Commit Graph

766 Commits

Author SHA1 Message Date
Peter
eddaf7a975
Revert "Before update on 2022-03-02_17_04_05"
This reverts commit 24275ffdbf.
2022-03-05 23:31:41 +01:00
andryyy
24275ffdbf Before update on 2022-03-02_17_04_05 2022-03-02 20:03:09 +01:00
Niklas Meyer
c520f21d28
🐄 Moorch Update 2022 - ClamAV, Dovecot & Olefy Update (#4497)
* [API] Fix minor issue in api docs

* [GH-Actions][stale] Add neverstale label to exempt list

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag error handling

* [Web] add github version tag error handling

* Passwordless SOGo auth: support for calendar invitations and calendar/contacts subscriptions

Inviting someone to a calendar event triggers a request to /SOGo/so/otheruser@example.com/freebusy.ifb/ajaxRead. Subscribing to someone's calendar/contacts triggers a request to /SOGo/so/otheruser@example.com/foldersSearch. The email address in the URL is different from the logged-in user, which needs to be handled appropriately by sogo-auth.php.

* [Web] add github version tag - adjust css

* [Compose] Update SOGo Autoreply Schedule to 5m

Based on the advice of inverse (SOGo developer). Thanks to https://github.com/jmber

Closes: https://github.com/mailcow/mailcow-dockerized/issues/4436

* [Web] add github version tag - move twig globals

* [Web] add github version tag - missing </div>

* Passwordless SOGo auth: improvements for when accessing other users

* [WebAuthn] fido2 passwordless auth - fix (#4440)

* [WebAuthn] fido2 revert

* [WebAuthn] set UV flags to 'discouraged'

* [WebAuthn] revert - set UV flags to 'discouraged'

* Update clamav to 0.104.2

* Update clamav to 0.104.2

* Update dovecot to 2.3.18

Update gosu to 1.14
Use debian bullseye as base

* [Web] Updated lang.es.json [CI SKIP] (#4453)

Co-authored-by: Fijxu <fijxu@zzls.xyz>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Fijxu <fijxu@zzls.xyz>

* Fix broken documentation links (#4458)

* Fix broken documentation links

* Fix a few more broken documentation links

* Fix broken documentation links in translation files

* Fall back to empty string if WATCHDOG_NOTIFY_EMAIL undefined (#4457)

By default, `.env` (`mailcow.conf`) does not define `WATCHDOG_NOTIFY_EMAIL`.

Using it in `docker-compose.yml` without having it defined leads to Compose v2 displaying this warning on startup:

> WARNING: The WATCHDOG_NOTIFY_EMAIL variable is not set. Defaulting to a blank string.

Related to https://github.com/mailcow/mailcow-dockerized/issues/4315

* [Web] Updated lang.sk.json [CI SKIP] (#4461)

Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Lukáš Matula <lukas@gbely.net>

* oletools: disable template injection detection (#4464)

Seems to be causing a lot of false positives lately

* Fix minor typo in comment (#4466)

Correction of the comment, so that the explanation is correct and can be understood.

* Update issue templates to issue forms (#4465)

This PR updates the issue templates to GitHubs new issue forms

* [Web] Fix padding issue in UI admin panel (#4481)

* [Web] fix admin panel padding issue

* [Web] fix admin panel padding issue

* [Web] Updated lang.sk.json [CI SKIP] (#4489)

Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Lukáš Matula <lukas@gbely.net>

* increase opcache.interned_strings_buffer to 16 (#4487)

since version 23.0.2 Nextcloud recommends having a value greater than 8 for `opcache.interned_strings_buffer`. As this memory will be only used when needed this should have no impact on installations that are not using nextcloud.

related discussion: https://help.nextcloud.com/t/nextcloud-23-02-opcache-interned-strings-buffer/134007/19
related nextcloud issue: https://github.com/nextcloud/server/issues/31223

