123 Commits (b9e614145febe6de5022671e90c589216b19fd61)

Author SHA1 Message Date
Alexander Graf 37855153b8
fixed plugin path 3 years ago
willofr 93a94d33ce
update roundcube to 1.5.2 (security fix)
New roundcube release (1.5.2) where a XSS is addressed: https://roundcube.net/news/2021/12/30/update-1.5.2-released
3 years ago
Dimitri Huisman b248026933 Fix #2117. Gpg-agent package was missing for roundcube image. 3 years ago
Florent Daigniere 6d5926ef29 prettify 3 years ago
Dimitri Huisman 385cb28bf2 Correctly calculate and set SESSION_TIMEOUT in roundcube 3 years ago
Dimitri Huisman ab80316df6 Fix error in roundcube config 3 years ago
Florent Daigniere 3a46ee073c Make roundcube use SESSION_TIMEOUT 3 years ago
Alexander Graf 1a41657f90
add documentation, allow overrides, clean plugins 3 years ago
Alexander Graf b3d48cc20f
fixed health check 3 years ago
Alexander Graf e7e283663d
Merge remote-tracking branch 'upstream/master' into update_roundcube 3 years ago
Alexander Graf 64acfacc73
duh. typo 3 years ago
Alexander Graf 547ad253e1
added plugin selection, derive key, clean env 3 years ago
Alexander Graf 7c2c2dc65a
updated to carddav 4.3.0 3 years ago
Alexander Graf 1ebdb26979
updated to rc 1.5.1 3 years ago
Dimitri Huisman f7677543c6 Process code review remarks
- Moved run to bottom of Dockerfile to allow using unmodified / cached states.
- Simplified bash code in deploy.sh.
- Improved the large bash one-liner in CI.yml. It could not handle >9 for 1.x.
3 years ago
Dimitri Huisman 56dd70cf4a Implement versioning for CI/CD workflow (see #1182). 3 years ago
Alexander Graf 423b8a6b9b
Merge branch 'master' into update_roundcube 3 years ago
DjVinnii a6beb234ff Set timezone in roundcube.ini 3 years ago
DjVinnii 225160610b Set default TZ in Dockerfiles 3 years ago
Alexander Graf 6003e11533 duh. add timezone (again) 3 years ago
Alexander Graf 949efcf537 prevent endless redirect loop on nginx failure 3 years ago
Alexander Graf c89045ed03 duh 3 years ago
Alexander Graf 920ac4cd21 updated to php8. fixed login. fixed max_filesize. 3 years ago
Alexander Graf 46d27e48ff Merge remote-tracking branch 'upstream/master' into update_roundcube 3 years ago
DjVinnii a1f0c20583 Add tzdata to webmails 3 years ago
Alexander Graf ee45475567 updated roundcube. added cleanup run at startup 3 years ago
Dimitri Huisman 5232bd38fd Simplify webmail logout. 3 years ago
Dimitri Huisman 44d2448412 Updated SSO logic for webmails. Fixed small bug rate limiting. 3 years ago
Alexander Graf ef9e1ac279 remove health check from log 3 years ago
Alexander Graf 7380b248cf direct logging of php errors to stderr 3 years ago
Alexander Graf cd17aa0c43 repair failing health-check 3 years ago
Alexander Graf 16691e83ad re-enable mod_rewrite in roundcube
moved chown/mkdir/symlink from start.py to Dockerfile
3 years ago
Diman0 7083b3f7c6 Fix roundcube sso header issue
Removed apache rewrite module.
3 years ago
Alexander Graf 6c510e2e86 enabled caching via .htaccess 3 years ago
Florent Daigniere defea3258d update arm builds too 3 years ago
Alexander Graf 14bdeb5e1e Update version of roundcube webmail and carddav plugin.
This is a security update.

- roundcube 1.4.11
- carddav 4.1.2
3 years ago
bors[bot] fc1a663da2
Merge #1754
1754: centralize Webmail authentication behind the admin panel (SSO) r=mergify[bot] a=nextgens

## What type of PR?

Enhancement: it centralizes the authentication of webmails to the admin interface.

## What does this PR do?

It implements the glue required for webmails to do SSO using the admin interface.
One of the main advantages of centralizing things this way is that it reduces significantly the attack surface available to an unauthenticated attacker (no webmail access until there is a valid Flask session).

Others include the ability to implement 2FA down the line and rate-limit things as required.

### Related issue(s)
- #783

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3 years ago
parisni a9548e4cbd Remove mailu/roundcube shared host 3 years ago
parisni 5386e33af3 Reformat python 3 years ago
parisni 49c5c0eba6 Split mailu / roundcube db config
There is no reason to share the flavor since at least the dbname shall be different.
3 years ago
Florent Daigniere dd3d03f06d Merge remote-tracking branch 'upstream/master' into webmail-sso 4 years ago
bors[bot] 0f8d2077a5
Merge #1691
1691: update webmails to PHP 7.4 r=mergify[bot] a=lub

## What type of PR?

update

## What does this PR do?

### Related issue(s)

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.



I think it's a minor change, which needs no changelog.

I've tested rainloop, would be great if someone could test roundcube, because I don't use it.

Co-authored-by: lub <git@lubiland.de>
4 years ago
bors[bot] cca4b50915
Merge #1607
1607: _FILE variables for Docker swarm secrets r=mergify[bot] a=lub

## What type of PR?

enhancement

## What does this PR do?

This PR enables usage of DB_PW_FILE and SECRET_KEY_FILE instead of DB_PW and SECRET_KEY to load these values from files instead of supplying them directly. That way it's possible to use Docker secrets.

### Related issue(s)


## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: lub <git@lubiland.de>
4 years ago
Florent Daigniere e8f70c12dc avoid a warning 4 years ago
Florent Daigniere 80f939cf1a Revert to the old behaviour when ADMIN=false 4 years ago
Florent Daigniere 2cdee8d18e Make roundcube use internal auth 4 years ago
ronivay eb0dc7f90a disable php version expose 4 years ago
lub 8dd5dac3ed update roundcube to php 7.4 4 years ago
lub 02cfe326d3 support using files for SECRET_KEY and DB_PW
this enables usage of e.g. docker swarm secrets instead of exposing the
passwords directly via environment variables

just use DB_PW_FILE and SECRET_KEY_FILE instead of DB_PW and SECRET_KEY
4 years ago
Thomas Sänger e8eaad6c88
update roundcube 4 years ago