3869 Commits (d0631558c741f6949087a197a9b4a57e5b20547c)
 

Author SHA1 Message Date
Vincent Kling 102d96bc7d Implement event lister to keep updated_at unchanged on quota_bytes_used updates 2 years ago
Vincent Kling a02a2c26a7 Fix typo 2 years ago
Vincent Kling 486dd06ca8 Add missing German translation for Start of vacation 2 years ago
Vincent Kling 84f60116ea Add missing Dutch translations 2 years ago
bors[bot] ba27cdb3a8
Merge #2450
2450: Introduce TLS_PERMISSIVE for port 25 r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

This new advanced setting to harden cipher configuration on port 25. Changing the default is strongly discouraged, please read the documentation before doing so.

This specific feature has been requested numerous times... and while it's a terrible idea, I'm getting tired of explaining why every time. Those that would rather go through the fun of tracing missing emails tomorrow than picking a fight with their auditor today can enable it.

### Related issue(s)
- close #2449
- close #1945
- #1617

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2 years ago
Florent Daigniere 85a2aafcdf ghostwheel42's suggestions 2 years ago
Florent Daigniere 9a38a22df3 typo 2 years ago
Florent Daigniere 6a0e881522 Introduce TLS_PERMISSIVE for port 25
This new advanced setting to harden cipher configuration on port 25. Changing the default is strongly discouraged, please read the documentation before doing so.
2 years ago
Florent Daigniere 256fa5c90c doh 2 years ago
Florent Daigniere 7272a99d18 fuzzy matching and bayes are two different things
document accordingly
2 years ago
Florent Daigniere 5d09390147 enable rspamd's autolearn feature 2 years ago
bors[bot] 48e1e91a2c
Merge #2444
2444: Remove POD_ADDRESS_RANGE r=mergify[bot] a=DjVinnii

## What type of PR?

Removal

## What does this PR do?

As discussed in #1209 `POD_ADDRESS_RANGE` should be removed in favor of  `SUBNET`. This PR removes the few references that are still left.

### Related issue(s)
- closes #1258

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Vincent Kling <v.kling@vinniict.nl>
2 years ago
Vincent Kling bab3f0f5a4 Remove POD_ADDRESS_RANGE 2 years ago
bors[bot] cdb4833e77
Merge #2443
2443: Use RUNNER_TEMP for storing cache files. r=mergify[bot] a=Diman0

## What type of PR?

enhancement

## What does this PR do?
Use RUNNER_TEMP for storing cache files in workflow. This should prevent issues on the self-hosted arm runner. Each runner will store cache files in a runner unique temp folder. This temp folders is cleared at the beginning and the end of the job.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2 years ago
Florent Daigniere 254277a829
runner.temp is what should be used 2 years ago
Dimitri Huisman 22fe65e4d8 Use RUNNER_TEMP for storing cache files. 2 years ago
Dimitri Huisman 56d0e795eb
Push arm images via arm self-hosted runner 2 years ago
bors[bot] af79ade594
Merge #2441
2441: Switch to ARM64 self-hosted for ARM build r=mergify[bot] a=Diman0

## What type of PR?

enhancement

## What does this PR do?

Switch to ARM64 self-hosted runner for building ARM/v7 and ARM64 images. Depending on the performance we could introduce tests as well in a new PR.

Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2 years ago
Dimitri Huisman d76d3b4959 Switch to ARM64 self-hosted for ARM build 2 years ago
bors[bot] 7ed1da5bf1
Merge #2440
2440: The ARM wheels don't work r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Remove piwheels to ensure we always rebuild on ARM

### Related issue(s)
- closes #2439
- #1200


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2 years ago
Florent Daigniere 35a794cfd6 The ARM wheels don't work 2 years ago
bors[bot] d931cbd528
Merge #2437
2437: Fix mysql r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

In #2422 we have switched from mysqlclient to mysql-connector ... and apparently SQLalchemy needs to be told explicitly.

This hasn't been tested.

### Related issue(s)
- close #2435

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2 years ago
Florent Daigniere 8a26934db5 towncrier 2 years ago
Florent Daigniere 355589a23c Apparently SQLAlchemy needs to be told explictely 2 years ago
bors[bot] 60f94abc94
Merge #2430
2430: Prevent signups for accounts where an alias exists r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

This prevent signups for accounts where an SQL like alias exists; we already do it for non-SQL like aliases

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2 years ago
Florent Daigniere 30b3a3771e Prevent signups with accounts where an alias exists 2 years ago
bors[bot] d0113800fe
Merge #2426
2426: Update docs to mention .inc.php for roundcube r=nextgens a=DannyDaemonic

My recent patch updated the roundcube overrides to use .inc.php vs .inc (as is done in roundcube and as suggested by roundcube plugin docs). I updated the overrides section in the docs but a page that links to the overrides section still had the old ".inc" file name. This fixes that oversight. Sorry about that.

