Tim Möhlmann
af086bbdbe
Include DKIM in VOLUME
6 years ago
hoellen
c041a9d45c
allow all characters for username in dovecot
6 years ago
Tim Möhlmann
24828615cf
Webmail on root, fixes #757
6 years ago
Ionut Filip
8fc2846924
Added regex validation for alias username
6 years ago
Tim Möhlmann
3c4ee1b31e
Merge pull request #743 from kaiyou/master
...
Fixes #738 regarding application context
6 years ago
ofthesun9
97b3a85090
Merge pull request #737 from hoellen/fix-alias-match-behaviour
...
fix alias match behaviour
6 years ago
mergify-bot
09a50b6cfc
Merge branch 'master' into 'master'
6 years ago
kaiyou
4060ac2223
Remove some forgotten debugging
6 years ago
kaiyou
087841d5b7
Fix the way we handle the application context
...
The init script was pushing an application context, which maked
flask.g global and persisted across requests. This was evaluated
to have a minimal security impact.
This explains/fixes #738 : flask_wtf caches the csrf token in the
application context to have a single token per request, and only
sets the session attribute after the first generation.
6 years ago
kaiyou
b5f51b0e2e
Update python dependencies
6 years ago
kaiyou
8707b0fcd7
Use a dictionary of db connection string templates
6 years ago
kaiyou
19f18e2240
Lowercase relays as well as other tables
6 years ago
kaiyou
7e388e472a
Handle relay name as an Idna domain
6 years ago
kaiyou
871aa14c9a
Lowercase every domain name and email
6 years ago
kaiyou
3df9b3962d
Add default columns to the configuration table
6 years ago
kaiyou
b88f61f183
Name all constraints when creating them
...
Prefious commit set the constraint names for existing databases.
New databases can now have named constraints from the ground up.
6 years ago
kaiyou
b8282b1d46
Support named constraints for multiple backends
...
Supporting multiple backends requires that specific sqlite
collations are not used, thus lowercase is applied to all non
case-sensitive columns. However, lowercasing the database requires
temporary disabling foreign key constraints, which is not possible
on SQLite and requires we specify the constraint names.
This migration specific to sqlite and postgresql drops every
constraint, whether it is named or not, and recreates all of them
with known names so we can later disable them.
6 years ago
kaiyou
e022513a94
Fix support for postgres and mysql
6 years ago
kaiyou
a881a1a839
Revert "Make current migrations work with postgresql"
...
This reverts commit 9b9f3731f6
.
6 years ago
kaiyou
76925e82f3
Revert "Implement CIText as NOCASE alternative in postgresql"
...
This reverts commit 0f3c1b9d15
.
6 years ago
kaiyou
f52ae5535c
Revert "Created function for returning email type"
...
This reverts commit 436055f02c
.
6 years ago
kaiyou
f6520eace6
Merge branch 'feat-psql-support' of https://github.com/usrpro/Mailu into usrpro-feat-psql-support
6 years ago
hoellen
8fe9e695f3
prefer non-wildcard aliases over wildcard aliases
6 years ago
Tim Möhlmann
c7dcfee882
Merge pull request #713 from pgeorgi/extend-nginx
...
nginx: Allow extending config with overrides
6 years ago
hoellen
79768c09f6
fix alias matching behaviour
6 years ago
Tim Möhlmann
6ca8ed437d
Merge pull request #732 from Nebukadneza/add_front_certificate_reload
...
Add certificate watcher for external certs to reload nginx
6 years ago
Dario Ernst
1aa97c9914
Add certificate watcher for external certs to reload nginx
...
In case of TLS_FLAVOR=[mail,cert], the user supplies their own certificates.
However, since nginx is not aware of changes to these files, it cannot
reload itself e.g. when the certs get renewed.
To solve this, let’s add a small daemon in the place of
`letsencrypt.py`, which uses a flexible file-watching framework and
reloads nginx in the case the certificates change ….
6 years ago
Tim Möhlmann
c00910ca4b
Merge remote-tracking branch 'upstream/master' into extend-nginx
6 years ago
Tim Möhlmann
97d338e68a
Rectify 'endif' placement
6 years ago
Tim Möhlmann
425cdd5e77
Fix syntax errors
6 years ago
Tim Möhlmann
20f1faf6d0
Send 404 when nothing server at '/'
...
Prevents Nginx welcome screen
6 years ago
Tim Möhlmann
2de4995fec
Don't redirect when webmail is served on '/'
6 years ago
Tim Möhlmann
f0906073e3
Merge remote-tracking branch 'upstream/master' into feat-subnet2
6 years ago
mergify[bot]
a634c7b72d
Merge pull request #725 from usrpro/fix-outlook2019-smtp
...
Add login method to smtp_auth under ssl
6 years ago
Tim Möhlmann
8172f3eab8
Move the Mailu Docker network to a fixed subnet.
...
This will make network configuration and host based authentication
more robust, across different deployment platforms.
The options `RELAYNETS` and`POD_ADDRESS_RANGE` are kept for compatibility.
