diff --git a/.mergify.yml b/.mergify.yml index 023bf59b..a950b0ca 100644 --- a/.mergify.yml +++ b/.mergify.yml @@ -2,15 +2,24 @@ pull_request_rules: - name: Successful travis and 2 approved reviews conditions: - status-success=continuous-integration/travis-ci/pr + - label!=["status"/wip","status/blocked"] - "#approved-reviews-by>=2" actions: merge: method: merge + strict: true + dismiss_reviews: + approved: true + - name: Trusted author, successful travis and 1 approved review conditions: - author~=(kaiyou|muhlemmer|mildred|HorayNarea|adi90x|hoellen|ofthesun9) - status-success=continuous-integration/travis-ci/pr + - label!=["status"/wip","status/blocked","review/need2"] - "#approved-reviews-by>=1" actions: merge: method: merge + strict: true + dismiss_reviews: + approved: true diff --git a/AUTHORS.md b/AUTHORS.md index f62c2e14..11aca2a4 100644 --- a/AUTHORS.md +++ b/AUTHORS.md @@ -22,3 +22,5 @@ Other contributors: - "SunMar" - Dutch translation - "Marty Hou" - Chinese Simple translation - [Thomas Sänger](https://github.com/HorayNarea) - German translation + - [Tim Mohlmann](https://github.com/muhlemmer) - [Contributions](https://github.com/Mailu/Mailu/commits?author=muhlemmer) + - [Ionut Filip](https://github.com/ionutfilip) - [Contributions](https://github.com/Mailu/Mailu/commits?author=ionutfilip) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2afc69cf..f3bcce93 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,109 @@ Notable changes to this project are documented in the current file. For more details about individual changes, see the Git log. You should read this before upgrading Freposte.io as some changes will include useful notes. +v1.6.0 - unreleased +------------------- + +- Global: Architecture of the central container ([#56](https://github.com/Mailu/Mailu/issues/56), [#108](https://github.com/Mailu/Mailu/issues/108)) +- Global: Serve documentation with docker ([#601](https://github.com/Mailu/Mailu/issues/601), [#608](https://github.com/Mailu/Mailu/issues/608)) +- Global: Travis-CI automated test build ([#602](https://github.com/Mailu/Mailu/issues/602)) +- Global: Abstract db access from Postfix and Dovecot ([#612](https://github.com/Mailu/Mailu/issues/612)) +- Global: Refactor the admin architecture and configuration management ([#670](https://github.com/Mailu/Mailu/issues/670)) +- Feature: Used quota in admin interface ([#216](https://github.com/Mailu/Mailu/issues/216)) +- Feature: User Signup ([#281](https://github.com/Mailu/Mailu/issues/281), [#340](https://github.com/Mailu/Mailu/issues/340)) +- Feature: Client setup page ([#342](https://github.com/Mailu/Mailu/issues/342)) +- Feature: Administration setup page ([#343](https://github.com/Mailu/Mailu/issues/343)) +- Feature: Visual notice whether the mx record points to mailu server ([#356](https://github.com/Mailu/Mailu/issues/356)) +- Feature: Option for vacation start ([#362](https://github.com/Mailu/Mailu/issues/362)) +- Feature: Enable enigma in Roundcube ([#391](https://github.com/Mailu/Mailu/issues/391)) +- Feature: Allow more charcaters as a valid email address ([#443](https://github.com/Mailu/Mailu/issues/443)) +- Feature: IDNA support ([#446](https://github.com/Mailu/Mailu/issues/446)) +- Feature: Disable user account ([#449](https://github.com/Mailu/Mailu/issues/449)) +- Feature: Use fuzzy hashes in rpamd ([#456](https://github.com/Mailu/Mailu/issues/456), [#527](https://github.com/Mailu/Mailu/issues/527)) +- Feature: Enable “doveadm -A” command ([#458](https://github.com/Mailu/Mailu/issues/458)) +- Feature: Remove the Service Status page ([#463](https://github.com/Mailu/Mailu/issues/463)) +- Feature: Automated Releases ([#487](https://github.com/Mailu/Mailu/issues/487)) +- Feature: Support for ARC ([#495](https://github.com/Mailu/Mailu/issues/495)) +- Feature: Add posibilty to run webmail on root ([#501](https://github.com/Mailu/Mailu/issues/501)) +- Feature: Upgrade docker-compose.yml to version 3 ([#539](https://github.com/Mailu/Mailu/issues/539)) +- Feature: Documentation to deploy mailu on a docker swarm ([#551](https://github.com/Mailu/Mailu/issues/551)) +- Feature: Add full-text search support ([#552](https://github.com/Mailu/Mailu/issues/552)) +- Feature: Add optional Maildir-Compression ([#553](https://github.com/Mailu/Mailu/issues/553)) +- Feature: Preserve rspamd history on container restart ([#561](https://github.com/Mailu/Mailu/issues/561)) +- Feature: FAQ ([#564](https://github.com/Mailu/Mailu/issues/564), [#677](https://github.com/Mailu/Mailu/issues/677)) +- Feature: Kubernetes support ([#576](https://github.com/Mailu/Mailu/issues/576)) +- Feature: Option to bounce or reject email when recipient is unknown ([#583](https://github.com/Mailu/Mailu/issues/583), [#626](https://github.com/Mailu/Mailu/issues/626)) +- Feature: implement healthchecks for all containers ([#631](https://github.com/Mailu/Mailu/issues/631)) +- Feature: Option to send front logs to journald or syslog ([#584](https://github.com/Mailu/Mailu/issues/584), [#661](https://github.com/Mailu/Mailu/issues/661)) +- Feature: Support bcrypt and PBKDF2 ([#647](https://github.com/Mailu/Mailu/issues/647), [#667](https://github.com/Mailu/Mailu/issues/667)) +- Feature: enable http2 ([#674](https://github.com/Mailu/Mailu/issues/674)) +- Feature: Unbound DNS as optional service ([#681](https://github.com/Mailu/Mailu/issues/681)) +- Feature: Re-write test suite ([#682](https://github.com/Mailu/Mailu/issues/682)) +- Feature: Docker image prefixes ([#702](https://github.com/Mailu/Mailu/issues/702)) +- Feature: Add authentication method “login” for Outlook ([#704](https://github.com/Mailu/Mailu/issues/704)) +- Feature: Allow extending nginx config with overrides ([#713](https://github.com/Mailu/Mailu/issues/713)) +- Feature: Dynamic attachment size limit ([#731](https://github.com/Mailu/Mailu/issues/731)) +- Feature: Certificate watcher for external certs to reload nginx ([#732](https://github.com/Mailu/Mailu/issues/732)) +- Feature: Kubernetes +- Enhancement: Use pre-defined dhparam ([#322](https://github.com/Mailu/Mailu/issues/322)) +- Enhancement: Disable ssl_session_tickets ([#329](https://github.com/Mailu/Mailu/issues/329)) +- Enhancement: