Commit Graph

266 Commits

Author SHA1 Message Date
FreddleSpl0it
958112af6b [Compose] Remove >&2 in if block 2022-06-07 14:07:35 +02:00
FreddleSpl0it
08d0f9448e [Compose] move then in if statement 2022-06-07 13:59:59 +02:00
Niklas Meyer
714511b0a8
[Compose] Update to Docker Compose v2 (#4605)
* Change default HTTP_BIND, HTTPS_BIND

https://github.com/mailcow/mailcow-dockerized/issues/4315#issuecomment-1083034329

* [Compose] Removed Colon after fallback IP in docker-compose.yml

* [Compose] Remove bind options from volumes (#4577)

(cherry picked from commit 4d53216c05)

* Migration (partially) of update.sh + cold-standby.sh to composev2

* Migration of update.sh + cold-standby.sh to composev2

* Migration of update.sh + cold-standby.sh to composev2

* Migration of update.sh + cold-standby.sh to composev2

* [ClamAV] Fixed ClamAV start before unbound

* Migration of update.sh + cold-standby.sh to composev2

* Formulation and values adjusted (IPv4 bind in generate-config.sh)

Co-authored-by: Amin Vakil <info@aminvakil.com>
Co-authored-by: qupfer <github@qupfer.de>
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
2022-06-07 08:53:08 +02:00
Niklas Meyer
42c82be8f5 Added skip-ping-check Variable to skip DNS ICMP if deactivated. 2022-04-26 10:17:47 +02:00
FreddleSpl0it
bdd8b4a5ab
[Web] Footer fix (#4500)
* Fix issue forms

* [GH-Actions][stale] Update to v5.0.0

* [Web] fix version footer

* [Web] fix footer - hard coded repo url

Co-authored-by: Peter <magic@kthx.at>
2022-03-05 23:27:36 +01:00
FreddleSpl0it
f3f6fb8908 [Web] add github version tag error handling 2022-03-02 16:57:07 +01:00
FreddleSpl0it
a1a96bfabb [Web] add github version tag 2022-03-02 16:57:07 +01:00
Niklas Meyer
c520f21d28
🐄 Moorch Update 2022 - ClamAV, Dovecot & Olefy Update (#4497)
* [API] Fix minor issue in api docs

* [GH-Actions][stale] Add neverstale label to exempt list

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag

* [Web] add github version tag error handling

* [Web] add github version tag error handling

* Passwordless SOGo auth: support for calendar invitations and calendar/contacts subscriptions

Inviting someone to a calendar event triggers a request to /SOGo/so/otheruser@example.com/freebusy.ifb/ajaxRead. Subscribing to someone's calendar/contacts triggers a request to /SOGo/so/otheruser@example.com/foldersSearch. The email address in the URL is different from the logged-in user, which needs to be handled appropriately by sogo-auth.php.

* [Web] add github version tag - adjust css

* [Compose] Update SOGo Autoreply Schedule to 5m

Based on the advice of inverse (SOGo developer). Thanks to https://github.com/jmber

Closes: https://github.com/mailcow/mailcow-dockerized/issues/4436

* [Web] add github version tag - move twig globals

* [Web] add github version tag - missing </div>

* Passwordless SOGo auth: improvements for when accessing other users

* [WebAuthn] fido2 passwordless auth - fix (#4440)

* [WebAuthn] fido2 revert

* [WebAuthn] set UV flags to 'discouraged'

* [WebAuthn] revert - set UV flags to 'discouraged'

* Update clamav to 0.104.2

* Update clamav to 0.104.2

* Update dovecot to 2.3.18

Update gosu to 1.14
Use debian bullseye as base

* [Web] Updated lang.es.json [CI SKIP] (#4453)

Co-authored-by: Fijxu <fijxu@zzls.xyz>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Fijxu <fijxu@zzls.xyz>

* Fix broken documentation links (#4458)

* Fix broken documentation links

* Fix a few more broken documentation links

* Fix broken documentation links in translation files

* Fall back to empty string if WATCHDOG_NOTIFY_EMAIL undefined (#4457)

By default, `.env` (`mailcow.conf`) does not define `WATCHDOG_NOTIFY_EMAIL`.

