68 Commits (ce0c24e0766530710ccbd7fc36f06fc9585ea55f)

Author SHA1 Message Date
Dario Ernst 53f754f5ac Remove MailuStart from admin and correct layer-sharing comments 5 years ago
Dario Ernst bb2edb6eb6 Revert "Move alpine version definition out to variable"
This reverts commit c787e4bdbd.
5 years ago
Dario Ernst c787e4bdbd Move alpine version definition out to variable 5 years ago
Dario Ernst 80c4edb144 Add simple patch to build fetchmail against newer libssl 5 years ago
Dario Ernst a253ca47fe Use official Mailu/MailuStart 5 years ago
Dario Ernst d1f80cca99 Update Dockerfiles to most recent alpine 3.10 5 years ago
Thomas Sänger ef3c6c407a upgrade alpine base-image 5 years ago
Dario Ernst 5ceedde1de Use more robust SF index URL now that -L helps following 5 years ago
Nebukadneza 94dbddd933
Add -L to curl to support sourceforge redirects
As per @hoellens suggestion

Co-Authored-By: hoellen <hoellen@users.noreply.github.com>
5 years ago
Dario Ernst 5f4a6cf16b Update fetchmail to selfbuilt 7.0.0-alpha
Fetchmail in alpine is ~5 years old — and doesn’t support current SSL/TLS
variants anymore. This especially leads to our own fetchmail not being able to
pull mail from mailu itself. Since no new fetchmail release is on the horizon,
let’s build the lastest distribution artifact — which strangely is not
6.4.0-snapshot, but 7.0.0-alpha — ourselves.
6 years ago
bors[bot] d129733fac Merge #919
919: Install bash in alpine based images. r=mergify[bot] a=firvida

This fixes #918

Bash shell is used by default in Kubernetes' dashboard console, which is very
useful for admins.

## What type of PR?

bug-fix

## What does this PR do?

### Related issue(s)
- closes #918 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: place entry in the [changelog](CHANGELOG.md), under the latest un-released version.


Co-authored-by: Abel Alfonso Fírvida Donéstevez <abel@merchise.org>
6 years ago
bors[bot] d3a5c70589 Merge #907
907: Don't generate the clamav configuration if ANTIVIRUS is none. r=mergify[bot] a=mvaled

## What type of PR?

bug-fix

## What does this PR do?

Avoid rspamd to try to connect to clamav if you choose ANTIVIRUS="none".  Otherwise the rspamd will try to connect to none, timing out several times and leading to poor performance.

I have a server without CLAMAV; and I'm getting times up to 45s:

```
$ grep 'CLAMAV' ~/downloads/logs-from-antispam-in-mailu-security-5d75fb987-kv958.txt | grep -o 'time: [^m]*'
time: 45011.089
time: 45126.002
time: 45002.024
time: 45037.436
time: 45006.775
...
```

Mails for which clamav is not used range from a tens of miliseconds to a few hundred.


## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: place entry in the [changelog](CHANGELOG.md), under the latest un-released version.


Co-authored-by: Manuel Vázquez Acosta <manuel@merchise.org>
6 years ago
Abel Alfonso Fírvida Donéstevez 39444c794e Install bash in alpine based images.
This fix https://github.com/Mailu/Mailu/issues/918

Bash shell is used by default in Kubernetes' dashboard console, which is very
useful for admins.
6 years ago
bors[bot] 86b4242f82 Merge #886
886: Ipv6 support r=mergify[bot] a=muhlemmer

## What type of PR?

(Feature, enhancement, bug-fix, documentation) -> A bit of everything

## What does this PR do?

Document how to use ipv6nat. This, however triggers some kind of flaky behavior with the Docker DNS resolver, resulting in lookup failures between containers.  So all resolving needs to be done during container startup/configuration.

In order not to pollute every single start.py file, we've created a small library called [Mailu/MailuStart](https://github.com/Mailu/MailuStart). As an addition, this library also defines the template generation function, including its logging facility.

Note: `docker-compose.yml` downgrade is necessary, as IPv6 settings are not supported by the Docker Compose file format 3 😞  

### Related issue(s)
Supersedes  PR #844
- Fixes #827 
- Hopefully helps with #829 and #834

## No backport yet

This PR directly imports MailuStart from git. This makes it a bit more simple to implement on the short term an do some testing and probably some future improvements. When everything is proved stable, we will create a proper PyPi package with versioning and consider back porting.

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: place entry in the [changelog](CHANGELOG.md), under the latest un-released version.


