Commit Graph

142 Commits (b66f3fe9deabcaa734a3a1a3f2c4720ca761541d)

Author SHA1 Message Date
Alexander Graf 16691e83ad re-enable mod_rewrite in roundcube
moved chown/mkdir/symlink from start.py to Dockerfile
Diman0 7083b3f7c6 Fix roundcube sso header issue
Removed apache rewrite module.
Alexander Graf 6c510e2e86 enabled caching via .htaccess
Florent Daigniere defea3258d update arm builds too
Alexander Graf 14bdeb5e1e Update version of roundcube webmail and carddav plugin.
This is a security update.

- roundcube 1.4.11
- carddav 4.1.2
bors[bot] fc1a663da2
Merge
1754: centralize Webmail authentication behind the admin panel (SSO) r=mergify[bot] a=nextgens

## What type of PR?

Enhancement: it centralizes the authentication of webmails to the admin interface.

## What does this PR do?

It implements the glue required for webmails to do SSO using the admin interface.
One of the main advantages of centralizing things this way is that it reduces significantly the attack surface available to an unauthenticated attacker (no webmail access until there is a valid Flask session).

Others include the ability to implement 2FA down the line and rate-limit things as required.

### Related issue(s)
- 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
parisni a9548e4cbd Remove mailu/roundcube shared host
parisni 5386e33af3 Reformat python
parisni 49c5c0eba6 Split mailu / roundcube db config
There is no reason to share the flavor since at least the dbname shall be different.
Florent Daigniere dd3d03f06d Merge remote-tracking branch 'upstream/master' into webmail-sso
bors[bot] 0f8d2077a5
Merge
1691: update webmails to PHP 7.4 r=mergify[bot] a=lub

## What type of PR?

update

## What does this PR do?

### Related issue(s)

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.



I think it's a minor change, which needs no changelog.

I've tested rainloop, would be great if someone could test roundcube, because I don't use it.

Co-authored-by: lub <git@lubiland.de>
bors[bot] cca4b50915
Merge
1607: _FILE variables for Docker swarm secrets r=mergify[bot] a=lub

## What type of PR?

enhancement

## What does this PR do?

This PR enables usage of DB_PW_FILE and SECRET_KEY_FILE instead of DB_PW and SECRET_KEY to load these values from files instead of supplying them directly. That way it's possible to use Docker secrets.

### Related issue(s)


## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: lub <git@lubiland.de>
Florent Daigniere e8f70c12dc avoid a warning
Florent Daigniere 80f939cf1a Revert to the old behaviour when ADMIN=false
Florent Daigniere 2cdee8d18e Make roundcube use internal auth
ronivay eb0dc7f90a disable php version expose
lub 8dd5dac3ed update roundcube to php 7.4
lub 02cfe326d3 support using files for SECRET_KEY and DB_PW
this enables usage of e.g. docker swarm secrets instead of exposing the
passwords directly via environment variables

just use DB_PW_FILE and SECRET_KEY_FILE instead of DB_PW and SECRET_KEY
Thomas Sänger e8eaad6c88
update roundcube
bors[bot] ddac2672fc
Merge
1338: Add GPG to Roundcube r=mergify[bot] a=PhilRW

The web UI was complaining that it couldn't find the GPG binary. Turns out it wasn't installed.

## What type of PR?

bug fix

## What does this PR do?

Adds GPG binary to Roundcube

Co-authored-by: Philip Rosenberg-Watt <PhilRW@users.noreply.github.com>
Co-authored-by: Dario Ernst <github@kanojo.de>
bors[bot] 0469e96f8e
Merge
1298: Added carddav-plugin for roundcube webmail r=ofthesun9 a=sholl

## Feature

This PR enables the carddav contacts plugin for integration remote contact-repositories based on CardDAV.

## What does this PR do?

This PR enables the carddav contacts plugin for integration remote contact-repositories based on CardDAV.