Using it in `docker-compose.yml` without having it defined leads to Compose v2 displaying this warning on startup:

> WARNING: The WATCHDOG_NOTIFY_EMAIL variable is not set. Defaulting to a blank string.

Related to https://github.com/mailcow/mailcow-dockerized/issues/4315

* [Web] Updated lang.sk.json [CI SKIP] (#4461)

Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Lukáš Matula <lukas@gbely.net>

* oletools: disable template injection detection (#4464)

Seems to be causing a lot of false positives lately

* Fix minor typo in comment (#4466)

Correction of the comment, so that the explanation is correct and can be understood.

* Update issue templates to issue forms (#4465)

This PR updates the issue templates to GitHubs new issue forms

* [Web] Fix padding issue in UI admin panel (#4481)

* [Web] fix admin panel padding issue

* [Web] fix admin panel padding issue

* [Web] Updated lang.sk.json [CI SKIP] (#4489)

Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

Co-authored-by: Lukáš Matula <lukas@gbely.net>

* increase opcache.interned_strings_buffer to 16 (#4487)

since version 23.0.2 Nextcloud recommends having a value greater than 8 for `opcache.interned_strings_buffer`. As this memory will be only used when needed this should have no impact on installations that are not using nextcloud.

related discussion: https://help.nextcloud.com/t/nextcloud-23-02-opcache-interned-strings-buffer/134007/19
related nextcloud issue: https://github.com/nextcloud/server/issues/31223

* nextcloud - add missing redirections (#4366)

adds missing location directives to the nginx configuration of nextcloud 22, to prevent warnings in nextcloud admin center of missing redirections

* Update imapsync to 2.178 (#4491)

* Update and fix oletools (#4479)

As noticed by @MAGICCC (#4464 (comment)), our olefy image does not work anymore if you rebuild it. This is because @HeinleinSupport recently updated their repository with the changes from @decalage2's repository, which renamed olvba3 to olevba. Since @HeinleinSupport does not recommend using its own patched branch and is very slow in pulling in changes from upstream (@decalage2), let's switch to the latter. This also allowed me to revert #4464.

Finally, a minor patch to rspamd is necessary. While the documentation says

In the extended mode the oletools module will not trigger on specific categories, but will always set a threat string with all found flags when at least a macro was found.

This is not actually true -- it only sets it when suspicious or autoexec threats were detected. But it's a one-line patch to make rspamd behave as documented and we should submit that patch to @rspamd too. With this patch, I have confirmed that Mailcow will reject any incoming, non-whitelisted message containing attachments with macros.

* [Web] Fix excluded domain list in quaratine view

Previously excluded domains from quarantine were not shown.

* [Dovecot] Update syslogng Version to 3.28 (#4496)

Co-authored-by: Niklas Meyer <niklas.meyer@tinc.gmbh>

Co-authored-by: ntimo <git@nowitzki.me>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
Co-authored-by: Michael Kuron <mkuron@users.noreply.github.com>
Co-authored-by: milkmaker <milkmaker@mailcow.de>
Co-authored-by: Fijxu <fijxu@zzls.xyz>
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
Co-authored-by: Lukáš Matula <lukas@gbely.net>
Co-authored-by: Max <mail@heavygale.de>
Co-authored-by: Michael Cramer <michael@bigmichi1.de>
Co-authored-by: Robert Christian <soulsymphonies@users.noreply.github.com>
Co-authored-by: André <andre.peters@debinux.de>
Co-authored-by: Niklas Meyer <niklas.meyer@tinc.gmbh>
2022-03-02 16:32:17 +01:00
Niklas Meyer
89fdd1986d
Jan(moo)uary Update 2022 - Revision A (2022-01a) (#4445)
* [API] Fix minor issue in api docs

* [GH-Actions][stale] Add neverstale label to exempt list

* [Web] add github version tag

* [Web] add github version tag error handling

* Passwordless SOGo auth: support for calendar invitations and calendar/contacts subscriptions

Inviting someone to a calendar event triggers a request to /SOGo/so/otheruser@example.com/freebusy.ifb/ajaxRead. Subscribing to someone's calendar/contacts triggers a request to /SOGo/so/otheruser@example.com/foldersSearch. The email address in the URL is different from the logged-in user, which needs to be handled appropriately by sogo-auth.php.

