4121 Commits (23ae60e3df563e16c084da8143a1d30e6f25dced)
 

Author SHA1 Message Date
Florent Daigniere bd5fd9536d doh 2 years ago
Florent Daigniere e0643cf45c Disable the cache; don't upgrade pip if not req 2 years ago
Florent Daigniere f760024812 These are required for the healthcheck 2 years ago
Florent Daigniere 19eda03a49 Build wheels only if we have to. 2 years ago
bors[bot] 7618c0a621
Merge #2421
2421: Put ipv6 resolver address in square brackets r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

NGINX front container currently does not handle IPv6 resolver addresses correctly, this PR fixes this.
Replaces #2382


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2 years ago
Alexander Graf 822abc9136
Put ipv6 resolver address in square brackets 2 years ago
bors[bot] 53de7b7d60
Merge #2403
2403: Feature: switch CI/CD from build to buildx r=mergify[bot] a=Diman0

## What type of PR?

Feature and enhancement

## What does this PR do?

Switch from docker build to buildx for CI/CD.
    - The main workflow file has been optimised and simplified.
    - Images are built in parallel when building locally resulting in much faster build times.
    - The github action workflow is about 50% faster.
    - Arm images are built as well. These images are not tested due to restrictions of github actions (no arm runners). The tags of the images have -arm appended to it. The arm images are built on merge on master and release branch (x.y). They do not influence the normal CI/CD workflow used for bors (for PR) and real releases (merge on master and branch x.y for x86_64). 
    - Arm images (and normal x86_64 images) can also be built locally.
    - Reusable workflow is introduced for building, testing and deploying the images. This allows the workflow to be reused for other purposes in the future.
    - Workflow can be manually triggered. This allows forked Mailu projects to also use the workflow for building images.

The main workflow makes use of github actions cache to store the cache layer. This layer is used to quickly rebuilt the images in the testing step and deploy step.

Unfortunately the building the arm images fails sometimes due to timeouts. Sometimes the connection to github actions cache is very slow. Restarting the workflow from the last failed step resolves this. I have not observed this with the normal build.

Just as previous time, you can use a forked project for testing the changes (https://github.com/Diman0/Mailu_Fork). You should still have owner access. I have created branch 1.11 for testing. You can see I already push 4 times to branch 1.11 (current version is 1.11.3).

### Related issue(s)
- Mention an issue like: #001
- closes #2383 
- closes #1830
- closes #1200

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2 years ago
bors[bot] 3327500f96
Merge #2221
2221: Add support for custom NGINX config r=mergify[bot] a=easybe

## What type of PR?

enhancement

## What does this PR do?

Add support for custom NGINX config. Including *.conf files in /etc/nginx/conf.d same as the default NGINX configuration gives the user more flexibility.

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Ezra Buehler <ezra@easyb.ch>
2 years ago
bors[bot] 1069c02bc8
Merge #2357
2357: Switch to ffdhe3072 to enable RFC 7919 r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

The idea being:
- it's a "nothing up my sleeves" group
- it may help shave off some bytes of the SSL handshake; That being said, I doubt that clients that are modern enough to support this RFC won't offer an EC kex

https://raw.githubusercontent.com/internetstandards/dhe_groups/master/ffdhe3072.pem

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2 years ago
bors[bot] 3993a6d288
Merge #2415
2415: Update roundcube to 1.5.3 and rcmcarddav plugin r=mergify[bot] a=willofr

## What type of PR?
Bugfix

## What does this PR do?
Updates:
- roundcube to 1.5.3: https://github.com/roundcube/roundcubemail/releases/tag/1.5.3
- rcmcarddav plugin to 4.4.2

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Will <will@packer-output-c8fcfb40-3d93-4475-8f87-e14a9dd683b6>
Co-authored-by: willofr <willofr@users.noreply.github.com>
2 years ago
willofr a7d7d2ece1
Create 2415.bugfix 2 years ago
Will 72a5bbf53d Update roundcube to 1.5.3 and rcmcarddav plugin 2 years ago
bors[bot] 4894c555d1
Merge #2409
2409: Fix error in reverse proxy example for how to include nginx override. r=mergify[bot] a=Diman0


## What type of PR?

documentation

## What does this PR do?
The reverse proxy documentation contained an error in an example section. The nginx override file is incorrectly overridden in the sample. Also clarified how the file is included and that you should define location blocks (because it is included in the main mailu server block).

### Related issue(s)
- closes #2232 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [n/a] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2 years ago
Dimitri Huisman a54baeff00 Fixed error in reverse.rst and remove unneeded example block. 2 years ago
bors[bot] 0a439891ee
Merge #2408
2408: Remove the misleading text in mailu.env that zstd and lz4 are supported r=Diman0 a=Diman0

## What type of PR?

bug-fix

## What does this PR do?
Remove the misleading text in mailu.env that zstd and lz4 are supported  for dovecot mail compression.
Zstd and lz4 are not supported. The reason is that the alpine project does not compile this into the dovecot package.
Users who want this functionality, can kindly request the alpine project to compile dovecot with lz4&zstd support.

