diff --git a/core/admin/Dockerfile b/core/admin/Dockerfile index a4f28481..8dda76d2 100644 --- a/core/admin/Dockerfile +++ b/core/admin/Dockerfile @@ -23,9 +23,11 @@ RUN set -eu \ FROM $DISTRO COPY --from=balenalib/rpi-alpine:3.14 /usr/bin/qemu-arm-static /usr/bin/qemu-arm-static +ENV TZ Etc/UTC + # python3 shared with most images RUN set -eu \ - && apk add --no-cache python3 py3-pip git bash \ + && apk add --no-cache python3 py3-pip git bash tzdata \ && pip3 install --upgrade pip RUN mkdir -p /app diff --git a/core/admin/mailu/configuration.py b/core/admin/mailu/configuration.py index 9829f798..54856c09 100644 --- a/core/admin/mailu/configuration.py +++ b/core/admin/mailu/configuration.py @@ -72,6 +72,7 @@ DEFAULT_CONFIG = { 'SESSION_LIFETIME': 24, 'SESSION_COOKIE_SECURE': True, 'CREDENTIAL_ROUNDS': 12, + 'TZ': 'Etc/UTC', # Host settings 'HOST_IMAP': 'imap', 'HOST_LMTP': 'imap:2525', diff --git a/core/dovecot/Dockerfile b/core/dovecot/Dockerfile index 49fcb866..7a2dbdc1 100644 --- a/core/dovecot/Dockerfile +++ b/core/dovecot/Dockerfile @@ -11,9 +11,12 @@ RUN git clone https://github.com/grosjo/fts-xapian.git \ && make install FROM $DISTRO + +ENV TZ Etc/UTC + # python3 shared with most images RUN apk add --no-cache \ - python3 py3-pip git bash py3-multidict py3-yarl \ + python3 py3-pip git bash py3-multidict py3-yarl tzdata \ && pip3 install --upgrade pip # Shared layer between nginx, dovecot, postfix, postgresql, rspamd, unbound, rainloop, roundcube diff --git a/core/nginx/Dockerfile b/core/nginx/Dockerfile index b7e5e22e..d8899144 100644 --- a/core/nginx/Dockerfile +++ b/core/nginx/Dockerfile @@ -1,5 +1,8 @@ ARG DISTRO=alpine:3.14.2 FROM $DISTRO + +ENV TZ Etc/UTC + # python3 shared with most images RUN apk add --no-cache \ python3 py3-pip git bash py3-multidict \ @@ -9,7 +12,7 @@ RUN apk add --no-cache \ RUN pip3 install socrate==0.2.0 # Image specific layers under this line -RUN apk add --no-cache certbot nginx nginx-mod-mail openssl curl \ +RUN apk add --no-cache certbot nginx nginx-mod-mail openssl curl tzdata \ && pip3 install watchdog COPY conf /conf diff --git a/core/postfix/Dockerfile b/core/postfix/Dockerfile index bdf45e35..9f0cc701 100644 --- a/core/postfix/Dockerfile +++ b/core/postfix/Dockerfile @@ -1,8 +1,11 @@ ARG DISTRO=alpine:3.14.2 FROM $DISTRO + +ENV TZ Etc/UTC + # python3 shared with most images RUN apk add --no-cache \ - python3 py3-pip git bash py3-multidict py3-yarl \ + python3 py3-pip git bash py3-multidict py3-yarl tzdata \ && pip3 install --upgrade pip # Shared layer between nginx, dovecot, postfix, postgresql, rspamd, unbound, rainloop, roundcube diff --git a/core/rspamd/Dockerfile b/core/rspamd/Dockerfile index 0b3b94f7..33174c1a 100644 --- a/core/rspamd/Dockerfile +++ b/core/rspamd/Dockerfile @@ -1,8 +1,11 @@ ARG DISTRO=alpine:3.14.2 FROM $DISTRO + +ENV TZ Etc/UTC + # python3 shared with most images RUN apk add --no-cache \ - python3 py3-pip git bash py3-multidict \ + python3 py3-pip git bash py3-multidict tzdata \ && pip3 install --upgrade pip # Shared layer between nginx, dovecot, postfix, postgresql, rspamd, unbound, rainloop, roundcube diff --git a/docs/configuration.rst b/docs/configuration.rst index fa574415..03817988 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -194,6 +194,10 @@ The ``LETSENCRYPT_SHORTCHAIN`` (default: False) setting controls whether we send The ``REAL_IP_HEADER`` (default: unset) and ``REAL_IP_FROM`` (default: unset) settings controls whether HTTP headers such as ``X-Forwarded-For`` or ``X-Real-IP`` should be trusted. The former should be the name of the HTTP header to extract the client IP address from and the later a comma separated list of IP addresses designing which proxies to trust. If you are using Mailu behind a reverse proxy, you should set both. Setting the former without the later introduces a security vulnerability allowing a potential attacker to spoof his source address. +The ``TZ`` sets the timezone Mailu will use. The timezone naming convention usually uses a ``Region/City`` format. See `TZ database name`_ for a list of valid timezones This defaults to ``Etc/UTC``. Warning: if you are observing different timestamps in your log files you should change your hosts timezone to UTC instead of changing TZ to your local timezone. Using UTC allows easy log correlation with remote MTAs. + +.. _`TZ database name`: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones + Antivirus settings ------------------ diff --git a/optional/clamav/Dockerfile b/optional/clamav/Dockerfile index efad01ad..e17d2d70 100644 --- a/optional/clamav/Dockerfile +++ b/optional/clamav/Dockerfile @@ -1,8 +1,11 @@ ARG DISTRO=alpine:3.14.2 FROM $DISTRO + +ENV TZ Etc/UTC + # python3 shared with most images RUN apk add --no-cache \ - python3 py3-pip bash \ + python3 py3-pip bash tzdata \ && pip3 install --upgrade pip # Image specific layers under this line RUN apk add --no-cache clamav rsyslog wget clamav-libunrar diff --git a/optional/fetchmail/Dockerfile b/optional/fetchmail/Dockerfile index d3397a22..995ec48f 100644 --- a/optional/fetchmail/Dockerfile +++ b/optional/fetchmail/Dockerfile @@ -1,9 +1,11 @@ ARG DISTRO=alpine:3.14.2 FROM $DISTRO +ENV TZ Etc/UTC + # python3 shared with most images RUN apk add --no-cache \ - python3 py3-pip bash \ + python3 py3-pip bash tzdata \ && pip3 install --upgrade pip # Image specific layers under this line diff --git a/optional/postgresql/Dockerfile b/optional/postgresql/Dockerfile index ab197b62..3ddbb40a 100644 --- a/optional/postgresql/Dockerfile +++ b/optional/postgresql/Dockerfile @@ -1,8 +1,11 @@ ARG DISTRO=alpine:3.14.2 FROM $DISTRO + +ENV TZ Etc/UTC + # python3 shared with most images RUN apk add --no-cache \ - python3 py3-pip bash py3-multidict \ + python3 py3-pip bash py3-multidict tzdata \ && pip3 install --upgrade pip # Shared layer between nginx, dovecot, postfix, postgresql, rspamd, unbound, rainloop, roundcube diff --git a/optional/radicale/Dockerfile b/optional/radicale/Dockerfile index 21c1d437..4eb8d5a7 100644 --- a/optional/radicale/Dockerfile +++ b/optional/radicale/Dockerfile @@ -1,9 +1,11 @@ ARG DISTRO=alpine:3.14.2 FROM $DISTRO +ENV TZ Etc/UTC + # python3 shared with most images RUN apk add --no-cache \ - python3 py3-pip bash \ + python3 py3-pip bash tzdata \ && pip3 install --upgrade pip # Image specific layers under this line diff --git a/optional/traefik-certdumper/Dockerfile b/optional/traefik-certdumper/Dockerfile index a7127ce1..506c09c2 100644 --- a/optional/traefik-certdumper/Dockerfile +++ b/optional/traefik-certdumper/Dockerfile @@ -1,6 +1,8 @@ FROM ldez/traefik-certs-dumper -RUN apk --no-cache add inotify-tools util-linux bash +ENV TZ Etc/UTC + +RUN apk --no-cache add inotify-tools util-linux bash tzdata COPY run.sh / diff --git a/optional/unbound/Dockerfile