* [Web] add github version tag - adjust css

* [Compose] Update SOGo Autoreply Schedule to 5m

Based on the advice of inverse (SOGo developer). Thanks to https://github.com/jmber

Closes: https://github.com/mailcow/mailcow-dockerized/issues/4436

* [Web] add github version tag - move twig globals

* [Web] add github version tag - missing </div>

* Passwordless SOGo auth: improvements for when accessing other users

* [WebAuthn] fido2 passwordless auth - fix (#4440)

* [WebAuthn] fido2 revert

* [WebAuthn] set UV flags to 'discouraged'

* [WebAuthn] revert - set UV flags to 'discouraged'

Co-authored-by: ntimo <git@nowitzki.me>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
Co-authored-by: Michael Kuron <mkuron@users.noreply.github.com>
2022-02-01 15:26:48 +01:00
FreddleSpl0it
aaf5da240a
[WebAuthn] rename env var 2022-01-20 11:19:00 +01:00
FreddleSpl0it
7df2bb28f8
[WebAuthn] disable rootCA default 2022-01-19 21:35:21 +01:00
FreddleSpl0it
5858c464d9
[WebAuthn] update mailcow.conf 2022-01-19 20:44:33 +01:00
FreddleSpl0it
8ae2fe0cf2
[WebAuthn] update mailcow.conf 2022-01-19 20:17:43 +01:00
MaxXor
c550d18e05
[Update] Add variable for watchdog verbose output to mailcow config 2021-10-31 15:10:23 +01:00
Peter
6bf70cf846
[Watchdog] Add Watchdog verbose logging (#4299)
* [Watchdog] Add verbose logging

* [Watchdog] More verbose debugging

* [Watchdog] Enable MX check for recipients

Co-authored-by: andryyy <andre.peters@debinux.de>
2021-10-29 06:48:49 +02:00
andryyy
0c3500f5ff
[Update] Make some pathes more fail-safe and minor wording changes 2021-10-18 11:42:09 +02:00
tunnelpr0
c554fa9363
[Update] Adding Alpine Linux support for IPv6 NAT migration (#4244)
Added restart options via openrc
2021-08-27 18:51:58 +02:00
andryyy
4925487b44
[Update] Fix problem with deprecated IPv6 NAT container 2021-08-16 20:02:47 +02:00
andryyy
d490c4fde0
[Update] Quick fix for docker-compose override file with ipv6 disabled 2021-08-16 19:46:39 +02:00
andryyy
f5b709c776
[Update] Do not try to prefetch ipv6nat if migrated to native NAT, fixes #4218; Skip native NAT migration if IPv6 disabled; 2021-08-10 09:00:55 +02:00
andryyy
b54ec15850 Merge branch 'master' of github.com:mailcow/mailcow-dockerized 2021-08-02 19:19:24 +02:00
andryyy
f0309c56e9
[Update] Offer upgrade to native IPv6 NAT 2021-08-02 19:19:07 +02:00
Alexander Holzapfel
497950f4e4
Add pre and post update hook (#4099)
* Add pre and post update hook

* Update update.sh

Co-authored-by: André Peters <andre.peters@debinux.de>
2021-07-30 23:21:15 +01:00
andryyy
9b8f5b7cc1
[Update] Remove deprecated site config for ejabberd 2021-06-30 12:01:31 +02:00
andryyy
56c4353edb
[Config] Remove ejabberd from compose 2021-06-30 10:14:49 +02:00
andryyy
85cc346e88
[Update] Prepare for native IPv6 NAT in Docker 2021-06-21 22:04:32 +02:00
Claus Overbeck
6f02833d89
Run garbage collection with -f without asking questions (#4147) 2021-06-17 06:26:59 +02:00
74k1n984ckmyp21v4cy
ab4750680d
[Update] URL to update feed for available updates (#4109)
* URL to update feed for available updates

With this change, the URL to the update feed will be displayed in a new line if updates are available.

