907: Don't generate the clamav configuration if ANTIVIRUS is none. r=mergify[bot] a=mvaled
## What type of PR?
bug-fix
## What does this PR do?
Avoid rspamd to try to connect to clamav if you choose ANTIVIRUS="none". Otherwise the rspamd will try to connect to none, timing out several times and leading to poor performance.
I have a server without CLAMAV; and I'm getting times up to 45s:
```
$ grep 'CLAMAV' ~/downloads/logs-from-antispam-in-mailu-security-5d75fb987-kv958.txt | grep -o 'time: [^m]*'
time: 45011.089
time: 45126.002
time: 45002.024
time: 45037.436
time: 45006.775
...
```
Mails for which clamav is not used range from a tens of miliseconds to a few hundred.
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: place entry in the [changelog](CHANGELOG.md), under the latest un-released version.
Co-authored-by: Manuel Vázquez Acosta <manuel@merchise.org>
886: Ipv6 support r=mergify[bot] a=muhlemmer
## What type of PR?
(Feature, enhancement, bug-fix, documentation) -> A bit of everything
## What does this PR do?
Document how to use ipv6nat. This, however triggers some kind of flaky behavior with the Docker DNS resolver, resulting in lookup failures between containers. So all resolving needs to be done during container startup/configuration.
In order not to pollute every single start.py file, we've created a small library called [Mailu/MailuStart](https://github.com/Mailu/MailuStart). As an addition, this library also defines the template generation function, including its logging facility.
Note: `docker-compose.yml` downgrade is necessary, as IPv6 settings are not supported by the Docker Compose file format 3 😞
### Related issue(s)
Supersedes PR #844
- Fixes#827
- Hopefully helps with #829 and #834
## No backport yet
This PR directly imports MailuStart from git. This makes it a bit more simple to implement on the short term an do some testing and probably some future improvements. When everything is proved stable, we will create a proper PyPi package with versioning and consider back porting.
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: place entry in the [changelog](CHANGELOG.md), under the latest un-released version.
Co-authored-by: Ionut Filip <ionut.philip@gmail.com>
Co-authored-by: Tim Möhlmann <muhlemmer@gmail.com>
888: Correct the URL users are directed to after using setup without exposing /admin r=mergify[bot] a=Nebukadneza
In setup, users who didn’t expose `/admin` were directed to `http://127.0.0.1:8080/`, which was missing `/ui` to work.
Also, let’s help out the less apt admins by providing a copy-paste template for ssh-tunnelling.
## What type of PR?
documentation
### Related issue(s)
closes#885
## Prerequistes
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: place entry in the [changelog](CHANGELOG.md), under the latest un-released version.
889: Catch webmail-url empty but webmail configured and force to default r=mergify[bot] a=Nebukadneza
## What type of PR?
bug-fix
## What does this PR do?
Quite some users managed to delete the contents of the webmail-url field in
setup, which forces front into a restart loop. Catch the case where a webmail
service is configured, but url is empty — and force to default /webmail.
### Related issue(s)
closes#856
## Prerequistes
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: place entry in the [changelog](CHANGELOG.md), under the latest un-released version.
Co-authored-by: Dario Ernst <dario@kanojo.de>
882: Fix password validator for creating fetched accounts r=muhlemmer a=Nebukadneza
## What type of PR?
bug-fix
## What does this PR do?
Creating fetched accounts was changed in #817 with a slight typo. I’m an idiot since i approved, but only tested editing, and not creation. But here’s the fix!
### Related issue(s)
Small fix, didn’t feel explanatory issue was necessary
## Prerequistes
- [x] In case of feature or enhancement: documentation updated accordingly
- Not needed
- [x] Unless it's docs or a minor change: place entry in the [changelog](CHANGELOG.md), under the latest un-released version.
- Done
Co-authored-by: Dario Ernst <dario.ernst@rommelag.com>
Co-authored-by: Tim Möhlmann <muhlemmer@gmail.com>
Quite some users managed to delete the contents of the webmail-url field in
setup, which forces front into a restart loop. Catch the case where a webmail
service is configured, but url is empty — and force to default /webmail.
closes#856
876: Add wildcard aliases with the cli r=mergify[bot] a=hoellen
## What type of PR?
enhancement
## What does this PR do?
Add a possibility to add wildcard aliases with the cli.
### Related issue(s)
- closes#869
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: place entry in the [changelog](CHANGELOG.md), under the latest un-released version.
Co-authored-by: hoellen <dev@hoellen.eu>
851: Make certdumper output fullchain-pems r=mergify[bot] a=Nebukadneza
## What type of PR?
bug-fix
## What does this PR do?
Before it only outputted a pem-file with the server-certificate —
however, it seems some clients want the fullchain delivered, as it’s
common with letsencrypt.
### Related issue(s)
closes#847
## Prerequistes
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: place entry in the [changelog](CHANGELOG.md), under the latest un-released version.
- minor fix
Co-authored-by: Dario Ernst <github@kanojo.de>
Before it only outputted a pem-file with the server-certificate —
however, it seems some clients want the fullchain delivered, as it’s
common with letsencrypt.
closes#847
- Enable bors-ng for better merging
- Re-enable mergify with a fixed up syntax, it will now only issue bors commands.
- Pull request build images are now pushed to docker hub
- Automatic backport rule
- Fix build tag for branches with slash (/)
- Only push when master and 1.6 target branch
Tim Möhlmann