## What type of PR?

documentation

## What does this PR do?

Updates configuration.rst to also reflect the new extension.

## Prerequisites
This patch neither adds features nor requires a towncrier.

Co-authored-by: Danny Daemonic <DannyDaemonic@gmail.com>
2 years ago
bors[bot] 6bed48e2ac
Merge #2427
2427: Switch ci/cd workflow to use local build cache for buildx r=mergify[bot] a=Diman0

## What type of PR?
enhancement

## What does this PR do?
Switch to local build cache, cached via actions/cache@v3
The previous method of using gha cache via buildx proved to be unreliable. Using a local cache via actions/cache@v3 is much more reliable. The build job will re-use cache from previous workflow runs.
The total workflow time is still similar ~12 minutes.

If the cache action does intermittently seem to have issues with slow download, we can configure a lower timeout. It is now set on the default 60 minutes.

Some important tidbits:
Cache fragment in build step:
```
     - name: Configure actions/cache@v3 action for storing build cache in the /tmp/cache folder
        uses: actions/cache@v3
        with:
          path: /tmp/cache/${{ matrix.target }}
          key: ${{ github.ref }}-${{ inputs.mailu_version }}-${{ matrix.target }}-${{ github.run_id }}
          restore-keys: |
            ${{ github.ref }}-${{ inputs.mailu_version }}-${{ matrix.target }}
```
- actions/cache will never update a cache. So on cache-hit (key is found), the cache will not be updated. 
  - To workaround this, it is possible to use a key that will not have a cache hit. And use restore-keys to lookup and load an existing cache. `${{ github.ref }}-${{ inputs.mailu_version }}-${{ matrix.target }}` matches with `${{ github.ref }}-${{ inputs.mailu_version }}-${{ matrix.target }}-${{ github.run_id }}`.
  - So this will result the cache being loaded from a previous workflow. For more info see https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows#example-using-multiple-restore-keys
- Two jobs cannot write to the same cache simultaneously. If two jobs (in the same workflow or between workflows) access the same cache (key), then only one of the two workflows can update the cache. For this reason the cache key used in the build step must be unique.
- ${{ inputs.mailu_version }} is used to make sure x64 and arm do not access each others build cache.

 Unfortunately it is not possible to use a for loop to loop through steps. For this reason it is not possible possible to shorten the amount of action/Cache@v3 steps. The only possibility is to create our own [composite action](https://docs.github.com/en/actions/creating-actions/creating-a-composite-action). But this makes it maybe to complex. Then the action.yml of the composite action must be maintained as well.

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a] In case of feature or enhancement: documentation updated accordingly
- [n/a] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2 years ago
Dimitri Huisman 25413eaf2a
Create SECURITY.md 2 years ago
Dimitri Huisman 5732b2316f Switch to local build cache, cached via actions/cache@v3
The previous method of using gha cache via buildx proved to be
unreliable. Using local cache via actions/cache@v3 is much more
reliable.
The build job will re-use cache from previous workflow runs.
The total workflow time is still similar ~12 minutes.
2 years ago
Danny Daemonic ed5e8cce0e Update docs to mention .inc.php for roundcube
A recent patch updated the roundcube overrides to use .inc.php vs .inc,
as it's done in roundcube (and as suggested by roundcube plugin docs).

It corrected the overrides and fixed it's section in the faq, but missed
a section in the configuration docs that to the overrides. This fixes
that oversight.
2 years ago
bors[bot] 04a932bf66
Merge #2423
2423: Correct the extension of files used for Roundcube overrides r=mergify[bot] a=DannyDaemonic

This adds ".inc.php" files to the included overrides while maintaining support for existing ".inc" files previously included via overrides. It also updates the corresponding documentation.

Roundcube itself uses "inc.php" files and these overrides are expected to match that format. Switching to "inc.php" both tells the user that these need to be proper php files and conveys they are used for changing the same settings that Roundcube's inc.php files modify.