* Update update.sh
2021-06-01 12:09:34 +02:00
andryyy
834fb8a99d
[Update] Script: Fix invalid syntax 2021-05-04 21:29:37 +02:00
andryyy
0cbd4ec273
[Config, Update] Add ACME_CONTACT 2021-04-29 23:32:42 +02:00
andryyy
d71ce15dca
[Update] Remove problematic iptables-legacy rule 2021-04-07 13:04:09 +02:00
andryyy
af149079d1
[Update] Set iptables-legacy as alternative on Debian systems 2021-04-07 08:53:39 +02:00
Valentin Brandner
3255c08813
[Update, Config] Add subject for watchdog emails (#4027)
Co-authored-by: Valentin <vbrandner.itsb-b2018@fh-salzburg.ac.at>
2021-03-13 12:36:29 +01:00
andryyy
43e62e554b
[Update] Fix indentations 2021-02-16 16:51:07 +01:00
andryyy
317a574fcd
[Update] Fix script 2021-02-16 16:49:43 +01:00
andryyy
b11764dff0
[Config] Add ADDITIONAL_SERVER_NAMES as optional config to define additional server_name parameters for mailcow UI 2021-02-16 16:38:28 +01:00
andryyy
02fd0b03f6
[Update] Fix moving old jabber site 2021-02-12 21:17:57 +01:00
andryyy
8c6b512f05
[mailcow] Move ejabberd site to last available site 2021-02-12 19:26:49 +01:00
andryyy
5809e5b82e
[mailcow] Fix C22 -> C2S 2021-02-12 11:22:43 +01:00
andryyy
d146ee12ad
[Update] Add XMPP ports 2021-02-11 09:35:19 +01:00
andryyy
78403095bb
[Update] Better GLIBC check 2021-01-22 07:31:09 +01:00
andryyy
5b4d2e5c65
[Update] Try to determine GLIBC version 2021-01-21 19:15:24 +01:00
andryyy
64c12d50bc
[Config] Fix binding problems with IPv6 in newer Docker versions 2021-01-07 16:48:08 +01:00
bl-ue
4aa5718c7d
Fix typos: BusybBox -> BusyBox (#3868) 2020-11-21 22:28:53 +00:00
Lukas Schreiner
d96bf91a0d
Support of different default pass schemes + support of BLF-CRYPT (#3832)
* Introduce MAILCOW_PASS_SCHEME in order to support blowfish (cf. mailcow/mailcow-dockerized#1019)

* Furthermore added dovecot to support new environment varible for MAILCOW_PASS_SCHEME defaulted to SSHA256

* Revert changes regarding gitignore.

* Added fallback to SSHA256 if environment is not proper prepared.

* No fallback within management frontend, as it must match to other components.

* Unified and corrected alignment; implemented support of SSHA512

* Currently, password_hash of PHP is using by default bcrypt (BLF). As this might change later, we must ensure, that BLF is still used after PHP changes its default.

* Switched to BLF-CRYPT by default (even on update)

* Switched to BLF-CRYPT by default (even on update)

* Adding information in config generation / update with link to supported hash algorithm

* Bump sogo version to 1.92

* Fallback to BLF-CRYPT in case password scheme is not proper defined for Mailcow administration.
2020-11-15 20:22:35 +01:00
andryyy
4ddeb317fa
[Update] DOVECOT_MASTER_PASS was not added by update script 2020-10-21 08:42:35 +02:00
andryyy
5f8e13f596 [Dovecot] Allow to define static master user (not recommended) 2020-10-20 15:43:05 +02:00
tunnelpr0
76bd9556c0
[Update] Prevent update.sh from updating docker-compose under Alpine Linux (#3708) 2020-10-18 12:31:01 +02:00
andryyy
f28d9ff7a6
[Update] Show commits on update check 2020-10-09 11:04:42 +02:00
Peter
4234cc027b
[Update] Add new args to update.sh -h output (#3787) 2020-10-02 22:27:26 +02:00
Maxim Baz
05a5f9e84a
Support mailcow.conf being a symlink (#3770)
* Support mailcow.conf being a symlink