max attachment size in roundcube ([#338](https://github.com/Mailu/Mailu/issues/338)) +- Enhancement: Use x-forwarded-proto with redirects ([#347](https://github.com/Mailu/Mailu/issues/347)) +- Enhancement: Added adress verification before accepting mails for delivery ([#353](https://github.com/Mailu/Mailu/issues/353)) +- Enhancement: Reverse proxy - Real ip header and mail-letsencrypt ([#358](https://github.com/Mailu/Mailu/issues/358)) +- Enhancement: Parametrize hosts ([#373](https://github.com/Mailu/Mailu/issues/373)) +- Enhancement: Expose ports in dockerfiles ([#392](https://github.com/Mailu/Mailu/issues/392)) +- Enhancement: Added webmail-imap dependency in docker-compose ([#403](https://github.com/Mailu/Mailu/issues/403)) +- Enhancement: Add environment variables to allow running outside of docker-compose ([#429](https://github.com/Mailu/Mailu/issues/429)) +- Enhancement: Add original Delivered-To header to received messages ([#433](https://github.com/Mailu/Mailu/issues/433)) +- Enhancement: Use HOST_ADMIN in "Forwarding authentication server" ([#436](https://github.com/Mailu/Mailu/issues/436), [#437](https://github.com/Mailu/Mailu/issues/437)) +- Enhancement: Use POD_ADDRESS_RANGE for Dovecot ([#448](https://github.com/Mailu/Mailu/issues/448)) +- Enhancement: Using configurable filenames for TLS certs ([#468](https://github.com/Mailu/Mailu/issues/468)) +- Enhancement: Don't require BootstrapCDN (GDPR-compliance) ([#477](https://github.com/Mailu/Mailu/issues/477)) +- Enhancement: Use dynamic client_max_body_size for webmail ([#502](https://github.com/Mailu/Mailu/issues/502)) +- Enhancement: New logo design ([#509](https://github.com/Mailu/Mailu/issues/509)) +- Enhancement: New manifests for Kubernetes ([#544](https://github.com/Mailu/Mailu/issues/544)) +- Enhancement: Pin Alpine image ([#548](https://github.com/Mailu/Mailu/issues/548), [#557](https://github.com/Mailu/Mailu/issues/557)) +- Enhancement: Use safer cipher in roundcube ([#597](https://github.com/Mailu/Mailu/issues/597)) +- Enhancement: Improve sender checks ([#633](https://github.com/Mailu/Mailu/issues/633)) +- Enhancement: Use PHP 7.2 for rainloop and roundcube ([#606](https://github.com/Mailu/Mailu/issues/606), [#642](https://github.com/Mailu/Mailu/issues/642)) +- Enhancement: Multi-version documentation ([#664](https://github.com/Mailu/Mailu/issues/664)) +- Enhancement: Contribution documentation ([#700](https://github.com/Mailu/Mailu/issues/700)) +- Enhancement: Move Mailu Docker network to a fixed subnet ([#727](https://github.com/Mailu/Mailu/issues/727)) +- Enhancement: Added regex validation for alias username ([#764](https://github.com/Mailu/Mailu/issues/764)) +- Enhancement: Update documentation +- Upstream: Update Roundcube +- Upstream: Update Rainloop +- Bug: Rainloop fails with "domain not allowed" ([#93](https://github.com/Mailu/Mailu/issues/93)) +- Bug: Announces fail ([#309](https://github.com/Mailu/Mailu/issues/309)) +- Bug: Authentication issues with rspamd admin ui ([#315](https://github.com/Mailu/Mailu/issues/315)) +- Bug: front hangup on restart ([#341](https://github.com/Mailu/Mailu/issues/341)) +- Bug: Display the proper user quota when set to 0/infinity ([#345](https://github.com/Mailu/Mailu/issues/345)) +- Bug: Domain details button "Regenerate keys" when no keys are generated yet ([#346](https://github.com/Mailu/Mailu/issues/346)) +- Bug: Relayed Domains: access denied error ([#351](https://github.com/Mailu/Mailu/issues/351)) +- Bug: Do not deny HTTP access upon TLS error when the flavor is mail ([#352](https://github.com/Mailu/Mailu/issues/352)) +- Bug: php_zip extension missing in Roundcube webmail ([#364](https://github.com/Mailu/Mailu/issues/364)) +- Bug: RoundCube webmail .htaccess assumes PHP 5 ([#366](https://github.com/Mailu/Mailu/issues/366)) +- Bug: No quota shows "0 Bytes" in user list ([#368](https://github.com/Mailu/Mailu/issues/368)) +- Bug: RELAYNETS not honored when login is different from sender ([#369](https://github.com/Mailu/Mailu/issues/369)) +- Bug: Request Entity Too Large ([#371](https://github.com/Mailu/Mailu/issues/371)) +- Bug: Pass the full host to the backend ([#372](https://github.com/Mailu/Mailu/issues/372)) +- Bug: Can't send from an email account that has forwarding ([#390](https://github.com/Mailu/Mailu/issues/390)) +- Bug: SSL protocol error roundcube/imap ([#411](https://github.com/Mailu/Mailu/issues/411), [#414](https://github.com/Mailu/Mailu/issues/414)) +- Bug: Unable to send from alternative domains ([#415](https://github.com/Mailu/Mailu/issues/415)) +- Bug: Webadmin redirect ignores host port ([#419](https://github.com/Mailu/Mailu/issues/419)) +- Bug: Disable esld when signing with dkim ([#435](https://github.com/Mailu/Mailu/issues/435)) +- Bug: DKIM missing when using identities ([#462](https://github.com/Mailu/Mailu/issues/462)) +- Bug: Moving mails from Junk to Trash flags them as ham ([#474](https://github.com/Mailu/Mailu/issues/474)) +- Bug: Cannot set the "keep emails" for fetched accounts ([#479](https://github.com/Mailu/Mailu/issues/479)) +- Bug: CVE-2018-8740 ([#482](https://github.com/Mailu/Mailu/issues/482)) +- Bug: Hide administration header in sidebar for normal users ([#505](https://github.com/Mailu/Mailu/issues/505)) +- Bug: Return correct status codes from auth rate limiter failure ([#513](https://github.com/Mailu/Mailu/issues/513)) +- Bug: Domain edit page shows "Create" button ([#523](https://github.com/Mailu/Mailu/issues/523)) +- Bug: Hostname resolving in start.py should retry on failure [docker swarm] ([#555](https://github.com/Mailu/Mailu/issues/555)) +- Bug: Error when trying to log in with an account without domain ([#585](https://github.com/Mailu/Mailu/issues/585)) +- Bug: Fix rainloop permissions ([#637](https://github.com/Mailu/Mailu/issues/637)) + v1.5.1 - 2017-11-21 ------------------- diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 4a7611f0..ff7939e5 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,7 +1,7 @@ This project is open source, and your contributions are all welcome. There are mostly three different ways one can contribute to the project: 1. use Mailu, either on test or on