:18:46 +01:00
andryyy
deb15d97b1
[Config] Fix link, fixes #4322 2021-11-15 12:16:59 +01:00
Peter
6bf70cf846
[Watchdog] Add Watchdog verbose logging (#4299)
* [Watchdog] Add verbose logging

* [Watchdog] More verbose debugging

* [Watchdog] Enable MX check for recipients

Co-authored-by: andryyy <andre.peters@debinux.de>
2021-10-29 06:48:49 +02:00
Ranoiaetep
d278f22438
[Update] Fix exit in generate_config.sh (#4274)
Line 16 made an exit without any output
2021-10-23 15:49:04 +00:00
andryyy
e98a8a533b
[Config] Add hint about http bind and https bind to generate_config 2021-07-28 21:43:27 +02:00
andryyy
56c4353edb
[Config] Remove ejabberd from compose 2021-06-30 10:14:49 +02:00
andryyy
0cbd4ec273
[Config, Update] Add ACME_CONTACT 2021-04-29 23:32:42 +02:00
Valentin Brandner
3255c08813
[Update, Config] Add subject for watchdog emails (#4027)
Co-authored-by: Valentin <vbrandner.itsb-b2018@fh-salzburg.ac.at>
2021-03-13 12:36:29 +01:00
Peter
7ea07d385e
Update generate_config.sh
Fix grammar
2021-03-06 19:14:13 +01:00
andryyy
b11764dff0
[Config] Add ADDITIONAL_SERVER_NAMES as optional config to define additional server_name parameters for mailcow UI 2021-02-16 16:38:28 +01:00
andryyy
8c6b512f05
[mailcow] Move ejabberd site to last available site 2021-02-12 19:26:49 +01:00
andryyy
5809e5b82e
[mailcow] Fix C22 -> C2S 2021-02-12 11:22:43 +01:00
andryyy
5203beda01
[Config] Add XMPP ports 2021-02-11 09:35:48 +01:00
andryyy
79f8a3c2b5
[Config] Remove 0.0.0.0 example 2021-01-07 16:51:05 +01:00
andryyy
64c12d50bc
[Config] Fix binding problems with IPv6 in newer Docker versions 2021-01-07 16:48:08 +01:00
Peter
79fa7973c0
[Config] Add Wikipedia link for TZ values (#3891) 2020-12-06 13:34:39 +01:00
bl-ue
4aa5718c7d
Fix typos: BusybBox -> BusyBox (#3868) 2020-11-21 22:28:53 +00:00
Lukas Schreiner
d96bf91a0d
Support of different default pass schemes + support of BLF-CRYPT (#3832)
* Introduce MAILCOW_PASS_SCHEME in order to support blowfish (cf. mailcow/mailcow-dockerized#1019)

* Furthermore added dovecot to support new environment varible for MAILCOW_PASS_SCHEME defaulted to SSHA256

* Revert changes regarding gitignore.

* Added fallback to SSHA256 if environment is not proper prepared.

* No fallback within management frontend, as it must match to other components.

* Unified and corrected alignment; implemented support of SSHA512

* Currently, password_hash of PHP is using by default bcrypt (BLF). As this might change later, we must ensure, that BLF is still used after PHP changes its default.

* Switched to BLF-CRYPT by default (even on update)

* Switched to BLF-CRYPT by default (even on update)

* Adding information in config generation / update with link to supported hash algorithm

* Bump sogo version to 1.92

* Fallback to BLF-CRYPT in case password scheme is not proper defined for Mailcow administration.
2020-11-15 20:22:35 +01:00
andryyy
5f8e13f596 [Dovecot] Allow to define static master user (not recommended) 2020-10-20 15:43:05 +02:00
andryyy
7e169582ca
[Config] Generate self-signed certificates 2020-10-14 12:17:07 +02:00
andryyy
f03a4104e4
[Config] Change order of generate_config watchdog values 2020-10-08 16:50:45 +02:00
andryyy
034f70b393
[Config] New defaults: MAILDIR_GC_TIME=7200, WATCHDOG_NOTIFY_BAN=n 2020-09-23 11:21:50 +02:00
andryyy
003499200e
[Config] Watchdog is stable 2020-09-03 20:55:16 +02:00
andryyy
0b0aaf0705
[Config] Better safe than sorry: Add a hint to use lowercase project names 2020-08-27 20:42:41 +02:00
andryyy
317298edbf
[Config] Remove comment about cidr for api_allow 2020-07-15 07:27:39 +02:00
Peter
1cb5780e9c
Add hints for for private IP ranges (#3645) 2020-07-09 19:52:12 +02:00
andryyy
94c388bb9c
[Config] Minor: Move line to correct place 2020-07-04 19:31:28 +02:00
andryyy
066b23bb02
[Config] CIDR API_ALLOW_FROM only allowed via API 2020-05-04 07:50:59 +02:00
andryyy
200167458e
[Config] Allow to disable SOGo (unsupported, experimental) 2020-04-29 10:11:22 +02:00
andryyy
d392257289 [Web] Some changes
[SOGo] Allow to not spawn SOGo but an idling shell
[Rspamd] Remove X-CSA-Complaints from bulk headers...
2020-04-27 20:47:28 +02:00
andryyy
5e5642148c
[Config] Add API_KEY_READ_ONLY 2020-04-11 20:57:35 +02:00
andryyy
730fa16a69
[PHP-FPM, Config] API key generated via mailcow.conf as rw access 2020-04-10 21:21:11 +02:00
andryyy
a9947e990c
[Config] Add hint to not use some ports mentioned in the docs 2020-03-20 22:30:41 +01:00
andryyy
33dec1db21
[Update, Config] Add Redis to exposed hosts 2020-03-19 12:19:17 +01:00
Dmitriy Alekseev
f5522a809c
Add more info about watchdog notification (#3271)
* Add more info about watchdog notification

* Update generate_config.sh

* Update generate_config.sh

Co-authored-by: André Peters <andre.peters@debinux.de>
2020-01-30 18:09:22 +01:00
andryyy
f1aa306ff2
[Watchdog] Add external check for open relay, requires SAL 2020-01-25 18:26:56 +01:00
andryyy
af8ed1d33a
[Install] Ubuntu 16.04 with default kernel is also unsupported in gen_conf 2019-12-05 19:18:06 +01:00
Marcel Hofer
f702c67bdc [SSL] add new SNI config on updates / new installs 2019-10-19 13:00:01 +02:00
andryyy
0cbda0f297
[Compose] Change default Solr binding to 18983 2019-09-18 08:48:59 +02:00
andryyy
b178326736
[Compose] Expose Solr to 127.0.0.1 2019-09-17 20:10:30 +02:00