1242 Commits (a3c01a2bbf3fcda8cc741a79b12ff371a33b42ab)

Author SHA1 Message Date
Florent Daigniere a7f9a35fa1
Merge branch 'master' into fix2274 3 years ago
Florent Daigniere a4ed464170 doh 3 years ago
Florent Daigniere 0bfbb3bcd4
doh 3 years ago
Florent Daigniere cd3eee4c51 ghostwheel42's suggestion 3 years ago
Florent Daigniere d723326b8e style 3 years ago
Florent Daigniere f01d8cd9b9 improve 3 years ago
Florent Daigniere 7b9c4e01f7 improve 3 years ago
Florent Daigniere 91de20c49c Fix exception in logs
This was occuring when you had square brackets in the domain part
3 years ago
Florent Daigniere 8cf76afbab Catch the ValueError instead 3 years ago
Florent Daigniere 08aa32a5df Revert "Don't bother running the query without an address"
This reverts commit dc81979550.
3 years ago
Florent Daigniere 7ce7f2096b belt, braces and suspenders 3 years ago
Florent Daigniere dc81979550 Don't bother running the query without an address
This should solve the following in admin logs:
"WARNING in nginx: Invalid user 'xxxx': (builtins.ValueError)
invalid email address (no "@")"
3 years ago
bors[bot] 2e9b14d536
Merge #2254
2254: Send ISRG_X1 on port 25, make DANE pin that r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Ensure we send ISRG_X1 in the handshake on port 25 (non-interactive, size doesn't really matter).

Update the DANE pin to reflect the change.

I am not sure whether we will need to add --preferred-chain= in the future; This may be the case when letsencrypt decides to use X2/the ECDSA chain

This needs to be tested on a letsencrypt account that isn't mine (I'm opted in for the alternate cert chains)

### Related issue(s)
- closes #2138

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

There's already a towncrier news for it

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3 years ago
Florent Daigniere f9869b1d79 ghostwheel42's suggestions 3 years ago
Dimitri Huisman c40a0f4b80 Change link in warning to master. Master is always available. 1.9 will be unavaiable in the future. 3 years ago
Florent Daigniere ab35492589 the first time the loop runs we don't have the second cert 3 years ago
Florent Daigniere 0816cb9497 simplify as per ghostwheel42's suggestion 3 years ago
Florent Daigniere e4a32b55f5 Send ISRG_X1 on port 25, make DANE pin that 3 years ago
Florent Daigniere d3e7ea5389 spell it out 3 years ago
Florent Daigniere a8dc20962a workaround a bug in coredns 3 years ago
Florent Daigniere 9466ad4131 fix #2220 3 years ago
bors[bot] 855f3b065b
Merge #2211
2211: Ensure we use IMAP IDLE like it's supposed to work r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Increase IMAP IDLE time from 2min to 29mins: this should massively help reduce network traffic & increase battery life of clients

See https://peterkieser.com/2011/03/25/androids-k-9-mail-battery-life-and-dovecots-push-imap/

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
3 years ago
Florent Daigniere 224880822f
remove space 3 years ago
Florent Daigniere 3d7b9fe194 Ensure we use IMAP IDLE like it's supposed to work
imap_idle_notify_interval = 2 mins -> 29 mins

See https://peterkieser.com/2011/03/25/androids-k-9-mail-battery-life-and-dovecots-push-imap/
3 years ago
Kevin Falcoz 278d74ce6f
Add title attribute on user-panel div 3 years ago
Kevin Falcoz c69f886a73 Update code with ghostwheel42 comments 3 years ago
Kevin Falcoz 3e394faf92
Patch function "Display Name" into admin page 3 years ago
Florent Daigniere f6ebf9fda2
Update tls.conf 3 years ago
Florent Daigniere 68ff6c8337
Use ISRG_ROOT_X1 as DST_ROOT is not available 3 years ago
Sebastian Klemke a6b4b9ae52 Removed ssl_trusted_certificate configuration setting from nginx.
Resolves an nginx startup issue when letsencrypt or
mail-letsencrypt is enabled.

Fixes #2199
3 years ago
Sebastian Klemke 89a86e9dda disabled rsyslogd pidfile 3 years ago
Florent Daigniere b9e614145f there too 3 years ago
Florent Daigniere b7fb8c661a switch to new API 3 years ago
Billy Chan 90394d7d8c 🎨 use resolver.resolve 3 years ago
shing6326 32446f03e7
Update start.py
fix missing leading . for the resolver test
3 years ago
bors[bot] 1e53530164
Merge #2144
2144: Enable unbound by default, warn if the DNS resolver doesn't work r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Enable unbound by default, warn if the DNS resolver doesn't work

### Related issue(s)
- close #2135

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
3 years ago
Florent Daigniere a9da0c084a
syntax error 3 years ago
Florent Daigniere a2f6243382
remove the error variable 3 years ago
Florent Daigniere b12616b93f
Make the recommendation clearer 3 years ago
Alexander Graf f809be39bf
supply missing fields argument 3 years ago
bors[bot] e3e3700187
Merge #2150
2150: fix 2145: exceptions may be thrown when login is invalid or rate-limits exceeded r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Exceptions may be thrown when login is invalid or rate-limits exceeded for those running very recent builds of 1.9

For some reason I haven't caught it while testing #2130... that's when it was introduced.

### Related issue(s)
- close #2145
- close #2146
- #2130



Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3 years ago
Florent Daigniere 7bd1fd3489 fix 2145 3 years ago
Florent Daigniere 6425f440d3 fix 2147 3 years ago
Florent Daigniere 379fe18f7a test dns resolvers at startup 3 years ago
Florent Daigniere 98973223fd
reduce TTL to 1d 3 years ago
Florent Daigniere 792893caae change TTL to 1y 3 years ago
Florent Daigniere 671f3e382a Fix 2138: Pin DANE with the full cert 3 years ago
Florent Daigniere 7f89a29790 Fix 2125
Make the caller responsible to know whether the rate-limit code should
be called or not
3 years ago
bors[bot] 65d905fe62
Merge #2099
2099: update Dockerfile to alpine 3.14.3 r=mergify[bot] a=willofr

## What type of PR?
Security fix

## What does this PR do?
Updated the Dockerfile to use the latest alpine version 3.14.3 where several CVEs have been fixed: https://alpinelinux.org/posts/Alpine-3.14.3-released.html
New images successfully built on my test env.

### Related issue(s)
None

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Will <will@packer-output-c8fcfb40-3d93-4475-8f87-e14a9dd683b6>
Co-authored-by: willofr <willofr@users.noreply.github.com>
3 years ago
bors[bot] 3eca813182
Merge #2116
2116: fix 2114: redirect old path r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Old paths may still be cached in browsers, it's easy enough to redirect them

### Related issue(s)
- close #2114


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3 years ago