b/optional/unbound/Dockerfile index da979496..bf5d4840 100644 --- a/optional/unbound/Dockerfile +++ b/optional/unbound/Dockerfile @@ -1,8 +1,11 @@ ARG DISTRO=alpine:3.14.2 FROM $DISTRO + +ENV TZ Etc/UTC + # python3 shared with most images RUN apk add --no-cache \ - python3 py3-pip git bash py3-multidict \ + python3 py3-pip git bash py3-multidict tzdata \ && pip3 install --upgrade pip # Shared layer between nginx, dovecot, postfix, postgresql, rspamd, unbound, rainloop, roundcube diff --git a/setup/flavors/compose/mailu.env b/setup/flavors/compose/mailu.env index 3e53e7d2..a8709ab3 100644 --- a/setup/flavors/compose/mailu.env +++ b/setup/flavors/compose/mailu.env @@ -170,6 +170,9 @@ REJECT_UNLISTED_RECIPIENT={{ reject_unlisted_recipient }} # Log level threshold in start.py (value: CRITICAL, ERROR, WARNING, INFO, DEBUG, NOTSET) LOG_LEVEL=WARNING +# Timezone for the Mailu containers. See this link for all possible values https://en.wikipedia.org/wiki/List_of_tz_database_time_zones +TZ=Etc/UTC + ################################### # Database settings ################################### diff --git a/towncrier/newsfragments/1154.enhancement b/towncrier/newsfragments/1154.enhancement new file mode 100644 index 00000000..d19b3d09 --- /dev/null +++ b/towncrier/newsfragments/1154.enhancement @@ -0,0 +1 @@ +Add support for timezones \ No newline at end of file diff --git a/webmails/rainloop/Dockerfile b/webmails/rainloop/Dockerfile index f1394d64..02910e39 100644 --- a/webmails/rainloop/Dockerfile +++ b/webmails/rainloop/Dockerfile @@ -4,9 +4,11 @@ ARG ARCH="" FROM ${ARCH}alpine:3.14 ONBUILD COPY --from=balenalib/rpi-alpine:3.14 /usr/bin/qemu-arm-static /usr/bin/qemu-arm-static +ENV TZ Etc/UTC + # Shared later between dovecot postfix nginx rspamd rainloop and roundloop RUN apk add --no-cache \ - python3 py3-pip \ + python3 py3-pip tzdata \ && pip3 install socrate==0.2.0 # https://www.rainloop.net/docs/system-requirements/ diff --git a/webmails/roundcube/Dockerfile b/webmails/roundcube/Dockerfile index 1f788918..4ad89022 100644 --- a/webmails/roundcube/Dockerfile +++ b/webmails/roundcube/Dockerfile @@ -7,9 +7,12 @@ ONBUILD COPY --from=balenalib/rpi-alpine:3.14 /usr/bin/qemu-arm-static /usr/bin/ FROM ${ARCH}php:7.4-apache as build_other FROM build_${QEMU} + +ENV TZ Etc/UTC + #Shared layer between rainloop and roundcube RUN apt-get update && apt-get install -y \ - python3 curl python3-pip git python3-multidict \ + python3 curl python3-pip git python3-multidict tzdata \ && rm -rf /var/lib/apt/lists \ && echo "ServerSignature Off\nServerName roundcube" >> /etc/apache2/apache2.conf \ && sed -i 's,CustomLog.*combined$,\0 "'"expr=!(%{HTTP_USER_AGENT}=='health'\&\&(-R '127.0.0.1/8' || -R '::1'))"'",' /etc/apache2/sites-available/000-default.conf @@ -26,7 +29,6 @@ RUN apt-get update && apt-get install -y \ python3-jinja2 \ gpg \ && docker-php-ext-install zip pdo_mysql pdo_pgsql \ - && echo date.timezone=UTC > /usr/local/etc/php/conf.d/timezone.ini \ && rm -rf /var/www/html/ \ && cd /var/www \ && curl -sL ${ROUNDCUBE_URL} | tar xz \ diff --git a/webmails/roundcube/php.ini b/webmails/roundcube/php.ini index 27992231..dafa0578 100644 --- a/webmails/roundcube/php.ini +++ b/webmails/roundcube/php.ini @@ -1,5 +1,4 @@ expose_php=Off -date.timezone=UTC +date.timezone={{ TZ }} upload_max_filesize = {{ MAX_FILESIZE }}M post_max_size = {{ MAX_FILESIZE }}M -