lub
/
mailu
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity

Merge #1444

Browse Source 
1444: Harden default configuration r=mergify[bot] a=Jarel1337



Co-authored-by: Vilgot Fredenberg <vilgot@fredenberg.xyz>
Co-authored-by: Tim Möhlmann <muhlemmer@gmail.com>
master
bors[bot] 5 years ago committed by GitHub
parent 5798880f08 522fd99162
commit 10e17fbb0b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File

9
docs/releases.rst
Unescape Escape View File

@ -1,6 +1,15 @@
Release notes Release notes
============= =============
Mailu 1.8 - tbd
----------------------
Override location changes
`````````````````````````
If you have regenerated the Docker compose and environment files, there are some changes to the configuration overrides.
Override files are now mounted read-only into the containers. The Dovecot and Postfix overrides are moved in their own sub-directory. If there are local override files, they will need to be moved from ``overrides/`` to ``overrides/dovecot`` and ``overrides/postfix/``.
Mailu 1.7 - 2019-08-22 Mailu 1.7 - 2019-08-22
---------------------- ----------------------

10
setup/flavors/compose/docker-compose.yml
Unescape Escape View File

@ -32,7 +32,7 @@ services:
{% endfor %} {% endfor %}
volumes: volumes:
- "{{ root }}/certs:/certs" - "{{ root }}/certs:/certs"
- "{{ root }}/overrides/nginx:/overrides" - "{{ root }}/overrides/nginx:/overrides:ro"
{% if resolver_enabled %} {% if resolver_enabled %}
resolver: resolver:
@ -64,7 +64,7 @@ services:
env_file: {{ env }} env_file: {{ env }}
volumes: volumes:
- "{{ root }}/mail:/mail" - "{{ root }}/mail:/mail"
- "{{ root }}/overrides:/overrides" - "{{ root }}/overrides/dovecot:/overrides:ro"
depends_on: depends_on:
- front - front
@ -74,7 +74,7 @@ services:
env_file: {{ env }} env_file: {{ env }}
volumes: volumes:
- "{{ root }}/mailqueue:/queue" - "{{ root }}/mailqueue:/queue"
- "{{ root }}/overrides:/overrides" - "{{ root }}/overrides/postfix:/overrides:ro"
depends_on: depends_on:
- front - front
{% if resolver_enabled %} {% if resolver_enabled %}
@ -89,8 +89,8 @@ services:
env_file: {{ env }} env_file: {{ env }}
volumes: volumes:
- "{{ root }}/filter:/var/lib/rspamd" - "{{ root }}/filter:/var/lib/rspamd"
- "{{ root }}/dkim:/dkim" - "{{ root }}/dkim:/dkim:ro"
- "{{ root }}/overrides/rspamd:/etc/rspamd/override.d" - "{{ root }}/overrides/rspamd:/etc/rspamd/override.d:ro"
depends_on: depends_on:
- front - front
{% if resolver_enabled %} {% if resolver_enabled %}

1
towncrier/newsfragments/1444.misc
Unescape Escape View File

@ -0,0 +1 @@
Harden security by making certain configuration files read-only. Moves Postfix and Dovecot overrides an independed sub-directories.
Write Preview
Loading…
Cancel
Save