### Related issue(s)
- closes #2139

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2 years ago
Dimitri Huisman aae10e856b Add newsfragment for bugfix for issue 2139 2 years ago
Dimitri Huisman 10c02c0a32 Fix error in reverse proxy example for how to include nginx override.
Also clarified where the file is included in the nginx configuration file.
2 years ago
Dimitri Huisman bfbdfbe312 Remove the misleading text in mailu.env that zstd and lz4 are supported for dovecot mail compression.
Zstd and lz4 are not supported. The reason is that the alpine project does not compile this
into the dovecot package.
Users who want this funcionality, can kindly request the alpine project to compile dovecot
with lz4&zstd support.
2 years ago
bors[bot] e910bfd71d
Merge #2407
2407: Fix small typo in config-import example template r=mergify[bot] a=Diman0

## What type of PR?

documentation fix

## What does this PR do?
Fixes a small typo in the full yaml template example  for the config-import. The entry ``alias:`` was incorrectly displayed as ``aliases:``.

### Related issue(s)
- closes #2387 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ n/a ] In case of feature or enhancement: documentation updated accordingly
- [ n/a ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2 years ago
Dimitri Huisman 28e409f5ea Fix small typo in config-import example template 2 years ago
bors[bot] bae15c0af3
Merge #2404
2404: Forwarding emails option in user settings did not support 1 letter do… r=mergify[bot] a=Diman0

…mains.

## What type of PR?

Bug-fix

## What does this PR do?

Forwarding emails option in user setting did not support 1 letter domains. The regex for checking the validity of  multiple email addresses string has been modified to allow 1 letter domains and to allow 1 letter local part.

### Related issue(s)
- closes #2402 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2 years ago
Dimitri Huisman 57865495d4 Forwarding emails option in user settings did not support 1 letter domains. 2 years ago
bors[bot] 51945aa316
Merge #2397
2397: Fix resolving alias addresses for postfix when target is a punycode domain r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

- fix splitting of localpart in resolve_destination
- idna-enode domain-part of email addresses before returning to postfix

### Related issue(s)
- closes #2393


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2 years ago
Dimitri Huisman ae18217e07 Fix adding -arm tag correctly to PINNED_MAILU_VERSION in arm.yml. 2 years ago
Dimitri Huisman 4bb0bd8fb2 Forgot to update snappymail test 2 years ago
Dimitri Huisman 7e21ab4007 Merge master cont'd 2 years ago
Dimitri Huisman 3aafecafe7 Merge branch 'master' into feat-switch-buildx 2 years ago
Dimitri Huisman f6de2b2938 Switch from docker build to buildx for CI/CD.
- The main workflow file has been optimised and simplified.
- Images are built in parallel when building locally resulting in faster build times.
- The github action workflow is about 50% faster.
- Arm images are built as well. These images are not tested due to restrictions of github actions (no arm runners). The tags of the images have -arm appended to it.
- Arm images can also be built locally.
- Reusable workflow is introduced for building, testing and deploying the images.
  This allows the workflow to be reused for other purposes in the future.
- Workflow can be manually triggered. This allows forked Mailu projects to also use the workflow for building images.
2 years ago
bors[bot] cb70f10a49
Merge #2391
2391: Documentation fixes r=mergify[bot] a=adamward-git

## What type of PR?

(documentation)

## What does this PR do?
Spelling corrections, gammar fixes.

### Related issue(s)
N/A

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

N/A

Co-authored-by: Adam Ward <awjob@internode.on.net>
Co-authored-by: adamward-git <82577349+adamward-git@users.noreply.github.com>
2 years ago
adamward-git 89cc6e0716
Update requirements.rst
Fix grammar.
2 years ago
bors[bot] 238daef6d8
Merge #2295
2295: Switch from Rainloop to SnappyMail r=mergify[bot] a=Diman0

## What type of PR?

Feature

## What does this PR do?
As discussed in the project meeting (#1582), we decided we want to switch from Rainloop to an alternative. Rainloop has multiple open security issues which were not patched for a long time. 

We decided to switch to SnappyMail because it is more secure and based on RainLoop. This means that users using RainLoop will still have a webmail that looks familiar for them.

This PR replaces RainLoop with SnappyMail.