production instances, and report meaningful bugs when you find some; -2. contribute code and/or configuration to the repository (see [the development guidelines](https://mailu.io/contributors/guide.html) for details); -3. contribute localization to your native language (see [the localization docs](https://mailu.io/contributors/localization.html) for details); +2. contribute code and/or configuration to the repository (see [the development guidelines](https://mailu.io/master/contributors/guide.html) for details); +3. contribute localization to your native language (see [the localization docs](https://mailu.io/master/contributors/localization.html) for details); Either way, keep in mind that the code you write or the translation you produce muts be licensed under the same conditions as the project itself. Additionally, all contributors are considered equal co-authors of the project. diff --git a/core/admin/Dockerfile b/core/admin/Dockerfile index 954ce7e7..77658143 100644 --- a/core/admin/Dockerfile +++ b/core/admin/Dockerfile @@ -21,7 +21,7 @@ COPY start.py /start.py RUN pybabel compile -d mailu/translations EXPOSE 80/tcp -VOLUME ["/data"] +VOLUME ["/data","/dkim"] ENV FLASK_APP mailu CMD /start.py diff --git a/core/admin/mailu/__init__.py b/core/admin/mailu/__init__.py index 6b245c3b..4de3e580 100644 --- a/core/admin/mailu/__init__.py +++ b/core/admin/mailu/__init__.py @@ -8,7 +8,6 @@ def create_app_from_config(config): """ Create a new application based on the given configuration """ app = flask.Flask(__name__) - app.app_context().push() app.cli.add_command(manage.mailu) # Bootstrap is used for basic JS and CSS loading diff --git a/core/admin/mailu/configuration.py b/core/admin/mailu/configuration.py index ab6a7aac..bb0b3b81 100644 --- a/core/admin/mailu/configuration.py +++ b/core/admin/mailu/configuration.py @@ -56,6 +56,7 @@ DEFAULT_CONFIG = { 'HOST_WEBMAIL': 'webmail', 'HOST_FRONT': 'front', 'HOST_AUTHSMTP': os.environ.get('HOST_SMTP', 'smtp'), + 'SUBNET': '192.168.203.0/24', 'POD_ADDRESS_RANGE': None } diff --git a/core/admin/mailu/internal/views/auth.py b/core/admin/mailu/internal/views/auth.py index 459a8e57..83a63953 100644 --- a/core/admin/mailu/internal/views/auth.py +++ b/core/admin/mailu/internal/views/auth.py @@ -9,7 +9,7 @@ import base64 @internal.route("/auth/email") @utils.limiter.limit( - app.config["AUTH_RATELIMIT"], + lambda: app.config["AUTH_RATELIMIT"], lambda: flask.request.headers["Client-Ip"] ) def nginx_authentication(): diff --git a/core/admin/mailu/internal/views/dovecot.py b/core/admin/mailu/internal/views/dovecot.py index bf2ce2e5..463ecc20 100644 --- a/core/admin/mailu/internal/views/dovecot.py +++ b/core/admin/mailu/internal/views/dovecot.py @@ -10,13 +10,9 @@ import os def dovecot_passdb_dict(user_email): user = models.User.query.get(user_email) or flask.abort(404) allow_nets = [] - allow_nets.append( - app.config.get("POD_ADDRESS_RANGE") or - socket.gethostbyname(app.config["HOST_FRONT"]) - ) - if os.environ["WEBMAIL"] != "none": - allow_nets.append(socket.gethostbyname(app.config["HOST_WEBMAIL"])) - print(allow_nets) + allow_nets.append(app.config["SUBNET"]) + if app.config["POD_ADDRESS_RANGE"]: + allow_nets.append(app.config["POD_ADDRESS_RANGE"]) return flask.jsonify({ "password": None, "nopassword": "Y", diff --git a/core/admin/mailu/models.py b/core/admin/mailu/models.py index 21a261e6..468e6458 100644 --- a/core/admin/mailu/models.py +++ b/core/admin/mailu/models.py @@ -433,7 +433,7 @@ class Alias(Base, Email): ) ) ) - ).first() + ).order_by(cls.wildcard, sqlalchemy.func.char_length(cls.localpart).desc()).first() class Token(Base): diff --git a/core/admin/mailu/ui/forms.py b/core/admin/mailu/ui/forms.py index 57c106c3..40a56a82 100644 --- a/core/admin/mailu/ui/forms.py +++ b/core/admin/mailu/ui/forms.py @@ -136,7 +136,7 @@ class TokenForm(flask_wtf.FlaskForm): class AliasForm(flask_wtf.FlaskForm): - localpart = fields.StringField(_('Alias'), [validators.DataRequired()]) + localpart = fields.StringField(_('Alias'), [validators.DataRequired(), validators.Regexp(LOCALPART_REGEX)]) wildcard = fields.BooleanField( _('Use SQL LIKE Syntax (e.g. for catch-all aliases)')) destination = DestinationField(_('Destination')) diff --git a/core/admin/mailu/ui/templates/client.html b/core/admin/mailu/ui/templates/client.html index 6adc68a2..81bee135 100644 --- a/core/admin/mailu/ui/templates/client.html +++ b/core/admin/mailu/ui/templates/client.html @@ -53,7 +53,7 @@ configure your email client
{{ current_user or "******" }}
{{ current_user if current_user.is_authenticated else "******" }}
docker-compose -p mailu exec admin python manage.py admin {{ postmaster }} {{ domain }} PASSWORD +
docker-compose -p mailu exec admin flask mailu admin {{ postmaster }} {{ domain }} PASSWORD
Login to the admin interface to change the password for a safe one, at diff --git a/setup/flavors/stack/docker-compose.yml b/setup/flavors/stack/docker-compose.yml index 1bc4806f..480aafeb 100644 --- a/setup/flavors/stack/docker-compose.yml +++ b/setup/flavors/stack/docker-compose.yml @@ -15,7 +15,7 @@ services: # Core services front: - image: ${DOCKER_ORG:-mailu}/nginx:${MAILU_VERSION:-{{ version }}} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}nginx:${MAILU_VERSION:-{{ version }}} env_file: {{ env }} logging: driver: {{ log_driver or 'json-file' }} @@ -27,12 +27,13 @@ services: {% endfor %} volumes: - "{{ root }}/certs:/certs" + - "{{ root }}/overrides/nginx:/overrides" deploy: replicas: {{ front_replicas }} - + {% if resolver_enabled %} resolver: - image: mailu/unbound:{{ version }} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}unbound:${MAILU_VERSION:-{{ version }}} env_file: {{ env }} networks: default: @@ -40,7 +41,7 @@ services: {% endif %} admin: - image: ${DOCKER_ORG:-mailu}/admin:${MAILU_VERSION:-{{ version }}} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}admin:${MAILU_VERSION:-{{ version }}} env_file: {{ env }} {% if not admin_enabled %} ports: @@ -53,11 +54,8 @@ services: replicas: {{ admin_replicas }} imap: - image: ${DOCKER_ORG:-mailu}/dovecot:${MAILU_VERSION:-{{ version }}} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-{{ version }}} env_file: {{ env }} - environment: - # Default to 10.0.1.0/24 - - POD_ADDRESS_RANGE={{ subnet }} volumes: - "{{ root }}/mail:/mail" - "{{ root }}/overrides:/overrides" @@ -65,10 +63,8 @@ services: replicas: {{ imap_replicas }} smtp: - image: ${DOCKER_ORG:-mailu}/postfix:${MAILU_VERSION:-{{ version }}} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-{{ version }}} env_file: {{ env }} - environment: - - POD_ADDRESS_RANGE={{ subnet }} volumes: - "{{ root }}/overrides:/overrides" deploy: @@ -79,10 +75,8 @@ services: {% endif %} antispam: - image: ${DOCKER_ORG:-mailu}/rspamd:${MAILU_VERSION:-{{ version }}} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-{{ version }}} env_file: {{ env }} - environment: - - POD_ADDRESS_RANGE={{ subnet }} volumes: - "{{ root }}/filter:/var/lib/rspamd" - "{{ root }}/dkim:/dkim" @@ -97,7 +91,7 @@ services: # Optional services {% if antivirus_enabled %} antivirus: - image: ${DOCKER_ORG:-mailu}/clamav:${MAILU_VERSION:-{{ version }}} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}clamav:${MAILU_VERSION:-{{ version }}} env_file: {{ env }} volumes: - "{{ root }}/filter:/data" @@ -111,7 +105,7 @@ services: {% if webdav_enabled %} webdav: - image: ${DOCKER_ORG:-mailu}/none:${MAILU_VERSION:-{{ version }}} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}radicale:${MAILU_VERSION:-{{ version }}} env_file: {{ env }} volumes: - "{{ root }}/dav:/data" @@ -121,7 +115,7 @@ services: {% if fetchmail_enabled %} fetchmail: - image: ${DOCKER_ORG:-mailu}/fetchmail:${MAILU_VERSION:-{{ version }}} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}fetchmail:${MAILU_VERSION:-{{ version }}} env_file: {{ env }} volumes: - "{{ root }}/data:/data" @@ -135,7 +129,7 @@ services: {% if webmail_type != 'none' %} webmail: - image: ${DOCKER_ORG:-mailu}/roundcube:${MAILU_VERSION:-{{ version }}} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}{{ webmail_type }}:${MAILU_VERSION:-{{ version }}} env_file: {{ env }} volumes: - "{{ root }}/webmail:/data" diff --git a/setup/flavors/stack/setup.html b/setup/flavors/stack/setup.html index d68a6422..329a2cba 100644 --- a/setup/flavors/stack/setup.html +++ b/setup/flavors/stack/setup.html @@ -45,7 +45,7 @@ Command for removing docker stack is Before you can use Mailu, you must create the primary administrator user account. This should be {{ postmaster }}@{{ domain }}. Use the following command, changing PASSWORD to your liking: -
docker exec $(docker ps | grep admin | cut -d ' ' -f1) python manage.py admin {{ postmaster }} {{ domain }} PASSWORD +
docker exec $(docker ps | grep admin | cut -d ' ' -f1) flask mailu admin {{ postmaster }} {{ domain }} PASSWORD
Login to the admin interface to change the password for a safe one, at diff --git a/setup/requirements.txt b/setup/requirements.txt index ea2a2c25..b6bf2120 100644 --- a/setup/requirements.txt +++ b/setup/requirements.txt @@ -1,5 +1,4 @@ flask flask-bootstrap redis -gitpython gunicorn diff --git a/setup/server.py b/setup/server.py index 6b1514fd..fbe8a87f 100644 --- a/setup/server.py +++ b/setup/server.py @@ -34,70 +34,60 @@ def secret(length=16): def build_app(path): - #Hardcoded master as the only version for test purposes - versions = [ - # version for version in os.listdir(path) - # if os.path.isdir(os.path.join(path, version)) - "master" - ] - app.jinja_env.trim_blocks = True app.jinja_env.lstrip_blocks = True @app.context_processor def app_context(): - return dict(versions=versions) + return dict(versions=os.getenv("VERSIONS","master").split(',')) - @app.route("/") - def index(): - return flask.redirect(flask.url_for('{}.wizard'.format(versions[-1]))) + version = os.getenv("this_version") - for version in versions: - bp = flask.Blueprint(version, __name__) - bp.jinja_loader = jinja2.ChoiceLoader([ - jinja2.FileSystemLoader(os.path.join(path, version, "templates")), - jinja2.FileSystemLoader(os.path.join(path, version, "flavors")) - ]) + bp = flask.Blueprint(version, __name__) + bp.jinja_loader = jinja2.ChoiceLoader([ + jinja2.FileSystemLoader(os.path.join(path, "templates")), + jinja2.FileSystemLoader(os.path.join(path, "flavors")) + ]) - @bp.context_processor - def bp_context(version=version): - return dict(version=version) + @bp.context_processor + def bp_context(version=version): + return dict(version=version) - @bp.route("/") - def wizard(): - return flask.render_template('wizard.html') + @bp.route("/") + def wizard(): + return flask.render_template('wizard.html') - @bp.route("/submit_flavor", methods=["POST"]) - def submit_flavor(): - data = flask.request.form.copy() - steps = sorted(os.listdir(path + "/" + version + "/templates/steps/" + data["flavor"])) - return flask.render_template('wizard.html', flavor=data["flavor"], steps=steps) + @bp.route("/submit_flavor", methods=["POST"]) + def submit_flavor(): + data = flask.request.form.copy() + steps = sorted(os.listdir(os.path.join(path, "templates", "steps", data["flavor"]))) + return flask.render_template('wizard.html', flavor=data["flavor"], steps=steps) - @bp.route("/submit", methods=["POST"]) - def submit(): - data = flask.request.form.copy() - data['uid'] = str(uuid.uuid4()) - data['dns'] = str(ipaddress.IPv4Network(data['subnet'])[-2]) - db.set(data['uid'], json.dumps(data)) - return flask.redirect(flask.url_for('.setup', uid=data['uid'])) + @bp.route("/submit", methods=["POST"]) + def submit(): + data = flask.request.form.copy() + data['uid'] = str(uuid.uuid4()) + data['dns'] = str(ipaddress.IPv4Network(data['subnet'])[-2]) + db.set(data['uid'], json.dumps(data)) + return flask.redirect(flask.url_for('.setup', uid=data['uid'])) - @bp.route("/setup/
