104 Commits (77ad6d19ae7420e2ecf22caf5fcff763538e8273)

Author SHA1 Message Date
Will b2abbc8856 update Dockerfile to alpine 3.14.3 3 years ago
Dimitri Huisman 2efad07c0b Merge branch 'master' of github.com:Diman0/Mailu into remove-mailu-postgresql 3 years ago
bors[bot] 08be233607
Merge #2058
2058: Implement versioning for CI/CD workflow. r=mergify[bot] a=Diman0

## What type of PR?

Feature!

## What does this PR do?
This PR introduces 3 things
- Add versioning (tagging) for branch x.y (1.8). E.g. 1.8.0, 1.8.1 etc.
  - docker repo will contain x.y (latest) and x.y.z (pinned version) images.
  - The X.Y.Z tag is incremented automatically. E.g. if 1.8.0 already exists, then the next merge on 1.8 will result in the new tag 1.8.1 being used.
- Make the version available in the image.
  -  For X.Y and X.Y.Z write the version (X.Y.Z) into /version on the image and add a label with version=X.Y.Z
	  -  This means that the latest X.Y image shows the pinned version (X.Y.Z e.g. 1.8.1) it was based on. Via the tag X.Y.Z you can see the commit hash that triggered the built.
  -  For master write the commit hash into /version on the image and add a label with version={commit hash}
-  Automatic releases. For x.y triggered builts (e.g. merge on 1.9) do a new github release for the pinned x.y.z (e.g. 1.9.2). 
  -  Release shows a static message (see RELEASE_TEMPLATE.md) that explains how to reach the newsfragments folder and change the branch to the tag (x.y.z) mentioned in the release. Now you can get the changelog by reading all newsfragment files in this folder.

This PR does not change anything to our workflow (what we (human persons) do). Our processes are still exactly the same. The above introduced logic is automatic. When we backport to X.Y all the magic for creating the pinned version X.Y.Z is handled by the CI/CD workflow.

### Related issue(s)
- closes #1182

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.

## Testing
Suggested testing steps. This should cover all situations including BORS. It does require that you use your own docker repo or temporarily create a new one.
Suggested testing steps.
1. Create new github repo.
2. Add the required docker secrets to the project (see beginning of CI.yml for the secret names), DOCKER_UN, DOCKER_PW, DOCKER_ORG, DOCKER_ORG_TESTS.
3. Clone the project.
4. Copy the contents of the PR to the cloned project.
5. Push to your new github repo.
6. Now master images are built. Check that images with tag master are pushed to your docker repo
7. Check with docker inspect nginx:master that it has the label version={commit hash}.
8. Run an image, run `docker-compose exec <name> cat /version`. Note that /version also contains the pinned version. For master the pinned version is the commit hash.
9. Create branch 1.8. 
10. Push branch 1.8 to repo.
11. Note that tags 1.8 and 1.8.0 are built and pushed to docker repo
12. Inspect label and /version. Note that 1.8 and 1.8.0 both show version 1.8.0.
13. Push another commit to branch 1.8.
14. Note that tags 1.8 and 1.8.1 are built and pushed to docker repo
15. Inspect label and /version. Note that 1.8 and 1.8.1 both show version 1.8.1.
16. Let's check BORS stuff.
17. Create branch testing.
18. Push the commit with the exact commit text (IMPORTANT!!): `Try #1234:`'.
19. Note that images are built and pushed for tag `pr-1234`.
20. Inspect label and /version. Note that the version is `pr-1234`.
20. Create branch staging.
21. Push the commit with commit text: `Merge #1234`.
22. Note that this image is not pushed to docker (as expected).

but you could also check the GH repo and docker repo I used:
https://github.com/Diman0/Mailu_Fork
https://hub.docker.com/r/diman/rainloop/tags

Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
3 years ago
Dimitri Huisman 1eeffe29c0 Remove Mailu PostgreSQL. Make roundcube database configurable via setup. Fix #1838. 3 years ago
Alexander Graf 602accfba7
fixed ipv6 access-control 3 years ago
Dimitri Huisman f7677543c6 Process code review remarks
- Moved run to bottom of Dockerfile to allow using unmodified / cached states.
- Simplified bash code in deploy.sh.
- Improved the large bash one-liner in CI.yml. It could not handle >9 for 1.x.
3 years ago
Dimitri Huisman 56dd70cf4a Implement versioning for CI/CD workflow (see #1182). 3 years ago
Dimitri Huisman d7d02152bb Make fetchid file not hidden. 3 years ago
Dimitri Huisman 92e65b33e0 Configure fetchmail to use idfile to keep track of messages.
Run fetchmail as root. This is unfortunately required because
all files are owned by root in the mailu data folder.
In the future  we must switch all images to running all
all processes with a non-root user.
3 years ago
Dimitri Huisman 2404cf2e3d Fix for issue #1223 3 years ago
DjVinnii 225160610b Set default TZ in Dockerfiles 3 years ago
DjVinnii 50d76076ed Add tzdata to optional 3 years ago
Florent Daigniere 1cf0f76b52 not required anymore 3 years ago
Florent Daigniere e9f84d7d99 Improve the unbound configuration 3 years ago
Alexander Graf 447b237ecb fix freshclam startup
- create pid file in existing folder /run
- let freshclam log to stdout
- remove deprecated SafeBrowsing
3 years ago
Florent Daigniere d7c2b510c7 Give alpine 3.14.2 a shot 3 years ago
Florent Daigniere 0c4455ccf5 Revert "Rollback to alpine 1.12"
This reverts commit e1ddbb6eec.
3 years ago
Florent Daigniere e1ddbb6eec Rollback to alpine 1.12
it ships unbound 1.10 that doesn't have the bug I think
08968baec1
3 years ago
Florent Daigniere 0211c06c37 don't need sudo here 3 years ago
Florent Daigniere 420afa53f8 Upgrade to alpine 3.14 3 years ago
parisni d2803f6f46 Update setup website 3 years ago
parisni 278878d48d Remove unused deps 3 years ago
bors[bot] 42cefab4c2
Merge #1760
1760: Security updates to postgresql r=mergify[bot] a=WebSpider