* Detect BusyBox sed in update.sh
2020-09-20 22:07:37 +02:00
andryyy
eff907bf90
[Update] IMPORTANT: Remove old and unused bridges overlapping with the new bridge name. Important for older setups running updates 2020-07-15 15:29:09 +02:00
andryyy
a84688e4a1 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2020-05-30 22:39:11 +02:00
andryyy
b30b0fe5a6
[Update] Update with "ours" is not recommended 2020-05-30 22:24:57 +02:00
andryyy
f6a41daffa
[Update] Allow to skip fetching docker-compose 2020-05-29 19:47:44 +02:00
andryyy
7c40943e3f
[Update] Check mulitple IPs 2020-05-16 08:37:07 +02:00
andryyy
066b23bb02
[Config] CIDR API_ALLOW_FROM only allowed via API 2020-05-04 07:50:59 +02:00
andryyy
200167458e
[Config] Allow to disable SOGo (unsupported, experimental) 2020-04-29 10:11:22 +02:00
andryyy
d392257289 [Web] Some changes
[SOGo] Allow to not spawn SOGo but an idling shell
[Rspamd] Remove X-CSA-Complaints from bulk headers...
2020-04-27 20:47:28 +02:00
copyrights
dd833d40c6
fix chmod would fail if needed. (#3482)
Co-authored-by: copyrights <copyrights@mailbox.org>
2020-04-18 22:27:56 +02:00
andryyy
5e5642148c
[Config] Add API_KEY_READ_ONLY 2020-04-11 20:57:35 +02:00
Alexander Holzapfel
1b229412e3
[Update] added --force mode to update skript (#3453) 2020-04-07 13:28:51 +02:00
andryyy
1098f2ec86
[Update] Validate docker-compose stack config before updating 2020-03-22 18:15:07 +01:00
andryyy
33dec1db21
[Update, Config] Add Redis to exposed hosts 2020-03-19 12:19:17 +01:00
andryyy
cbe7d7c578
[Update] Add --skip-start desc 2020-02-25 18:45:44 +01:00
Raoul Bhatia
91090280d0
[Update] Display git diff save message only when local changes exist (#3351) 2020-02-22 11:15:47 +01:00
Raoul Bhatia
3c7b8dc447
[Update] Save git diff only when local changes exist (#3350) 2020-02-22 10:37:30 +01:00
andryyy
838a215f67
[Update] Make sure containers are gone before updating mailcow 2020-02-21 08:52:46 +01:00
andryyy
14c27f13cb
[Update] Add --skip-start switch, implements #3317 2020-02-11 11:25:38 +01:00
andryyy
2c77586c0f
[Update] Add WATCHDOG_EXTERNAL_CHECKS 2020-01-25 20:41:22 +01:00
andryyy
f1aa306ff2
[Watchdog] Add external check for open relay, requires SAL 2020-01-25 18:26:56 +01:00
andryyy
2ffab974da
[Update] Split metrics to actions and groups, warn if metrics is different from repo 2020-01-05 11:22:02 +01:00
andryyy
e775a58df0
[Update] Hide deprecation warning in pip 2020-01-02 20:41:41 +01:00
andryyy
a8a1e779d9
[Update] Update update.sh ... 2019-12-18 21:35:17 +01:00
andryyy
7e2aa42578
[IMPORTANT] If you run Ubuntu 16.04, upgrade your kernel to linux-generic-hwe-16.04
[ClamAV] Remove deprecated parameter
2019-12-05 14:29:04 +01:00
andryyy
4662796c33
[Update] Remove old migration options 2019-10-31 21:25:37 +01:00
Marcel Hofer
f702c67bdc [SSL] add new SNI config on updates / new installs 2019-10-19 13:00:01 +02:00
Zyplonox
79e4a55a3b
Update update.sh 2019-10-16 16:35:11 +02:00
andryyy
3cae2389a0
Ubuntu kernel 4.15.0-60-generic seems to be broken with Docker and --dns flags, do NOT use it! 2019-09-03 22:01:47 +02:00
ntimo
96af23e9a2
[Updater] Save diff files into subdirectory 2019-08-25 16:41:52 +02:00
andryyy
8071544181
[Update] Save diff file 2019-08-09 14:09:30 +02:00
andryyy
1db8317a6b
[Update] Fetch before prefetch 2019-08-04 09:23:19 +02:00
andryyy
5e7466ac7f
[SOGo, Config, Update] Add SOGO_EXPIRE_SESSION to define default session timeout 2019-07-21 13:07:48 +02:00
andryyy
f0e51a39d7
[Update] Exit with fancy error when branch is empty 2019-07-08 18:45:57 +02:00
andryyy
59ca12a7e4
[Update] Prefetch images with --prefetch and quit 2019-07-08 18:42:51 +02:00
MaxXor
831a96551d
Add missing WATCHDOG_NOTIFY_BAN update option 2019-06-15 21:55:23 +02:00
andryyy
8984240e44
[Watchdog, Config] Added WATCHDOG_NOTIFY_BAN to disable IP ban notifications
[Netfilter] Remove unused files after installation
[Compose] Some new images and a new option for watchdog: WATCHDOG_NOTIFY_BAN - defaults to y
2019-06-13 19:38:53 +02:00
andryyy
59e4212702
[Update] Check if file is tracked before running git rm 2019-06-10 22:44:10 +02:00
andryyy
84307e85f2
[Update] Hide error when running git rm on old worker passwd file 2019-06-10 21:44:22 +02:00
andryyy
9c5eda13aa
[Update] Remove controller passwd file from index 2019-06-10 18:37:19 +02:00
MAGIC
f586b0e5a9
[update.sh] Rename enable_ipv6 option 2019-06-02 20:56:08 +02:00
andryyy
ba4ac26ba9
[Update] Increase timeout 2019-05-25 22:37:51 +02:00
andryyy
5b730bf89f
[Update] Prefetch images, big thanks to everyone in #2637! 2019-05-25 22:29:25 +02:00
Javinator9889
e2389f4816
Update update.sh
Updated DNS to Quad9
2019-05-12 14:40:54 +02:00
Javinator9889
a7bd462d74
Update update.sh
*curl* on some systems is failing due to no URL specified (1.1.1.1) and ISP blocking