", methods=["GET"]) - def setup(uid): - data = json.loads(db.get(uid)) - flavor = data.get("flavor", "compose") - rendered = render_flavor(flavor, "setup.html", data) - return flask.render_template("setup.html", contents=rendered) + @bp.route("/setup/ ", methods=["GET"]) + def setup(uid): + data = json.loads(db.get(uid)) + flavor = data.get("flavor", "compose") + rendered = render_flavor(flavor, "setup.html", data) + return flask.render_template("setup.html", contents=rendered) - @bp.route("/file/ / ", methods=["GET"]) - def file(uid, filepath): - data = json.loads(db.get(uid)) - flavor = data.get("flavor", "compose") - return flask.Response( - render_flavor(flavor, filepath, data), - mimetype="application/text" - ) + @bp.route("/file/ / ", methods=["GET"]) + def file(uid, filepath): + data = json.loads(db.get(uid)) + flavor = data.get("flavor", "compose") + return flask.Response( + render_flavor(flavor, filepath, data), + mimetype="application/text" + ) - app.register_blueprint(bp, url_prefix="/{}".format(version)) + app.register_blueprint(bp, url_prefix="/{}".format(version)) if __name__ == "__main__": diff --git a/setup/setup.py b/setup/setup.py deleted file mode 100644 index e08c0092..00000000 --- a/setup/setup.py +++ /dev/null @@ -1,39 +0,0 @@ -import git -import tempfile -import argparse -import os -import shutil -import re - - -VERSION_BRANCH = re.compile("(master|\d+\.\d+)") - - -def main(upstream, dest, dev=True): - shutil.rmtree(dest, ignore_errors=True) - os.makedirs(dest, exist_ok=True) - with tempfile.TemporaryDirectory() as clone_path: - repo = git.Repo.clone_from(upstream, clone_path) - for branch in repo.refs: - if not branch.name.startswith("origin/"): - continue - name = branch.name[len("origin/"):] - if not VERSION_BRANCH.match(name): - continue - branch.checkout() - config_path = os.path.join(clone_path, "setup") - if os.path.exists(config_path): - shutil.copytree(config_path, os.path.join(dest, name)) - print("Imported branch {}".format(name)) - if dev: - shutil.copytree(".", os.path.join(dest, "dev")) - print("Imported dev") - - -if __name__ == "__main__": - parser = argparse.ArgumentParser() - parser.add_argument("--dev", action="store_true", help="Copy the local dir in /dev") - parser.add_argument("upstream", help="Path to Mailu git repository") - parser.add_argument("dest", help="Destination directory for data files") - args = parser.parse_args() - main(**vars(args)) diff --git a/setup/templates/base.html b/setup/templates/base.html index 5be0b1eb..c53bd1d1 100644 --- a/setup/templates/base.html +++ b/setup/templates/base.html @@ -9,8 +9,8 @@ Version
diff --git a/setup/templates/steps/compose/03_expose.html b/setup/templates/steps/compose/03_expose.html index 783c2037..0c912778 100644 --- a/setup/templates/steps/compose/03_expose.html +++ b/setup/templates/steps/compose/03_expose.html @@ -34,9 +34,9 @@ avoid generic all-interfaces addresses like0.0.0.0
or::
- + + value="192.168.203.0/24">You server will be available under a main hostname but may expose multiple public diff --git a/setup/templates/steps/stack/03_expose.html b/setup/templates/steps/stack/03_expose.html index d47390be..820ff154 100644 --- a/setup/templates/steps/stack/03_expose.html +++ b/setup/templates/steps/stack/03_expose.html @@ -11,9 +11,9 @@ you expose it to the world.
- + + value="192.168.203.0/24">You server will be available under a main hostname but may expose multiple public diff --git a/setup/test b/setup/test deleted file mode 100644 index e69de29b..00000000 diff --git a/tests/build.yml b/tests/build.yml index c3252e8c..dd56dc41 100644 --- a/tests/build.yml +++ b/tests/build.yml @@ -3,35 +3,39 @@ version: '3' services: front: - image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX}nginx:${MAILU_VERSION:-local} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}nginx:${MAILU_VERSION:-local} build: ../core/nginx resolver: - image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX}unbound:${MAILU_VERSION:-local} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}unbound:${MAILU_VERSION:-local} build: ../services/unbound imap: - image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX}dovecot:${MAILU_VERSION:-local} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-local} build: ../core/dovecot smtp: - image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX}postfix:${MAILU_VERSION:-local} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-local} build: ../core/postfix antispam: - image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX}rspamd:${MAILU_VERSION:-local} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-local} build: ../services/rspamd antivirus: - image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX}clamav:${MAILU_VERSION:-local} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}clamav:${MAILU_VERSION:-local} build: ../optional/clamav webdav: - image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX}radicale:${MAILU_VERSION:-local} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}radicale:${MAILU_VERSION:-local} build: ../optional/radicale + traefik-certdumper: + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}traefik-certdumper:${MAILU_VERSION:-local} + build: ../optional/traefik-certdumper + admin: - image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX}admin:${MAILU_VERSION:-local} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}admin:${MAILU_VERSION:-local} build: ../core/admin postgresql: @@ -39,26 +43,29 @@ services: build: ../optional/postgresql roundcube: - image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX}roundcube:${MAILU_VERSION:-local} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}roundcube:${MAILU_VERSION:-local} build: ../webmails/roundcube rainloop: - image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX}rainloop:${MAILU_VERSION:-local} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rainloop:${MAILU_VERSION:-local} build: ../webmails/rainloop fetchmail: - image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX}fetchmail:${MAILU_VERSION:-local} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}fetchmail:${MAILU_VERSION:-local} build: ../services/fetchmail none: - image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX}none:${MAILU_VERSION:-local} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}none:${MAILU_VERSION:-local} build: ../core/none docs: - image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX}docs:${MAILU_VERSION:-local} - build: ../docs + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}docs:${MAILU_VERSION:-local} + build: + context: ../docs + args: + version: ${MAILU_VERSION:-local} setup: - image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX}setup:${MAILU_VERSION:-local} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}setup:${MAILU_VERSION:-local} build: ../setup diff --git a/tests/compose/core/docker-compose.yml b/tests/compose/core/docker-compose.yml index 397000a6..f64c82b0 100644 --- a/tests/compose/core/docker-compose.yml +++ b/tests/compose/core/docker-compose.yml @@ -15,7 +15,7 @@ services: # Core services front: - image: ${DOCKER_ORG:-mailu}/nginx:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}nginx:${MAILU_VERSION:-master} restart: always env_file: mailu.env logging: @@ -34,7 +34,7 @@ services: - "/mailu/certs:/certs" admin: - image: ${DOCKER_ORG:-mailu}/admin:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}admin:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -44,7 +44,7 @@ services: - redis imap: - image: ${DOCKER_ORG:-mailu}/dovecot:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -54,7 +54,7 @@ services: - front smtp: - image: ${DOCKER_ORG:-mailu}/postfix:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -63,7 +63,7 @@ services: - front antispam: - image: ${DOCKER_ORG:-mailu}/rspamd:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -78,3 +78,12 @@ services: # Webmail + + +networks: + default: + driver: bridge + ipam: + driver: default + config: + - subnet: 192.168.203.0/24 diff --git a/tests/compose/core/mailu.env b/tests/compose/core/mailu.env index 9a744e35..d77f3a2d 100644 --- a/tests/compose/core/mailu.env +++ b/tests/compose/core/mailu.env @@ -25,6 +25,9 @@ SECRET_KEY=HGZCYGVI6FVG31HS # PUBLIC_IPV4= 127.0.0.1 (default: 127.0.0.1) # PUBLIC_IPV6= (default: ::1) +# Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!) +SUBNET=192.168.203.0/24 + # Main mail domain DOMAIN=mailu.io @@ -70,9 +73,9 @@ ANTISPAM=none # Default: accept messages up to 50MB MESSAGE_SIZE_LIMIT=50000000 -# Networks granted relay permissions, make sure that you include your Docker -# internal network (default to 172.17.0.0/16) -RELAYNETS=172.17.0.0/16 +# Networks granted relay permissions +# Use this with care, all hosts in this networks will be able to send mail without authentication! +RELAYNETS= # Will relay all outgoing mails if configured RELAYHOST= @@ -136,4 +139,4 @@ REAL_IP_HEADER= REAL_IP_FROM= # choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no) -REJECT_UNLISTED_RECIPIENT= \ No newline at end of file +REJECT_UNLISTED_RECIPIENT= diff --git a/tests/compose/fetchmail/docker-compose.yml b/tests/compose/fetchmail/docker-compose.yml index 6b1be40e..49c292e9 100644 --- a/tests/compose/fetchmail/docker-compose.yml +++ b/tests/compose/fetchmail/docker-compose.yml @@ -15,7 +15,7 @@ services: # Core services front: - image: ${DOCKER_ORG:-mailu}/nginx:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}nginx:${MAILU_VERSION:-master} restart: always env_file: mailu.env logging: @@ -34,7 +34,7 @@ services: - "/mailu/certs:/certs" admin: - image: ${DOCKER_ORG:-mailu}/admin:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}admin:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -44,7 +44,7 @@ services: - redis imap: - image: ${DOCKER_ORG:-mailu}/dovecot:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -54,7 +54,7 @@ services: - front smtp: - image: ${DOCKER_ORG:-mailu}/postfix:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -63,7 +63,7 @@ services: - front antispam: - image: ${DOCKER_ORG:-mailu}/rspamd:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -77,8 +77,17 @@ services: fetchmail: - image: ${DOCKER_ORG:-mailu}/fetchmail:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}fetchmail:${MAILU_VERSION:-master} restart: always env_file: mailu.env # Webmail + + +networks: + default: + driver: bridge + ipam: + driver: default + config: + - subnet: 192.168.203.0/24 diff --git a/tests/compose/fetchmail/mailu.env b/tests/compose/fetchmail/mailu.env index a987c853..c91a6deb 100644 --- a/tests/compose/fetchmail/mailu.env +++ b/tests/compose/fetchmail/mailu.env @@ -25,6 +25,9 @@ SECRET_KEY=JS48Q9KE3B6T97E6 # PUBLIC_IPV4= 127.0.0.1 (default: 127.0.0.1) # PUBLIC_IPV6= (default: ::1) +# Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!) +SUBNET=192.168.203.0/24 + # Main mail domain DOMAIN=mailu.io @@ -70,9 +73,9 @@ ANTISPAM=none # Default: accept messages up to 50MB MESSAGE_SIZE_LIMIT=50000000 -# Networks granted relay permissions, make sure that you include your Docker -# internal network (default to 172.17.0.0/16) -RELAYNETS=172.17.0.0/16 +# Networks granted relay permissions +# Use this with care, all hosts in this networks will be able to send mail without authentication! +RELAYNETS= # Will relay all outgoing mails if configured RELAYHOST= @@ -136,4 +139,4 @@ REAL_IP_HEADER= REAL_IP_FROM= # choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no) -REJECT_UNLISTED_RECIPIENT= \ No newline at end of file +REJECT_UNLISTED_RECIPIENT= diff --git a/tests/compose/filters/docker-compose.yml b/tests/compose/filters/docker-compose.yml index 4fbda49a..94b97399 100644 --- a/tests/compose/filters/docker-compose.yml +++ b/tests/compose/filters/docker-compose.yml @@ -15,7 +15,7 @@ services: # Core services front: - image: ${DOCKER_ORG:-mailu}/nginx:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}nginx:${MAILU_VERSION:-master} restart: always env_file: mailu.env logging: @@ -34,7 +34,7 @@ services: - "/mailu/certs:/certs" admin: - image: ${DOCKER_ORG:-mailu}/admin:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}admin:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -44,7 +44,7 @@ services: - redis imap: - image: ${DOCKER_ORG:-mailu}/dovecot:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -54,7 +54,7 @@ services: - front smtp: - image: ${DOCKER_ORG:-mailu}/postfix:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -63,7 +63,7 @@ services: - front antispam: - image: ${DOCKER_ORG:-mailu}/rspamd:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -75,7 +75,7 @@ services: # Optional services antivirus: - image: ${DOCKER_ORG:-mailu}/clamav:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}clamav:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -84,3 +84,12 @@ services: # Webmail + + +networks: + default: + driver: bridge + ipam: + driver: default + config: + - subnet: 