### Related issue(s)
- Related , at least for CardDAV.


## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly (not needed since the plugins of webmail is not mentioned in the docs.)
- [x] Changelog-entry added


Co-authored-by: Stephan Holl <stephan@holl-land.de>
TheLegend875 519600a78b Set From header for delivery reports
closes 
Michael Wyraz 12667c70f6 Fix roundcube permissions, tail correct log
Dario Ernst 4d475f4e69
Merge branch 'master' into patch-1
bors[bot] e41b072938
Merge
1268: Roundcube db r=Nebukadneza a=micw

## What type of PR?

feature

## What does this PR do?

- makes roundcube work with mysql
- runs db init/upgrade scripts on startup
- redirects roundcube logs to stdout

### Related issue(s)
- preparations to solve 
- closes  (side effect ;-) )

## Prerequistes

- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Michael Wyraz <michael@wyraz.de>
Co-authored-by: micw <michael@wyraz.de>
Thomas Sänger 5e2d0b78b6
Update Roundcube to 1.4.3
micw e08f4ab7a9
Fix wrong psql lib name
micw b4d81f833d
Add pdo_pgsql to Dockerfile
Philip Rosenberg-Watt 7a552f02c3 Add gpg to Roundcube
The web UI was complaining that it couldn't find the GPG binary. Turns out it wasn't installed.
Michael Wyraz fe09cf5705 Default to DB_FLAVOR/DB_HOST if ROUNDCUBE_DB_FLAVOR/ROUNDCUBE_DB_HOST is not set
Michael Wyraz 8242ca150d Create/update database on startup
Michael Wyraz 982c93e3a2 Print roundcube error log to stdout
Michael Wyraz 06926561e2 Install php-mysql on roundcube container
Michael Wyraz 9b10e938cf Make roundcube db configurable
hoellen 94bfd7770b Update Roundcube to 1.4.2
Stephan Holl a22e8eb0c5 Added carddav-Plugin for roundcube.
bors[bot] 8fb3c688e7
Merge
1267: Update roundcube to 1.4.0 and enable new elastic skin r=hoellen a=hoellen

## What type of PR?
enhancement

## What does this PR do?
This PR brings the new roundcube 1.4.0 release with the new elastic skin.
![grafik](https://user-images.githubusercontent.com/11299996/69373290-c86cd680-0ca3-11ea-8dd5-d76beafc65a6.png)
![grafik](https://user-images.githubusercontent.com/11299996/69373358-e6d2d200-0ca3-11ea-8b92-3b8a528eb6c0.png)


As an idea we could integrate the Mailu logo in a next step to customize the webmail client a bit.

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: hoellen <dev@hoellen.eu>
Michael Wyraz 09ee3ce95c Install py3-multidict from repository before installing socrate to avoid the need of gcc during build
hoellen 30d924b2c3 Update Roundcube to 1.4.1
hoellen fc320028a9 Update roundcube to 1.4.0 and enable new skin
Emil Petersson 291db780d0 Do not override values in /usr/local/etc/php/conf.d/roundcube.ini
bors[bot] 0417c791ff
Merge
985: Permit raspberry pi (and other architectures) builds r=mergify[bot] a=abondis

## What type of PR?

Enhancement

## What does this PR do?

Add an option to select base images and permit building for different CPU architectures.

