diff --git a/setup/flavors/compose/docker-compose.yml b/setup/flavors/compose/docker-compose.yml index 67408bee..a1d985e4 100644 --- a/setup/flavors/compose/docker-compose.yml +++ b/setup/flavors/compose/docker-compose.yml @@ -3,7 +3,7 @@ # Please read the documentation before attempting any change. # Generated for {{ flavor }} flavor -version: '3.6' +version: '2.2' services: @@ -160,8 +160,14 @@ services: networks: default: + {% if ipv6_enabled %} + enable_ipv6: true + {% endif %} driver: bridge ipam: driver: default config: - subnet: {{ subnet }} + {% if ipv6_enabled %} + - subnet: {{ subnet6 }} + {% endif %} diff --git a/setup/flavors/compose/mailu.env b/setup/flavors/compose/mailu.env index 7d160011..341b7634 100644 --- a/setup/flavors/compose/mailu.env +++ b/setup/flavors/compose/mailu.env @@ -27,6 +27,9 @@ SECRET_KEY={{ secret(16) }} # Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!) SUBNET={{ subnet }} +{% if ipv6_enabled %} +SUBNET6={{ subnet6 }} +{% endif %} # Main mail domain DOMAIN={{ domain }} diff --git a/setup/server.py b/setup/server.py index 556d4b3a..4dfd49ae 100644 --- a/setup/server.py +++ b/setup/server.py @@ -9,6 +9,7 @@ import string import random import ipaddress import hashlib +import time version = os.getenv("this_version", "master") @@ -33,6 +34,17 @@ def secret(length=16): for _ in range(length) ) +#Original copied from https://github.com/andrewlkho/ulagen +def random_ipv6_subnet(): + eui64 = uuid.getnode() >> 24 << 48 | 0xfffe000000 | uuid.getnode() & 0xffffff + eui64_canon = "-".join([format(eui64, "02X")[i:i+2] for i in range(0, 18, 2)]) + + h = hashlib.sha1() + h.update((eui64_canon + str(time.time() - time.mktime((1900, 1, 1, 0, 0, 0, 0, 1, -1)))).encode('utf-8')) + globalid = h.hexdigest()[0:10] + + prefix = ":".join(("fd" + globalid[0:2], globalid[2:6], globalid[6:10])) + return prefix def build_app(path): @@ -69,8 +81,9 @@ def build_app(path): @root_bp.route("/submit_flavor", methods=["POST"]) def submit_flavor(): data = flask.request.form.copy() + subnet6 = random_ipv6_subnet() steps = sorted(os.listdir(os.path.join(path, "templates", "steps", data["flavor"]))) - return flask.render_template('wizard.html', flavor=data["flavor"], steps=steps) + return flask.render_template('wizard.html', flavor=data["flavor"], steps=steps, subnet6=subnet6) @prefix_bp.route("/submit", methods=["POST"]) @root_bp.route("/submit", methods=["POST"]) diff --git a/setup/static/render.js b/setup/static/render.js index 23afcbec..e501fffb 100644 --- a/setup/static/render.js +++ b/setup/static/render.js @@ -86,3 +86,16 @@ $(document).ready(function() { } }); }); + +$(document).ready(function() { + if ($('#enable_ipv6').prop('checked')) { + $("#ipv6").show(); + } + $("#enable_ipv6").change(function() { + if ($(this).is(":checked")) { + $("#ipv6").show(); + } else { + $("#ipv6").hide(); + } + }); +}); diff --git a/setup/templates/steps/compose/03_expose.html b/setup/templates/steps/compose/03_expose.html index 837b7bba..d54985d4 100644 --- a/setup/templates/steps/compose/03_expose.html +++ b/setup/templates/steps/compose/03_expose.html @@ -18,13 +18,27 @@ avoid generic all-interfaces addresses like 0.0.0.0 or :: + + -
+
+ +
+ +

The unbound resolver enables Mailu to do DNSsec verification, DNS root lookups and caching. This also helps the antispam service not to get blocked by the public or ISP DNS servers.

@@ -34,12 +48,6 @@ avoid generic all-interfaces addresses like 0.0.0.0 or ::
-

-
- - -

You server will be available under a main hostname but may expose multiple public hostnames. Every e-mail domain that points to this server must have one of the