Commit Graph

5168 Commits

Author SHA1 Message Date
FreddleSpl0it
df33f1a130
[Web] multiple tfa - domainadmin support 2022-02-22 09:38:06 +01:00
FreddleSpl0it
4c6a2055c2
[Web] add verify selected tfa 2022-02-21 14:10:12 +01:00
FreddleSpl0it
f09a3df870
[Web] add verify selected tfa 2022-02-21 10:46:24 +01:00
Niklas Meyer
89fdd1986d
Jan(moo)uary Update 2022 - Revision A (2022-01a) (#4445)
* [API] Fix minor issue in api docs

* [GH-Actions][stale] Add neverstale label to exempt list

* [Web] add github version tag

* [Web] add github version tag error handling

* Passwordless SOGo auth: support for calendar invitations and calendar/contacts subscriptions

Inviting someone to a calendar event triggers a request to /SOGo/so/otheruser@example.com/freebusy.ifb/ajaxRead. Subscribing to someone's calendar/contacts triggers a request to /SOGo/so/otheruser@example.com/foldersSearch. The email address in the URL is different from the logged-in user, which needs to be handled appropriately by sogo-auth.php.

* [Web] add github version tag - adjust css

* [Compose] Update SOGo Autoreply Schedule to 5m

Based on the advice of inverse (SOGo developer). Thanks to https://github.com/jmber

Closes: https://github.com/mailcow/mailcow-dockerized/issues/4436

* [Web] add github version tag - move twig globals

* [Web] add github version tag - missing </div>

* Passwordless SOGo auth: improvements for when accessing other users

* [WebAuthn] fido2 passwordless auth - fix (#4440)

* [WebAuthn] fido2 revert

* [WebAuthn] set UV flags to 'discouraged'

* [WebAuthn] revert - set UV flags to 'discouraged'

Co-authored-by: ntimo <git@nowitzki.me>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
Co-authored-by: Michael Kuron <mkuron@users.noreply.github.com>
2022-02-01 15:26:48 +01:00
Peter
5a1ef72b82
[GH-Actions][stale] Add neverstale label to exempt list 2022-01-22 17:39:08 +01:00
Niklas Meyer
c0f2922eb0
[Readme] Added Twitter links
Merge pull request #4432 from DerLinkman/staging
2022-01-21 20:59:56 +01:00
Niklas Meyer
a624e32873
[Readme] Added Twitter links 2022-01-21 20:58:36 +01:00
Niklas Meyer
2f9da5ae93
🐄 Jan(moo)uary Update 2022 - The U2F --> WebAuthn (2FA) Update
Images which get a new tag (on docker hub):

unbound-mailcow (Tag 1.15)
acme-mailcow (Tag 1.81)
dockerapi-mailcow (Tag 1.41)
netfilter-mailcow (Tag 1.46)
watchdog-mailcow (Tag 1.96)
These docker tag changes include the Alpine Update to 3.15

clamd-mailcow (Tag 1.43)
sogo-mailcow (Tag 1.106)
olefy-mailcow (Tag 1.8.1)
dovecot-mailcow (Tag 1.159)
solr-mailcow (Tag 1.8.1)
Very important changes:

U2F API Removal --> Replaced with WebAuthn API (TFA) [More Details here] (Thanks to @FreddleSpl0it)
Important changes:

Dovecot Update to 2.3.17.1
SOGO Update to 5.5.0
ClamAV Update to 0.103.5 (DDOS Fix)
Solr Security Fix Fix (Removed breached log4j Class)
Alpine Linux Update to 3.15
Better Acme SSL Path recognition for Alpine Versions after 3.15 (Thanks to @mkuron) --> Fixing issue: Possible regression in acme-mailcow 1.80 #4392
Olefy Ping Fix (Will fix: Olefy 1.8 broken  #4401) (Thanks to @a16bitsysop for the Fix!)
Netfilter GeoIP Fix (Thanks to @marcvorwerk) --> Fixing issue: Netfilter Python error #2668
2022-01-21 14:54:31 +01:00
Kristian Feldsam
f4c9a6941a [Web] Updated lang.cs.json
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2022-01-21 14:18:20 +01:00
Niklas Meyer
355ea71877
Merge pull request #4428 from FreddleSpl0it/master
Migrating from U2F to WebAuthn for 2FA
2022-01-21 12:19:25 +01:00
Niklas Meyer
fac8d9d28a
[Netfilter] Update to Alpine 3.15 + GeoIP Fix
Added xtables-addon to netfilter container to handle iptables rules with geoip
**Commited by: @marcvorwerk**
2022-01-21 09:22:25 +01:00
FreddleSpl0it
af1b90fa18
[WebAuthn] rename env var 2022-01-20 14:37:20 +01:00
FreddleSpl0it
aaf5da240a
[WebAuthn] rename env var 2022-01-20 11:19:00 +01:00
Niklas Meyer
513588621d
[Compose] Update Netfilter Image to 1.46 2022-01-20 10:12:28 +01:00
Niklas Meyer
9c7faa9fe8
[Netfilter] Update to Alpine 3.15 2022-01-20 10:11:39 +01:00
Niklas Meyer
8f89968421
[SOGo] Update SOGo to 5.5.0 + syslog Version Update (in Config)
This PR is updating SOGo to the new 5.5.0 Release (https://github.com/inverse-inc/sogo/releases/tag/SOGo-5.5.0) <-- Available in master.

It also includes the nsyslog Update to 3.28 (since the new SOGo builds are using a newer version), which fix a warning message inside the sogo container that the nsyslog version is outdated and can be upgraded to 3.28

This new release will have the Docker Image Tag: mailcow/sogo:1.106
2022-01-20 10:04:01 +01:00
FreddleSpl0it
7df2bb28f8
[WebAuthn] disable rootCA default 2022-01-19 21:35:21 +01:00
FreddleSpl0it
5858c464d9
[WebAuthn] update mailcow.conf 2022-01-19 20:44:33 +01:00
FreddleSpl0it
0244e945df
[WebAuthn] update mailcow.conf 2022-01-19 20:43:40 +01:00
FreddleSpl0it
a6ec68e80f
[WebAuthn] update mailcow.conf 2022-01-19 20:18:46 +01:00
FreddleSpl0it
8ae2fe0cf2
[WebAuthn] update mailcow.conf 2022-01-19 20:17:43 +01:00
Niklas Meyer
e78298152e
[Watchdog] Update to Alpine 3.15
This PR includes the Alpine Update 3.15 for the watchdog-mailcow container.

Fully tested (works flawlessly due to the fact that only the os got updated, not the script).

This PR will have the docker tag: mailcow/watchdog:1.96
2022-01-19 20:09:59 +01:00
FreddleSpl0it
0f464658cc
[WebAuthn] disable webauthn rootca by mailcow.conf 2022-01-19 19:10:43 +01:00
Niklas Meyer
ccd3677d76
[Compose] Update Watchdog Tag (Alpine 3.15) 2022-01-19 16:48:57 +01:00
Niklas Meyer
d4fe4a7f87
[Watchdog] Update to Alpine 3.15 2022-01-19 16:43:27 +01:00
Niklas Meyer
5bcb0f5d25
[SOGo] Update SOGo to 5.5.0
New Docker Tag: mailcow/sogo:1.106
2022-01-19 10:33:51 +01:00
Niklas Meyer
a195e6e121
[SOGo] Update syslog-ng-redis_slave Version to 3.28 2022-01-19 10:31:34 +01:00
Niklas Meyer
a5e84b483a
[SOGo] Update syslog-ng Version to 3.28 2022-01-19 10:30:57 +01:00
Niklas Meyer
998cc749bf
[Olefy] Update to Alpine 3.15 and include ping fix
This PR is updating the olefy-mailcow container to Alpine 3.15.