### Related issue(s)
N/A

## Prerequistes

- [X] documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Aurélien Bondis <aurelien.bondis@gmail.com>
Co-authored-by: Aurelien <aurelien.bondis@gmail.com>
Aurélien Bondis 34079244a6 fix ARG positions
Thomas Sänger 56efc46af8
update roundcube 1.3.10
Aurélien Bondis e1a4bf32a6 only insert qemu binary if building for arm
Aurélien Bondis 124b1d4c71 rebase and update for 3.10, avoid adding qemu file to x86 images
hoellen 9de5dc2592 Use python package socrate instead of Mailustart
Dario Ernst 1dbda71401 Adapt shared layer conf to now really-missing mailustart in admin (after merging webpack)
Dario Ernst 0306be1eed Re-add missing MailuStar in admin
It turns out we were all blind and admin *does* use MailuStart
Dario Ernst 53f754f5ac Remove MailuStart from admin and correct layer-sharing comments
Dario Ernst 0144bb5974 Add missing libzip dependency for new php modules in roundcube
Dario Ernst a253ca47fe Use official Mailu/MailuStart
Reto Glauser 09784afcc3 update to php 7.3
hoellen c155823ec8 update roundcube 1.3.9
Ionut Filip 004a431e97
Change to mailustart functions
mergify[bot] f72e13964d
Merge pull request from guruevi/patch-1
Allow for multiple identities
Tim Möhlmann 049ca9941f
Cleanup syntax and fix typo
Tim Möhlmann 7d01bb2a4d
LOG_LEVEL docs and changelog entry
Tim Möhlmann b04a9d1c28
Implement debug logging for template rendering
guruevi 66e4c9bb28
Allow for multiple identities
Mailu is already set up to disallow non-existing identities at the SMTP level. People can already set up identities on external email clients. This should allow users to set up multiple identities within Roundcube
Daniel Huber fa5161b044
Disable ServerSignature of apache2 servers in rainloop and roundcube
Ionut Filip 94edb48f08 Dynamic attachment size
Tim Möhlmann 42e2dbe35d
Standarize image by using shared / similair layers
Tim Möhlmann 903bb70c5b
Merge remote-tracking branch 'upstream/master' into standarize-images
Thomas Sänger 7125077dec
Update roundcube
Ionut Filip 8a44a44688
Merge branch 'master' into feat-startup
Ionut Filip 1187cac5e1 Finished up switching from .sh to .py
Thomas Sänger 39272ab05c
add healthcheck for http services
Thomas Sänger f2259c3302
reduce webmail image-layers/sizes
kaiyou 2cba045013 Explicitely declare required volumes, fixes
Thomas Sänger cbaac01790
remove unused dependencies
Thomas Sänger a684739b9c
update to PHP 7.2 and remove mcrypt
removed mcrypt because Rouncube uses openssl exclusively since version 1.2 and mcrypt was removed from PHP 7.2
Thomas Sänger 89c55ba8fe
use safer cipher in roundcube
"Default is set for backward compatibility to DES-EDE3-CBC,
but you can choose e.g. AES-256-CBC which we consider a better choice."

https://github.com/roundcube/roundcubemail/blob/master/config/defaults.inc.php#L512
kaiyou d52d01924a
Merge pull request from d-fens/patch-1
[Security] Update Roundcube to 1.3.7
d-fens 14a6cfb5c6
[Security] Update Roundcube to 1.3.7
https://github.com/roundcube/roundcubemail/releases/tag/1.3.7
Michal Prihoda 147a1359cd Fixed libpng12-dev dependency, called libpng-dev now.
Mildred Ki'Lya b7ece9f9b8 roundcube: fix host parametrization
Roundcube can be parametrized so it can take a different hostname than
'front' or 'imap' to connect to the mail servers through environment
variables. Unfortunately, this was not correct and in PHP a `||`
operator always returns a boolean. It did not work as expected.

Instead use the ternary operator `:?` that works in all cases.
Mildred Ki'Lya ae8c9f5a6b Add various environment variables to allow running outside of docker-compose
Scott 386a02588b [Security] Update Roundcube to 1.3.6
Fixes a security issue in roundcube.  May also fix the last comment in .
kaiyou 31b887807a Enable enigma for testing in Roundcube, fixes
kaiyou 8903cb1367 Update Roundcube to 1.3.4
Arnie 9dfb2b8f2c Fixes the inability to upload attachments from roundcube
kaiyou 34d88144b2 Set the temp directory for Roundcube, related to
kaiyou bbef3b651e Roundcube is now using php7, update the htaccess, fixes
kaiyou 7f92bfd6b6 Install the php zip extension for roundcube, fixes
Greg Fitzgerald 7594226c50 Fix copy/paste failure
Greg Fitzgerald bbf0a9a61c This sets the max attachment size in roundcube
I used the php.ini from the rainloop folder, so they are both set to
25MB.
Thomas Sänger c0fc9b045b
bump roundcube version (security update)
Thomas Sänger 352d77bf33
upgrade php for roundcube
kaiyou 652ca769dc Allow authentication from webmail directly, fixes
kaiyou f943dc85a2 Update webmails
kaiyou f22194d78b Rename the webmails directory