* nextcloud - add missing redirections (#4366)

adds missing location directives to the nginx configuration of nextcloud 22, to prevent warnings in nextcloud admin center of missing redirections

* Update imapsync to 2.178 (#4491)

* Update and fix oletools (#4479)

As noticed by @MAGICCC (#4464 (comment)), our olefy image does not work anymore if you rebuild it. This is because @HeinleinSupport recently updated their repository with the changes from @decalage2's repository, which renamed olvba3 to olevba. Since @HeinleinSupport does not recommend using its own patched branch and is very slow in pulling in changes from upstream (@decalage2), let's switch to the latter. This also allowed me to revert #4464.

Finally, a minor patch to rspamd is necessary. While the documentation says

In the extended mode the oletools module will not trigger on specific categories, but will always set a threat string with all found flags when at least a macro was found.

This is not actually true -- it only sets it when suspicious or autoexec threats were detected. But it's a one-line patch to make rspamd behave as documented and we should submit that patch to @rspamd too. With this patch, I have confirmed that Mailcow will reject any incoming, non-whitelisted message containing attachments with macros.

* [Web] Fix excluded domain list in quaratine view

Previously excluded domains from quarantine were not shown.

* [Dovecot] Update syslogng Version to 3.28 (#4496)

Co-authored-by: Niklas Meyer <niklas.meyer@tinc.gmbh>

Co-authored-by: ntimo <git@nowitzki.me>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
Co-authored-by: Michael Kuron <mkuron@users.noreply.github.com>
Co-authored-by: milkmaker <milkmaker@mailcow.de>
Co-authored-by: Fijxu <fijxu@zzls.xyz>
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: Max <mail@heavygale.de>
Co-authored-by: Michael Cramer <michael@bigmichi1.de>
Co-authored-by: Robert Christian <soulsymphonies@users.noreply.github.com>
Co-authored-by: André <andre.peters@debinux.de>
Co-authored-by: Niklas Meyer <niklas.meyer@tinc.gmbh>
2022-03-02 16:32:17 +01:00
Niklas Meyer
89fdd1986d
Jan(moo)uary Update 2022 - Revision A (2022-01a) (#4445)
* [API] Fix minor issue in api docs

* [GH-Actions][stale] Add neverstale label to exempt list

* [Web] add github version tag

* [Web] add github version tag error handling

* Passwordless SOGo auth: support for calendar invitations and calendar/contacts subscriptions

Inviting someone to a calendar event triggers a request to /SOGo/so/otheruser@example.com/freebusy.ifb/ajaxRead. Subscribing to someone's calendar/contacts triggers a request to /SOGo/so/otheruser@example.com/foldersSearch. The email address in the URL is different from the logged-in user, which needs to be handled appropriately by sogo-auth.php.

* [Web] add github version tag - adjust css

* [Compose] Update SOGo Autoreply Schedule to 5m

Based on the advice of inverse (SOGo developer). Thanks to https://github.com/jmber

Closes: https://github.com/mailcow/mailcow-dockerized/issues/4436

* [Web] add github version tag - move twig globals

* [Web] add github version tag - missing </div>

* Passwordless SOGo auth: improvements for when accessing other users

* [WebAuthn] fido2 passwordless auth - fix (#4440)

* [WebAuthn] fido2 revert

* [WebAuthn] set UV flags to 'discouraged'

* [WebAuthn] revert - set UV flags to 'discouraged'