192.168.203.0/24 diff --git a/tests/compose/filters/mailu.env b/tests/compose/filters/mailu.env index 8609a287..25c7c133 100644 --- a/tests/compose/filters/mailu.env +++ b/tests/compose/filters/mailu.env @@ -25,6 +25,9 @@ SECRET_KEY=11H6XURLGE7GW3U1 # PUBLIC_IPV4= 127.0.0.1 (default: 127.0.0.1) # PUBLIC_IPV6= (default: ::1) +# Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!) +SUBNET=192.168.203.0/24 + # Main mail domain DOMAIN=mailu.io @@ -70,9 +73,9 @@ ANTISPAM=none # Default: accept messages up to 50MB MESSAGE_SIZE_LIMIT=50000000 -# Networks granted relay permissions, make sure that you include your Docker -# internal network (default to 172.17.0.0/16) -RELAYNETS=172.17.0.0/16 +# Networks granted relay permissions +# Use this with care, all hosts in this networks will be able to send mail without authentication! +RELAYNETS= # Will relay all outgoing mails if configured RELAYHOST= @@ -136,4 +139,4 @@ REAL_IP_HEADER= REAL_IP_FROM= # choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no) -REJECT_UNLISTED_RECIPIENT= \ No newline at end of file +REJECT_UNLISTED_RECIPIENT= diff --git a/tests/compose/rainloop/docker-compose.yml b/tests/compose/rainloop/docker-compose.yml index c91a92ed..98425d7a 100644 --- a/tests/compose/rainloop/docker-compose.yml +++ b/tests/compose/rainloop/docker-compose.yml @@ -15,7 +15,7 @@ services: # Core services front: - image: ${DOCKER_ORG:-mailu}/nginx:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}nginx:${MAILU_VERSION:-master} restart: always env_file: mailu.env logging: @@ -34,7 +34,7 @@ services: - "/mailu/certs:/certs" admin: - image: ${DOCKER_ORG:-mailu}/admin:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}admin:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -44,7 +44,7 @@ services: - redis imap: - image: ${DOCKER_ORG:-mailu}/dovecot:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -54,7 +54,7 @@ services: - front smtp: - image: ${DOCKER_ORG:-mailu}/postfix:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -63,7 +63,7 @@ services: - front antispam: - image: ${DOCKER_ORG:-mailu}/rspamd:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -79,10 +79,19 @@ services: # Webmail webmail: - image: ${DOCKER_ORG:-mailu}/rainloop:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rainloop:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: - "/mailu/webmail:/data" depends_on: - imap + + +networks: + default: + driver: bridge + ipam: + driver: default + config: + - subnet: 192.168.203.0/24 diff --git a/tests/compose/rainloop/mailu.env b/tests/compose/rainloop/mailu.env index 678ea048..65fef5c8 100644 --- a/tests/compose/rainloop/mailu.env +++ b/tests/compose/rainloop/mailu.env @@ -25,6 +25,9 @@ SECRET_KEY=V5J4SHRYVW9PZIQU # PUBLIC_IPV4= 127.0.0.1 (default: 127.0.0.1) # PUBLIC_IPV6= (default: ::1) +# Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!) +SUBNET=192.168.203.0/24 + # Main mail domain DOMAIN=mailu.io @@ -70,9 +73,9 @@ ANTISPAM=none # Default: accept messages up to 50MB MESSAGE_SIZE_LIMIT=50000000 -# Networks granted relay permissions, make sure that you include your Docker -# internal network (default to 172.17.0.0/16) -RELAYNETS=172.17.0.0/16 +# Networks granted relay permissions +# Use this with care, all hosts in this networks will be able to send mail without authentication! +RELAYNETS= # Will relay all outgoing mails if configured RELAYHOST= @@ -136,4 +139,4 @@ REAL_IP_HEADER= REAL_IP_FROM= # choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no) -REJECT_UNLISTED_RECIPIENT= \ No newline at end of file +REJECT_UNLISTED_RECIPIENT= diff --git a/tests/compose/roundcube/docker-compose.yml b/tests/compose/roundcube/docker-compose.yml index 567c1c69..b2f415df 100644 --- a/tests/compose/roundcube/docker-compose.yml +++ b/tests/compose/roundcube/docker-compose.yml @@ -15,7 +15,7 @@ services: # Core services front: - image: ${DOCKER_ORG:-mailu}/nginx:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}nginx:${MAILU_VERSION:-master} restart: always env_file: mailu.env logging: @@ -34,7 +34,7 @@ services: - "/mailu/certs:/certs" admin: - image: ${DOCKER_ORG:-mailu}/admin:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}admin:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -44,7 +44,7 @@ services: - redis imap: - image: ${DOCKER_ORG:-mailu}/dovecot:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -54,7 +54,7 @@ services: - front smtp: - image: ${DOCKER_ORG:-mailu}/postfix:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -63,7 +63,7 @@ services: - front antispam: - image: ${DOCKER_ORG:-mailu}/rspamd:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -79,10 +79,19 @@ services: # Webmail webmail: - image: ${DOCKER_ORG:-mailu}/roundcube:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}roundcube:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: - "/mailu/webmail:/data" depends_on: - imap + + +networks: + default: + driver: bridge + ipam: + driver: default + config: + - subnet: 192.168.203.0/24 diff --git a/tests/compose/roundcube/mailu.env b/tests/compose/roundcube/mailu.env index b8a8b266..cadaa84a 100644 --- a/tests/compose/roundcube/mailu.env +++ b/tests/compose/roundcube/mailu.env @@ -25,6 +25,9 @@ SECRET_KEY=PGGO2JRQ59QV3DW7 # PUBLIC_IPV4= 127.0.0.1 (default: 127.0.0.1) # PUBLIC_IPV6= (default: ::1) +# Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!) +SUBNET=192.168.203.0/24 + # Main mail domain DOMAIN=mailu.io @@ -70,9 +73,9 @@ ANTISPAM=none # Default: accept messages up to 50MB MESSAGE_SIZE_LIMIT=50000000 -# Networks granted relay permissions, make sure that you include your Docker -# internal network (default to 172.17.0.0/16) -RELAYNETS=172.17.0.0/16 +# Networks granted relay permissions +# Use this with care, all hosts in this networks will be able to send mail without authentication! +RELAYNETS= # Will relay all outgoing mails if configured RELAYHOST= @@ -136,4 +139,4 @@ REAL_IP_HEADER= REAL_IP_FROM= # choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no) -REJECT_UNLISTED_RECIPIENT= \ No newline at end of file +REJECT_UNLISTED_RECIPIENT= diff --git a/tests/compose/webdav/docker-compose.yml b/tests/compose/webdav/docker-compose.yml index 8e0db6e3..adc094a8 