However, their usage have become optional.
6 years ago
kaiyou
b6aaf57be1
Merge branch 'refactor-config' of github.com:kaiyou/mailu into refactor-config
6 years ago
kaiyou
d0f07984b0
Merge remote-tracking branch 'upstream/master' into refactor-config
6 years ago
Tim Möhlmann
9dd447e23b
Add login method to smtp_auth under ssl
...
Fixes #704
6 years ago
Patrick Georgi
eac4d553a9
nginx: Allow extending config with overrides
...
To facilitate this, the default redirect at / can be disabled, even if
the default remains at redirecting to the webmailer.
The extensions are within the host scope and are read from
$ROOT/overrides/nginx/*.conf.
6 years ago
mergify[bot]
2d4bac03ad
Merge pull request #723 from usrpro/clean-healthcheck-logs
...
Admin: Prevent redirects during health checking
6 years ago
mergify[bot]
a382f74680
Merge pull request #705 from usrpro/fix-recaptcha
...
Fix recaptcha
6 years ago
mergify[bot]
37027cfce7
Merge pull request #633 from kaiyou/fix-sender-checks
...
Improve sender checks
6 years ago
Tim Möhlmann
d18cf7cb25
Prevent redirects during health checking
6 years ago
Tim Möhlmann
c9df311a0d
Set forward_destination to an empty list
...
The value of `None` resulted in an error, since a list was expected.
6 years ago
Tim Möhlmann
eff6c34632
Catch asterisk before resolve_domain
...
Asterisk results in IDNA error and a 500 return code.
6 years ago
Ionut Filip
7b8835070d
Added tenacity retry fir migrations connection
6 years ago
David Rothera
88c174fb7a
Query alternative table for domain matches
...
At present postfix checks this view for matches in the domain table and is used to accept/deny messages sent into it however it never checks for matches in the alternative table.
Fixes #718
6 years ago
Ionut Filip
436055f02c
Created function for returning email type
6 years ago
Tim Möhlmann
47a3fd47b5
Fix DB_FLAVOR condition testing for models.py
6 years ago
Tim Möhlmann
0f3c1b9d15
Implement CIText as NOCASE alternative in postgresql
6 years ago
Tim Möhlmann
9b9f3731f6
Make current migrations work with postgresql
6 years ago
Tim Möhlmann
8bdc0c71af
Allow for setting a different DB flavor
6 years ago
Ionut Filip
fed7146873
Captcha check on signup form
6 years ago
Tim Möhlmann
4783e61693
Fix password context
...
Fixes the following error:
```
admin_1 | [2018-11-09 09:44:10,533] ERROR in app: Exception on /internal/auth/email [GET]
admin_1 | Traceback (most recent call last):
admin_1 | File "/usr/lib/python3.6/site-packages/flask/app.py", line 2292, in wsgi_app
admin_1 | response = self.full_dispatch_request()
admin_1 | File "/usr/lib/python3.6/site-packages/flask/app.py", line 1815, in full_dispatch_request
admin_1 | rv = self.handle_user_exception(e)
admin_1 | File "/usr/lib/python3.6/site-packages/flask/app.py", line 1718, in handle_user_exception
admin_1 | reraise(exc_type, exc_value, tb)
admin_1 | File "/usr/lib/python3.6/site-packages/flask/_compat.py", line 35, in reraise
admin_1 | raise value
admin_1 | File "/usr/lib/python3.6/site-packages/flask/app.py", line 1813, in full_dispatch_request
admin_1 | rv = self.dispatch_request()
admin_1 | File "/usr/lib/python3.6/site-packages/flask/app.py", line 1799, in dispatch_request
admin_1 | return self.view_functions[rule.endpoint](**req.view_args)
admin_1 | File "/usr/lib/python3.6/site-packages/flask_limiter/extension.py", line 544, in __inner
admin_1 | return obj(*a, **k)
admin_1 | File "/app/mailu/internal/views/auth.py", line 18, in nginx_authentication
admin_1 | headers = nginx.handle_authentication(flask.request.headers)
admin_1 | File "/app/mailu/internal/nginx.py", line 48, in handle_authentication
admin_1 | if user.check_password(password):
admin_1 | File "/app/mailu/models.py", line 333, in check_password
admin_1 | context = User.pw_context
admin_1 | AttributeError: type object 'User' has no attribute 'pw_context'
```
6 years ago
kaiyou
72e1b444ca
Merge alembic migrations
6 years ago
kaiyou
5b769e23da
Merge branch 'master' into refactor-config
6 years ago
kaiyou
02995f0a15
Add a mailu command line to flask
6 years ago
kaiyou
f9e30bd87c
Update the dockerfile and upgrade dependencies
6 years ago
kaiyou
4a7eb1eb6c
Explicitely declare flask migrate
6 years ago
kaiyou
2a8808bdec
Add the configuration table migration
6 years ago
kaiyou
f57d4859f3
Provide an in-context wrapper for getting users
6 years ago
kaiyou
f6013aa29f
Fix an old migration that was reading configuration before migrating
6 years ago
kaiyou
206cce0b47
Finish the configuration bits
6 years ago
Ionut Filip
1bbf3f235d
Using a new class when captcha is enabled
6 years ago
mergify[bot]
12689965bd
Merge pull request #699 from usrpro/fix-admin-bug
...