It is also including the ping fix from @a16bitsysop which is solving the issue: #4401

The PR includes a temporarily local copy of the olefy.py file which includes the named fix. When this fix is officially merged into the olefy project we will update the olefy container again.

The new docker image tag is: mailcow/olefy:1.8.1
2022-01-19 10:20:03 +01:00
Niklas Meyer
f9def72115
[Compose] Update olefy to Alpine 3.15 2022-01-18 20:57:24 +01:00
Niklas Meyer
9f8a16b8c1
[Olefy] Use local olefy.py (instead of Github)
This is temporarily until the issue fix is merged into master.
2022-01-18 20:55:44 +01:00
Niklas Meyer
cbb64e316e
[Olefy] Add local Olefy.py
Temporarily fix for https://github.com/HeinleinSupport/olefy/pull/14
2022-01-18 20:53:03 +01:00
Niklas Meyer
c08e520a75
[Olefy] Update to Alpine 3.15 2022-01-18 20:51:49 +01:00
Niklas Meyer
6fcb52bcc6
[Config (Clamd)] Update SSL Path to new style (dynamic)
Thanks to @mkuron this fix will change the ssl path to be dynamic (not hardcoded) to ensure that acme is still working with Alpine 3.15 or higher.

This PR is included in the Docker tag: mailcow/acme:1.81 (including the Alpine 3.15 update)
2022-01-18 16:48:50 +01:00
Niklas Meyer
1e6f927ac5
[Config (Clamd)] Update SSL Path to new style (dynamic) 2022-01-18 16:44:48 +01:00
Marc Vorwerk
f16d36eb74 Added xtables-addon to netfilter container to handle iptables rules with geoip 2022-01-18 16:27:40 +01:00
Niklas Meyer
bffc5bfcc3
[Clamd] Rebase on Bullseye
Image Tag: mailcow/clamd:1.43
2022-01-18 15:23:06 +01:00
Niklas Meyer
f9e28b8d82
[Clamd] Rebuild on Bullseye Base 2022-01-18 15:14:45 +01:00
Niklas Meyer
16fb542ccc
[Clamd] Update to 0.103.5 (DDOS Fix)
[Clamd] Update to 0.103.5 (DDOS Fix) (Docker Image Tag mailcow/clamd:1.43)
2022-01-18 15:01:36 +01:00
FreddleSpl0it
5712192bcb
[WebAuthn] fix error on android 2022-01-18 11:40:06 +01:00
FreddleSpl0it
0e4ddacf92
[WebAuthn] cleanup 2022-01-18 10:23:32 +01:00
FreddleSpl0it
6788c528cf
[WebAuthn] fix reload 2022-01-18 10:14:18 +01:00
FreddleSpl0it
c0b05fd592
[WebAuthn] fix u2f modal 2022-01-18 10:14:18 +01:00
FreddleSpl0it
8316e763fa
[WebAuthn] remove old u2f functions 2022-01-18 10:14:18 +01:00
FreddleSpl0it
a849d03a00
[WebAuthn] show user deprecated warning 2022-01-18 10:14:18 +01:00
FreddleSpl0it
2a52d876b0
change YubiKey to Device @ lang.tfa.key_id 2022-01-18 10:14:18 +01:00
FreddleSpl0it
ab21c7a06b
prevent user from registering authenticator multiple times 2022-01-18 10:14:18 +01:00
FreddleSpl0it
9c596691d2
add fido2 platform internal authentication 2022-01-18 10:14:18 +01:00
FreddleSpl0it
3d250bfa49
add fido2 android support by including cids 2022-01-18 10:14:18 +01:00
FreddleSpl0it
c11b6557db
migrating from u2f-api.js to webauthn [cleanup] 2022-01-18 10:14:18 +01:00