2624: Move runtime environment variables to the end r=nextgens a=ghostwheel42
## What type of PR?
bug-fix
## What does this PR do?
This moves the environment variables used at runtime from the system to the base image.
It's a workaround for a strange build issue observed when building with hardened malloc enabled.
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2464: Introduce RESTful API r=mergify[bot] a=Diman0
## What type of PR?
Feature
## What does this PR do?
Introduces a RESTful API for changing the complete Mailu config.
Anything that can be configured in the web administration interface, can also be configured via the Mailu RESTful API.
Via the swagger.json endpoint the complete OpenAPI specification can be retrieved.
Via the endpoint swaggerui, a web client is available which shows all the endpoints, data models and allows you to submit requests.
See docs/api.rst and docs/configuration.rst for details for enabling it.
### Related issue(s)
- closes#445
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2562: Dynamic address resolution everywhere r=mergify[bot] a=nextgens
## What type of PR?
enhancement
## What does this PR do?
Use dynamic address resolution everywhere.
Derive a new key for admin/SECRET_KEY
Cleanup the environment
This should allow restarting containers.
### Related issue(s)
- closes#1341
- closes#1013
- closes#1430
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2571: Upgrade to alpine 3.17.0 r=mergify[bot] a=nextgens
## What type of PR?
enhancement
## What does this PR do?
Upgrade to alpine 3.17.0.
### Related issue(s)
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2550: Webmail hardening r=mergify[bot] a=nextgens
## What type of PR?
enhancement
## What does this PR do?
Add [Snuffleupagus](https://github.com/jvoisin/snuffleupagus/) (a modern Suhosin replacement) to protect webmails.
It may be possible to harden further, by encrypting some of the cookies and auditing the usage of gpg more closely.
This seems to work for me.
### Related issue(s)
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2547: Disable libhardened-malloc for non x86. r=mergify[bot] a=nextgens
## What type of PR?
bug-fix
## What does this PR do?
Support is going to be a nightmare if RPI4 is not working; We can always reintroduce it later.
### Related issue(s)
- closes#2541
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2538: Fix the ARM build again r=mergify[bot] a=nextgens
I have double-checked from the builder and this works.
gcc -v from the alpine image tells me that we have ``--enable-default-pie``
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2537: Fix the armv7 build (again)! r=mergify[bot] a=nextgens
Revert "simplify": ghostwheel42's approach was right
This reverts commit 04f6bd2633.
Without the build still errors-out because of ``set -euxo pipefail``
see https://github.com/Mailu/Mailu/actions/runs/3479399158/jobs/5817902589
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2483: Introduce FETCHMAIL_ENABLED r=mergify[bot] a=DjVinnii
## What type of PR?
Enhancement
## What does this PR do?
Add `FETCHMAIL_ENABLED` to enable/disable the Fetchmail functionality in the Admin UI.
### Related issue(s)
- closes#2127
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
2535: fix the linux/arm/v7 build r=mergify[bot] a=nextgens
## What type of PR?
bug-fix
## What does this PR do?
The arm builder is running aarch64 ... and there is no package for arm/v7
Co-authored-by: Vincent Kling <v.kling@vinniict.nl>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2525: Switch to GrapheneOS's hardened_malloc r=mergify[bot] a=nextgens
## What type of PR?
Feature
## What does this PR do?
Switch to GrapheneOS's hardened_malloc
This was suggested during the dev meeting of the 18/09/22.
It may break things and it may make things unbearably slow... but it should also make the exploitation of memory corruption bugs a lot harder.
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
2534: Close#2533: document SQLALCHEMY_DATABASE_URI r=mergify[bot] a=nextgens
## What type of PR?
documentation
## What does this PR do?
document SQLALCHEMY_DATABASE_URI
### Related issue(s)
- closes#2533
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
bors[bot]