Co-authored-by: Ionut Filip <ionut.philip@gmail.com>
Co-authored-by: Tim Möhlmann <muhlemmer@gmail.com>
6 years ago
Manuel Vázquez Acosta 611363cbe4
Don't generate the clamav configuration if ANTIVIRUS is none.
Otherwise the rspamd will try to connect to none, timing out several times and
leading to poor performance.
6 years ago
Ionut Filip 004a431e97
Change to mailustart functions 6 years ago
Ionut Filip 9684ebf33f Use mailustart package from git 6 years ago
Thomas Sänger f50995b5e6
unbound: drop privileges after binding to port 6 years ago
Tim Möhlmann 049ca9941f
Cleanup syntax and fix typo 6 years ago
Tim Möhlmann 7d01bb2a4d
LOG_LEVEL docs and changelog entry 6 years ago
Tim Möhlmann b04a9d1c28
Implement debug logging for template rendering 6 years ago
Tim Möhlmann b9313488dd
Add logging for tenacity.retry
In the process we found that the previous way of tenacity syntax caused it not to honor any args.
In this commit we've refactored to use the @decorator syntax, in which tenacity seems to behave better.
6 years ago
Tim Möhlmann 8172f3eab8
Move the Mailu Docker network to a fixed subnet.
This will make network configuration and host based authentication
more robust, across different deployment platforms.
The options `RELAYNETS` and`POD_ADDRESS_RANGE` are kept for compatibility.
However, their usage have become optional.
6 years ago
mergify[bot] 5c24390114
Merge pull request #697 from HorayNarea/fix-missing-dkim
allow DKIM-signing if From-Header and Auth-User mismatch - fix #462
6 years ago
mergify[bot] e08f3e81d0
Merge pull request #680 from usrpro/feat-startup
Standarize images
6 years ago
Thomas Sänger 13bc6261e4
allow DKIM-signing if From-Header and Auth-User mismatch 6 years ago
Tim Möhlmann 42e2dbe35d
Standarize image by using shared / similair layers 6 years ago
Tim Möhlmann 903bb70c5b
Merge remote-tracking branch 'upstream/master' into standarize-images 6 years ago
Thomas Sänger 9ba086fcff
store rspamd history in redis 6 years ago
Tim Möhlmann bcfce27ee2
Standarize unbound, prepare for setup inclusion
- Use jinja template for configuration file (start.py)
- Limit access to the Mailu subnet
- Implement health checks
6 years ago
Ionut Filip 8a44a44688
Merge branch 'master' into feat-startup 6 years ago
Ionut Filip 1187cac5e1 Finished up switching from .sh to .py 6 years ago
Ionut Filip eb7dfb5771 Cleaning up start.py 6 years ago
Thomas Sänger 603b6e7390
Merge pull request #2 from usrpro/fix-nginx-healthcheck
Fix nginx healthcheck
6 years ago
Tim Möhlmann 81b24f61e8
Merge branch 'master' into feat-healthchecks 6 years ago
Tim Möhlmann a2fea36c79
Increase HEALTHCHECK start time for services that need to wait for host resolving during startup.
In Docker Swarm mode the services listed below can get stuck in their start script, while they
are waiting for other services become available. Now, with HEALTHCHECK enabled, docker does not resolve
names of services that not pass HEALTHCHECK yet. Meaning that if one of the depenend services is not yet
available, it will create a chain of failing services.

The services below retry to resolve 100 time, with an average of 3.5 seconds. Hence, the --start-time
flag is now set at 350 seconds.
- dovecot (imap)
- postfix (smtp)
- rspamd (antispam)
6 years ago
mergify[bot] 118ea0f3fb
Merge pull request #604 from ofthesun9/feature-swarm
Enabling swarm deployment on master branch
6 years ago
ofthesun9 86bdce8407 Explicitely specify the fuzzy worker listen address 6 years ago
ofthesun9 cec5c1b16b Merge branch 'master' into feat-fuzzyhashes 6 years ago
Thomas Sänger 39272ab05c
add healthcheck for http services 6 years ago
mergify[bot] 39f58c03ff
Merge pull request #644 from usrpro/fix-alpine-38
Move to alpine:3.8. Fixes #625 and #627
6 years ago
Tim Möhlmann 2c7a5a97e4
Move to alpine:3.8. Fixes #625 and #627 6 years ago
kaiyou 00b5ae11db
Merge branch 'master' into feat-abstract-db 6 years ago
ofthesun9 1f71d10899 Change POD_ADDRESS_RANGE introduction like it is done on deovecot-sql.conf.ext 6 years ago
ofthesun9 13146be57e Merge branch 'master' into feature-swarm 6 years ago
ofthesun9 6b34b2728e Declare fuzzy_worker port 11335 in EXPOSE section 6 years ago
ofthesun9 0eb963eb21 Merge branch 'master' into feat-fuzzyhashes 6 years ago
ofthesun9 74796201ec Merge branch 'master' into feature-swarm 6 years ago
Tim Möhlmann 0817629869
Increase attempts as it failed on fresh Swarm host 6 years ago
Tim Möhlmann 16469d7282
Upgrade to newer pip version 6 years ago