## What type of PR?

Security update

## What does this PR do?

It fixes vulnerabilities in the sudo package in the postgresql optional container documented in
CVE-2021-23240, CVE-2021-3156 and CVE-2021-23239

### Related issue(s)

None

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Nils Vogels <n.vogels@aves-it.nl>
3 years ago
Dario Ernst 4dbefe8e3a
Merge pull request #1631 from toastboy70/bug/#1536
Change unbound logfile to the empty string
3 years ago
Nils Vogels 6c4fa5432f Provide fix in postgresql container for CVE-2021-23240, CVE-2021-3156, CVE-2021-23239 4 years ago
cbachert 72a9ec5b7c Fix extract_host_port port separation
Regex quantifier should be lazy to make port separation work.
4 years ago
Jon Wilson 5e32447f07 Change unbound logfile to the empty string
This is defined to send log messages to stderr, which is
what we want - fixes #1536 ("Could not open logfile /dev/stdout:
Permission denied")
4 years ago
Richard Gomes b414757ff8 Fix hardcoded reference to admin container. 4 years ago
ofthesun9 539114a3d6
Merge branch 'master' into test-alpine-3.12 4 years ago
ofthesun9 16ec9adadd
Update optional/radicale/Dockerfile
Co-authored-by: Dario Ernst <github@kanojo.de>
4 years ago
ofthesun9 e8b72099a7 Switching to alpine:3.12 and use fetchmail from alpine repository
alpine3:12 provides fetchmail 6.4.5, so building fetchmail from alpha branch
is not needed anymore (ssl wrapped mode issue fixed) since 6.4.2
4 years ago
ofthesun9 e5f892ce70 Adjust radicale Dockerfile for alpine:3.12 & layers optimisation 4 years ago
ofthesun9 cff2e76269 Switching to alpine:3.12 4 years ago
ofthesun9 506b7e9372 Use Radicale 3.x for webdav service
- remove ==2.1.12 in Dockerfile pip3 install radicale
- remove -f flag in Dockerfile CMD
- remove deprecated daemon and dns_lookup settings from radicale.conf
- move realm setting from [server] to [auth] in radicale.conf
- add newsfragment
5 years ago
ofthesun9 6647c96bf9 Fixed typo in Dockerfile 5 years ago
ofthesun9 45f3772c26 Stick radicale to 2.1.12 version
As 3.0 is breaking compatibility with 2.1 branch
5 years ago
Tim Möhlmann dd07b0e3aa
Postgresql: default SUBNET6 in pg_hba 5 years ago
bors[bot] 564ca741a4
Merge #1257
1257: Allow local IPv6 connections to Postgres r=mergify[bot] a=tulir

## What type of PR?

bug-fix

## What does this PR do?

Fix postgres connection not working when IPv6 is enabled

Co-authored-by: Tulir Asokan <tulir@maunium.net>
5 years ago
Alexander A. Klimov 313e98c1a2 fetchmail: print unhandled exceptions, but don't crash
refs #1295
5 years ago
kaiyou 7507345ce9 Fix encoding of custom fields in fetchmailrc 5 years ago
Nick Young 0281205313
Upgrade alpine to get new clamav. 5 years ago
bors[bot] cfd838f310
Merge #1215
1215: Allow specifying the traefik version for cert dumping r=mergify[bot] a=timoschwarzer

## What type of PR?

Enhancement

## What does this PR do?

### Related issue(s)
- #1011 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Timo Schwarzer <me@timoschwarzer.com>
5 years ago
Michael Wyraz 09ee3ce95c Install py3-multidict from repository before installing socrate to avoid the need of gcc during build 5 years ago
Tulir Asokan dcef6ff3e3
Allow local IPv6 connections to Postgres 5 years ago
Dario Ernst b374072892 Radicale: Use pip package instead of alpine repo
Required to fix failing builds caused by [alpine]upstream package rebuild against different python version
5 years ago
Tim Möhlmann 4e4b071fb0
Move services into core and optional 5 years ago
Timo Schwarzer 0c82caf817
Allow specifying the traefik version for cert dumping 5 years ago
Aurélien Bondis 124b1d4c71 rebase and update for 3.10, avoid adding qemu file to x86 images 5 years ago
Dennis Boldt d6cf5b991b
Update run.sh
On the first run, this script shows the error 'diff: can't stat '/output/cert.pem': No such file or directory', because the file does not exist in the folder `/output` yet. This bugfix ensures, that the diff is only called, when all required files are available.
5 years ago
bors[bot] f9ed1b74d9 Merge #1082
1082: Use socrate instead of Mailustart r=mergify[bot] a=hoellen

## What type of PR?

enhancement

## What does this PR do?
This PR updates the `Dockerfile`, `setup.py` and `config.py` of each image to support the new [Mailu/socrate](https://github.com/Mailu/socrate) python package. So [MailuStart](https://github.com/Mailu/MailuStart) is not used anymore for resolving DNS and configuration processing. 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: hoellen <dev@hoellen.eu>
5 years ago