377 Commits (7247b4b10c703ab160c791526a5958932c13fdff)

Author SHA1 Message Date
hoellen 7247b4b10c
Merge branch 'master' into fix-password-on-user-edit 6 years ago
hoellen f08491dc46 fix forced password on user edit 6 years ago
hoellen 732b5fe161 change password field type in fetch creation/edit and add validators. 6 years ago
mergify[bot] 4204facd85
Merge pull request #810 from usrpro/feat-logging
Implement some degree of logging
6 years ago
Tim Möhlmann 049ca9941f
Cleanup syntax and fix typo 6 years ago
Tim Möhlmann 0ac3cf9617
Don't recursivly chown on mailboxes.
This fixes #776.
Recursion is not needed, as the permissions will only need to be set on the first invocation.
6 years ago
Tim Möhlmann 71cda7983e
Merge branch 'master' into feat-logging 6 years ago
Tim Möhlmann 7d01bb2a4d
LOG_LEVEL docs and changelog entry 6 years ago
Tim Möhlmann b04a9d1c28
Implement debug logging for template rendering 6 years ago
Tim Möhlmann b9313488dd
Add logging for tenacity.retry
In the process we found that the previous way of tenacity syntax caused it not to honor any args.
In this commit we've refactored to use the @decorator syntax, in which tenacity seems to behave better.
6 years ago
mergify[bot] 3b5f3af207
Merge pull request #778 from Nebukadneza/fix_recipient_delimiter
Attempt stripping recipient delimiter from localpart
6 years ago
Tim Möhlmann 5636e7f5a7
Remove to avoid matching webroot 6 years ago
Tim Möhlmann 561e2fda67
Merge remote-tracking branch 'upstream/master' into fix-favicon 6 years ago
Tim Möhlmann a358b5305f
Merge pull request #797 from Mailu/upgrade-pyyaml
Upgrade PyYAML
6 years ago
Tim Möhlmann 4f93e09028
Implement favicon package
Credit to:
- https://stackoverflow.com/a/19590415/1816774
- https://realfavicongenerator.net/
6 years ago
Tim Möhlmann 284d54190a
Upgrade PyYAML to 4.2b4 6 years ago
hoellen 8fe1e788b3 add missing route fixes 6 years ago
Tim Möhlmann 3c7bf58211
Upgrade PyYAML
CVE-2017-18342
Vulnerable versions: < 4.2b1
Patched version: 4.2b1
In PyYAML before 4.1, the yaml.load() API could execute arbitrary code. In other words, yaml.safe_load is not used.
6 years ago
hoellen d5d4d6c337 harden email address validation and fix routes with user_email 6 years ago
mergify[bot] d483ef3c2a
Merge pull request #792 from hoellen/admin-broken-links-1
fix broken webmail and logo url in admin
6 years ago
Tim Möhlmann 74fe177297
Merge pull request #785 from TheLegend875/feat-displayed-name
Feature: send auto reply with displayed name
6 years ago
hoellen f617e82c06 fix broken webmail and logo url in admin 6 years ago
TheLegend875 999d2a9557 changed default.sieve to send displayed name 6 years ago
TheLegend875 2954d84790 added necessary ui elements 6 years ago
TheLegend875 56f4d4c894 fixed auto-forward 6 years ago
TheLegend875 5bdbbf60d7 fixed display of username when not logged in 6 years ago
Dario Ernst c2d45a47fe Attempt stripping recipient delimiter from localpart
Since postfix now asks us for the complete email over podop, which
includes the recipient-delimiter-and-what-follows not stripped, we need
to attempt to find both the verbatim localpart, as well as the localpart
stripped of the delimited part ….

Fixes #755
6 years ago
Tim Möhlmann 19df86f13f
Merge pull request #764 from usrpro/fix-alias-bug
Added regex validation for alias username
6 years ago
Tim Möhlmann 3a5b763018
Option to disable full text search (lucene)
This is a workaround for the bug in issue #751
6 years ago
mergify-bot 983c388150 Merge branch 'master' into 'fix-localpart-chars' 6 years ago
mergify-bot 6cfb74e96c Merge branch 'master' into 'fix-localpart-chars' 6 years ago
Tim Möhlmann af086bbdbe
Include DKIM in VOLUME 6 years ago
hoellen c041a9d45c allow all characters for username in dovecot 6 years ago
Tim Möhlmann 24828615cf
Webmail on root, fixes #757 6 years ago
Ionut Filip 8fc2846924 Added regex validation for alias username 6 years ago
Tim Möhlmann 3c4ee1b31e
Merge pull request #743 from kaiyou/master
Fixes #738 regarding application context
6 years ago
ofthesun9 97b3a85090
Merge pull request #737 from hoellen/fix-alias-match-behaviour
fix alias match behaviour
6 years ago
mergify-bot 09a50b6cfc Merge branch 'master' into 'master' 6 years ago
kaiyou 4060ac2223 Remove some forgotten debugging 6 years ago
kaiyou 087841d5b7 Fix the way we handle the application context
The init script was pushing an application context, which maked
flask.g global and persisted across requests. This was evaluated
to have a minimal security impact.

This explains/fixes #738: flask_wtf caches the csrf token in the
application context to have a single token per request, and only
sets the session attribute after the first generation.
6 years ago
kaiyou b5f51b0e2e Update python dependencies 6 years ago
hoellen 8fe9e695f3 prefer non-wildcard aliases over wildcard aliases 6 years ago
Tim Möhlmann c7dcfee882
Merge pull request #713 from pgeorgi/extend-nginx
nginx: Allow extending config with overrides
6 years ago
hoellen 79768c09f6 fix alias matching behaviour 6 years ago
Tim Möhlmann 6ca8ed437d
Merge pull request #732 from Nebukadneza/add_front_certificate_reload
Add certificate watcher for external certs to reload nginx
6 years ago
Dario Ernst 1aa97c9914 Add certificate watcher for external certs to reload nginx
In case of TLS_FLAVOR=[mail,cert], the user supplies their own certificates.
However, since nginx is not aware of changes to these files, it cannot
reload itself e.g. when the certs get renewed.

To solve this, let’s add a small daemon in the place of
`letsencrypt.py`, which uses a flexible file-watching framework and
reloads nginx in the case the certificates change ….
6 years ago
Tim Möhlmann c00910ca4b
Merge remote-tracking branch 'upstream/master' into extend-nginx 6 years ago
Tim Möhlmann 97d338e68a
Rectify 'endif' placement 6 years ago
Tim Möhlmann 425cdd5e77
Fix syntax errors 6 years ago
Tim Möhlmann 20f1faf6d0
Send 404 when nothing server at '/'
Prevents Nginx welcome screen
6 years ago