Fixed admin_1 errors in the logs
6 years ago
hoellen
680ad4b67a
Catching only ValueError
...
Co-Authored-By: ionutfilip <ionut.philip@gmail.com>
6 years ago
mergify[bot]
e08f3e81d0
Merge pull request #680 from usrpro/feat-startup
...
Standarize images
6 years ago
Ionut Filip
6dcc33e390
Fixed admin_1 errors in the logs
...
Fixed errors when trying to log in with an account without domain.
This closes #585
6 years ago
Tim Möhlmann
42e2dbe35d
Standarize image by using shared / similair layers
6 years ago
Tim Möhlmann
5fa2aac569
Fix imap login when no webmail selected
6 years ago
Tim Möhlmann
903bb70c5b
Merge remote-tracking branch 'upstream/master' into standarize-images
6 years ago
Scott
56fb74c502
Fix typo (duplicate self). Fixes #683
6 years ago
Ionut Filip
8a44a44688
Merge branch 'master' into feat-startup
6 years ago
Ionut Filip
1187cac5e1
Finished up switching from .sh to .py
6 years ago
Tim Möhlmann
ed81c076f2
Take out "models" path, as we are already in it
6 years ago
Tim Möhlmann
aed80a74fa
Rectify decleration of domain_name
6 years ago
Tim Möhlmann
2d382f2d67
Merge branch 'master' into fix-sender-checks
6 years ago
Ionut Filip
0e5606d493
Changed start.sh to start.py
6 years ago
Ionut Filip
eb7dfb5771
Cleaning up start.py
6 years ago
Thomas Sänger
603b6e7390
Merge pull request #2 from usrpro/fix-nginx-healthcheck
...
Fix nginx healthcheck
6 years ago
Tim Möhlmann
81b24f61e8
Merge branch 'master' into feat-healthchecks
6 years ago
Tim Möhlmann
a2fea36c79
Increase HEALTHCHECK start time for services that need to wait for host resolving during startup.
...
In Docker Swarm mode the services listed below can get stuck in their start script, while they
are waiting for other services become available. Now, with HEALTHCHECK enabled, docker does not resolve
names of services that not pass HEALTHCHECK yet. Meaning that if one of the depenend services is not yet
available, it will create a chain of failing services.
The services below retry to resolve 100 time, with an average of 3.5 seconds. Hence, the --start-time
flag is now set at 350 seconds.
- dovecot (imap)
- postfix (smtp)
- rspamd (antispam)
6 years ago
Tim Möhlmann
c3e89967fb
Fix front health checking
...
- Specified seperated /health path in order to allow for healthcheck even if webmail and admin are not seletectd. This also allows healthchecking fom external services like DNS load balancers;
- Make curl not to fail on TLS because localhost is not included in the certificates.
6 years ago
mergify[bot]
90b8c3cc1f
Merge pull request #665 from kaiyou/feat-reply-startdate
...
Implement a start date filter for autoreply, fixes #362
6 years ago
mergify[bot]
bce1487338
Merge pull request #576 from hacor/master
...
Kubernetes fixed for production
6 years ago
kaiyou
1fcaef7c7e
Merge branch 'master' into fix-sender-checks
6 years ago
Paul Williams
78bd5aea1c
enable http2, because it's that easy
6 years ago
hoellen
72d4fa2bc9
remove empty line from merge conflict
6 years ago
hoellen
857ad50509
Merge branch 'master' into feat-reply-startdate
6 years ago
mergify[bot]
4a5c0a6d21
Merge pull request #667 from kaiyou/fix-password-performance
...
Improve password checking performance
6 years ago
mergify[bot]
80658c30da
Merge pull request #669 from hoellen/fix-webmail-root
...
Fix nginx conf if webmail is on root path
6 years ago
Hans Cornelis
f10416e85a
Merged with new PRs
6 years ago
mergify[bot]
118ea0f3fb
Merge pull request #604 from ofthesun9/feature-swarm
...
Enabling swarm deployment on master branch
6 years ago
mergify[bot]
727970514d
Merge pull request #527 from ofthesun9/feat-fuzzyhashes
...
Trying to enable fuzzy hashes for rspamd
6 years ago
kaiyou
82069ea3f0
Clean most of the refactored code
6 years ago
kaiyou
f40fcd7ac0
Use click for the manager command
6 years ago
kaiyou
fc24426291
First batch of refactoring, using the app factory pattern
6 years ago
hoellen
d4f32c3e7d
remove rewrite if webmail is on root
6 years ago
kaiyou
01fa179767
Update the user password in database when needed
6 years ago
kaiyou
988e09e65e
Add a profiler in debug mode for improving performance
6 years ago