*curl* needs an URL for working correctly, so sometimes it is failing as it detects **No Internet connection** but there is. In addition, at some countries some ISP did not update their routers and/or network so the Cloudflare DNS `1.1.1.1` are not working either they are blocked. I suggest using `ping` instead of `curl` with a 3 seconds timeout and pinging to Google DNS (8.8.8.8) instead of Cloudflare ones, as they are universally accepted and used.
2019-05-12 10:32:06 +02:00
André Peters
987e884407
Merge branch 'master' into admin-login 2019-03-31 15:49:18 +02:00
andryyy
c612f7ee4c
[Config] Add SKIP_HTTP_VERIFICATION 2019-03-29 07:48:31 +01:00
Marcel Hofer
7d2289c3a7 Merge branch 'master' into admin-login
# Conflicts:
#	data/web/js/site/mailbox.js
2019-03-23 21:17:02 +01:00
andryyy
ca2ac00422
[Update] Fix MAILDIR_SUB 2019-03-18 19:49:05 +01:00
andryyy
22798a85e5
[Config] Add MAILDIR_SUB, "Maildir" for new setups by default
[Update] Add MAILDIR_SUB= for updated mailcows
[Dovecot] Read MAILDIR_SUB for mail_home
2019-03-18 14:09:32 +01:00