## What type of PR?

bug-fix, documentation

## What does this PR do?

- Adds ".inc.php" to the list of include files being built in roundcube's start.py
- Updates override information in the faq section: [How can I override settings?](https://github.com/Mailu/Mailu/blob/master/docs/faq.rst#how-can-i-override-settings)
- Includes changelog recommends using .inc.php moving forward

## Related issue(s)
- This addresses confusion seen in issues like: #2388

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Danny Daemonic <DannyDaemonic@gmail.com>
2 years ago
bors[bot] d30bc033ae
Merge #2425
2425: Hotfix for workflow. For build step do not build from cache. r=mergify[bot] a=Diman0

Hotfix for workflow. For build step do not build from cache.
Make sure cache layers are unique by using ${{ github.ref }}

The build job uses the cache-from. This is not required. Due to non-unique cache keys it also resulted the build step building from cache. 
As a precaution the ${{ github.ref }} and ${{ github.run_id }} are appended to the cache key for the build cache layers. This should make sure the cache keys are unique among workflow runs

## What type of PR?

bug-fix

## What does this PR do?

### Related issue(s)
n/a

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a] In case of feature or enhancement: documentation updated accordingly
- [n/a ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2 years ago
Dimitri Huisman 312a733ae3 prefix the cache key with a hash (to help with sharding) 2 years ago
Dimitri Huisman f35d82b3a0 Also ${{ github.run_id }} for cache key.
This makes rue that the cache key is unique across workflow runs
2 years ago
Dimitri Huisman d56eb16f52 Hotfix for workflow. For build step do not build from cache.
Make sure cache layers are unique by using ${{ github.ref }}
2 years ago
bors[bot] 840d1dc8e6
Merge #2424
2424: Switch to mode=min for GHA cache for docker buildx  r=mergify[bot] a=Diman0

Switch to mode=min for GHA cache for docker buildx to prevent rate limiting in GHA workflow.
It has hardly any influence on build times. 
See https://github.com/Diman0/Mailu_Fork/actions/runs/2893811188
It is still ~12 minutes.

For example search for SHA256 in the logs of https://github.com/Mailu/Mailu/runs/7923068540?check_suite_focus=true:
- 304 hits!
- With 6 tests that is 1824 cache hits

Search for SHA256 in the logs  of https://github.com/Diman0/Mailu_Fork/runs/7929824199?check_suite_focus=true
- 186 hits
- With 6 tests that is 1116 cache hits

That is better. I hope this will prevent rate limiting issues.

## What type of PR?

enhancement

## What does this PR do?

### Related issue(s)
None

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [n/a] In case of feature or enhancement: documentation updated accordingly
- [n/a] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2 years ago
Dimitri Huisman dd3f1a3376 Switch to mode=min for GHA cache for docker buildx to prevent ratelimiting in GHA workflow 2 years ago
bors[bot] b962319ba1
Merge #2422
2422: Build wheels only if we have to. r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

This massively speeds the CI up; We don't need to install a compiler and rebuild when we have wheels available... with this admin builds 4 times faster.

### Related issue(s)
- #1830


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2 years ago
Danny Daemonic 3eeb7962c2 Correct the extension used for Roundcube overrides
This adds ".inc.php" files to the included overrides while maintaining
support for existing ".inc" files previously included via overrides.

Roundcube itself uses "inc.php" files and these overrides are expected
to match that format. Switching to "inc.php" both tells the user that
these need to be proper php files and conveys they are used for changing
the same settings that Roundcube's inc.php files modify.
2 years ago
Dimitri Huisman 3493e9ffa9 Doh! 2 years ago
Dimitri Huisman 867c71ca83 Fix date (deadline) calculation and comparison in test.py 2 years ago
Dimitri Huisman 9339ce78e8 Fix datetime usage in test.py 2 years ago
Florent Daigniere 72b8939ad7 doh 2 years ago
Florent Daigniere 6fb554bc2e Do the same for the postfix container 2 years ago
Florent Daigniere 630a23da3c Don't wait for the timeout in the tests
If the containers are ready use them.
2 years ago
Dimitri Huisman 81c9e01d24 finishing touches for PR# 2328
Antispam.rst contained a syntax error.
Move config description to common section which is more fitting.
Fixed wrong assignment of default value for DEFAULT_SPAM_THRESHOLD in models.py.
2 years ago
Florent Daigniere 1500936232 Some people will need this at runtime 2 years ago
Florent Daigniere bd5fd9536d doh 2 years ago
Florent Daigniere e0643cf45c Disable the cache; don't upgrade pip if not req 2 years ago