Co-authored-by: ntimo <git@nowitzki.me>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
Co-authored-by: Michael Kuron <mkuron@users.noreply.github.com>
2022-02-01 15:26:48 +01:00
Niklas Meyer
355ea71877
Merge pull request #4428 from FreddleSpl0it/master
Migrating from U2F to WebAuthn for 2FA
2022-01-21 12:19:25 +01:00
Niklas Meyer
fac8d9d28a
[Netfilter] Update to Alpine 3.15 + GeoIP Fix
Added xtables-addon to netfilter container to handle iptables rules with geoip
**Commited by: @marcvorwerk**
2022-01-21 09:22:25 +01:00
FreddleSpl0it
aaf5da240a
[WebAuthn] rename env var 2022-01-20 11:19:00 +01:00
Niklas Meyer
513588621d
[Compose] Update Netfilter Image to 1.46 2022-01-20 10:12:28 +01:00
Niklas Meyer
8f89968421
[SOGo] Update SOGo to 5.5.0 + syslog Version Update (in Config)
This PR is updating SOGo to the new 5.5.0 Release (https://github.com/inverse-inc/sogo/releases/tag/SOGo-5.5.0) <-- Available in master.

It also includes the nsyslog Update to 3.28 (since the new SOGo builds are using a newer version), which fix a warning message inside the sogo container that the nsyslog version is outdated and can be upgraded to 3.28

This new release will have the Docker Image Tag: mailcow/sogo:1.106
2022-01-20 10:04:01 +01:00
FreddleSpl0it
7df2bb28f8
[WebAuthn] disable rootCA default 2022-01-19 21:35:21 +01:00
FreddleSpl0it
0f464658cc
[WebAuthn] disable webauthn rootca by mailcow.conf 2022-01-19 19:10:43 +01:00
Niklas Meyer
ccd3677d76
[Compose] Update Watchdog Tag (Alpine 3.15) 2022-01-19 16:48:57 +01:00
Niklas Meyer
5bcb0f5d25
[SOGo] Update SOGo to 5.5.0
New Docker Tag: mailcow/sogo:1.106
2022-01-19 10:33:51 +01:00
Niklas Meyer
f9def72115
[Compose] Update olefy to Alpine 3.15 2022-01-18 20:57:24 +01:00
Niklas Meyer
a5e38f33d9
[Compose] Update Clamd to 0.103.5 2022-01-15 17:18:32 +01:00
Niklas Meyer
b0679b1c4f
[Compose] Docker Tag fix to include Alpine Update
Referencing: https://github.com/mailcow/mailcow-dockerized/pull/4372
2022-01-11 10:00:24 +01:00
Niklas Meyer
026be03a6a
[Compose] Updated Unbound Tag to 1.15 (Alpine Update) 2022-01-11 09:52:58 +01:00
Niklas Meyer
29bd368a98
[SOGo] Update to 5.4.0 (#4397) 2021-12-24 05:55:17 +01:00
Niklas Meyer
e8ca588884
[Solr] Remove breached class from log4j-core.jar (#4390) 2021-12-17 12:43:05 +01:00
Niklas Meyer
758f2ef8d1
[Compose] Revert prior image tag version change
Removed the newer image tag in the docker-compose.yml (one version ahead)
2021-12-15 09:59:50 +01:00
Niklas Meyer
2f9d8213b6
[Alpine] Update to 3.15 (#4372) 2021-12-14 14:10:31 +01:00
Christian Burmeister
f58cc2aa43
Update docker-compose.yml (#4381)
ofelia-mailcow does not have the correct time zone.
Test: ocker exec -it mailcowdockerized_ofelia-mailcow_1 date
2021-12-13 19:01:07 +01:00
andryyy
9c5fd91484 Merge branch 'hotfix' into staging 2021-12-12 10:50:50 +01:00
andryyy
e1db347d03
[Compose] Update Solr image 2021-12-12 10:49:50 +01:00
DerLinkman
03542bfa71
[Dovecot] Update to 2.3.17.1 (#4365) 2021-12-08 20:17:30 +01:00
andryyy
0945b91bf6
[SOGo] Update image 2021-11-30 11:15:56 +01:00
Peter
99ee38117c
Update SOGo to 5.3.0 (#4330)
* [SOGo] Rebase on Bullseye

* [SOGo] Update gosu to 1.14

* [SOGo] Update to 5.3.0
2021-11-22 13:55:16 +01:00
Sven Gottwald
7e35c3d0dd
[ClamAV] Update to 0.103.4 (#4314)
* [ClamAV] Update to 0.103.4

ClamAV 0.103.4 is a critical patch release, see https://blog.clamav.net/2021/11/clamav-01034-and-01041-patch-releases.html for more information.