### Related issue(s)
- #2215 
- #1582

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2 years ago
bors[bot] d0a5ea6427
Merge #2395
2395: fix FAQ typo r=mergify[bot] a=rayrrr

## What type of PR?

documentation

## What does this PR do?

Fix a typo: stripped as in whitespace, not striped as in tiger :)

Co-authored-by: Ray <7869818+rayrrr@users.noreply.github.com>
2 years ago
Alexander Graf c478e26d68
Encode domain part of email addresses before returning. 2 years ago
Alexander Graf 5179cf0618
Fix localpart splitting and make code more readable. 2 years ago
adamward-git b4df9407d0
Update general.rst
Component changing sentence correction.
2 years ago
adamward-git a91e0a47eb
Update faq.rst
Fix broken archive.org link.
My preference is still to use archive.org in case the original blog post goes away.
2 years ago
adamward-git 58170b4f0a
Update database.rst
Spelling correction.
See https://writingexplained.org/incase-or-in-case-difference 
"Incase is a misspelling of encase"
2 years ago
Ray 8e8c4937da
fix FAQ typo
Stripped as in whitespace, not striped as in tiger
2 years ago
adamward-git 1d9c29cb8d
Update setup.rst
Revert block edit.
2 years ago
adamward-git c72b3a0d33
Update guidelines.rst 2 years ago
Adam Ward c423eabc07 Documentation:
- spelling corrections
 - minor grammar changes.
2 years ago
Dimitri Huisman 2a527a38cf Deny access to hidden files for snappymail 2 years ago
bors[bot] e50f6c58c0
Merge #2360
2360: roundcube: disable apache2 access log r=mergify[bot] a=pommi

## What type of PR?

bug-fix

## What does this PR do?

It disables the access log of apache2 in the roundcube webmail container. Requests are already logged by the front container. The requests logged in the roundcube container contained contained the wrong client IP: the IP address of the front container.

----

Original PR:

~~Roundcube webmail is accessed through the nginx reverse proxy in the front container. Each access logline logged by apache2 in the roundcube container did not contain the actual client IP address, but the IP address of the front container, for example:~~

```
192.168.203.3 - - [28/May/2022:12:33:52 +0000] "POST /?_task=mail&_action=refresh HTTP/1.1" 200 677 "https://[REDACTED]/roundcube/?_task=mail&_mbox=INBOX" "Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101 Firefox/100.0"
^
IP address of the front container
```

~~By enabling the apache2 remoteip module and configuring it to get the actual client IP address from the X-Forwarded-For header, it logs the correct client IP address to the access log.~~

### Related issue(s)
- None

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

**No changelog or documentation necessary for this minor change.**


Co-authored-by: Pim van den Berg <pim@nethuis.nl>
2 years ago
bors[bot] 3844339899
Merge #2364
2364: Update Dockerfile r=mergify[bot] a=twekkel

apt is intended for interactive usage, for scripts use apt-get (https://manpages.debian.org/bullseye/apt/apt.8.en.html) to avoid warnings.

## What type of PR?

minor enhancement

## What does this PR do?

replace apt with apt-get to avoid below warning

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.


## Prerequisites

-

Co-authored-by: Eddy Vervest <57325478+twekkel@users.noreply.github.com>
2 years ago
Dimitri Huisman ee78a34da4 Process code review feedback
Remove unneeded IF statement in /admin block in nginx.conf of front.
Fix contributions made to Dockerfile, add missing trailing \ and add back curl
Change healthcheck to monitoring page of fpm. Now we check nginx and fpm.
2 years ago
Dimitri Huisman 9d0c49a844 Merge branch 'feature-switch-snappymail' of github.com:Diman0/Mailu into feature-switch-snappymail 2 years ago
Dimitri Huisman d19208d3d1 Merge branch 'master' of github.com:Mailu/Mailu into feature-switch-snappymail 2 years ago
bors[bot] e91f28082b
Merge #2384
2384: Re-enable the built-in nginx resolver for traffic going through the mail plugin r=mergify[bot] a=Diman0

## What type of PR?

Bug-fix

## What does this PR do?
Re-enable the built-in nginx resolver for traffic going through the mail plugin
This is required for passing rDNS/ptr information to postfix.
The mail proxy uses the resolver info for passing XCLIENT info.
See http://nginx.org/en/docs/mail/ngx_mail_proxy_module.html#xclient
Without this info rspamd will flag all messages with DHFILTER_HOSTNAME_UNKNOWN due to the missing rDNS/ptr info.

Yes this re-introduces these `cannot resolve` error  messages. If we really want to get rid of these, then we can consider logging to a rsyslog daemon where we filter out these messages.

### Related issue(s)
- Auto close an issue like: closes #2368

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2 years ago
Dimitri Huisman 4b491d9de5 Re-enable the built-in nginx resolver for traffic going through the mail plugin.
This is required for passing rDNS/ptr information to postfix.
The mail proxy uses the resolver info for passing XCLIENT info.
See http://nginx.org/en/docs/mail/ngx_mail_proxy_module.html#xclient
Without this info rspamd will flag all messages with DHFILTER_HOSTNAME_UNKNOWN due to the missing rDNS/ptr info.
2 years ago
Pim van den Berg 6f884c6c93 roundcube: disable access log
As per discussion in #2360: The front container (nginx reverse proxy) is
already logging all requests, disable the access logs for apache2 in the
roundcube container completely.
2 years ago