100644 --- a/tests/compose/webdav/docker-compose.yml +++ b/tests/compose/webdav/docker-compose.yml @@ -15,7 +15,7 @@ services: # Core services front: - image: ${DOCKER_ORG:-mailu}/nginx:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}nginx:${MAILU_VERSION:-master} restart: always env_file: mailu.env logging: @@ -34,7 +34,7 @@ services: - "/mailu/certs:/certs" admin: - image: ${DOCKER_ORG:-mailu}/admin:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}admin:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -44,7 +44,7 @@ services: - redis imap: - image: ${DOCKER_ORG:-mailu}/dovecot:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -54,7 +54,7 @@ services: - front smtp: - image: ${DOCKER_ORG:-mailu}/postfix:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -63,7 +63,7 @@ services: - front antispam: - image: ${DOCKER_ORG:-mailu}/rspamd:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -76,7 +76,7 @@ services: # Optional services webdav: - image: ${DOCKER_ORG:-mailu}/radicale:${MAILU_VERSION:-master} + image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}radicale:${MAILU_VERSION:-master} restart: always env_file: mailu.env volumes: @@ -84,3 +84,12 @@ services: # Webmail + + +networks: + default: + driver: bridge + ipam: + driver: default + config: + - subnet: 192.168.203.0/24 diff --git a/tests/compose/webdav/mailu.env b/tests/compose/webdav/mailu.env index 21dd3981..7141bf1f 100644 --- a/tests/compose/webdav/mailu.env +++ b/tests/compose/webdav/mailu.env @@ -25,6 +25,9 @@ SECRET_KEY=XVDDSWOAGVF5J9QJ # PUBLIC_IPV4= 127.0.0.1 (default: 127.0.0.1) # PUBLIC_IPV6= (default: ::1) +# Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!) +SUBNET=192.168.203.0/24 + # Main mail domain DOMAIN=mailu.io @@ -70,9 +73,9 @@ ANTISPAM=none # Default: accept messages up to 50MB MESSAGE_SIZE_LIMIT=50000000 -# Networks granted relay permissions, make sure that you include your Docker -# internal network (default to 172.17.0.0/16) -RELAYNETS=172.17.0.0/16 +# Networks granted relay permissions +# Use this with care, all hosts in this networks will be able to send mail without authentication! +RELAYNETS= # Will relay all outgoing mails if configured RELAYHOST= @@ -136,4 +139,4 @@ REAL_IP_HEADER= REAL_IP_FROM= # choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no) -REJECT_UNLISTED_RECIPIENT= \ No newline at end of file +REJECT_UNLISTED_RECIPIENT= diff --git a/webmails/rainloop/Dockerfile b/webmails/rainloop/Dockerfile index db7403f5..92479489 100644 --- a/webmails/rainloop/Dockerfile +++ b/webmails/rainloop/Dockerfile @@ -22,7 +22,7 @@ RUN apt-get update && apt-get install -y \ && rm -rf /var/lib/apt/lists COPY include.php /var/www/html/include.php -COPY php.ini /usr/local/etc/php/conf.d/rainloop.ini +COPY php.ini /php.ini COPY config.ini /config.ini COPY default.ini /default.ini diff --git a/webmails/rainloop/config.ini b/webmails/rainloop/config.ini index 7fb13889..6ae5fff7 100644 --- a/webmails/rainloop/config.ini +++ b/webmails/rainloop/config.ini @@ -1,7 +1,7 @@ ; RainLoop Webmail configuration file [webmail] -attachment_size_limit = 25 +attachment_size_limit = {{ MAX_FILESIZE }} [security] allow_admin_panel = Off diff --git a/webmails/rainloop/php.ini b/webmails/rainloop/php.ini index 9b241b46..39abbdd5 100644 --- a/webmails/rainloop/php.ini +++ b/webmails/rainloop/php.ini @@ -1,3 +1,4 @@ date.timezone=UTC -upload_max_filesize = 25M -post_max_size = 25M +upload_max_filesize = {{ MAX_FILESIZE }}M +post_max_size = {{ MAX_FILESIZE }}M + diff --git a/webmails/rainloop/start.py b/webmails/rainloop/start.py index 9e8465a2..4c116e09 100755 --- a/webmails/rainloop/start.py +++ b/webmails/rainloop/start.py @@ -10,6 +10,8 @@ convert = lambda src, dst: open(dst, "w").write(jinja2.Template(open(src).read() os.environ["FRONT_ADDRESS"] = os.environ.get("FRONT_ADDRESS", "front") os.environ["IMAP_ADDRESS"] = os.environ.get("IMAP_ADDRESS", "imap") +os.environ["MAX_FILESIZE"] = str(int(int(os.environ.get("MESSAGE_SIZE_LIMIT"))*0.66/1048576)) + base = "/data/_data_/_default_/" shutil.rmtree(base + "domains/", ignore_errors=True) os.makedirs(base + "domains", exist_ok=True) @@ -17,6 +19,7 @@ os.makedirs(base + "configs", exist_ok=True) convert("/default.ini", "/data/_data_/_default_/domains/default.ini") convert("/config.ini", "/data/_data_/_default_/configs/config.ini") +convert("/php.ini", "/usr/local/etc/php/conf.d/rainloop.ini") os.system("chown -R www-data:www-data /data") diff --git a/webmails/roundcube/Dockerfile b/webmails/roundcube/Dockerfile index 14bee56e..00b843b2 100644 --- a/webmails/roundcube/Dockerfile +++ b/webmails/roundcube/Dockerfile @@ -7,7 +7,7 @@ RUN apt-get update && apt-get install -y \ ENV ROUNDCUBE_URL https://github.com/roundcube/roundcubemail/releases/download/1.3.8/roundcubemail-1.3.8-complete.tar.gz RUN apt-get update && apt-get install -y \ - zlib1g-dev \ + zlib1g-dev python3-jinja2 \ && docker-php-ext-install zip \ && echo date.timezone=UTC > /usr/local/etc/php/conf.d/timezone.ini \ && rm -rf /var/www/html/ \ @@ -22,7 +22,7 @@ RUN apt-get update && apt-get install -y \ && chown -R www-data: logs temp \ && rm -rf /var/lib/apt/lists -COPY php.ini /usr/local/etc/php/conf.d/roundcube.ini +COPY php.ini /php.ini COPY config.inc.php /var/www/html/config/ COPY start.py /start.py diff --git a/webmails/roundcube/php.ini b/webmails/roundcube/php.ini index 9b241b46..39abbdd5 100644 --- a/webmails/roundcube/php.ini +++ b/webmails/roundcube/php.ini @@ -1,3 +1,4 @@ date.timezone=UTC -upload_max_filesize = 25M -post_max_size = 25M +upload_max_filesize = {{ MAX_FILESIZE }}M +post_max_size = {{ MAX_FILESIZE }}M + diff --git a/webmails/roundcube/start.py b/webmails/roundcube/start.py index 07b3a567..3a0bd0bc 100755 --- a/webmails/roundcube/start.py +++ b/webmails/roundcube/start.py @@ -1,6 +1,13 @@ #!/usr/bin/python3 import os +import jinja2 + +convert = lambda src, dst: open(dst, "w").write(jinja2.Template(open(src).read()).render(**os.environ)) + +os.environ["MAX_FILESIZE"] = str(int(int(os.environ.get("MESSAGE_SIZE_LIMIT"))*0.66/1048576)) + +convert("/php.ini", "/usr/local/etc/php/conf.d/roundcube.ini") # Fix some permissions os.system("mkdir -p /data/gpg")