* Update docker-compose.yml

Update mailcow/clamd:1.42
2021-11-11 13:43:41 +01:00
andryyy
09d763548c Merge branch 'app-passwd-daveas' into staging 2021-10-29 06:50:23 +02:00
Peter
6bf70cf846
[Watchdog] Add Watchdog verbose logging (#4299)
* [Watchdog] Add verbose logging

* [Watchdog] More verbose debugging

* [Watchdog] Enable MX check for recipients

Co-authored-by: andryyy <andre.peters@debinux.de>
2021-10-29 06:48:49 +02:00
andryyy
e13bc242a4
[Web, Dovecot] Allow to define scope of services for app passwords 2021-10-28 21:57:19 +02:00
andryyy
c0011013b8
[Compose] Update SOGo image 2021-10-27 12:49:52 +02:00
andryyy
56e8e88276 [Dovecot] Do not disallow app passwords when force_password_reset is active 2021-10-23 07:22:56 +02:00
andryyy
3c962b0004
[DockerAPI] Update docker-py 2021-10-21 19:40:14 +02:00
andryyy
3c9b84ff6f [Compose] Update PHP and netfilter images 2021-10-15 13:06:48 +02:00
Kristian Feldsam
0b64967ec5
[web] implemented twig templating system (#4264)
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-09-22 20:47:10 +02:00
andryyy
7641dbf3a5
[Compose] Update ClamAV image 2021-09-06 11:46:45 +02:00
andryyy
db4003007d
[Compose, Rspamd] Update Rspamd image to non-memleaking version 2021-09-02 19:28:56 +02:00
andryyy
107c8ed229
[Watchdog] Workarond for issue with content buffering in Alpine and Nagios plugins 2021-09-01 18:57:56 +02:00
Kristian Feldsam
54c4d7e49c
[Dovecot: Imapsync] Parse, save and show last run status (#4253)
* [imapsync] - check for errors in returned_text

Signed-off-by: Kristian Feldsam <feldsam@gmail.com>

* [imapsync] parse and save exit status

Signed-off-by: Kristian Feldsam <feldsam@gmail.com>

* [dovecot] updated image version

Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-09-01 16:29:11 +02:00
Kristian Feldsam
8f733a903b
[Config] Fixed ofelia container in SELinux environment (#4257)
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-09-01 16:27:30 +02:00
andryyy
8ee997b1a3
[Rspamd] Base on bullseye; remove nullnull map to _perhaps_ prevent a memleak 2021-09-01 15:21:43 +02:00
andryyy
19dda55d96
[Alpine] Upgrade to 3.14 2021-08-30 21:01:09 +02:00
andryyy
82f4f1fd15
[Postfix] Lookup credentials for user-specific sender transports 2021-08-17 16:51:06 +02:00
andryyy
23c1181180
[Compose] Maildir GC should have default value of mailcow.conf when running generate_config.sh: 7200h 2021-08-16 19:47:26 +02:00
andryyy
5ba95f5f31
[Compose] Update Dovecot image to include new imapsync 2021-08-09 18:39:29 +02:00
andryyy
a40ed30e97
[Compose] Update to Redis 6; Update PHP FPM image 2021-08-08 16:05:41 +02:00
Kristian Feldsam
737b40a4b9
[redis] raise container net.core.somaxconn (#4176)
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-08-01 21:01:50 +01:00
andryyy
21cb3f67b3 Merge branch 'master' of github.com:mailcow/mailcow-dockerized 2021-07-28 21:44:14 +02:00
andryyy
27917c3feb
[Dovecot] Update Dovecot image 2021-07-28 21:42:56 +02:00